From 3862d808e9287c1a6f3180c7a447dad6cc365bf3 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 30 Oct 2024 20:27:06 +0500 Subject: [PATCH 01/35] branch based release strategy --- .github/workflows/init-branch-release.yaml | 76 +++++++ .gitignore | 1 + Makefile | 56 +++++ .../kubernetes/manifests/deployment.yaml | 7 + deployments/kubernetes/reloader.yaml | 194 +++++++----------- 5 files changed, 210 insertions(+), 124 deletions(-) create mode 100644 .github/workflows/init-branch-release.yaml diff --git a/.github/workflows/init-branch-release.yaml b/.github/workflows/init-branch-release.yaml new file mode 100644 index 0000000..4daf829 --- /dev/null +++ b/.github/workflows/init-branch-release.yaml @@ -0,0 +1,76 @@ +name: Init ArgoCD Release +on: + workflow_dispatch: + inputs: + TARGET_BRANCH: + description: 'TARGET_BRANCH to checkout (e.g. release-2.5)' + required: true + type: string + + TARGET_VERSION: + description: 'TARGET_VERSION to build manifests (e.g. 2.5.0-rc1) Note: the `v` prefix is not used' + required: true + type: string + +permissions: {} + +jobs: + prepare-release: + permissions: + contents: write # for peter-evans/create-pull-request to create branch + pull-requests: write # for peter-evans/create-pull-request to create a PR + name: Automatically generate version and manifests on ${{ inputs.TARGET_BRANCH }} + runs-on: ubuntu-22.04 + steps: + - name: Checkout code + uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # v4.0.0 + with: + fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} + ref: ${{ inputs.TARGET_BRANCH }} + + - name: Check if TARGET_VERSION is well formed. + run: | + set -xue + # Target version must not contain 'v' prefix + if echo "${{ inputs.TARGET_VERSION }}" | grep -e '^v'; then + echo "::error::Target version '${{ inputs.TARGET_VERSION }}' should not begin with a 'v' prefix, refusing to continue." >&2 + exit 1 + fi + + - name: Create VERSION information + run: | + set -ue + echo "Bumping version from $(cat VERSION) to ${{ inputs.TARGET_VERSION }}" + echo "${{ inputs.TARGET_VERSION }}" > VERSION + + # We install kustomize in the dist directory + - name: Add dist to PATH + run: | + echo "/home/runner/work/argo-cd/argo-cd/dist" >> $GITHUB_PATH + + - name: Generate new set of manifests + run: | + set -ue + make install-codegen-tools-local + make manifests-local VERSION=${{ inputs.TARGET_VERSION }} + git diff + + - name: Generate version compatibility table + run: | + git stash + bash hack/update-supported-versions.sh + git add -u . + git stash pop + + - name: Create pull request + uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5 + with: + commit-message: "Bump version to ${{ inputs.TARGET_VERSION }}" + title: "Bump version to ${{ inputs.TARGET_VERSION }} on ${{ inputs.TARGET_BRANCH }} branch" + body: Updating VERSION and manifests to ${{ inputs.TARGET_VERSION }} + branch: update-version + branch-suffix: random + signoff: true + labels: release + diff --git a/.gitignore b/.gitignore index 95b8b63..73da63e 100644 --- a/.gitignore +++ b/.gitignore @@ -16,3 +16,4 @@ styles/ site/ /mkdocs.yml yq +bin \ No newline at end of file diff --git a/Makefile b/Makefile index 5a2a6c2..fbdd08f 100644 --- a/Makefile +++ b/Makefile @@ -24,6 +24,58 @@ LDFLAGS = GOPROXY ?= GOPRIVATE ?= +## Location to install dependencies to +LOCALBIN ?= $(shell pwd)/bin +$(LOCALBIN): + mkdir -p $(LOCALBIN) + +## Tool Binaries +KUBECTL ?= kubectl +KUSTOMIZE ?= $(LOCALBIN)/kustomize-$(KUSTOMIZE_VERSION) +CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen-$(CONTROLLER_TOOLS_VERSION) +ENVTEST ?= $(LOCALBIN)/setup-envtest-$(ENVTEST_VERSION) +GOLANGCI_LINT = $(LOCALBIN)/golangci-lint-$(GOLANGCI_LINT_VERSION) + +## Tool Versions +KUSTOMIZE_VERSION ?= v5.3.0 +CONTROLLER_TOOLS_VERSION ?= v0.14.0 +ENVTEST_VERSION ?= release-0.17 +GOLANGCI_LINT_VERSION ?= v1.57.2 + +.PHONY: kustomize +kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary. +$(KUSTOMIZE): $(LOCALBIN) + $(call go-install-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v5,$(KUSTOMIZE_VERSION)) + +.PHONY: controller-gen +controller-gen: $(CONTROLLER_GEN) ## Download controller-gen locally if necessary. +$(CONTROLLER_GEN): $(LOCALBIN) + $(call go-install-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen,$(CONTROLLER_TOOLS_VERSION)) + +.PHONY: envtest +envtest: $(ENVTEST) ## Download setup-envtest locally if necessary. +$(ENVTEST): $(LOCALBIN) + $(call go-install-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest,$(ENVTEST_VERSION)) + +.PHONY: golangci-lint +golangci-lint: $(GOLANGCI_LINT) ## Download golangci-lint locally if necessary. +$(GOLANGCI_LINT): $(LOCALBIN) + $(call go-install-tool,$(GOLANGCI_LINT),github.com/golangci/golangci-lint/cmd/golangci-lint,${GOLANGCI_LINT_VERSION}) + +# go-install-tool will 'go install' any package with custom target and name of binary, if it doesn't exist +# $1 - target path with name of binary (ideally with version) +# $2 - package url which can be installed +# $3 - specific version of package +define go-install-tool +@[ -f $(1) ] || { \ +set -e; \ +package=$(2)@$(3) ;\ +echo "Downloading $${package}" ;\ +GOBIN=$(LOCALBIN) go install $${package} ;\ +mv "$$(echo "$(1)" | sed "s/-$(3)$$//")" $(1) ;\ +} +endef + default: build test install: @@ -80,6 +132,10 @@ apply: deploy: binary-image push apply +.PHONY: k8s-manifests +k8s-manifests: $(KUSTOMIZE) ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects + $(KUSTOMIZE) build ./deployments/kubernetes/ -o ./deployments/kubernetes/reloader.yaml + # Bump Chart bump-chart: sed -i "s/^version:.*/version: $(VERSION)/" deployments/kubernetes/chart/reloader/Chart.yaml diff --git a/deployments/kubernetes/manifests/deployment.yaml b/deployments/kubernetes/manifests/deployment.yaml index faa06fc..30b8dc2 100644 --- a/deployments/kubernetes/manifests/deployment.yaml +++ b/deployments/kubernetes/manifests/deployment.yaml @@ -53,6 +53,13 @@ spec: successThreshold: 1 initialDelaySeconds: 10 securityContext: {} + resources: + limits: + cpu: "1" + memory: 512Mi + requests: + cpu: 10m + memory: 512Mi securityContext: runAsNonRoot: true runAsUser: 65534 diff --git a/deployments/kubernetes/reloader.yaml b/deployments/kubernetes/reloader.yaml index 4379563..6dd7f0b 100644 --- a/deployments/kubernetes/reloader.yaml +++ b/deployments/kubernetes/reloader.yaml @@ -1,127 +1,81 @@ ---- -# Source: reloader/templates/serviceaccount.yaml apiVersion: v1 kind: ServiceAccount metadata: - annotations: - meta.helm.sh/release-namespace: "default" - meta.helm.sh/release-name: "reloader" - labels: - app: reloader-reloader - chart: "reloader-1.0.121" - release: "reloader" - heritage: "Helm" - app.kubernetes.io/managed-by: "Helm" name: reloader-reloader namespace: default --- -# Source: reloader/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRole metadata: - annotations: - meta.helm.sh/release-namespace: "default" - meta.helm.sh/release-name: "reloader" - labels: - app: reloader-reloader - chart: "reloader-1.0.121" - release: "reloader" - heritage: "Helm" - app.kubernetes.io/managed-by: "Helm" name: reloader-reloader-role rules: - - apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - list - - get - - watch - - apiGroups: - - "apps" - resources: - - deployments - - daemonsets - - statefulsets - verbs: - - list - - get - - update - - patch - - apiGroups: - - "extensions" - resources: - - deployments - - daemonsets - verbs: - - list - - get - - update - - patch - - apiGroups: - - "batch" - resources: - - cronjobs - verbs: - - list - - get - - apiGroups: - - "batch" - resources: - - jobs - verbs: - - create - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - list + - get + - watch +- apiGroups: + - apps + resources: + - deployments + - daemonsets + - statefulsets + verbs: + - list + - get + - update + - patch +- apiGroups: + - extensions + resources: + - deployments + - daemonsets + verbs: + - list + - get + - update + - patch +- apiGroups: + - batch + resources: + - cronjobs + verbs: + - list + - get +- apiGroups: + - batch + resources: + - jobs + verbs: + - create +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch --- -# Source: reloader/templates/clusterrolebinding.yaml apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding metadata: - annotations: - meta.helm.sh/release-namespace: "default" - meta.helm.sh/release-name: "reloader" - labels: - app: reloader-reloader - chart: "reloader-1.0.121" - release: "reloader" - heritage: "Helm" - app.kubernetes.io/managed-by: "Helm" name: reloader-reloader-role-binding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: reloader-reloader-role subjects: - - kind: ServiceAccount - name: reloader-reloader - namespace: default +- kind: ServiceAccount + name: reloader-reloader + namespace: default --- -# Source: reloader/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: - annotations: - meta.helm.sh/release-namespace: "default" - meta.helm.sh/release-name: "reloader" - labels: - app: reloader-reloader - chart: "reloader-1.0.121" - release: "reloader" - heritage: "Helm" - app.kubernetes.io/managed-by: "Helm" - group: com.stakater.platform - provider: stakater - version: latest name: reloader-reloader namespace: default spec: @@ -130,56 +84,47 @@ spec: selector: matchLabels: app: reloader-reloader - release: "reloader" template: metadata: labels: app: reloader-reloader - chart: "reloader-1.0.121" - release: "reloader" - heritage: "Helm" - app.kubernetes.io/managed-by: "Helm" - group: com.stakater.platform - provider: stakater - version: latest spec: containers: - - image: "ghcr.io/stakater/reloader:latest" - imagePullPolicy: IfNotPresent - name: reloader-reloader - env: + - env: - name: GOMAXPROCS valueFrom: resourceFieldRef: + divisor: "1" resource: limits.cpu - name: GOMEMLIMIT valueFrom: resourceFieldRef: + divisor: "1" resource: limits.memory - ports: - - name: http - containerPort: 9090 + image: ghcr.io/stakater/reloader:latest + imagePullPolicy: IfNotPresent livenessProbe: + failureThreshold: 5 httpGet: path: /live port: http - timeoutSeconds: 5 - failureThreshold: 5 + initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 - initialDelaySeconds: 10 + timeoutSeconds: 5 + name: reloader-reloader + ports: + - containerPort: 9090 + name: http readinessProbe: + failureThreshold: 5 httpGet: path: /metrics port: http - timeoutSeconds: 5 - failureThreshold: 5 + initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 - initialDelaySeconds: 10 - - securityContext: - {} + timeoutSeconds: 5 resources: limits: cpu: "1" @@ -187,7 +132,8 @@ spec: requests: cpu: 10m memory: 512Mi - securityContext: + securityContext: {} + securityContext: runAsNonRoot: true runAsUser: 65534 seccompProfile: From 6aef0ccc1b328b124195a8fffeb2d361c8055fcc Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 30 Oct 2024 20:29:27 +0500 Subject: [PATCH 02/35] updates --- .github/workflows/init-branch-release.yaml | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/.github/workflows/init-branch-release.yaml b/.github/workflows/init-branch-release.yaml index 4daf829..eb22c08 100644 --- a/.github/workflows/init-branch-release.yaml +++ b/.github/workflows/init-branch-release.yaml @@ -1,14 +1,14 @@ -name: Init ArgoCD Release +name: Init Release on: workflow_dispatch: inputs: TARGET_BRANCH: - description: 'TARGET_BRANCH to checkout (e.g. release-2.5)' + description: 'TARGET_BRANCH on which release will be based' required: true type: string TARGET_VERSION: - description: 'TARGET_VERSION to build manifests (e.g. 2.5.0-rc1) Note: the `v` prefix is not used' + description: 'TARGET_VERSION to build kubernetes manifests with using Kustomize' required: true type: string @@ -44,16 +44,10 @@ jobs: echo "Bumping version from $(cat VERSION) to ${{ inputs.TARGET_VERSION }}" echo "${{ inputs.TARGET_VERSION }}" > VERSION - # We install kustomize in the dist directory - - name: Add dist to PATH - run: | - echo "/home/runner/work/argo-cd/argo-cd/dist" >> $GITHUB_PATH - - name: Generate new set of manifests run: | set -ue - make install-codegen-tools-local - make manifests-local VERSION=${{ inputs.TARGET_VERSION }} + make k8s-manifests git diff - name: Generate version compatibility table From db80cc755d4c74fdfbf9cc83a4383524c88deb82 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 30 Oct 2024 20:35:30 +0500 Subject: [PATCH 03/35] updates --- .github/workflows/init-branch-release.yaml | 14 +++----------- .github/workflows/pull_request.yaml | 4 ++-- .github/workflows/push.yaml | 4 ++-- .github/workflows/release.yaml | 4 ++-- Makefile | 2 +- 5 files changed, 10 insertions(+), 18 deletions(-) diff --git a/.github/workflows/init-branch-release.yaml b/.github/workflows/init-branch-release.yaml index eb22c08..9f22e0e 100644 --- a/.github/workflows/init-branch-release.yaml +++ b/.github/workflows/init-branch-release.yaml @@ -20,10 +20,10 @@ jobs: contents: write # for peter-evans/create-pull-request to create branch pull-requests: write # for peter-evans/create-pull-request to create a PR name: Automatically generate version and manifests on ${{ inputs.TARGET_BRANCH }} - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@8410ad0602e1e429cee44a835ae9f77f654a6694 # v4.0.0 + uses: actions/checkout@v4.0.0 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} @@ -50,15 +50,8 @@ jobs: make k8s-manifests git diff - - name: Generate version compatibility table - run: | - git stash - bash hack/update-supported-versions.sh - git add -u . - git stash pop - - name: Create pull request - uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5 + uses: peter-evans/create-pull-request@v7.0.5 with: commit-message: "Bump version to ${{ inputs.TARGET_VERSION }}" title: "Bump version to ${{ inputs.TARGET_VERSION }} on ${{ inputs.TARGET_BRANCH }} branch" @@ -67,4 +60,3 @@ jobs: branch-suffix: random signoff: true labels: release - diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 2dcd49a..9650e1f 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -17,8 +17,8 @@ on: env: DOCKER_FILE_PATH: Dockerfile DOCKER_UBI_FILE_PATH: Dockerfile.ubi - KUBERNETES_VERSION: "1.19.0" - KIND_VERSION: "0.17.0" + KUBERNETES_VERSION: "1.30.0" + KIND_VERSION: "0.23.0" REGISTRY: ghcr.io jobs: diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index dff2989..00c7617 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -10,8 +10,8 @@ on: env: DOCKER_FILE_PATH: Dockerfile DOCKER_UBI_FILE_PATH: Dockerfile.ubi - KUBERNETES_VERSION: "1.19.0" - KIND_VERSION: "0.17.0" + KUBERNETES_VERSION: "1.30.0" + KIND_VERSION: "0.23.0" HELM_REGISTRY_URL: "https://stakater.github.io/stakater-charts" REGISTRY: ghcr.io diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a7a812c..6bd6fef 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -7,8 +7,8 @@ on: env: DOCKER_FILE_PATH: Dockerfile DOCKER_UBI_FILE_PATH: Dockerfile.ubi - KUBERNETES_VERSION: "1.19.0" - KIND_VERSION: "0.17.0" + KUBERNETES_VERSION: "1.30.0" + KIND_VERSION: "0.23.0" REGISTRY: ghcr.io jobs: diff --git a/Makefile b/Makefile index fbdd08f..f66ea92 100644 --- a/Makefile +++ b/Makefile @@ -133,7 +133,7 @@ apply: deploy: binary-image push apply .PHONY: k8s-manifests -k8s-manifests: $(KUSTOMIZE) ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects +k8s-manifests: $(KUSTOMIZE) ## Generate k8s manifests using Kustomize from 'manifests' folder $(KUSTOMIZE) build ./deployments/kubernetes/ -o ./deployments/kubernetes/reloader.yaml # Bump Chart From 41cf1056a64b8fbaa7271febd88af19e07fdde2e Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 30 Oct 2024 20:37:46 +0500 Subject: [PATCH 04/35] fix kubectl --- .github/workflows/pull_request.yaml | 3 +-- .github/workflows/push.yaml | 3 +-- .github/workflows/release.yaml | 3 +-- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 9650e1f..0468d7f 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -86,8 +86,7 @@ jobs: run: | curl -LO "https://storage.googleapis.com/kubernetes-release/release/v${KUBERNETES_VERSION}/bin/linux/amd64/kubectl" sudo install ./kubectl /usr/local/bin/ && rm kubectl - kubectl version --short --client - kubectl version --short --client | grep -q ${KUBERNETES_VERSION} + kubectl version --client=true - name: Install Kind run: | diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index 00c7617..b628c66 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -62,8 +62,7 @@ jobs: run: | curl -LO "https://storage.googleapis.com/kubernetes-release/release/v${KUBERNETES_VERSION}/bin/linux/amd64/kubectl" sudo install ./kubectl /usr/local/bin/ && rm kubectl - kubectl version --short --client - kubectl version --short --client | grep -q ${KUBERNETES_VERSION} + kubectl version --client=true - name: Install Kind run: | diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 6bd6fef..0758597 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -57,8 +57,7 @@ jobs: run: | curl -LO "https://storage.googleapis.com/kubernetes-release/release/v${KUBERNETES_VERSION}/bin/linux/amd64/kubectl" sudo install ./kubectl /usr/local/bin/ && rm kubectl - kubectl version --short --client - kubectl version --short --client | grep -q ${KUBERNETES_VERSION} + kubectl version --client=true - name: Install Kind run: | From c6e7c328c63d4ca4f1aedd03584a458ffb0da4f6 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 30 Oct 2024 20:50:44 +0500 Subject: [PATCH 05/35] add flow to push pr image on labels --- .github/workflows/push-pr-image.yaml | 86 ++++++++++++++++++++++++++++ 1 file changed, 86 insertions(+) create mode 100644 .github/workflows/push-pr-image.yaml diff --git a/.github/workflows/push-pr-image.yaml b/.github/workflows/push-pr-image.yaml new file mode 100644 index 0000000..2791744 --- /dev/null +++ b/.github/workflows/push-pr-image.yaml @@ -0,0 +1,86 @@ +name: Push PR Image on Label + +on: + pull_request: + branches: + - master + types: [ labeled ] + +env: + DOCKER_FILE_PATH: Dockerfile + REGISTRY: ghcr.io + +jobs: + + build-and-push-pr-image: + permissions: + contents: read + + runs-on: ubuntu-latest + name: Build and Push PR Image + if: ${{ github.event.label.name == 'build-and-push-pr-image' }} + steps: + - name: Check out code + uses: actions/checkout@v4 + with: + ref: ${{github.event.pull_request.head.sha}} + fetch-depth: 0 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + check-latest: true + cache: true + + - name: Install Dependencies + run: | + make install + + - name: Run golangci-lint + uses: golangci/golangci-lint-action@v5 + with: + version: latest + only-new-issues: false + args: --timeout 10m + + - name: Generate Tags + id: generate_tag + run: | + sha=${{ github.event.pull_request.head.sha }} + tag="SNAPSHOT-PR-${{ github.event.pull_request.number }}-${sha:0:8}" + echo "GIT_TAG=$(echo ${tag})" >> $GITHUB_OUTPUT + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Generate image repository path for ghcr registry + run: | + echo GHCR_IMAGE_REPOSITORY=${{env.REGISTRY}}/$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]') >> $GITHUB_ENV + + - name: Login to ghcr registry + uses: docker/login-action@v3 + with: + registry: ${{env.REGISTRY}} + username: stakater-user + password: ${{secrets.GITHUB_TOKEN}} + + - name: Build Docker Image + uses: docker/build-push-action@v6 + with: + context: . + file: ${{ env.DOCKER_FILE_PATH }} + pull: true + push: true + build-args: BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }} + cache-to: type=inline + platforms: linux/amd64,linux/arm,linux/arm64 + tags: | + ${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_TAG }} + labels: | + org.opencontainers.image.source=${{ github.event.repository.clone_url }} + org.opencontainers.image.created=${{ steps.prep.outputs.created }} + org.opencontainers.image.revision=${{ github.sha }} From 99bb4da3d4a7b3dcbd4cfa45858f7bec367860d6 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 6 Nov 2024 09:14:57 +0500 Subject: [PATCH 06/35] test workflow for semver update --- .github/workflows/pull_request.yaml | 24 ++++++++++++++ .github/workflows/push.yaml | 1 + Makefile | 31 +++++++++++++------ .../kubernetes/chart/reloader/Chart.yaml | 4 +-- .../kubernetes/chart/reloader/values.yaml | 4 +-- .../kubernetes/manifests/deployment.yaml | 2 +- 6 files changed, 51 insertions(+), 15 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 0468d7f..c2a7b22 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -4,6 +4,7 @@ on: pull_request: branches: - master + - 'v**' paths: - '**' - '!.markdownlint.yaml' @@ -47,6 +48,29 @@ jobs: - name: Set up Helm uses: azure/setup-helm@v4 + - name: Add Stakater Helm Repo + run: | + helm repo add stakater https://stakater.github.io/stakater-charts + + - name: Get version for chart from helm repo + id: chart_eval + run: | + current_chart_version=$(helm search repo stakater/reloader | tail -n 1 | awk '{print $2}') + echo "CURRENT_CHART_VERSION=$(echo ${current_chart_version})" >> $GITHUB_OUTPUT + + - name: Get Updated Chart version from Chart.yaml + uses: mikefarah/yq@master + id: new_chart_version + with: + cmd: yq e '.version' deployments/kubernetes/chart/reloader/Chart.yaml + + - name: Check Version + uses: aleoyakas/check-semver-increased-action@v1 + id: check-version + with: + current-version: ${{ steps.new_chart_version.outputs.result }} + previous-version: ${{ steps.chart_eval.outputs.CURRENT_CHART_VERSION }} + - name: Helm chart unit tests uses: d3adb5/helm-unittest-action@v2 with: diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index b628c66..b8ae43d 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -6,6 +6,7 @@ on: - closed branches: - master + - 'v**' env: DOCKER_FILE_PATH: Dockerfile diff --git a/Makefile b/Makefile index f66ea92..fb5dd92 100644 --- a/Makefile +++ b/Makefile @@ -35,6 +35,7 @@ KUSTOMIZE ?= $(LOCALBIN)/kustomize-$(KUSTOMIZE_VERSION) CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen-$(CONTROLLER_TOOLS_VERSION) ENVTEST ?= $(LOCALBIN)/setup-envtest-$(ENVTEST_VERSION) GOLANGCI_LINT = $(LOCALBIN)/golangci-lint-$(GOLANGCI_LINT_VERSION) +YQ ?= $(LOCALBIN)/yq ## Tool Versions KUSTOMIZE_VERSION ?= v5.3.0 @@ -42,6 +43,22 @@ CONTROLLER_TOOLS_VERSION ?= v0.14.0 ENVTEST_VERSION ?= release-0.17 GOLANGCI_LINT_VERSION ?= v1.57.2 +YQ_VERSION ?= v4.27.5 +YQ_DOWNLOAD_URL = "https://github.com/mikefarah/yq/releases/download/$(YQ_VERSION)/yq_$(OS)_$(ARCH)" + + +.PHONY: yq +yq: $(YQ) ## Download YQ locally if needed +$(YQ): + @test -d $(LOCALBIN) || mkdir -p $(LOCALBIN) + @curl --retry 3 -fsSL $(YQ_DOWNLOAD_URL) -o $(YQ) || { \ + echo "Failed to download yq from $(YQ_DOWNLOAD_URL). Please check the URL and your network connection."; \ + exit 1; \ + } + @chmod +x $(YQ) + @echo "yq downloaded successfully to $(YQ)." + + .PHONY: kustomize kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary. $(KUSTOMIZE): $(LOCALBIN) @@ -136,6 +153,10 @@ deploy: binary-image push apply k8s-manifests: $(KUSTOMIZE) ## Generate k8s manifests using Kustomize from 'manifests' folder $(KUSTOMIZE) build ./deployments/kubernetes/ -o ./deployments/kubernetes/reloader.yaml +.PHONY: update-manifests-version +update-manifests-version: ## Generate k8s manifests using Kustomize from 'manifests' folder + sed -i 's/image: "ghcr.io\/stakater\/reloader:latest"/image: \"ghcr.io\/stakater\/reloader:v$(VERSION)"/g' deployments/kubernetes/manifests/deployment.yaml + # Bump Chart bump-chart: sed -i "s/^version:.*/version: $(VERSION)/" deployments/kubernetes/chart/reloader/Chart.yaml @@ -154,13 +175,3 @@ yq-install: @curl -sL $(YQ_DOWNLOAD_URL) -o $(YQ_BIN) @chmod +x $(YQ_BIN) @echo "yq $(YQ_VERSION) installed at $(YQ_BIN)" - -remove-labels-annotations: yq-install - @for file in $$(find deployments/kubernetes/manifests -type f -name '*.yaml'); do \ - echo "Processing $$file"; \ - $(YQ_BIN) eval 'del(.metadata.labels, .metadata.annotations)' -i "$$file"; \ - done - $(YQ_BIN) eval 'del(.spec.template.metadata.labels)' -i deployments/kubernetes/manifests/deployment.yaml - $(YQ_BIN) eval 'del(.spec.selector.matchLabels)' -i deployments/kubernetes/manifests/deployment.yaml - $(YQ_BIN) eval '.spec.selector.matchLabels.app = "reloader-reloader"' -i deployments/kubernetes/manifests/deployment.yaml - $(YQ_BIN) eval '.spec.template.metadata.labels.app = "reloader-reloader"' -i deployments/kubernetes/manifests/deployment.yaml diff --git a/deployments/kubernetes/chart/reloader/Chart.yaml b/deployments/kubernetes/chart/reloader/Chart.yaml index 51141e5..41e4099 100644 --- a/deployments/kubernetes/chart/reloader/Chart.yaml +++ b/deployments/kubernetes/chart/reloader/Chart.yaml @@ -3,8 +3,8 @@ apiVersion: v1 name: reloader description: Reloader chart that runs on kubernetes -version: 1.0.122 -appVersion: v1.0.122 +version: 1.1.0 +appVersion: v1.1.0 keywords: - Reloader - kubernetes diff --git a/deployments/kubernetes/chart/reloader/values.yaml b/deployments/kubernetes/chart/reloader/values.yaml index b1df2f8..6789608 100644 --- a/deployments/kubernetes/chart/reloader/values.yaml +++ b/deployments/kubernetes/chart/reloader/values.yaml @@ -93,10 +93,10 @@ reloader: labels: provider: stakater group: com.stakater.platform - version: v1.0.121 + version: v1.1.0 image: name: ghcr.io/stakater/reloader - tag: v1.0.121 + tag: v1.1.0 pullPolicy: IfNotPresent # Support for extra environment variables. env: diff --git a/deployments/kubernetes/manifests/deployment.yaml b/deployments/kubernetes/manifests/deployment.yaml index 30b8dc2..fb80fa4 100644 --- a/deployments/kubernetes/manifests/deployment.yaml +++ b/deployments/kubernetes/manifests/deployment.yaml @@ -17,7 +17,7 @@ spec: app: reloader-reloader spec: containers: - - image: "ghcr.io/stakater/reloader:latest" + - image: "ghcr.io/stakater/reloader:v1.1.0" imagePullPolicy: IfNotPresent name: reloader-reloader env: From 79bc824c7d019713bf97e03249d96bba79b8bfb4 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 6 Nov 2024 09:17:34 +0500 Subject: [PATCH 07/35] test workflow for semver update --- .github/workflows/pull_request.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index c2a7b22..f764a94 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -71,6 +71,10 @@ jobs: current-version: ${{ steps.new_chart_version.outputs.result }} previous-version: ${{ steps.chart_eval.outputs.CURRENT_CHART_VERSION }} + - name: Echo Success + if: steps.check-version.outputs.is-version-increased == 'true' + run: echo Version has increased + - name: Helm chart unit tests uses: d3adb5/helm-unittest-action@v2 with: From 595841cf3f2f3e4636e16a2b590b4cf518427fb1 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 6 Nov 2024 09:19:59 +0500 Subject: [PATCH 08/35] test workflow for semver update --- .github/workflows/pull_request.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index f764a94..14c7097 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -72,8 +72,10 @@ jobs: previous-version: ${{ steps.chart_eval.outputs.CURRENT_CHART_VERSION }} - name: Echo Success - if: steps.check-version.outputs.is-version-increased == 'true' - run: echo Version has increased + if: steps.check-version.outputs.is-version-increased != 'true' + run: | + echo "Helm Chart Version wasnt Updated" + exit 1 - name: Helm chart unit tests uses: d3adb5/helm-unittest-action@v2 From 28b70651fd3e6d5da37d5e3696a1fbc1d646377f Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 6 Nov 2024 09:24:41 +0500 Subject: [PATCH 09/35] test positive --- .github/workflows/pull_request.yaml | 4 ++-- deployments/kubernetes/chart/reloader/Chart.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 14c7097..d19c33f 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -71,10 +71,10 @@ jobs: current-version: ${{ steps.new_chart_version.outputs.result }} previous-version: ${{ steps.chart_eval.outputs.CURRENT_CHART_VERSION }} - - name: Echo Success + - name: Fail if Helm Chart version isnt updated if: steps.check-version.outputs.is-version-increased != 'true' run: | - echo "Helm Chart Version wasnt Updated" + echo "Helm Chart Version wasnt updated" exit 1 - name: Helm chart unit tests diff --git a/deployments/kubernetes/chart/reloader/Chart.yaml b/deployments/kubernetes/chart/reloader/Chart.yaml index 41e4099..08ed81c 100644 --- a/deployments/kubernetes/chart/reloader/Chart.yaml +++ b/deployments/kubernetes/chart/reloader/Chart.yaml @@ -3,7 +3,7 @@ apiVersion: v1 name: reloader description: Reloader chart that runs on kubernetes -version: 1.1.0 +version: 1.1.1 appVersion: v1.1.0 keywords: - Reloader From a461080c05bf92629796756958182910cfa63d08 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 6 Nov 2024 21:32:25 +0500 Subject: [PATCH 10/35] add helm workflow --- .github/workflows/push-helm-chart.yaml | 103 +++++++++++++++++++++++++ deployments/kubernetes/reloader.yaml | 2 +- 2 files changed, 104 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/push-helm-chart.yaml diff --git a/.github/workflows/push-helm-chart.yaml b/.github/workflows/push-helm-chart.yaml new file mode 100644 index 0000000..d87cfa7 --- /dev/null +++ b/.github/workflows/push-helm-chart.yaml @@ -0,0 +1,103 @@ +name: Push Helm Chart + +on: + pull_request: + types: + - closed + branches: + - master + paths: + - 'deployments/kubernetes/chart/reloader/**' + +env: + HELM_REGISTRY_URL: "https://stakater.github.io/stakater-charts" + REGISTRY: ghcr.io + +jobs: + build: + + permissions: + contents: read + packages: write # to push artifacts to `ghcr.io` + + name: Build + if: github.event.pull_request.merged == true + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + with: + token: ${{ secrets.PUBLISH_TOKEN }} + fetch-depth: 0 # otherwise, you will fail to push refs to dest repo + submodules: recursive + + # Setting up helm binary + - name: Set up Helm + uses: azure/setup-helm@v4 + with: + version: v3.11.3 + + - name: Add Stakater Helm Repo + run: | + helm repo add stakater https://stakater.github.io/stakater-charts + + - name: Get version for chart from helm repo + id: chart_eval + run: | + current_chart_version=$(helm search repo stakater/reloader | tail -n 1 | awk '{print $2}') + echo "CURRENT_CHART_VERSION=$(echo ${current_chart_version})" >> $GITHUB_OUTPUT + + - name: Get Updated Chart version from Chart.yaml + uses: mikefarah/yq@master + id: new_chart_version + with: + cmd: yq e '.version' deployments/kubernetes/chart/reloader/Chart.yaml + + - name: Check Version + uses: aleoyakas/check-semver-increased-action@v1 + id: check-version + with: + current-version: ${{ steps.new_chart_version.outputs.result }} + previous-version: ${{ steps.chart_eval.outputs.CURRENT_CHART_VERSION }} + + - name: Fail if Helm Chart version isnt updated + if: steps.check-version.outputs.is-version-increased != 'true' + run: | + echo "Helm Chart Version wasnt updated" + exit 1 + + # Publish helm chart + - name: Login to ghcr via helm + run: | + echo ${{secrets.GITHUB_TOKEN}} | helm registry login ghcr.io/stakater --username stakater-user --password-stdin + + - name: Publish Helm chart to ghcr.io + run: | + helm package ./deployments/kubernetes/chart/reloader --destination ./packaged-chart + helm push ./packaged-chart/*.tgz oci://ghcr.io/stakater/charts + rm -rf ./packaged-chart + + - name: Publish Helm chart to gh-pages + uses: stefanprodan/helm-gh-pages@master + with: + branch: master + repository: stakater-charts + target_dir: docs + token: ${{ secrets.STAKATER_GITHUB_TOKEN }} + charts_dir: deployments/kubernetes/chart/ + charts_url: ${{ env.HELM_REGISTRY_URL }} + owner: stakater + linting: on + commit_username: stakater-user + commit_email: stakater@gmail.com + + - name: Notify Slack + uses: 8398a7/action-slack@v3 + if: always() # Pick up events even if the job fails or is canceled. + with: + status: ${{ job.status }} + fields: repo,author,action,eventName,ref,workflow + env: + GITHUB_TOKEN: ${{ secrets.PUBLISH_TOKEN }} + SLACK_WEBHOOK_URL: ${{ secrets.STAKATER_DELIVERY_SLACK_WEBHOOK }} diff --git a/deployments/kubernetes/reloader.yaml b/deployments/kubernetes/reloader.yaml index 6dd7f0b..eeda438 100644 --- a/deployments/kubernetes/reloader.yaml +++ b/deployments/kubernetes/reloader.yaml @@ -101,7 +101,7 @@ spec: resourceFieldRef: divisor: "1" resource: limits.memory - image: ghcr.io/stakater/reloader:latest + image: "ghcr.io/stakater/reloader:v1.1.0" imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 5 From f2a0e81ad1d81d82e49ec82ed4147528d38460d8 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 6 Nov 2024 22:01:28 +0500 Subject: [PATCH 11/35] fix manifest workflow --- .github/workflows/init-branch-release.yaml | 6 ++++++ deployments/kubernetes/reloader.yaml | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/init-branch-release.yaml b/.github/workflows/init-branch-release.yaml index 9f22e0e..0a73784 100644 --- a/.github/workflows/init-branch-release.yaml +++ b/.github/workflows/init-branch-release.yaml @@ -44,6 +44,12 @@ jobs: echo "Bumping version from $(cat VERSION) to ${{ inputs.TARGET_VERSION }}" echo "${{ inputs.TARGET_VERSION }}" > VERSION + - name: Replace latest tag with version from input + run: | + set -ue + VERSION=${{ inputs.TARGET_VERSION }} make update-manifests-version + git diff + - name: Generate new set of manifests run: | set -ue diff --git a/deployments/kubernetes/reloader.yaml b/deployments/kubernetes/reloader.yaml index eeda438..881ba34 100644 --- a/deployments/kubernetes/reloader.yaml +++ b/deployments/kubernetes/reloader.yaml @@ -101,7 +101,7 @@ spec: resourceFieldRef: divisor: "1" resource: limits.memory - image: "ghcr.io/stakater/reloader:v1.1.0" + image: "ghcr.io/stakater/reloader:latest" imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 5 From ec5586fcb745fa9dd19e0f03fcc5ca9ed4fa6926 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 6 Nov 2024 22:05:05 +0500 Subject: [PATCH 12/35] fix manifest workflow --- .github/workflows/init-branch-release.yaml | 1 + Makefile | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/init-branch-release.yaml b/.github/workflows/init-branch-release.yaml index 0a73784..3d1572f 100644 --- a/.github/workflows/init-branch-release.yaml +++ b/.github/workflows/init-branch-release.yaml @@ -48,6 +48,7 @@ jobs: run: | set -ue VERSION=${{ inputs.TARGET_VERSION }} make update-manifests-version + VERSION=${{ inputs.TARGET_VERSION }} make bump-chart git diff - name: Generate new set of manifests diff --git a/Makefile b/Makefile index fb5dd92..f4a725d 100644 --- a/Makefile +++ b/Makefile @@ -159,7 +159,6 @@ update-manifests-version: ## Generate k8s manifests using Kustomize from 'manife # Bump Chart bump-chart: - sed -i "s/^version:.*/version: $(VERSION)/" deployments/kubernetes/chart/reloader/Chart.yaml sed -i "s/^appVersion:.*/appVersion: v$(VERSION)/" deployments/kubernetes/chart/reloader/Chart.yaml sed -i "s/tag:.*/tag: v$(VERSION)/" deployments/kubernetes/chart/reloader/values.yaml sed -i "s/version:.*/version: v$(VERSION)/" deployments/kubernetes/chart/reloader/values.yaml From ba6cc12daf73c87600886016436a17fb3deb62c2 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 6 Nov 2024 22:14:54 +0500 Subject: [PATCH 13/35] cleanup --- .github/workflows/pull_request.yaml | 29 ------------ .github/workflows/push.yaml | 70 ----------------------------- 2 files changed, 99 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index a98482f..10cf41a 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -48,35 +48,6 @@ jobs: - name: Set up Helm uses: azure/setup-helm@v4 - - name: Add Stakater Helm Repo - run: | - helm repo add stakater https://stakater.github.io/stakater-charts - - - name: Get version for chart from helm repo - id: chart_eval - run: | - current_chart_version=$(helm search repo stakater/reloader | tail -n 1 | awk '{print $2}') - echo "CURRENT_CHART_VERSION=$(echo ${current_chart_version})" >> $GITHUB_OUTPUT - - - name: Get Updated Chart version from Chart.yaml - uses: mikefarah/yq@master - id: new_chart_version - with: - cmd: yq e '.version' deployments/kubernetes/chart/reloader/Chart.yaml - - - name: Check Version - uses: aleoyakas/check-semver-increased-action@v1 - id: check-version - with: - current-version: ${{ steps.new_chart_version.outputs.result }} - previous-version: ${{ steps.chart_eval.outputs.CURRENT_CHART_VERSION }} - - - name: Fail if Helm Chart version isnt updated - if: steps.check-version.outputs.is-version-increased != 'true' - run: | - echo "Helm Chart Version wasnt updated" - exit 1 - - name: Helm chart unit tests uses: d3adb5/helm-unittest-action@v2 with: diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index b8ae43d..626e506 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -207,76 +207,6 @@ jobs: org.opencontainers.image.source=${{ github.event.repository.clone_url }} org.opencontainers.image.revision=${{ github.sha }} - ############################## - ## Add steps to generate required artifacts for a release here(helm chart, operator manifest etc.) - ############################## - - # Skip pushing plain manifests till we decide what to do with them - - # - name: Helm Template - # run: | - # helm template reloader deployments/kubernetes/chart/reloader/ \ - # --set reloader.deployment.resources.limits.cpu=150m \ - # --set reloader.deployment.resources.limits.memory=512Mi \ - # --set reloader.deployment.resources.requests.cpu=10m \ - # --set reloader.deployment.resources.requests.memory=128Mi > deployments/kubernetes/reloader.yaml - - # helm template reloader deployments/kubernetes/chart/reloader/ --output-dir deployments/kubernetes/manifests && mv deployments/kubernetes/manifests/reloader/templates/* deployments/kubernetes/manifests/ && rm -r deployments/kubernetes/manifests/reloader - - # - name: Remove labels and annotations from manifests - # run: make remove-labels-annotations - - # Charts are to be pushed to a separate repo with a separate release cycle - - # # Publish helm chart - # - name: Login to ghcr via helm - # run: | - # echo ${{secrets.GITHUB_TOKEN}} | helm registry login ghcr.io/stakater --username stakater-user --password-stdin - - # - name: Publish Helm chart to ghcr.io - # run: | - # helm package ./deployments/kubernetes/chart/reloader --destination ./packaged-chart - # helm push ./packaged-chart/*.tgz oci://ghcr.io/stakater/charts - # rm -rf ./packaged-chart - - # - name: Publish Helm chart to gh-pages - # uses: stefanprodan/helm-gh-pages@master - # with: - # branch: master - # repository: stakater-charts - # target_dir: docs - # token: ${{ secrets.STAKATER_GITHUB_TOKEN }} - # charts_dir: deployments/kubernetes/chart/ - # charts_url: ${{ env.HELM_REGISTRY_URL }} - # owner: stakater - # linting: on - # commit_username: stakater-user - # commit_email: stakater@gmail.com - - # # Commit back changes - # - name: Log info about `.git` directory permissions - # run: | - # # Debug logging - # echo "Disk usage: " - # df -H - - # echo ".git files not owned by current user or current group:" - # find .git ! -user $(id -u) -o ! -group $(id -g) | xargs ls -lah - - # - name: Commit files - # run: | - # git config --local user.email "stakater@gmail.com" - # git config --local user.name "stakater-user" - # git status - # git add . - # git commit -m "[skip-ci] Update artifacts" -a - - # - name: Push changes - # uses: ad-m/github-push-action@master - # with: - # github_token: ${{ secrets.STAKATER_GITHUB_TOKEN }} - # branch: ${{ github.ref }} - - name: Push Latest Tag uses: anothrNick/github-tag-action@1.71.0 env: From 12826023d4999acdc0c88ec6b3103a9b24259a67 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Thu, 7 Nov 2024 21:33:22 +0500 Subject: [PATCH 14/35] add PR validation for helm chart --- .github/workflows/pull_request.yaml | 71 +++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 10cf41a..a489ee5 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -47,6 +47,8 @@ jobs: # Setting up helm binary - name: Set up Helm uses: azure/setup-helm@v4 + with: + version: v3.11.3 - name: Helm chart unit tests uses: d3adb5/helm-unittest-action@v2 @@ -160,3 +162,72 @@ jobs: org.opencontainers.image.source=${{ github.event.repository.clone_url }} org.opencontainers.image.created=${{ steps.prep.outputs.created }} org.opencontainers.image.revision=${{ github.sha }} + + - name: Check if Helm validation is needs to run + uses: dorny/paths-filter@v3 + id: filter + with: + filters: | + chart: + - 'deployments/kubernetes/chart/reloader/**' + + outputs: + helm_chart_changed: ${{ steps.filter.outputs.chart }} + + helm-validation: + permissions: + contents: read + + runs-on: ubuntu-latest + name: Helm Chart Validation + needs: + - build + + if: ${{ needs.build.outputs.helm_chart_changed }} == "true" + steps: + + - name: Check out code + uses: actions/checkout@v4 + with: + ref: ${{github.event.pull_request.head.sha}} + fetch-depth: 0 + + # Setting up helm binary + - name: Set up Helm + uses: azure/setup-helm@v4 + with: + version: v3.11.3 + + - name: Helm chart unit tests + uses: d3adb5/helm-unittest-action@v2 + with: + charts: deployments/kubernetes/chart/reloader + + - name: Add Stakater Helm Repo + run: | + helm repo add stakater https://stakater.github.io/stakater-charts + + - name: Get version for chart from helm repo + id: chart_eval + run: | + current_chart_version=$(helm search repo stakater/reloader | tail -n 1 | awk '{print $2}') + echo "CURRENT_CHART_VERSION=$(echo ${current_chart_version})" >> $GITHUB_OUTPUT + + - name: Get Updated Chart version from Chart.yaml + uses: mikefarah/yq@master + id: new_chart_version + with: + cmd: yq e '.version' deployments/kubernetes/chart/reloader/Chart.yaml + + - name: Check Version + uses: aleoyakas/check-semver-increased-action@v1 + id: check-version + with: + current-version: ${{ steps.new_chart_version.outputs.result }} + previous-version: ${{ steps.chart_eval.outputs.CURRENT_CHART_VERSION }} + + - name: Fail if Helm Chart version isnt updated + if: steps.check-version.outputs.is-version-increased != 'true' + run: | + echo "Helm Chart Version wasnt updated" + exit 1 From fa09ff7e761dc4582366253a2ece230ebb553a67 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Thu, 7 Nov 2024 21:52:45 +0500 Subject: [PATCH 15/35] check failure --- .github/workflows/pull_request.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index a489ee5..57f9645 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -163,7 +163,7 @@ jobs: org.opencontainers.image.created=${{ steps.prep.outputs.created }} org.opencontainers.image.revision=${{ github.sha }} - - name: Check if Helm validation is needs to run + - name: Check if Helm validation needs to run uses: dorny/paths-filter@v3 id: filter with: @@ -227,7 +227,7 @@ jobs: previous-version: ${{ steps.chart_eval.outputs.CURRENT_CHART_VERSION }} - name: Fail if Helm Chart version isnt updated - if: steps.check-version.outputs.is-version-increased != 'true' + if: steps.check-version.outputs.is-version-increased == 'true' run: | echo "Helm Chart Version wasnt updated" exit 1 From 242fd802093b0fb0a38e0c816d0d89f80de9ac28 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Thu, 7 Nov 2024 22:12:31 +0500 Subject: [PATCH 16/35] revert --- .github/workflows/pull_request.yaml | 2 +- .github/workflows/push-helm-chart.yaml | 103 ------------------------- 2 files changed, 1 insertion(+), 104 deletions(-) delete mode 100644 .github/workflows/push-helm-chart.yaml diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 57f9645..b476bf5 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -227,7 +227,7 @@ jobs: previous-version: ${{ steps.chart_eval.outputs.CURRENT_CHART_VERSION }} - name: Fail if Helm Chart version isnt updated - if: steps.check-version.outputs.is-version-increased == 'true' + if: steps.check-version.outputs.is-version-increased != 'true' run: | echo "Helm Chart Version wasnt updated" exit 1 diff --git a/.github/workflows/push-helm-chart.yaml b/.github/workflows/push-helm-chart.yaml deleted file mode 100644 index d87cfa7..0000000 --- a/.github/workflows/push-helm-chart.yaml +++ /dev/null @@ -1,103 +0,0 @@ -name: Push Helm Chart - -on: - pull_request: - types: - - closed - branches: - - master - paths: - - 'deployments/kubernetes/chart/reloader/**' - -env: - HELM_REGISTRY_URL: "https://stakater.github.io/stakater-charts" - REGISTRY: ghcr.io - -jobs: - build: - - permissions: - contents: read - packages: write # to push artifacts to `ghcr.io` - - name: Build - if: github.event.pull_request.merged == true - runs-on: ubuntu-latest - - steps: - - name: Check out code - uses: actions/checkout@v4 - with: - token: ${{ secrets.PUBLISH_TOKEN }} - fetch-depth: 0 # otherwise, you will fail to push refs to dest repo - submodules: recursive - - # Setting up helm binary - - name: Set up Helm - uses: azure/setup-helm@v4 - with: - version: v3.11.3 - - - name: Add Stakater Helm Repo - run: | - helm repo add stakater https://stakater.github.io/stakater-charts - - - name: Get version for chart from helm repo - id: chart_eval - run: | - current_chart_version=$(helm search repo stakater/reloader | tail -n 1 | awk '{print $2}') - echo "CURRENT_CHART_VERSION=$(echo ${current_chart_version})" >> $GITHUB_OUTPUT - - - name: Get Updated Chart version from Chart.yaml - uses: mikefarah/yq@master - id: new_chart_version - with: - cmd: yq e '.version' deployments/kubernetes/chart/reloader/Chart.yaml - - - name: Check Version - uses: aleoyakas/check-semver-increased-action@v1 - id: check-version - with: - current-version: ${{ steps.new_chart_version.outputs.result }} - previous-version: ${{ steps.chart_eval.outputs.CURRENT_CHART_VERSION }} - - - name: Fail if Helm Chart version isnt updated - if: steps.check-version.outputs.is-version-increased != 'true' - run: | - echo "Helm Chart Version wasnt updated" - exit 1 - - # Publish helm chart - - name: Login to ghcr via helm - run: | - echo ${{secrets.GITHUB_TOKEN}} | helm registry login ghcr.io/stakater --username stakater-user --password-stdin - - - name: Publish Helm chart to ghcr.io - run: | - helm package ./deployments/kubernetes/chart/reloader --destination ./packaged-chart - helm push ./packaged-chart/*.tgz oci://ghcr.io/stakater/charts - rm -rf ./packaged-chart - - - name: Publish Helm chart to gh-pages - uses: stefanprodan/helm-gh-pages@master - with: - branch: master - repository: stakater-charts - target_dir: docs - token: ${{ secrets.STAKATER_GITHUB_TOKEN }} - charts_dir: deployments/kubernetes/chart/ - charts_url: ${{ env.HELM_REGISTRY_URL }} - owner: stakater - linting: on - commit_username: stakater-user - commit_email: stakater@gmail.com - - - name: Notify Slack - uses: 8398a7/action-slack@v3 - if: always() # Pick up events even if the job fails or is canceled. - with: - status: ${{ job.status }} - fields: repo,author,action,eventName,ref,workflow - env: - GITHUB_TOKEN: ${{ secrets.PUBLISH_TOKEN }} - SLACK_WEBHOOK_URL: ${{ secrets.STAKATER_DELIVERY_SLACK_WEBHOOK }} From 394707a7f8d4dc83fbd019044486ddc69836c636 Mon Sep 17 00:00:00 2001 From: tom1299 Date: Sun, 10 Nov 2024 07:21:13 +0100 Subject: [PATCH 17/35] Remove obsolete permissions for apiGroup extensions --- .../chart/reloader/templates/clusterrole.yaml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/deployments/kubernetes/chart/reloader/templates/clusterrole.yaml b/deployments/kubernetes/chart/reloader/templates/clusterrole.yaml index e3175fc..ad3465a 100644 --- a/deployments/kubernetes/chart/reloader/templates/clusterrole.yaml +++ b/deployments/kubernetes/chart/reloader/templates/clusterrole.yaml @@ -76,16 +76,6 @@ rules: - get - update - patch - - apiGroups: - - "extensions" - resources: - - deployments - - daemonsets - verbs: - - list - - get - - update - - patch - apiGroups: - "batch" resources: From 489a900a2099b28b85d27b822b8c3c256157d3bf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 13 Nov 2024 10:19:15 +0100 Subject: [PATCH 18/35] chore(deps): update stakater/.github action to v0.0.98 (#785) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/pull_request.yaml | 2 +- .github/workflows/pull_request_docs.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 1392d8a..8a3a53f 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -23,7 +23,7 @@ env: jobs: qa: - uses: stakater/.github/.github/workflows/pull_request_doc_qa.yaml@v0.0.97 + uses: stakater/.github/.github/workflows/pull_request_doc_qa.yaml@v0.0.98 with: MD_CONFIG: .github/md_config.json DOC_SRC: README.md diff --git a/.github/workflows/pull_request_docs.yaml b/.github/workflows/pull_request_docs.yaml index 65d8e07..793761b 100644 --- a/.github/workflows/pull_request_docs.yaml +++ b/.github/workflows/pull_request_docs.yaml @@ -15,7 +15,7 @@ on: jobs: qa: - uses: stakater/.github/.github/workflows/pull_request_doc_qa.yaml@v0.0.97 + uses: stakater/.github/.github/workflows/pull_request_doc_qa.yaml@v0.0.98 with: MD_CONFIG: .github/md_config.json DOC_SRC: docs From 785cc4937466a23c2ba5885604753cda1b7202aa Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Thu, 14 Nov 2024 17:52:55 +0500 Subject: [PATCH 19/35] add version file --- VERSION | 1 + 1 file changed, 1 insertion(+) create mode 100644 VERSION diff --git a/VERSION b/VERSION new file mode 100644 index 0000000..1cc5f65 --- /dev/null +++ b/VERSION @@ -0,0 +1 @@ +1.1.0 \ No newline at end of file From 01205e70dfe1ebe3b5d68cabc2e032b7d76b03e4 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Thu, 14 Nov 2024 21:20:50 +0500 Subject: [PATCH 20/35] update action version --- .github/workflows/init-branch-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/init-branch-release.yaml b/.github/workflows/init-branch-release.yaml index 3d1572f..142643b 100644 --- a/.github/workflows/init-branch-release.yaml +++ b/.github/workflows/init-branch-release.yaml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4.0.0 + uses: actions/checkout@v4.2 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} From e2edc878129b2781ef3d7448677a15c2b9e1441a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 14 Nov 2024 16:21:16 +0000 Subject: [PATCH 21/35] chore(deps): update stakater/.github action to v0.0.99 --- .github/workflows/pull_request.yaml | 2 +- .github/workflows/pull_request_docs.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 8a3a53f..3a86de2 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -23,7 +23,7 @@ env: jobs: qa: - uses: stakater/.github/.github/workflows/pull_request_doc_qa.yaml@v0.0.98 + uses: stakater/.github/.github/workflows/pull_request_doc_qa.yaml@v0.0.99 with: MD_CONFIG: .github/md_config.json DOC_SRC: README.md diff --git a/.github/workflows/pull_request_docs.yaml b/.github/workflows/pull_request_docs.yaml index 793761b..acf88e9 100644 --- a/.github/workflows/pull_request_docs.yaml +++ b/.github/workflows/pull_request_docs.yaml @@ -15,7 +15,7 @@ on: jobs: qa: - uses: stakater/.github/.github/workflows/pull_request_doc_qa.yaml@v0.0.98 + uses: stakater/.github/.github/workflows/pull_request_doc_qa.yaml@v0.0.99 with: MD_CONFIG: .github/md_config.json DOC_SRC: docs From 60a2f269763e3c16610697eabfe46727da28d16a Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Thu, 14 Nov 2024 21:25:41 +0500 Subject: [PATCH 22/35] fix base in values --- deployments/kubernetes/chart/reloader/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deployments/kubernetes/chart/reloader/values.yaml b/deployments/kubernetes/chart/reloader/values.yaml index feca8ae..3e4e52a 100644 --- a/deployments/kubernetes/chart/reloader/values.yaml +++ b/deployments/kubernetes/chart/reloader/values.yaml @@ -97,6 +97,7 @@ reloader: version: v1.1.0 image: name: ghcr.io/stakater/reloader + base: stakater/reloader tag: v1.1.0 pullPolicy: IfNotPresent # Support for extra environment variables. From 53b650ac80a8212f78376aff05e47cd108c2c6c3 Mon Sep 17 00:00:00 2001 From: lochan_2112 Date: Sun, 17 Nov 2024 01:06:27 +0530 Subject: [PATCH 23/35] Provide annotations to exclude reloading resources (#764) * Provide annotations to exclude reloading resources * update test case * undo commented tests * remove sleep --- internal/pkg/handler/upgrade.go | 36 +++ internal/pkg/handler/upgrade_test.go | 374 ++++++++++++++++++++------- internal/pkg/options/flags.go | 4 + internal/pkg/testutil/kube.go | 40 +++ 4 files changed, 359 insertions(+), 95 deletions(-) diff --git a/internal/pkg/handler/upgrade.go b/internal/pkg/handler/upgrade.go index 78d675c..ad4e875 100644 --- a/internal/pkg/handler/upgrade.go +++ b/internal/pkg/handler/upgrade.go @@ -199,6 +199,9 @@ func PerformAction(clients kube.Clients, config util.Config, upgradeFuncs callba searchAnnotationValue, foundSearchAnn := annotations[options.AutoSearchAnnotation] reloaderEnabledValue, foundAuto := annotations[options.ReloaderAutoAnnotation] typedAutoAnnotationEnabledValue, foundTypedAuto := annotations[config.TypedAutoAnnotation] + excludeConfigmapAnnotationValue, foundExcludeConfigmap := annotations[options.ConfigmapExcludeReloaderAnnotation] + excludeSecretAnnotationValue, foundExcludeSecret := annotations[options.SecretExcludeReloaderAnnotation] + if !found && !foundAuto && !foundTypedAuto && !foundSearchAnn { annotations = upgradeFuncs.PodAnnotationsFunc(i) annotationValue = annotations[config.Annotation] @@ -206,6 +209,24 @@ func PerformAction(clients kube.Clients, config util.Config, upgradeFuncs callba reloaderEnabledValue = annotations[options.ReloaderAutoAnnotation] typedAutoAnnotationEnabledValue = annotations[config.TypedAutoAnnotation] } + + isResourceExcluded := false + + switch config.Type { + case constants.ConfigmapEnvVarPostfix: + if foundExcludeConfigmap { + isResourceExcluded = checkIfResourceIsExcluded(config.ResourceName, excludeConfigmapAnnotationValue) + } + case constants.SecretEnvVarPostfix: + if foundExcludeSecret { + isResourceExcluded = checkIfResourceIsExcluded(config.ResourceName, excludeSecretAnnotationValue) + } + } + + if isResourceExcluded { + continue + } + result := constants.NotUpdated reloaderEnabled, _ := strconv.ParseBool(reloaderEnabledValue) typedAutoAnnotationEnabled, _ := strconv.ParseBool(typedAutoAnnotationEnabledValue) @@ -275,6 +296,21 @@ func PerformAction(clients kube.Clients, config util.Config, upgradeFuncs callba return nil } +func checkIfResourceIsExcluded(resourceName, excludedResources string) bool { + if excludedResources == "" { + return false + } + + excludedResourcesList := strings.Split(excludedResources, ",") + for _, excludedResource := range excludedResourcesList { + if strings.TrimSpace(excludedResource) == resourceName { + return true + } + } + + return false +} + func getVolumeMountName(volumes []v1.Volume, mountType string, volumeName string) string { for i := range volumes { if mountType == constants.ConfigmapEnvVarPostfix { diff --git a/internal/pkg/handler/upgrade_test.go b/internal/pkg/handler/upgrade_test.go index cd1b81b..2b71740 100644 --- a/internal/pkg/handler/upgrade_test.go +++ b/internal/pkg/handler/upgrade_test.go @@ -26,48 +26,52 @@ import ( var ( clients = kube.Clients{KubernetesClient: testclient.NewSimpleClientset()} - arsNamespace = "test-handler-" + testutil.RandSeq(5) - arsConfigmapName = "testconfigmap-handler-" + testutil.RandSeq(5) - arsSecretName = "testsecret-handler-" + testutil.RandSeq(5) - arsProjectedConfigMapName = "testprojectedconfigmap-handler-" + testutil.RandSeq(5) - arsProjectedSecretName = "testprojectedsecret-handler-" + testutil.RandSeq(5) - arsConfigmapWithInitContainer = "testconfigmapInitContainerhandler-" + testutil.RandSeq(5) - arsSecretWithInitContainer = "testsecretWithInitContainer-handler-" + testutil.RandSeq(5) - arsProjectedConfigMapWithInitContainer = "testProjectedConfigMapWithInitContainer-handler" + testutil.RandSeq(5) - arsProjectedSecretWithInitContainer = "testProjectedSecretWithInitContainer-handler" + testutil.RandSeq(5) - arsConfigmapWithInitEnv = "configmapWithInitEnv-" + testutil.RandSeq(5) - arsSecretWithInitEnv = "secretWithInitEnv-handler-" + testutil.RandSeq(5) - arsConfigmapWithEnvName = "testconfigmapWithEnv-handler-" + testutil.RandSeq(5) - arsConfigmapWithEnvFromName = "testconfigmapWithEnvFrom-handler-" + testutil.RandSeq(5) - arsSecretWithEnvName = "testsecretWithEnv-handler-" + testutil.RandSeq(5) - arsSecretWithEnvFromName = "testsecretWithEnvFrom-handler-" + testutil.RandSeq(5) - arsConfigmapWithPodAnnotations = "testconfigmapPodAnnotations-handler-" + testutil.RandSeq(5) - arsConfigmapWithBothAnnotations = "testconfigmapBothAnnotations-handler-" + testutil.RandSeq(5) - arsConfigmapAnnotated = "testconfigmapAnnotated-handler-" + testutil.RandSeq(5) - arsConfigMapWithNonAnnotatedDeployment = "testconfigmapNonAnnotatedDeployment-handler-" + testutil.RandSeq(5) - arsSecretWithSecretAutoAnnotation = "testsecretwithsecretautoannotationdeployment-handler-" + testutil.RandSeq(5) - arsConfigmapWithConfigMapAutoAnnotation = "testconfigmapwithconfigmapautoannotationdeployment-handler-" + testutil.RandSeq(5) + arsNamespace = "test-handler-" + testutil.RandSeq(5) + arsConfigmapName = "testconfigmap-handler-" + testutil.RandSeq(5) + arsSecretName = "testsecret-handler-" + testutil.RandSeq(5) + arsProjectedConfigMapName = "testprojectedconfigmap-handler-" + testutil.RandSeq(5) + arsProjectedSecretName = "testprojectedsecret-handler-" + testutil.RandSeq(5) + arsConfigmapWithInitContainer = "testconfigmapInitContainerhandler-" + testutil.RandSeq(5) + arsSecretWithInitContainer = "testsecretWithInitContainer-handler-" + testutil.RandSeq(5) + arsProjectedConfigMapWithInitContainer = "testProjectedConfigMapWithInitContainer-handler" + testutil.RandSeq(5) + arsProjectedSecretWithInitContainer = "testProjectedSecretWithInitContainer-handler" + testutil.RandSeq(5) + arsConfigmapWithInitEnv = "configmapWithInitEnv-" + testutil.RandSeq(5) + arsSecretWithInitEnv = "secretWithInitEnv-handler-" + testutil.RandSeq(5) + arsConfigmapWithEnvName = "testconfigmapWithEnv-handler-" + testutil.RandSeq(5) + arsConfigmapWithEnvFromName = "testconfigmapWithEnvFrom-handler-" + testutil.RandSeq(5) + arsSecretWithEnvName = "testsecretWithEnv-handler-" + testutil.RandSeq(5) + arsSecretWithEnvFromName = "testsecretWithEnvFrom-handler-" + testutil.RandSeq(5) + arsConfigmapWithPodAnnotations = "testconfigmapPodAnnotations-handler-" + testutil.RandSeq(5) + arsConfigmapWithBothAnnotations = "testconfigmapBothAnnotations-handler-" + testutil.RandSeq(5) + arsConfigmapAnnotated = "testconfigmapAnnotated-handler-" + testutil.RandSeq(5) + arsConfigMapWithNonAnnotatedDeployment = "testconfigmapNonAnnotatedDeployment-handler-" + testutil.RandSeq(5) + arsSecretWithSecretAutoAnnotation = "testsecretwithsecretautoannotationdeployment-handler-" + testutil.RandSeq(5) + arsConfigmapWithConfigMapAutoAnnotation = "testconfigmapwithconfigmapautoannotationdeployment-handler-" + testutil.RandSeq(5) + arsSecretWithExcludeSecretAnnotation = "testsecretwithsecretexcludeannotationdeployment-handler-" + testutil.RandSeq(5) + arsConfigmapWithExcludeConfigMapAnnotation = "testconfigmapwithconfigmapexcludeannotationdeployment-handler-" + testutil.RandSeq(5) - ersNamespace = "test-handler-" + testutil.RandSeq(5) - ersConfigmapName = "testconfigmap-handler-" + testutil.RandSeq(5) - ersSecretName = "testsecret-handler-" + testutil.RandSeq(5) - ersProjectedConfigMapName = "testprojectedconfigmap-handler-" + testutil.RandSeq(5) - ersProjectedSecretName = "testprojectedsecret-handler-" + testutil.RandSeq(5) - ersConfigmapWithInitContainer = "testconfigmapInitContainerhandler-" + testutil.RandSeq(5) - ersSecretWithInitContainer = "testsecretWithInitContainer-handler-" + testutil.RandSeq(5) - ersProjectedConfigMapWithInitContainer = "testProjectedConfigMapWithInitContainer-handler" + testutil.RandSeq(5) - ersProjectedSecretWithInitContainer = "testProjectedSecretWithInitContainer-handler" + testutil.RandSeq(5) - ersConfigmapWithInitEnv = "configmapWithInitEnv-" + testutil.RandSeq(5) - ersSecretWithInitEnv = "secretWithInitEnv-handler-" + testutil.RandSeq(5) - ersConfigmapWithEnvName = "testconfigmapWithEnv-handler-" + testutil.RandSeq(5) - ersConfigmapWithEnvFromName = "testconfigmapWithEnvFrom-handler-" + testutil.RandSeq(5) - ersSecretWithEnvName = "testsecretWithEnv-handler-" + testutil.RandSeq(5) - ersSecretWithEnvFromName = "testsecretWithEnvFrom-handler-" + testutil.RandSeq(5) - ersConfigmapWithPodAnnotations = "testconfigmapPodAnnotations-handler-" + testutil.RandSeq(5) - ersConfigmapWithBothAnnotations = "testconfigmapBothAnnotations-handler-" + testutil.RandSeq(5) - ersConfigmapAnnotated = "testconfigmapAnnotated-handler-" + testutil.RandSeq(5) - ersSecretWithSecretAutoAnnotation = "testsecretwithsecretautoannotationdeployment-handler-" + testutil.RandSeq(5) - ersConfigmapWithConfigMapAutoAnnotation = "testconfigmapwithconfigmapautoannotationdeployment-handler-" + testutil.RandSeq(5) + ersNamespace = "test-handler-" + testutil.RandSeq(5) + ersConfigmapName = "testconfigmap-handler-" + testutil.RandSeq(5) + ersSecretName = "testsecret-handler-" + testutil.RandSeq(5) + ersProjectedConfigMapName = "testprojectedconfigmap-handler-" + testutil.RandSeq(5) + ersProjectedSecretName = "testprojectedsecret-handler-" + testutil.RandSeq(5) + ersConfigmapWithInitContainer = "testconfigmapInitContainerhandler-" + testutil.RandSeq(5) + ersSecretWithInitContainer = "testsecretWithInitContainer-handler-" + testutil.RandSeq(5) + ersProjectedConfigMapWithInitContainer = "testProjectedConfigMapWithInitContainer-handler" + testutil.RandSeq(5) + ersProjectedSecretWithInitContainer = "testProjectedSecretWithInitContainer-handler" + testutil.RandSeq(5) + ersConfigmapWithInitEnv = "configmapWithInitEnv-" + testutil.RandSeq(5) + ersSecretWithInitEnv = "secretWithInitEnv-handler-" + testutil.RandSeq(5) + ersConfigmapWithEnvName = "testconfigmapWithEnv-handler-" + testutil.RandSeq(5) + ersConfigmapWithEnvFromName = "testconfigmapWithEnvFrom-handler-" + testutil.RandSeq(5) + ersSecretWithEnvName = "testsecretWithEnv-handler-" + testutil.RandSeq(5) + ersSecretWithEnvFromName = "testsecretWithEnvFrom-handler-" + testutil.RandSeq(5) + ersConfigmapWithPodAnnotations = "testconfigmapPodAnnotations-handler-" + testutil.RandSeq(5) + ersConfigmapWithBothAnnotations = "testconfigmapBothAnnotations-handler-" + testutil.RandSeq(5) + ersConfigmapAnnotated = "testconfigmapAnnotated-handler-" + testutil.RandSeq(5) + ersSecretWithSecretAutoAnnotation = "testsecretwithsecretautoannotationdeployment-handler-" + testutil.RandSeq(5) + ersConfigmapWithConfigMapAutoAnnotation = "testconfigmapwithconfigmapautoannotationdeployment-handler-" + testutil.RandSeq(5) + ersSecretWithSecretExcludeAnnotation = "testsecretwithsecretexcludeannotationdeployment-handler-" + testutil.RandSeq(5) + ersConfigmapWithConfigMapExcludeAnnotation = "testconfigmapwithconfigmapexcludeannotationdeployment-handler-" + testutil.RandSeq(5) ) func TestMain(m *testing.M) { @@ -196,6 +200,18 @@ func setupArs() { logrus.Errorf("Error in configmap creation: %v", err) } + // Creating secret used with secret auto annotation + _, err = testutil.CreateSecret(clients.KubernetesClient, arsNamespace, arsSecretWithExcludeSecretAnnotation, data) + if err != nil { + logrus.Errorf("Error in secret creation: %v", err) + } + + // Creating configmap used with configmap auto annotation + _, err = testutil.CreateConfigMap(clients.KubernetesClient, arsNamespace, arsConfigmapWithExcludeConfigMapAnnotation, "www.google.com") + if err != nil { + logrus.Errorf("Error in configmap creation: %v", err) + } + // Creating Deployment with configmap _, err = testutil.CreateDeployment(clients.KubernetesClient, arsConfigmapName, arsNamespace, true) if err != nil { @@ -309,6 +325,18 @@ func setupArs() { logrus.Errorf("Error in Deployment with configmap and with configmap auto annotation: %v", err) } + // Creating Deployment with secret and exclude secret annotation + _, err = testutil.CreateDeploymentWithExcludeAnnotation(clients.KubernetesClient, arsSecretWithExcludeSecretAnnotation, arsNamespace, testutil.SecretResourceType) + if err != nil { + logrus.Errorf("Error in Deployment with secret and with secret exclude annotation: %v", err) + } + + // Creating Deployment with secret and exclude configmap annotation + _, err = testutil.CreateDeploymentWithExcludeAnnotation(clients.KubernetesClient, arsConfigmapWithExcludeConfigMapAnnotation, arsNamespace, testutil.ConfigmapResourceType) + if err != nil { + logrus.Errorf("Error in Deployment with configmap and with configmap exclude annotation: %v", err) + } + // Creating DaemonSet with configmap _, err = testutil.CreateDaemonSet(clients.KubernetesClient, arsConfigmapName, arsNamespace, true) if err != nil { @@ -510,6 +538,18 @@ func teardownArs() { logrus.Errorf("Error while deleting deployment with configmap auto annotation %v", deploymentError) } + // Deleting Deployment with secret and exclude secret annotation + deploymentError = testutil.DeleteDeployment(clients.KubernetesClient, arsNamespace, arsSecretWithExcludeSecretAnnotation) + if deploymentError != nil { + logrus.Errorf("Error while deleting deployment with secret auto annotation %v", deploymentError) + } + + // Deleting Deployment with configmap and exclude configmap annotation + deploymentError = testutil.DeleteDeployment(clients.KubernetesClient, arsNamespace, arsConfigmapWithExcludeConfigMapAnnotation) + if deploymentError != nil { + logrus.Errorf("Error while deleting deployment with configmap auto annotation %v", deploymentError) + } + // Deleting DaemonSet with configmap daemonSetError := testutil.DeleteDaemonSet(clients.KubernetesClient, arsNamespace, arsConfigmapName) if daemonSetError != nil { @@ -683,6 +723,18 @@ func teardownArs() { logrus.Errorf("Error while deleting the configmap used with configmap auto annotations: %v", err) } + // Deleting Secret used with exclude secret annotation + err = testutil.DeleteSecret(clients.KubernetesClient, arsNamespace, arsSecretWithExcludeSecretAnnotation) + if err != nil { + logrus.Errorf("Error while deleting the secret used with secret auto annotations: %v", err) + } + + // Deleting ConfigMap used with exclude configmap annotation + err = testutil.DeleteConfigMap(clients.KubernetesClient, arsNamespace, arsConfigmapWithExcludeConfigMapAnnotation) + if err != nil { + logrus.Errorf("Error while deleting the configmap used with configmap auto annotations: %v", err) + } + // Deleting namespace testutil.DeleteNamespace(arsNamespace, clients.KubernetesClient) @@ -787,6 +839,18 @@ func setupErs() { logrus.Errorf("Error in configmap creation: %v", err) } + // Creating secret used with secret exclude annotation + _, err = testutil.CreateSecret(clients.KubernetesClient, ersNamespace, ersSecretWithSecretExcludeAnnotation, data) + if err != nil { + logrus.Errorf("Error in secret creation: %v", err) + } + + // Creating configmap used with configmap exclude annotation + _, err = testutil.CreateConfigMap(clients.KubernetesClient, ersNamespace, ersConfigmapWithConfigMapExcludeAnnotation, "www.google.com") + if err != nil { + logrus.Errorf("Error in configmap creation: %v", err) + } + // Creating Deployment with configmap _, err = testutil.CreateDeployment(clients.KubernetesClient, ersConfigmapName, ersNamespace, true) if err != nil { @@ -894,6 +958,18 @@ func setupErs() { logrus.Errorf("Error in Deployment with configmap and with configmap auto annotation: %v", err) } + // Creating Deployment with secret and with secret exclude annotation + _, err = testutil.CreateDeploymentWithExcludeAnnotation(clients.KubernetesClient, ersSecretWithSecretExcludeAnnotation, ersNamespace, testutil.SecretResourceType) + if err != nil { + logrus.Errorf("Error in Deployment with secret and with secret exclude annotation: %v", err) + } + + // Creating Deployment with secret and with secret exclude annotation + _, err = testutil.CreateDeploymentWithExcludeAnnotation(clients.KubernetesClient, ersConfigmapWithConfigMapExcludeAnnotation, ersNamespace, testutil.ConfigmapResourceType) + if err != nil { + logrus.Errorf("Error in Deployment with configmap and with configmap exclude annotation: %v", err) + } + // Creating DaemonSet with configmap _, err = testutil.CreateDaemonSet(clients.KubernetesClient, ersConfigmapName, ersNamespace, true) if err != nil { @@ -1094,6 +1170,18 @@ func teardownErs() { logrus.Errorf("Error while deleting deployment with configmap auto annotation %v", deploymentError) } + // Deleting Deployment with secret and secret exclude annotation + deploymentError = testutil.DeleteDeployment(clients.KubernetesClient, ersNamespace, ersSecretWithSecretExcludeAnnotation) + if deploymentError != nil { + logrus.Errorf("Error while deleting deployment with secret exclude annotation %v", deploymentError) + } + + // Deleting Deployment with configmap and configmap exclude annotation + deploymentError = testutil.DeleteDeployment(clients.KubernetesClient, ersNamespace, ersConfigmapWithConfigMapExcludeAnnotation) + if deploymentError != nil { + logrus.Errorf("Error while deleting deployment with configmap exclude annotation %v", deploymentError) + } + // Deleting DaemonSet with configmap daemonSetError := testutil.DeleteDaemonSet(clients.KubernetesClient, ersNamespace, ersConfigmapName) if daemonSetError != nil { @@ -1267,6 +1355,18 @@ func teardownErs() { logrus.Errorf("Error while deleting the configmap used with configmap auto annotation: %v", err) } + // Deleting Secret used with secret exclude annotation + err = testutil.DeleteSecret(clients.KubernetesClient, ersNamespace, ersSecretWithSecretExcludeAnnotation) + if err != nil { + logrus.Errorf("Error while deleting the secret used with secret exclude annotation: %v", err) + } + + // Deleting ConfigMap used with configmap exclude annotation + err = testutil.DeleteConfigMap(clients.KubernetesClient, ersNamespace, ersConfigmapWithConfigMapExcludeAnnotation) + if err != nil { + logrus.Errorf("Error while deleting the configmap used with configmap exclude annotation: %v", err) + } + // Deleting namespace testutil.DeleteNamespace(ersNamespace, clients.KubernetesClient) @@ -1337,8 +1437,8 @@ func TestRollingUpgradeForDeploymentWithConfigmapUsingArs(t *testing.T) { if promtestutil.ToFloat64(collectors.Reloaded.With(labelSucceeded)) != 1 { t.Errorf("Counter was not increased") } - - if promtestutil.ToFloat64(collectors.ReloadedByNamespace.With(prometheus.Labels{"success": "true", "namespace": arsNamespace})) != 1 { + + if promtestutil.ToFloat64(collectors.ReloadedByNamespace.With(prometheus.Labels{"success": "true", "namespace": arsNamespace})) != 1 { t.Errorf("Counter by namespace was not increased") } testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) @@ -1403,9 +1503,9 @@ func TestRollingUpgradeForDeploymentWithConfigmapWithoutReloadAnnotationButWithA if promtestutil.ToFloat64(collectors.ReloadedByNamespace.With(prometheus.Labels{"success": "true", "namespace": arsNamespace})) != 1 { t.Errorf("Counter by namespace was not increased") - } - - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + } + + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithConfigmapInProjectedVolumeUsingArs(t *testing.T) { @@ -1432,11 +1532,11 @@ func TestRollingUpgradeForDeploymentWithConfigmapInProjectedVolumeUsingArs(t *te t.Errorf("Counter was not increased") } - if promtestutil.ToFloat64(collectors.ReloadedByNamespace.With(prometheus.Labels{"success": "true", "namespace": arsNamespace})) != 1 { + if promtestutil.ToFloat64(collectors.ReloadedByNamespace.With(prometheus.Labels{"success": "true", "namespace": arsNamespace})) != 1 { t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithConfigmapViaSearchAnnotationUsingArs(t *testing.T) { @@ -1468,7 +1568,7 @@ func TestRollingUpgradeForDeploymentWithConfigmapViaSearchAnnotationUsingArs(t * t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithConfigmapViaSearchAnnotationNoTriggersUsingArs(t *testing.T) { @@ -1575,7 +1675,7 @@ func TestRollingUpgradeForDeploymentWithConfigmapInInitContainerUsingArs(t *test t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithConfigmapInProjectVolumeInInitContainerUsingArs(t *testing.T) { @@ -1607,7 +1707,7 @@ func TestRollingUpgradeForDeploymentWithConfigmapInProjectVolumeInInitContainerU t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithConfigmapAsEnvVarUsingArs(t *testing.T) { @@ -1639,7 +1739,7 @@ func TestRollingUpgradeForDeploymentWithConfigmapAsEnvVarUsingArs(t *testing.T) t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithConfigmapAsEnvVarInInitContainerUsingArs(t *testing.T) { @@ -1670,8 +1770,8 @@ func TestRollingUpgradeForDeploymentWithConfigmapAsEnvVarInInitContainerUsingArs if promtestutil.ToFloat64(collectors.ReloadedByNamespace.With(prometheus.Labels{"success": "true", "namespace": arsNamespace})) != 1 { t.Errorf("Counter by namespace was not increased") } - - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithConfigmapAsEnvVarFromUsingArs(t *testing.T) { @@ -1703,7 +1803,7 @@ func TestRollingUpgradeForDeploymentWithConfigmapAsEnvVarFromUsingArs(t *testing t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithSecretUsingArs(t *testing.T) { @@ -1735,7 +1835,7 @@ func TestRollingUpgradeForDeploymentWithSecretUsingArs(t *testing.T) { t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithSecretInProjectedVolumeUsingArs(t *testing.T) { @@ -1767,7 +1867,7 @@ func TestRollingUpgradeForDeploymentWithSecretInProjectedVolumeUsingArs(t *testi t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithSecretinInitContainerUsingArs(t *testing.T) { @@ -1799,7 +1899,7 @@ func TestRollingUpgradeForDeploymentWithSecretinInitContainerUsingArs(t *testing t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithSecretInProjectedVolumeinInitContainerUsingArs(t *testing.T) { @@ -1831,7 +1931,7 @@ func TestRollingUpgradeForDeploymentWithSecretInProjectedVolumeinInitContainerUs t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithSecretAsEnvVarUsingArs(t *testing.T) { @@ -1863,7 +1963,7 @@ func TestRollingUpgradeForDeploymentWithSecretAsEnvVarUsingArs(t *testing.T) { t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithSecretAsEnvVarFromUsingArs(t *testing.T) { @@ -1926,7 +2026,28 @@ func TestRollingUpgradeForDeploymentWithSecretAsEnvVarInInitContainerUsingArs(t t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) +} + +func TestRollingUpgradeForDeploymentWithSecretExcludeAnnotationUsingArs(t *testing.T) { + options.ReloadStrategy = constants.AnnotationsReloadStrategy + envVarPostfix := constants.SecretEnvVarPostfix + + shaData := testutil.ConvertResourceToSHA(testutil.SecretResourceType, arsNamespace, arsSecretWithExcludeSecretAnnotation, "dGVzdFVwZGF0ZWRTZWNyZXRFbmNvZGluZ0ZvclJlbG9hZGVy") + config := getConfigWithAnnotations(envVarPostfix, arsSecretWithExcludeSecretAnnotation, shaData, "", options.SecretReloaderAutoAnnotation) + deploymentFuncs := GetDeploymentRollingUpgradeFuncs() + collectors := getCollectors() + + err := PerformAction(clients, config, deploymentFuncs, collectors, nil, invokeReloadStrategy) + if err != nil { + t.Errorf("Rolling upgrade failed for Deployment with Secret") + } + + logrus.Infof("Verifying deployment did not update") + updated := testutil.VerifyResourceAnnotationUpdate(clients, config, deploymentFuncs) + if updated { + t.Errorf("Deployment which had to be exluded was updated") + } } func TestRollingUpgradeForDeploymentWithSecretAutoAnnotationUsingArs(t *testing.T) { @@ -1958,9 +2079,29 @@ func TestRollingUpgradeForDeploymentWithSecretAutoAnnotationUsingArs(t *testing. t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } +func TestRollingUpgradeForDeploymentWithExcludeConfigMapAnnotationUsingArs(t *testing.T) { + options.ReloadStrategy = constants.AnnotationsReloadStrategy + envVarPostfix := constants.ConfigmapEnvVarPostfix + + shaData := testutil.ConvertResourceToSHA(testutil.ConfigmapResourceType, arsNamespace, arsConfigmapWithExcludeConfigMapAnnotation, "www.facebook.com") + config := getConfigWithAnnotations(envVarPostfix, arsConfigmapWithExcludeConfigMapAnnotation, shaData, "", options.ConfigmapReloaderAutoAnnotation) + deploymentFuncs := GetDeploymentRollingUpgradeFuncs() + collectors := getCollectors() + + err := PerformAction(clients, config, deploymentFuncs, collectors, nil, invokeReloadStrategy) + if err != nil { + t.Errorf("Rolling upgrade failed for Deployment with exclude ConfigMap") + } + + logrus.Infof("Verifying deployment did update") + updated := testutil.VerifyResourceAnnotationUpdate(clients, config, deploymentFuncs) + if updated { + t.Errorf("Deployment which had to be excluded was updated") + } +} func TestRollingUpgradeForDeploymentWithConfigMapAutoAnnotationUsingArs(t *testing.T) { options.ReloadStrategy = constants.AnnotationsReloadStrategy envVarPostfix := constants.ConfigmapEnvVarPostfix @@ -1990,7 +2131,7 @@ func TestRollingUpgradeForDeploymentWithConfigMapAutoAnnotationUsingArs(t *testi t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDaemonSetWithConfigmapUsingArs(t *testing.T) { @@ -2021,8 +2162,8 @@ func TestRollingUpgradeForDaemonSetWithConfigmapUsingArs(t *testing.T) { if promtestutil.ToFloat64(collectors.ReloadedByNamespace.With(prometheus.Labels{"success": "true", "namespace": arsNamespace})) != 1 { t.Errorf("Counter by namespace was not increased") } - - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) + + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDaemonSetWithConfigmapInProjectedVolumeUsingArs(t *testing.T) { @@ -2054,7 +2195,7 @@ func TestRollingUpgradeForDaemonSetWithConfigmapInProjectedVolumeUsingArs(t *tes t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDaemonSetWithConfigmapAsEnvVarUsingArs(t *testing.T) { @@ -2118,7 +2259,7 @@ func TestRollingUpgradeForDaemonSetWithSecretUsingArs(t *testing.T) { t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDaemonSetWithSecretInProjectedVolumeUsingArs(t *testing.T) { @@ -2150,7 +2291,7 @@ func TestRollingUpgradeForDaemonSetWithSecretInProjectedVolumeUsingArs(t *testin t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForStatefulSetWithConfigmapUsingArs(t *testing.T) { @@ -2182,7 +2323,7 @@ func TestRollingUpgradeForStatefulSetWithConfigmapUsingArs(t *testing.T) { t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, statefulSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, statefulSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForStatefulSetWithConfigmapInProjectedVolumeUsingArs(t *testing.T) { @@ -2214,7 +2355,7 @@ func TestRollingUpgradeForStatefulSetWithConfigmapInProjectedVolumeUsingArs(t *t t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, statefulSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, statefulSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForStatefulSetWithSecretUsingArs(t *testing.T) { @@ -2246,7 +2387,7 @@ func TestRollingUpgradeForStatefulSetWithSecretUsingArs(t *testing.T) { t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, statefulSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, statefulSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForStatefulSetWithSecretInProjectedVolumeUsingArs(t *testing.T) { @@ -2278,7 +2419,7 @@ func TestRollingUpgradeForStatefulSetWithSecretInProjectedVolumeUsingArs(t *test t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, statefulSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyArs(t, clients, config, statefulSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithPodAnnotationsUsingArs(t *testing.T) { @@ -2437,7 +2578,7 @@ func TestRollingUpgradeForDeploymentWithConfigmapInProjectedVolumeUsingErs(t *te t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithConfigmapViaSearchAnnotationUsingErs(t *testing.T) { @@ -2469,7 +2610,7 @@ func TestRollingUpgradeForDeploymentWithConfigmapViaSearchAnnotationUsingErs(t * t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithConfigmapViaSearchAnnotationNoTriggersUsingErs(t *testing.T) { @@ -2576,7 +2717,7 @@ func TestRollingUpgradeForDeploymentWithConfigmapInInitContainerUsingErs(t *test t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithConfigmapInProjectVolumeInInitContainerUsingErs(t *testing.T) { @@ -2640,7 +2781,7 @@ func TestRollingUpgradeForDeploymentWithConfigmapAsEnvVarUsingErs(t *testing.T) t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithConfigmapAsEnvVarInInitContainerUsingErs(t *testing.T) { @@ -2704,7 +2845,7 @@ func TestRollingUpgradeForDeploymentWithConfigmapAsEnvVarFromUsingErs(t *testing t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithSecretUsingErs(t *testing.T) { @@ -2736,7 +2877,7 @@ func TestRollingUpgradeForDeploymentWithSecretUsingErs(t *testing.T) { t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithSecretInProjectedVolumeUsingErs(t *testing.T) { @@ -2800,7 +2941,7 @@ func TestRollingUpgradeForDeploymentWithSecretinInitContainerUsingErs(t *testing t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithSecretInProjectedVolumeinInitContainerUsingErs(t *testing.T) { @@ -2832,7 +2973,7 @@ func TestRollingUpgradeForDeploymentWithSecretInProjectedVolumeinInitContainerUs t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithSecretAsEnvVarUsingErs(t *testing.T) { @@ -2864,7 +3005,7 @@ func TestRollingUpgradeForDeploymentWithSecretAsEnvVarUsingErs(t *testing.T) { t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithSecretAsEnvVarFromUsingErs(t *testing.T) { @@ -2896,7 +3037,7 @@ func TestRollingUpgradeForDeploymentWithSecretAsEnvVarFromUsingErs(t *testing.T) t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithSecretAsEnvVarInInitContainerUsingErs(t *testing.T) { @@ -2928,7 +3069,29 @@ func TestRollingUpgradeForDeploymentWithSecretAsEnvVarInInitContainerUsingErs(t t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) +} + +func TestRollingUpgradeForDeploymentWithSecretExcludeAnnotationUsingErs(t *testing.T) { + options.ReloadStrategy = constants.EnvVarsReloadStrategy + envVarPostfix := constants.SecretEnvVarPostfix + + shaData := testutil.ConvertResourceToSHA(testutil.SecretResourceType, ersNamespace, ersSecretWithSecretExcludeAnnotation, "dGVzdFVwZGF0ZWRTZWNyZXRFbmNvZGluZ0ZvclJlbG9hZGVy") + config := getConfigWithAnnotations(envVarPostfix, ersSecretWithSecretExcludeAnnotation, shaData, "", options.SecretReloaderAutoAnnotation) + deploymentFuncs := GetDeploymentRollingUpgradeFuncs() + collectors := getCollectors() + + err := PerformAction(clients, config, deploymentFuncs, collectors, nil, invokeReloadStrategy) + time.Sleep(5 * time.Second) + if err != nil { + t.Errorf("Rolling upgrade failed for Deployment with exclude Secret") + } + + logrus.Infof("Verifying deployment did not update") + updated := testutil.VerifyResourceEnvVarUpdate(clients, config, envVarPostfix, deploymentFuncs) + if updated { + t.Errorf("Deployment that had to be excluded was updated") + } } func TestRollingUpgradeForDeploymentWithSecretAutoAnnotationUsingErs(t *testing.T) { @@ -2956,12 +3119,33 @@ func TestRollingUpgradeForDeploymentWithSecretAutoAnnotationUsingErs(t *testing. t.Errorf("Counter was not increased") } - - if promtestutil.ToFloat64(collectors.ReloadedByNamespace.With(prometheus.Labels{"success": "true", "namespace": ersNamespace})) != 1 { + if promtestutil.ToFloat64(collectors.ReloadedByNamespace.With(prometheus.Labels{"success": "true", "namespace": ersNamespace})) != 1 { t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) +} + +func TestRollingUpgradeForDeploymentWithConfigMapExcludeAnnotationUsingErs(t *testing.T) { + options.ReloadStrategy = constants.EnvVarsReloadStrategy + envVarPostfix := constants.ConfigmapEnvVarPostfix + + shaData := testutil.ConvertResourceToSHA(testutil.ConfigmapResourceType, ersNamespace, ersConfigmapWithConfigMapExcludeAnnotation, "www.facebook.com") + config := getConfigWithAnnotations(envVarPostfix, ersConfigmapWithConfigMapExcludeAnnotation, shaData, "", options.ConfigmapReloaderAutoAnnotation) + deploymentFuncs := GetDeploymentRollingUpgradeFuncs() + collectors := getCollectors() + + err := PerformAction(clients, config, deploymentFuncs, collectors, nil, invokeReloadStrategy) + time.Sleep(5 * time.Second) + if err != nil { + t.Errorf("Rolling upgrade failed for Deployment with exclude ConfigMap") + } + + logrus.Infof("Verifying deployment did not update") + updated := testutil.VerifyResourceEnvVarUpdate(clients, config, envVarPostfix, deploymentFuncs) + if updated { + t.Errorf("Deployment which had to be excluded was updated") + } } func TestRollingUpgradeForDeploymentWithConfigMapAutoAnnotationUsingErs(t *testing.T) { @@ -2993,7 +3177,7 @@ func TestRollingUpgradeForDeploymentWithConfigMapAutoAnnotationUsingErs(t *testi t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, deploymentFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDaemonSetWithConfigmapUsingErs(t *testing.T) { @@ -3025,7 +3209,7 @@ func TestRollingUpgradeForDaemonSetWithConfigmapUsingErs(t *testing.T) { t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDaemonSetWithConfigmapInProjectedVolumeUsingErs(t *testing.T) { @@ -3057,7 +3241,7 @@ func TestRollingUpgradeForDaemonSetWithConfigmapInProjectedVolumeUsingErs(t *tes t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDaemonSetWithConfigmapAsEnvVarUsingErs(t *testing.T) { @@ -3089,7 +3273,7 @@ func TestRollingUpgradeForDaemonSetWithConfigmapAsEnvVarUsingErs(t *testing.T) { t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDaemonSetWithSecretUsingErs(t *testing.T) { @@ -3121,7 +3305,7 @@ func TestRollingUpgradeForDaemonSetWithSecretUsingErs(t *testing.T) { t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDaemonSetWithSecretInProjectedVolumeUsingErs(t *testing.T) { @@ -3153,7 +3337,7 @@ func TestRollingUpgradeForDaemonSetWithSecretInProjectedVolumeUsingErs(t *testin t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, daemonSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForStatefulSetWithConfigmapUsingErs(t *testing.T) { @@ -3185,7 +3369,7 @@ func TestRollingUpgradeForStatefulSetWithConfigmapUsingErs(t *testing.T) { t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, statefulSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, statefulSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForStatefulSetWithConfigmapInProjectedVolumeUsingErs(t *testing.T) { @@ -3217,7 +3401,7 @@ func TestRollingUpgradeForStatefulSetWithConfigmapInProjectedVolumeUsingErs(t *t t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, statefulSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, statefulSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForStatefulSetWithSecretUsingErs(t *testing.T) { @@ -3281,7 +3465,7 @@ func TestRollingUpgradeForStatefulSetWithSecretInProjectedVolumeUsingErs(t *test t.Errorf("Counter by namespace was not increased") } - testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, statefulSetFuncs, collectors, envVarPostfix) + testRollingUpgradeInvokeDeleteStrategyErs(t, clients, config, statefulSetFuncs, collectors, envVarPostfix) } func TestRollingUpgradeForDeploymentWithPodAnnotationsUsingErs(t *testing.T) { diff --git a/internal/pkg/options/flags.go b/internal/pkg/options/flags.go index a1ae090..c252def 100644 --- a/internal/pkg/options/flags.go +++ b/internal/pkg/options/flags.go @@ -17,6 +17,10 @@ var ( ConfigmapReloaderAutoAnnotation = "configmap.reloader.stakater.com/auto" // SecretReloaderAutoAnnotation is an annotation to detect changes in secrets SecretReloaderAutoAnnotation = "secret.reloader.stakater.com/auto" + // ConfigmapReloaderAutoAnnotation is a comma separated list of configmaps that excludes detecting changes on cms + ConfigmapExcludeReloaderAnnotation = "configmaps.exclude.reloader.stakater.com/reload" + // SecretExcludeReloaderAnnotation is a comma separated list of secrets that excludes detecting changes on secrets + SecretExcludeReloaderAnnotation = "secrets.exclude.reloader.stakater.com/reload" // AutoSearchAnnotation is an annotation to detect changes in // configmaps or triggers with the SearchMatchAnnotation AutoSearchAnnotation = "reloader.stakater.com/search" diff --git a/internal/pkg/testutil/kube.go b/internal/pkg/testutil/kube.go index 52780d1..3faa1d2 100644 --- a/internal/pkg/testutil/kube.go +++ b/internal/pkg/testutil/kube.go @@ -503,6 +503,37 @@ func GetDeploymentWithTypedAutoAnnotation(namespace string, deploymentName strin } } +func GetDeploymentWithExcludeAnnotation(namespace string, deploymentName string, resourceType string) *appsv1.Deployment { + replicaset := int32(1) + + annotation := map[string]string{} + + if resourceType == SecretResourceType { + annotation[options.SecretExcludeReloaderAnnotation] = deploymentName + } else if resourceType == ConfigmapResourceType { + annotation[options.ConfigmapExcludeReloaderAnnotation] = deploymentName + } + + return &appsv1.Deployment{ + ObjectMeta: metav1.ObjectMeta{ + Name: deploymentName, + Namespace: namespace, + Labels: map[string]string{"firstLabel": "temp"}, + Annotations: annotation, + }, + Spec: appsv1.DeploymentSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: map[string]string{"secondLabel": "temp"}, + }, + Replicas: &replicaset, + Strategy: appsv1.DeploymentStrategy{ + Type: appsv1.RollingUpdateDeploymentStrategyType, + }, + Template: getPodTemplateSpecWithVolumes(deploymentName), + }, + } +} + // GetDaemonSet provides daemonset for testing func GetDaemonSet(namespace string, daemonsetName string) *appsv1.DaemonSet { return &appsv1.DaemonSet{ @@ -773,6 +804,15 @@ func CreateDeploymentWithTypedAutoAnnotation(client kubernetes.Interface, deploy return deployment, err } +// CreateDeploymentWithExcludeAnnotation creates a deployment in given namespace and returns the Deployment with typed auto annotation +func CreateDeploymentWithExcludeAnnotation(client kubernetes.Interface, deploymentName string, namespace string, resourceType string) (*appsv1.Deployment, error) { + logrus.Infof("Creating Deployment") + deploymentClient := client.AppsV1().Deployments(namespace) + deploymentObj := GetDeploymentWithExcludeAnnotation(namespace, deploymentName, resourceType) + deployment, err := deploymentClient.Create(context.TODO(), deploymentObj, metav1.CreateOptions{}) + return deployment, err +} + // CreateDaemonSet creates a deployment in given namespace and returns the DaemonSet func CreateDaemonSet(client kubernetes.Interface, daemonsetName string, namespace string, volumeMount bool) (*appsv1.DaemonSet, error) { logrus.Infof("Creating DaemonSet") From 2cd4f2397ace9b4bbb006ec8a56517a9ec18f3d8 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Mon, 18 Nov 2024 11:11:34 +0500 Subject: [PATCH 24/35] Add workflow for helm chart push --- .github/workflows/push-helm-chart.yaml | 103 +++++++++++++++++++++++++ 1 file changed, 103 insertions(+) create mode 100644 .github/workflows/push-helm-chart.yaml diff --git a/.github/workflows/push-helm-chart.yaml b/.github/workflows/push-helm-chart.yaml new file mode 100644 index 0000000..d87cfa7 --- /dev/null +++ b/.github/workflows/push-helm-chart.yaml @@ -0,0 +1,103 @@ +name: Push Helm Chart + +on: + pull_request: + types: + - closed + branches: + - master + paths: + - 'deployments/kubernetes/chart/reloader/**' + +env: + HELM_REGISTRY_URL: "https://stakater.github.io/stakater-charts" + REGISTRY: ghcr.io + +jobs: + build: + + permissions: + contents: read + packages: write # to push artifacts to `ghcr.io` + + name: Build + if: github.event.pull_request.merged == true + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + with: + token: ${{ secrets.PUBLISH_TOKEN }} + fetch-depth: 0 # otherwise, you will fail to push refs to dest repo + submodules: recursive + + # Setting up helm binary + - name: Set up Helm + uses: azure/setup-helm@v4 + with: + version: v3.11.3 + + - name: Add Stakater Helm Repo + run: | + helm repo add stakater https://stakater.github.io/stakater-charts + + - name: Get version for chart from helm repo + id: chart_eval + run: | + current_chart_version=$(helm search repo stakater/reloader | tail -n 1 | awk '{print $2}') + echo "CURRENT_CHART_VERSION=$(echo ${current_chart_version})" >> $GITHUB_OUTPUT + + - name: Get Updated Chart version from Chart.yaml + uses: mikefarah/yq@master + id: new_chart_version + with: + cmd: yq e '.version' deployments/kubernetes/chart/reloader/Chart.yaml + + - name: Check Version + uses: aleoyakas/check-semver-increased-action@v1 + id: check-version + with: + current-version: ${{ steps.new_chart_version.outputs.result }} + previous-version: ${{ steps.chart_eval.outputs.CURRENT_CHART_VERSION }} + + - name: Fail if Helm Chart version isnt updated + if: steps.check-version.outputs.is-version-increased != 'true' + run: | + echo "Helm Chart Version wasnt updated" + exit 1 + + # Publish helm chart + - name: Login to ghcr via helm + run: | + echo ${{secrets.GITHUB_TOKEN}} | helm registry login ghcr.io/stakater --username stakater-user --password-stdin + + - name: Publish Helm chart to ghcr.io + run: | + helm package ./deployments/kubernetes/chart/reloader --destination ./packaged-chart + helm push ./packaged-chart/*.tgz oci://ghcr.io/stakater/charts + rm -rf ./packaged-chart + + - name: Publish Helm chart to gh-pages + uses: stefanprodan/helm-gh-pages@master + with: + branch: master + repository: stakater-charts + target_dir: docs + token: ${{ secrets.STAKATER_GITHUB_TOKEN }} + charts_dir: deployments/kubernetes/chart/ + charts_url: ${{ env.HELM_REGISTRY_URL }} + owner: stakater + linting: on + commit_username: stakater-user + commit_email: stakater@gmail.com + + - name: Notify Slack + uses: 8398a7/action-slack@v3 + if: always() # Pick up events even if the job fails or is canceled. + with: + status: ${{ job.status }} + fields: repo,author,action,eventName,ref,workflow + env: + GITHUB_TOKEN: ${{ secrets.PUBLISH_TOKEN }} + SLACK_WEBHOOK_URL: ${{ secrets.STAKATER_DELIVERY_SLACK_WEBHOOK }} From 865a985bcdb106a9775a68ee07f48b1750e56486 Mon Sep 17 00:00:00 2001 From: Muneeb Aijaz <43588696+MuneebAijaz@users.noreply.github.com> Date: Mon, 18 Nov 2024 15:04:39 +0500 Subject: [PATCH 25/35] Pin version for checkout action --- .github/workflows/init-branch-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/init-branch-release.yaml b/.github/workflows/init-branch-release.yaml index 142643b..3c8170d 100644 --- a/.github/workflows/init-branch-release.yaml +++ b/.github/workflows/init-branch-release.yaml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4.2 + uses: actions/checkout@v4.2.2 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} From c9b919f2f44d7ec79d14c8b33cdee59f049740ad Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Mon, 18 Nov 2024 16:18:29 +0500 Subject: [PATCH 26/35] Remove chart bump from init release since its not relevant --- .github/workflows/init-branch-release.yaml | 1 - Makefile | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/init-branch-release.yaml b/.github/workflows/init-branch-release.yaml index 142643b..b6684f2 100644 --- a/.github/workflows/init-branch-release.yaml +++ b/.github/workflows/init-branch-release.yaml @@ -48,7 +48,6 @@ jobs: run: | set -ue VERSION=${{ inputs.TARGET_VERSION }} make update-manifests-version - VERSION=${{ inputs.TARGET_VERSION }} make bump-chart git diff - name: Generate new set of manifests diff --git a/Makefile b/Makefile index f4a725d..5668d59 100644 --- a/Makefile +++ b/Makefile @@ -155,7 +155,7 @@ k8s-manifests: $(KUSTOMIZE) ## Generate k8s manifests using Kustomize from 'mani .PHONY: update-manifests-version update-manifests-version: ## Generate k8s manifests using Kustomize from 'manifests' folder - sed -i 's/image: "ghcr.io\/stakater\/reloader:latest"/image: \"ghcr.io\/stakater\/reloader:v$(VERSION)"/g' deployments/kubernetes/manifests/deployment.yaml + sed -i 's/image:.*/image: \"ghcr.io\/stakater\/reloader:v$(VERSION)"/g' deployments/kubernetes/manifests/deployment.yaml # Bump Chart bump-chart: From 93e7aca14690b3c6af28a3bdeabe319ee035aa2c Mon Sep 17 00:00:00 2001 From: Muneeb Aijaz <43588696+MuneebAijaz@users.noreply.github.com> Date: Tue, 19 Nov 2024 10:43:04 +0500 Subject: [PATCH 27/35] Update push-helm-chart.yaml --- .github/workflows/push-helm-chart.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/push-helm-chart.yaml b/.github/workflows/push-helm-chart.yaml index d87cfa7..507a083 100644 --- a/.github/workflows/push-helm-chart.yaml +++ b/.github/workflows/push-helm-chart.yaml @@ -67,10 +67,12 @@ jobs: echo "Helm Chart Version wasnt updated" exit 1 - # Publish helm chart - - name: Login to ghcr via helm - run: | - echo ${{secrets.GITHUB_TOKEN}} | helm registry login ghcr.io/stakater --username stakater-user --password-stdin + - name: Login to GHCR Registry + uses: docker/login-action@v2 + with: + registry: ghcr.io/stakater + username: ${{ secrets.GHCR_USERNAME }} + password: ${{ secrets.GHCR_TOKEN }} - name: Publish Helm chart to ghcr.io run: | @@ -84,7 +86,7 @@ jobs: branch: master repository: stakater-charts target_dir: docs - token: ${{ secrets.STAKATER_GITHUB_TOKEN }} + token: ${{ secrets.PUBLISH_TOKEN }} charts_dir: deployments/kubernetes/chart/ charts_url: ${{ env.HELM_REGISTRY_URL }} owner: stakater From 26ce08305346e422c02158b51133ada3b93b2998 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 19 Nov 2024 05:59:31 +0000 Subject: [PATCH 28/35] chore(deps): update docker/login-action action to v3 --- .github/workflows/push-helm-chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push-helm-chart.yaml b/.github/workflows/push-helm-chart.yaml index 507a083..48361c8 100644 --- a/.github/workflows/push-helm-chart.yaml +++ b/.github/workflows/push-helm-chart.yaml @@ -68,7 +68,7 @@ jobs: exit 1 - name: Login to GHCR Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io/stakater username: ${{ secrets.GHCR_USERNAME }} From f3bf76bb9d8078327ecb3ed8fa56c2394b012e68 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 20 Nov 2024 12:07:35 +0500 Subject: [PATCH 29/35] Update helm chart - 1.2.0 --- deployments/kubernetes/chart/reloader/Chart.yaml | 4 ++-- deployments/kubernetes/chart/reloader/values.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/deployments/kubernetes/chart/reloader/Chart.yaml b/deployments/kubernetes/chart/reloader/Chart.yaml index 08ed81c..28a0922 100644 --- a/deployments/kubernetes/chart/reloader/Chart.yaml +++ b/deployments/kubernetes/chart/reloader/Chart.yaml @@ -3,8 +3,8 @@ apiVersion: v1 name: reloader description: Reloader chart that runs on kubernetes -version: 1.1.1 -appVersion: v1.1.0 +version: 1.2.0 +appVersion: v1.2.0 keywords: - Reloader - kubernetes diff --git a/deployments/kubernetes/chart/reloader/values.yaml b/deployments/kubernetes/chart/reloader/values.yaml index 3e4e52a..523e87d 100644 --- a/deployments/kubernetes/chart/reloader/values.yaml +++ b/deployments/kubernetes/chart/reloader/values.yaml @@ -94,11 +94,11 @@ reloader: labels: provider: stakater group: com.stakater.platform - version: v1.1.0 + version: v1.2.0 image: name: ghcr.io/stakater/reloader base: stakater/reloader - tag: v1.1.0 + tag: v1.2.0 pullPolicy: IfNotPresent # Support for extra environment variables. env: From 33710457ef746c32afe891c73363af76b48235b9 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 20 Nov 2024 12:27:53 +0500 Subject: [PATCH 30/35] separate out workflows --- .github/workflows/pull_request-helm.yaml | 78 ++++++++++++++++++++++++ .github/workflows/pull_request.yaml | 61 +----------------- 2 files changed, 80 insertions(+), 59 deletions(-) create mode 100644 .github/workflows/pull_request-helm.yaml diff --git a/.github/workflows/pull_request-helm.yaml b/.github/workflows/pull_request-helm.yaml new file mode 100644 index 0000000..ff1efae --- /dev/null +++ b/.github/workflows/pull_request-helm.yaml @@ -0,0 +1,78 @@ +name: Pull Request Workflow for Helm Chart changes + +on: + pull_request: + branches: + - master + paths: + - 'deployments/kubernetes/chart/reloader/**' + +env: + DOCKER_FILE_PATH: Dockerfile + DOCKER_UBI_FILE_PATH: Dockerfile.ubi + KUBERNETES_VERSION: "1.30.0" + KIND_VERSION: "0.23.0" + REGISTRY: ghcr.io + +jobs: + qa: + uses: stakater/.github/.github/workflows/pull_request_doc_qa.yaml@v0.0.98 + with: + MD_CONFIG: .github/md_config.json + DOC_SRC: README.md + MD_LINT_CONFIG: .markdownlint.yaml + + helm-validation: + permissions: + contents: read + + runs-on: ubuntu-latest + name: Helm Chart Validation + + steps: + + - name: Check out code + uses: actions/checkout@v4 + with: + ref: ${{github.event.pull_request.head.sha}} + fetch-depth: 0 + + # Setting up helm binary + - name: Set up Helm + uses: azure/setup-helm@v4 + with: + version: v3.11.3 + + - name: Helm chart unit tests + uses: d3adb5/helm-unittest-action@v2 + with: + charts: deployments/kubernetes/chart/reloader + + - name: Add Stakater Helm Repo + run: | + helm repo add stakater https://stakater.github.io/stakater-charts + + - name: Get version for chart from helm repo + id: chart_eval + run: | + current_chart_version=$(helm search repo stakater/reloader | tail -n 1 | awk '{print $2}') + echo "CURRENT_CHART_VERSION=$(echo ${current_chart_version})" >> $GITHUB_OUTPUT + + - name: Get Updated Chart version from Chart.yaml + uses: mikefarah/yq@master + id: new_chart_version + with: + cmd: yq e '.version' deployments/kubernetes/chart/reloader/Chart.yaml + + - name: Check Version + uses: aleoyakas/check-semver-increased-action@v1 + id: check-version + with: + current-version: ${{ steps.new_chart_version.outputs.result }} + previous-version: ${{ steps.chart_eval.outputs.CURRENT_CHART_VERSION }} + + - name: Fail if Helm Chart version isnt updated + if: steps.check-version.outputs.is-version-increased != 'true' + run: | + echo "Helm Chart Version wasnt updated" + exit 1 diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index c3e96e3..0a9474b 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -1,4 +1,4 @@ -name: Pull Request +name: Pull Request Workflow for Code changes on: pull_request: @@ -14,6 +14,7 @@ on: - '!docs/**' - '!theme_common' - '!theme_override' + - '!deployments/kubernetes/chart/reloader/**' env: DOCKER_FILE_PATH: Dockerfile @@ -173,61 +174,3 @@ jobs: outputs: helm_chart_changed: ${{ steps.filter.outputs.chart }} - - helm-validation: - permissions: - contents: read - - runs-on: ubuntu-latest - name: Helm Chart Validation - needs: - - build - - if: ${{ needs.build.outputs.helm_chart_changed }} == "true" - steps: - - - name: Check out code - uses: actions/checkout@v4 - with: - ref: ${{github.event.pull_request.head.sha}} - fetch-depth: 0 - - # Setting up helm binary - - name: Set up Helm - uses: azure/setup-helm@v4 - with: - version: v3.11.3 - - - name: Helm chart unit tests - uses: d3adb5/helm-unittest-action@v2 - with: - charts: deployments/kubernetes/chart/reloader - - - name: Add Stakater Helm Repo - run: | - helm repo add stakater https://stakater.github.io/stakater-charts - - - name: Get version for chart from helm repo - id: chart_eval - run: | - current_chart_version=$(helm search repo stakater/reloader | tail -n 1 | awk '{print $2}') - echo "CURRENT_CHART_VERSION=$(echo ${current_chart_version})" >> $GITHUB_OUTPUT - - - name: Get Updated Chart version from Chart.yaml - uses: mikefarah/yq@master - id: new_chart_version - with: - cmd: yq e '.version' deployments/kubernetes/chart/reloader/Chart.yaml - - - name: Check Version - uses: aleoyakas/check-semver-increased-action@v1 - id: check-version - with: - current-version: ${{ steps.new_chart_version.outputs.result }} - previous-version: ${{ steps.chart_eval.outputs.CURRENT_CHART_VERSION }} - - - name: Fail if Helm Chart version isnt updated - if: steps.check-version.outputs.is-version-increased != 'true' - run: | - echo "Helm Chart Version wasnt updated" - exit 1 From d784b552eec2c4be8ce11271d422d4cbc282dabe Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 20 Nov 2024 12:30:49 +0500 Subject: [PATCH 31/35] separate out workflows --- .github/workflows/pull_request-helm.yaml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/pull_request-helm.yaml b/.github/workflows/pull_request-helm.yaml index ff1efae..8bb5d60 100644 --- a/.github/workflows/pull_request-helm.yaml +++ b/.github/workflows/pull_request-helm.yaml @@ -15,12 +15,6 @@ env: REGISTRY: ghcr.io jobs: - qa: - uses: stakater/.github/.github/workflows/pull_request_doc_qa.yaml@v0.0.98 - with: - MD_CONFIG: .github/md_config.json - DOC_SRC: README.md - MD_LINT_CONFIG: .markdownlint.yaml helm-validation: permissions: From 22f6c3e461fee65a666c7310768b3ab2a990ae55 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 20 Nov 2024 12:31:26 +0500 Subject: [PATCH 32/35] separate out workflows --- .github/workflows/pull_request.yaml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 0a9474b..3a7894d 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -163,14 +163,3 @@ jobs: org.opencontainers.image.source=${{ github.event.repository.clone_url }} org.opencontainers.image.created=${{ steps.prep.outputs.created }} org.opencontainers.image.revision=${{ github.sha }} - - - name: Check if Helm validation needs to run - uses: dorny/paths-filter@v3 - id: filter - with: - filters: | - chart: - - 'deployments/kubernetes/chart/reloader/**' - - outputs: - helm_chart_changed: ${{ steps.filter.outputs.chart }} From 38ab09a5af780538b77157dca4f70c1752b8bd2f Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 20 Nov 2024 13:28:13 +0500 Subject: [PATCH 33/35] Fix for helm chart push tokens --- .github/workflows/push-helm-chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/push-helm-chart.yaml b/.github/workflows/push-helm-chart.yaml index 507a083..adbc4b2 100644 --- a/.github/workflows/push-helm-chart.yaml +++ b/.github/workflows/push-helm-chart.yaml @@ -70,9 +70,9 @@ jobs: - name: Login to GHCR Registry uses: docker/login-action@v2 with: - registry: ghcr.io/stakater - username: ${{ secrets.GHCR_USERNAME }} - password: ${{ secrets.GHCR_TOKEN }} + registry: ${{env.REGISTRY}} + username: stakater-user + password: ${{secrets.GITHUB_TOKEN}} - name: Publish Helm chart to ghcr.io run: | @@ -86,7 +86,7 @@ jobs: branch: master repository: stakater-charts target_dir: docs - token: ${{ secrets.PUBLISH_TOKEN }} + token: ${{ secrets.GHCR_TOKEN }} charts_dir: deployments/kubernetes/chart/ charts_url: ${{ env.HELM_REGISTRY_URL }} owner: stakater From bf6360752d04182439f3e3d5c62e68e3924dfad2 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 20 Nov 2024 13:28:50 +0500 Subject: [PATCH 34/35] Fix for helm chart push tokens --- .github/workflows/push-helm-chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/push-helm-chart.yaml b/.github/workflows/push-helm-chart.yaml index adbc4b2..da06835 100644 --- a/.github/workflows/push-helm-chart.yaml +++ b/.github/workflows/push-helm-chart.yaml @@ -70,9 +70,9 @@ jobs: - name: Login to GHCR Registry uses: docker/login-action@v2 with: - registry: ${{env.REGISTRY}} + registry: ${{ env.REGISTRY }} username: stakater-user - password: ${{secrets.GITHUB_TOKEN}} + password: ${{ secrets.GITHUB_TOKEN }} - name: Publish Helm chart to ghcr.io run: | From a39100ab359548d378a416bd41d6a79775928948 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Wed, 20 Nov 2024 13:30:01 +0500 Subject: [PATCH 35/35] Fix for helm chart push tokens --- .github/workflows/push-helm-chart.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/push-helm-chart.yaml b/.github/workflows/push-helm-chart.yaml index da06835..aa5fee0 100644 --- a/.github/workflows/push-helm-chart.yaml +++ b/.github/workflows/push-helm-chart.yaml @@ -8,6 +8,7 @@ on: - master paths: - 'deployments/kubernetes/chart/reloader/**' + - '.github/workflows/push-helm-chart.yaml' env: HELM_REGISTRY_URL: "https://stakater.github.io/stakater-charts"