From c37f4543147e7e088a35b325c165eb62a40631c3 Mon Sep 17 00:00:00 2001 From: Michele Baldessari Date: Sat, 14 Sep 2024 18:20:21 +0200 Subject: [PATCH 1/4] Add a check to see if multisource for clustergroup is enabled Without this in your values-global.yaml files, the deployment with a slimmed down common would fail as follows: - lastTransitionTime: "2024-09-13T18:30:19Z" message: 'Failed to load target state: failed to generate manifest for source 1 of 1: rpc error: code = Unknown desc = Manifest generation error (cached): common/clustergroup: app path does not exist' --- scripts/pattern-util.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/scripts/pattern-util.sh b/scripts/pattern-util.sh index cb7fc8736..817b2dace 100755 --- a/scripts/pattern-util.sh +++ b/scripts/pattern-util.sh @@ -8,6 +8,18 @@ function version { echo "$@" | awk -F. '{ printf("%d%03d%03d%03d\n", $1,$2,$3,$4); }' } +function check_for_clustergroup_multisource { + if [ -f values-global.yaml ]; then + # Query .main.multiSourceConfig.enabled and assume it is false if not set + OUT=$(yq -r '.main.multiSourceConfig.enabled // (.main.multiSourceConfig.enabled = "false")') + if [ "${OUT,,}" = "false" ]; then + echo "You must set `.main.multiSourceConfig.enabled: true` in your 'values-global.yaml' file" + echo "because your common subfolder is the slimmed down version with no helm charts in it" + exit 1 + fi + fi +} + if [ -z "$PATTERN_UTILITY_CONTAINER" ]; then PATTERN_UTILITY_CONTAINER="quay.io/hybridcloudpatterns/utility-container" fi @@ -66,6 +78,10 @@ else PKI_HOST_MOUNT_ARGS="" fi +# In the slimmed down common branch we need to check that multisource is enabled for the clustergroup +# chart +check_for_clustergroup_multisource + # Copy Kubeconfig from current environment. The utilities will pick up ~/.kube/config if set so it's not mandatory # $HOME is mounted as itself for any files that are referenced with absolute paths # $HOME is mounted to /root because the UID in the container is 0 and that's where SSH looks for credentials From 241479674e8a5a857ed4a6b36bb0208a48c8b414 Mon Sep 17 00:00:00 2001 From: Michele Baldessari Date: Mon, 16 Sep 2024 08:24:15 +0200 Subject: [PATCH 2/4] Move the common slim + multisource test into Makefile MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This way yq is not required on the host. Tested as follows: * No value set (assumes default is false) ❯ cat values-global.yaml --- global: pattern: multicloud-gitops options: useCSV: false syncPolicy: Automatic installPlanApproval: Automatic main: clusterGroupName: hub # multiSourceConfig: # enabled: true ❯ ./pattern.sh make validate-prereq make -f common/Makefile validate-prereq make[1]: Entering directory '/home/michele/Engineering/cloud-patterns/multicloud-gitops' You must set ".main.multiSourceConfig.enabled: true" in your 'values-global.yaml' file because your common subfolder is the slimmed down version with no helm charts in it make[1]: *** [common/Makefile:161: validate-prereq] Error 1 make[1]: Leaving directory '/home/michele/Engineering/cloud-patterns/multicloud-gitops' make: *** [Makefile:12: validate-prereq] Error 2 * Value set to false ❯ cat values-global.yaml --- global: pattern: multicloud-gitops options: useCSV: false syncPolicy: Automatic installPlanApproval: Automatic main: clusterGroupName: hub multiSourceConfig: enabled: false ❯ ./pattern.sh make validate-prereq make -f common/Makefile validate-prereq make[1]: Entering directory '/home/michele/Engineering/cloud-patterns/multicloud-gitops' You must set ".main.multiSourceConfig.enabled: true" in your 'values-global.yaml' file because your common subfolder is the slimmed down version with no helm charts in it make[1]: *** [common/Makefile:161: validate-prereq] Error 1 make[1]: Leaving directory '/home/michele/Engineering/cloud-patterns/multicloud-gitops' make: *** [Makefile:12: validate-prereq] Error 2 * Value set to true ❯ cat values-global.yaml --- global: pattern: multicloud-gitops options: useCSV: false syncPolicy: Automatic installPlanApproval: Automatic main: clusterGroupName: hub multiSourceConfig: enabled: true ❯ ./pattern.sh make validate-prereq make -f common/Makefile validate-prereq make[1]: Entering directory '/home/michele/Engineering/cloud-patterns/multicloud-gitops' make[1]: Leaving directory '/home/michele/Engineering/cloud-patterns/multicloud-gitops' --- Makefile | 9 ++++++++- scripts/pattern-util.sh | 16 ---------------- 2 files changed, 8 insertions(+), 17 deletions(-) diff --git a/Makefile b/Makefile index ca1edf068..3f2ba7a4e 100644 --- a/Makefile +++ b/Makefile @@ -169,7 +169,14 @@ validate-prereq: ## verify pre-requisites if ! ansible-galaxy collection list | grep kubernetes.core > /dev/null 2>&1; then echo "Not found"; exit 1; fi;\ echo "OK";\ else\ - echo "Skipping prerequisites check as we're running inside a container";\ + if [ -f values-global.yaml ]; then\ + OUT=`yq -r '.main.multiSourceConfig.enabled // (.main.multiSourceConfig.enabled = "false")' values-global.yaml`;\ + if [ "$${OUT,,}" = "false" ]; then\ + echo "You must set \".main.multiSourceConfig.enabled: true\" in your 'values-global.yaml' file";\ + echo "because your common subfolder is the slimmed down version with no helm charts in it";\ + exit 1;\ + fi;\ + fi;\ fi .PHONY: argo-healthcheck diff --git a/scripts/pattern-util.sh b/scripts/pattern-util.sh index 817b2dace..cb7fc8736 100755 --- a/scripts/pattern-util.sh +++ b/scripts/pattern-util.sh @@ -8,18 +8,6 @@ function version { echo "$@" | awk -F. '{ printf("%d%03d%03d%03d\n", $1,$2,$3,$4); }' } -function check_for_clustergroup_multisource { - if [ -f values-global.yaml ]; then - # Query .main.multiSourceConfig.enabled and assume it is false if not set - OUT=$(yq -r '.main.multiSourceConfig.enabled // (.main.multiSourceConfig.enabled = "false")') - if [ "${OUT,,}" = "false" ]; then - echo "You must set `.main.multiSourceConfig.enabled: true` in your 'values-global.yaml' file" - echo "because your common subfolder is the slimmed down version with no helm charts in it" - exit 1 - fi - fi -} - if [ -z "$PATTERN_UTILITY_CONTAINER" ]; then PATTERN_UTILITY_CONTAINER="quay.io/hybridcloudpatterns/utility-container" fi @@ -78,10 +66,6 @@ else PKI_HOST_MOUNT_ARGS="" fi -# In the slimmed down common branch we need to check that multisource is enabled for the clustergroup -# chart -check_for_clustergroup_multisource - # Copy Kubeconfig from current environment. The utilities will pick up ~/.kube/config if set so it's not mandatory # $HOME is mounted as itself for any files that are referenced with absolute paths # $HOME is mounted to /root because the UID in the container is 0 and that's where SSH looks for credentials From 26f0d47b7c79223f1a747c80e3ff3b14f792c7dd Mon Sep 17 00:00:00 2001 From: Michele Baldessari Date: Mon, 16 Sep 2024 09:00:37 +0200 Subject: [PATCH 3/4] Drop last bit of operator-install and the common symlink --- common | 1 - .../.github/workflows/update-helm-repo.yml | 30 ------------------- 2 files changed, 31 deletions(-) delete mode 120000 common delete mode 100644 operator-install/.github/workflows/update-helm-repo.yml diff --git a/common b/common deleted file mode 120000 index 945c9b46d..000000000 --- a/common +++ /dev/null @@ -1 +0,0 @@ -. \ No newline at end of file diff --git a/operator-install/.github/workflows/update-helm-repo.yml b/operator-install/.github/workflows/update-helm-repo.yml deleted file mode 100644 index fa1d62475..000000000 --- a/operator-install/.github/workflows/update-helm-repo.yml +++ /dev/null @@ -1,30 +0,0 @@ -# This invokes the workflow named 'publish-charts' in the umbrella repo -# It expects to have a secret called CHARTS_REPOS_TOKEN which contains -# the GitHub token that has permissions to invoke workflows and commit code -# inside the umbrella-repo. -# The following fine-grained permissions were used in testing and were limited -# to the umbrella repo only: -# - Actions: r/w -# - Commit statuses: r/w -# - Contents: r/w -# - Deployments: r/w -# - Pages: r/w -# - -name: vp-patterns/update-helm-repo -on: - push: - tags: - - 'v[0-9]+.[0-9]+.[0-9]+' - -jobs: - helmlint: - uses: validatedpatterns/helm-charts/.github/workflows/helmlint.yml@985ba37e0eb50b1b35ec194fc999eae2d0ae1486 - permissions: - contents: read - - update-helm-repo: - needs: [helmlint] - uses: validatedpatterns/helm-charts/.github/workflows/update-helm-repo.yml@985ba37e0eb50b1b35ec194fc999eae2d0ae1486 - permissions: read-all - secrets: inherit From 9843d9c23f2e22bb3ffc3fc37ef9e7d9a597a74a Mon Sep 17 00:00:00 2001 From: Michele Baldessari Date: Mon, 16 Sep 2024 09:06:02 +0200 Subject: [PATCH 4/4] Drop reference-output.yaml as it makes little sense in the slimmed common --- reference-output.yaml | 119 ------------------------------------------ 1 file changed, 119 deletions(-) delete mode 100644 reference-output.yaml diff --git a/reference-output.yaml b/reference-output.yaml deleted file mode 100644 index 1eef9745d..000000000 --- a/reference-output.yaml +++ /dev/null @@ -1,119 +0,0 @@ ---- -# Source: pattern-install/templates/argocd/namespace.yaml -# Pre-create so we can create our argo app for keeping subscriptions in sync -# Do it here so that we don't try to sync it in the future -apiVersion: v1 -kind: Namespace -metadata: - name: openshift-gitops ---- -# Source: pattern-install/templates/namespace.yaml -apiVersion: v1 -kind: Namespace -metadata: - name: manuela-ci - labels: - manuela-role: pipeline - app.kubernetes.io/instance: manuela ---- -# Source: pattern-install/templates/pipeline/serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pipeline - namespace: manuela-ci -secrets: -- name: git-repo-credentials -- name: image-registry-credentials ---- -# Source: pattern-install/templates/secrets/s3-secret.yaml -kind: Secret -apiVersion: v1 -metadata: - name: s3-secret -type: Opaque -data: - # Pre-create as part of the initial 'helm install' chart - # Create a file with the following: - # s3.accessKey: KEY - # s3.secretKey: secret key - #application.properties: base64 encrypted value of the above file - # This should live in the values-secret.yaml file - application.properties: BASE64STRING ---- -# Source: pattern-install/templates/secrets/secret-git-repo-credentials.yaml -apiVersion: v1 -kind: Secret -metadata: - name: git-repo-credentials - namespace: manuela-ci - annotations: - # Tekton magic, see https://tekton.dev/vault/pipelines-v0.15.2/auth/ - tekton.dev/git-0: https://github.com/hybrid-cloud-patterns -type: kubernetes.io/basic-auth -stringData: - username: STRING - password: STRING ---- -# Source: pattern-install/templates/secrets/secret-image-registry-credentials.yaml -apiVersion: v1 -kind: Secret -metadata: - name: openshift-registry-credentials - namespace: manuela-ci - annotations: - # Tekton magic, see https://tekton.dev/vault/pipelines-v0.15.2/auth/ - tekton.dev/docker-0: "https://" -type: kubernetes.io/basic-auth -stringData: - username: STRING - password: STRING ---- -# Source: pattern-install/templates/argocd/application.yaml -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: common-example - namespace: openshift-gitops -spec: - destination: - name: in-cluster - namespace: common-example - project: default - source: - repoURL: https://github.com/beekhof/common.git - targetRevision: main - path: common/clustergroup - helm: - valueFiles: - - "https://github.com/beekhof/patterns/raw/main/values-global.yaml" - - "https://github.com/beekhof/patterns/raw/main/values-example.yaml" - # Track the progress of https://github.com/argoproj/argo-cd/pull/6280 - parameters: - - name: global.repoURL - value: $ARGOCD_APP_SOURCE_REPO_URL - - name: global.targetRevision - value: $ARGOCD_APP_SOURCE_TARGET_REVISION - - name: global.namespace - value: $ARGOCD_APP_NAMESPACE - - name: global.valuesDirectoryURL - value: https://github.com/beekhof/patterns/raw/main - - name: global.pattern - value: common - syncPolicy: - automated: {} ---- -# Source: pattern-install/templates/argocd/subscription.yaml -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - name: openshift-gitops-operator - namespace: openshift-operators - labels: - operators.coreos.com/openshift-gitops-operator.openshift-operators: "" -spec: - channel: gitops-1.13 - installPlanApproval: Automatic - name: openshift-gitops-operator - source: redhat-operators - sourceNamespace: openshift-marketplace