diff --git a/packages/kontinuous/tests/__snapshots__/pg.dev.yaml b/packages/kontinuous/tests/__snapshots__/pg.dev.yaml new file mode 100644 index 0000000000..a18bcaf0c7 --- /dev/null +++ b/packages/kontinuous/tests/__snapshots__/pg.dev.yaml @@ -0,0 +1,351 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`test build manifests with snapshots pg.dev 1`] = ` +"apiVersion: v1 +kind: Namespace +metadata: + annotations: + field.cattle.io/projectId: '1234' + kontinuous/gitBranch: feature-branch-1 + kontinuous/mainNamespace: 'true' + kapp.k14s.io/exists: '' + kontinuous/chartPath: project.fabrique.contrib.rancher-namespace + kontinuous/source: >- + project/charts/fabrique/charts/contrib/charts/rancher-namespace/templates/namespace.yaml + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + janitor/ttl: 7d + labels: + application: test-pg + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + kontinuous/deployment.env: test-pg-feature-branch-1 + kontinuous/ref: feature-branch-1 + kontinuous/gitSha: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/appVersion: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/resourceName: namespace-test-pg-feature-branch-1-48t4vxle + app.kubernetes.io/manifest-managed-by: kontinuous + app.kubernetes.io/manifest-created-by: kontinuous + cert: wildcard + name: test-pg-feature-branch-1 +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: netpol-ingress + namespace: test-pg-feature-branch-1 + annotations: + kontinuous/chartPath: project.fabrique.contrib.security-policies + kontinuous/source: >- + project/charts/fabrique/charts/contrib/charts/security-policies/templates/network-policy.yml + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + labels: + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + kontinuous/deployment.env: test-pg-feature-branch-1 + kontinuous/ref: feature-branch-1 + kontinuous/gitSha: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/appVersion: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/resourceName: networkpolicy-netpol-ingress-61ndxljw + app.kubernetes.io/manifest-managed-by: kontinuous + app.kubernetes.io/manifest-created-by: kontinuous +spec: + ingress: + - from: + - podSelector: {} + - from: + - namespaceSelector: + matchLabels: + network-policy/source: ingress-controller + - from: + - namespaceSelector: + matchLabels: + network-policy/source: monitoring + podSelector: {} + policyTypes: + - Ingress +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: default + annotations: + kontinuous/chartPath: project.fabrique.contrib.security-policies + kontinuous/source: >- + project/charts/fabrique/charts/contrib/charts/security-policies/templates/service-account.yaml + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + labels: + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + kontinuous/deployment.env: test-pg-feature-branch-1 + kontinuous/ref: feature-branch-1 + kontinuous/gitSha: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/appVersion: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/resourceName: serviceaccount-default-2g5dmk74 + app.kubernetes.io/manifest-managed-by: kontinuous + app.kubernetes.io/manifest-created-by: kontinuous + namespace: test-pg-feature-branch-1 +automountServiceAccountToken: false +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + component: hasura + application: test-pg + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + kontinuous/deployment.env: test-pg-feature-branch-1 + kontinuous/ref: feature-branch-1 + kontinuous/gitSha: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/appVersion: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/resourceName: deployment-hasura-3fivxu5u + app.kubernetes.io/manifest-managed-by: kontinuous + app.kubernetes.io/manifest-created-by: kontinuous + name: hasura + namespace: test-pg-feature-branch-1 + annotations: + kontinuous/chartPath: project.fabrique.contrib.hasura + kontinuous/source: >- + project/charts/fabrique/charts/contrib/charts/hasura/templates/deployment.yaml + kontinuous/plugin.needs: '[\\"pg\\"]' + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + kontinuous/depname.full: project.fabrique.contrib.hasura.deployment.hasura + kontinuous/depname.chartResource: hasura.deployment.hasura + kontinuous/depname.chartName: hasura + kontinuous/depname.chartPath: project.fabrique.contrib.hasura + kontinuous/depname.resourcePath: deployment.hasura + kontinuous/depname.resourceName: hasura + kontinuous/depname.chartNameTopFull: hasura + kontinuous/depname.chartNameTop: hasura + kontinuous/plugin.log: 'false' + reloader.stakater.com/auto: 'true' +spec: + replicas: 1 + selector: + matchLabels: + component: hasura + template: + metadata: + labels: + component: hasura + application: test-pg + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + kontinuous/deployment.env: test-pg-feature-branch-1 + kontinuous/ref: feature-branch-1 + kontinuous/gitSha: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/appVersion: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/resourceName: deployment-hasura-3fivxu5u + app.kubernetes.io/manifest-managed-by: kontinuous + app.kubernetes.io/manifest-created-by: kontinuous + annotations: + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + spec: + containers: + - image: >- + harbor.fabrique.social.gouv.fr/test-pg/hasura:sha-ffac537e6cbbf934b08745a378932722df287a53 + livenessProbe: + failureThreshold: 15 + httpGet: + path: /healthz + port: http + initialDelaySeconds: 30 + periodSeconds: 5 + timeoutSeconds: 5 + name: hasura + ports: + - containerPort: 8080 + name: http + readinessProbe: + failureThreshold: 15 + httpGet: + path: /healthz + port: http + initialDelaySeconds: 30 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + cpu: 3 + memory: 8Gi + requests: + cpu: 41m + memory: 121Mi + startupProbe: + failureThreshold: 30 + httpGet: + path: /healthz + port: http + periodSeconds: 5 + env: [] + envFrom: + - secretRef: + name: hasura + - secretRef: + name: pg-user + - configMapRef: + name: hasura-configmap +--- +apiVersion: v1 +kind: Service +metadata: + labels: + component: hasura + application: test-pg + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + kontinuous/deployment.env: test-pg-feature-branch-1 + kontinuous/ref: feature-branch-1 + kontinuous/gitSha: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/appVersion: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/resourceName: service-hasura-2b56e0cf + app.kubernetes.io/manifest-managed-by: kontinuous + app.kubernetes.io/manifest-created-by: kontinuous + name: hasura + namespace: test-pg-feature-branch-1 + annotations: + kontinuous/chartPath: project.fabrique.contrib.hasura + kontinuous/source: >- + project/charts/fabrique/charts/contrib/charts/hasura/templates/service.yaml + kontinuous/plugin.needs: '[\\"pg\\"]' + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 +spec: + ports: + - name: http + port: 80 + targetPort: 8080 + selector: + component: hasura + type: ClusterIP +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + kubernetes.io/ingress.class: nginx + kontinuous/chartPath: project.fabrique.contrib.hasura + kontinuous/source: >- + project/charts/fabrique/charts/contrib/charts/hasura/templates/ingress.yaml + kontinuous/plugin.needs: '[\\"pg\\"]' + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + labels: + component: hasura + application: test-pg + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + kontinuous/deployment.env: test-pg-feature-branch-1 + kontinuous/ref: feature-branch-1 + kontinuous/gitSha: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/appVersion: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/resourceName: ingress-hasura-2784v1wj + app.kubernetes.io/manifest-managed-by: kontinuous + app.kubernetes.io/manifest-created-by: kontinuous + name: hasura + namespace: test-pg-feature-branch-1 +spec: + rules: + - host: hasura-test-pg-feature-branch-1.dev.fabrique.social.gouv.fr + http: + paths: + - backend: + service: + name: hasura + port: + name: http + path: / + pathType: Prefix + tls: + - hosts: + - hasura-test-pg-feature-branch-1.dev.fabrique.social.gouv.fr + secretName: wildcard-crt +--- +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster +metadata: + name: cnpg-cluster + labels: + helm.sh/chart: cnpg-cluster-1.4.1 + app.kubernetes.io/name: cnpg-cluster + app.kubernetes.io/instance: release-name + app.kubernetes.io/version: 14.5-6 + app.kubernetes.io/managed-by: Helm + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + kontinuous/deployment.env: test-pg-feature-branch-1 + kontinuous/ref: feature-branch-1 + kontinuous/gitSha: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/appVersion: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/resourceName: cluster-cnpg-cluster-3ucigx9f + app.kubernetes.io/manifest-managed-by: kontinuous + app.kubernetes.io/manifest-created-by: kontinuous + annotations: + kontinuous/chartPath: project.fabrique.pg.cnpg-cluster + kontinuous/source: >- + project/charts/fabrique/charts/pg/charts/cnpg-cluster/templates/cluster.cnpg.yaml + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + kontinuous/depname.full: project.fabrique.pg.cnpg-cluster.cluster.cnpg-cluster + kontinuous/depname.chartResource: cnpg-cluster.cluster.cnpg-cluster + kontinuous/depname.chartName: cnpg-cluster + kontinuous/depname.chartPath: project.fabrique.pg.cnpg-cluster + kontinuous/depname.resourcePath: cluster.cnpg-cluster + kontinuous/depname.resourceName: cnpg-cluster + kontinuous/depname.chartNameTopFull: pg.cnpg-cluster + kontinuous/depname.chartNameTop: pg + kontinuous/plugin.log: 'false' + namespace: test-pg-feature-branch-1 +spec: + instances: 1 + imageName: ghcr.io/cloudnative-pg/postgis:14 + imagePullPolicy: IfNotPresent + storage: + size: 8Gi + storageClass: managed-csi + minSyncReplicas: 0 + maxSyncReplicas: 0 + postgresql: {} + monitoring: + enablePodMonitor: false + bootstrap: + initdb: + database: app + owner: app + secret: + name: cnpg-cluster-db + postInitTemplateSQL: + - CREATE EXTENSION IF NOT EXISTS \\"postgis\\"; + - CREATE EXTENSION IF NOT EXISTS \\"postgis_topology\\"; + - CREATE EXTENSION IF NOT EXISTS \\"fuzzystrmatch\\"; + - CREATE EXTENSION IF NOT EXISTS \\"postgis_tiger_geocoder\\"; + - CREATE EXTENSION IF NOT EXISTS \\"uuid-ossp\\"; + - CREATE EXTENSION IF NOT EXISTS \\"citext\\"; + - CREATE EXTENSION IF NOT EXISTS \\"pgcrypto\\"; + - CREATE EXTENSION IF NOT EXISTS \\"hstore\\"; +--- +apiVersion: postgresql.cnpg.io/v1 +kind: Pooler +metadata: + name: cnpg-cluster-rw + labels: + helm.sh/chart: cnpg-cluster-1.4.1 + app.kubernetes.io/name: cnpg-cluster + app.kubernetes.io/instance: release-name + app.kubernetes.io/version: 14.5-6 + app.kubernetes.io/managed-by: Helm + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + kontinuous/deployment.env: test-pg-feature-branch-1 + kontinuous/ref: feature-branch-1 + kontinuous/gitSha: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/appVersion: ffac537e6cbbf934b08745a378932722df287a53 + kontinuous/resourceName: pooler-cnpg-cluster-rw-t5d0s6ee + app.kubernetes.io/manifest-managed-by: kontinuous + app.kubernetes.io/manifest-created-by: kontinuous + annotations: + kontinuous/chartPath: project.fabrique.pg.cnpg-cluster + kontinuous/source: >- + project/charts/fabrique/charts/pg/charts/cnpg-cluster/templates/pooler.cnpg.yaml + kontinuous/deployment: test-pg-feature-branch-1-ffac537e6cbbf934b08745a37893-4f12g0z3 + namespace: test-pg-feature-branch-1 +spec: + cluster: + name: cnpg-cluster + instances: '1' + pgbouncer: + parameters: + max_client_conn: '1000' + poolMode: session + type: rw +" +`; diff --git a/packages/kontinuous/tests/samples/pg/config.yaml b/packages/kontinuous/tests/samples/pg/config.yaml new file mode 100644 index 0000000000..ff779aad47 --- /dev/null +++ b/packages/kontinuous/tests/samples/pg/config.yaml @@ -0,0 +1,3 @@ +dependencies: + fabrique: + import: socialgouv/kontinuous/plugins/fabrique \ No newline at end of file diff --git a/packages/kontinuous/tests/samples/pg/values.yaml b/packages/kontinuous/tests/samples/pg/values.yaml new file mode 100644 index 0000000000..64c71a8d1e --- /dev/null +++ b/packages/kontinuous/tests/samples/pg/values.yaml @@ -0,0 +1,15 @@ +global: + pgSecretName: cnpg-cluster-db + +hasura: + ~needs: [pg] + envFrom: + - secretRef: + name: hasura + - secretRef: + name: pg-user + - configMapRef: + name: hasura-configmap + +pg: + ~chart: pg \ No newline at end of file diff --git a/plugins/contrib/patches/06-filter-residual-meta-values.js b/plugins/contrib/patches/06-filter-residual-meta-values.js new file mode 100644 index 0000000000..9390b61675 --- /dev/null +++ b/plugins/contrib/patches/06-filter-residual-meta-values.js @@ -0,0 +1,15 @@ +const filterManifestDefRecurse = (def) => { + if (typeof def !== "object" || def === null) { + return + } + for (const key of Object.keys(def)) { + if (key.startsWith("~")) { + delete def[key] + } else { + filterManifestDefRecurse(def[key]) + } + } +} + +module.exports = async (manifests, _options, context) => + filterManifestDefRecurse(manifests, context) diff --git a/plugins/fabrique/charts/pg/Chart.yaml b/plugins/fabrique/charts/pg/Chart.yaml index d03b1eba67..7bb9722e56 100644 --- a/plugins/fabrique/charts/pg/Chart.yaml +++ b/plugins/fabrique/charts/pg/Chart.yaml @@ -5,3 +5,4 @@ dependencies: - name: cnpg-cluster degit: socialgouv/helm-charts/charts/cnpg-cluster@v1 version: "1" + condition: cnpg-cluster.enabled \ No newline at end of file diff --git a/plugins/fabrique/charts/pg/values.yaml b/plugins/fabrique/charts/pg/values.yaml index c4f9ca28dc..16b7be51d4 100644 --- a/plugins/fabrique/charts/pg/values.yaml +++ b/plugins/fabrique/charts/pg/values.yaml @@ -1,4 +1,5 @@ cnpg-cluster: + enabled: true fullnameOverride: cnpg-cluster nameOverride: cnpg-cluster ~tpl~instances: "{{ if (or .Values.isProd .Values.isPreprod) }}3{{else}}1{{end}}" @@ -22,7 +23,8 @@ cnpg-cluster: repository: "ghcr.io/cloudnative-pg/postgis" tag: "14" poolers: - main: + rw: + ~tpl~instances: "{{ if (or .Values.isProd .Values.isPreprod) }}9{{else}}1{{end}}" type: rw pgbouncer: poolMode: session