From d9e06f97e0b16eefd97a73acef66e11b85620308 Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Thu, 15 May 2025 10:54:36 +0300 Subject: [PATCH 01/12] chore: remove deprecated event reporter templates for rollout and workflow components --- .../rollout-reporter/_event-source.yaml | 62 ----- .../rollout-reporter/_sensor.yaml | 47 ---- .../workflow-reporter/_event-source.yaml | 43 --- .../workflow-reporter/_sensor.yaml | 39 --- .../rollout-reporter/eventsource.yaml | 6 - .../rollout-reporter/sensor.yaml | 6 - .../workflow-reporter/eventsource.yaml | 7 - .../workflow-reporter/sensor.yaml | 7 - .../tests/event-reporters-sensors_test.yaml | 247 ------------------ 9 files changed, 464 deletions(-) delete mode 100644 charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_event-source.yaml delete mode 100644 charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_sensor.yaml delete mode 100644 charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_event-source.yaml delete mode 100644 charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_sensor.yaml delete mode 100644 charts/gitops-runtime/templates/event-reporters/rollout-reporter/eventsource.yaml delete mode 100644 charts/gitops-runtime/templates/event-reporters/rollout-reporter/sensor.yaml delete mode 100644 charts/gitops-runtime/templates/event-reporters/workflow-reporter/eventsource.yaml delete mode 100644 charts/gitops-runtime/templates/event-reporters/workflow-reporter/sensor.yaml delete mode 100644 charts/gitops-runtime/tests/event-reporters-sensors_test.yaml diff --git a/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_event-source.yaml b/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_event-source.yaml deleted file mode 100644 index b801e593..00000000 --- a/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_event-source.yaml +++ /dev/null @@ -1,62 +0,0 @@ -{{- define "event-reporters.rollout-reporter.eventsource"}} -apiVersion: argoproj.io/v1alpha1 -kind: EventSource -metadata: - name: rollout-reporter - labels: - {{- include "event-reporters.rollout-reporter.labels" . | nindent 4}} -spec: - replicas: {{ .Values.rollout.eventSource.replicas }} - eventBusName: {{ default "codefresh-eventbus" .Values.global.runtime.eventBus.name }} - resource: - analysisruns: - eventTypes: - - ADD - - UPDATE - - DELETE - filter: - createdBy: null - group: argoproj.io - resource: analysisruns - version: v1alpha1 - replicasets: - eventTypes: - - ADD - - UPDATE - - DELETE - filter: - createdBy: null - group: apps - resource: replicasets - version: v1 - rollouts: - eventTypes: - - ADD - - UPDATE - - DELETE - filter: - createdBy: null - group: argoproj.io - resource: rollouts - version: v1alpha1 - template: - container: - name: "" - resources: - {{- with .Values.rollout.eventSource.resources }} - {{- . | toYaml | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "event-reporters.rollout-reporter.serviceAccountName" .}} - tolerations: - {{- with .Values.rollout.eventSource.tolerations | default .Values.global.tolerations }} - {{- . | toYaml | nindent 6 }} - {{- end }} - nodeSelector: - {{- with .Values.rollout.eventSource.nodeSelector | default .Values.global.nodeSelector }} - {{- . | toYaml | nindent 6 }} - {{- end }} - affinity: - {{- with .Values.affinity }} - {{- . | toYaml | nindent 6 }} - {{- end }} -{{- end }} diff --git a/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_sensor.yaml b/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_sensor.yaml deleted file mode 100644 index 6639b51b..00000000 --- a/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_sensor.yaml +++ /dev/null @@ -1,47 +0,0 @@ -{{- define "event-reporters.rollout-reporter.sensor"}} -apiVersion: argoproj.io/v1alpha1 -kind: Sensor -metadata: - name: rollout-reporter - labels: - {{- include "event-reporters.rollout-reporter.labels" . | nindent 4 }} -spec: - replicas: {{ .Values.rollout.sensor.replicas }} - dependencies: - - name: rollouts - eventSourceName: rollout-reporter - eventName: rollouts - - name: replicasets - eventSourceName: rollout-reporter - eventName: replicasets - - name: analysisruns - eventSourceName: rollout-reporter - eventName: analysisruns - eventBusName: {{ default "codefresh-eventbus" .Values.global.runtime.eventBus.name }} - template: - serviceAccountName: {{ include "event-reporters.rollout-reporter.serviceAccountName" .}} - container: - name: "" - {{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" .Values.rollout.sensor.env | nindent 6 }} - resources: - {{- with .Values.rollout.sensor.resources }} - {{- . | toYaml | nindent 8 }} - {{- end }} - tolerations: - {{- with .Values.rollout.sensor.tolerations | default .Values.global.tolerations }} - {{- . | toYaml | nindent 6 }} - {{- end }} - nodeSelector: - {{- with .Values.rollout.sensor.nodeSelector | default .Values.global.nodeSelector}} - {{- . | toYaml | nindent 6 }} - {{- end }} - affinity: - {{- with .Values.affinity }} - {{- . | toYaml | nindent 6 }} - {{- end }} - triggers: - {{- include "event-reporters.http.trigger" (dict "name" "rollouts" "Values" .Values "payloadDest" "data.object" "retryStrategy" .Values.rollout.sensor.retryStrategy) | nindent 4 }} - {{- include "event-reporters.http.trigger" (dict "name" "replicasets" "Values" .Values "payloadDest" "data.object" "retryStrategy" .Values.rollout.sensor.retryStrategy) | nindent 4 }} - {{- include "event-reporters.http.trigger" (dict "name" "analysisruns" "Values" .Values "payloadDest" "data.object" "retryStrategy" .Values.rollout.sensor.retryStrategy) | nindent 4 }} - {{- include "event-reporters.log.trigger" (.Values.rollout.sensor.logging) | nindent 4 }} -{{- end }} diff --git a/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_event-source.yaml b/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_event-source.yaml deleted file mode 100644 index c613bb39..00000000 --- a/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_event-source.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{- define "event-reporters.workflow-reporter.eventsource"}} -apiVersion: argoproj.io/v1alpha1 -kind: EventSource -metadata: - name: workflow-reporter - labels: - {{- include "event-reporters.workflow-reporter.labels" . | nindent 4 }} -spec: - replicas: {{ .Values.workflow.eventSource.replicas }} - eventBusName: {{ default "codefresh-eventbus" .Values.global.runtime.eventBus.name }} - resource: - workflows: - eventTypes: - - ADD - - UPDATE - - DELETE - filter: - createdBy: null - namespace: {{ .Release.Namespace }} - group: argoproj.io - resource: workflows - version: v1alpha1 - template: - container: - name: "" - resources: - {{- with .Values.workflow.eventSource.resources }} - {{- . | toYaml | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "event-reporters.workflow-reporter.serviceAccountName" .}} - tolerations: - {{- with .Values.workflow.eventSource.tolerations | default .Values.global.tolerations }} - {{- toYaml . | nindent 6 }} - {{- end }} - nodeSelector: - {{- with .Values.workflow.eventSource.nodeSelector | default .Values.global.nodeSelector }} - {{- toYaml . | nindent 6 }} - {{- end }} - affinity: - {{- with .Values.affinity }} - {{- toYaml . | nindent 6 }} - {{- end }} -{{- end }} diff --git a/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_sensor.yaml b/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_sensor.yaml deleted file mode 100644 index 77f02f91..00000000 --- a/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_sensor.yaml +++ /dev/null @@ -1,39 +0,0 @@ -{{- define "event-reporters.workflow-reporter.sensor"}} -apiVersion: argoproj.io/v1alpha1 -kind: Sensor -metadata: - name: workflow-reporter - labels: - {{- include "event-reporters.workflow-reporter.labels" . | nindent 4 }} -spec: - replicas: {{ .Values.workflow.sensor.replicas }} - dependencies: - - eventName: workflows - eventSourceName: workflow-reporter - name: workflows - eventBusName: {{ default "codefresh-eventbus" .Values.global.runtime.eventBus.name }} - template: - serviceAccountName: {{ include "event-reporters.workflow-reporter.serviceAccountName" .}} - container: - name: "" - {{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" .Values.workflow.sensor.env | nindent 6 }} - resources: - {{- with .Values.workflow.sensor.resources }} - {{- . | toYaml | nindent 8 }} - {{- end }} - tolerations: - {{- with .Values.workflow.sensor.tolerations | default .Values.global.tolerations}} - {{- . | toYaml | nindent 6 }} - {{- end }} - nodeSelector: - {{- with .Values.workflow.sensor.nodeSelector | default .Values.global.nodeSelector }} - {{- . | toYaml | nindent 6 }} - {{- end }} - affinity: - {{- with .Values.affinity }} - {{- . | toYaml | nindent 6 }} - {{- end }} - triggers: - {{- include "event-reporters.http.trigger" (dict "name" "workflows" "Values" .Values "payloadDest" "data.object" "retryStrategy" .Values.workflow.sensor.retryStrategy) | nindent 4 }} - {{- include "event-reporters.log.trigger" (.Values.workflow.sensor.logging) | nindent 4 }} -{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/eventsource.yaml b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/eventsource.yaml deleted file mode 100644 index ea09f3a1..00000000 --- a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/eventsource.yaml +++ /dev/null @@ -1,6 +0,0 @@ -{{- if or (index (get .Values "argo-rollouts") "enabled") (and (not (index (get .Values "argo-rollouts") "enabled")) (index .Values.global "external-argo-rollouts" "rollout-reporter" "enabled" )) }} - {{- $eventReporterContext := deepCopy . }} - {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} - {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} - {{- include "event-reporters.rollout-reporter.eventsource" $eventReporterContext }} -{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/sensor.yaml b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/sensor.yaml deleted file mode 100644 index 8a097482..00000000 --- a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/sensor.yaml +++ /dev/null @@ -1,6 +0,0 @@ -{{- if or (index (get .Values "argo-rollouts") "enabled") (and (not (index (get .Values "argo-rollouts") "enabled")) (index .Values.global "external-argo-rollouts" "rollout-reporter" "enabled" )) }} - {{- $eventReporterContext := deepCopy . }} - {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} - {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} - {{- include "event-reporters.rollout-reporter.sensor" $eventReporterContext }} -{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/workflow-reporter/eventsource.yaml b/charts/gitops-runtime/templates/event-reporters/workflow-reporter/eventsource.yaml deleted file mode 100644 index fb23ffd8..00000000 --- a/charts/gitops-runtime/templates/event-reporters/workflow-reporter/eventsource.yaml +++ /dev/null @@ -1,7 +0,0 @@ - -{{- if index (get .Values "argo-workflows") "enabled" }} - {{- $eventReporterContext := deepCopy . }} - {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} - {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} - {{- include "event-reporters.workflow-reporter.eventsource" $eventReporterContext }} -{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/workflow-reporter/sensor.yaml b/charts/gitops-runtime/templates/event-reporters/workflow-reporter/sensor.yaml deleted file mode 100644 index 03105bf9..00000000 --- a/charts/gitops-runtime/templates/event-reporters/workflow-reporter/sensor.yaml +++ /dev/null @@ -1,7 +0,0 @@ - -{{- if index (get .Values "argo-workflows") "enabled" }} - {{- $eventReporterContext := deepCopy . }} - {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} - {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} - {{- include "event-reporters.workflow-reporter.sensor" $eventReporterContext }} -{{- end }} diff --git a/charts/gitops-runtime/tests/event-reporters-sensors_test.yaml b/charts/gitops-runtime/tests/event-reporters-sensors_test.yaml deleted file mode 100644 index 340b5879..00000000 --- a/charts/gitops-runtime/tests/event-reporters-sensors_test.yaml +++ /dev/null @@ -1,247 +0,0 @@ -suite: Test on event reporters sensors -templates: - - event-reporters/workflow-reporter/sensor.yaml - - event-reporters/rollout-reporter/sensor.yaml -tests: - - it: Setting api/events url works - workflow reporter - template: 'event-reporters/workflow-reporter/sensor.yaml' - values: - - './values/mandatory-values.yaml' - set: - global.codefresh.url: "https://my.platform" - global.codefresh.apiEventsPath: "/api-events" - asserts: - - equal: - path: spec.triggers[0].template.http.url - value: https://my.platform/api-events - - - it: Setting api/events url works - rollout reporter - template: 'event-reporters/rollout-reporter/sensor.yaml' - values: - - './values/mandatory-values.yaml' - set: - global.codefresh.url: "https://my.platform" - global.codefresh.apiEventsPath: "/api-events" - asserts: - - equal: - path: spec.triggers[0].template.http.url - value: https://my.platform/api-events - - equal: - path: spec.triggers[1].template.http.url - value: https://my.platform/api-events - - equal: - path: spec.triggers[2].template.http.url - value: https://my.platform/api-events - - - it: Setting various container specs - workflow reporter - template: 'event-reporters/workflow-reporter/sensor.yaml' - values: - - './values/mandatory-values.yaml' - set: - event-reporters.workflow.sensor: - replicas: 2 - resources: - requests: - memory: 1Gi - env: - DEBUG_LOG: "true" - tolerations: - - key: "example-key" - operator: "Exists" - effect: "NoSchedule" - nodeSelector: - region: east - type: user-node - affinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: topology.kubernetes.io/zone - operator: In - values: - - antarctica-east1 - - antarctica-west1 - asserts: - - equal: - path: spec.replicas - value: 2 - - equal: - path: spec.template.container.env - value: - - name: DEBUG_LOG - value: "true" - - equal: - path: spec.template.container.resources - value: - requests: - memory: 1Gi - - equal: - path: spec.template.tolerations - value: - - key: "example-key" - operator: "Exists" - effect: "NoSchedule" - - equal: - path: spec.template.nodeSelector - value: - region: east - type: user-node - - - it: Setting various container specs - rollout reporter - template: 'event-reporters/rollout-reporter/sensor.yaml' - values: - - './values/mandatory-values.yaml' - set: - event-reporters.rollout.sensor: - replicas: 2 - resources: - requests: - memory: 1Gi - env: - DEBUG_LOG: "true" - tolerations: - - key: "example-key" - operator: "Exists" - effect: "NoSchedule" - nodeSelector: - region: east - type: user-node - affinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: topology.kubernetes.io/zone - operator: In - values: - - antarctica-east1 - - antarctica-west1 - asserts: - - equal: - path: spec.replicas - value: 2 - - equal: - path: spec.template.container.env - value: - - name: DEBUG_LOG - value: "true" - - equal: - path: spec.template.container.resources - value: - requests: - memory: 1Gi - - equal: - path: spec.template.tolerations - value: - - key: "example-key" - operator: "Exists" - effect: "NoSchedule" - - equal: - path: spec.template.nodeSelector - value: - region: east - type: user-node - - - it: Logging without interval works - workflow reporter - template: 'event-reporters/workflow-reporter/sensor.yaml' - values: - - './values/mandatory-values.yaml' - set: - event-reporters.workflow.sensor: - logging: - enabled: true - asserts: - - contains: - path: spec.triggers - content: - template: - log: {} - name: log-trigger - - - it: Logging without interval works - rollout reporter - template: 'event-reporters/rollout-reporter/sensor.yaml' - values: - - './values/mandatory-values.yaml' - set: - event-reporters.rollout.sensor: - logging: - enabled: true - asserts: - - contains: - path: spec.triggers - content: - template: - log: {} - name: log-trigger - - - it: Logging with interval works - workflow reporter - template: 'event-reporters/workflow-reporter/sensor.yaml' - values: - - './values/mandatory-values.yaml' - set: - event-reporters.workflow.sensor: - logging: - intervalSeconds: 60 - enabled: true - asserts: - - contains: - path: spec.triggers - content: - template: - log: - intervalSeconds: 60 - name: log-trigger - - - it: HTTP trigger contains retries if set - workflow reporter - template: 'event-reporters/workflow-reporter/sensor.yaml' - values: - - './values/mandatory-values.yaml' - set: - event-reporters.workflow.sensor: - retryStrategy: - steps: 3 - duration: 1 - factor: 1.2 - jitter: 3 - asserts: - - equal: - path: spec.triggers[0].retryStrategy - value: - steps: 3 - duration: 1 - factor: 1.2 - jitter: 3 - - - it: HTTP trigger contains retries if set - rollout reporter - template: 'event-reporters/rollout-reporter/sensor.yaml' - values: - - './values/mandatory-values.yaml' - set: - event-reporters.rollout.sensor: - retryStrategy: - steps: 3 - duration: 1 - factor: 1.2 - jitter: 3 - asserts: - - equal: - path: spec.triggers[0].retryStrategy - value: - steps: 3 - duration: 1 - factor: 1.2 - jitter: 3 - - equal: - path: spec.triggers[1].retryStrategy - value: - steps: 3 - duration: 1 - factor: 1.2 - jitter: 3 - - equal: - path: spec.triggers[2].retryStrategy - value: - steps: 3 - duration: 1 - factor: 1.2 - jitter: 3 - From 011ded12652a027091601fbaaf8341c1a25ad5d9 Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Mon, 19 May 2025 15:02:10 +0300 Subject: [PATCH 02/12] chore: remove event reporter tests and templates for rollout and workflow components --- .../gitops-runtime/tests/custom-ca_test.yaml | 125 ----------- .../tests/external_argo_rollouts_test.yaml | 22 -- .../tests/global_constraints_test.yaml | 204 ------------------ .../tests/rollouts-enabled-disabled_test.yaml | 26 --- .../workflows-enabled-disabled_test.yaml | 34 --- 5 files changed, 411 deletions(-) delete mode 100644 charts/gitops-runtime/tests/rollouts-enabled-disabled_test.yaml diff --git a/charts/gitops-runtime/tests/custom-ca_test.yaml b/charts/gitops-runtime/tests/custom-ca_test.yaml index a35462c8..326cb87e 100644 --- a/charts/gitops-runtime/tests/custom-ca_test.yaml +++ b/charts/gitops-runtime/tests/custom-ca_test.yaml @@ -4,8 +4,6 @@ templates: - tls-custom-ca/codefresh-tls-certs.yaml - tls-custom-ca/workflow-pipelines-git-webhooks.yaml - app-proxy/deployment.yaml - - event-reporters/workflow-reporter/sensor.yaml - - event-reporters/rollout-reporter/sensor.yaml - hooks/pre-uninstall/delete-runtime-from-platform.yaml - "gitops-operator.yaml" - charts/gitops-operator/* @@ -213,129 +211,6 @@ tests: name: SSL_CERT_FILE value: /app/config/codefresh-tls-certs/ca-bundle.crt -- it: rollout reporter sensor - check chart created secret with default key - template: event-reporters/rollout-reporter/sensor.yaml - values: - - ./values/mandatory-values.yaml - set: - global.codefresh.tls.caCerts.secret.annotations.test: 'test' - global.codefresh.tls.caCerts.secret.create: true - global.codefresh.tls.caCerts.secret.content: | - -----BEGIN CERTIFICATE----- - ... encoded certificate data here ... - -----END CERTIFICATE----- - asserts: - - equal: - path: spec.triggers[0].template.http.tls - value: - caCertSecret: - name: codefresh-tls-certs - key: ca-bundle.crt - -- it: workflow reporter sensor - check chart created secret with default key - template: event-reporters/workflow-reporter/sensor.yaml - values: - - ./values/mandatory-values.yaml - set: - global.codefresh.tls.caCerts.secret.annotations.test: 'test' - global.codefresh.tls.caCerts.secret.create: true - global.codefresh.tls.caCerts.secret.content: | - -----BEGIN CERTIFICATE----- - ... encoded certificate data here ... - -----END CERTIFICATE----- - asserts: - - equal: - path: spec.triggers[0].template.http.tls - value: - caCertSecret: - name: codefresh-tls-certs - key: ca-bundle.crt - -- it: rollout reporter sensor - secretKeyRef - template: event-reporters/rollout-reporter/sensor.yaml - values: - - ./values/mandatory-values.yaml - set: - global.codefresh.tls.caCerts.secretKeyRef.name: my-secret - global.codefresh.tls.caCerts.secretKeyRef.key: my-key - asserts: - - equal: - path: spec.triggers[0].template.http.tls - value: - caCertSecret: - name: my-secret - key: my-key - -- it: workflow reporter sensor - secretKeyRef - template: event-reporters/workflow-reporter/sensor.yaml - values: - - ./values/mandatory-values.yaml - set: - global.codefresh.tls.caCerts.secretKeyRef.name: my-secret - global.codefresh.tls.caCerts.secretKeyRef.key: my-key - asserts: - - equal: - path: spec.triggers[0].template.http.tls - value: - caCertSecret: - name: my-secret - key: my-key - -- it: rollout reporter sensor - check chart created secret with custom key - template: event-reporters/rollout-reporter/sensor.yaml - values: - - ./values/mandatory-values.yaml - set: - global.codefresh.tls.caCerts.secret.annotations.test: 'test' - global.codefresh.tls.caCerts.secret.create: true - global.codefresh.tls.caCerts.secret.key: my-key - global.codefresh.tls.caCerts.secret.content: | - -----BEGIN CERTIFICATE----- - ... encoded certificate data here ... - -----END CERTIFICATE----- - asserts: - - equal: - path: spec.triggers[0].template.http.tls - value: - caCertSecret: - name: codefresh-tls-certs - key: my-key - -- it: workflow reporter sensor - check chart created secret with custom key - template: event-reporters/workflow-reporter/sensor.yaml - values: - - ./values/mandatory-values.yaml - set: - global.codefresh.tls.caCerts.secret.annotations.test: 'test' - global.codefresh.tls.caCerts.secret.create: true - global.codefresh.tls.caCerts.secret.key: my-key - global.codefresh.tls.caCerts.secret.content: | - -----BEGIN CERTIFICATE----- - ... encoded certificate data here ... - -----END CERTIFICATE----- - asserts: - - equal: - path: spec.triggers[0].template.http.tls - value: - caCertSecret: - name: codefresh-tls-certs - key: my-key - -- it: rollout reporter sensor - no tls - template: event-reporters/rollout-reporter/sensor.yaml - values: - - ./values/mandatory-values.yaml - asserts: - - notExists: - path: spec.triggers[0].template.http.tls - -- it: workflow reporter sensor - no tls - template: event-reporters/workflow-reporter/sensor.yaml - values: - - ./values/mandatory-values.yaml - asserts: - - notExists: - path: spec.triggers[0].template.http.tls # -------------------------------------------------------- # workflowPipelinesGitWebhooks # -------------------------------------------------------- diff --git a/charts/gitops-runtime/tests/external_argo_rollouts_test.yaml b/charts/gitops-runtime/tests/external_argo_rollouts_test.yaml index 9ac49ae0..f35cd851 100644 --- a/charts/gitops-runtime/tests/external_argo_rollouts_test.yaml +++ b/charts/gitops-runtime/tests/external_argo_rollouts_test.yaml @@ -14,18 +14,6 @@ tests: name: rollout-reporter template: event-reporters/rollout-reporter/serviceaccount.yaml not: true - - containsDocument: - apiVersion: argoproj.io/v1alpha1 - kind: Sensor - name: rollout-reporter - template: event-reporters/rollout-reporter/sensor.yaml - not: true - - containsDocument: - apiVersion: argoproj.io/v1alpha1 - kind: EventSource - name: rollout-reporter - template: event-reporters/rollout-reporter/eventsource.yaml - not: true - containsDocument: apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -59,16 +47,6 @@ tests: kind: ServiceAccount name: rollout-reporter template: event-reporters/rollout-reporter/serviceaccount.yaml - - containsDocument: - apiVersion: argoproj.io/v1alpha1 - kind: Sensor - name: rollout-reporter - template: event-reporters/rollout-reporter/sensor.yaml - - containsDocument: - apiVersion: argoproj.io/v1alpha1 - kind: EventSource - name: rollout-reporter - template: event-reporters/rollout-reporter/eventsource.yaml - containsDocument: apiVersion: rbac.authorization.k8s.io/v1 kind: Role diff --git a/charts/gitops-runtime/tests/global_constraints_test.yaml b/charts/gitops-runtime/tests/global_constraints_test.yaml index dccede4a..9dcee1e2 100644 --- a/charts/gitops-runtime/tests/global_constraints_test.yaml +++ b/charts/gitops-runtime/tests/global_constraints_test.yaml @@ -9,10 +9,6 @@ templates: - charts/gitops-operator/* - charts/codefresh-tunnel-client/* - internal-router/deployment.yaml - - event-reporters/rollout-reporter/eventsource.yaml - - event-reporters/rollout-reporter/sensor.yaml - - event-reporters/workflow-reporter/eventsource.yaml - - event-reporters/workflow-reporter/sensor.yaml - eventbus/codefresh-eventbus.yaml - hooks/pre-install/validate-values.yaml - hooks/pre-install/validate-usage.yaml @@ -124,206 +120,6 @@ tests: value: another-value effect: NoSchedule - - it: rollout-reporter eventsource should have nodeSelector from .Values.global - values: - - ./values/global-constraints-values.yaml - template: event-reporters/rollout-reporter/eventsource.yaml - asserts: - - equal: - path: spec.template.nodeSelector - value: - some-key: some-value - extra-key: extra-value - - - it: rollout-reporter eventsource should have nodeSelector from .Values.event-reporters and NOT from .Values.global - values: - - ./values/global-constraints-values.yaml - - ./values/subcharts-constraints-values.yaml - template: event-reporters/rollout-reporter/eventsource.yaml - asserts: - - equal: - path: spec.template.nodeSelector - value: - some-key: another-value - foo: bar - - - it: rollout-reporter eventsource should have tolerations from .Values.global - values: - - ./values/global-constraints-values.yaml - template: event-reporters/rollout-reporter/eventsource.yaml - asserts: - - equal: - path: spec.template.tolerations - value: - - key: some-key - operator: Equal - value: some-value - effect: NoSchedule - - - it: rollout-reporter eventsource should have tolerations from .Values.event-reporters and NOT from .Values.global - values: - - ./values/global-constraints-values.yaml - - ./values/subcharts-constraints-values.yaml - template: event-reporters/rollout-reporter/eventsource.yaml - asserts: - - equal: - path: spec.template.tolerations - value: - - key: another-key - operator: Equal - value: another-value - effect: NoSchedule - - - it: rollout-reporter sensor should have nodeSelector from .Values.global - values: - - ./values/global-constraints-values.yaml - template: event-reporters/rollout-reporter/sensor.yaml - asserts: - - equal: - path: spec.template.nodeSelector - value: - some-key: some-value - extra-key: extra-value - - - it: rollout-reporter sensor should have nodeSelector from .Values.event-reporters and NOT from .Values.global - values: - - ./values/global-constraints-values.yaml - - ./values/subcharts-constraints-values.yaml - template: event-reporters/rollout-reporter/sensor.yaml - asserts: - - equal: - path: spec.template.nodeSelector - value: - some-key: another-value - foo: bar - - - it: rollout-reporter sensor should have tolerations from .Values.global - values: - - ./values/global-constraints-values.yaml - template: event-reporters/rollout-reporter/sensor.yaml - asserts: - - equal: - path: spec.template.tolerations - value: - - key: some-key - operator: Equal - value: some-value - effect: NoSchedule - - - it: rollout-reporter sensor should have tolerations from .Values.event-reporters and NOT from .Values.global - values: - - ./values/global-constraints-values.yaml - - ./values/subcharts-constraints-values.yaml - template: event-reporters/rollout-reporter/sensor.yaml - asserts: - - equal: - path: spec.template.tolerations - value: - - key: another-key - operator: Equal - value: another-value - effect: NoSchedule - - - it: workflow-reporter eventsource should have nodeSelector from .Values.global - values: - - ./values/global-constraints-values.yaml - template: event-reporters/workflow-reporter/eventsource.yaml - asserts: - - equal: - path: spec.template.nodeSelector - value: - some-key: some-value - extra-key: extra-value - - - it: workflow-reporter eventsource should have nodeSelector from .Values.event-reporters and NOT from .Values.global - values: - - ./values/global-constraints-values.yaml - - ./values/subcharts-constraints-values.yaml - template: event-reporters/workflow-reporter/eventsource.yaml - asserts: - - equal: - path: spec.template.nodeSelector - value: - some-key: another-value - foo: bar - - - it: workflow-reporter eventsource should have tolerations from .Values.global - values: - - ./values/global-constraints-values.yaml - template: event-reporters/workflow-reporter/eventsource.yaml - asserts: - - equal: - path: spec.template.tolerations - value: - - key: some-key - operator: Equal - value: some-value - effect: NoSchedule - - - it: workflow-reporter eventsource should have tolerations from .Values.event-reporters and NOT from .Values.global - values: - - ./values/global-constraints-values.yaml - - ./values/subcharts-constraints-values.yaml - template: event-reporters/workflow-reporter/eventsource.yaml - asserts: - - equal: - path: spec.template.tolerations - value: - - key: another-key - operator: Equal - value: another-value - effect: NoSchedule - - - it: workflow-reporter sensor should have nodeSelector from .Values.global - values: - - ./values/global-constraints-values.yaml - template: event-reporters/workflow-reporter/sensor.yaml - asserts: - - equal: - path: spec.template.nodeSelector - value: - some-key: some-value - extra-key: extra-value - - - it: workflow-reporter sensor should have nodeSelector from .Values.event-reporters and NOT from .Values.global - values: - - ./values/global-constraints-values.yaml - - ./values/subcharts-constraints-values.yaml - template: event-reporters/workflow-reporter/sensor.yaml - asserts: - - equal: - path: spec.template.nodeSelector - value: - some-key: another-value - foo: bar - - - it: workflow-reporter sensor should have tolerations from .Values.global - values: - - ./values/global-constraints-values.yaml - template: event-reporters/workflow-reporter/sensor.yaml - asserts: - - equal: - path: spec.template.tolerations - value: - - key: some-key - operator: Equal - value: some-value - effect: NoSchedule - - - it: workflow-reporter sensor should have tolerations from .Values.event-reporters and NOT from .Values.global - values: - - ./values/global-constraints-values.yaml - - ./values/subcharts-constraints-values.yaml - template: event-reporters/workflow-reporter/sensor.yaml - asserts: - - equal: - path: spec.template.tolerations - value: - - key: another-key - operator: Equal - value: another-value - effect: NoSchedule - - it: codefresh-eventbus should have nodeSelector from .Values.global values: - ./values/global-constraints-values.yaml diff --git a/charts/gitops-runtime/tests/rollouts-enabled-disabled_test.yaml b/charts/gitops-runtime/tests/rollouts-enabled-disabled_test.yaml deleted file mode 100644 index 795ed3d0..00000000 --- a/charts/gitops-runtime/tests/rollouts-enabled-disabled_test.yaml +++ /dev/null @@ -1,26 +0,0 @@ -suite: Enabling/disabling argo-rollouts should accordingly enable/disable the event reporter -templates: - - event-reporters/rollout-reporter/eventsource.yaml - - event-reporters/rollout-reporter/sensor.yaml -tests: - -- it: event reporter not generated when rollouts disabled - template: 'event-reporters/rollout-reporter/eventsource.yaml' - values: - - ./values/mandatory-values.yaml - set: - argo-rollouts.enabled: false - asserts: - - hasDocuments: - count: 0 - -- it: event reporter generated when rollouts enabled - template: 'event-reporters/rollout-reporter/eventsource.yaml' - values: - - ./values/mandatory-values.yaml - set: - argo-rollouts.enabled: true - asserts: - - containsDocument: - apiVersion: argoproj.io/v1alpha1 - kind: EventSource \ No newline at end of file diff --git a/charts/gitops-runtime/tests/workflows-enabled-disabled_test.yaml b/charts/gitops-runtime/tests/workflows-enabled-disabled_test.yaml index ab013f07..c9401fc5 100644 --- a/charts/gitops-runtime/tests/workflows-enabled-disabled_test.yaml +++ b/charts/gitops-runtime/tests/workflows-enabled-disabled_test.yaml @@ -1,43 +1,9 @@ suite: Enabling/disabling argo-workflows should accordingly enable/disable the event reporter and set/unset the routing in internal router templates: - - event-reporters/workflow-reporter/eventsource.yaml - - event-reporters/workflow-reporter/sensor.yaml - internal-router/config.yaml - app-proxy/config.yaml tests: -- it: event reporter eventsource not generated when workflows disabled - template: 'event-reporters/workflow-reporter/eventsource.yaml' - values: - - ./values/mandatory-values.yaml - set: - argo-workflows.enabled: false - asserts: - - hasDocuments: - count: 0 - -- it: event reporter eventsource generated when workflows enabled - template: 'event-reporters/workflow-reporter/eventsource.yaml' - values: - - ./values/mandatory-values.yaml - set: - argo-workflows.enabled: true - asserts: - - containsDocument: - apiVersion: argoproj.io/v1alpha1 - kind: EventSource - -- it: event reporter eventsource generated when workflows enabled - template: 'event-reporters/workflow-reporter/sensor.yaml' - values: - - ./values/mandatory-values.yaml - set: - argo-workflows.enabled: true - asserts: - - containsDocument: - apiVersion: argoproj.io/v1alpha1 - kind: Sensor - - it: internal router config doesn't have workflows route when workflows disabled template: 'internal-router/config.yaml' values: From d206eca111b69de61be78f920b767e1af82a8792 Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Wed, 21 May 2025 16:17:44 +0300 Subject: [PATCH 03/12] remove leftovers --- .../_components/event-reporters/_helpers.tpl | 53 +-------------- .../values/subcharts-constraints-values.yaml | 16 ----- charts/gitops-runtime/values.yaml | 68 ------------------- 3 files changed, 1 insertion(+), 136 deletions(-) diff --git a/charts/gitops-runtime/templates/_components/event-reporters/_helpers.tpl b/charts/gitops-runtime/templates/_components/event-reporters/_helpers.tpl index f8dd300e..b23f2ed4 100644 --- a/charts/gitops-runtime/templates/_components/event-reporters/_helpers.tpl +++ b/charts/gitops-runtime/templates/_components/event-reporters/_helpers.tpl @@ -97,55 +97,4 @@ Create the name of the service account to use {{- else }} {{- default "default" .Values.workflow.serviceAccount.name }} {{- end }} -{{- end }} - -{{/* -Create a single event-source sensor http trigger -assumes the name, condition and payload.dependencyName are identical -*/}} -{{- define "event-reporters.http.trigger" -}} -{{- $url := (printf "%s%s" .Values.global.codefresh.url .Values.global.codefresh.apiEventsPath | quote) -}} -- template: - name: {{ .name }} - conditions: {{ .name }} - http: - method: POST - url: {{ $url }} - {{- if or .Values.global.codefresh.tls.caCerts.secret.create .Values.global.codefresh.tls.caCerts.secretKeyRef}} - tls: - caCertSecret: - name: {{ .Values.global.codefresh.tls.caCerts.secret.create | ternary "codefresh-tls-certs" .Values.global.codefresh.tls.caCerts.secretKeyRef.name }} - key: {{ .Values.global.codefresh.tls.caCerts.secret.create | ternary (default "ca-bundle.crt" .Values.global.codefresh.tls.caCerts.secret.key) .Values.global.codefresh.tls.caCerts.secretKeyRef.key }} - {{- end }} - headers: - Content-Type: application/json - secureHeaders: - - name: Authorization - valueFrom: - secretKeyRef: - key: token - name: codefresh-token - payload: - - dest: {{ .payloadDest }} - src: - dataKey: body - dependencyName: {{ .name }} - {{- if .retryStrategy }} - retryStrategy: - {{- .retryStrategy | toYaml | nindent 4 }} - {{- end }} -{{- end -}} - -{{/* Logging trigger for the sensor - gets sensor.logging dict */}} -{{- define "event-reporters.log.trigger" -}} - {{- if .enabled }} -- template: - name: log-trigger - {{- if gt (int .intervalSeconds) 0 }} - log: - intervalSeconds: {{ .intervalSeconds }} - {{- else }} - log: {} - {{- end }} - {{- end }} -{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/gitops-runtime/tests/values/subcharts-constraints-values.yaml b/charts/gitops-runtime/tests/values/subcharts-constraints-values.yaml index ede59046..49e74444 100644 --- a/charts/gitops-runtime/tests/values/subcharts-constraints-values.yaml +++ b/charts/gitops-runtime/tests/values/subcharts-constraints-values.yaml @@ -25,22 +25,6 @@ internal-router: nodeSelector: *nodeSelector tolerations: *tolerations -event-reporters: - rollout: - eventSource: - nodeSelector: *nodeSelector - tolerations: *tolerations - sensor: - nodeSelector: *nodeSelector - tolerations: *tolerations - workflow: - eventSource: - nodeSelector: *nodeSelector - tolerations: *tolerations - sensor: - nodeSelector: *nodeSelector - tolerations: *tolerations - installer: nodeSelector: *nodeSelector tolerations: *tolerations diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index 6331b835..8b769362 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -330,74 +330,6 @@ argo-rollouts: controller: replicas: 1 installCRDs: true - -#----------------------------------------------------------------------------------------------------------------------- -# Event reporters -#----------------------------------------------------------------------------------------------------------------------- -event-reporters: - rollout: - serviceAccount: - create: true - eventSource: - replicas: 1 - resources: {} - tolerations: [] - nodeSelector: {} - affinity: {} - sensor: - # -- Set to true to enable logging. Set intervalSeconds to add logging interval to moderate log flow. - logging: - enabled: false - intervalSeconds: 0 - # -- Retry strategy for events sent to Codefresh - retryStrategy: - # -- Number of retries - steps: 3 - # -- The initial duration, use strings like "2s", "1m" - duration: 0 - # -- Duration is multiplied by factor each retry, if factor is not zero and steps limit has not been reached. Should not be negative - factor: 1.0 - # -- The sleep between each retry is the duration plus an additional amount chosen uniformly at random from the interval between zero and `jitter * duration`. - jitter: 1 - replicas: 1 - resources: {} - # -- Environment variables for sensor pods - add DEBUG_LOG: "true" to add debug level logs - env: {} - tolerations: [] - nodeSelector: {} - affinity: {} - workflow: - serviceAccount: - create: true - eventSource: - replicas: 1 - resources: {} - tolerations: [] - nodeSelector: {} - affinity: {} - sensor: - # -- Set to true to enable logging. Set intervalSeconds to add logging interval to moderate log flow. - logging: - enabled: false - intervalSeconds: 0 - # -- Retry strategy for events sent to Codefresh - retryStrategy: - # -- Number of retries - steps: 3 - # -- The initial duration, use strings like "2s", "1m" - duration: 0 - # -- Duration is multiplied by factor each retry, if factor is not zero and steps limit has not been reached. Should not be negative - factor: 1.0 - # -- The sleep between each retry is the duration plus an additional amount chosen uniformly at random from the interval between zero and `jitter * duration`. - jitter: 1 - replicas: 1 - resources: {} - # -- Environment variables for sensor pods - add DEBUG_LOG: "true" to add debug level logs - env: {} - tolerations: [] - nodeSelector: {} - affinity: {} - #----------------------------------------------------------------------------------------------------------------------- # Internal router #----------------------------------------------------------------------------------------------------------------------- From 8f034eade67ea1013e1ddc2c9a9791639bc16ef4 Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Wed, 21 May 2025 17:28:18 +0300 Subject: [PATCH 04/12] remove leftovers --- .../_components/event-reporters/_helpers.tpl | 100 ------------------ .../rollout-reporter/_rbac.yaml | 31 ------ .../rollout-reporter/_serviceaccount.yaml | 10 -- .../workflow-reporter/_rbac.yaml | 30 ------ .../workflow-reporter/_serviceaccount.yaml | 10 -- .../rollout-reporter/clusterrolebinding.yaml | 22 ---- .../rollout-reporter/rbac.yaml | 6 -- .../rollout-reporter/serviceaccount.yaml | 6 -- .../workflow-reporter/rbac.yaml | 7 -- .../workflow-reporter/serviceaccount.yaml | 7 -- 10 files changed, 229 deletions(-) delete mode 100644 charts/gitops-runtime/templates/_components/event-reporters/_helpers.tpl delete mode 100644 charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_rbac.yaml delete mode 100644 charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_serviceaccount.yaml delete mode 100644 charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_rbac.yaml delete mode 100644 charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_serviceaccount.yaml delete mode 100644 charts/gitops-runtime/templates/event-reporters/rollout-reporter/clusterrolebinding.yaml delete mode 100644 charts/gitops-runtime/templates/event-reporters/rollout-reporter/rbac.yaml delete mode 100644 charts/gitops-runtime/templates/event-reporters/rollout-reporter/serviceaccount.yaml delete mode 100644 charts/gitops-runtime/templates/event-reporters/workflow-reporter/rbac.yaml delete mode 100644 charts/gitops-runtime/templates/event-reporters/workflow-reporter/serviceaccount.yaml diff --git a/charts/gitops-runtime/templates/_components/event-reporters/_helpers.tpl b/charts/gitops-runtime/templates/_components/event-reporters/_helpers.tpl deleted file mode 100644 index b23f2ed4..00000000 --- a/charts/gitops-runtime/templates/_components/event-reporters/_helpers.tpl +++ /dev/null @@ -1,100 +0,0 @@ -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "event-reporters.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Expand the name of the chart. -*/}} -{{- define "event-reporters.rollout-reporter.name" -}} -{{- print "rollout-reporter"}} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "event-reporters.rollout-reporter.fullname" -}} -{{- print "rollout-reporter"}} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "event-reporters.rollout-reporter.labels" -}} -helm.sh/chart: {{ include "event-reporters.chart" . }} -{{ include "event-reporters.rollout-reporter.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: Helm -codefresh.io/internal: "true" -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "event-reporters.rollout-reporter.selectorLabels" -}} -app.kubernetes.io/part-of: rollout-reporter -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "event-reporters.rollout-reporter.serviceAccountName" -}} - {{- if .Values.rollout.serviceAccount.create }} - {{- default (include "event-reporters.rollout-reporter.fullname" .) .Values.rollout.serviceAccount.name }} - {{- else }} - {{- default "default" .Values.rollout.serviceAccount.name }} - {{- end }} -{{- end }} - -{{/* -Expand the name of the chart. -*/}} -{{- define "event-reporters.workflow-reporter.name" -}} -{{- print "workflow-reporter"}} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "event-reporters.workflow-reporter.fullname" -}} -{{- print "workflow-reporter"}} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "event-reporters.workflow-reporter.labels" -}} -helm.sh/chart: {{ include "event-reporters.chart" . }} -{{ include "event-reporters.workflow-reporter.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: Helm -codefresh.io/internal: "true" -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "event-reporters.workflow-reporter.selectorLabels" -}} -app.kubernetes.io/part-of: workflow-reporter -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "event-reporters.workflow-reporter.serviceAccountName" -}} - {{- if .Values.workflow.serviceAccount.create }} - {{- default "codefresh-sa" .Values.workflow.serviceAccount.name }} - {{- else }} - {{- default "default" .Values.workflow.serviceAccount.name }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_rbac.yaml b/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_rbac.yaml deleted file mode 100644 index bb7966f7..00000000 --- a/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_rbac.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- define "event-reporters.rollout-reporter.rbac"}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: rollout-reporter-sa - labels: - app.kubernetes.io/part-of: rollout-reporter - codefresh.io/internal: "true" -rules: - - apiGroups: - - "*" - resources: - - "*" - verbs: - - "*" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: rollout-reporter-sa - labels: - app.kubernetes.io/part-of: workflow-reporter - codefresh.io/internal: "true" -roleRef: - apiGroup: "" - kind: Role - name: rollout-reporter-sa -subjects: - - kind: ServiceAccount - name: {{ include "event-reporters.rollout-reporter.serviceAccountName" . }} -{{- end }} \ No newline at end of file diff --git a/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_serviceaccount.yaml b/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_serviceaccount.yaml deleted file mode 100644 index 1d2ae3f8..00000000 --- a/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_serviceaccount.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- define "event-reporters.rollout-reporter.sa"}} - {{- if .Values.rollout.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "event-reporters.rollout-reporter.serviceAccountName" .}} - labels: - {{- include "event-reporters.rollout-reporter.labels" . | nindent 4 }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_rbac.yaml b/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_rbac.yaml deleted file mode 100644 index 38b48031..00000000 --- a/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_rbac.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{- define "event-reporters.workflow-reporter.rbac"}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: workflow-reporter - labels: - {{- include "event-reporters.workflow-reporter.labels" . | nindent 4 }} -rules: - - apiGroups: - - "*" - resources: - - "*" - verbs: - - "*" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: workflow-reporter - labels: - app.kubernetes.io/part-of: workflow-reporter - codefresh.io/internal: "true" -roleRef: - apiGroup: "" - kind: Role - name: workflow-reporter -subjects: - - kind: ServiceAccount - name: {{ include "event-reporters.workflow-reporter.serviceAccountName" .}} -{{- end }} diff --git a/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_serviceaccount.yaml b/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_serviceaccount.yaml deleted file mode 100644 index 023a4c84..00000000 --- a/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_serviceaccount.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- define "event-reporters.workflow-reporter.sa"}} - {{- if .Values.workflow.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "event-reporters.workflow-reporter.serviceAccountName" .}} - labels: - {{- include "event-reporters.workflow-reporter.labels" . | nindent 4 }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/clusterrolebinding.yaml b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/clusterrolebinding.yaml deleted file mode 100644 index 78d1eb36..00000000 --- a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/clusterrolebinding.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{/* Mapping of argo rollouts clusterrole if such is created (see https://github.com/codefresh-io/argo-helm/blob/argo-rollouts/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml) - to the reporters ServiceAccount -*/}} -{{- if or (index (get .Values "argo-rollouts") "enabled") (and (not (index (get .Values "argo-rollouts") "enabled")) (index .Values.global "external-argo-rollouts" "rollout-reporter" "enabled" )) }} - {{- if or (and (index (get .Values "argo-rollouts") "clusterInstall") (index (get .Values "argo-rollouts") "controller" "createClusterRole")) (and (not (index (get .Values "argo-rollouts") "enabled")) (index .Values.global "external-argo-rollouts" "rollout-reporter" "enabled" ))}} - {{- $eventReporterContext := deepCopy . }} - {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} - {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: codefresh-rollouts-reporter -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ include "codefresh-gitops-runtime.argo-rollouts.name" . }} -subjects: - - kind: ServiceAccount - name: {{ include "event-reporters.rollout-reporter.serviceAccountName" $eventReporterContext }} - namespace: {{ .Release.Namespace }} - {{- end }} -{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/rbac.yaml b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/rbac.yaml deleted file mode 100644 index bb2c051f..00000000 --- a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/rbac.yaml +++ /dev/null @@ -1,6 +0,0 @@ -{{- if or (index (get .Values "argo-rollouts") "enabled") (and (not (index (get .Values "argo-rollouts") "enabled")) (index .Values.global "external-argo-rollouts" "rollout-reporter" "enabled" )) }} - {{- $eventReporterContext := deepCopy . }} - {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} - {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} - {{- include "event-reporters.rollout-reporter.rbac" $eventReporterContext }} -{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/serviceaccount.yaml b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/serviceaccount.yaml deleted file mode 100644 index ddf72053..00000000 --- a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/serviceaccount.yaml +++ /dev/null @@ -1,6 +0,0 @@ -{{- if or (index (get .Values "argo-rollouts") "enabled") (and (not (index (get .Values "argo-rollouts") "enabled")) (index .Values.global "external-argo-rollouts" "rollout-reporter" "enabled" )) }} - {{- $eventReporterContext := deepCopy . }} - {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} - {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} - {{- include "event-reporters.rollout-reporter.sa" $eventReporterContext }} -{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/workflow-reporter/rbac.yaml b/charts/gitops-runtime/templates/event-reporters/workflow-reporter/rbac.yaml deleted file mode 100644 index 93e17e40..00000000 --- a/charts/gitops-runtime/templates/event-reporters/workflow-reporter/rbac.yaml +++ /dev/null @@ -1,7 +0,0 @@ - -{{- if index (get .Values "argo-workflows") "enabled" }} - {{- $eventReporterContext := deepCopy . }} - {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} - {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} - {{- include "event-reporters.workflow-reporter.rbac" $eventReporterContext }} -{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/workflow-reporter/serviceaccount.yaml b/charts/gitops-runtime/templates/event-reporters/workflow-reporter/serviceaccount.yaml deleted file mode 100644 index c78179dc..00000000 --- a/charts/gitops-runtime/templates/event-reporters/workflow-reporter/serviceaccount.yaml +++ /dev/null @@ -1,7 +0,0 @@ - -{{- if index (get .Values "argo-workflows") "enabled" }} - {{- $eventReporterContext := deepCopy . }} - {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} - {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} - {{- include "event-reporters.workflow-reporter.sa" $eventReporterContext }} -{{- end }} From d41e99a3b9e0e8cd04578c03911d5fdf1636b242 Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Wed, 21 May 2025 19:19:24 +0300 Subject: [PATCH 05/12] fix helm tests --- ...o-projects-templates-integration_test.yaml | 16 ----- .../tests/external_argo_rollouts_test.yaml | 66 ------------------- 2 files changed, 82 deletions(-) delete mode 100644 charts/gitops-runtime/tests/external_argo_rollouts_test.yaml diff --git a/charts/gitops-runtime/tests/argo-projects-templates-integration_test.yaml b/charts/gitops-runtime/tests/argo-projects-templates-integration_test.yaml index 7b79c4fc..5293d692 100644 --- a/charts/gitops-runtime/tests/argo-projects-templates-integration_test.yaml +++ b/charts/gitops-runtime/tests/argo-projects-templates-integration_test.yaml @@ -6,7 +6,6 @@ templates: - app-proxy/workflows-crb.yaml - app-proxy/config.yaml - internal-router/config.yaml - - event-reporters/rollout-reporter/clusterrolebinding.yaml tests: # ------------------------------------------------------------------------ # ArgoCD @@ -105,18 +104,3 @@ tests: - equal: path: data.argoWorkflowsUrl value: https://argo-test-server:2746 -# ------------------------------------------------------------------------------------------ -# Argo rollouts -# Affected templates - rollouts reporter clusterrolebinding -# ------------------------------------------------------------------------------------------ -- it: test rollout reporter ClusterRoleBinding to argo rollouts role - template: 'event-reporters/rollout-reporter/clusterrolebinding.yaml' - values: - - ./values/mandatory-values.yaml - set: - argo-rollouts.enabled: true - argo-rollouts.fullnameOverride: rollouts-test - asserts: - - equal: - path: roleRef.name - value: rollouts-test diff --git a/charts/gitops-runtime/tests/external_argo_rollouts_test.yaml b/charts/gitops-runtime/tests/external_argo_rollouts_test.yaml deleted file mode 100644 index f35cd851..00000000 --- a/charts/gitops-runtime/tests/external_argo_rollouts_test.yaml +++ /dev/null @@ -1,66 +0,0 @@ -# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json -suite: Test External Argo Rolouts with GitOps Runtime -templates: - - event-reporters/rollout-reporter/* -tests: - - it: Should not deploy rollout-reporter if argo-rollouts disabled - set: - argo-rollouts: - enabled: false - asserts: - - containsDocument: - apiVersion: v1 - kind: ServiceAccount - name: rollout-reporter - template: event-reporters/rollout-reporter/serviceaccount.yaml - not: true - - containsDocument: - apiVersion: rbac.authorization.k8s.io/v1 - kind: Role - name: rollout-reporter-sa - template: event-reporters/rollout-reporter/rbac.yaml - not: true - - containsDocument: - apiVersion: rbac.authorization.k8s.io/v1 - kind: RoleBinding - name: rollout-reporter-sa - template: event-reporters/rollout-reporter/rbac.yaml - not: true - - containsDocument: - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - name: codefresh-rollouts-reporter - template: event-reporters/rollout-reporter/clusterrolebinding.yaml - not: true - - - it: Should deploy rollout-reporter if argo-rollouts disabled AND .global.external-argo-rollouts.rollout-reporter.enabled is true - set: - argo-rollouts: - enabled: false - global: - external-argo-rollouts: - rollout-reporter: - enabled: true - asserts: - - containsDocument: - apiVersion: v1 - kind: ServiceAccount - name: rollout-reporter - template: event-reporters/rollout-reporter/serviceaccount.yaml - - containsDocument: - apiVersion: rbac.authorization.k8s.io/v1 - kind: Role - name: rollout-reporter-sa - template: event-reporters/rollout-reporter/rbac.yaml - documentIndex: 0 - - containsDocument: - apiVersion: rbac.authorization.k8s.io/v1 - kind: RoleBinding - name: rollout-reporter-sa - template: event-reporters/rollout-reporter/rbac.yaml - documentIndex: 1 - - containsDocument: - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - name: codefresh-rollouts-reporter - template: event-reporters/rollout-reporter/clusterrolebinding.yaml From 22fedafd82c8319f3e7281b2e89272aae24435ae Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Fri, 23 May 2025 12:14:19 +0300 Subject: [PATCH 06/12] feat(event-reporters): restore codefresh-sa service account for backward compatibility - Add event-reporters.workflow.serviceAccount configuration to values.yaml - Add helper functions for workflow reporter service account in _helpers.tpl - Create workflow-reporter-sa.yaml template to provision codefresh-sa service account - Maintains backward compatibility with e2e tests and existing workflows - Service account created only when event-reporters.workflow.serviceAccount.create is true - Defaults to 'codefresh-sa' name when no custom name is specified Resolves e2e test failures due to missing codefresh-sa service account after event-reporters removal. --- charts/gitops-runtime/templates/_helpers.tpl | 29 +++++++++++++++++++ .../templates/workflow-reporter-sa.yaml | 11 +++++++ charts/gitops-runtime/values.yaml | 12 ++++++++ 3 files changed, 52 insertions(+) create mode 100644 charts/gitops-runtime/templates/workflow-reporter-sa.yaml diff --git a/charts/gitops-runtime/templates/_helpers.tpl b/charts/gitops-runtime/templates/_helpers.tpl index 285a1890..1ae368c3 100644 --- a/charts/gitops-runtime/templates/_helpers.tpl +++ b/charts/gitops-runtime/templates/_helpers.tpl @@ -507,3 +507,32 @@ valueFrom: optional: true {{- end }} # ------------------------------------------------------------------------------------------------------------ + +# ------------------------------------------------------------------------------------------------------------ +# event-reporters workflow reporter helpers (backward compatibility) +# ------------------------------------------------------------------------------------------------------------ +{{/* +Create the name of the service account to use for workflow reporter +*/}} +{{- define "event-reporters.workflow-reporter.serviceAccountName" -}} + {{- if (index .Values "event-reporters" "workflow" "serviceAccount" "create") }} + {{- default "codefresh-sa" (index .Values "event-reporters" "workflow" "serviceAccount" "name") }} + {{- else }} + {{- default "default" (index .Values "event-reporters" "workflow" "serviceAccount" "name") }} + {{- end }} +{{- end }} + +{{/* +Common labels for workflow reporter +*/}} +{{- define "event-reporters.workflow-reporter.labels" -}} +helm.sh/chart: {{ include "codefresh-gitops-runtime.chart" . }} +app.kubernetes.io/name: workflow-reporter +app.kubernetes.io/instance: {{ .Release.Name }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: Helm +codefresh.io/internal: "true" +{{- end }} +# ------------------------------------------------------------------------------------------------------------ diff --git a/charts/gitops-runtime/templates/workflow-reporter-sa.yaml b/charts/gitops-runtime/templates/workflow-reporter-sa.yaml new file mode 100644 index 00000000..83abcfe2 --- /dev/null +++ b/charts/gitops-runtime/templates/workflow-reporter-sa.yaml @@ -0,0 +1,11 @@ +{{/* +Workflow reporter service account for backward compatibility +*/}} +{{- if (index .Values "event-reporters" "workflow" "serviceAccount" "create") }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "event-reporters.workflow-reporter.serviceAccountName" . }} + labels: + {{- include "event-reporters.workflow-reporter.labels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index 8b769362..7d64fdb4 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -660,6 +660,18 @@ gitops-operator: cpu: 100m memory: 128Mi +#----------------------------------------------------------------------------------------------------------------------- +# event-reporters (backward compatibility) +#----------------------------------------------------------------------------------------------------------------------- +# -- Event reporters configuration for backward compatibility +event-reporters: + workflow: + serviceAccount: + # -- Create service account for workflow reporter + create: true + # -- Service account name (defaults to codefresh-sa if not specified) + name: "" + #----------------------------------------------------------------------------------------------------------------------- # cf-argocd-extras #----------------------------------------------------------------------------------------------------------------------- From e758cec3ceb16a469225e41528fbee4f94395c41 Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Fri, 23 May 2025 12:51:46 +0300 Subject: [PATCH 07/12] feat(event-reporters): add RBAC permissions for codefresh-sa service account - Create workflow-reporter-rbac.yaml with Role and RoleBinding - Grants full namespace permissions (all apiGroups, resources, verbs) - Restores same permissions as original workflow-reporter service account - Ensures backward compatibility for e2e tests requiring elevated permissions --- .../templates/workflow-reporter-rbac.yaml | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 charts/gitops-runtime/templates/workflow-reporter-rbac.yaml diff --git a/charts/gitops-runtime/templates/workflow-reporter-rbac.yaml b/charts/gitops-runtime/templates/workflow-reporter-rbac.yaml new file mode 100644 index 00000000..14dca1b9 --- /dev/null +++ b/charts/gitops-runtime/templates/workflow-reporter-rbac.yaml @@ -0,0 +1,32 @@ +{{/* +Workflow reporter RBAC for backward compatibility +*/}} +{{- if (index .Values "event-reporters" "workflow" "serviceAccount" "create") }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: workflow-reporter + labels: + {{- include "event-reporters.workflow-reporter.labels" . | nindent 4 }} +rules: + - apiGroups: + - "*" + resources: + - "*" + verbs: + - "*" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: workflow-reporter + labels: + {{- include "event-reporters.workflow-reporter.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: workflow-reporter +subjects: + - kind: ServiceAccount + name: {{ include "event-reporters.workflow-reporter.serviceAccountName" . }} +{{- end }} \ No newline at end of file From 54995334f9781702513009a429bc324d8f799ec3 Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Sun, 25 May 2025 10:47:10 +0300 Subject: [PATCH 08/12] From 9901bc421e9de8fb8c5aac6d1d2807ace3c232c0 Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Sun, 25 May 2025 11:32:39 +0300 Subject: [PATCH 09/12] From bcc738c0830bf3536fa04d684f7d3858099be9c4 Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Sun, 25 May 2025 11:57:41 +0300 Subject: [PATCH 10/12] From fde1273c31599d7deb9f677f8cac9a2a8d1b6f36 Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Sun, 25 May 2025 12:02:25 +0300 Subject: [PATCH 11/12] From 3c7bcea48681b8170ff8a1e1d244d021244e68cb Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Sun, 25 May 2025 15:03:05 +0300 Subject: [PATCH 12/12]