From 50c4ebfc1bc396b615076c1d05b93a71750f77e7 Mon Sep 17 00:00:00 2001 From: Ben Jackson Date: Fri, 4 Oct 2024 10:25:56 +1000 Subject: [PATCH] chore: expunge fastly api secrets templating (#367) --- Dockerfile | 2 - cmd/config_fastly.go | 7 +- cmd/config_fastly_test.go | 51 +-------- cmd/template_autogen_ingress_test.go | 24 ---- cmd/template_ingress_test.go | 23 +--- internal/generator/buildvalues.go | 1 - internal/generator/generator.go | 3 - internal/generator/helpers_generator.go | 5 - internal/generator/ingress.go | 10 +- internal/lagoon/fastly.go | 24 +--- internal/lagoon/fastly_test.go | 16 ++- internal/lagoon/routes.go | 8 +- internal/lagoon/routes_test.go | 69 ++++-------- .../templating/ingress/templates_ingress.go | 3 - .../autogen-templates/ingress-8/node.yaml | 49 --------- .../ingress-1/example.com.yaml | 53 --------- .../ingress-16/example.com.yaml | 1 - .../ingress-17/example.com.yaml | 1 - legacy/build-deploy-docker-compose.sh | 103 ------------------ .../helmcharts/fastly-api-secret/.helmignore | 22 ---- .../helmcharts/fastly-api-secret/Chart.yaml | 17 --- .../fastly-api-secret/templates/_helpers.tpl | 69 ------------ .../fastly-api-secret/templates/secret.yaml | 14 --- .../helmcharts/fastly-api-secret/values.yaml | 7 -- legacy/scripts/exec-fastly-api-secrets.sh | 14 --- 25 files changed, 48 insertions(+), 548 deletions(-) delete mode 100644 internal/testdata/node/autogen-templates/ingress-8/node.yaml delete mode 100644 internal/testdata/node/ingress-templates/ingress-1/example.com.yaml delete mode 100644 legacy/helmcharts/fastly-api-secret/.helmignore delete mode 100644 legacy/helmcharts/fastly-api-secret/Chart.yaml delete mode 100644 legacy/helmcharts/fastly-api-secret/templates/_helpers.tpl delete mode 100644 legacy/helmcharts/fastly-api-secret/templates/secret.yaml delete mode 100644 legacy/helmcharts/fastly-api-secret/values.yaml delete mode 100755 legacy/scripts/exec-fastly-api-secrets.sh diff --git a/Dockerfile b/Dockerfile index 93bdd347..56433b36 100644 --- a/Dockerfile +++ b/Dockerfile @@ -105,8 +105,6 @@ COPY legacy/build-deploy-docker-compose.sh /kubectl-build-deploy/build-deploy-do COPY legacy/scripts /kubectl-build-deploy/scripts -COPY legacy/helmcharts /kubectl-build-deploy/helmcharts - ENV DBAAS_OPERATOR_HTTP=dbaas.lagoon.svc:5000 ENV DOCKER_HOST=docker-host.lagoon.svc ENV LAGOON_FEATURE_FLAG_DEFAULT_DOCUMENTATION_URL=https://docs.lagoon.sh diff --git a/cmd/config_fastly.go b/cmd/config_fastly.go index 92e73801..af496910 100644 --- a/cmd/config_fastly.go +++ b/cmd/config_fastly.go @@ -36,10 +36,6 @@ func FastlyConfigGeneration(debug bool, domain string) (lagoon.Fastly, error) { if err != nil { return lagoon.Fastly{}, fmt.Errorf("error reading fastly-cache-no-cache-id flag: %v", err) } - fastlyAPISecretPrefix, err := rootCmd.PersistentFlags().GetString("fastly-api-secret-prefix") - if err != nil { - return lagoon.Fastly{}, fmt.Errorf("error reading fastly-api-secret-prefix flag: %v", err) - } fastlyServiceID, err := rootCmd.PersistentFlags().GetString("fastly-service-id") if err != nil { return lagoon.Fastly{}, fmt.Errorf("error reading fastly-service-id flag: %v", err) @@ -55,7 +51,6 @@ func FastlyConfigGeneration(debug bool, domain string) (lagoon.Fastly, error) { fastlyCacheNoCahce = helpers.GetEnv("LAGOON_FASTLY_NOCACHE_SERVICE_ID", fastlyCacheNoCahce, debug) fastlyServiceID = helpers.GetEnv("ROUTE_FASTLY_SERVICE_ID", fastlyServiceID, debug) - fastlyAPISecretPrefix = helpers.GetEnv("FASTLY_API_SECRET_PREFIX", fastlyAPISecretPrefix, debug) // get the project and environment variables projectVariables = helpers.GetEnv("LAGOON_PROJECT_VARIABLES", projectVariables, debug) @@ -70,7 +65,7 @@ func FastlyConfigGeneration(debug bool, domain string) (lagoon.Fastly, error) { // generate the fastly configuration from the provided flags/variables f := &lagoon.Fastly{} - err = lagoon.GenerateFastlyConfiguration(f, fastlyCacheNoCahce, fastlyServiceID, domain, fastlyAPISecretPrefix, lagoonEnvVars) + err = lagoon.GenerateFastlyConfiguration(f, fastlyCacheNoCahce, fastlyServiceID, domain, lagoonEnvVars) if err != nil { return lagoon.Fastly{}, err } diff --git a/cmd/config_fastly_test.go b/cmd/config_fastly_test.go index a3eccc03..7c0fb6cd 100644 --- a/cmd/config_fastly_test.go +++ b/cmd/config_fastly_test.go @@ -16,7 +16,6 @@ func TestGenerateFastlyConfig(t *testing.T) { cacheNoCache string serviceID string domain string - secretPrefix string } tests := []struct { name string @@ -31,12 +30,10 @@ func TestGenerateFastlyConfig(t *testing.T) { cacheNoCache: "", serviceID: "", domain: "example.com", - secretPrefix: "fastly-api-", }, want: lagoon.Fastly{ - ServiceID: "service-id", - APISecretName: "", - Watch: true, + ServiceID: "service-id", + Watch: true, }, }, { @@ -47,44 +44,10 @@ func TestGenerateFastlyConfig(t *testing.T) { cacheNoCache: "", serviceID: "", domain: "example.com", - secretPrefix: "fastly-api-", - }, - want: lagoon.Fastly{ - ServiceID: "service-id", - APISecretName: "", - Watch: true, - }, - }, - { - name: "test3 check LAGOON_FASTLY_SERVICE_ID with secret", - args: args{ - projectVars: `[{"name":"LAGOON_SYSTEM_ROUTER_PATTERN","value":"${service}-${project}-${environment}.example.com","scope":"internal_system"},{"name":"LAGOON_FASTLY_SERVICE_ID","value":"service-id:true:secret","scope":"global"}]`, - envVars: `[]`, - cacheNoCache: "", - serviceID: "", - domain: "example.com", - secretPrefix: "fastly-api-", }, want: lagoon.Fastly{ - ServiceID: "service-id", - APISecretName: "fastly-api-secret", - Watch: true, - }, - }, - { - name: "test4 check LAGOON_FASTLY_SERVICE_IDS with secret", - args: args{ - projectVars: `[{"name":"LAGOON_SYSTEM_ROUTER_PATTERN","value":"${service}-${project}-${environment}.example.com","scope":"internal_system"},{"name":"LAGOON_FASTLY_SERVICE_IDS","value":"example.com:service-id:true:secret","scope":"global"}]`, - envVars: `[]`, - cacheNoCache: "", - serviceID: "", - domain: "example.com", - secretPrefix: "fastly-api-", - }, - want: lagoon.Fastly{ - ServiceID: "service-id", - APISecretName: "fastly-api-secret", - Watch: true, + ServiceID: "service-id", + Watch: true, }, }, { @@ -95,7 +58,6 @@ func TestGenerateFastlyConfig(t *testing.T) { cacheNoCache: "", serviceID: "dedicated-service-id", domain: "example.com", - secretPrefix: "fastly-api-", }, want: lagoon.Fastly{ ServiceID: "dedicated-service-id", @@ -110,7 +72,6 @@ func TestGenerateFastlyConfig(t *testing.T) { cacheNoCache: "", serviceID: "dedicated-service-id", domain: "example.com", - secretPrefix: "fastly-api-", }, want: lagoon.Fastly{ ServiceID: "service-id", @@ -130,10 +91,6 @@ func TestGenerateFastlyConfig(t *testing.T) { if err != nil { t.Errorf("%v", err) } - err = os.Setenv("FASTLY_API_SECRET_PREFIX", tt.args.secretPrefix) - if err != nil { - t.Errorf("%v", err) - } err = os.Setenv("LAGOON_PROJECT_VARIABLES", tt.args.projectVars) if err != nil { t.Errorf("%v", err) diff --git a/cmd/template_autogen_ingress_test.go b/cmd/template_autogen_ingress_test.go index f06e60a9..f75bea5a 100644 --- a/cmd/template_autogen_ingress_test.go +++ b/cmd/template_autogen_ingress_test.go @@ -186,30 +186,6 @@ func TestAutogeneratedIngressGeneration(t *testing.T) { templatePath: "testoutput", want: "internal/testdata/node/autogen-templates/ingress-7", }, - { - name: "test10 autogenerated routes with fastly and specific secret", - args: testdata.GetSeedData( - testdata.TestData{ - ProjectName: "example-project", - EnvironmentName: "main", - Branch: "main", - LagoonYAML: "internal/testdata/node/lagoon.yml", - ProjectVariables: []lagoon.EnvironmentVariable{ - { - Name: "LAGOON_FASTLY_SERVICE_ID", - Value: "service-id:true:secretname", - Scope: "build", - }, - { - Name: "LAGOON_FASTLY_AUTOGENERATED", - Value: "enabled", - Scope: "build", - }, - }, - }, true), - templatePath: "testoutput", - want: "internal/testdata/node/autogen-templates/ingress-8", - }, { name: "test11 autogenerated route development environment", args: testdata.GetSeedData( diff --git a/cmd/template_ingress_test.go b/cmd/template_ingress_test.go index 2136c9bc..c849400e 100644 --- a/cmd/template_ingress_test.go +++ b/cmd/template_ingress_test.go @@ -26,25 +26,6 @@ func TestTemplateRoutes(t *testing.T) { wantErr bool wantErrMsg string }{ - { - name: "test1 check LAGOON_FASTLY_SERVICE_IDS with secret no values", - args: testdata.GetSeedData( - testdata.TestData{ - ProjectName: "example-project", - EnvironmentName: "main", - Branch: "main", - LagoonYAML: "internal/testdata/node/lagoon.yml", - ProjectVariables: []lagoon.EnvironmentVariable{ - { - Name: "LAGOON_FASTLY_SERVICE_IDS", - Value: "example.com:service-id:true:annotationscom", - Scope: "build", - }, - }, - }, true), - templatePath: "testoutput", - want: "internal/testdata/node/ingress-templates/ingress-1", - }, { name: "test2 check LAGOON_FASTLY_SERVICE_IDS no secret and no values", args: testdata.GetSeedData( @@ -289,7 +270,7 @@ func TestTemplateRoutes(t *testing.T) { ProjectVariables: []lagoon.EnvironmentVariable{ { Name: "LAGOON_FASTLY_SERVICE_IDS", - Value: "example.com:service-id:true:annotationscom", + Value: "example.com:service-id:true", Scope: "build", }, }, @@ -308,7 +289,7 @@ func TestTemplateRoutes(t *testing.T) { ProjectVariables: []lagoon.EnvironmentVariable{ { Name: "LAGOON_FASTLY_SERVICE_IDS", - Value: "example.com:service-id:true:annotationscom", + Value: "example.com:service-id:true", Scope: "build", }, }, diff --git a/internal/generator/buildvalues.go b/internal/generator/buildvalues.go index ed1be72b..bc1a20c9 100644 --- a/internal/generator/buildvalues.go +++ b/internal/generator/buildvalues.go @@ -38,7 +38,6 @@ type BuildValues struct { PrivateRegistryURLS []string `json:"privateRegistryURLS" description:"this stores all the private registry urls used by this environment"` Fastly Fastly `json:"fastly" deprecated:"true" description:"this is the configuration of fastly for this environment"` FastlyCacheNoCache string `json:"fastlyCacheNoCahce" deprecated:"true" description:"this is the service id of a fastly cache-no-cache service"` - FastlyAPISecretPrefix string `json:"fastlyAPISecretPrefix" deprecated:"true" description:"this is the fastly-api-secret prefix to use"` ConfigMapSha string `json:"configMapSha" description:"this is the computed sha of the lagoon-env configmap, it is used to determine if changes are required to deployments"` Route string `json:"route" description:"this stores the primary determiend route after all have been calculated"` Routes []string `json:"routes" description:"this stores all routes after they are calculated"` diff --git a/internal/generator/generator.go b/internal/generator/generator.go index 38182ee3..cfa0cbcf 100644 --- a/internal/generator/generator.go +++ b/internal/generator/generator.go @@ -48,7 +48,6 @@ type GeneratorInput struct { MonitoringContact string MonitoringStatusPageID string FastlyCacheNoCahce string - FastlyAPISecretPrefix string SavedTemplatesPath string ConfigMapSha string BackupConfiguration BackupConfiguration @@ -97,7 +96,6 @@ func NewGenerator( activeEnvironment := helpers.GetEnv("ACTIVE_ENVIRONMENT", generator.ActiveEnvironment, generator.Debug) standbyEnvironment := helpers.GetEnv("STANDBY_ENVIRONMENT", generator.StandbyEnvironment, generator.Debug) fastlyCacheNoCahce := helpers.GetEnv("LAGOON_FASTLY_NOCACHE_SERVICE_ID", generator.FastlyCacheNoCahce, generator.Debug) - fastlyAPISecretPrefix := helpers.GetEnv("ROUTE_FASTLY_SERVICE_ID", generator.FastlyAPISecretPrefix, generator.Debug) lagoonVersion := helpers.GetEnv("LAGOON_VERSION", generator.LagoonVersion, generator.Debug) configMapSha := helpers.GetEnv("CONFIG_MAP_SHA", generator.ConfigMapSha, generator.Debug) imageRegistry := helpers.GetEnv("REGISTRY", generator.ImageRegistry, generator.Debug) @@ -174,7 +172,6 @@ func NewGenerator( buildValues.ActiveEnvironment = activeEnvironment buildValues.StandbyEnvironment = standbyEnvironment buildValues.FastlyCacheNoCache = fastlyCacheNoCahce - buildValues.FastlyAPISecretPrefix = fastlyAPISecretPrefix switch buildType { case "branch", "promote": buildValues.Branch = branch diff --git a/internal/generator/helpers_generator.go b/internal/generator/helpers_generator.go index 0b42e892..976af585 100644 --- a/internal/generator/helpers_generator.go +++ b/internal/generator/helpers_generator.go @@ -93,10 +93,6 @@ func GenerateInput(rootCmd cobra.Command, debug bool) (GeneratorInput, error) { if err != nil { return GeneratorInput{}, fmt.Errorf("error reading fastly-cache-no-cache-id flag: %v", err) } - fastlyAPISecretPrefix, err := rootCmd.PersistentFlags().GetString("fastly-api-secret-prefix") - if err != nil { - return GeneratorInput{}, fmt.Errorf("error reading fastly-api-secret-prefix flag: %v", err) - } ignoreMissingEnvFiles, err := rootCmd.PersistentFlags().GetBool("ignore-missing-env-files") if err != nil { return GeneratorInput{}, fmt.Errorf("error reading ignore-missing-env-files flag: %v", err) @@ -136,7 +132,6 @@ func GenerateInput(rootCmd cobra.Command, debug bool) (GeneratorInput, error) { MonitoringContact: monitoringContact, MonitoringStatusPageID: monitoringStatusPageID, FastlyCacheNoCahce: fastlyCacheNoCahce, - FastlyAPISecretPrefix: fastlyAPISecretPrefix, SavedTemplatesPath: savedTemplates, IgnoreMissingEnvFiles: ignoreMissingEnvFiles, IgnoreNonStringKeyErrors: ignoreNonStringKeyErrors, diff --git a/internal/generator/ingress.go b/internal/generator/ingress.go index f924fadc..4a51883d 100644 --- a/internal/generator/ingress.go +++ b/internal/generator/ingress.go @@ -155,7 +155,7 @@ func generateAutogenRoutes( } fastlyConfig := &lagoon.Fastly{} if buildValues.AutogeneratedRoutesFastly { - err := lagoon.GenerateFastlyConfiguration(fastlyConfig, buildValues.FastlyCacheNoCache, buildValues.Fastly.ServiceID, domain, buildValues.FastlyAPISecretPrefix, envVars) + err := lagoon.GenerateFastlyConfiguration(fastlyConfig, buildValues.FastlyCacheNoCache, buildValues.Fastly.ServiceID, domain, envVars) if err != nil { return err } @@ -287,7 +287,7 @@ func generateActiveStandbyRoutes( if buildValues.LagoonYAML.ProductionRoutes.Active != nil { if buildValues.LagoonYAML.ProductionRoutes.Active.Routes != nil { for _, routeMap := range buildValues.LagoonYAML.ProductionRoutes.Active.Routes { - err := lagoon.GenerateRoutesV2(activeStanbyRoutes, routeMap, envVars, buildValues.IngressClass, buildValues.FastlyAPISecretPrefix, true) + err := lagoon.GenerateRoutesV2(activeStanbyRoutes, routeMap, envVars, buildValues.IngressClass, true) if err != nil { return *activeStanbyRoutes, err } @@ -299,7 +299,7 @@ func generateActiveStandbyRoutes( if buildValues.LagoonYAML.ProductionRoutes.Standby != nil { if buildValues.LagoonYAML.ProductionRoutes.Standby.Routes != nil { for _, routeMap := range buildValues.LagoonYAML.ProductionRoutes.Standby.Routes { - err := lagoon.GenerateRoutesV2(activeStanbyRoutes, routeMap, envVars, buildValues.IngressClass, buildValues.FastlyAPISecretPrefix, true) + err := lagoon.GenerateRoutesV2(activeStanbyRoutes, routeMap, envVars, buildValues.IngressClass, true) if err != nil { return *activeStanbyRoutes, err } @@ -346,13 +346,13 @@ func generateAndMerge( // otherwise it just uses the default environment name for _, routeMap := range buildValues.LagoonYAML.Environments[buildValues.Branch].Routes { - err := lagoon.GenerateRoutesV2(n, routeMap, envVars, buildValues.IngressClass, buildValues.FastlyAPISecretPrefix, false) + err := lagoon.GenerateRoutesV2(n, routeMap, envVars, buildValues.IngressClass, false) if err != nil { return *n, err } } // merge routes from the API on top of the routes from the `.lagoon.yml` - mainRoutes, err := lagoon.MergeRoutesV2(*n, api, envVars, buildValues.IngressClass, buildValues.FastlyAPISecretPrefix) + mainRoutes, err := lagoon.MergeRoutesV2(*n, api, envVars, buildValues.IngressClass) if err != nil { return *n, err } diff --git a/internal/lagoon/fastly.go b/internal/lagoon/fastly.go index 1b42a882..4ee74707 100644 --- a/internal/lagoon/fastly.go +++ b/internal/lagoon/fastly.go @@ -8,13 +8,12 @@ import ( // Fastly represents the fastly configuration for a Lagoon route type Fastly struct { - ServiceID string `json:"service-id,omitempty"` - APISecretName string `json:"api-secret-name,omitempty"` - Watch bool `json:"watch,omitempty"` + ServiceID string `json:"service-id,omitempty"` + Watch bool `json:"watch,omitempty"` } // GenerateFastlyConfiguration generates the fastly configuration for a specific route from Lagoon variables. -func GenerateFastlyConfiguration(f *Fastly, noCacheServiceID, serviceID, route, secretPrefix string, variables []EnvironmentVariable) error { +func GenerateFastlyConfiguration(f *Fastly, noCacheServiceID, serviceID, route string, variables []EnvironmentVariable) error { f.ServiceID = serviceID if serviceID == "" { if noCacheServiceID != "" { @@ -38,10 +37,6 @@ func GenerateFastlyConfiguration(f *Fastly, noCacheServiceID, serviceID, route, } f.ServiceID = lfsIDSplit[0] f.Watch = watch - if len(lfsIDSplit) == 3 { - // the optional secret has been defined - f.APISecretName = fmt.Sprintf("%s%s", secretPrefix, lfsIDSplit[2]) - } } // check the `LAGOON_FASTLY_SERVICE_IDS` to see if we have a domain specific override // this is useful if all domains are using the nocache service, but you have a specific domain that should use a different service @@ -72,21 +67,8 @@ func GenerateFastlyConfiguration(f *Fastly, noCacheServiceID, serviceID, route, } f.ServiceID = lfsIDSplit[1] f.Watch = watch - // unset the apisecret name if this point is reached - // this is because this particular ingress may not have one defined - // it will get checked next - f.APISecretName = "" - if len(lfsIDSplit) == 4 { - // the optional secret has been defined - f.APISecretName = fmt.Sprintf("%s%s", secretPrefix, lfsIDSplit[3]) - } } } } - if f.APISecretName != "" { - if !strings.HasPrefix(f.APISecretName, secretPrefix) { - f.APISecretName = fmt.Sprintf("%s%s", secretPrefix, f.APISecretName) - } - } return nil } diff --git a/internal/lagoon/fastly_test.go b/internal/lagoon/fastly_test.go index b48157da..15d6e64c 100644 --- a/internal/lagoon/fastly_test.go +++ b/internal/lagoon/fastly_test.go @@ -51,16 +51,15 @@ func TestGenerateFastlyConfiguration(t *testing.T) { variables: []EnvironmentVariable{ { Name: "LAGOON_FASTLY_SERVICE_ID", - Value: "1234567:true:secretname", + Value: "1234567:true", Scope: "global", }, }, }, provide: &Fastly{}, want: Fastly{ - Watch: true, - ServiceID: "1234567", - APISecretName: "secretname", + Watch: true, + ServiceID: "1234567", }, }, { @@ -73,22 +72,21 @@ func TestGenerateFastlyConfiguration(t *testing.T) { variables: []EnvironmentVariable{ { Name: "LAGOON_FASTLY_SERVICE_IDS", - Value: "www.example.com:abcdefg:true:secretname,example.com:1234567:true:secretname", + Value: "www.example.com:abcdefg:true,example.com:1234567:true", Scope: "global", }, }, }, provide: &Fastly{}, want: Fastly{ - Watch: true, - ServiceID: "abcdefg", - APISecretName: "api-secret-secretname", + Watch: true, + ServiceID: "abcdefg", }, }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - err := GenerateFastlyConfiguration(tt.provide, tt.args.noCacheServiceID, tt.args.serviceID, tt.args.route, tt.args.secretPrefix, tt.args.variables) + err := GenerateFastlyConfiguration(tt.provide, tt.args.noCacheServiceID, tt.args.serviceID, tt.args.route, tt.args.variables) if (err != nil) != tt.wantErr { t.Errorf("generateFastlyAnnotations() error = %v, wantErr %v", err, tt.wantErr) return diff --git a/internal/lagoon/routes.go b/internal/lagoon/routes.go index 3588ae52..03003644 100644 --- a/internal/lagoon/routes.go +++ b/internal/lagoon/routes.go @@ -122,7 +122,7 @@ func (r *Route) UnmarshalJSON(data []byte) error { } // GenerateRoutesV2 generate routesv2 definitions from lagoon route mappings -func GenerateRoutesV2(yamlRoutes *RoutesV2, routeMap map[string][]Route, variables []EnvironmentVariable, defaultIngressClass, secretPrefix string, activeStandby bool) error { +func GenerateRoutesV2(yamlRoutes *RoutesV2, routeMap map[string][]Route, variables []EnvironmentVariable, defaultIngressClass string, activeStandby bool) error { for rName, lagoonRoutes := range routeMap { for _, lagoonRoute := range lagoonRoutes { newRoute := RouteV2{} @@ -219,7 +219,7 @@ func GenerateRoutesV2(yamlRoutes *RoutesV2, routeMap map[string][]Route, variabl newRoute.IngressName = lagoonRoute.Name } // generate the fastly configuration for this route - err := GenerateFastlyConfiguration(&newRoute.Fastly, "", newRoute.Fastly.ServiceID, newRoute.Domain, secretPrefix, variables) + err := GenerateFastlyConfiguration(&newRoute.Fastly, "", newRoute.Fastly.ServiceID, newRoute.Domain, variables) if err != nil { //@TODO: error handling } @@ -235,7 +235,7 @@ func GenerateRoutesV2(yamlRoutes *RoutesV2, routeMap map[string][]Route, variabl } // MergeRoutesV2 merge routes from the API onto the previously generated routes. -func MergeRoutesV2(yamlRoutes RoutesV2, apiRoutes RoutesV2, variables []EnvironmentVariable, defaultIngressClass, secretPrefix string) (RoutesV2, error) { +func MergeRoutesV2(yamlRoutes RoutesV2, apiRoutes RoutesV2, variables []EnvironmentVariable, defaultIngressClass string) (RoutesV2, error) { firstRoundRoutes := RoutesV2{} existsInAPI := false // replace any routes from the lagoon yaml with ones from the api @@ -298,7 +298,7 @@ func MergeRoutesV2(yamlRoutes RoutesV2, apiRoutes RoutesV2, variables []Environm finalRoutes := RoutesV2{} for _, fRoute := range firstRoundRoutes.Routes { // generate the fastly configuration for this route if required - err := GenerateFastlyConfiguration(&fRoute.Fastly, "", fRoute.Fastly.ServiceID, fRoute.Domain, secretPrefix, variables) + err := GenerateFastlyConfiguration(&fRoute.Fastly, "", fRoute.Fastly.ServiceID, fRoute.Domain, variables) if err != nil { //@TODO: error handling } diff --git a/internal/lagoon/routes_test.go b/internal/lagoon/routes_test.go index 26316558..68d7bd6e 100644 --- a/internal/lagoon/routes_test.go +++ b/internal/lagoon/routes_test.go @@ -15,7 +15,6 @@ func TestGenerateRouteStructure(t *testing.T) { yamlRouteMap map[string][]Route variables []EnvironmentVariable defaultIngressClass string - secretPrefix string activeStandby bool } tests := []struct { @@ -38,7 +37,6 @@ func TestGenerateRouteStructure(t *testing.T) { }, }, }, - secretPrefix: "", activeStandby: false, }, want: &RoutesV2{ @@ -87,16 +85,14 @@ func TestGenerateRouteStructure(t *testing.T) { Ingresses: map[string]Ingress{ "www.example.com": { Fastly: Fastly{ - APISecretName: "annotationscom", - Watch: true, - ServiceID: "12345", + Watch: true, + ServiceID: "12345", }, }, }, }, }, }, - secretPrefix: "fastly-api-", activeStandby: false, }, want: &RoutesV2{ @@ -123,9 +119,8 @@ func TestGenerateRouteStructure(t *testing.T) { TLSAcme: helpers.BoolPtr(true), Annotations: map[string]string{}, Fastly: Fastly{ - APISecretName: "fastly-api-annotationscom", - Watch: true, - ServiceID: "12345", + Watch: true, + ServiceID: "12345", }, AlternativeNames: []string{}, IngressName: "www.example.com", @@ -144,9 +139,8 @@ func TestGenerateRouteStructure(t *testing.T) { Ingresses: map[string]Ingress{ "example.com": { Fastly: Fastly{ - APISecretName: "annotationscom", - Watch: true, - ServiceID: "12345", + Watch: true, + ServiceID: "12345", }, AlternativeNames: []string{ "www.example.com", @@ -157,7 +151,6 @@ func TestGenerateRouteStructure(t *testing.T) { }, }, }, - secretPrefix: "fastly-api-", activeStandby: false, }, want: &RoutesV2{ @@ -170,9 +163,8 @@ func TestGenerateRouteStructure(t *testing.T) { TLSAcme: helpers.BoolPtr(true), Annotations: map[string]string{}, Fastly: Fastly{ - APISecretName: "fastly-api-annotationscom", - Watch: true, - ServiceID: "12345", + Watch: true, + ServiceID: "12345", }, AlternativeNames: []string{ "www.example.com", @@ -198,7 +190,6 @@ func TestGenerateRouteStructure(t *testing.T) { }, }, }, - secretPrefix: "", defaultIngressClass: "nginx", activeStandby: false, }, @@ -250,9 +241,8 @@ func TestGenerateRouteStructure(t *testing.T) { Ingresses: map[string]Ingress{ "www.example.com": { Fastly: Fastly{ - APISecretName: "annotationscom", - Watch: true, - ServiceID: "12345", + Watch: true, + ServiceID: "12345", }, IngressClass: "custom-ingress", }, @@ -260,7 +250,6 @@ func TestGenerateRouteStructure(t *testing.T) { }, }, }, - secretPrefix: "fastly-api-", defaultIngressClass: "nginx", activeStandby: false, }, @@ -290,9 +279,8 @@ func TestGenerateRouteStructure(t *testing.T) { TLSAcme: helpers.BoolPtr(true), Annotations: map[string]string{}, Fastly: Fastly{ - APISecretName: "fastly-api-annotationscom", - Watch: true, - ServiceID: "12345", + Watch: true, + ServiceID: "12345", }, AlternativeNames: []string{}, IngressName: "www.example.com", @@ -314,9 +302,8 @@ func TestGenerateRouteStructure(t *testing.T) { Ingresses: map[string]Ingress{ "www.example.com": { Fastly: Fastly{ - APISecretName: "annotationscom", - Watch: true, - ServiceID: "12345", + Watch: true, + ServiceID: "12345", }, HSTSEnabled: helpers.BoolPtr(true), HSTSMaxAge: 10000, @@ -325,7 +312,6 @@ func TestGenerateRouteStructure(t *testing.T) { }, }, }, - secretPrefix: "fastly-api-", activeStandby: false, }, want: &RoutesV2{ @@ -352,9 +338,8 @@ func TestGenerateRouteStructure(t *testing.T) { TLSAcme: helpers.BoolPtr(true), Annotations: map[string]string{}, Fastly: Fastly{ - APISecretName: "fastly-api-annotationscom", - Watch: true, - ServiceID: "12345", + Watch: true, + ServiceID: "12345", }, HSTSEnabled: helpers.BoolPtr(true), HSTSMaxAge: 10000, @@ -381,7 +366,6 @@ func TestGenerateRouteStructure(t *testing.T) { }, }, }, - secretPrefix: "fastly-api-", activeStandby: false, }, wantErr: true, @@ -405,7 +389,6 @@ func TestGenerateRouteStructure(t *testing.T) { }, }, }, - secretPrefix: "fastly-api-", activeStandby: false, }, want: &RoutesV2{ @@ -428,7 +411,7 @@ func TestGenerateRouteStructure(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - err := GenerateRoutesV2(tt.args.yamlRoutes, tt.args.yamlRouteMap, tt.args.variables, tt.args.defaultIngressClass, tt.args.secretPrefix, tt.args.activeStandby) + err := GenerateRoutesV2(tt.args.yamlRoutes, tt.args.yamlRouteMap, tt.args.variables, tt.args.defaultIngressClass, tt.args.activeStandby) if (err != nil) != tt.wantErr { t.Errorf("GenerateRouteStructure() error = %v, wantErr %v", err, tt.wantErr) return @@ -448,7 +431,6 @@ func TestMergeRouteStructures(t *testing.T) { apiRoutes RoutesV2 variables []EnvironmentVariable defaultIngressClass string - secretPrefix string } tests := []struct { name string @@ -469,9 +451,8 @@ func TestMergeRouteStructures(t *testing.T) { TLSAcme: helpers.BoolPtr(true), Annotations: map[string]string{}, Fastly: Fastly{ - Watch: true, - ServiceID: "12345", - APISecretName: "annotationscom", + Watch: true, + ServiceID: "12345", }, IngressName: "example.com", RequestVerification: helpers.BoolPtr(false), @@ -535,7 +516,6 @@ func TestMergeRouteStructures(t *testing.T) { }, }, }, - secretPrefix: "fastly-api-", }, want: RoutesV2{ Routes: []RouteV2{ @@ -547,9 +527,8 @@ func TestMergeRouteStructures(t *testing.T) { TLSAcme: helpers.BoolPtr(true), Annotations: map[string]string{}, Fastly: Fastly{ - Watch: true, - ServiceID: "12345", - APISecretName: "fastly-api-annotationscom", + Watch: true, + ServiceID: "12345", }, AlternativeNames: []string{}, IngressName: "example.com", @@ -642,7 +621,6 @@ func TestMergeRouteStructures(t *testing.T) { }, }, }, - secretPrefix: "fastly-api-", }, want: RoutesV2{ Routes: []RouteV2{ @@ -702,7 +680,6 @@ func TestMergeRouteStructures(t *testing.T) { }, }, }, - secretPrefix: "fastly-api-", }, wantErr: true, want: RoutesV2{ @@ -738,7 +715,6 @@ func TestMergeRouteStructures(t *testing.T) { }, }, }, - secretPrefix: "fastly-api-", }, wantErr: true, want: RoutesV2{ @@ -774,7 +750,6 @@ func TestMergeRouteStructures(t *testing.T) { }, }, }, - secretPrefix: "fastly-api-", }, wantErr: true, want: RoutesV2{ @@ -784,7 +759,7 @@ func TestMergeRouteStructures(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - got, err := MergeRoutesV2(tt.args.yamlRoutes, tt.args.apiRoutes, tt.args.variables, tt.args.defaultIngressClass, tt.args.secretPrefix) + got, err := MergeRoutesV2(tt.args.yamlRoutes, tt.args.apiRoutes, tt.args.variables, tt.args.defaultIngressClass) if (err != nil) != tt.wantErr { t.Errorf("MergeRouteStructures() error = %v, wantErr %v", err, tt.wantErr) return diff --git a/internal/templating/ingress/templates_ingress.go b/internal/templating/ingress/templates_ingress.go index fa9bde71..cb584297 100644 --- a/internal/templating/ingress/templates_ingress.go +++ b/internal/templating/ingress/templates_ingress.go @@ -115,9 +115,6 @@ func GenerateIngressTemplate( if route.Fastly.ServiceID != "" { additionalAnnotations["fastly.amazee.io/service-id"] = route.Fastly.ServiceID } - if route.Fastly.APISecretName != "" { - additionalAnnotations["fastly.amazee.io/api-secret-name"] = route.Fastly.APISecretName - } if lValues.BuildType == "branch" { additionalAnnotations["lagoon.sh/branch"] = lValues.Branch } else if lValues.BuildType == "pullrequest" { diff --git a/internal/testdata/node/autogen-templates/ingress-8/node.yaml b/internal/testdata/node/autogen-templates/ingress-8/node.yaml deleted file mode 100644 index be2e8868..00000000 --- a/internal/testdata/node/autogen-templates/ingress-8/node.yaml +++ /dev/null @@ -1,49 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - fastly.amazee.io/api-secret-name: fastly-api-secretname - fastly.amazee.io/service-id: service-id - fastly.amazee.io/watch: "true" - idling.amazee.io/disable-request-verification: "false" - ingress.kubernetes.io/ssl-redirect: "true" - kubernetes.io/tls-acme: "true" - lagoon.sh/branch: main - lagoon.sh/version: v2.7.x - monitor.stakater.com/enabled: "false" - nginx.ingress.kubernetes.io/server-snippet: | - add_header X-Robots-Tag "noindex, nofollow"; - nginx.ingress.kubernetes.io/ssl-redirect: "true" - creationTimestamp: null - labels: - app.kubernetes.io/instance: node - app.kubernetes.io/managed-by: build-deploy-tool - app.kubernetes.io/name: autogenerated-ingress - lagoon.sh/autogenerated: "true" - lagoon.sh/buildType: branch - lagoon.sh/environment: main - lagoon.sh/environmentType: production - lagoon.sh/project: example-project - lagoon.sh/service: node - lagoon.sh/service-type: node - lagoon.sh/template: autogenerated-ingress-0.1.0 - name: node -spec: - rules: - - host: node-example-project-main.example.com - http: - paths: - - backend: - service: - name: node - port: - name: http - path: / - pathType: Prefix - tls: - - hosts: - - node-example-project-main.example.com - secretName: node-tls -status: - loadBalancer: {} diff --git a/internal/testdata/node/ingress-templates/ingress-1/example.com.yaml b/internal/testdata/node/ingress-templates/ingress-1/example.com.yaml deleted file mode 100644 index 4e997012..00000000 --- a/internal/testdata/node/ingress-templates/ingress-1/example.com.yaml +++ /dev/null @@ -1,53 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - fastly.amazee.io/api-secret-name: fastly-api-annotationscom - fastly.amazee.io/service-id: service-id - fastly.amazee.io/watch: "true" - idling.amazee.io/disable-request-verification: "false" - ingress.kubernetes.io/ssl-redirect: "true" - kubernetes.io/tls-acme: "true" - lagoon.sh/branch: main - lagoon.sh/version: v2.7.x - monitor.stakater.com/enabled: "true" - monitor.stakater.com/overridePath: / - nginx.ingress.kubernetes.io/ssl-redirect: "true" - uptimerobot.monitor.stakater.com/alert-contacts: alertcontact - uptimerobot.monitor.stakater.com/interval: "60" - uptimerobot.monitor.stakater.com/status-pages: statuspageid - creationTimestamp: null - labels: - activestandby.lagoon.sh/migrate: "false" - app.kubernetes.io/instance: example.com - app.kubernetes.io/managed-by: build-deploy-tool - app.kubernetes.io/name: custom-ingress - lagoon.sh/autogenerated: "false" - lagoon.sh/buildType: branch - lagoon.sh/environment: main - lagoon.sh/environmentType: production - lagoon.sh/primaryIngress: "true" - lagoon.sh/project: example-project - lagoon.sh/service: example.com - lagoon.sh/service-type: custom-ingress - lagoon.sh/template: custom-ingress-0.1.0 - name: example.com -spec: - rules: - - host: example.com - http: - paths: - - backend: - service: - name: node - port: - name: http - path: / - pathType: Prefix - tls: - - hosts: - - example.com - secretName: example.com-tls -status: - loadBalancer: {} diff --git a/internal/testdata/node/ingress-templates/ingress-16/example.com.yaml b/internal/testdata/node/ingress-templates/ingress-16/example.com.yaml index 6da7a02f..aaba206b 100644 --- a/internal/testdata/node/ingress-templates/ingress-16/example.com.yaml +++ b/internal/testdata/node/ingress-templates/ingress-16/example.com.yaml @@ -3,7 +3,6 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - fastly.amazee.io/api-secret-name: fastly-api-annotationscom fastly.amazee.io/service-id: service-id fastly.amazee.io/watch: "true" idling.amazee.io/disable-request-verification: "false" diff --git a/internal/testdata/node/ingress-templates/ingress-17/example.com.yaml b/internal/testdata/node/ingress-templates/ingress-17/example.com.yaml index 4b7024e2..c9df67cb 100644 --- a/internal/testdata/node/ingress-templates/ingress-17/example.com.yaml +++ b/internal/testdata/node/ingress-templates/ingress-17/example.com.yaml @@ -3,7 +3,6 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - fastly.amazee.io/api-secret-name: fastly-api-annotationscom fastly.amazee.io/service-id: service-id fastly.amazee.io/watch: "true" idling.amazee.io/disable-request-verification: "false" diff --git a/legacy/build-deploy-docker-compose.sh b/legacy/build-deploy-docker-compose.sh index 6c5d69e5..60d88357 100755 --- a/legacy/build-deploy-docker-compose.sh +++ b/legacy/build-deploy-docker-compose.sh @@ -782,109 +782,6 @@ patchBuildStep "${buildStartTime}" "${previousStepEnd}" "${currentStepEnd}" "${N previousStepEnd=${currentStepEnd} beginBuildStep "Service Configuration Phase 2" "serviceConfigurationPhase2" -############################################## -### CUSTOM FASTLY API SECRETS .lagoon.yml -############################################## - -# if a customer is using their own fastly configuration, then they can define their api token and platform tls configuration ID in the .lagoon.yml file -# this will get created as a `kind: Secret` in kubernetes so that created ingresses will be able to use this secret to talk to the fastly api. -# -# in this example, the customer needs to add a build envvar called `FASTLY_API_TOKEN` and then populates the .lagoon.yml file with something like this -# -# fastly: -# api-secrets: -# - name: customer -# apiTokenVariableName: FASTLY_API_TOKEN -# platformTLSConfiguration: A1bcEdFgH12eD242Sds -# -# then the build process will attempt to check the lagoon variables for one called `FASTLY_API_TOKEN` and will use the value of this variable when creating the -# `kind: Secret` in kubernetes -# -# support for multiple api-secrets is possible in the instance that a customer uses 2 separate services in different accounts in the one project - -## any fastly api secrets will be prefixed with this, so that we always add this to whatever the customer provides -FASTLY_API_SECRET_PREFIX="fastly-api-" - -FASTLY_API_SECRETS_COUNTER=0 -FASTLY_API_SECRETS=() -if [ -n "$(cat .lagoon.yml | shyaml keys fastly.api-secrets.$FASTLY_API_SECRETS_COUNTER 2> /dev/null)" ]; then - while [ -n "$(cat .lagoon.yml | shyaml get-value fastly.api-secrets.$FASTLY_API_SECRETS_COUNTER 2> /dev/null)" ]; do - FASTLY_API_SECRET_NAME=$FASTLY_API_SECRET_PREFIX$(cat .lagoon.yml | shyaml get-value fastly.api-secrets.$FASTLY_API_SECRETS_COUNTER.name 2> /dev/null) - if [ -z "$FASTLY_API_SECRET_NAME" ]; then - echo -e "A fastly api secret was defined in the .lagoon.yml file, but no name could be found the .lagoon.yml\n\nPlease check if the name has been set correctly." - exit 1 - fi - FASTLY_API_TOKEN_VALUE=$(cat .lagoon.yml | shyaml get-value fastly.api-secrets.$FASTLY_API_SECRETS_COUNTER.apiTokenVariableName false) - if [[ $FASTLY_API_TOKEN_VALUE == "false" ]]; then - echo "No 'apiTokenVariableName' defined for fastly secret $FASTLY_API_SECRET_NAME"; exit 1; - fi - # if we have everything we need, we can proceed to logging in - if [ $FASTLY_API_TOKEN_VALUE != "false" ]; then - FASTLY_API_TOKEN="" - # check if we have a password defined anywhere in the api first - if [ ! -z "$LAGOON_PROJECT_VARIABLES" ]; then - FASTLY_API_TOKEN=($(echo $LAGOON_PROJECT_VARIABLES | jq -r '.[] | select(.scope == "build" and .name == "'$FASTLY_API_TOKEN_VALUE'") | "\(.value)"')) - fi - if [ ! -z "$LAGOON_ENVIRONMENT_VARIABLES" ]; then - TEMP_FASTLY_API_TOKEN=($(echo $LAGOON_ENVIRONMENT_VARIABLES | jq -r '.[] | select(.scope == "build" and .name == "'$FASTLY_API_TOKEN_VALUE'") | "\(.value)"')) - if [ ! -z "$TEMP_FASTLY_API_TOKEN" ]; then - FASTLY_API_TOKEN=$TEMP_FASTLY_API_TOKEN - fi - fi - if [ -z "$FASTLY_API_TOKEN" ]; then - echo -e "A fastly api secret was defined in the .lagoon.yml file, but no token could be found in the Lagoon API matching the variable name provided\n\nPlease check if the token has been set correctly." - exit 1 - fi - fi - FASTLY_API_PLATFORMTLS_CONFIGURATION=$(cat .lagoon.yml | shyaml get-value fastly.api-secrets.$FASTLY_API_SECRETS_COUNTER.platformTLSConfiguration "") - if [ -z "$FASTLY_API_PLATFORMTLS_CONFIGURATION" ]; then - echo -e "A fastly api secret was defined in the .lagoon.yml file, but no platform tls configuration id could be found in the .lagoon.yml\n\nPlease check if the platform tls configuration id has been set correctly." - exit 1 - fi - - # run the script to create the secrets - . /kubectl-build-deploy/scripts/exec-fastly-api-secrets.sh - - let FASTLY_API_SECRETS_COUNTER=FASTLY_API_SECRETS_COUNTER+1 - done -fi - -# FASTLY API SECRETS FROM LAGOON API VARIABLE -# Allow for defining fastly api secrets using lagoon api variables -# This accepts colon separated values like so `SECRET_NAME:FASTLY_API_TOKEN:FASTLY_PLATFORMTLS_CONFIGURATION_ID`, and multiple overrides -# separated by commas -# Example 1: examplecom:x1s8asfafasf7ssf:fa23rsdgsdgas -# ^^^ will create a kubernetes secret called `$FASTLY_API_SECRET_PREFIX-examplecom` with 2 data fields (one for api token, the other for platform tls id) -# populated with `x1s8asfafasf7ssf` and `fa23rsdgsdgas` for whichever field it should be -# and the name will get created with the prefix defined in `FASTLY_API_SECRET_PREFIX` -# Example 2: examplecom:x1s8asfafasf7ssf:fa23rsdgsdgas,example2com:fa23rsdgsdgas:x1s8asfafasf7ssf,example3com:fa23rsdgsdgas:x1s8asfafasf7ssf:example3com -if [ ! -z "$LAGOON_PROJECT_VARIABLES" ]; then - LAGOON_FASTLY_API_SECRETS=($(echo $LAGOON_PROJECT_VARIABLES | jq -r '.[] | select(.name == "LAGOON_FASTLY_API_SECRETS") | "\(.value)"')) -fi -if [ ! -z "$LAGOON_ENVIRONMENT_VARIABLES" ]; then - TEMP_LAGOON_FASTLY_API_SECRETS=($(echo $LAGOON_ENVIRONMENT_VARIABLES | jq -r '.[] | select(.name == "LAGOON_FASTLY_API_SECRETS") | "\(.value)"')) - if [ ! -z $TEMP_LAGOON_FASTLY_API_SECRETS ]; then - LAGOON_FASTLY_API_SECRETS=$TEMP_LAGOON_FASTLY_API_SECRETS - fi -fi -if [ ! -z "$LAGOON_FASTLY_API_SECRETS" ]; then - IFS=',' read -ra LAGOON_FASTLY_API_SECRETS_SPLIT <<< "$LAGOON_FASTLY_API_SECRETS" - for LAGOON_FASTLY_API_SECRETS_DATA in "${LAGOON_FASTLY_API_SECRETS_SPLIT[@]}" - do - IFS=':' read -ra LAGOON_FASTLY_API_SECRET_SPLIT <<< "$LAGOON_FASTLY_API_SECRETS_DATA" - if [ -z "${LAGOON_FASTLY_API_SECRET_SPLIT[0]}" ] || [ -z "${LAGOON_FASTLY_API_SECRET_SPLIT[1]}" ] || [ -z "${LAGOON_FASTLY_API_SECRET_SPLIT[2]}" ]; then - echo -e "An override was defined in the lagoon API with LAGOON_FASTLY_API_SECRETS but was not structured correctly, the format should be NAME:FASTLY_API_TOKEN:FASTLY_PLATFORMTLS_CONFIGURATION_ID and comma separated for multiples" - exit 1 - fi - # the fastly api secret name will be created with the prefix that is defined above - FASTLY_API_SECRET_NAME=$FASTLY_API_SECRET_PREFIX${LAGOON_FASTLY_API_SECRET_SPLIT[0]} - FASTLY_API_TOKEN=${LAGOON_FASTLY_API_SECRET_SPLIT[1]} - FASTLY_API_PLATFORMTLS_CONFIGURATION=${LAGOON_FASTLY_API_SECRET_SPLIT[2]} - # run the script to create the secrets - . /kubectl-build-deploy/scripts/exec-fastly-api-secrets.sh - done -fi - # FASTLY SERVICE ID PER INGRESS OVERRIDE FROM LAGOON API VARIABLE # Allow the fastly serviceid for specific ingress to be overridden by the lagoon API # This accepts colon separated values like so `INGRESS_DOMAIN:FASTLY_SERVICE_ID:WATCH_STATUS:SECRET_NAME(OPTIONAL)`, and multiple overrides diff --git a/legacy/helmcharts/fastly-api-secret/.helmignore b/legacy/helmcharts/fastly-api-secret/.helmignore deleted file mode 100644 index fbe01f88..00000000 --- a/legacy/helmcharts/fastly-api-secret/.helmignore +++ /dev/null @@ -1,22 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ \ No newline at end of file diff --git a/legacy/helmcharts/fastly-api-secret/Chart.yaml b/legacy/helmcharts/fastly-api-secret/Chart.yaml deleted file mode 100644 index 78f90c0a..00000000 --- a/legacy/helmcharts/fastly-api-secret/Chart.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v2 -name: fastly-api-secret -description: A Helm chart for Kubernetes creating fastly-api-secret - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 \ No newline at end of file diff --git a/legacy/helmcharts/fastly-api-secret/templates/_helpers.tpl b/legacy/helmcharts/fastly-api-secret/templates/_helpers.tpl deleted file mode 100644 index 04bbb10c..00000000 --- a/legacy/helmcharts/fastly-api-secret/templates/_helpers.tpl +++ /dev/null @@ -1,69 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "fastly-api-secret.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "fastly-api-secret.fullname" -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "fastly-api-secret.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Common labels -*/}} -{{- define "fastly-api-secret.labels" -}} -helm.sh/chart: {{ include "fastly-api-secret.chart" . }} -{{ include "fastly-api-secret.selectorLabels" . }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{ include "fastly-api-secret.lagoonLabels" . }} - -{{- end -}} - -{{/* -Selector labels -*/}} -{{- define "fastly-api-secret.selectorLabels" -}} -app.kubernetes.io/name: {{ include "fastly-api-secret.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} - -{{/* -Lagoon Labels -*/}} -{{- define "fastly-api-secret.lagoonLabels" -}} -lagoon.sh/service: {{ .Release.Name }} -lagoon.sh/service-type: {{ .Chart.Name }} -lagoon.sh/project: {{ .Values.project }} -lagoon.sh/environment: {{ .Values.environment }} -lagoon.sh/environmentType: {{ .Values.environmentType }} -lagoon.sh/buildType: {{ .Values.buildType }} -{{- end -}} - -{{/* -Annotations -*/}} -{{- define "fastly-api-secret.annotations" -}} -lagoon.sh/version: {{ .Values.lagoonVersion | quote }} -{{- if .Values.branch }} -lagoon.sh/branch: {{ .Values.branch | quote }} -{{- end }} -{{- if .Values.prNumber }} -lagoon.sh/prNumber: {{ .Values.prNumber | quote }} -lagoon.sh/prHeadBranch: {{ .Values.prHeadBranch | quote }} -lagoon.sh/prBaseBranch: {{ .Values.prBaseBranch | quote }} -{{- end }} -{{- end -}} \ No newline at end of file diff --git a/legacy/helmcharts/fastly-api-secret/templates/secret.yaml b/legacy/helmcharts/fastly-api-secret/templates/secret.yaml deleted file mode 100644 index 155623f8..00000000 --- a/legacy/helmcharts/fastly-api-secret/templates/secret.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "fastly-api-secret.fullname" . }} - labels: - {{- include "fastly-api-secret.labels" . | nindent 4 }} - annotations: - {{- include "fastly-api-secret.annotations" . | nindent 4 }} - {{- with .Values.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} -stringData: - api-token: {{ .Values.fastly.apiToken }} - platform-tls-configuration: {{ .Values.fastly.platformTLSConfiguration }} diff --git a/legacy/helmcharts/fastly-api-secret/values.yaml b/legacy/helmcharts/fastly-api-secret/values.yaml deleted file mode 100644 index 5e79ee47..00000000 --- a/legacy/helmcharts/fastly-api-secret/values.yaml +++ /dev/null @@ -1,7 +0,0 @@ -# Default values for fastly-api-secret. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -# fastly: -# apiToken: '' -# platformTLSConfiguration: '' \ No newline at end of file diff --git a/legacy/scripts/exec-fastly-api-secrets.sh b/legacy/scripts/exec-fastly-api-secrets.sh deleted file mode 100755 index 40d8e3fb..00000000 --- a/legacy/scripts/exec-fastly-api-secrets.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash - -# this script is used to create/update the fastly api secrets - -helm template ${FASTLY_API_SECRET_NAME} \ - /kubectl-build-deploy/helmcharts/fastly-api-secret \ - --set fastly.apiToken="${FASTLY_API_TOKEN}" \ - --set fastly.platformTLSConfiguration="${FASTLY_API_PLATFORMTLS_CONFIGURATION}" \ - -f /kubectl-build-deploy/values.yaml "${HELM_ARGUMENTS[@]}" > $YAML_FOLDER/00-${FASTLY_API_SECRET_NAME}.yaml - ## this api secret needs to exist before the ingress is created, so try prioritise it by putting it numerically ahead of any ingresses - -# add the name to the array because it will be used during the ingress steps to ensure that the secret will exist before annotating any -# ingresses that may want to use it -FASTLY_API_SECRETS+=(${FASTLY_API_SECRET_NAME}) \ No newline at end of file