diff --git a/.github/workflows/common.yaml b/.github/workflows/common.yaml new file mode 100644 index 000000000..0c6009415 --- /dev/null +++ b/.github/workflows/common.yaml @@ -0,0 +1,28 @@ +name: Build common Workflow +on: + push: + paths: + - 'charts/common/**' + - '.github/workflows/common.yaml' + +jobs: + pipeline: + concurrency: + group: common-${{ github.ref }} + cancel-in-progress: true + uses: openmfp/gha/.github/workflows/pipeline-chart.yml@main + with: + chartFolder: charts + chartName: common + additionalTestFilesCommand: '' + chartRepos: 'bitnami=https://charts.bitnami.com/bitnami,openfga=https://openfga.github.io/helm-charts' + secrets: inherit + + updateVersionFile: + if: ${{ github.ref == 'refs/heads/main' }} + needs: [pipeline] + uses: openmfp/gha/.github/workflows/job-update-version-file.yml@main + secrets: inherit + with: + componentVersionKey: "common" + version: ${{ needs.pipeline.outputs.version }} \ No newline at end of file diff --git a/Taskfile.yaml b/Taskfile.yaml index 1de1b48cc..b805157fe 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -15,19 +15,15 @@ tasks: - helm package ./charts/openmfp helmtest: cmds: - - helm unittest ./charts/common - - helm unittest ./charts/account-operator-crds - - helm unittest ./charts/account-operator + - "for chart in $(echo {{.CHARTS}} | tr ',' ' '); do helm unittest $chart; done" test: deps: - task: helmtest update: cmds: - - helm dependency update ./charts/common - - helm dependency update ./charts/account-operator-crds - - helm dependency update ./charts/account-operator + - "for chart in $(echo {{.CHARTS}} | tr ',' ' '); do helm dependency update $chart; done" validate: cmds: - task: lint - task: package - - task: test + - task: test \ No newline at end of file diff --git a/charts/account-operator/Chart.lock b/charts/account-operator/Chart.lock index 172b41a30..e1127ba64 100644 --- a/charts/account-operator/Chart.lock +++ b/charts/account-operator/Chart.lock @@ -4,6 +4,6 @@ dependencies: version: 0.1.4 - name: common repository: file://../common - version: 0.1.3 -digest: sha256:ecdfbd09cac50aef69e9ea41eac7ef3e80284d8ab273ed416daadf48d89de053 -generated: "2024-11-14T20:28:13.309725+01:00" + version: 0.1.4 +digest: sha256:53e54ba3caca17b02488e6900343bed1c7ee97f79aebe10b572956a4f11ccc6e +generated: "2024-11-21T15:07:29.093387942+02:00" diff --git a/charts/account-operator/Chart.yaml b/charts/account-operator/Chart.yaml index 9e7245f7c..bc4fb6a27 100644 --- a/charts/account-operator/Chart.yaml +++ b/charts/account-operator/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: account-operator description: A Helm chart for Kubernetes type: application -version: 0.4.11 +version: 0.4.12 appVersion: "0.101.0" dependencies: - name: account-operator-crds @@ -10,5 +10,5 @@ dependencies: condition: crds.enabled repository: file://../account-operator-crds - name: common - version: 0.1.3 + version: 0.1.4 repository: file://../common diff --git a/charts/account-operator/charts/account-operator-crds-0.1.4.tgz b/charts/account-operator/charts/account-operator-crds-0.1.4.tgz index 71d86a260..bcf4a5876 100644 Binary files a/charts/account-operator/charts/account-operator-crds-0.1.4.tgz and b/charts/account-operator/charts/account-operator-crds-0.1.4.tgz differ diff --git a/charts/account-operator/charts/common-0.1.3.tgz b/charts/account-operator/charts/common-0.1.3.tgz deleted file mode 100644 index f43330754..000000000 Binary files a/charts/account-operator/charts/common-0.1.3.tgz and /dev/null differ diff --git a/charts/account-operator/charts/common-0.1.4.tgz b/charts/account-operator/charts/common-0.1.4.tgz new file mode 100644 index 000000000..cee7728e5 Binary files /dev/null and b/charts/account-operator/charts/common-0.1.4.tgz differ diff --git a/charts/account-operator/templates/cluster-role.yaml b/charts/account-operator/templates/cluster-role.yaml index 0935a46c8..d596a6b74 100644 --- a/charts/account-operator/templates/cluster-role.yaml +++ b/charts/account-operator/templates/cluster-role.yaml @@ -1,7 +1,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ include "entity.name" . }} + name: {{ include "common.entity.name" . }} rules: - apiGroups: - core.openmfp.io diff --git a/charts/account-operator/templates/cluster-rolebinding.yaml b/charts/account-operator/templates/cluster-rolebinding.yaml index 11a6492a1..45876e6f2 100644 --- a/charts/account-operator/templates/cluster-rolebinding.yaml +++ b/charts/account-operator/templates/cluster-rolebinding.yaml @@ -1,12 +1,12 @@ kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: {{ include "entity.name" . }} + name: {{ include "common.entity.name" . }} subjects: - kind: ServiceAccount - name: {{ include "entity.name" . }} + name: {{ include "common.entity.name" . }} namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole - name: {{ include "entity.name" . }} + name: {{ include "common.entity.name" . }} apiGroup: rbac.authorization.k8s.io diff --git a/charts/account-operator/templates/deployment.yaml b/charts/account-operator/templates/deployment.yaml index fbb710b93..5dbe63a07 100644 --- a/charts/account-operator/templates/deployment.yaml +++ b/charts/account-operator/templates/deployment.yaml @@ -1,21 +1,21 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ include "entity.name" . }} + name: {{ include "common.entity.name" . }} namespace: {{ .Release.Namespace }} {{- if .Values.webhooks.enabled }} annotations: - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "entity.name" . }}-serving-cert + cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "common.entity.name" . }}-serving-cert {{- end }} spec: revisionHistoryLimit: {{ .Values.deployment.revisionHistoryLimit }} selector: matchLabels: - service: {{ include "entity.name" . }} + service: {{ include "common.entity.name" . }} template: metadata: labels: - service: {{ include "entity.name" . }} + service: {{ include "common.entity.name" . }} control-plane: controller-manager {{- with .Values.deployment.specTemplate.labels }} {{- toYaml . | nindent 8 }} @@ -28,7 +28,7 @@ spec: traffic.sidecar.istio.io/excludeInboundPorts: "9443" {{- end }} spec: - serviceAccountName: {{ include "entity.name" . }} + serviceAccountName: {{ include "common.entity.name" . }} containers: - args: - operator @@ -122,7 +122,7 @@ spec: - name: cert secret: defaultMode: 420 - secretName: {{ include "entity.name" . }}-webhook-server-cert + secretName: {{ include "common.entity.name" . }}-webhook-server-cert {{- end }} diff --git a/charts/account-operator/templates/service-account.yaml b/charts/account-operator/templates/service-account.yaml index ae4599a68..2eaf7c467 100644 --- a/charts/account-operator/templates/service-account.yaml +++ b/charts/account-operator/templates/service-account.yaml @@ -1,6 +1,6 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "entity.name" . }} + name: {{ include "common.entity.name" . }} namespace: {{ .Release.Namespace }} -{{- include "global.imagePullSecret" . }} +{{- include "common.imagePullSecret" . }} diff --git a/charts/account-operator/templates/webhook/mutation-webhook.yaml b/charts/account-operator/templates/webhook/mutation-webhook.yaml index d9e1b9042..67d469527 100644 --- a/charts/account-operator/templates/webhook/mutation-webhook.yaml +++ b/charts/account-operator/templates/webhook/mutation-webhook.yaml @@ -2,15 +2,15 @@ apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: - name: {{ include "entity.name" . }}-mutating-webhook-configuration + name: {{ include "common.entity.name" . }}-mutating-webhook-configuration annotations: - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "entity.name" . }}-serving-cert + cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "common.entity.name" . }}-serving-cert webhooks: - admissionReviewVersions: - v1 clientConfig: service: - name: {{ include "entity.name" . }}-webhook + name: {{ include "common.entity.name" . }}-webhook namespace: {{ .Release.Namespace }} path: /mutate-core-openmfp-io-v1alpha1-account failurePolicy: Fail diff --git a/charts/account-operator/templates/webhook/pki.yaml b/charts/account-operator/templates/webhook/pki.yaml index 7c8898ebf..a0375a863 100644 --- a/charts/account-operator/templates/webhook/pki.yaml +++ b/charts/account-operator/templates/webhook/pki.yaml @@ -2,7 +2,7 @@ apiVersion: cert-manager.io/v1 kind: Issuer metadata: - name: {{ include "entity.name" . }}-selfsigned-issuer + name: {{ include "common.entity.name" . }}-selfsigned-issuer namespace: {{ .Release.namespace }} spec: selfSigned: {} @@ -10,14 +10,14 @@ spec: apiVersion: cert-manager.io/v1 kind: Certificate metadata: - name: {{ include "entity.name" . }}-serving-cert + name: {{ include "common.entity.name" . }}-serving-cert namespace: {{ .Release.namespace }} spec: dnsNames: - - {{ include "entity.name" . }}-webhook.{{ .Release.Namespace }}.svc - - {{ include "entity.name" . }}-webhook.{{ .Release.Namespace }}.svc.cluster.local + - {{ include "common.entity.name" . }}-webhook.{{ .Release.Namespace }}.svc + - {{ include "common.entity.name" . }}-webhook.{{ .Release.Namespace }}.svc.cluster.local issuerRef: kind: Issuer - name: {{ include "entity.name" . }}-selfsigned-issuer - secretName: {{ include "entity.name" . }}-webhook-server-cert + name: {{ include "common.entity.name" . }}-selfsigned-issuer + secretName: {{ include "common.entity.name" . }}-webhook-server-cert {{- end -}} diff --git a/charts/account-operator/templates/webhook/service.yaml b/charts/account-operator/templates/webhook/service.yaml index 03a7b86e7..7c8eb409f 100644 --- a/charts/account-operator/templates/webhook/service.yaml +++ b/charts/account-operator/templates/webhook/service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "entity.name" . }}-webhook + name: {{ include "common.entity.name" . }}-webhook namespace: {{ .Release.Namespace }} spec: ports: @@ -10,6 +10,6 @@ spec: protocol: TCP targetPort: 9443 selector: - service: {{ include "entity.name" . }} + service: {{ include "common.entity.name" . }} control-plane: controller-manager {{- end -}} diff --git a/charts/common/Chart.yaml b/charts/common/Chart.yaml index 4b819a39a..72d57d310 100644 --- a/charts/common/Chart.yaml +++ b/charts/common/Chart.yaml @@ -4,4 +4,4 @@ description: A Helm chart for Kubernetes type: library -version: 0.1.3 +version: 0.1.4 diff --git a/charts/common/templates/_certManagerEnabled.tpl b/charts/common/templates/_certManagerEnabled.tpl new file mode 100644 index 000000000..f46f4dee1 --- /dev/null +++ b/charts/common/templates/_certManagerEnabled.tpl @@ -0,0 +1,3 @@ +{{- define "common.certManagerEnabled" -}} +{{- default (.Values.certManager).enabled (((.Values.global).certManager).enabled) -}} +{{- end -}} \ No newline at end of file diff --git a/charts/common/templates/_entityName.tpl b/charts/common/templates/_entityName.tpl index 4681cf01c..a681b61de 100644 --- a/charts/common/templates/_entityName.tpl +++ b/charts/common/templates/_entityName.tpl @@ -1,4 +1,4 @@ -{{- define "entity.name" -}} +{{- define "common.entity.name" -}} {{- if contains .Chart.Name .Release.Name }} {{- printf "%s" .Chart.Name | trunc 63 }} {{- else }} diff --git a/charts/common/templates/_imagePullSecret.tpl b/charts/common/templates/_imagePullSecret.tpl index 6a8771952..6accdd07c 100644 --- a/charts/common/templates/_imagePullSecret.tpl +++ b/charts/common/templates/_imagePullSecret.tpl @@ -1,4 +1,4 @@ -{{- define "global.imagePullSecret" }} +{{- define "common.imagePullSecret" }} imagePullSecrets: - name: {{ default .Values.imagePullSecret (.Values.global).imagePullSecret }} {{- end -}} \ No newline at end of file diff --git a/charts/common/templates/_istioEnabled.tpl b/charts/common/templates/_istioEnabled.tpl new file mode 100644 index 000000000..778182c2f --- /dev/null +++ b/charts/common/templates/_istioEnabled.tpl @@ -0,0 +1,3 @@ +{{- define "common.istioEnabled" -}} +{{- default (.Values.istio).enabled (((.Values.global).istio).enabled) -}} +{{- end -}} \ No newline at end of file diff --git a/charts/common/test-chart/.helmignore b/charts/common/test-chart/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/common/test-chart/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/common/test-chart/Chart.lock b/charts/common/test-chart/Chart.lock new file mode 100644 index 000000000..0e52e7a74 --- /dev/null +++ b/charts/common/test-chart/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: file://.. + version: 0.1.4 +digest: sha256:03b950f56aee5eb8a4a6fb02669d74e1f7858f0c69d3162ae63b2e633f7c2686 +generated: "2024-11-20T13:25:22.886154+01:00" diff --git a/charts/common/test-chart/Chart.yaml b/charts/common/test-chart/Chart.yaml new file mode 100644 index 000000000..52f1bbebc --- /dev/null +++ b/charts/common/test-chart/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: test-chart +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" + +dependencies: + - name: common + version: 0.1.4 + repository: file://.. \ No newline at end of file diff --git a/charts/common/test-chart/charts/common-0.1.4.tgz b/charts/common/test-chart/charts/common-0.1.4.tgz new file mode 100644 index 000000000..e0e259d2d Binary files /dev/null and b/charts/common/test-chart/charts/common-0.1.4.tgz differ diff --git a/charts/common/test-chart/templates/vs.yaml b/charts/common/test-chart/templates/vs.yaml new file mode 100644 index 000000000..0f38c84b5 --- /dev/null +++ b/charts/common/test-chart/templates/vs.yaml @@ -0,0 +1,22 @@ +{{- if eq (include "common.istioEnabled" .) "true" -}} +apiVersion: networking.istio.io/v1beta1 +kind: VirtualService +metadata: + name: {{ include "common.entity.name" . }} + namespace: {{ .Release.Namespace }} +spec: + gateways: + - {{ .Release.Namespace }}/gateway + hosts: + - some.domain + http: + match: + - uri: + exact: some.domain + name: default + route: + - destination: + host: some.host + port: + number: 8080 +{{- end -}} \ No newline at end of file diff --git a/charts/common/test-chart/tests/__snapshot__/istio_test.yaml.snap b/charts/common/test-chart/tests/__snapshot__/istio_test.yaml.snap new file mode 100644 index 000000000..5fdbf1740 --- /dev/null +++ b/charts/common/test-chart/tests/__snapshot__/istio_test.yaml.snap @@ -0,0 +1,44 @@ +test global value: + 1: | + apiVersion: networking.istio.io/v1beta1 + kind: VirtualService + metadata: + name: RELEASE-NAME-test-chart + namespace: NAMESPACE + spec: + gateways: + - NAMESPACE/gateway + hosts: + - some.domain + http: + match: + - uri: + exact: some.domain + name: default + route: + - destination: + host: some.host + port: + number: 8080 +test local value: + 1: | + apiVersion: networking.istio.io/v1beta1 + kind: VirtualService + metadata: + name: RELEASE-NAME-test-chart + namespace: NAMESPACE + spec: + gateways: + - NAMESPACE/gateway + hosts: + - some.domain + http: + match: + - uri: + exact: some.domain + name: default + route: + - destination: + host: some.host + port: + number: 8080 diff --git a/charts/common/test-chart/tests/istio_test.yaml b/charts/common/test-chart/tests/istio_test.yaml new file mode 100644 index 000000000..5ce68dd65 --- /dev/null +++ b/charts/common/test-chart/tests/istio_test.yaml @@ -0,0 +1,24 @@ +suite: istio +templates: + - vs.yaml +values: + - ../values.yaml +tests: + - it: test global value + asserts: + - matchSnapshot: {} + set: + global.istio.enabled: true + - it: test local value + asserts: + - matchSnapshot: {} + set: + istio.enabled: true + - it: test local value disabled + asserts: + - matchSnapshot: {} + set: + istio.enabled: false + - it: test test no value + asserts: + - matchSnapshot: {} diff --git a/charts/common/test-chart/values.yaml b/charts/common/test-chart/values.yaml new file mode 100644 index 000000000..f39056bb1 --- /dev/null +++ b/charts/common/test-chart/values.yaml @@ -0,0 +1 @@ +a: b \ No newline at end of file