From 43044cf8ed321b7e71977c01280ab40300fb5a2b Mon Sep 17 00:00:00 2001 From: Wayne Starr <me@racer159.com> Date: Thu, 21 Mar 2024 13:27:41 -0600 Subject: [PATCH 1/4] chore: implement upgrade tests for mattermost --- .github/workflows/ci-docs-shim.yaml | 7 +-- .github/workflows/codeql.yaml | 2 +- .github/workflows/commitlint.yaml | 2 +- .github/workflows/dependencyreview.yaml | 2 +- .github/workflows/lint.yaml | 34 +++++++++++++ .github/workflows/scorecard.yaml | 2 +- .github/workflows/tag-and-release.yaml | 12 ++--- .github/workflows/test.yaml | 13 ++--- .yamllint | 35 +++++++++++++ README.md | 14 ++---- bundle/uds-bundle.yaml | 10 ++-- chart/templates/mattermost-config.yaml | 2 +- chart/templates/mattermost-gossip-svc.yaml | 2 +- chart/templates/mattermost-object-store.yaml | 2 +- chart/templates/mattermost-postgres.yaml | 2 +- chart/templates/mattermost-sso.yaml | 2 +- chart/templates/uds-package.yaml | 4 +- common/zarf.yaml | 4 +- oscal-component.yaml | 6 +-- renovate.json | 27 +++++++--- tasks.yaml | 53 +++++++++++--------- tasks/create.yaml | 20 -------- tasks/dependencies.yaml | 5 ++ tasks/publish.yaml | 32 ++++++------ tasks/test.yaml | 1 + 25 files changed, 177 insertions(+), 118 deletions(-) create mode 100644 .github/workflows/lint.yaml create mode 100644 .yamllint delete mode 100644 tasks/create.yaml create mode 100644 tasks/dependencies.yaml diff --git a/.github/workflows/ci-docs-shim.yaml b/.github/workflows/ci-docs-shim.yaml index 02ea9c09..ad8e133a 100644 --- a/.github/workflows/ci-docs-shim.yaml +++ b/.github/workflows/ci-docs-shim.yaml @@ -22,13 +22,14 @@ on: jobs: run-test: - name: Create and Deploy Flavor ${{ matrix.flavor }} + name: ${{ matrix.type }} ${{ matrix.flavor }} runs-on: "ubuntu-latest" timeout-minutes: 20 strategy: matrix: flavor: [upstream, registry1] + type: [install, upgrade] steps: - - name: Shim for Deploy ${{ matrix.flavor }} + - name: Shim for ${{ matrix.type }} ${{ matrix.flavor }} run: | - echo "Documentation-only change detected; marking Deploy ${{ matrix.flavor }} as successful." + echo "Documentation-only change detected; marking ${{ matrix.type }} ${{ matrix.flavor }} as successful." diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 64a7cb57..78a06858 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -42,4 +42,4 @@ jobs: - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@a56a03b370b87b26fde6d680755f818cfda0372b # v2.24.5 with: - category: "/language:${{matrix.language}}" \ No newline at end of file + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml index 54ef3a69..d02d0eb3 100644 --- a/.github/workflows/commitlint.yaml +++ b/.github/workflows/commitlint.yaml @@ -8,4 +8,4 @@ on: jobs: validate: name: Validate - uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@442bae718050ea9a47254851a45632aabeb13b17 + uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 diff --git a/.github/workflows/dependencyreview.yaml b/.github/workflows/dependencyreview.yaml index a5937a71..3f345622 100644 --- a/.github/workflows/dependencyreview.yaml +++ b/.github/workflows/dependencyreview.yaml @@ -24,4 +24,4 @@ jobs: - name: 'Checkout Repository' uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: 'Dependency Review' - uses: actions/dependency-review-action@0efb1d1d84fc9633afcdaad14c485cbbc90ef46c # v2.5.1 \ No newline at end of file + uses: actions/dependency-review-action@0efb1d1d84fc9633afcdaad14c485cbbc90ef46c # v2.5.1 diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml new file mode 100644 index 00000000..c5638525 --- /dev/null +++ b/.github/workflows/lint.yaml @@ -0,0 +1,34 @@ +name: Scan + +on: + # This workflow is triggered on pull requests to the main branch. + pull_request: + branches: [main] + types: [milestoned, opened, synchronize] + +jobs: + validate: + runs-on: ubuntu-latest + name: Lint + permissions: + contents: read # Allows reading the repo contents + + steps: + - name: Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + fetch-depth: 0 + + - name: Environment setup + uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + with: + username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + + - name: Install lint deps + run: | + uds run lint:deps + + - name: Lint the repository + run: | + uds run lint:yaml diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index f9307bf7..23a96197 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -5,7 +5,7 @@ on: schedule: - cron: '30 1 * * 6' push: - branches: [ "main" ] + branches: ["main"] # Declare default permissions as read only. permissions: read-all diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml index 09fc94b8..cd7eef20 100644 --- a/.github/workflows/tag-and-release.yaml +++ b/.github/workflows/tag-and-release.yaml @@ -34,28 +34,28 @@ jobs: permissions: contents: read packages: write - + steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@442bae718050ea9a47254851a45632aabeb13b17 + uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 with: username: ${{secrets.IRON_BANK_ROBOT_USERNAME}} password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}} - + - name: Login to GHCR uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3 with: registry: ghcr.io username: dummy password: ${{ secrets.GITHUB_TOKEN }} - + - name: Publish Package run: uds run -f tasks/publish.yaml package --set FLAVOR=${{ matrix.flavor }} - name: Save logs if: always() - uses: defenseunicorns/uds-common/.github/actions/save-logs@442bae718050ea9a47254851a45632aabeb13b17 + uses: defenseunicorns/uds-common/.github/actions/save-logs@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 with: - suffix: ${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }} \ No newline at end of file + suffix: ${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }} diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 7069c096..6e0d9ac9 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -4,7 +4,7 @@ name: Test on: pull_request: branches: [main] - types: [milestoned, opened, edited, synchronize] + types: [milestoned, opened, synchronize] paths-ignore: - "**.md" - "**.jpg" @@ -33,30 +33,31 @@ permissions: jobs: run-test: - name: Create and Deploy Flavor ${{ matrix.flavor }} + name: ${{ matrix.type }} ${{ matrix.flavor }} runs-on: ubuntu-latest timeout-minutes: 20 strategy: matrix: flavor: [upstream, registry1] + type: [install, upgrade] steps: - name: Checkout repository uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@442bae718050ea9a47254851a45632aabeb13b17 + uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 with: username: ${{secrets.IRON_BANK_ROBOT_USERNAME}} password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}} - name: Test - uses: defenseunicorns/uds-common/.github/actions/test@442bae718050ea9a47254851a45632aabeb13b17 + uses: defenseunicorns/uds-common/.github/actions/test@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 with: flavor: ${{ matrix.flavor }} - name: Save logs if: always() - uses: defenseunicorns/uds-common/.github/actions/save-logs@442bae718050ea9a47254851a45632aabeb13b17 + uses: defenseunicorns/uds-common/.github/actions/save-logs@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 with: - suffix: ${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }} + suffix: ${{ matrix.type }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }} diff --git a/.yamllint b/.yamllint new file mode 100644 index 00000000..3b3e2556 --- /dev/null +++ b/.yamllint @@ -0,0 +1,35 @@ +yaml-files: + - '**/*.y*ml' + - '.yamllint' + +ignore: + - 'chart/templates**' + +rules: + anchors: enable + braces: enable + brackets: enable + colons: enable + commas: enable + comments: + level: warning + comments-indentation: + level: warning + document-end: disable + document-start: + level: warning + empty-lines: enable + empty-values: disable + float-values: disable + hyphens: enable + indentation: enable + key-duplicates: enable + key-ordering: disable + line-length: disable + new-line-at-end-of-file: enable + new-lines: enable + octal-values: disable + quoted-strings: disable + trailing-spaces: enable + truthy: + level: warning diff --git a/README.md b/README.md index 123ac142..1d6145e8 100644 --- a/README.md +++ b/README.md @@ -61,17 +61,9 @@ The released packages can be found in [ghcr](https://github.com/defenseunicorns/ ## UDS Tasks (for local dev and CI) -*For local dev, this requires installing [uds-cli](https://github.com/defenseunicorns/uds-cli?tab=readme-ov-file#install) - -| Task | Description | Example | -| ---- | ----------- | ------- | -| setup-cluster | Uses the `k3d-core-istio` bundle to create a cluster for testing against | `uds run setup-cluster` | -| create-package | Creates just the Mattermost package | `uds run create-package --set FLAVOR=<flavor>` | -| create-test-bundle | Creates Mattermost and Mattermost dependency packages and then bundles them | `uds run create-test-bundle` | -| deploy-package | Deploy Mattermost package only | `uds run deploy-package` | -| deploy-test-bundle | Deploy Mattermost and Mattermost dependency bundle | `uds run deploy-test-bundle` | -| test-package | Run checks against a deployed package or bundle | `uds run test-package` | -| cleanup | Teardown the cluster | `uds run cleanup` | +*For local dev, this requires you install [uds-cli](https://github.com/defenseunicorns/uds-cli?tab=readme-ov-file#install) + +> :white_check_mark: **Tip:** To get a list of tasks to run you can use `uds run --list`! ## Contributing diff --git a/bundle/uds-bundle.yaml b/bundle/uds-bundle.yaml index b189a83c..6d793598 100644 --- a/bundle/uds-bundle.yaml +++ b/bundle/uds-bundle.yaml @@ -10,18 +10,18 @@ packages: - name: dev-minio repository: ghcr.io/defenseunicorns/packages/uds/dev-minio ref: 0.0.1 - + - name: dev-postgres repository: ghcr.io/defenseunicorns/packages/uds/dev-postgres ref: 0.0.1 - + - name: dev-secrets path: ../ ref: 0.1.0 exports: - - name: ACCESS_KEY - - name: SECRET_KEY - - name: DB_PASSWORD + - name: ACCESS_KEY + - name: SECRET_KEY + - name: DB_PASSWORD - name: mattermost path: ../ diff --git a/chart/templates/mattermost-config.yaml b/chart/templates/mattermost-config.yaml index 53dbba44..15eedf01 100644 --- a/chart/templates/mattermost-config.yaml +++ b/chart/templates/mattermost-config.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: mattermost-config - namespace: {{ .Release.Namespace }} + namespace: {{.Release.Namespace}} type: Opaque stringData: MM_PLUGINSETTINGS_ENABLEUPLOADS: "{{ .Values.config.enablePluginUploads | toString }}" diff --git a/chart/templates/mattermost-gossip-svc.yaml b/chart/templates/mattermost-gossip-svc.yaml index 5d190824..80903bc5 100644 --- a/chart/templates/mattermost-gossip-svc.yaml +++ b/chart/templates/mattermost-gossip-svc.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: mattermost-gossip - namespace: {{ .Release.Namespace }} + namespace: {{.Release.Namespace}} labels: app.kubernetes.io/name: mattermost-enterprise-edition spec: diff --git a/chart/templates/mattermost-object-store.yaml b/chart/templates/mattermost-object-store.yaml index 03b627e0..05f056d4 100644 --- a/chart/templates/mattermost-object-store.yaml +++ b/chart/templates/mattermost-object-store.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: mattermost-object-store - namespace: {{ .Release.Namespace }} + namespace: {{.Release.Namespace}} type: Opaque stringData: MM_FILESETTINGS_AMAZONS3SSL: "{{ .Values.objectStorage.secure | toString }}" diff --git a/chart/templates/mattermost-postgres.yaml b/chart/templates/mattermost-postgres.yaml index 3830dc36..d64fd96b 100644 --- a/chart/templates/mattermost-postgres.yaml +++ b/chart/templates/mattermost-postgres.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: mattermost-postgres - namespace: {{ .Release.Namespace }} + namespace: {{.Release.Namespace}} type: Opaque stringData: db_connection_string: "postgres://{{ .Values.postgres.username }}:{{ .Values.postgres.password }}@{{ .Values.postgres.host }}:{{ .Values.postgres.port }}/{{ .Values.postgres.dbName }}{{ .Values.postgres.connectionOptions }}" diff --git a/chart/templates/mattermost-sso.yaml b/chart/templates/mattermost-sso.yaml index 84de4369..1cc1be56 100644 --- a/chart/templates/mattermost-sso.yaml +++ b/chart/templates/mattermost-sso.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: mattermost-sso - namespace: {{ .Release.Namespace }} + namespace: {{.Release.Namespace}} type: Opaque stringData: MM_GITLABSETTINGS_ENABLE: "{{ .Values.sso.enabled | toString }}" diff --git a/chart/templates/uds-package.yaml b/chart/templates/uds-package.yaml index efbf7ad2..7ce6779c 100644 --- a/chart/templates/uds-package.yaml +++ b/chart/templates/uds-package.yaml @@ -2,7 +2,7 @@ apiVersion: uds.dev/v1alpha1 kind: Package metadata: name: mattermost - namespace: {{ .Release.Namespace }} + namespace: {{.Release.Namespace}} spec: network: expose: @@ -10,7 +10,7 @@ spec: podLabels: app.kubernetes.io/name: mattermost-enterprise-edition gateway: tenant - host: {{ .Values.subdomain }} + host: {{.Values.subdomain}} port: 8065 allow: # Permit intra-namespace communication for job communications diff --git a/common/zarf.yaml b/common/zarf.yaml index ac258ed3..493b7ff3 100644 --- a/common/zarf.yaml +++ b/common/zarf.yaml @@ -2,7 +2,7 @@ kind: ZarfPackageConfig metadata: name: mattermost-common - description: "UDS Mattermost Common Package" + description: "UDS Mattermost Common Package" components: - name: mattermost @@ -20,4 +20,4 @@ components: gitPath: chart version: 2.6.43 valuesFiles: - - ../values/common-values.yaml \ No newline at end of file + - ../values/common-values.yaml diff --git a/oscal-component.yaml b/oscal-component.yaml index 2ffbdbba..36af65ac 100644 --- a/oscal-component.yaml +++ b/oscal-component.yaml @@ -31,15 +31,15 @@ component-definition: - uuid: 889dce9c-d83f-48a3-a62a-3f50e311761a control-id: au-2 description: >- - Mattermost creates event logs. + Mattermost creates event logs. - uuid: ce2c791e-f47e-45d3-9bba-dcd7a372ddd3 control-id: au-3 description: >- - Mattermost creates event logs. + Mattermost creates event logs. - uuid: 2ef78f64-d9ac-4292-a5f1-6c627734d39c control-id: au-3.1 description: >- - Mattermost creates event logs. + Mattermost creates event logs. - uuid: 1041d516-56b9-4652-886e-bd5bad38f789 control-id: au-8 description: >- diff --git a/renovate.json b/renovate.json index 8bb93ce0..1f030a3d 100644 --- a/renovate.json +++ b/renovate.json @@ -10,15 +10,26 @@ "replacements:all", "workarounds:all" ], - "hostRules": [ + "packageRules": [ { - "matchHost": "registry1.dso.mil", - "hostType": "docker", - "description": "Encrypted creds for registry1, scoped to this Github org using: https://github.com/renovatebot/renovate/blob/main/docs/usage/configuration-options.md#encrypted", - "encrypted": { - "username": "wcFMA/xDdHCJBTolAQ/9FXYzgNUO6MJ9crVH8W1p5U8ecnK6yamVOBmKib+9Lu4dtldIzqJBObR8Ctvq+our0VTXbhuCU0AvghJO+Rbjij+sDK3VNL93ojD2Xcd3IHeZhz4U+K2VPIRKHGPTC2mfc9pRZ076hoRqeAPWYrtU3gtNk7ZedMX75+yEuUWax5wS0gIjHnbu/R8fLTadNPbdyRaVGYembtuF8P2hMorCrjAED07UNivnaJaNb6Dj72Bticwqs2gIStoed3S8luzUJIgOOdS9J4Dq3ybkSIWg3+GJQhLyKIhZpgbRQoMbYLQ/z7obT1xX0avXnjobb5rW445R0LXLXj4MokgGo1p5cA+AhP5JEk49w2uutzD3tPZB58edH4USOk4q/9MXNdXzvU5RxOA6ScGeh1JNa+62/N4HA8UtYEudTFOcHkt3xq6h5VKc5k7JbvkCso29wqC8AR5ctBzuLspnzxhPrjm/BcfB/FMnwJE2MbtBxa8R1Z5Hd1DEfsEV57mF7dtV0SIImV+l/4bK/1xz/G9v31u/5DrfkQR6DjAvX8w4zUZE5gHKGsZoeZEFuUc5YQuwdeWEg20Qah4v6rbDfJUzXj9vbyFLMdIomPkuWkNSDzg6oMWCmeQAeL3+ykjsVdoBoJCvHvFEpw4dlrdlnQK1VXsWSX7TTDkRuYKQUKbKIBOWOCXScgFDQwu+f0mUkmFX1MrAojYgfWyZ1hlUDGcsE4pvTWJKP1lHykRM/qPUVh/YXfayh5upYh2MXT44yqMHhyNJE/KlCTp9KXsdflm3kaCAhqEC746IbvBpPjz3DTA7nwLUhDB3K2Zi9t/kIhMQCbV+wI2FgA", - "password": "wcFMA/xDdHCJBTolAQ/6A4VHieAREvIZ35w9tpdLuvCysq3951xcwBD+o5A6QNYz9K5J0X4NDp2NF5FwEeEBgh3CGF7t/jXHdvvFUSo1wnTT0N+XoU4fXta1px9rkZssPWaMmqbmQ+KWXrEo7SMYK4nXBdExtIZ/j8XvjvTZ1apAh+ySW41eAKXbeQC+5I2rjDJegH6hI7kGkQDzmSAoaDX/Nw8seccozzOj9GEGxPbtF1UYJIfG0jZObf0GowXXCtCOEd5QcQQnzILIaiN0tgZgXrQKFehMTboi8rgYLtRI3LIObUjxl7O59q7ZBCkUuyt9nYF14i9PD8IltVdPsTrGpyK/yQMFrjHWkIPGFHZC9dLyjQlhTjMFBYdye9KGfoZHnKR5pXZw7JvCho/PaP3S8y4LXPJa7YHty0wEcP1eWT0b1hapHnsyDEJ22xyCz0hVFeUnXRPj3zSqBzn4+wVPZmxcCwuLNmu28JJ76SNYAf/4hTjlc2+8WasB/C8rNA+ASf+C6SsMMp677JffWXJtfJHgtPGV+gTCBITG7D8pkCVyIdoiGDv503QDiw59YdocEHkIaRw6EzSZ5XFEHz0mbnTZ7HgRYPklsQzVvetEOmctFdZgYZZ1hjVOkWIjiuSR+hDc3IT/TdXEohZxizAZAEmmsli0Q70m2EWJo1tUqxS9soQGKGQc/crIdpHSdgFfBI3gyKZP4ehv1WzYqrWlg1syDgbNllgEJIIBxv+ZI+QMJUF8SdtleMkxE6PYvc1bzpj6nTrM1oahiK8BUKS+cTpXQr1+LneL1mQ/4rSqNQO5ooBweej3Ql0cDNzjahfYc/1AwctQOdjZRpmGUs+RaMezgF8" - } + "groupName": "Mattermost Support Dependencies", + "labels": ["support-deps"], + "commitMessageTopic": "support-deps", + "packagePatterns": ["*"] + }, + { + "groupName": "Mattermost Package Dependencies", + "labels": ["package-deps"], + "commitMessageTopic": "package-deps", + "registryUrls": ["https://registry1.dso.mil"], + "matchDatasources": ["docker", "helm", "git-tags"] + }, + { + "groupName": "Mattermost Package Dependencies", + "labels": ["package-deps"], + "commitMessageTopic": "package-deps", + "matchPackageNames": ["https://repo1.dso.mil/big-bang/product/packages/mattermost.git"], + "allowedVersions": "/.+-bb.+/" } ] } diff --git a/tasks.yaml b/tasks.yaml index 017a344d..cb647880 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -1,44 +1,47 @@ includes: - cleanup: ./tasks/cleanup.yaml - - create: ./tasks/create.yaml - - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.2.2/tasks/deploy.yaml - - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.2.2/tasks/setup.yaml + - dependencies: ./tasks/dependencies.yaml - test: ./tasks/test.yaml + - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/create.yaml + - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/lint.yaml + - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/pull.yaml + - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/deploy.yaml + - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.3.3/tasks/setup.yaml tasks: - name: default + description: Setup k3d cluster, deploy Mattermost actions: - - task: setup-cluster - - task: create-test-bundle - - task: deploy-test-bundle - - - name: create-package - actions: - - task: create:mattermost-package + - task: create-mm-test-bundle + - task: setup:k3d-test-cluster + - task: deploy:test-bundle - - name: deploy-package + - name: create-mm-package + description: Create the Mattermost package actions: - - task: deploy:package + - task: create:package + with: + options: "--skip-sbom" - - name: cleanup + - name: create-mm-test-bundle + description: Create a local UDS Mattermost bundle actions: - - task: cleanup:destroy + - task: create-mm-package + - task: dependencies:create + - task: create:test-bundle # CI will execute the following (via uds-common/.github/actions/test) so they need to be here with these names - - name: create-test-bundle - actions: - - task: create:mattermost-test-bundle - - - name: setup-cluster + - name: test-package + description: Test the health of a Mattermost deployment actions: + - task: create-mm-test-bundle - task: setup:k3d-test-cluster - - - name: deploy-test-bundle - actions: - task: deploy:test-bundle - - - name: test-package - actions: - task: test:health-check - task: test:ingress + + - name: test-upgrade + description: Test an upgrade from the latest released package to the current branch + actions: + - cmd: echo "not yet" diff --git a/tasks/create.yaml b/tasks/create.yaml deleted file mode 100644 index d9dce4e7..00000000 --- a/tasks/create.yaml +++ /dev/null @@ -1,20 +0,0 @@ -includes: - - create: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.2.1/tasks/create.yaml - -tasks: - - name: mattermost-test-bundle - description: Create the UDS bundle with Mattermost and its dependencies - actions: - - task: create:package - - task: dependency-package - - task: create:test-bundle - - - name: mattermost-package - description: Create the UDS Mattermost Zarf Package - actions: - - task: create:package - - - name: dependency-package - description: Create the Dependency Zarf Package - actions: - - cmd: uds zarf package create src/dev-secrets/ --confirm --no-progress --architecture=${UDS_ARCH} diff --git a/tasks/dependencies.yaml b/tasks/dependencies.yaml new file mode 100644 index 00000000..1056b955 --- /dev/null +++ b/tasks/dependencies.yaml @@ -0,0 +1,5 @@ +tasks: + - name: create + description: Create the Dependency Zarf Package + actions: + - cmd: uds zarf package create src/dev-secrets/ --confirm --no-progress --architecture=${UDS_ARCH} diff --git a/tasks/publish.yaml b/tasks/publish.yaml index 2c9e9a87..5bfbf615 100644 --- a/tasks/publish.yaml +++ b/tasks/publish.yaml @@ -1,27 +1,23 @@ includes: - - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.2.1/tasks/publish.yaml - -variables: - - name: TARGET_REPO - default: oci://ghcr.io/defenseunicorns/packages/uds - - - name: VERSION - description: The version of the package to build - # x-release-please-start-version - default: "9.4.1-uds.3" - # x-release-please-end + - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.3.3/tasks/publish.yaml tasks: - name: package description: Build and publish the packages actions: - - description: Create the packages - cmd: | - set -e - ZARF_ARCHITECTURE=amd64 uds run -f tasks/create.yaml mattermost-package --no-progress --set FLAVOR=${FLAVOR} - if [ "${FLAVOR}" != "registry1" ]; then - ZARF_ARCHITECTURE=arm64 uds run -f tasks/create.yaml mattermost-package --no-progress --set FLAVOR=${FLAVOR} - fi + - description: Create the AMD64 package + task: create:package + with: + architecture: amd64 + + - description: Create the ARM64 package + task: create:package + with: + architecture: arm64 - description: Publish the packages task: publish:package + with: + # x-release-please-start-version + version: "9.4.1-uds.3" + # x-release-please-end diff --git a/tasks/test.yaml b/tasks/test.yaml index 97065ede..acaf7b52 100644 --- a/tasks/test.yaml +++ b/tasks/test.yaml @@ -7,6 +7,7 @@ tasks: kind: Deployment name: mattermost-enterprise-edition namespace: mattermost + condition: Available - name: ingress actions: From 0c2e7cfa4eae17e5522c45add2dc3cd9eb3c0d24 Mon Sep 17 00:00:00 2001 From: Wayne Starr <me@racer159.com> Date: Thu, 21 Mar 2024 13:36:06 -0600 Subject: [PATCH 2/4] update type --- .github/workflows/test.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 6e0d9ac9..6c59c830 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -55,6 +55,7 @@ jobs: uses: defenseunicorns/uds-common/.github/actions/test@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 with: flavor: ${{ matrix.flavor }} + type: ${{ matrix.type }} - name: Save logs if: always() From 01c42d41785741a46f7488f15e7d4e3a5f1f4919 Mon Sep 17 00:00:00 2001 From: Wayne Starr <me@racer159.com> Date: Thu, 21 Mar 2024 13:42:17 -0600 Subject: [PATCH 3/4] add upgrade tests --- tasks.yaml | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/tasks.yaml b/tasks.yaml index cb647880..44f24491 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -30,6 +30,20 @@ tasks: - task: dependencies:create - task: create:test-bundle + - name: create-mm-latest-release-bundle + description: Create UDS Mattermost bundle based on the latest release + actions: + - task: pull:latest-package-release + # TODO (@WSTARR): This is currently needed to get around the chicken+egg condition when release please updates the version in GH + - description: Get the current Zarf package name + cmd: cat zarf.yaml | yq .metadata.version + setVariables: + - name: CURRENT_VERSION + - description: Move the latest to the current (needed to make this work on release-please PRs) + cmd: test -f zarf-package-mattermost-${UDS_ARCH}-${CURRENT_VERSION}.tar.zst || mv zarf-package-mattermost-${UDS_ARCH}-*.tar.zst zarf-package-mattermost-${UDS_ARCH}-${CURRENT_VERSION}.tar.zst + - task: dependencies:create + - task: create:test-bundle + # CI will execute the following (via uds-common/.github/actions/test) so they need to be here with these names - name: test-package @@ -44,4 +58,10 @@ tasks: - name: test-upgrade description: Test an upgrade from the latest released package to the current branch actions: - - cmd: echo "not yet" + - task: create-mm-latest-release-bundle + - task: setup:k3d-test-cluster + - task: deploy:test-bundle + - task: create-mm-test-bundle + - task: deploy:test-bundle + - task: test:health-check + - task: test:ingress From 6a4320ce8fc01e100db00621dda6d56e6e7bd8b5 Mon Sep 17 00:00:00 2001 From: Wayne Starr <me@racer159.com> Date: Thu, 21 Mar 2024 14:14:44 -0600 Subject: [PATCH 4/4] do the thing Zach said --- chart/templates/mattermost-config.yaml | 2 +- chart/templates/mattermost-gossip-svc.yaml | 2 +- chart/templates/mattermost-object-store.yaml | 2 +- chart/templates/mattermost-postgres.yaml | 2 +- chart/templates/mattermost-sso.yaml | 2 +- chart/templates/uds-package.yaml | 4 ++-- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/chart/templates/mattermost-config.yaml b/chart/templates/mattermost-config.yaml index 15eedf01..53dbba44 100644 --- a/chart/templates/mattermost-config.yaml +++ b/chart/templates/mattermost-config.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: mattermost-config - namespace: {{.Release.Namespace}} + namespace: {{ .Release.Namespace }} type: Opaque stringData: MM_PLUGINSETTINGS_ENABLEUPLOADS: "{{ .Values.config.enablePluginUploads | toString }}" diff --git a/chart/templates/mattermost-gossip-svc.yaml b/chart/templates/mattermost-gossip-svc.yaml index 80903bc5..5d190824 100644 --- a/chart/templates/mattermost-gossip-svc.yaml +++ b/chart/templates/mattermost-gossip-svc.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: mattermost-gossip - namespace: {{.Release.Namespace}} + namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: mattermost-enterprise-edition spec: diff --git a/chart/templates/mattermost-object-store.yaml b/chart/templates/mattermost-object-store.yaml index 05f056d4..03b627e0 100644 --- a/chart/templates/mattermost-object-store.yaml +++ b/chart/templates/mattermost-object-store.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: mattermost-object-store - namespace: {{.Release.Namespace}} + namespace: {{ .Release.Namespace }} type: Opaque stringData: MM_FILESETTINGS_AMAZONS3SSL: "{{ .Values.objectStorage.secure | toString }}" diff --git a/chart/templates/mattermost-postgres.yaml b/chart/templates/mattermost-postgres.yaml index d64fd96b..3830dc36 100644 --- a/chart/templates/mattermost-postgres.yaml +++ b/chart/templates/mattermost-postgres.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: mattermost-postgres - namespace: {{.Release.Namespace}} + namespace: {{ .Release.Namespace }} type: Opaque stringData: db_connection_string: "postgres://{{ .Values.postgres.username }}:{{ .Values.postgres.password }}@{{ .Values.postgres.host }}:{{ .Values.postgres.port }}/{{ .Values.postgres.dbName }}{{ .Values.postgres.connectionOptions }}" diff --git a/chart/templates/mattermost-sso.yaml b/chart/templates/mattermost-sso.yaml index 1cc1be56..84de4369 100644 --- a/chart/templates/mattermost-sso.yaml +++ b/chart/templates/mattermost-sso.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: mattermost-sso - namespace: {{.Release.Namespace}} + namespace: {{ .Release.Namespace }} type: Opaque stringData: MM_GITLABSETTINGS_ENABLE: "{{ .Values.sso.enabled | toString }}" diff --git a/chart/templates/uds-package.yaml b/chart/templates/uds-package.yaml index 7ce6779c..efbf7ad2 100644 --- a/chart/templates/uds-package.yaml +++ b/chart/templates/uds-package.yaml @@ -2,7 +2,7 @@ apiVersion: uds.dev/v1alpha1 kind: Package metadata: name: mattermost - namespace: {{.Release.Namespace}} + namespace: {{ .Release.Namespace }} spec: network: expose: @@ -10,7 +10,7 @@ spec: podLabels: app.kubernetes.io/name: mattermost-enterprise-edition gateway: tenant - host: {{.Values.subdomain}} + host: {{ .Values.subdomain }} port: 8065 allow: # Permit intra-namespace communication for job communications