fix: basic validations for packages (#208)

## Description Improve / Add validations for package deployments and testing. Keycloak validations are captured on this [branch](https://github.com/defenseunicorns/uds-core/tree/authservice-pepr) / this [PR](#201). ## Related Issue Fixes # [109](#109) ## Type of change - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [x] Test, docs, adr added or updated as needed - [x] [Contributor Guide Steps](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)(https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md#submitting-a-pull-request) followed
defenseunicorns · Mar 4, 2024 · 9eba3af · 9eba3af
1 parent 0a83d02
commit 9eba3af
Show file tree

Hide file tree

Showing 11 changed files with 118 additions and 13 deletions.
diff --git a/src/authservice/common/zarf.yaml b/src/authservice/common/zarf.yaml
@@ -12,3 +12,14 @@ components:
         localPath: ../chart
         version: 0.5.3
         namespace: authservice
+    actions:
+      onDeploy:
+        after:
+          - description: Validate Authservice Package
+            maxTotalSeconds: 300
+            wait:
+              cluster:
+                kind: Packages
+                name: authservice
+                namespace: authservice
+                condition: "'{.status.phase}'=Ready"
diff --git a/src/authservice/tasks.yaml b/src/authservice/tasks.yaml
@@ -1,13 +1,6 @@
 tasks:
   - name: validate
     actions:
-      - description: Validate UDS Package Authservice is reconciled
-        wait:
-          cluster:
-            kind: Package
-            name: authservice
-            namespace: authservice
-            condition: "'{.status.phase}'=Ready"
       - description: Validate authservice is up
         wait:
           cluster:

diff --git a/src/grafana/common/zarf.yaml b/src/grafana/common/zarf.yaml
@@ -21,10 +21,11 @@ components:
     actions:
       onDeploy:
         after:
-          - description: "Wait for UDS Operator sync"
+          - description: Validate Grafana Package
+            maxTotalSeconds: 300
             wait:
               cluster:
-                kind: Package
+                kind: Packages
                 name: grafana
                 namespace: grafana
                 condition: "'{.status.phase}'=Ready"
diff --git a/src/grafana/tasks.yaml b/src/grafana/tasks.yaml
@@ -8,3 +8,10 @@ tasks:
             name: "app.kubernetes.io/instance=grafana"
             namespace: grafana
             condition: Ready
+      #  todo: Fix single package validation checks in CI where Istio isn't installed
+      # - description: Validate grafana interface
+      #   wait:
+      #     network:
+      #       protocol: https
+      #       address: grafana.admin.uds.dev
+      #       code: 200
diff --git a/src/loki/common/zarf.yaml b/src/loki/common/zarf.yaml
@@ -17,3 +17,14 @@ components:
         namespace: loki
         valuesFiles:
           - ../values/values.yaml
+    actions:
+      onDeploy:
+        after:
+          - description: Validate Loki Package
+            maxTotalSeconds: 300
+            wait:
+              cluster:
+                kind: Packages
+                name: loki
+                namespace: loki
+                condition: "'{.status.phase}'=Ready"
diff --git a/src/metrics-server/common/zarf.yaml b/src/metrics-server/common/zarf.yaml
@@ -18,3 +18,14 @@ components:
         version: 3.12.0
         valuesFiles:
           - "../values/values.yaml"
+    actions:
+      onDeploy:
+        after:
+          - description: Validate Metrics-Server Package
+            maxTotalSeconds: 300
+            wait:
+              cluster:
+                kind: Packages
+                name: metrics-server
+                namespace: metrics-server
+                condition: "'{.status.phase}'=Ready"
diff --git a/src/neuvector/common/zarf.yaml b/src/neuvector/common/zarf.yaml
@@ -32,3 +32,14 @@ components:
         gitPath: charts/monitor
         valuesFiles:
           - ../values/monitor-values.yaml
+    actions:
+      onDeploy:
+        after:
+          - description: Validate Neuvector Package
+            maxTotalSeconds: 300
+            wait:
+              cluster:
+                kind: Packages
+                name: neuvector
+                namespace: neuvector
+                condition: "'{.status.phase}'=Ready"
diff --git a/src/neuvector/tasks.yaml b/src/neuvector/tasks.yaml
@@ -1,7 +1,38 @@
 tasks:
   - name: validate
     actions:
-      - description: Validate...
-        cmd: "echo Replace Me"
-        # wait:
-        #   cluster:
+      - description: Validate Neuvector Controller
+        wait:
+          cluster:
+            kind: Pod
+            name: app=neuvector-controller-pod
+            condition: Ready
+            namespace: neuvector
+      - description: Validate Neuvector Enforcer
+        wait:
+          cluster:
+            kind: Pod
+            name: app=neuvector-enforcer-pod
+            condition: Ready
+            namespace: neuvector
+      - description: Validate Neuvector Manager
+        wait:
+          cluster:
+            kind: Pod
+            name: app=neuvector-manager-pod
+            condition: Ready
+            namespace: neuvector
+      - description: Validate Neuvector Scanner
+        wait:
+          cluster:
+            kind: Pod
+            name: app=neuvector-scanner-pod
+            condition: Ready
+            namespace: neuvector
+      #  todo: Fix single package validation checks in CI where Istio isn't installed
+      # - description: Validate Neuvector Interface
+      #   wait:
+      #     network:
+      #       protocol: https
+      #       address: neuvector.admin.uds.dev
+      #       code: 200
diff --git a/src/prometheus-stack/common/zarf.yaml b/src/prometheus-stack/common/zarf.yaml
@@ -18,3 +18,14 @@ components:
         version: 56.6.2
         valuesFiles:
           - "../values/values.yaml"
+    actions:
+      onDeploy:
+        after:
+          - description: Validate Prometheus-Stack Package
+            maxTotalSeconds: 300
+            wait:
+              cluster:
+                kind: Packages
+                name: prometheus-stack
+                namespace: monitoring
+                condition: "'{.status.phase}'=Ready"
diff --git a/src/prometheus-stack/tasks.yaml b/src/prometheus-stack/tasks.yaml
@@ -22,3 +22,10 @@ tasks:
             name: app.kubernetes.io/name=kube-state-metrics
             namespace: monitoring
             condition: Ready
+      - description: Validate prometheus node exporter
+        wait:
+          cluster:
+            kind: Pod
+            name: app.kubernetes.io/name=prometheus-node-exporter
+            namespace: monitoring
+            condition: Ready
diff --git a/src/promtail/common/zarf.yaml b/src/promtail/common/zarf.yaml
@@ -19,3 +19,14 @@ components:
         gitPath: charts/promtail
         valuesFiles:
           - ../values/values.yaml
+    actions:
+      onDeploy:
+        after:
+          - description: Validate Promtail Package
+            maxTotalSeconds: 300
+            wait:
+              cluster:
+                kind: Packages
+                name: promtail
+                namespace: promtail
+                condition: "'{.status.phase}'=Ready"