From 4b8476fddd81a665c645b021b414a221a63bd888 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Fri, 19 Jan 2024 13:07:22 +0300 Subject: [PATCH 01/32] push release branch From 70d4ff050c3d02b62431ada120570c9276bed09f Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Fri, 19 Jan 2024 13:38:43 +0300 Subject: [PATCH 02/32] feat(gitops-operator): add gitops-operator as subchart --- charts/gitops-runtime/Chart.yaml | 21 +- charts/gitops-runtime/README.md | 25 +- .../gitops-operator/_all_resources.yaml | 18 - .../gitops-operator/_deployment.yaml | 106 ---- .../_components/gitops-operator/_helpers.tpl | 47 -- .../_components/gitops-operator/_rbac.yaml | 63 -- .../gitops-operator/_serviceaccount.yaml | 14 - .../crds/applicationconfigurations.yaml | 135 ---- .../crds/restrictedgitsources.yaml | 593 ------------------ .../rbac/_auth_proxy_rbac.yaml | 37 -- .../rbac/_leader_election_rbac.yaml | 56 -- .../rbac/_restricted_git_source.rbac.yaml | 80 --- charts/gitops-runtime/templates/_helpers.tpl | 4 + .../templates/gitops-operator/crds.yaml | 7 - .../templates/gitops-operator/deployment.yaml | 5 - .../templates/gitops-operator/rbac.yaml | 10 - .../templates/gitops-operator/sa.yaml | 5 - charts/gitops-runtime/values.yaml | 48 +- 18 files changed, 24 insertions(+), 1250 deletions(-) delete mode 100644 charts/gitops-runtime/templates/_components/gitops-operator/_all_resources.yaml delete mode 100644 charts/gitops-runtime/templates/_components/gitops-operator/_deployment.yaml delete mode 100644 charts/gitops-runtime/templates/_components/gitops-operator/_helpers.tpl delete mode 100644 charts/gitops-runtime/templates/_components/gitops-operator/_rbac.yaml delete mode 100644 charts/gitops-runtime/templates/_components/gitops-operator/_serviceaccount.yaml delete mode 100644 charts/gitops-runtime/templates/_components/gitops-operator/crds/applicationconfigurations.yaml delete mode 100644 charts/gitops-runtime/templates/_components/gitops-operator/crds/restrictedgitsources.yaml delete mode 100644 charts/gitops-runtime/templates/_components/gitops-operator/rbac/_auth_proxy_rbac.yaml delete mode 100644 charts/gitops-runtime/templates/_components/gitops-operator/rbac/_leader_election_rbac.yaml delete mode 100644 charts/gitops-runtime/templates/_components/gitops-operator/rbac/_restricted_git_source.rbac.yaml delete mode 100644 charts/gitops-runtime/templates/gitops-operator/crds.yaml delete mode 100644 charts/gitops-runtime/templates/gitops-operator/deployment.yaml delete mode 100644 charts/gitops-runtime/templates/gitops-operator/rbac.yaml delete mode 100644 charts/gitops-runtime/templates/gitops-operator/sa.yaml diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index a979f9e0..f8a52da5 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 0.1.39 description: A Helm chart for Codefresh gitops runtime name: gitops-runtime -version: 0.4.2 +version: 0.4.3 home: https://github.com/codefresh-io/gitops-runtime-helm icon: https://avatars1.githubusercontent.com/u/11412079?v=3 keywords: @@ -15,19 +15,7 @@ annotations: artifacthub.io/alternativeName: "codefresh-gitops-runtime" artifacthub.io/changes: | - kind: changed - description: Update app version to 0.1.39 - - kind: changed - description: Update argo-cd chart to 5.51.6-5-cap-2.9-2024.1.17-0d221227f - - kind: changed - description: Update sealed-secrets chart to 2.14.1 - - kind: changed - description: Update sealed-secrets image to v0.24.5 - - kind: changed - description: Update app-proxy to 1.2608.0 - - kind: fixed - description: Fix runtime components log - - kind: fixed - description: fix critical security vulnerability + description: Add codefresh-gitops-operator as separate chart dependencies: - name: argo-cd repository: https://codefresh-io.github.io/argo-helm @@ -51,3 +39,8 @@ dependencies: version: 0.1.15 alias: tunnel-client condition: tunnel-client.enabled +- name: codefresh-gitops-operator + repository: oci://quay.io/codefresh/charts + version: 1.0.0 + alias: gitops-operator + condition: gitops-operator.enabled \ No newline at end of file diff --git a/charts/gitops-runtime/README.md b/charts/gitops-runtime/README.md index 454857f7..ceedd991 100644 --- a/charts/gitops-runtime/README.md +++ b/charts/gitops-runtime/README.md @@ -1,5 +1,5 @@ ## Codefresh gitops runtime -![Version: 0.4.2](https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square) ![AppVersion: 0.1.39](https://img.shields.io/badge/AppVersion-0.1.39-informational?style=flat-square) +![Version: 0.4.3](https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square) ![AppVersion: 0.1.39](https://img.shields.io/badge/AppVersion-0.1.39-informational?style=flat-square) ## Prerequisites @@ -27,7 +27,7 @@ We have created a helper utility to resolve this issue: The utility is packaged in a container image. Below are instructions on executing the utility using Docker: ``` -docker run -v :/output quay.io/codefresh/gitops-runtime-private-registry-utils:0.4.2 +docker run -v :/output quay.io/codefresh/gitops-runtime-private-registry-utils:0.4.3 ``` `output_dir` - is a local directory where the utility will output files.
`local_registry` - is your local registry where you want to mirror the images to @@ -223,14 +223,16 @@ sealed-secrets: | gitops-operator.crds.annotations | object | `{}` | Annotations on gitops operator CRDs | | gitops-operator.crds.install | bool | `true` | Whether or not to install CRDs | | gitops-operator.crds.keep | bool | `false` | Keep CRDs if gitops runtime release is uninstalled | +| gitops-operator.enabled | bool | `true` | | | gitops-operator.env | object | `{}` | | | gitops-operator.fullnameOverride | string | `""` | | | gitops-operator.image.pullPolicy | string | `"IfNotPresent"` | | -| gitops-operator.image.repository | string | `"quay.io/codefresh/codefresh-gitops-operator"` | | -| gitops-operator.image.tag | string | `"v0.1.0-alpha.5"` | | +| gitops-operator.image.registry | string | `"quay.io"` | | +| gitops-operator.image.repository | string | `"codefresh/codefresh-gitops-operator"` | | | gitops-operator.imagePullSecrets | list | `[]` | | | gitops-operator.kube-rbac-proxy.image.pullPolicy | string | `"IfNotPresent"` | | -| gitops-operator.kube-rbac-proxy.image.repository | string | `"gcr.io/kubebuilder/kube-rbac-proxy"` | | +| gitops-operator.kube-rbac-proxy.image.registry | string | `"gcr.io"` | | +| gitops-operator.kube-rbac-proxy.image.repository | string | `"kubebuilder/kube-rbac-proxy"` | | | gitops-operator.kube-rbac-proxy.image.tag | string | `"v0.14.1"` | | | gitops-operator.kube-rbac-proxy.resources.limits.cpu | string | `"500m"` | | | gitops-operator.kube-rbac-proxy.resources.limits.memory | string | `"128Mi"` | | @@ -238,28 +240,15 @@ sealed-secrets: | gitops-operator.kube-rbac-proxy.resources.requests.memory | string | `"64Mi"` | | | gitops-operator.kube-rbac-proxy.securityContext.allowPrivilegeEscalation | bool | `false` | | | gitops-operator.kube-rbac-proxy.securityContext.capabilities.drop[0] | string | `"ALL"` | | -| gitops-operator.livenessProbe.failureThreshold | int | `10` | | -| gitops-operator.livenessProbe.initialDelaySeconds | int | `10` | | -| gitops-operator.livenessProbe.periodSeconds | int | `10` | | -| gitops-operator.livenessProbe.successThreshold | int | `1` | | -| gitops-operator.livenessProbe.timeoutSeconds | int | `10` | | | gitops-operator.nameOverride | string | `""` | | | gitops-operator.nodeSelector | object | `{}` | | | gitops-operator.podAnnotations | object | `{}` | | | gitops-operator.podLabels | object | `{}` | | -| gitops-operator.podSecurityContext.runAsNonRoot | bool | `true` | | -| gitops-operator.readinessProbe.failureThreshold | int | `3` | | -| gitops-operator.readinessProbe.initialDelaySeconds | int | `10` | | -| gitops-operator.readinessProbe.periodSeconds | int | `10` | | -| gitops-operator.readinessProbe.successThreshold | int | `1` | | -| gitops-operator.readinessProbe.timeoutSeconds | int | `10` | | | gitops-operator.replicaCount | int | `1` | | | gitops-operator.resources.limits.cpu | string | `"500m"` | | | gitops-operator.resources.limits.memory | string | `"128Mi"` | | | gitops-operator.resources.requests.cpu | string | `"100m"` | | | gitops-operator.resources.requests.memory | string | `"64Mi"` | | -| gitops-operator.securityContext.allowPrivilegeEscalation | bool | `false` | | -| gitops-operator.securityContext.capabilities.drop[0] | string | `"ALL"` | | | gitops-operator.serviceAccount.annotations | object | `{}` | | | gitops-operator.serviceAccount.create | bool | `true` | | | gitops-operator.serviceAccount.name | string | `"gitops-operator-controller-manager"` | | diff --git a/charts/gitops-runtime/templates/_components/gitops-operator/_all_resources.yaml b/charts/gitops-runtime/templates/_components/gitops-operator/_all_resources.yaml deleted file mode 100644 index 2052f742..00000000 --- a/charts/gitops-runtime/templates/_components/gitops-operator/_all_resources.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- define "gitops-operator.resources" }} ---- - {{ include "gitops-operator.resources.deployment" . }} # ---- - {{ include "gitops-operator.resources.rbac" . }} ---- - {{ include "gitops-operator.resources.auth_proxy_rbac" . }} ---- - {{ include "gitops-operator.resources.leader_election_rbac" . }} ---- - {{ include "gitops-operator.resources.restricted_git_source_rbac" . }} ---- - {{ include "gitops-operator.resources.sa" .}} ---- - {{- include "gitops-operator.crds.application-configuration" . }} ---- - {{- include "gitops-operator.crds.restricted-gitsource" . }} # -{{- end }} diff --git a/charts/gitops-runtime/templates/_components/gitops-operator/_deployment.yaml b/charts/gitops-runtime/templates/_components/gitops-operator/_deployment.yaml deleted file mode 100644 index 0567ff03..00000000 --- a/charts/gitops-runtime/templates/_components/gitops-operator/_deployment.yaml +++ /dev/null @@ -1,106 +0,0 @@ -{{- define "gitops-operator.resources.deployment" }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "gitops-operator.fullname" . }} - labels: - {{- include "gitops-operator.labels" . | nindent 4 }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - {{- include "gitops-operator.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "gitops-operator.selectorLabels" . | nindent 8 }} - {{- with .Values.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "gitops-operator.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - containers: - - name: kube-rbac-proxy - securityContext: - {{- toYaml (index .Values "kube-rbac-proxy" "securityContext") | nindent 12 }} - image: '{{ index .Values "kube-rbac-proxy" "image" "repository" }}:{{ index .Values "kube-rbac-proxy" "image" "tag" }}' - imagePullPolicy: {{ index .Values "kube-rbac-proxy" "image" "pullPolicy" }} - ports: - - name: https - containerPort: 8443 - protocol: TCP - resources: - {{- toYaml (index .Values "kube-rbac-proxy" "resources") | nindent 12 }} - args: - - "--secure-listen-address=0.0.0.0:8443" - - "--upstream=http://127.0.0.1:8080/" - - "--logtostderr=true" - - "--v=0" - - name: manager - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - {{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" .Values.env | nindent 8 }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - command: - - /manager - args: - - "--health-probe-bind-address=:8081" - - "--metrics-bind-address=127.0.0.1:8080" - - "--leader-elect" - ports: - - name: http - containerPort: 8081 - - name: http-metrics - containerPort: 8080 - readinessProbe: - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - httpGet: - port: http - path: /readyz - livenessProbe: - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - httpGet: - port: http - path: /healthz - resources: - {{- toYaml .Values.resources | nindent 12 }} - volumeMounts: - {{- with .Values.extraVolumeMounts }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8}} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 6 }} - {{- end }} - volumes: - {{- with .Values.extraVolumes }} - {{- toYaml . | nindent 6 }} - {{- end }} -{{- end }} diff --git a/charts/gitops-runtime/templates/_components/gitops-operator/_helpers.tpl b/charts/gitops-runtime/templates/_components/gitops-operator/_helpers.tpl deleted file mode 100644 index 0b786e6d..00000000 --- a/charts/gitops-runtime/templates/_components/gitops-operator/_helpers.tpl +++ /dev/null @@ -1,47 +0,0 @@ -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "gitops-operator.fullname" -}} -{{- print "gitops-operator" }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "gitops-operator.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "gitops-operator.labels" -}} -helm.sh/chart: {{ include "gitops-operator.chart" . }} -{{ include "gitops-operator.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -app.kubernetes.io/part-of: gitops-operator -codefresh.io/internal: "true" -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "gitops-operator.selectorLabels" -}} -app: gitops-operator -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "gitops-operator.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "gitops-operator.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/gitops-runtime/templates/_components/gitops-operator/_rbac.yaml b/charts/gitops-runtime/templates/_components/gitops-operator/_rbac.yaml deleted file mode 100644 index 1b2fd27d..00000000 --- a/charts/gitops-runtime/templates/_components/gitops-operator/_rbac.yaml +++ /dev/null @@ -1,63 +0,0 @@ - -{{- define "gitops-operator.resources.rbac" }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - {{- include "gitops-operator.selectorLabels" . | nindent 4 }} - name: codefresh-gitops-operator -rules: -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - verbs: - - create - - delete - - get - - list - - update - - watch -- apiGroups: - - csdp.codefresh.io - resources: - - restrictedgitsources - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - csdp.codefresh.io - resources: - - restrictedgitsources/finalizers - verbs: - - update -- apiGroups: - - csdp.codefresh.io - resources: - - restrictedgitsources/status - verbs: - - get - - patch - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - {{- include "gitops-operator.selectorLabels" . | nindent 4 }} - name: codefresh-gitops-operator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: codefresh-gitops-operator -subjects: -- kind: ServiceAccount - name: {{ include "gitops-operator.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} -{{- end }} diff --git a/charts/gitops-runtime/templates/_components/gitops-operator/_serviceaccount.yaml b/charts/gitops-runtime/templates/_components/gitops-operator/_serviceaccount.yaml deleted file mode 100644 index 1f381f33..00000000 --- a/charts/gitops-runtime/templates/_components/gitops-operator/_serviceaccount.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- define "gitops-operator.resources.sa" }} - {{- if .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "gitops-operator.serviceAccountName" . }} - labels: - {{- include "gitops-operator.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/gitops-runtime/templates/_components/gitops-operator/crds/applicationconfigurations.yaml b/charts/gitops-runtime/templates/_components/gitops-operator/crds/applicationconfigurations.yaml deleted file mode 100644 index a68be2fa..00000000 --- a/charts/gitops-runtime/templates/_components/gitops-operator/crds/applicationconfigurations.yaml +++ /dev/null @@ -1,135 +0,0 @@ -{{- define "gitops-operator.crds.application-configuration" }} - {{- if .Values.crds.install }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: applicationconfigurations.csdp.codefresh.io - annotations: - {{- if .Values.crds.keep }} - "helm.sh/resource-policy": keep - {{- end }} - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - app.kubernetes.io/name: applicationconfigurations.csdp.codefresh.io - app.kubernetes.io/part-of: gitops-operator - {{- with .Values.crds.additionalLabels }} - {{- toYaml . | nindent 4}} - {{- end }} -spec: - group: csdp.codefresh.io - names: - kind: ApplicationConfiguration - listKind: ApplicationConfigurationList - plural: applicationconfigurations - singular: applicationconfiguration - scope: Namespaced - versions: - - name: v1 - schema: - openAPIV3Schema: - description: ApplicationConfiguration is the Schema for the applicationconfiguration - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ApplicationConfigurationSpec defines the desired state of - ApplicationConfiguration - properties: - applicationSourceSelector: - description: ApplicationSourceSelector is a selector to select the - application source - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - priority: - type: integer - promotion: - additionalProperties: - properties: - jsonPaths: - description: JsonPaths is an array of json paths inside the - file, - items: - type: string - type: array - required: - - jsonPaths - type: object - description: Promotion is the definition on how to promote this application - type: object - versionSource: - description: VersionSource is the source of the application version - properties: - file: - description: File is the file name of the source - type: string - jsonPath: - description: JsonPath is the json path inside the file, to the - version information - type: string - required: - - file - - jsonPath - type: object - required: - - applicationSourceSelector - - priority - type: object - type: object - served: true - storage: true - {{- end }} -{{- end }} diff --git a/charts/gitops-runtime/templates/_components/gitops-operator/crds/restrictedgitsources.yaml b/charts/gitops-runtime/templates/_components/gitops-operator/crds/restrictedgitsources.yaml deleted file mode 100644 index 4dbb539b..00000000 --- a/charts/gitops-runtime/templates/_components/gitops-operator/crds/restrictedgitsources.yaml +++ /dev/null @@ -1,593 +0,0 @@ -{{- define "gitops-operator.crds.restricted-gitsource" }} - {{- if .Values.crds.install }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: restrictedgitsources.csdp.codefresh.io - annotations: - {{- if .Values.crds.keep }} - "helm.sh/resource-policy": keep - {{- end }} - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - app.kubernetes.io/name: restrictedgitsources.csdp.codefresh.io - app.kubernetes.io/part-of: gitops-operator - {{- with .Values.crds.additionalLabels }} - {{- toYaml . | nindent 4}} - {{- end }} -spec: - group: csdp.codefresh.io - names: - kind: RestrictedGitSource - listKind: RestrictedGitSourceList - plural: restrictedgitsources - singular: restrictedgitsource - scope: Namespaced - versions: - - name: v1 - schema: - openAPIV3Schema: - description: RestrictedGitSource is the Schema for the restrictedgitsources - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RestrictedGitSourceSpec defines the desired state of RestrictedGitSource - properties: - clusterResourceBlacklist: - description: ClusterResourceBlacklist contains list of blacklisted - cluster level resources - items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - clusterResourceWhitelist: - description: ClusterResourceWhitelist contains list of whitelisted - cluster level resources - items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - destinations: - description: Destinations contains list of destinations available - for deployment - items: - description: ApplicationDestination holds information about the - application's destination - properties: - name: - description: Name is an alternate way of specifying the target - cluster by its symbolic name - type: string - namespace: - description: Namespace specifies the target namespace for the - application's resources. The namespace will only be set for - namespace-scoped resources that have not set a value for .metadata.namespace - type: string - server: - description: Server specifies the URL of the target cluster - and must be set to the Kubernetes control plane API - type: string - type: object - minItems: 1 - type: array - namespaceResourceBlacklist: - description: NamespaceResourceBlacklist contains list of blacklisted - namespace level resources - items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - namespaceResourceWhitelist: - description: NamespaceResourceWhitelist contains list of whitelisted - namespace level resources - items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - source: - description: Source is the application source - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match paths - against that should be explicitly excluded from being used - during manifest generation - type: string - include: - description: Include contains a glob pattern to match paths - against that should be explicitly included during manifest - generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External Variables - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the helm - template - items: - description: HelmFileParameter is a file parameter that's - passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally by not - appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters which - are passed to the helm template command upon manifest generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all domains - (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to use. - If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition installation - step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files to - use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for templating - ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional annotations - to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether to - apply env variables substitution for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels to - add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether to force - applying common annotations to resources for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to force - applying common labels to resources for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize image - definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize adds - to all resources - type: string - replicas: - description: Replicas is a list of Kustomize Replicas override - specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize to - use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, usually - expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or Helm) - that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the source - to sync the application to. In case of Git, this can be commit, - tag, or branch. If omitted, will equal to HEAD. In case of Helm, - this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - sourceNamespace: - description: SourceNamespace is the namespace from which the AppProject - will deploy applications - type: string - sourceRepos: - description: SourceRepos contains list of repository URLs which can - be used for deployment - items: - type: string - type: array - syncPolicy: - description: SyncPolicy controls when a sync will be performed - properties: - automated: - description: Automated will keep an application synced to the - target revision - properties: - allowEmpty: - description: 'AllowEmpty allows apps have zero live resources - (default: false)' - type: boolean - prune: - description: 'Prune specifies whether to delete resources - from the cluster that are not found in the sources anymore - as part of automated sync (default: false)' - type: boolean - selfHeal: - description: 'SelfHeal specifies whether to revert resources - back to their desired state upon modification in the cluster - (default: false)' - type: boolean - type: object - managedNamespaceMetadata: - description: ManagedNamespaceMetadata controls metadata in the - given namespace (if CreateNamespace=true) - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - description: Retry controls failed sync retry behavior - properties: - backoff: - description: Backoff controls how to backoff on subsequent - retries of failed syncs - properties: - duration: - description: Duration is the amount to back off. Default - unit is seconds, but could also be a duration (e.g. - "2m", "1h") - type: string - factor: - description: Factor is a factor to multiply the base duration - after each failed retry - format: int64 - type: integer - maxDuration: - description: MaxDuration is the maximum amount of time - allowed for the backoff strategy - type: string - type: object - limit: - description: Limit is the maximum number of attempts for retrying - a failed sync. If set to 0, no retries will be performed. - format: int64 - type: integer - type: object - syncOptions: - description: Options allow you to specify whole app sync-options - items: - type: string - type: array - type: object - required: - - destinations - - source - - sourceNamespace - type: object - status: - description: RestrictedGitSourceStatus defines the observed state of RestrictedGitSource - properties: - conditions: - description: 'Represents the observations of a RestrictedGitSource''s - current state. RestrictedGitSource.status.conditions.type are: "Available", - "Progressing", and "Degraded" RestrictedGitSource.status.conditions.status - are one of True, False, Unknown. RestrictedGitSource.status.conditions.reason - the value should be a CamelCase string and producers of specific - condition types may define expected values and meanings for this - field, and whether the values are considered a guaranteed API. Unleash.status.conditions.Message - is a human readable message indicating details about the transition.' - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} - {{- end }} -{{- end }} diff --git a/charts/gitops-runtime/templates/_components/gitops-operator/rbac/_auth_proxy_rbac.yaml b/charts/gitops-runtime/templates/_components/gitops-operator/rbac/_auth_proxy_rbac.yaml deleted file mode 100644 index 502dccc1..00000000 --- a/charts/gitops-runtime/templates/_components/gitops-operator/rbac/_auth_proxy_rbac.yaml +++ /dev/null @@ -1,37 +0,0 @@ - -{{- define "gitops-operator.resources.auth_proxy_rbac" }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - {{- include "gitops-operator.selectorLabels" . | nindent 4 }} - name: codefresh-gitops-operator-proxy -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - {{- include "gitops-operator.selectorLabels" . | nindent 4 }} - name: codefresh-gitops-operator-proxy -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: codefresh-gitops-operator-proxy -subjects: -- kind: ServiceAccount - name: {{ include "gitops-operator.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} -{{- end }} diff --git a/charts/gitops-runtime/templates/_components/gitops-operator/rbac/_leader_election_rbac.yaml b/charts/gitops-runtime/templates/_components/gitops-operator/rbac/_leader_election_rbac.yaml deleted file mode 100644 index 14cb8e10..00000000 --- a/charts/gitops-runtime/templates/_components/gitops-operator/rbac/_leader_election_rbac.yaml +++ /dev/null @@ -1,56 +0,0 @@ - -{{- define "gitops-operator.resources.leader_election_rbac" }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - {{- include "gitops-operator.selectorLabels" . | nindent 4 }} - name: leader-election -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - {{- include "gitops-operator.selectorLabels" . | nindent 4 }} - name: leader-election -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: leader-election -subjects: -- kind: ServiceAccount - name: {{ include "gitops-operator.serviceAccountName" . }} -{{- end }} diff --git a/charts/gitops-runtime/templates/_components/gitops-operator/rbac/_restricted_git_source.rbac.yaml b/charts/gitops-runtime/templates/_components/gitops-operator/rbac/_restricted_git_source.rbac.yaml deleted file mode 100644 index efaa155a..00000000 --- a/charts/gitops-runtime/templates/_components/gitops-operator/rbac/_restricted_git_source.rbac.yaml +++ /dev/null @@ -1,80 +0,0 @@ - -{{- define "gitops-operator.resources.restricted_git_source_rbac" }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - {{- include "gitops-operator.selectorLabels" . | nindent 4 }} - name: restrictedgitsource-editor -rules: -- apiGroups: - - csdp.codefresh.io - resources: - - restrictedgitsources - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - csdp.codefresh.io - resources: - - restrictedgitsources/status - verbs: - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - {{- include "gitops-operator.selectorLabels" . | nindent 4 }} - name: restrictedgitsource-viewer -rules: -- apiGroups: - - csdp.codefresh.io - resources: - - restrictedgitsources - verbs: - - get - - list - - watch -- apiGroups: - - csdp.codefresh.io - resources: - - restrictedgitsources/status - verbs: - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - {{- include "gitops-operator.selectorLabels" . | nindent 4 }} - name: restrictedgitsource-editor -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: restrictedgitsource-editor -subjects: -- kind: ServiceAccount - name: {{ include "gitops-operator.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - {{- include "gitops-operator.selectorLabels" . | nindent 4 }} - name: restrictedgitsource-viewer -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: restrictedgitsource-viewer -subjects: -- kind: ServiceAccount - name: {{ include "gitops-operator.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} -{{- end }} diff --git a/charts/gitops-runtime/templates/_helpers.tpl b/charts/gitops-runtime/templates/_helpers.tpl index 745ea573..13a321e6 100644 --- a/charts/gitops-runtime/templates/_helpers.tpl +++ b/charts/gitops-runtime/templates/_helpers.tpl @@ -237,6 +237,10 @@ Output comma separated list of installed runtime components {{- $tunnelClient := dict "name" "codefresh-tunnel-client" "version" (get .Subcharts "tunnel-client").Chart.AppVersion }} {{- $comptList = append $comptList $tunnelClient }} {{- end }} + {{- if and (index .Values "gitops-operator") "enabled" }} + {{- $gitopsOperator := dict "name" "codefresh-gitops-operator" "version" (get .Subcharts "gitops-operator").Chart.AppVersion }} + {{- $comptList = append $comptList $gitopsOperator }} + {{- end }} {{- $comptList | toYaml }} {{- end }} diff --git a/charts/gitops-runtime/templates/gitops-operator/crds.yaml b/charts/gitops-runtime/templates/gitops-operator/crds.yaml deleted file mode 100644 index add721e0..00000000 --- a/charts/gitops-runtime/templates/gitops-operator/crds.yaml +++ /dev/null @@ -1,7 +0,0 @@ -{{- $gitopsOperatorContext := deepCopy . }} -{{- $_ := set $gitopsOperatorContext "Values" (get .Values "gitops-operator") }} -{{- $_ := set $gitopsOperatorContext.Values "global" (get .Values "global") }} - -{{- include "gitops-operator.crds.application-configuration" $gitopsOperatorContext }} ---- -{{- include "gitops-operator.crds.restricted-gitsource" $gitopsOperatorContext }} diff --git a/charts/gitops-runtime/templates/gitops-operator/deployment.yaml b/charts/gitops-runtime/templates/gitops-operator/deployment.yaml deleted file mode 100644 index 90bdf480..00000000 --- a/charts/gitops-runtime/templates/gitops-operator/deployment.yaml +++ /dev/null @@ -1,5 +0,0 @@ -{{- $gitopsOperatorContext := deepCopy . }} -{{- $_ := set $gitopsOperatorContext "Values" (get .Values "gitops-operator") }} -{{- $_ := set $gitopsOperatorContext.Values "global" (get .Values "global") }} - -{{- include "gitops-operator.resources.deployment" $gitopsOperatorContext }} \ No newline at end of file diff --git a/charts/gitops-runtime/templates/gitops-operator/rbac.yaml b/charts/gitops-runtime/templates/gitops-operator/rbac.yaml deleted file mode 100644 index 287e86c3..00000000 --- a/charts/gitops-runtime/templates/gitops-operator/rbac.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- $gitopsOperatorContext := deepCopy . }} -{{- $_ := set $gitopsOperatorContext "Values" (get .Values "gitops-operator") }} -{{- $_ := set $gitopsOperatorContext.Values "global" (get .Values "global") }} -{{- include "gitops-operator.resources.rbac" $gitopsOperatorContext }} ---- -{{- include "gitops-operator.resources.auth_proxy_rbac" $gitopsOperatorContext }} ---- -{{- include "gitops-operator.resources.leader_election_rbac" $gitopsOperatorContext }} ---- -{{- include "gitops-operator.resources.restricted_git_source_rbac" $gitopsOperatorContext }} \ No newline at end of file diff --git a/charts/gitops-runtime/templates/gitops-operator/sa.yaml b/charts/gitops-runtime/templates/gitops-operator/sa.yaml deleted file mode 100644 index e828bef5..00000000 --- a/charts/gitops-runtime/templates/gitops-operator/sa.yaml +++ /dev/null @@ -1,5 +0,0 @@ -{{- $gitopsOperatorContext := deepCopy . }} -{{- $_ := set $gitopsOperatorContext "Values" (get .Values "gitops-operator") }} -{{- $_ := set $gitopsOperatorContext.Values "global" (get .Values "global") }} - -{{ include "gitops-operator.resources.sa" $gitopsOperatorContext }} \ No newline at end of file diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index c2fa3a36..ea3eb681 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -528,6 +528,7 @@ app-proxy: # gitops-operator #----------------------------------------------------------------------------------------------------------------------- gitops-operator: + enabled: true replicaCount: 1 # -- Codefresh gitops operator crds @@ -542,26 +543,10 @@ gitops-operator: additionalLabels: {} env: {} - # NAMESPACE: - # valueFrom: - # fieldRef: - # fieldPath: metadata.namespace - # VAR_NAME: - # valueFrom: - # secretKeyRef: - # name: my-secret - # key: my-secret-key - # optional: true - # VAR_NAME: - # valueFrom: - # configMapKeyRef: - # name: my-config-map - # key: my-config-map-key - # optional: true - # VAR_NANE: string-value image: - repository: quay.io/codefresh/codefresh-gitops-operator - tag: v0.1.0-alpha.5 + registry: quay.io + repository: codefresh/codefresh-gitops-operator + # tag: null # default to the appVersion of the codefresh-gitops-operator chart pullPolicy: IfNotPresent serviceAccount: @@ -569,20 +554,6 @@ gitops-operator: annotations: {} name: "gitops-operator-controller-manager" - readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - - livenessProbe: - failureThreshold: 10 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - imagePullSecrets: [] nameOverride: "" fullnameOverride: "" @@ -590,14 +561,6 @@ gitops-operator: podAnnotations: {} podLabels: {} - podSecurityContext: - runAsNonRoot: true - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - "ALL" - nodeSelector: {} tolerations: [] affinity: {} @@ -612,7 +575,8 @@ gitops-operator: kube-rbac-proxy: image: - repository: gcr.io/kubebuilder/kube-rbac-proxy + registry: gcr.io + repository: kubebuilder/kube-rbac-proxy tag: v0.14.1 pullPolicy: IfNotPresent From bac73be1d8cd7553cfa6be89c2b7ecf25380efe3 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Fri, 19 Jan 2024 13:39:38 +0300 Subject: [PATCH 03/32] add PR template --- .github/PULL_REQUEST_TEMPLATE.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 .github/PULL_REQUEST_TEMPLATE.md diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 00000000..d52927cf --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,6 @@ +## What + +## Why + +## Notes + \ No newline at end of file From 2744a16691f1245a8ccd7e890dd28dc05cb58449 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Fri, 19 Jan 2024 13:44:43 +0300 Subject: [PATCH 04/32] update tests --- .../tests/gitops-controller-misc_test.yaml | 29 +++++++++---------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/charts/gitops-runtime/tests/gitops-controller-misc_test.yaml b/charts/gitops-runtime/tests/gitops-controller-misc_test.yaml index caf95ab3..d8a75dc6 100644 --- a/charts/gitops-runtime/tests/gitops-controller-misc_test.yaml +++ b/charts/gitops-runtime/tests/gitops-controller-misc_test.yaml @@ -1,11 +1,11 @@ suite: misc tests on gitops-operator templates generation templates: - - gitops-operator/deployment.yaml - - gitops-operator/sa.yaml - - gitops-operator/rbac.yaml + - gitops-operator/templates/deployment.yaml + - gitops-operator/templates/sa.yaml + - gitops-operator/templates/rbac.yaml tests: - it: override both images works - template: 'gitops-operator/deployment.yaml' + template: 'gitops-operator/templates/deployment.yaml' set: gitops-operator: image: @@ -24,7 +24,7 @@ tests: value: example.com/repo:0.0.1 - it: override service account name - sa object - template: 'gitops-operator/sa.yaml' + template: 'gitops-operator/templates/sa.yaml' values: - ./values/mandatory-values.yaml set: @@ -35,7 +35,7 @@ tests: value: sa-name - it: override service account name - deployment - template: 'gitops-operator/deployment.yaml' + template: 'gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -46,7 +46,7 @@ tests: value: sa-name - it: overriding of environment variables on main container - template: 'gitops-operator/deployment.yaml' + template: 'gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -58,7 +58,7 @@ tests: name: PORT value: "8787" - it: adding environment variables on main container - template: 'gitops-operator/deployment.yaml' + template: 'gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -70,7 +70,7 @@ tests: name: SOME_ENV value: test - it: setting security context on main container - template: 'gitops-operator/deployment.yaml' + template: 'gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -80,7 +80,7 @@ tests: path: spec.template.spec.containers[1].securityContext.runAsUser value: 1000 - it: override readiness and liveness probes values - template: 'gitops-operator/deployment.yaml' + template: 'gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -126,7 +126,7 @@ tests: path: spec.template.spec.containers[1].livenessProbe.failureThreshold value: 1 - it: setting node selector - template: 'gitops-operator/deployment.yaml' + template: 'gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -139,7 +139,7 @@ tests: test.io/node: "test" - it: setting tolerations - template: 'gitops-operator/deployment.yaml' + template: 'gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -158,7 +158,7 @@ tests: effect: "NoSchedule" - it: setting affinity - template: 'gitops-operator/deployment.yaml' + template: 'gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -187,7 +187,7 @@ tests: - antarctica-west1 - it: contains all expected roles and role bindings - template: gitops-operator/rbac.yaml + template: gitops-operator/templates/rbac.yaml values: - ./values/mandatory-values.yaml asserts: @@ -235,4 +235,3 @@ tests: kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 name: leader-election - \ No newline at end of file From a9f37dce8bcf0e99c436aa845a78262b7b136d55 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Fri, 19 Jan 2024 13:49:17 +0300 Subject: [PATCH 05/32] update tests --- .../tests/gitops-controller-misc_test.yaml | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/charts/gitops-runtime/tests/gitops-controller-misc_test.yaml b/charts/gitops-runtime/tests/gitops-controller-misc_test.yaml index d8a75dc6..f15a8656 100644 --- a/charts/gitops-runtime/tests/gitops-controller-misc_test.yaml +++ b/charts/gitops-runtime/tests/gitops-controller-misc_test.yaml @@ -1,11 +1,11 @@ suite: misc tests on gitops-operator templates generation templates: - - gitops-operator/templates/deployment.yaml - - gitops-operator/templates/sa.yaml - - gitops-operator/templates/rbac.yaml + - charts/gitops-operator/templates/deployment.yaml + - charts/gitops-operator/templates/sa.yaml + - charts/gitops-operator/templates/rbac.yaml tests: - it: override both images works - template: 'gitops-operator/templates/deployment.yaml' + template: 'charts/gitops-operator/templates/deployment.yaml' set: gitops-operator: image: @@ -24,7 +24,7 @@ tests: value: example.com/repo:0.0.1 - it: override service account name - sa object - template: 'gitops-operator/templates/sa.yaml' + template: 'charts/gitops-operator/templates/sa.yaml' values: - ./values/mandatory-values.yaml set: @@ -35,7 +35,7 @@ tests: value: sa-name - it: override service account name - deployment - template: 'gitops-operator/templates/deployment.yaml' + template: 'charts/gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -46,7 +46,7 @@ tests: value: sa-name - it: overriding of environment variables on main container - template: 'gitops-operator/templates/deployment.yaml' + template: 'charts/gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -58,7 +58,7 @@ tests: name: PORT value: "8787" - it: adding environment variables on main container - template: 'gitops-operator/templates/deployment.yaml' + template: 'charts/gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -70,7 +70,7 @@ tests: name: SOME_ENV value: test - it: setting security context on main container - template: 'gitops-operator/templates/deployment.yaml' + template: 'charts/gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -80,7 +80,7 @@ tests: path: spec.template.spec.containers[1].securityContext.runAsUser value: 1000 - it: override readiness and liveness probes values - template: 'gitops-operator/templates/deployment.yaml' + template: 'charts/gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -126,7 +126,7 @@ tests: path: spec.template.spec.containers[1].livenessProbe.failureThreshold value: 1 - it: setting node selector - template: 'gitops-operator/templates/deployment.yaml' + template: 'charts/gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -139,7 +139,7 @@ tests: test.io/node: "test" - it: setting tolerations - template: 'gitops-operator/templates/deployment.yaml' + template: 'charts/gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -158,7 +158,7 @@ tests: effect: "NoSchedule" - it: setting affinity - template: 'gitops-operator/templates/deployment.yaml' + template: 'charts/gitops-operator/templates/deployment.yaml' values: - ./values/mandatory-values.yaml set: @@ -187,7 +187,7 @@ tests: - antarctica-west1 - it: contains all expected roles and role bindings - template: gitops-operator/templates/rbac.yaml + template: charts/gitops-operator/templates/rbac.yaml values: - ./values/mandatory-values.yaml asserts: From e76a137619b8520d76af9e7fcdf9458fc14a8a40 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Fri, 19 Jan 2024 14:43:12 +0300 Subject: [PATCH 06/32] Fri Jan 19 14:43:12 +03 2024: wip --- charts/gitops-runtime/Chart.yaml | 2 +- charts/gitops-runtime/values.yaml | 18 ++++++++---------- 2 files changed, 9 insertions(+), 11 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index f8a52da5..f2859131 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -41,6 +41,6 @@ dependencies: condition: tunnel-client.enabled - name: codefresh-gitops-operator repository: oci://quay.io/codefresh/charts - version: 1.0.0 + version: 1.0.1 alias: gitops-operator condition: gitops-operator.enabled \ No newline at end of file diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index ea3eb681..50f42826 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -543,11 +543,10 @@ gitops-operator: additionalLabels: {} env: {} - image: - registry: quay.io - repository: codefresh/codefresh-gitops-operator - # tag: null # default to the appVersion of the codefresh-gitops-operator chart - pullPolicy: IfNotPresent + image: {} + # -- defaults + # repository: quay.io/codefresh/codefresh-gitops-operator + # tag: 'v{{ .Chart.AppVersion }}' serviceAccount: create: true @@ -574,11 +573,10 @@ gitops-operator: memory: 64Mi kube-rbac-proxy: - image: - registry: gcr.io - repository: kubebuilder/kube-rbac-proxy - tag: v0.14.1 - pullPolicy: IfNotPresent + image: {} + # -- defaults + # repository: gcr.io/kubebuilder/kube-rbac-proxy + # tag: v0.14.1 securityContext: allowPrivilegeEscalation: false From 440d9938ac7415796f6cb50333202600ff76b33d Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Fri, 19 Jan 2024 17:40:22 +0300 Subject: [PATCH 07/32] Fri Jan 19 17:40:22 +03 2024: wip --- charts/gitops-runtime/templates/_helpers.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/gitops-runtime/templates/_helpers.tpl b/charts/gitops-runtime/templates/_helpers.tpl index 13a321e6..e2f74167 100644 --- a/charts/gitops-runtime/templates/_helpers.tpl +++ b/charts/gitops-runtime/templates/_helpers.tpl @@ -238,7 +238,7 @@ Output comma separated list of installed runtime components {{- $comptList = append $comptList $tunnelClient }} {{- end }} {{- if and (index .Values "gitops-operator") "enabled" }} - {{- $gitopsOperator := dict "name" "codefresh-gitops-operator" "version" (get .Subcharts "gitops-operator").Chart.AppVersion }} + {{- $gitopsOperator := dict "name" "gitops-operator" "version" (get .Subcharts "gitops-operator").Chart.AppVersion }} {{- $comptList = append $comptList $gitopsOperator }} {{- end }} {{- $comptList | toYaml }} From 9d19848c3c38a449372611a98def26c743aba79a Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Fri, 19 Jan 2024 18:02:09 +0300 Subject: [PATCH 08/32] lint --- charts/gitops-runtime/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index f2859131..e0102dee 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -43,4 +43,4 @@ dependencies: repository: oci://quay.io/codefresh/charts version: 1.0.1 alias: gitops-operator - condition: gitops-operator.enabled \ No newline at end of file + condition: gitops-operator.enabled From c4f461bc1eb87bf3aa9124a36860b3a881c3594c Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Fri, 19 Jan 2024 18:32:51 +0300 Subject: [PATCH 09/32] helm-docs --- charts/gitops-runtime/README.md | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/charts/gitops-runtime/README.md b/charts/gitops-runtime/README.md index ceedd991..79a5ccdd 100644 --- a/charts/gitops-runtime/README.md +++ b/charts/gitops-runtime/README.md @@ -226,14 +226,9 @@ sealed-secrets: | gitops-operator.enabled | bool | `true` | | | gitops-operator.env | object | `{}` | | | gitops-operator.fullnameOverride | string | `""` | | -| gitops-operator.image.pullPolicy | string | `"IfNotPresent"` | | -| gitops-operator.image.registry | string | `"quay.io"` | | -| gitops-operator.image.repository | string | `"codefresh/codefresh-gitops-operator"` | | +| gitops-operator.image | object | `{}` | | | gitops-operator.imagePullSecrets | list | `[]` | | -| gitops-operator.kube-rbac-proxy.image.pullPolicy | string | `"IfNotPresent"` | | -| gitops-operator.kube-rbac-proxy.image.registry | string | `"gcr.io"` | | -| gitops-operator.kube-rbac-proxy.image.repository | string | `"kubebuilder/kube-rbac-proxy"` | | -| gitops-operator.kube-rbac-proxy.image.tag | string | `"v0.14.1"` | | +| gitops-operator.kube-rbac-proxy.image | object | `{}` | | | gitops-operator.kube-rbac-proxy.resources.limits.cpu | string | `"500m"` | | | gitops-operator.kube-rbac-proxy.resources.limits.memory | string | `"128Mi"` | | | gitops-operator.kube-rbac-proxy.resources.requests.cpu | string | `"100m"` | | From d5ca063cfb9efbe9dfdfa289afee5c14e9de0fc4 Mon Sep 17 00:00:00 2001 From: oleksandr-codefresh Date: Tue, 23 Jan 2024 12:59:57 +0200 Subject: [PATCH 10/32] bump argo-cd to 5.51.6-7-cap-2.9-2024.1.22-375d827f3 --- charts/gitops-runtime/Chart.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index e0102dee..c5541c92 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -16,10 +16,12 @@ annotations: artifacthub.io/changes: | - kind: changed description: Add codefresh-gitops-operator as separate chart + - kind: changed + description: Update argo-cd chart to 5.51.6-7-cap-2.9-2024.1.22-375d827f3 dependencies: - name: argo-cd repository: https://codefresh-io.github.io/argo-helm - version: 5.51.6-5-cap-2.9-2024.1.17-0d221227f + version: 5.51.6-7-cap-2.9-2024.1.22-375d827f3 - name: argo-events repository: https://codefresh-io.github.io/argo-helm version: 2.0.9-1-cap-CR-19893 From d89ff71b21efffea7c279b7f8d8582d4d7a37a66 Mon Sep 17 00:00:00 2001 From: oleksandr-codefresh Date: Tue, 23 Jan 2024 13:01:08 +0200 Subject: [PATCH 11/32] bump argo-rollouts to 2.32.5-3-analysis-fix --- charts/gitops-runtime/Chart.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index c5541c92..678b6e40 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -18,6 +18,8 @@ annotations: description: Add codefresh-gitops-operator as separate chart - kind: changed description: Update argo-cd chart to 5.51.6-7-cap-2.9-2024.1.22-375d827f3 + - kind: changed + description: Update argo-rollouts chart to 2.32.5-3-analysis-fix dependencies: - name: argo-cd repository: https://codefresh-io.github.io/argo-helm @@ -31,7 +33,7 @@ dependencies: condition: argo-workflows.enabled - name: argo-rollouts repository: https://codefresh-io.github.io/argo-helm - version: 2.32.5-2-cap-init + version: 2.32.5-3-analysis-fix condition: argo-rollouts.enabled - name: sealed-secrets repository: https://bitnami-labs.github.io/sealed-secrets/ From e91fc0edc48ff6d7199e684586b043d55f214e40 Mon Sep 17 00:00:00 2001 From: Noam Gal Date: Wed, 24 Jan 2024 17:10:54 +0200 Subject: [PATCH 12/32] CR-21890 - bump gitops-operator chart to `1.0.2` --- charts/gitops-runtime/Chart.yaml | 2 +- charts/gitops-runtime/templates/_helpers.tpl | 2 +- charts/gitops-runtime/values.yaml | 4 ++++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 678b6e40..54bf845d 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -45,6 +45,6 @@ dependencies: condition: tunnel-client.enabled - name: codefresh-gitops-operator repository: oci://quay.io/codefresh/charts - version: 1.0.1 + version: 1.0.2 alias: gitops-operator condition: gitops-operator.enabled diff --git a/charts/gitops-runtime/templates/_helpers.tpl b/charts/gitops-runtime/templates/_helpers.tpl index e2f74167..8147dfb7 100644 --- a/charts/gitops-runtime/templates/_helpers.tpl +++ b/charts/gitops-runtime/templates/_helpers.tpl @@ -237,7 +237,7 @@ Output comma separated list of installed runtime components {{- $tunnelClient := dict "name" "codefresh-tunnel-client" "version" (get .Subcharts "tunnel-client").Chart.AppVersion }} {{- $comptList = append $comptList $tunnelClient }} {{- end }} - {{- if and (index .Values "gitops-operator") "enabled" }} + {{- if index (get .Values "gitops-operator") "enabled" }} {{- $gitopsOperator := dict "name" "gitops-operator" "version" (get .Subcharts "gitops-operator").Chart.AppVersion }} {{- $comptList = append $comptList $gitopsOperator }} {{- end }} diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index 50f42826..802ef53b 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -157,6 +157,7 @@ argo-cd: notifications: bots: slack: + #----------------------------------------------------------------------------------------------------------------------- # Argo Events #----------------------------------------------------------------------------------------------------------------------- @@ -164,6 +165,7 @@ argo-events: fullnameOverride: argo-events crds: install: false + #----------------------------------------------------------------------------------------------------------------------- # Argo Workflows #----------------------------------------------------------------------------------------------------------------------- @@ -177,6 +179,7 @@ argo-workflows: crds: # -- Install and upgrade CRDs install: true + #----------------------------------------------------------------------------------------------------------------------- # Argo rollouts #----------------------------------------------------------------------------------------------------------------------- @@ -186,6 +189,7 @@ argo-rollouts: controller: replicas: 1 installCRDs: true + #----------------------------------------------------------------------------------------------------------------------- # Event reporters #----------------------------------------------------------------------------------------------------------------------- From 27f9ff5c32d89b838b3d4b2c47f99faa011cc296 Mon Sep 17 00:00:00 2001 From: Oleksandr Saulyak Date: Thu, 25 Jan 2024 11:35:35 +0200 Subject: [PATCH 13/32] Upgrade Argo CD to v2.9-2024.1.24-ccd7124b3. With critical vulnerability fixes of stdlib and go-git/v5 --- charts/gitops-runtime/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 54bf845d..df4f89ac 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -17,13 +17,13 @@ annotations: - kind: changed description: Add codefresh-gitops-operator as separate chart - kind: changed - description: Update argo-cd chart to 5.51.6-7-cap-2.9-2024.1.22-375d827f3 + description: Update argo-cd chart to 5.51.6-8-cap-2.9-2024.1.24-ccd7124b3 - kind: changed description: Update argo-rollouts chart to 2.32.5-3-analysis-fix dependencies: - name: argo-cd repository: https://codefresh-io.github.io/argo-helm - version: 5.51.6-7-cap-2.9-2024.1.22-375d827f3 + version: 5.51.6-8-cap-2.9-2024.1.24-ccd7124b3 - name: argo-events repository: https://codefresh-io.github.io/argo-helm version: 2.0.9-1-cap-CR-19893 From ebc8b6f73f2ede4699a37b2c4fdc9b272390683f Mon Sep 17 00:00:00 2001 From: Oleksandr Saulyak Date: Thu, 25 Jan 2024 12:36:05 +0200 Subject: [PATCH 14/32] added more details about argo-cd related changes --- charts/gitops-runtime/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index df4f89ac..2eb97e15 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 0.1.39 +appVersion: 0.1.40 description: A Helm chart for Codefresh gitops runtime name: gitops-runtime version: 0.4.3 @@ -17,7 +17,7 @@ annotations: - kind: changed description: Add codefresh-gitops-operator as separate chart - kind: changed - description: Update argo-cd chart to 5.51.6-8-cap-2.9-2024.1.24-ccd7124b3 + description: Update argo-cd chart to 5.51.6-8-cap-2.9-2024.1.24-ccd7124b3. Includes: window rate limiter for the event reporter; support of apps in non-contoller namespaces for non-GRPC reporting mode; critical vuln fixes for argocd; - kind: changed description: Update argo-rollouts chart to 2.32.5-3-analysis-fix dependencies: From 3d357c4c5aa38e2e9973e94822893535ee71d24b Mon Sep 17 00:00:00 2001 From: Noam Gal Date: Thu, 25 Jan 2024 14:52:57 +0200 Subject: [PATCH 15/32] bump gitops-operator to `1.0.3` (#148) --- charts/gitops-runtime/Chart.yaml | 2 +- charts/gitops-runtime/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 2eb97e15..2fb7cc35 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -45,6 +45,6 @@ dependencies: condition: tunnel-client.enabled - name: codefresh-gitops-operator repository: oci://quay.io/codefresh/charts - version: 1.0.2 + version: 1.0.3 alias: gitops-operator condition: gitops-operator.enabled diff --git a/charts/gitops-runtime/README.md b/charts/gitops-runtime/README.md index 79a5ccdd..fbacd8fd 100644 --- a/charts/gitops-runtime/README.md +++ b/charts/gitops-runtime/README.md @@ -1,5 +1,5 @@ ## Codefresh gitops runtime -![Version: 0.4.3](https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square) ![AppVersion: 0.1.39](https://img.shields.io/badge/AppVersion-0.1.39-informational?style=flat-square) +![Version: 0.4.3](https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square) ![AppVersion: 0.1.40](https://img.shields.io/badge/AppVersion-0.1.40-informational?style=flat-square) ## Prerequisites From 9cc593c05b7ed826a0fc3d132083c2223016e2dc Mon Sep 17 00:00:00 2001 From: Noam Gal Date: Sun, 28 Jan 2024 11:18:53 +0200 Subject: [PATCH 16/32] bump gitops-operator to `1.0.4` (#149) --- charts/gitops-runtime/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 2fb7cc35..f2dc1307 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -45,6 +45,6 @@ dependencies: condition: tunnel-client.enabled - name: codefresh-gitops-operator repository: oci://quay.io/codefresh/charts - version: 1.0.3 + version: 1.0.4 alias: gitops-operator condition: gitops-operator.enabled From e75fcc834d649f3f0aeaff407860a0a14b7433dc Mon Sep 17 00:00:00 2001 From: Noam Gal Date: Sun, 28 Jan 2024 14:04:30 +0200 Subject: [PATCH 17/32] fixed lint (#150) --- charts/gitops-runtime/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index f2dc1307..9dd03216 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -17,7 +17,7 @@ annotations: - kind: changed description: Add codefresh-gitops-operator as separate chart - kind: changed - description: Update argo-cd chart to 5.51.6-8-cap-2.9-2024.1.24-ccd7124b3. Includes: window rate limiter for the event reporter; support of apps in non-contoller namespaces for non-GRPC reporting mode; critical vuln fixes for argocd; + description: Update argo-cd chart to 5.51.6-8-cap-2.9-2024.1.24-ccd7124b3. Includes: window rate limiter for the event reporter; support of apps in non-contoller namespaces for non-GRPC reporting mode; critical vuln fixes for argocd; - kind: changed description: Update argo-rollouts chart to 2.32.5-3-analysis-fix dependencies: From 92357a55a1fb46b642858bf8524e7bd750f336c4 Mon Sep 17 00:00:00 2001 From: ilia-medvedev-codefresh Date: Mon, 29 Jan 2024 16:51:12 +0200 Subject: [PATCH 18/32] Fix - Workflows native UI via internal router (#153) * native ui routing - rewrite target * native ui routing - rewrite target * native ui routing - rewrite target --- charts/gitops-runtime/Chart.yaml | 2 ++ charts/gitops-runtime/README.md | 1 + .../templates/_components/internal-router/_configmap.yaml | 2 ++ charts/gitops-runtime/values.yaml | 2 ++ 4 files changed, 7 insertions(+) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 9dd03216..3bf974d1 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -20,6 +20,8 @@ annotations: description: Update argo-cd chart to 5.51.6-8-cap-2.9-2024.1.24-ccd7124b3. Includes: window rate limiter for the event reporter; support of apps in non-contoller namespaces for non-GRPC reporting mode; critical vuln fixes for argocd; - kind: changed description: Update argo-rollouts chart to 2.32.5-3-analysis-fix + - kind: fixed + description: fix routing to workflows native UI dependencies: - name: argo-cd repository: https://codefresh-io.github.io/argo-helm diff --git a/charts/gitops-runtime/README.md b/charts/gitops-runtime/README.md index fbacd8fd..c77e5561 100644 --- a/charts/gitops-runtime/README.md +++ b/charts/gitops-runtime/README.md @@ -160,6 +160,7 @@ sealed-secrets: | argo-workflows.crds.install | bool | `true` | Install and upgrade CRDs | | argo-workflows.enabled | bool | `true` | | | argo-workflows.fullnameOverride | string | `"argo"` | | +| argo-workflows.server.baseHref | string | `"/workflows/"` | Do not change. Workflows UI is only accessed through internal router, changing this values will break routing to workflows native UI from Codefresh. | | argo-workflows.server.extraArgs | list | `["--auth-mode=client"]` | auth-mode needs to be set to client to be able to see workflow logs from Codefresh UI | | event-reporters.events.argoCDServerServiceName | string | `nil` | LEAVE EMPTY and let the chart logic determine the name. Change only if you are totally sure you need to override ArgoCD service name. | | event-reporters.events.argoCDServerServicePort | string | `nil` | LEAVE EMPTY and let the chart logic determine the name. Change only if you are totally sure you need to override ArgoCD service port. | diff --git a/charts/gitops-runtime/templates/_components/internal-router/_configmap.yaml b/charts/gitops-runtime/templates/_components/internal-router/_configmap.yaml index 7f4a2511..08a86b98 100644 --- a/charts/gitops-runtime/templates/_components/internal-router/_configmap.yaml +++ b/charts/gitops-runtime/templates/_components/internal-router/_configmap.yaml @@ -10,6 +10,7 @@ data: listen [::]:8080 default_server; access_log /dev/stdout main; error_log /dev/stdout; + port_in_redirect off; {{- if .Values.resolver }} resolver {{ .Values.resolver }} valid=10s; @@ -33,6 +34,7 @@ data: proxy_set_header Connection ''; proxy_http_version 1.1; chunked_transfer_encoding off; + rewrite /workflows(/|$)(.*) /$2 break; proxy_pass {{ .Values.routing.workflows.internalUrl }}; } diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index 802ef53b..9c467cd6 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -176,6 +176,8 @@ argo-workflows: # -- auth-mode needs to be set to client to be able to see workflow logs from Codefresh UI extraArgs: - --auth-mode=client + # -- Do not change. Workflows UI is only accessed through internal router, changing this values will break routing to workflows native UI from Codefresh. + baseHref: /workflows/ crds: # -- Install and upgrade CRDs install: true From eb4fd713e8f2c4a45ef68e9376aeb766c4c8ba01 Mon Sep 17 00:00:00 2001 From: danielm-codefresh Date: Tue, 30 Jan 2024 14:31:27 +0200 Subject: [PATCH 19/32] Bump CLI used in installer-image --- installer-image/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installer-image/Dockerfile b/installer-image/Dockerfile index e2c3156f..f4e44846 100644 --- a/installer-image/Dockerfile +++ b/installer-image/Dockerfile @@ -1,6 +1,6 @@ FROM --platform=$BUILDPLATFORM debian:bullseye-slim -ARG CF_CLI_VERSION=v0.1.49 +ARG CF_CLI_VERSION=v0.1.60 ARG KUBECTL_VERSION=v1.27.2 ARG TARGETARCH From 40ab1f60ed17c89d5ca557908904f9aeb7865508 Mon Sep 17 00:00:00 2001 From: Oleksandr Saulyak Date: Tue, 30 Jan 2024 16:15:00 +0200 Subject: [PATCH 20/32] bump app proxy to 1.2623.0 --- charts/gitops-runtime/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index 9c467cd6..1e7caa35 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -424,7 +424,7 @@ app-proxy: tag: 1.1.10-main image: repository: quay.io/codefresh/cap-app-proxy - tag: 1.2608.0 + tag: 1.2623.0 pullPolicy: IfNotPresent # -- Extra volume mounts for main container extraVolumeMounts: [] @@ -432,7 +432,7 @@ app-proxy: initContainer: image: repository: quay.io/codefresh/cap-app-proxy-init - tag: 1.2608.0 + tag: 1.2623.0 pullPolicy: IfNotPresent command: - ./init.sh From 80ea310ce62daf84ac9100a9e9ea1089481c6ced Mon Sep 17 00:00:00 2001 From: Oleksandr Saulyak Date: Tue, 30 Jan 2024 16:16:10 +0200 Subject: [PATCH 21/32] updated chages list --- charts/gitops-runtime/Chart.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 3bf974d1..0e4f4224 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -22,6 +22,8 @@ annotations: description: Update argo-rollouts chart to 2.32.5-3-analysis-fix - kind: fixed description: fix routing to workflows native UI + - kind: changed + description: Update app-proxy to 1.2623.0 dependencies: - name: argo-cd repository: https://codefresh-io.github.io/argo-helm From 62b3eef89afd141312078cbc9f5022e855e1611a Mon Sep 17 00:00:00 2001 From: danielm-codefresh Date: Wed, 31 Jan 2024 08:56:15 +0200 Subject: [PATCH 22/32] From a715f92504063a12ce2db871fb74a08993cba328 Mon Sep 17 00:00:00 2001 From: danielm-codefresh Date: Wed, 31 Jan 2024 16:07:50 +0200 Subject: [PATCH 23/32] update argo-workflows to v3.5.4 --- charts/gitops-runtime/Chart.yaml | 4 +++- charts/gitops-runtime/README.md | 6 +++--- charts/gitops-runtime/values.yaml | 4 ++-- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 0e4f4224..e1810cb5 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -20,6 +20,8 @@ annotations: description: Update argo-cd chart to 5.51.6-8-cap-2.9-2024.1.24-ccd7124b3. Includes: window rate limiter for the event reporter; support of apps in non-contoller namespaces for non-GRPC reporting mode; critical vuln fixes for argocd; - kind: changed description: Update argo-rollouts chart to 2.32.5-3-analysis-fix + - kind: changed + description: Update argo-workflows chart to 0.40.9-1-v3.5.4-cap-CR-22243 - kind: fixed description: fix routing to workflows native UI - kind: changed @@ -33,7 +35,7 @@ dependencies: version: 2.0.9-1-cap-CR-19893 - name: argo-workflows repository: https://codefresh-io.github.io/argo-helm - version: 0.22.10-2-CR-20826 + version: 0.40.9-1-v3.5.4-cap-CR-22243 condition: argo-workflows.enabled - name: argo-rollouts repository: https://codefresh-io.github.io/argo-helm diff --git a/charts/gitops-runtime/README.md b/charts/gitops-runtime/README.md index c77e5561..eb7e7b57 100644 --- a/charts/gitops-runtime/README.md +++ b/charts/gitops-runtime/README.md @@ -100,14 +100,14 @@ sealed-secrets: | app-proxy.image-enrichment.serviceAccount.name | string | `"codefresh-image-enrichment-sa"` | Name of the service account to create or the name of the existing one to use | | app-proxy.image.pullPolicy | string | `"IfNotPresent"` | | | app-proxy.image.repository | string | `"quay.io/codefresh/cap-app-proxy"` | | -| app-proxy.image.tag | string | `"1.2608.0"` | | +| app-proxy.image.tag | string | `"1.2623.0"` | | | app-proxy.imagePullSecrets | list | `[]` | | | app-proxy.initContainer.command[0] | string | `"./init.sh"` | | | app-proxy.initContainer.env | object | `{}` | | | app-proxy.initContainer.extraVolumeMounts | list | `[]` | Extra volume mounts for init container | | app-proxy.initContainer.image.pullPolicy | string | `"IfNotPresent"` | | | app-proxy.initContainer.image.repository | string | `"quay.io/codefresh/cap-app-proxy-init"` | | -| app-proxy.initContainer.image.tag | string | `"1.2608.0"` | | +| app-proxy.initContainer.image.tag | string | `"1.2623.0"` | | | app-proxy.initContainer.resources.limits.cpu | string | `"1"` | | | app-proxy.initContainer.resources.limits.memory | string | `"512Mi"` | | | app-proxy.initContainer.resources.requests.cpu | string | `"0.2"` | | @@ -160,8 +160,8 @@ sealed-secrets: | argo-workflows.crds.install | bool | `true` | Install and upgrade CRDs | | argo-workflows.enabled | bool | `true` | | | argo-workflows.fullnameOverride | string | `"argo"` | | +| argo-workflows.server.authModes | list | `["client"]` | auth-mode needs to be set to client to be able to see workflow logs from Codefresh UI | | argo-workflows.server.baseHref | string | `"/workflows/"` | Do not change. Workflows UI is only accessed through internal router, changing this values will break routing to workflows native UI from Codefresh. | -| argo-workflows.server.extraArgs | list | `["--auth-mode=client"]` | auth-mode needs to be set to client to be able to see workflow logs from Codefresh UI | | event-reporters.events.argoCDServerServiceName | string | `nil` | LEAVE EMPTY and let the chart logic determine the name. Change only if you are totally sure you need to override ArgoCD service name. | | event-reporters.events.argoCDServerServicePort | string | `nil` | LEAVE EMPTY and let the chart logic determine the name. Change only if you are totally sure you need to override ArgoCD service port. | | event-reporters.events.eventSource.affinity | object | `{}` | | diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index 1e7caa35..a21a8d0d 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -174,8 +174,8 @@ argo-workflows: enabled: true server: # -- auth-mode needs to be set to client to be able to see workflow logs from Codefresh UI - extraArgs: - - --auth-mode=client + authModes: + - client # -- Do not change. Workflows UI is only accessed through internal router, changing this values will break routing to workflows native UI from Codefresh. baseHref: /workflows/ crds: From 7ee1b69585efec1684bebfa794998d0a3b7081dc Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Thu, 1 Feb 2024 19:54:48 +0300 Subject: [PATCH 24/32] feat(argo-cd): update chart --- charts/gitops-runtime/Chart.yaml | 4 +++- charts/gitops-runtime/README.md | 2 +- charts/gitops-runtime/values.yaml | 4 +--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index e1810cb5..81feb121 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -26,10 +26,12 @@ annotations: description: fix routing to workflows native UI - kind: changed description: Update app-proxy to 1.2623.0 + - kind: changed + description: Update argo-cd chart to 5.53.12-1-cap-2.9-2024.1.24-ccd7124b3 dependencies: - name: argo-cd repository: https://codefresh-io.github.io/argo-helm - version: 5.51.6-8-cap-2.9-2024.1.24-ccd7124b3 + version: 5.53.12-1-cap-2.9-2024.1.24-ccd7124b3 - name: argo-events repository: https://codefresh-io.github.io/argo-helm version: 2.0.9-1-cap-CR-19893 diff --git a/charts/gitops-runtime/README.md b/charts/gitops-runtime/README.md index eb7e7b57..d59dd213 100644 --- a/charts/gitops-runtime/README.md +++ b/charts/gitops-runtime/README.md @@ -150,7 +150,7 @@ sealed-secrets: | argo-cd.eventReporter.enabled | bool | `false` | Installs new event reporter component to cluster | | argo-cd.eventReporter.version | string | `"v1"` | Switches between old and new reporter version. Possible values: v1, v2. For v2 `argo-cd.eventReporter.enabled=true` is required | | argo-cd.fullnameOverride | string | `"argo-cd"` | | -| argo-cd.notifications.bots.slack | string | `nil` | | +| argo-cd.notifications | object | `{}` | | | argo-events.crds.install | bool | `false` | | | argo-events.fullnameOverride | string | `"argo-events"` | | | argo-rollouts.controller.replicas | int | `1` | | diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index a21a8d0d..d829aa8c 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -154,9 +154,7 @@ argo-cd: # Possible values: v1, v2. # For v2 `argo-cd.eventReporter.enabled=true` is required version: v1 - notifications: - bots: - slack: + notifications: {} #----------------------------------------------------------------------------------------------------------------------- # Argo Events From a58e80c4c82c6568473c59baea3ea60690a6b4fa Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Thu, 1 Feb 2024 20:00:56 +0300 Subject: [PATCH 25/32] feat(argo-cd): update chart From f5f2df117a5a0bdda126de38d9a3b8f3d04a737d Mon Sep 17 00:00:00 2001 From: pashakostohrys Date: Tue, 6 Feb 2024 13:31:36 +0200 Subject: [PATCH 26/32] chore: update argo rollouts to 2.32.5-4-additional-logs --- charts/gitops-runtime/Chart.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 81feb121..c2969b83 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -28,6 +28,11 @@ annotations: description: Update app-proxy to 1.2623.0 - kind: changed description: Update argo-cd chart to 5.53.12-1-cap-2.9-2024.1.24-ccd7124b3 + - kind: changed + description: Update argo-rollouts chart to 2.32.5-4-additional-logs + links: + - name: GitHub Release + url: https://github.com/codefresh-io/argo-rollouts/releases/tag/1.6.1-additional-logs dependencies: - name: argo-cd repository: https://codefresh-io.github.io/argo-helm @@ -41,7 +46,7 @@ dependencies: condition: argo-workflows.enabled - name: argo-rollouts repository: https://codefresh-io.github.io/argo-helm - version: 2.32.5-3-analysis-fix + version: 2.32.5-4-additional-logs condition: argo-rollouts.enabled - name: sealed-secrets repository: https://bitnami-labs.github.io/sealed-secrets/ From c9a203f139bfaf41ac4a7eed13cc4cdf58854bad Mon Sep 17 00:00:00 2001 From: Oleksandr Saulyak Date: Thu, 8 Feb 2024 19:13:34 +0200 Subject: [PATCH 27/32] argo cd 5.53.12-2-cap-2.9-2024.2.8-8ba4b03d4 --- charts/gitops-runtime/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index c2969b83..e48e0098 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -27,7 +27,7 @@ annotations: - kind: changed description: Update app-proxy to 1.2623.0 - kind: changed - description: Update argo-cd chart to 5.53.12-1-cap-2.9-2024.1.24-ccd7124b3 + description: Update argo-cd chart to 5.53.12-2-cap-2.9-2024.2.8-8ba4b03d4 - kind: changed description: Update argo-rollouts chart to 2.32.5-4-additional-logs links: @@ -36,7 +36,7 @@ annotations: dependencies: - name: argo-cd repository: https://codefresh-io.github.io/argo-helm - version: 5.53.12-1-cap-2.9-2024.1.24-ccd7124b3 + version: 5.53.12-2-cap-2.9-2024.2.8-8ba4b03d4 - name: argo-events repository: https://codefresh-io.github.io/argo-helm version: 2.0.9-1-cap-CR-19893 From 4007e4cdc06a6dfc45a0f2f520262efab28a44da Mon Sep 17 00:00:00 2001 From: Oleksandr Saulyak Date: Thu, 8 Feb 2024 19:58:19 +0200 Subject: [PATCH 28/32] extended description --- charts/gitops-runtime/Chart.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index e48e0098..55b1d664 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -28,6 +28,13 @@ annotations: description: Update app-proxy to 1.2623.0 - kind: changed description: Update argo-cd chart to 5.53.12-2-cap-2.9-2024.2.8-8ba4b03d4 + links: + - name: event-reporter v2: rate limiter + url: https://github.com/codefresh-io/argo-cd/blob/release-2.9/changelog/CHANGELOG-2.9-2024.1.17-b48801c0d.md + - name: event-reporter v2: bugfixes for cluster wide apps support; + url: https://github.com/codefresh-io/argo-cd/blob/release-2.9/changelog/CHANGELOG-2.9-2024.1.22-375d827f3.md + - name: event-reporter v1: app delete event bugfix + url: https://github.com/codefresh-io/argo-cd/blob/release-2.9/changelog/CHANGELOG-2.9-2024.2.4-fc84c8a9c.md - kind: changed description: Update argo-rollouts chart to 2.32.5-4-additional-logs links: From 66630332eb676140b2e6987baac598442cea6384 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Mon, 12 Feb 2024 19:09:44 +0300 Subject: [PATCH 29/32] feat: add get-all-images.sh script --- scripts/get-all-images.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100755 scripts/get-all-images.sh diff --git a/scripts/get-all-images.sh b/scripts/get-all-images.sh new file mode 100755 index 00000000..c9bf5ec1 --- /dev/null +++ b/scripts/get-all-images.sh @@ -0,0 +1,13 @@ +#!/bin/bash +SRCROOT="$(cd "$(dirname "$0")/.." && pwd)" +CHARTDIR="charts/gitops-runtime" +VALUESFILE="$CHARTDIR/ci/values-all-images.yaml" +OUTPUTFILE=$1 + +helm dep update $CHARTDIR + +helm template RELEASE_NAME $CHARTDIR -f $VALUESFILE \ + | grep -E 'image:|Image:' | grep -v "{}" \ + | awk -F ': ' '{print $2}' | awk NF \ + | tr -d '"' | tr -d ',' | cut -f1 -d"@" \ + | sort -u \ No newline at end of file From f60e8ccd1daf1d1c41b93a730707b99df032f6e5 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Mon, 12 Feb 2024 19:33:39 +0300 Subject: [PATCH 30/32] feat: add get-all-images.sh script --- scripts/get-all-images.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/get-all-images.sh b/scripts/get-all-images.sh index c9bf5ec1..e06c92d3 100755 --- a/scripts/get-all-images.sh +++ b/scripts/get-all-images.sh @@ -6,7 +6,7 @@ OUTPUTFILE=$1 helm dep update $CHARTDIR -helm template RELEASE_NAME $CHARTDIR -f $VALUESFILE \ +helm template release-name $CHARTDIR -f $VALUESFILE \ | grep -E 'image:|Image:' | grep -v "{}" \ | awk -F ': ' '{print $2}' | awk NF \ | tr -d '"' | tr -d ',' | cut -f1 -d"@" \ From 9afedfc8f730749996c785fb8e0a0d42590cefc6 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Mon, 12 Feb 2024 19:35:34 +0300 Subject: [PATCH 31/32] feat: add get-all-images.sh script --- scripts/get-all-images.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/get-all-images.sh b/scripts/get-all-images.sh index e06c92d3..a2426b9b 100755 --- a/scripts/get-all-images.sh +++ b/scripts/get-all-images.sh @@ -10,4 +10,5 @@ helm template release-name $CHARTDIR -f $VALUESFILE \ | grep -E 'image:|Image:' | grep -v "{}" \ | awk -F ': ' '{print $2}' | awk NF \ | tr -d '"' | tr -d ',' | cut -f1 -d"@" \ - | sort -u \ No newline at end of file + | sort -u \ + > $OUTPUTFILE \ No newline at end of file From 8d462c83032d31391784ca0bab76c7e3801fd8b4 Mon Sep 17 00:00:00 2001 From: mikhail-klimko Date: Tue, 13 Feb 2024 15:58:27 +0300 Subject: [PATCH 32/32] remove extra columns from Chart.yaml annotations --- charts/gitops-runtime/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 55b1d664..2a9d11dd 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -29,11 +29,11 @@ annotations: - kind: changed description: Update argo-cd chart to 5.53.12-2-cap-2.9-2024.2.8-8ba4b03d4 links: - - name: event-reporter v2: rate limiter + - name: event-reporter v2 rate limiter url: https://github.com/codefresh-io/argo-cd/blob/release-2.9/changelog/CHANGELOG-2.9-2024.1.17-b48801c0d.md - - name: event-reporter v2: bugfixes for cluster wide apps support; + - name: event-reporter v2 bugfixes for cluster wide apps support; url: https://github.com/codefresh-io/argo-cd/blob/release-2.9/changelog/CHANGELOG-2.9-2024.1.22-375d827f3.md - - name: event-reporter v1: app delete event bugfix + - name: event-reporter v1 app delete event bugfix url: https://github.com/codefresh-io/argo-cd/blob/release-2.9/changelog/CHANGELOG-2.9-2024.2.4-fc84c8a9c.md - kind: changed description: Update argo-rollouts chart to 2.32.5-4-additional-logs