diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 830c9da..f0a0ce9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,64 +3,64 @@ name: Release Charts on: push: branches: - - "*" + - "*" jobs: release: runs-on: ubuntu-latest steps: - - name: Checkout - uses: actions/checkout@v2 - with: - fetch-depth: 0 + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 - - name: Configure Git - run: | - git config user.name "$GITHUB_ACTOR" - git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + - name: Configure Git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - - name: Set lib version - run: | - LIB_VERSION=$(sed -n '/version/{s/version: //;p;}' charts/helm-apps/Chart.yaml) - sed -i 's/_FLANT_APPS_LIBRARY_VERSION_/'${LIB_VERSION}'/' charts/helm-apps/templates/_apps-version.tpl + - name: Set lib version + run: | + LIB_VERSION=$(sed -n '/version/{s/version: //;p;}' charts/helm-apps/Chart.yaml) + sed -i 's/_FLANT_APPS_LIBRARY_VERSION_/'${LIB_VERSION}'/' charts/helm-apps/templates/_apps-version.tpl - - name: Install werf CLI - with: - channel: ea - uses: werf/actions/install@v1.2 + - name: Install werf CLI + with: + channel: ea + uses: werf/actions/install@v1.2 - - name: Install Helm3 - run: | - curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash + - name: Install Helm3 + run: | + curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash - - name: Install Dyff - run: | - sudo snap install dyff + - name: Install Dyff + run: | + curl -sfLo dyff.tar.gz https://github.com/homeport/dyff/releases/download/v1.10.4/dyff_1.10.4_linux_amd64.tar.gz + tar -xzvf dyff.tar.gz + mv dyff /usr/local/bin/ + - name: Render + run: | + set -e + source $(werf ci-env github --as-file) + cd tests && werf render --dev --set "global._includes.apps-defaults.enabled=true" --env=prod - - name: Render - run: | - set -e - source $(werf ci-env github --as-file) - cd tests && werf render --dev --set "global._includes.apps-defaults.enabled=true" --env=prod + - name: Test render + run: | + set -e + source $(werf ci-env github --as-file) + cd tests + werf render --dev --set "global._includes.apps-defaults.enabled=true" --env=prod | sed '/werf.io\//d' > test_render_check.yaml + dyff between --ignore-order-changes --ignore-whitespace-changes --omit-header --set-exit-code test_render.yaml test_render_check.yaml - - name: Test render - run: | - set -e - source $(werf ci-env github --as-file) - cd tests && werf render --dev --set "global._includes.apps-defaults.enabled=true" --env=prod | sed '/werf.io\//d' > test_render_check.yaml - dyff between test_render.yaml test_render_check.yaml | tee /tmp/test_render_check - #check_tests=$(sed 1,7d /tmp/test_render_check | wc -l) - #if [ $check_tests -gt "7" ]; then exit 1; fi - - - name: Run chart-releaser - if: ${{ github.ref == 'refs/heads/main' }} - uses: helm/chart-releaser-action@v1.4.0 - with: - charts_dir: charts - config: cr.yaml - env: - CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + - name: Run chart-releaser + if: ${{ github.ref == 'refs/heads/main' }} + uses: helm/chart-releaser-action@v1.7.0 + with: + charts_dir: charts + config: cr.yaml + env: + CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" # - name: Publish to CR # env: diff --git a/charts/helm-apps/Chart.yaml b/charts/helm-apps/Chart.yaml index a2d9cb6..ca11124 100644 --- a/charts/helm-apps/Chart.yaml +++ b/charts/helm-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: helm-apps description: A Helm applications library type: library -version: 1.2.14 +version: 1.3.0 maintainers: - name: alvnukov url: https://github.com/alvnukov diff --git a/charts/helm-apps/templates/_apps-certificates.tpl b/charts/helm-apps/templates/_apps-certificates.tpl index b900bf1..614456e 100644 --- a/charts/helm-apps/templates/_apps-certificates.tpl +++ b/charts/helm-apps/templates/_apps-certificates.tpl @@ -10,6 +10,6 @@ {{- define "apps-certificates.render" }} {{- $ := . }} {{- with $.CurrentApp }} -{{ include "apps-components.cerificate" (list $ .) }} +{{ include "apps-components.certificate" (list $ .) }} {{- end }} {{- end }} diff --git a/charts/helm-apps/templates/_apps-components.tpl b/charts/helm-apps/templates/_apps-components.tpl index 55efa93..4a660ca 100644 --- a/charts/helm-apps/templates/_apps-components.tpl +++ b/charts/helm-apps/templates/_apps-components.tpl @@ -28,7 +28,7 @@ spec: {{- include "apps-utils.leaveScope" $ }} {{- end }} -{{- define "apps-components.cerificate" }} +{{- define "apps-components.certificate" }} {{- $ := index . 0 }} {{- $RelatedScope := index . 1 }} {{- with $RelatedScope }} @@ -125,6 +125,11 @@ spec: {{- $_ = set $specs "Numbers" (list "healthCheckNodePort") }} {{- $_ = set $specs "Maps" (list "sessionAffinityConfig" "selector") }} {{- include "apps-utils.generateSpecs" (list $ $RelatedScope $specs) | nindent 2 }} + +{{- include "apps-components.endpointslice" (list $ $RelatedScope $RelatedScope.endpointSlice) }} + +{{- include "apps-components.endpoint" (list $ $RelatedScope $RelatedScope.endpoint) }} + {{- end }} @@ -316,3 +321,65 @@ data: {{ include "fl.generateSecretEnvVars" (list $ . .secretEnvVars) | trim | n {{- end }} {{- end }} {{- end }} + +{{- define "apps-components.endpointslice" }} +{{- $ := index . 0 }} +{{- $RelatedScope := index . 1 }} +{{- $endpointslice := index . 2 }} +{{- if $endpointslice }} +{{- if include "fl.isTrue" (list $ . $endpointslice.enabled) }} +{{- if not (hasKey $endpointslice "serviceName") }} +{{- $_ := set $endpointslice "serviceName" $.CurrentApp.name }} +{{- end }} +{{- if not (contains ($endpointslice.labels | toString) "kubernetes.io/service-name") }} +{{- $_ := set $endpointslice "labels" ( printf "%s\nkubernetes.io/service-name: %s" ($endpointslice.labels | default "") $endpointslice.serviceName ) }} +{{- end }} +{{- include "apps-utils.enterScope" (list $ "endpointslice") }} +--- +{{- include "apps-components._endpointslice" (list $ $endpointslice) }} +{{- include "apps-utils.leaveScope" $ }} +{{- end }} +{{- end }} +{{- end }} + +{{- define "apps-components._endpointslice" }} +{{- $ := index . 0 }} +{{- $RelatedScope := index . 1 }} +--- +apiVersion: discovery.k8s.io/v1 +kind: EndpointSlice +{{- include "apps-helpers.metadataGenerator" (list $ $RelatedScope) }} +{{- $specs := dict }} +{{- $_ := set $specs "Required" (list "ports" "endpoints" "addressType" "serviceName") }} +{{- $_ := set $specs "Lists" (list "ports" "endpoints") }} +{{- $_ := set $specs "Strings" (list "addressType") }} +{{- include "apps-utils.generateSpecs" (list $ $RelatedScope $specs) }} +{{- end }} + +{{- define "apps-components.endpoint" }} +{{- $ := index . 0 }} +{{- $RelatedScope := index . 1 }} +{{- $endpoint := index . 2 }} +{{- if $endpoint }} +{{- if include "fl.isTrue" (list $ . $endpoint.enabled) }} +{{- include "apps-utils.enterScope" (list $ "endpoint") }} +--- +{{- include "apps-components._endpoint" (list $ $endpoint) }} +{{- include "apps-utils.leaveScope" $ }} +{{- end }} +{{- end }} +{{- end }} + +{{- define "apps-components._endpoint" }} +{{- $ := index . 0 }} +{{- $RelatedScope := index . 1 }} +--- +apiVersion: v1 +kind: Endpoints +{{- include "apps-helpers.metadataGenerator" (list $ $RelatedScope) }} +{{- $specs := dict }} +{{- $_ := set $specs "Required" (list "ports" "addresses") }} +{{- $_ := set $specs "Lists" (list "ports" "addresses") }} +subsets: + {{- include "apps-utils.generateSpecs" (list $ $RelatedScope $specs) | fromYaml | list | toYaml | nindent 2 }} +{{- end }} diff --git a/charts/helm-apps/templates/_apps-cronjobs.tpl b/charts/helm-apps/templates/_apps-cronjobs.tpl index 80e83bf..f7b1315 100644 --- a/charts/helm-apps/templates/_apps-cronjobs.tpl +++ b/charts/helm-apps/templates/_apps-cronjobs.tpl @@ -15,6 +15,7 @@ {{- if not .containers }} {{- fail (printf "Установлено значение enabled для не настроенной '%s' в %s джобы!" $.CurrentApp.name "apps-cronjobs") }} {{- end }} +{{- $serviceAccount := include "apps-system.serviceAccount" $ }} {{- if semverCompare ">=1.21-0" $.Capabilities.KubeVersion.GitVersion }} apiVersion: batch/v1 {{- else }} @@ -34,5 +35,7 @@ spec: {{- include "apps-components.verticalPodAutoscaler" (list $ . .verticalPodAutoscaler "CronJob") -}} +{{ $serviceAccount -}} + {{- end }} {{- end }} diff --git a/charts/helm-apps/templates/_apps-endpoints.tpl b/charts/helm-apps/templates/_apps-endpoints.tpl new file mode 100644 index 0000000..b9b179d --- /dev/null +++ b/charts/helm-apps/templates/_apps-endpoints.tpl @@ -0,0 +1,15 @@ +{{- define "apps-endpoints" }} + {{- $ := index . 0 }} + {{- $RelatedScope := index . 1 }} + {{- if not (kindIs "invalid" $RelatedScope) }} + {{- $_ := set $RelatedScope "__GroupVars__" (dict "type" "apps-endpoints" "name" "apps-endpoints") }} + {{- include "apps-utils.renderApps" (list $ $RelatedScope) }} +{{- end -}} +{{- end -}} + +{{- define "apps-endpoints.render" }} +{{- $ := . }} +{{- with $.CurrentApp }} +{{- include "apps-components._endpoint" (list $ .) }} +{{- end }} +{{- end }} diff --git a/charts/helm-apps/templates/_apps-endpointslices.tpl b/charts/helm-apps/templates/_apps-endpointslices.tpl new file mode 100644 index 0000000..913ba85 --- /dev/null +++ b/charts/helm-apps/templates/_apps-endpointslices.tpl @@ -0,0 +1,15 @@ +{{- define "apps-endpointslices" }} + {{- $ := index . 0 }} + {{- $RelatedScope := index . 1 }} + {{- if not (kindIs "invalid" $RelatedScope) }} + {{- $_ := set $RelatedScope "__GroupVars__" (dict "type" "apps-endpointslices" "name" "apps-endpointslices") }} + {{- include "apps-utils.renderApps" (list $ $RelatedScope) }} +{{- end -}} +{{- end -}} + +{{- define "apps-endpointslices.render" }} +{{- $ := . }} +{{- with $.CurrentApp }} +{{- include "apps-components._endpointslice" (list $ .) }} +{{- end }} +{{- end }} diff --git a/charts/helm-apps/templates/_apps-ingresses.tpl b/charts/helm-apps/templates/_apps-ingresses.tpl index 415b522..60e96dd 100644 --- a/charts/helm-apps/templates/_apps-ingresses.tpl +++ b/charts/helm-apps/templates/_apps-ingresses.tpl @@ -52,7 +52,7 @@ spec: --- {{- include "apps-utils.enterScope" (list $ "tls") }} {{- include "apps-utils.printPath" $ }} -{{- include "apps-components.cerificate" (list $ .) }} +{{- include "apps-components.certificate" (list $ .) }} {{- include "apps-utils.leaveScope" $ }} {{- end -}} diff --git a/charts/helm-apps/templates/_apps-jobs.tpl b/charts/helm-apps/templates/_apps-jobs.tpl index 45843bf..4b2978c 100644 --- a/charts/helm-apps/templates/_apps-jobs.tpl +++ b/charts/helm-apps/templates/_apps-jobs.tpl @@ -16,6 +16,7 @@ {{- if not .containers }} {{- fail (printf "Установлено значение enabled для не настроенной '%s' в %s джобы!" $.CurrentApp.name "apps-jobs") }} {{- end }} +{{- $serviceAccount := include "apps-system.serviceAccount" $ }} apiVersion: batch/v1 kind: Job {{- include "apps-helpers.metadataGenerator" (list $ .) -}} @@ -26,5 +27,7 @@ kind: Job {{- include "apps-components.verticalPodAutoscaler" (list $ . .verticalPodAutoscaler "Job") -}} +{{ $serviceAccount -}} + {{- end }} {{- end }} \ No newline at end of file diff --git a/charts/helm-apps/templates/_apps-system.tpl b/charts/helm-apps/templates/_apps-system.tpl index 181bb55..f627b31 100644 --- a/charts/helm-apps/templates/_apps-system.tpl +++ b/charts/helm-apps/templates/_apps-system.tpl @@ -12,6 +12,7 @@ apiVersion: v1 kind: ServiceAccount {{- include "apps-helpers.metadataGenerator" (list $ .) }} + {{- if hasKey . "clusterRole" }} {{- include "apps-utils.enterScope" (list $ "clusterRole") }} {{- $roleName := include "apps-utils.requiredValue" (list $ .clusterRole "name") }} @@ -35,6 +36,30 @@ subjects: namespace: {{ $.Values.werf.namespace }} {{- include "apps-utils.leaveScope" $ }} {{- end }} + +{{- if hasKey . "role" }} +{{- include "apps-utils.enterScope" (list $ "role") }} +{{- $roleName := include "apps-utils.requiredValue" (list $ .role "name") }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +{{- include "apps-helpers.metadataGenerator" (list $ .role) }} +rules: +{{- include "apps-utils.requiredValue" (list $ .role "rules") | nindent 2 }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +{{- include "apps-helpers.metadataGenerator" (list $ .role) }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ $roleName }} +subjects: +- kind: ServiceAccount + name: {{ $serviceAccountName }} + namespace: {{ $.Values.werf.namespace }} +{{- include "apps-utils.leaveScope" $ }} +{{- end }} {{- include "apps-utils.leaveScope" $ }} {{- end }} {{- end }} diff --git a/charts/helm-apps/templates/_apps-utils.tpl b/charts/helm-apps/templates/_apps-utils.tpl index e52efc7..945b815 100644 --- a/charts/helm-apps/templates/_apps-utils.tpl +++ b/charts/helm-apps/templates/_apps-utils.tpl @@ -223,6 +223,8 @@ "pvcs" "certificates" "services" +"endpointslices" +"endpoints" }} {{- range $app := $Library }} {{- include (printf "apps-%s" $app) (list $ (index $.Values (printf "apps-%s" $app))) }} diff --git a/tests/test_render.yaml b/tests/test_render.yaml index a89bb76..1c78bab 100644 --- a/tests/test_render.yaml +++ b/tests/test_render.yaml @@ -1338,7 +1338,7 @@ kind: Deployment metadata: name: "app-1" annotations: - checksum/config: "26b1f9d89bb284630ce4bef3168b25692e1f4a52fd58fdea6ffa45f4e56a17f2" + checksum/config: "14aeb92c2c444a2623279fd0cf52ac8522bf5485f312a111a64b1a112a5beaad" helm-apps/version: "TEST" testAnnotation: "testVal" labels: @@ -1356,7 +1356,7 @@ spec: metadata: name: "app-1" annotations: - checksum/config: "26b1f9d89bb284630ce4bef3168b25692e1f4a52fd58fdea6ffa45f4e56a17f2" + checksum/config: "14aeb92c2c444a2623279fd0cf52ac8522bf5485f312a111a64b1a112a5beaad" testAnnotation: "testVal" labels: app: "app-1" @@ -1746,7 +1746,7 @@ kind: StatefulSet metadata: name: "app-1" annotations: - checksum/config: "26b1f9d89bb284630ce4bef3168b25692e1f4a52fd58fdea6ffa45f4e56a17f2" + checksum/config: "14aeb92c2c444a2623279fd0cf52ac8522bf5485f312a111a64b1a112a5beaad" helm-apps/version: "TEST" testAnnotation: "testVal" labels: @@ -1770,7 +1770,7 @@ spec: metadata: name: "app-1" annotations: - checksum/config: "26b1f9d89bb284630ce4bef3168b25692e1f4a52fd58fdea6ffa45f4e56a17f2" + checksum/config: "14aeb92c2c444a2623279fd0cf52ac8522bf5485f312a111a64b1a112a5beaad" testAnnotation: "testVal" labels: app: "app-1" @@ -2576,7 +2576,7 @@ metadata: chart: "tests" repo: "" spec: - query: "round(sum by(<<.GroupBy>>) (phpfpm_processes_total{state=\"active\",<<.LabelMatchers>>}) / sum by(<<.GroupBy>>) (phpfpm_processes_total{<<.LabelMatchers>>}) * 100)" + query: 'round(sum by(<<.GroupBy>>) (phpfpm_processes_total{state="active",<<.LabelMatchers>>}) / sum by(<<.GroupBy>>) (phpfpm_processes_total{<<.LabelMatchers>>}) * 100)' --- # Helm Apps Library: test-hpa.hpa-app.horizontalPodAutoscaler.custom-metric-1 apiVersion: deckhouse.io/v1beta1 @@ -2590,7 +2590,7 @@ metadata: chart: "tests" repo: "" spec: - query: "sum(rate(sidekiq_jobs_enqueued_total{<<.LabelMatchers>>, queue=\"default\"}[1m])) by (<<.GroupBy>>)" + query: 'sum(rate(sidekiq_jobs_enqueued_total{<<.LabelMatchers>>, queue="default"}[1m])) by (<<.GroupBy>>)' --- # Helm Apps Library: apps-stateless.app-1.horizontalPodAutoscaler.metric-1 apiVersion: deckhouse.io/v1beta1 @@ -2604,7 +2604,7 @@ metadata: chart: "tests" repo: "" spec: - query: "sum(rate(sidekiq_jobs_enqueued_total{<<.LabelMatchers>>, queue=\"default\"}[1m])) by (<<.GroupBy>>)" + query: 'sum(rate(sidekiq_jobs_enqueued_total{<<.LabelMatchers>>, queue="default"}[1m])) by (<<.GroupBy>>)' --- # Helm Apps Library: apps-stateless-deckhouse-metrics.app-with-deckhouse-metrics.verticalPodAutoscaler apiVersion: autoscaling.k8s.io/v1