feat: add upgrade tests and upgrade packages (#44)

## Description This PR adds upgrade testing to the uds-software-factory repo and additionally updates gitlab, gitlab-runner and mattermost packages. Furthermore, there is the upgrade of uds common tasks and and additional local upgrade test task and doc fixes/updates ## Related Issue Fixes # [40](#40) Relates to # [41](#41) ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [x] Test, docs, adr added or updated as needed - [x] [Contributor Guide Steps](https://github.com/defenseunicorns/uds-software-factory/blob/main/CONTRIBUTING.md#developer-workflow) followed
defenseunicorns · Apr 4, 2024 · 02bab65 · 02bab65
1 parent bfd10ff
commit 02bab65
Show file tree

Hide file tree

Showing 15 changed files with 370 additions and 41 deletions.
diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml
@@ -10,4 +10,4 @@ on:
 jobs:
   validate:
     name: Validate
-    uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3
+    uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@5e4414dc25302739063bb58aa96b8afef5be9851 # v0.3.10
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
@@ -20,7 +20,7 @@ jobs:
           fetch-depth: 0
 
       - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3
+        uses: defenseunicorns/uds-common/.github/actions/setup@5e4414dc25302739063bb58aa96b8afef5be9851 # v0.3.10
         with:
           username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
           password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}

diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml
@@ -40,7 +40,7 @@ jobs:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3
+        uses: defenseunicorns/uds-common/.github/actions/setup@5e4414dc25302739063bb58aa96b8afef5be9851 # v0.3.10
         with:
           username: ${{secrets.IRON_BANK_ROBOT_USERNAME}}
           password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}}
@@ -57,6 +57,6 @@ jobs:
 
       - name: Save logs
         if: always()
-        uses: defenseunicorns/uds-common/.github/actions/save-logs@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3
+        uses: defenseunicorns/uds-common/.github/actions/save-logs@5e4414dc25302739063bb58aa96b8afef5be9851 # v0.3.10
         with:
           suffix: '${{ matrix.bundle }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}'
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -39,28 +39,31 @@ jobs:
     strategy:
       matrix:
         flavor: [upstream]
-        type: [install]
+        type: [install, upgrade]
         bundle: ["k3d-demo", "dev"]
-
+        exclude:
+          - bundle: k3d-demo
+            type: upgrade
+            flavor: upstream
     steps:
       - name: Checkout repository
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3
+        uses: defenseunicorns/uds-common/.github/actions/setup@5e4414dc25302739063bb58aa96b8afef5be9851 # v0.3.10
         with:
           username: ${{secrets.IRON_BANK_ROBOT_USERNAME}}
           password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}}
 
       - name: Test
-        uses: defenseunicorns/uds-common/.github/actions/test@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3
+        uses: defenseunicorns/uds-common/.github/actions/test@5e4414dc25302739063bb58aa96b8afef5be9851 # v0.3.10
         with:
           flavor: ${{ matrix.flavor }}
           type: ${{ matrix.type }}
           options: "--set BUNDLE_PATH=bundles/${{ matrix.bundle }}"
 
       - name: Save logs
         if: always()
-        uses: defenseunicorns/uds-common/.github/actions/save-logs@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3
+        uses: defenseunicorns/uds-common/.github/actions/save-logs@5e4414dc25302739063bb58aa96b8afef5be9851 # v0.3.10
         with:
           suffix: ${{ matrix.type }}-${{ matrix.bundle }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}
diff --git a/README.md b/README.md
@@ -27,7 +27,7 @@ This repository publishes multiple bundles for dev, test and demo purposes. They
 
 This is a bundle primarily for development that is located at `bundles/dev`. It requires an existing k3d cluster to deploy.
 
-This bundle requires ~ `8 CPUs and 28GB of memory` available to run.
+This bundle requires ~ `9 CPUs and 28GB of memory` available to run.
 
 ### k3d-swf-demo
 
@@ -43,7 +43,7 @@ This is a fairly large bundle and requires `16 CPUs and 64GB of memory` availabl
 
 - [K3D](https://k3d.io/) for dev & test environments or any [CNCF Certified Kubernetes Cluster](https://www.cncf.io/training/certification/software-conformance/#logos) for production environments.
 <!-- renovate: datasource=github-tags depName=defenseunicorns/uds-cli versioning=semver -->
-- [UDS CLI](https://github.com/defenseunicorns/uds-cli?tab=readme-ov-file#install) v0.9.4 or later
+- [UDS CLI](https://github.com/defenseunicorns/uds-cli?tab=readme-ov-file#install) v0.10.2 or later
 
 #### Quickstart
 
@@ -76,7 +76,7 @@ Alternatively, you can deploy from OCI by running the following two commands:
 1. Run the below command to deploy the `k3d-core-slim-dev` bundle:
 
     ```bash
-    uds deploy k3d-core-slim-dev:0.16.1
+    uds deploy k3d-core-slim-dev:0.18.0
     ```
 
 1. Run the below command to deploy the `swf-dev` bundle on top of the dev cluster:

diff --git a/bundles/dev/uds-bundle.yaml b/bundles/dev/uds-bundle.yaml
@@ -11,6 +11,28 @@ packages:
   - name: dev-minio
     repository: ghcr.io/defenseunicorns/packages/uds/dev-minio
     ref: 0.0.1
+    overrides:
+      minio:
+        minio:
+          variables:
+            - name: MINIO
+              description: "Configure minio buckets"
+              path: buckets
+              default:
+                - name: uds-gitlab-artifacts
+                - name: uds-gitlab-backups
+                - name: uds-gitlab-ci-secure-files
+                - name: uds-gitlab-dependency-proxy
+                - name: uds-gitlab-lfs
+                - name: uds-gitlab-mr-diffs
+                - name: uds-gitlab-packages
+                - name: uds-gitlab-pages
+                - name: uds-gitlab-terraform-state
+                - name: uds-gitlab-uploads
+                - name: uds-gitlab-registry
+                - name: uds-gitlab-tmp
+                - name: uds-mattermost-dev
+
 
   # Namespaces are deployed prior to the packages to faciliate use of the postgres-operator cross namespace secret creation
   - name: dev-namespaces
@@ -27,10 +49,40 @@ packages:
             - name: POSTGRESQL
               description: "Configure postgres using CRs via the uds-postgres-config chart"
               path: postgresql
+              default:
+                enabled: true
+                teamId: "uds"
+                volume:
+                  size: "10Gi"
+                numberOfInstances: 2
+                users:
+                  gitlab.gitlab: []
+                  sonarqube.sonarqube: []
+                  mattermost.mattermost: []
+                databases:
+                  gitlabdb: gitlab.gitlab
+                  mattermost: mattermost.mattermost
+                  sonarqubedb: sonarqube.sonarqube
+                version: "13"
+                ingress:
+                  remoteGenerated: Anywhere
 
   - name: dev-redis
     repository: ghcr.io/defenseunicorns/packages/uds/dev-redis
     ref: 0.0.1
+    overrides:
+      redis:
+        redis:
+          variables:
+            - name: REDIS_RESOURCES
+              path: "master.resources"
+              default:
+                limits:
+                  cpu: 100m
+                  memory: 300Mi
+                requests:
+                  cpu: 100m
+                  memory: 300Mi
 
   - name: dev-secrets
     path: ../../
@@ -42,35 +94,88 @@ packages:
 
   - name: gitlab
     repository: ghcr.io/defenseunicorns/packages/uds/gitlab
-    ref: 16.9.1-uds.1-upstream
+    ref: 16.10.1-uds.1-upstream
     overrides:
       gitlab:
+        uds-gitlab-config:
+          variables:
+            - name: GITLAB_SSO_ENABLED
+              description: "Boolean to enable or disable sso things"
+              path: "sso"
+        uds-gitlab-sso:
+          variables:
+            - name: GITLAB_SSO_ENABLED
+              description: "Boolean to enable or disable sso things"
+              path: "sso"
         gitlab:
           variables:
+            - name: GITLAB_SSO_ENABLED
+              description: "Boolean to enable or disable sso things"
+              path: "global.appConfig.omniauth.enabled"
             - name: MIGRATIONS_RESOURCES
               description: "Gitlab Migrations Resources"
               path: "gitlab.migrations.resources"
+              default:
+                limits:
+                  cpu: 500m
+                  memory: 4G
             - name: WEBSERVICE_REPLICAS
               description: "Gitlab Webservice Min Replicas"
               path: "gitlab.webservice.minReplicas"
+              default: 1
             - name: WEBSERVICE_RESOURCES
               description: "Gitlab Webservice Resources"
               path: "gitlab.webservice.resources"
+              default:
+                limits:
+                  memory: 2.5G
+                requests:
+                  cpu: 300m
+                  memory: 2.5G
             - name: WORKHORSE_RESOURCES
               description: "Gitlab Workhorse Resources"
               path: "gitlab.webservice.workhorse.resources"
+              default:
+                limits:
+                  memory: 100M
+                requests:
+                  cpu: 10m
+                  memory: 10M
+            - name: TOOLBOX_RESOURCES
+              description: "Gitlab Toolbox Resources"
+              path: "gitlab.toolbox.resources"
+              default:
+                limits:
+                  cpu: 2000m
+                  memory: 3584M
+                requests:
+                  cpu: 500m
+                  memory: 1000M
             - name: SIDEKIQ_REPLICAS
               description: "Gitlab Sidekiq Min Replicas"
               path: "gitlab.sidekiq.minReplicas"
+              default: 1
             - name: SIDEKIQ_RESOURCES
               description: "Gitlab Sidekiq Resources"
               path: "gitlab.sidekiq.resources"
+              default:
+                limits:
+                  memory: 1.5G
+                requests:
+                  cpu: 50m
+                  memory: 625M
             - name: REGISTRY_REPLICAS
               description: "Gitlab Registry Min Replicas"
               path: "registry.hpa.minReplicas"
+              default: 1
+            - name: DISABLE_REGISTRY_REDIRECT
+              description: "Gitlab Registry Disable Redirect"
+              path: "registry.storage.redirect.disable"
+              default: "true"
             - name: SHELL_REPLICAS
               description: "Gitlab Shell Min Replicas"
               path: "gitlab.gitlab-shell.minReplicas"
+              default: 1
             - name: POSTGRES_USERNAME
               description: "Gitlab Postgres Username"
               path: "global.psql.username"
@@ -79,10 +184,22 @@ packages:
               description: "Gitlab Postgres Password Secret Ref"
               path: "global.psql.password.secret"
               default: "gitlab.gitlab.pg-cluster.credentials.postgresql.acid.zalan.do"
+            - name: POSTGRES_ENDPOINT
+              description: "Gitlab Postgres endpoint"
+              path: "global.psql.host"
+              default: "pg-cluster.postgres.svc.cluster.local"
+            - name: REDIS_ENDPOINT
+              description: "Gitlab Redis endpoint"
+              path: "global.redis.host"
+              default: "redis-master.dev-redis.svc.cluster.local"
+            - name: REDIS_SCHEME
+              description: "Gitlab Redis SCHEME"
+              path: "global.redis.scheme"
+              default: "redis"
 
   - name: gitlab-runner
     repository: ghcr.io/defenseunicorns/packages/uds/gitlab-runner
-    ref: 16.8.0-uds.1-upstream
+    ref: 16.10.0-uds.0-upstream
 
   - name: sonarqube
     repository: ghcr.io/defenseunicorns/packages/uds/sonarqube
@@ -99,11 +216,18 @@ packages:
               description: "Sonarqube Postgres Password Secret Ref"
               path: "jdbcOverwrite.jdbcSecretName"
               default: "sonarqube.sonarqube.pg-cluster.credentials.postgresql.acid.zalan.do"
-
+            - name: SONARQUBE_POSTGRES_CONNECTION_STRING
+              description: "Sonarqube Postgres DB Endpoint"
+              path: "jdbcOverwrite.jdbcUrl"
+              default: "jdbc:postgresql://pg-cluster.postgres.svc.cluster.local:5432/sonarqubedb"
+            - name: SONARQUBE_POSTGRES_ENDPOINT
+              description: "Sonarqube Postgres DB Endpoint"
+              path: "postgresql.postgresqlServer"
+              default: "pg-cluster.postgres.svc.cluster.local"
 
   - name: mattermost
     repository: ghcr.io/defenseunicorns/packages/uds/mattermost
-    ref: 9.4.1-uds.2-upstream
+    ref: 9.6.1-uds.0-upstream
     imports:
       - name: ACCESS_KEY
         package: dev-secrets
@@ -133,3 +257,12 @@ packages:
             - name: MATTERMOST_OBJECT_STORAGE_BUCKET
               path: "objectStorage.bucket"
               default: "uds-mattermost-dev"
+            - name: MATTERMOST_RESOURCES
+              path: "resources"
+              default:
+                limits:
+                  cpu: 100m
+                  memory: 300Mi
+                requests:
+                  cpu: 100m
+                  memory: 300Mi
diff --git a/bundles/dev/uds-config.yaml b/bundles/dev/uds-config.yaml
@@ -35,11 +35,19 @@ variables:
   sonarqube:
     sonarqube_db_endpoint: "pg-cluster.postgres.svc.cluster.local"
   gitlab:
+    GITLAB_SSO_ENABLED: false
     gitlab_redis_endpoint: "redis-master.dev-redis.svc.cluster.local"
     gitlab_db_endpoint: "pg-cluster.postgres.svc.cluster.local"
     DISABLE_REGISTRY_REDIRECT: "true"
     # # Overrides for scaled down cluster for local dev and CI
     webservice_replicas: 1
+    toolbox_resources:
+      limits:
+        cpu: 2000m
+        memory: 3584M
+      requests:
+        cpu: 500m
+        memory: 1000M
     webservice_resources:
       limits:
         memory: 2.5G