Skip to content

Commit

Permalink
Merge branch 'main' into feature/insights-handler-trivy-server
Browse files Browse the repository at this point in the history
  • Loading branch information
bomoko committed Oct 19, 2023
2 parents d45d63f + b8612db commit 279f719
Show file tree
Hide file tree
Showing 43 changed files with 241 additions and 98 deletions.
5 changes: 2 additions & 3 deletions .github/workflows/lint-test-matrix.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,11 @@ jobs:
fail-fast: false
matrix:
kindest_node_version:
- v1.21.14@sha256:8a4e9bb3f415d2bb81629ce33ef9c76ba514c14d707f9797a01e3216376ba093
- v1.22.17@sha256:f5b2e5698c6c9d6d0adc419c0deae21a425c07d81bbf3b6a6834042f25d4fba2
- v1.23.17@sha256:59c989ff8a517a93127d4a536e7014d28e235fb3529d9fba91b3951d461edfdb
- v1.24.15@sha256:7db4f8bea3e14b82d12e044e25e34bd53754b7f2b0e9d56df21774e6f66a70ab
- v1.25.11@sha256:227fa11ce74ea76a0474eeefb84cb75d8dad1b08638371ecf0e86259b35be0c8
- v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72
- v1.26.6@sha256:6e2d8b28a5b601defe327b98bd1c2d1930b49e5d8c512e1895099e4504007adb
- v1.28.0@sha256:b7a4cad12c197af3ba43202d3efe03246b3f0793f162afb40a33c923952d5b31
steps:
- name: Checkout
uses: actions/checkout@v4
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/lint-test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -87,8 +87,8 @@ jobs:
uses: helm/[email protected]
with:
version: v0.20.0
node_image: kindest/node:v1.26.6@sha256:6e2d8b28a5b601defe327b98bd1c2d1930b49e5d8c512e1895099e4504007adb
kubectl_version: v1.26.6
node_image: kindest/node:v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72
kubectl_version: v1.27.3
if: |
(steps.list-changed.outputs.changed == 'true') ||
(contains(github.event.pull_request.labels.*.name, 'needs-testing'))
Expand All @@ -107,9 +107,9 @@ jobs:
- name: Install gojq
run: |
cd /tmp
curl -sSLO https://github.com/itchyny/gojq/releases/download/v0.12.10/gojq_v0.12.10_linux_amd64.tar.gz
tar -xf ./gojq_v0.12.10_linux_amd64.tar.gz
sudo cp /tmp/gojq_v0.12.10_linux_amd64/gojq /usr/local/bin/gojq
curl -sSLO https://github.com/itchyny/gojq/releases/download/v0.12.13/gojq_v0.12.13_linux_amd64.tar.gz
tar -xf ./gojq_v0.12.13_linux_amd64.tar.gz
sudo cp /tmp/gojq_v0.12.13_linux_amd64/gojq /usr/local/bin/gojq
- name: Run artifacthub.io changelog check
run: |
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/test-suite.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -75,9 +75,9 @@ jobs:
(contains(github.event.pull_request.labels.*.name, 'needs-testing'))
with:
version: v0.20.0
node_image: kindest/node:v1.26.6@sha256:6e2d8b28a5b601defe327b98bd1c2d1930b49e5d8c512e1895099e4504007adb
node_image: kindest/node:v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72
kubectl_version: v1.27.3
config: test-suite.kind-config.yaml
kubectl_version: v1.26.6

- name: Check node IP matches kind configuration
if: |
Expand Down Expand Up @@ -107,15 +107,15 @@ jobs:
(contains(github.event.pull_request.labels.*.name, 'needs-testing'))
run: |
cd /tmp
curl -sSLO https://github.com/itchyny/gojq/releases/download/v0.12.12/gojq_v0.12.12_linux_amd64.tar.gz
tar -xf ./gojq_v0.12.12_linux_amd64.tar.gz
sudo cp /tmp/gojq_v0.12.12_linux_amd64/gojq /usr/local/bin/jq
curl -sSLO https://github.com/itchyny/gojq/releases/download/v0.12.13/gojq_v0.12.13_linux_amd64.tar.gz
tar -xf ./gojq_v0.12.13_linux_amd64.tar.gz
sudo cp /tmp/gojq_v0.12.13_linux_amd64/gojq /usr/local/bin/jq
- name: Install kubens and kubectl alias
run: |
cd /tmp
curl -sSLO https://github.com/ahmetb/kubectx/releases/download/v0.9.4/kubens_v0.9.4_linux_x86_64.tar.gz
tar -xf ./kubens_v0.9.4_linux_x86_64.tar.gz
curl -sSLO https://github.com/ahmetb/kubectx/releases/download/v0.9.5/kubens_v0.9.5_linux_x86_64.tar.gz
tar -xf ./kubens_v0.9.5_linux_x86_64.tar.gz
sudo cp /tmp/kubens /usr/local/bin/kubens
sudo ln -s $(which kubectl) /usr/local/bin/kc
Expand Down
8 changes: 4 additions & 4 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ install-ingress:
--set controller.config.hsts="false" \
--set controller.watchIngressWithoutClass=true \
--set controller.ingressClassResource.default=true \
--version=4.6.1 \
--version=4.7.2 \
ingress-nginx \
ingress-nginx/ingress-nginx

Expand All @@ -103,7 +103,7 @@ install-registry: install-ingress
--set clair.enabled=false \
--set notary.enabled=false \
--set trivy.enabled=false \
--version=1.12.1 \
--version=1.13.0 \
registry \
harbor/harbor

Expand Down Expand Up @@ -159,7 +159,7 @@ install-minio: install-ingress
--timeout $(TIMEOUT) \
--set auth.rootUser=lagoonFilesAccessKey,auth.rootPassword=lagoonFilesSecretKey \
--set defaultBuckets=lagoon-files \
--version=12.6.0 \
--version=12.8.7 \
minio \
bitnami/minio

Expand All @@ -178,7 +178,7 @@ install-lagoon-core: install-minio
$$([ $(OVERRIDE_BUILD_DEPLOY_DIND_IMAGE) ] && echo '--set buildDeployImage.default.image=$(OVERRIDE_BUILD_DEPLOY_DIND_IMAGE)') \
$$([ $(DISABLE_CORE_HARBOR) ] && echo '--set api.additionalEnvs.DISABLE_CORE_HARBOR=$(DISABLE_CORE_HARBOR)') \
$$([ $(OPENSEARCH_INTEGRATION_ENABLED) ] && echo '--set api.additionalEnvs.OPENSEARCH_INTEGRATION_ENABLED=$(OPENSEARCH_INTEGRATION_ENABLED)') \
--set "keycloakAPIURL=http://lagoon-keycloak.$$($(KUBECTL) get nodes -o jsonpath='{.items[0].status.addresses[0].address}').nip.io:32080/auth" \
--set "keycloakFrontEndURL=http://lagoon-keycloak.$$($(KUBECTL) get nodes -o jsonpath='{.items[0].status.addresses[0].address}').nip.io:32080" \
--set "lagoonAPIURL=http://lagoon-api.$$($(KUBECTL) get nodes -o jsonpath='{.items[0].status.addresses[0].address}').nip.io:32080/graphql" \
--set actionsHandler.image.repository=$(IMAGE_REGISTRY)/actions-handler \
--set api.image.repository=$(IMAGE_REGISTRY)/api \
Expand Down
8 changes: 4 additions & 4 deletions charts/lagoon-build-deploy/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,15 +12,15 @@ maintainers:
- name: smlx
email: [email protected]
url: https://amazee.io
kubeVersion: ">= 1.21.0-0"
kubeVersion: ">= 1.23.0-0"

type: application

version: 0.25.0
version: 0.26.0

appVersion: v0.15.0
appVersion: v0.15.2

annotations:
artifacthub.io/changes: |
- kind: changed
description: update remote-controller appVersion to v0.15.0
description: require minimum Kubernetes 1.23
3 changes: 3 additions & 0 deletions charts/lagoon-build-deploy/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,9 @@ spec:
{{- with .Values.lagoonFeatureFlagBackupWeeklyRandom }}
- "--lagoon-feature-flag-backup-weekly-random={{ . }}"
{{- end }}
{{- with .Values.lagoonFeatureFlagSupportK8upV2 }}
- "--lagoon-feature-flag-support-k8upv2={{ . }}"
{{- end }}
{{- with .Values.lagoonBackupDefaultSchedule }}
- "--backup-default-schedule={{ . }}"
{{- end }}
Expand Down
1 change: 1 addition & 0 deletions charts/lagoon-build-deploy/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ namespacePrefix: ""
# lagoonFeatureFlagDefaultInsights: disabled
# lagoonFeatureFlagForceRWX2RWO: disabled
# lagoonFeatureFlagDefaultRWX2RWO: disabled
# lagoonFeatureFlagSupportK8upV2: false

# It is also possible to define feature flags using `extraEnvs` by defining them like so
# this method is useful for enabling features on the fly, ones that might not have built in support
Expand Down
14 changes: 5 additions & 9 deletions charts/lagoon-core/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ maintainers:
- name: shreddedbacon
email: [email protected]
url: https://amazee.io
kubeVersion: ">= 1.21.0-0"
kubeVersion: ">= 1.23.0-0"

# Application charts are a collection of templates that can be packaged into
# versioned archives to be deployed.
Expand All @@ -21,13 +21,13 @@ type: application
# time you make changes to the chart and its templates, including the app
# version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 1.36.0
version: 1.38.0

# This is the version number of the application being deployed. This version
# number should be incremented each time you make changes to the application.
# Versions are not expected to follow Semantic Versioning. They should reflect
# the version the application is using.
appVersion: v2.15.4
appVersion: v2.16.0

dependencies:
- name: nats
Expand All @@ -41,10 +41,6 @@ dependencies:
annotations:
artifacthub.io/changes: |
- kind: changed
description: add additional metrics to broker
description: require minimum Kubernetes 1.23
- kind: changed
description: update lagoon-ssh-token and lagoon-ssh-portal-api to v0.30.1
- kind: changed
description: update NATS chart dependency to v0.19.17
- kind: changed
description: update Lagoon appVersion to v2.15.4
description: removed autoscaling api version helper
2 changes: 1 addition & 1 deletion charts/lagoon-core/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ kind create cluster
helm upgrade --install --create-namespace --namespace lagoon-core \
--values ./charts/lagoon-core/ci/linter-values.yaml \
--set lagoonAPIURL=http://localhost:7070/graphql \
--set keycloakAPIURL=http://localhost:8080/auth \
--set keycloakFrontEndURL=http://localhost:8080 \
lagoon-core \
./charts/lagoon-core

Expand Down
22 changes: 20 additions & 2 deletions charts/lagoon-core/ci/linter-values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,10 @@ lagoonWebhookURL: http://webhook:11213
defaultIngressClassName: nginx

# used in ui
lagoonAPIURL: https://api.example.com/graphql
keycloakAPIURL: https://keycloak.example.com/auth
# lagoonAPIURL: https://api.example.com/graphql
# keycloakFrontEndURL: https://keycloak.example.com

keycloakAdminEmail: [email protected]

api:
replicaCount: 1
Expand Down Expand Up @@ -53,6 +55,22 @@ actionsHandler:
repository: uselagoon/actions-handler

keycloak:
keycloakFrontEndURL: https://keycloak.example.com
realmSettings:
enabled: true
options:
resetPasswordAllowed: true
rememberMe: true
email:
enabled: true
settings:
host: mailhog
port: '1025'
fromDisplayName: Lagoon
from: [email protected]
replyToDisplayName: Lagoon No-Reply
replyTo: [email protected]
envelopeFrom: [email protected]
image:
repository: uselagoon/keycloak
resources:
Expand Down
11 changes: 0 additions & 11 deletions charts/lagoon-core/templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -708,14 +708,3 @@ app.kubernetes.io/name: {{ include "lagoon-core.name" . }}
app.kubernetes.io/component: {{ include "lagoon-core.sshToken.fullname" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

{{/*
Get HorizontalPodAutoscaler API Version - can be removed once Kubernetes 1.23 is the minimum
*/}}
{{- define "lagoon-core.hpa.apiVersion" -}}
{{- if (.Capabilities.APIVersions.Has "autoscaling/v2") -}}
autoscaling/v2
{{- else -}}
autoscaling/v2beta2
{{- end -}}
{{- end -}}
2 changes: 1 addition & 1 deletion charts/lagoon-core/templates/actions-handler.hpa.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if and .Values.actionsHandler.enabled .Values.actionsHandler.autoscaling.enabled -}}
apiVersion: {{ include "lagoon-core.hpa.apiVersion" . }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "lagoon-core.actionsHandler.fullname" . }}
Expand Down
15 changes: 15 additions & 0 deletions charts/lagoon-core/templates/api-redis.deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,13 +36,22 @@ spec:
secretKeyRef:
name: {{ include "lagoon-core.api.fullname" . }}
key: REDIS_PASSWORD
{{- if .Values.apiRedis.persistence.enabled }}
- name: FLAVOR
value: persistent
{{- end }}
{{- range $key, $val := .Values.apiRedis.additionalEnvs }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
ports:
- name: redis
containerPort: 6379
{{- if .Values.apiRedis.persistence.enabled }}
volumeMounts:
- name: {{ include "lagoon-core.apiRedis.fullname" . }}-data
mountPath: /data
{{- end }}
livenessProbe:
tcpSocket:
port: redis
Expand All @@ -51,6 +60,12 @@ spec:
port: redis
resources:
{{- toYaml .Values.apiRedis.resources | nindent 10 }}
{{- if .Values.apiRedis.persistence.enabled }}
volumes:
- name: {{ include "lagoon-core.apiRedis.fullname" . }}-data
persistentVolumeClaim:
claimName: {{ include "lagoon-core.apiRedis.fullname" . }}-data
{{- end }}
{{- with .Values.apiRedis.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
Expand Down
17 changes: 17 additions & 0 deletions charts/lagoon-core/templates/api-redis.pvc.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{{- if .Values.apiRedis.persistence.enabled -}}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "lagoon-core.apiRedis.fullname" . }}-data
labels:
{{- include "lagoon-core.apiRedis.labels" . | nindent 4 }}
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.apiRedis.persistence.size | quote }}
{{- with .Values.apiRedis.persistence.storageClass }}
storageClassName: {{ . | quote }}
{{- end }}
{{- end }}
6 changes: 6 additions & 0 deletions charts/lagoon-core/templates/api.deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,13 @@ spec:
name: {{ include "lagoon-core.keycloak.fullname" . }}
key: KEYCLOAK_API_CLIENT_SECRET
- name: KEYCLOAK_URL
{{- if .Values.keycloakFrontEndURL }}
value: {{ .Values.keycloakFrontEndURL }}
{{- else if .Values.keycloak.ingress.enabled }}
value: https://{{ index .Values.keycloak.ingress.hosts 0 "host" }}
{{- else }}
value: http://{{ include "lagoon-core.keycloak.fullname" . }}:{{ .Values.keycloak.service.port }}
{{- end }}
- name: KIBANA_URL
value: {{ required "A valid .Values.kibanaURL required!" .Values.kibanaURL | quote }}
- name: LAGOON_VERSION
Expand Down
2 changes: 1 addition & 1 deletion charts/lagoon-core/templates/api.hpa.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if .Values.api.autoscaling.enabled -}}
apiVersion: {{ include "lagoon-core.hpa.apiVersion" . }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "lagoon-core.api.fullname" . }}
Expand Down
2 changes: 1 addition & 1 deletion charts/lagoon-core/templates/auth-server.hpa.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if and .Values.ssh.enabled .Values.authServer.autoscaling.enabled -}}
apiVersion: {{ include "lagoon-core.hpa.apiVersion" . }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "lagoon-core.authServer.fullname" . }}
Expand Down
2 changes: 1 addition & 1 deletion charts/lagoon-core/templates/backup-handler.hpa.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if and .Values.backupHandler.enabled .Values.backupHandler.autoscaling.enabled -}}
apiVersion: {{ include "lagoon-core.hpa.apiVersion" . }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "lagoon-core.backupHandler.fullname" . }}
Expand Down
2 changes: 1 addition & 1 deletion charts/lagoon-core/templates/broker.hpa.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if .Values.broker.autoscaling.enabled -}}
apiVersion: {{ include "lagoon-core.hpa.apiVersion" . }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "lagoon-core.broker.fullname" . }}
Expand Down
2 changes: 1 addition & 1 deletion charts/lagoon-core/templates/drush-alias.hpa.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if .Values.drushAlias.autoscaling.enabled -}}
apiVersion: {{ include "lagoon-core.hpa.apiVersion" . }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "lagoon-core.drushAlias.fullname" . }}
Expand Down
2 changes: 1 addition & 1 deletion charts/lagoon-core/templates/insights-handler.hpa.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if .Values.insightsHandler.autoscaling.enabled -}}
apiVersion: {{ include "lagoon-core.hpa.apiVersion" . }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "lagoon-core.insightsHandler.fullname" . }}
Expand Down
24 changes: 24 additions & 0 deletions charts/lagoon-core/templates/keycloak.configmap.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
{{- if .Values.keycloak.email.enabled -}}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "lagoon-core.keycloak.fullname" . }}-smtp-settings
labels:
{{- include "lagoon-core.keycloak.labels" . | nindent 4 }}
data:
keycloak-smtp-settings.json: |
{"smtpServer":{{ .Values.keycloak.email.settings | toJson }}}
{{ end -}}
{{- if .Values.keycloak.realmSettings.enabled -}}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "lagoon-core.keycloak.fullname" . }}-realm-settings
labels:
{{- include "lagoon-core.keycloak.labels" . | nindent 4 }}
data:
keycloak-realm-settings.json: |
{{ .Values.keycloak.realmSettings.options | toJson }}
{{ end -}}
Loading

0 comments on commit 279f719

Please sign in to comment.