From 02bab6547e3de814097e6b13f066e108bf7d9d8f Mon Sep 17 00:00:00 2001 From: zamaz <71521611+zachariahmiller@users.noreply.github.com> Date: Thu, 4 Apr 2024 14:23:09 -0400 Subject: [PATCH] feat: add upgrade tests and upgrade packages (#44) ## Description This PR adds upgrade testing to the uds-software-factory repo and additionally updates gitlab, gitlab-runner and mattermost packages. Furthermore, there is the upgrade of uds common tasks and and additional local upgrade test task and doc fixes/updates ## Related Issue Fixes # [40](https://github.com/defenseunicorns/uds-software-factory/issues/40) Relates to # [41](https://github.com/defenseunicorns/uds-software-factory/issues/41) ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [x] Test, docs, adr added or updated as needed - [x] [Contributor Guide Steps](https://github.com/defenseunicorns/uds-software-factory/blob/main/CONTRIBUTING.md#developer-workflow) followed --- .github/workflows/commitlint.yaml | 2 +- .github/workflows/lint.yaml | 2 +- .github/workflows/tag-and-release.yaml | 4 +- .github/workflows/test.yaml | 13 ++- README.md | 6 +- bundles/dev/uds-bundle.yaml | 141 ++++++++++++++++++++++++- bundles/dev/uds-config.yaml | 8 ++ bundles/k3d-demo/uds-bundle.yaml | 121 ++++++++++++++++++++- bundles/k3d-demo/uds-config.yaml | 8 ++ docs/development.md | 26 ++++- src/dev-secrets/zarf.yaml | 8 +- tasks.yaml | 57 ++++++++-- tasks/dependencies.yaml | 4 +- tasks/publish.yaml | 4 +- tasks/test.yaml | 7 +- 15 files changed, 370 insertions(+), 41 deletions(-) diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml index 2e1dc28..6764508 100644 --- a/.github/workflows/commitlint.yaml +++ b/.github/workflows/commitlint.yaml @@ -10,4 +10,4 @@ on: jobs: validate: name: Validate - uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@5e4414dc25302739063bb58aa96b8afef5be9851 # v0.3.10 diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index c563852..66c5919 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -20,7 +20,7 @@ jobs: fetch-depth: 0 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + uses: defenseunicorns/uds-common/.github/actions/setup@5e4414dc25302739063bb58aa96b8afef5be9851 # v0.3.10 with: username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml index 4c7b780..1e3b283 100644 --- a/.github/workflows/tag-and-release.yaml +++ b/.github/workflows/tag-and-release.yaml @@ -40,7 +40,7 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + uses: defenseunicorns/uds-common/.github/actions/setup@5e4414dc25302739063bb58aa96b8afef5be9851 # v0.3.10 with: username: ${{secrets.IRON_BANK_ROBOT_USERNAME}} password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}} @@ -57,6 +57,6 @@ jobs: - name: Save logs if: always() - uses: defenseunicorns/uds-common/.github/actions/save-logs@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + uses: defenseunicorns/uds-common/.github/actions/save-logs@5e4414dc25302739063bb58aa96b8afef5be9851 # v0.3.10 with: suffix: '${{ matrix.bundle }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}' diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 9cccb89..6b22721 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -39,21 +39,24 @@ jobs: strategy: matrix: flavor: [upstream] - type: [install] + type: [install, upgrade] bundle: ["k3d-demo", "dev"] - + exclude: + - bundle: k3d-demo + type: upgrade + flavor: upstream steps: - name: Checkout repository uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + uses: defenseunicorns/uds-common/.github/actions/setup@5e4414dc25302739063bb58aa96b8afef5be9851 # v0.3.10 with: username: ${{secrets.IRON_BANK_ROBOT_USERNAME}} password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}} - name: Test - uses: defenseunicorns/uds-common/.github/actions/test@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + uses: defenseunicorns/uds-common/.github/actions/test@5e4414dc25302739063bb58aa96b8afef5be9851 # v0.3.10 with: flavor: ${{ matrix.flavor }} type: ${{ matrix.type }} @@ -61,6 +64,6 @@ jobs: - name: Save logs if: always() - uses: defenseunicorns/uds-common/.github/actions/save-logs@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + uses: defenseunicorns/uds-common/.github/actions/save-logs@5e4414dc25302739063bb58aa96b8afef5be9851 # v0.3.10 with: suffix: ${{ matrix.type }}-${{ matrix.bundle }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }} diff --git a/README.md b/README.md index e0f6ce4..08083d0 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ This repository publishes multiple bundles for dev, test and demo purposes. They This is a bundle primarily for development that is located at `bundles/dev`. It requires an existing k3d cluster to deploy. -This bundle requires ~ `8 CPUs and 28GB of memory` available to run. +This bundle requires ~ `9 CPUs and 28GB of memory` available to run. ### k3d-swf-demo @@ -43,7 +43,7 @@ This is a fairly large bundle and requires `16 CPUs and 64GB of memory` availabl - [K3D](https://k3d.io/) for dev & test environments or any [CNCF Certified Kubernetes Cluster](https://www.cncf.io/training/certification/software-conformance/#logos) for production environments. -- [UDS CLI](https://github.com/defenseunicorns/uds-cli?tab=readme-ov-file#install) v0.9.4 or later +- [UDS CLI](https://github.com/defenseunicorns/uds-cli?tab=readme-ov-file#install) v0.10.2 or later #### Quickstart @@ -76,7 +76,7 @@ Alternatively, you can deploy from OCI by running the following two commands: 1. Run the below command to deploy the `k3d-core-slim-dev` bundle: ```bash - uds deploy k3d-core-slim-dev:0.16.1 + uds deploy k3d-core-slim-dev:0.18.0 ``` 1. Run the below command to deploy the `swf-dev` bundle on top of the dev cluster: diff --git a/bundles/dev/uds-bundle.yaml b/bundles/dev/uds-bundle.yaml index e0ab5a4..e7535b7 100644 --- a/bundles/dev/uds-bundle.yaml +++ b/bundles/dev/uds-bundle.yaml @@ -11,6 +11,28 @@ packages: - name: dev-minio repository: ghcr.io/defenseunicorns/packages/uds/dev-minio ref: 0.0.1 + overrides: + minio: + minio: + variables: + - name: MINIO + description: "Configure minio buckets" + path: buckets + default: + - name: uds-gitlab-artifacts + - name: uds-gitlab-backups + - name: uds-gitlab-ci-secure-files + - name: uds-gitlab-dependency-proxy + - name: uds-gitlab-lfs + - name: uds-gitlab-mr-diffs + - name: uds-gitlab-packages + - name: uds-gitlab-pages + - name: uds-gitlab-terraform-state + - name: uds-gitlab-uploads + - name: uds-gitlab-registry + - name: uds-gitlab-tmp + - name: uds-mattermost-dev + # Namespaces are deployed prior to the packages to faciliate use of the postgres-operator cross namespace secret creation - name: dev-namespaces @@ -27,10 +49,40 @@ packages: - name: POSTGRESQL description: "Configure postgres using CRs via the uds-postgres-config chart" path: postgresql + default: + enabled: true + teamId: "uds" + volume: + size: "10Gi" + numberOfInstances: 2 + users: + gitlab.gitlab: [] + sonarqube.sonarqube: [] + mattermost.mattermost: [] + databases: + gitlabdb: gitlab.gitlab + mattermost: mattermost.mattermost + sonarqubedb: sonarqube.sonarqube + version: "13" + ingress: + remoteGenerated: Anywhere - name: dev-redis repository: ghcr.io/defenseunicorns/packages/uds/dev-redis ref: 0.0.1 + overrides: + redis: + redis: + variables: + - name: REDIS_RESOURCES + path: "master.resources" + default: + limits: + cpu: 100m + memory: 300Mi + requests: + cpu: 100m + memory: 300Mi - name: dev-secrets path: ../../ @@ -42,35 +94,88 @@ packages: - name: gitlab repository: ghcr.io/defenseunicorns/packages/uds/gitlab - ref: 16.9.1-uds.1-upstream + ref: 16.10.1-uds.1-upstream overrides: gitlab: + uds-gitlab-config: + variables: + - name: GITLAB_SSO_ENABLED + description: "Boolean to enable or disable sso things" + path: "sso" + uds-gitlab-sso: + variables: + - name: GITLAB_SSO_ENABLED + description: "Boolean to enable or disable sso things" + path: "sso" gitlab: variables: + - name: GITLAB_SSO_ENABLED + description: "Boolean to enable or disable sso things" + path: "global.appConfig.omniauth.enabled" - name: MIGRATIONS_RESOURCES description: "Gitlab Migrations Resources" path: "gitlab.migrations.resources" + default: + limits: + cpu: 500m + memory: 4G - name: WEBSERVICE_REPLICAS description: "Gitlab Webservice Min Replicas" path: "gitlab.webservice.minReplicas" + default: 1 - name: WEBSERVICE_RESOURCES description: "Gitlab Webservice Resources" path: "gitlab.webservice.resources" + default: + limits: + memory: 2.5G + requests: + cpu: 300m + memory: 2.5G - name: WORKHORSE_RESOURCES description: "Gitlab Workhorse Resources" path: "gitlab.webservice.workhorse.resources" + default: + limits: + memory: 100M + requests: + cpu: 10m + memory: 10M + - name: TOOLBOX_RESOURCES + description: "Gitlab Toolbox Resources" + path: "gitlab.toolbox.resources" + default: + limits: + cpu: 2000m + memory: 3584M + requests: + cpu: 500m + memory: 1000M - name: SIDEKIQ_REPLICAS description: "Gitlab Sidekiq Min Replicas" path: "gitlab.sidekiq.minReplicas" + default: 1 - name: SIDEKIQ_RESOURCES description: "Gitlab Sidekiq Resources" path: "gitlab.sidekiq.resources" + default: + limits: + memory: 1.5G + requests: + cpu: 50m + memory: 625M - name: REGISTRY_REPLICAS description: "Gitlab Registry Min Replicas" path: "registry.hpa.minReplicas" + default: 1 + - name: DISABLE_REGISTRY_REDIRECT + description: "Gitlab Registry Disable Redirect" + path: "registry.storage.redirect.disable" + default: "true" - name: SHELL_REPLICAS description: "Gitlab Shell Min Replicas" path: "gitlab.gitlab-shell.minReplicas" + default: 1 - name: POSTGRES_USERNAME description: "Gitlab Postgres Username" path: "global.psql.username" @@ -79,10 +184,22 @@ packages: description: "Gitlab Postgres Password Secret Ref" path: "global.psql.password.secret" default: "gitlab.gitlab.pg-cluster.credentials.postgresql.acid.zalan.do" + - name: POSTGRES_ENDPOINT + description: "Gitlab Postgres endpoint" + path: "global.psql.host" + default: "pg-cluster.postgres.svc.cluster.local" + - name: REDIS_ENDPOINT + description: "Gitlab Redis endpoint" + path: "global.redis.host" + default: "redis-master.dev-redis.svc.cluster.local" + - name: REDIS_SCHEME + description: "Gitlab Redis SCHEME" + path: "global.redis.scheme" + default: "redis" - name: gitlab-runner repository: ghcr.io/defenseunicorns/packages/uds/gitlab-runner - ref: 16.8.0-uds.1-upstream + ref: 16.10.0-uds.0-upstream - name: sonarqube repository: ghcr.io/defenseunicorns/packages/uds/sonarqube @@ -99,11 +216,18 @@ packages: description: "Sonarqube Postgres Password Secret Ref" path: "jdbcOverwrite.jdbcSecretName" default: "sonarqube.sonarqube.pg-cluster.credentials.postgresql.acid.zalan.do" - + - name: SONARQUBE_POSTGRES_CONNECTION_STRING + description: "Sonarqube Postgres DB Endpoint" + path: "jdbcOverwrite.jdbcUrl" + default: "jdbc:postgresql://pg-cluster.postgres.svc.cluster.local:5432/sonarqubedb" + - name: SONARQUBE_POSTGRES_ENDPOINT + description: "Sonarqube Postgres DB Endpoint" + path: "postgresql.postgresqlServer" + default: "pg-cluster.postgres.svc.cluster.local" - name: mattermost repository: ghcr.io/defenseunicorns/packages/uds/mattermost - ref: 9.4.1-uds.2-upstream + ref: 9.6.1-uds.0-upstream imports: - name: ACCESS_KEY package: dev-secrets @@ -133,3 +257,12 @@ packages: - name: MATTERMOST_OBJECT_STORAGE_BUCKET path: "objectStorage.bucket" default: "uds-mattermost-dev" + - name: MATTERMOST_RESOURCES + path: "resources" + default: + limits: + cpu: 100m + memory: 300Mi + requests: + cpu: 100m + memory: 300Mi diff --git a/bundles/dev/uds-config.yaml b/bundles/dev/uds-config.yaml index 1bc3b5a..8004abd 100644 --- a/bundles/dev/uds-config.yaml +++ b/bundles/dev/uds-config.yaml @@ -35,11 +35,19 @@ variables: sonarqube: sonarqube_db_endpoint: "pg-cluster.postgres.svc.cluster.local" gitlab: + GITLAB_SSO_ENABLED: false gitlab_redis_endpoint: "redis-master.dev-redis.svc.cluster.local" gitlab_db_endpoint: "pg-cluster.postgres.svc.cluster.local" DISABLE_REGISTRY_REDIRECT: "true" # # Overrides for scaled down cluster for local dev and CI webservice_replicas: 1 + toolbox_resources: + limits: + cpu: 2000m + memory: 3584M + requests: + cpu: 500m + memory: 1000M webservice_resources: limits: memory: 2.5G diff --git a/bundles/k3d-demo/uds-bundle.yaml b/bundles/k3d-demo/uds-bundle.yaml index 9b2ced7..6e8c369 100644 --- a/bundles/k3d-demo/uds-bundle.yaml +++ b/bundles/k3d-demo/uds-bundle.yaml @@ -17,7 +17,7 @@ packages: - name: uds-core #for now repository: oci://ghcr.io/defenseunicorns/packages/uds/core - ref: "0.16.1-upstream" + ref: "0.18.0-upstream" - name: dev-minio repository: ghcr.io/defenseunicorns/packages/uds/dev-minio @@ -38,11 +38,41 @@ packages: - name: POSTGRESQL description: "Configure postgres using CRs via the uds-postgres-config chart" path: postgresql + default: + enabled: true + teamId: "uds" + volume: + size: "10Gi" + numberOfInstances: 2 + users: + gitlab.gitlab: [] + sonarqube.sonarqube: [] + mattermost.mattermost: [] + databases: + gitlabdb: gitlab.gitlab + mattermost: mattermost.mattermost + sonarqubedb: sonarqube.sonarqube + version: "13" + ingress: + remoteGenerated: Anywhere - name: dev-redis repository: ghcr.io/defenseunicorns/packages/uds/dev-redis ref: 0.0.1 + overrides: + redis: + redis: + variables: + - name: REDIS_RESOURCES + path: "master.resources" + default: + limits: + cpu: 100m + memory: 300Mi + requests: + cpu: 100m + memory: 300Mi - name: dev-secrets path: ../../ @@ -54,35 +84,88 @@ packages: - name: gitlab repository: ghcr.io/defenseunicorns/packages/uds/gitlab - ref: 16.9.1-uds.1-upstream + ref: 16.10.1-uds.1-upstream overrides: gitlab: + uds-gitlab-config: + variables: + - name: GITLAB_SSO_ENABLED + description: "Boolean to enable or disable sso things" + path: "sso" + uds-gitlab-sso: + variables: + - name: GITLAB_SSO_ENABLED + description: "Boolean to enable or disable sso things" + path: "sso" gitlab: variables: + - name: GITLAB_SSO_ENABLED + description: "Boolean to enable or disable sso things" + path: "global.appConfig.omniauth.enabled" - name: MIGRATIONS_RESOURCES description: "Gitlab Migrations Resources" path: "gitlab.migrations.resources" + default: + limits: + cpu: 500m + memory: 4G - name: WEBSERVICE_REPLICAS description: "Gitlab Webservice Min Replicas" path: "gitlab.webservice.minReplicas" + default: 1 - name: WEBSERVICE_RESOURCES description: "Gitlab Webservice Resources" path: "gitlab.webservice.resources" + default: + limits: + memory: 2.5G + requests: + cpu: 300m + memory: 2.5G - name: WORKHORSE_RESOURCES description: "Gitlab Workhorse Resources" path: "gitlab.webservice.workhorse.resources" + default: + limits: + memory: 100M + requests: + cpu: 10m + memory: 10M + - name: TOOLBOX_RESOURCES + description: "Gitlab Toolbox Resources" + path: "gitlab.toolbox.resources" + default: + limits: + cpu: 2000m + memory: 3584M + requests: + cpu: 500m + memory: 1000M - name: SIDEKIQ_REPLICAS description: "Gitlab Sidekiq Min Replicas" path: "gitlab.sidekiq.minReplicas" + default: 1 - name: SIDEKIQ_RESOURCES description: "Gitlab Sidekiq Resources" path: "gitlab.sidekiq.resources" + default: + limits: + memory: 1.5G + requests: + cpu: 50m + memory: 625M - name: REGISTRY_REPLICAS description: "Gitlab Registry Min Replicas" path: "registry.hpa.minReplicas" + default: 1 + - name: DISABLE_REGISTRY_REDIRECT + description: "Gitlab Registry Disable Redirect" + path: "registry.storage.redirect.disable" + default: "true" - name: SHELL_REPLICAS description: "Gitlab Shell Min Replicas" path: "gitlab.gitlab-shell.minReplicas" + default: 1 - name: POSTGRES_USERNAME description: "Gitlab Postgres Username" path: "global.psql.username" @@ -91,10 +174,22 @@ packages: description: "Gitlab Postgres Password Secret Ref" path: "global.psql.password.secret" default: "gitlab.gitlab.pg-cluster.credentials.postgresql.acid.zalan.do" + - name: POSTGRES_ENDPOINT + description: "Gitlab Postgres endpoint" + path: "global.psql.host" + default: "pg-cluster.postgres.svc.cluster.local" + - name: REDIS_ENDPOINT + description: "Gitlab Redis endpoint" + path: "global.redis.host" + default: "redis-master.dev-redis.svc.cluster.local" + - name: REDIS_SCHEME + description: "Gitlab Redis SCHEME" + path: "global.redis.scheme" + default: "redis" - name: gitlab-runner repository: ghcr.io/defenseunicorns/packages/uds/gitlab-runner - ref: 16.8.0-uds.1-upstream + ref: 16.10.0-uds.0-upstream - name: sonarqube repository: ghcr.io/defenseunicorns/packages/uds/sonarqube @@ -111,11 +206,18 @@ packages: description: "Sonarqube Postgres Password Secret Ref" path: "jdbcOverwrite.jdbcSecretName" default: "sonarqube.sonarqube.pg-cluster.credentials.postgresql.acid.zalan.do" - + - name: SONARQUBE_POSTGRES_CONNECTION_STRING + description: "Sonarqube Postgres DB Endpoint" + path: "jdbcOverwrite.jdbcUrl" + default: "jdbc:postgresql://pg-cluster.postgres.svc.cluster.local:5432/sonarqubedb" + - name: SONARQUBE_POSTGRES_ENDPOINT + description: "Sonarqube Postgres DB Endpoint" + path: "postgresql.postgresqlServer" + default: "pg-cluster.postgres.svc.cluster.local" - name: mattermost repository: ghcr.io/defenseunicorns/packages/uds/mattermost - ref: 9.4.1-uds.2-upstream + ref: 9.6.1-uds.0-upstream imports: - name: ACCESS_KEY package: dev-secrets @@ -145,3 +247,12 @@ packages: - name: MATTERMOST_OBJECT_STORAGE_BUCKET path: "objectStorage.bucket" default: "uds-mattermost-dev" + - name: MATTERMOST_RESOURCES + path: "resources" + default: + limits: + cpu: 100m + memory: 300Mi + requests: + cpu: 100m + memory: 300Mi diff --git a/bundles/k3d-demo/uds-config.yaml b/bundles/k3d-demo/uds-config.yaml index 1bc3b5a..793a6aa 100644 --- a/bundles/k3d-demo/uds-config.yaml +++ b/bundles/k3d-demo/uds-config.yaml @@ -35,6 +35,7 @@ variables: sonarqube: sonarqube_db_endpoint: "pg-cluster.postgres.svc.cluster.local" gitlab: + GITLAB_SSO_ENABLED: false gitlab_redis_endpoint: "redis-master.dev-redis.svc.cluster.local" gitlab_db_endpoint: "pg-cluster.postgres.svc.cluster.local" DISABLE_REGISTRY_REDIRECT: "true" @@ -46,6 +47,13 @@ variables: requests: cpu: 300m memory: 2.5G + toolbox_resources: + limits: + cpu: 2000m + memory: 3584M + requests: + cpu: 500m + memory: 1000M migrations_resources: limits: cpu: 500m diff --git a/docs/development.md b/docs/development.md index 0ff6a26..212b510 100644 --- a/docs/development.md +++ b/docs/development.md @@ -7,5 +7,29 @@ If deploying on an Apple Silicon Mac you can use colima, an open source alternat To set up an appropriately configured colima VM you can run the following command: ```bash -colima start --cpu 8 --memory 28 --disk 50 --vm-type vz --vz-rosetta --arch aarch64 --profile uds +colima start --cpu 9 --memory 28 --disk 50 --vm-type vz --vz-rosetta --arch aarch64 --profile uds +``` + +Additionally, some settings need to be configured on the host to facilitate a successful deployment of Sonarqube: + +```bash +colima ssh --profile uds +sudo sysctl -w vm.max_map_count=1524288 +sudo sysctl -w fs.file-max=1000000 +exit +``` + +## Linux users + +Depending on your linux distrobution and how it is configured you may need to run the following steps to be able to properly deploy SWF and/or UDS Core: + +```bash +sudo sysctl -w vm.max_map_count=1524288 +sudo sysctl -w fs.file-max=1000000 +ulimit -n 1000000 +ulimit -u 8192 +sudo sysctl --load +sudo swapoff -a +sudo sysctl fs.inotify.max_user_instances=8192 +sudo sysctl -p ``` diff --git a/src/dev-secrets/zarf.yaml b/src/dev-secrets/zarf.yaml index fa4dc7b..6c07f61 100644 --- a/src/dev-secrets/zarf.yaml +++ b/src/dev-secrets/zarf.yaml @@ -11,12 +11,12 @@ components: actions: onDeploy: before: - - cmd: uds zarf tools kubectl get secret -n dev-minio minio --template='{{ index .data "rootPassword" }}' | base64 -d + - cmd: ./zarf tools kubectl get secret -n dev-minio minio --template='{{ index .data "rootPassword" }}' | base64 -d mute: true setVariables: - name: SECRET_KEY sensitive: true - - cmd: uds zarf tools kubectl get secret -n dev-minio minio --template='{{ index .data "rootUser" }}' | base64 -d + - cmd: ./zarf tools kubectl get secret -n dev-minio minio --template='{{ index .data "rootUser" }}' | base64 -d mute: true setVariables: - name: ACCESS_KEY @@ -32,7 +32,7 @@ components: actions: onDeploy: before: - - cmd: uds zarf tools kubectl get secret -n dev-redis redis --template='{{ index .data "redis-password" }}' | base64 -d + - cmd: ./zarf tools kubectl get secret -n dev-redis redis --template='{{ index .data "redis-password" }}' | base64 -d mute: true setVariables: - name: REDIS_PASSWORD @@ -49,7 +49,7 @@ components: actions: onDeploy: before: - - cmd: uds zarf tools kubectl get secret -n mattermost mattermost.mattermost.pg-cluster.credentials.postgresql.acid.zalan.do --template={{.data.password}} | base64 -d + - cmd: ./zarf tools kubectl get secret -n mattermost mattermost.mattermost.pg-cluster.credentials.postgresql.acid.zalan.do --template={{.data.password}} | base64 -d mute: true setVariables: - name: DB_PASSWORD diff --git a/tasks.yaml b/tasks.yaml index 9516c3d..611643a 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -1,19 +1,20 @@ includes: - - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/create.yaml - - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/lint.yaml - - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/pull.yaml - - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/deploy.yaml - - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/setup.yaml + - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.10/tasks/create.yaml + - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.10/tasks/lint.yaml + - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.10/tasks/pull.yaml + - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.10/tasks/deploy.yaml + - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.10/tasks/setup.yaml - dependencies: ./tasks/dependencies.yaml - test: ./tasks/test.yaml + variables: - name: BUNDLE_PATH default: bundles/dev tasks: - name: default - description: Create K3D Cluster with istio + SWF + description: Build and deploy SWF on UDS k3d-slim-dev actions: - task: create-test-bundle - task: setup:k3d-test-cluster @@ -29,10 +30,37 @@ tasks: with: path: ${BUNDLE_PATH} + - name: create-swf-latest-release-bundle + description: Create UDS bundle with dependencies based on the latest release + actions: + - task: pull:latest-bundle-release + with: + spoof_release: "true" + path: bundles/k3d-demo + + - name: test-upgrade-local + description: Test an upgrade from the latest released bundle to the current branch only using the dev bundles + actions: + - task: pull:latest-bundle-release + with: + spoof_release: "true" + path: bundles/dev + - task: setup:k3d-test-cluster + - task: deploy:test-bundle + with: + path: bundles/dev + - task: test:test-swf-bundle + - task: create-test-bundle + - task: deploy:test-bundle + with: + path: ${BUNDLE_PATH} + options: "--packages=gitlab,gitlab-runner,sonarqube,mattermost,dev-secrets" + - task: test:test-swf-bundle + # CI will execute the following (via uds-common/.github/actions/test) so they need to be here with these names - name: test-package - description: Test the GitLab package from the current branch + description: Test the SWF bundle from the current branch actions: - task: create-test-bundle - task: setup:k3d-test-cluster @@ -40,3 +68,18 @@ tasks: with: path: ${BUNDLE_PATH} - task: test:test-swf-bundle + + + - name: test-upgrade + description: Test an upgrade from the latest released bundle to the current branch + actions: + - task: create-swf-latest-release-bundle + - task: deploy:test-bundle + with: + path: bundles/k3d-demo + - task: create-test-bundle + - task: deploy:test-bundle + with: + path: ${BUNDLE_PATH} + options: "--packages=gitlab,gitlab-runner,sonarqube,mattermost,dev-secrets" + - task: test:test-swf-bundle diff --git a/tasks/dependencies.yaml b/tasks/dependencies.yaml index a64b619..4be2388 100644 --- a/tasks/dependencies.yaml +++ b/tasks/dependencies.yaml @@ -6,5 +6,5 @@ tasks: description: architecture default: ${UDS_ARCH} actions: - - cmd: uds zarf package create src/dev-secrets --confirm --no-progress --skip-sbom -a ${{ .inputs.architecture }} - - cmd: uds zarf package create src/namespaces --confirm --no-progress --skip-sbom -a ${{ .inputs.architecture }} + - cmd: ./uds zarf package create src/dev-secrets --confirm --no-progress --skip-sbom -a ${{ .inputs.architecture }} + - cmd: ./uds zarf package create src/namespaces --confirm --no-progress --skip-sbom -a ${{ .inputs.architecture }} diff --git a/tasks/publish.yaml b/tasks/publish.yaml index 878e51b..88b3cbf 100644 --- a/tasks/publish.yaml +++ b/tasks/publish.yaml @@ -1,7 +1,7 @@ includes: - dependencies: ./dependencies.yaml - - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/create.yaml - - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/publish.yaml + - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.10/tasks/create.yaml + - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.10/tasks/publish.yaml tasks: - name: test-bundle diff --git a/tasks/test.yaml b/tasks/test.yaml index 3582146..03a3132 100644 --- a/tasks/test.yaml +++ b/tasks/test.yaml @@ -1,8 +1,8 @@ includes: - - mm: https://raw.githubusercontent.com/defenseunicorns/uds-package-mattermost/v9.4.1-uds.3/tasks/test.yaml - - gl: https://raw.githubusercontent.com/defenseunicorns/uds-package-gitlab/v16.9.2-uds.0/tasks/test.yaml + - mm: https://raw.githubusercontent.com/defenseunicorns/uds-package-mattermost/v9.4.1-uds.2/tasks/test.yaml + - gl: https://raw.githubusercontent.com/defenseunicorns/uds-package-gitlab/v16.10.1-uds.0/tasks/test.yaml - sq: https://raw.githubusercontent.com/defenseunicorns/uds-package-sonarqube/v8.0.3-uds.6/tasks/test.yaml - - glr: https://raw.githubusercontent.com/defenseunicorns/uds-package-gitlab-runner/v16.9.1-uds.2/tasks/test.yaml + - glr: https://raw.githubusercontent.com/defenseunicorns/uds-package-gitlab-runner/v16.10.0-uds.0/tasks/test.yaml tasks: - name: test-swf-bundle @@ -14,4 +14,3 @@ tasks: - task: gl:ingress - task: sq:health-check - task: sq:ingress - - task: glr:glr-health-check