From 78bf8a660b9e38b82ed7bfe2f65a6772f4b06526 Mon Sep 17 00:00:00 2001 From: smerle33 Date: Wed, 20 Dec 2023 15:23:11 +0100 Subject: [PATCH 1/8] feat(helm): add helm to the image --- goss/goss-linux.yaml | 5 +++++ provisioning/tools-versions.yml | 1 + provisioning/ubuntu-provision.sh | 7 +++++++ 3 files changed, 13 insertions(+) diff --git a/goss/goss-linux.yaml b/goss/goss-linux.yaml index f80285e52..5fd2d8230 100644 --- a/goss/goss-linux.yaml +++ b/goss/goss-linux.yaml @@ -82,6 +82,11 @@ command: exit-status: 0 stdout: - 2.12.0 + helm: + exec: helm version + exit-status: 0 + stdout: + - 3.13.2 jdk11: exec: /opt/jdk-11/bin/java --version exit-status: 0 diff --git a/provisioning/tools-versions.yml b/provisioning/tools-versions.yml index 7ff8c7459..93ae906a4 100644 --- a/provisioning/tools-versions.yml +++ b/provisioning/tools-versions.yml @@ -15,6 +15,7 @@ git_linux_version: 2.43.0 git_windows_version: 2.43.0 goss_version: 0.4.4 hadolint_version: 2.12.0 +helm_version: 3.13.2 jdk11_version: 11.0.21+9 jdk17_version: 17.0.8.1+1 jdk21_version: 21.0.1+12 diff --git a/provisioning/ubuntu-provision.sh b/provisioning/ubuntu-provision.sh index 4b954b658..a908ff0aa 100755 --- a/provisioning/ubuntu-provision.sh +++ b/provisioning/ubuntu-provision.sh @@ -355,6 +355,12 @@ function install_doctl(){ "https://github.com/digitalocean/doctl/releases/download/v${DOCTL_VERSION}/doctl-${DOCTL_VERSION}-linux-${ARCHITECTURE}.tar.gz" | tar --extract --gunzip --directory="${install_dir}"/ doctl } +## Ensure that HELM is installed +function install_helm(){ + install_dir=/usr/local/bin + curl --fail --silent --location --show-error \ + "https://get.helm.sh/helm-v${HELM_VERSION}-linux-${ARCHITECTURE}.tar.gz" | tar --extract --gunzip --strip-components 1 --directory="${install_dir}"/ helm +} ## Ensure that maven is installed and configured (version from environment) function install_maven() { @@ -671,6 +677,7 @@ function main() { install_nodejs install_playwright install_launchable + install_helm echo "== Installed packages:" dpkg -l From 80a519943c274b742da9f37a17f6ecce7c90836d Mon Sep 17 00:00:00 2001 From: smerle33 Date: Wed, 20 Dec 2023 17:25:45 +0100 Subject: [PATCH 2/8] correct file path --- provisioning/ubuntu-provision.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/provisioning/ubuntu-provision.sh b/provisioning/ubuntu-provision.sh index a908ff0aa..bb6afdf5c 100755 --- a/provisioning/ubuntu-provision.sh +++ b/provisioning/ubuntu-provision.sh @@ -359,7 +359,7 @@ function install_doctl(){ function install_helm(){ install_dir=/usr/local/bin curl --fail --silent --location --show-error \ - "https://get.helm.sh/helm-v${HELM_VERSION}-linux-${ARCHITECTURE}.tar.gz" | tar --extract --gunzip --strip-components 1 --directory="${install_dir}"/ helm + "https://get.helm.sh/helm-v${HELM_VERSION}-linux-${ARCHITECTURE}.tar.gz" | tar --extract --gunzip --strip-components 1 --directory="${install_dir}"/ linux-${ARCHITECTURE}/helm } ## Ensure that maven is installed and configured (version from environment) From 19f3eef74582bd7be80c3e947d0e26164c8665b9 Mon Sep 17 00:00:00 2001 From: smerle33 Date: Thu, 21 Dec 2023 09:00:50 +0100 Subject: [PATCH 3/8] double quotes --- provisioning/ubuntu-provision.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/provisioning/ubuntu-provision.sh b/provisioning/ubuntu-provision.sh index bb6afdf5c..7903103be 100755 --- a/provisioning/ubuntu-provision.sh +++ b/provisioning/ubuntu-provision.sh @@ -359,7 +359,7 @@ function install_doctl(){ function install_helm(){ install_dir=/usr/local/bin curl --fail --silent --location --show-error \ - "https://get.helm.sh/helm-v${HELM_VERSION}-linux-${ARCHITECTURE}.tar.gz" | tar --extract --gunzip --strip-components 1 --directory="${install_dir}"/ linux-${ARCHITECTURE}/helm + "https://get.helm.sh/helm-v${HELM_VERSION}-linux-${ARCHITECTURE}.tar.gz" | tar --extract --gunzip --strip-components 1 --directory="${install_dir}"/ "linux-${ARCHITECTURE}/helm" } ## Ensure that maven is installed and configured (version from environment) From 481cfb50ff3ddbf1d7b0292ae941955631b891a7 Mon Sep 17 00:00:00 2001 From: smerle33 Date: Thu, 21 Dec 2023 09:31:00 +0100 Subject: [PATCH 4/8] add helmfile --- goss/goss-linux.yaml | 5 +++++ provisioning/tools-versions.yml | 1 + provisioning/ubuntu-provision.sh | 11 ++++++++++- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/goss/goss-linux.yaml b/goss/goss-linux.yaml index 5fd2d8230..c0c8d50c6 100644 --- a/goss/goss-linux.yaml +++ b/goss/goss-linux.yaml @@ -87,6 +87,11 @@ command: exit-status: 0 stdout: - 3.13.2 + helmfile: + exec: helmfile --version + exit-status: 0 + stdout: + - 0.159.0 jdk11: exec: /opt/jdk-11/bin/java --version exit-status: 0 diff --git a/provisioning/tools-versions.yml b/provisioning/tools-versions.yml index 93ae906a4..10bb91ebe 100644 --- a/provisioning/tools-versions.yml +++ b/provisioning/tools-versions.yml @@ -16,6 +16,7 @@ git_windows_version: 2.43.0 goss_version: 0.4.4 hadolint_version: 2.12.0 helm_version: 3.13.2 +helmfile_version: 0.159.0 jdk11_version: 11.0.21+9 jdk17_version: 17.0.8.1+1 jdk21_version: 21.0.1+12 diff --git a/provisioning/ubuntu-provision.sh b/provisioning/ubuntu-provision.sh index 7903103be..fb3bcd8db 100755 --- a/provisioning/ubuntu-provision.sh +++ b/provisioning/ubuntu-provision.sh @@ -359,7 +359,15 @@ function install_doctl(){ function install_helm(){ install_dir=/usr/local/bin curl --fail --silent --location --show-error \ - "https://get.helm.sh/helm-v${HELM_VERSION}-linux-${ARCHITECTURE}.tar.gz" | tar --extract --gunzip --strip-components 1 --directory="${install_dir}"/ "linux-${ARCHITECTURE}/helm" + "https://get.helm.sh/helm-v${HELM_VERSION}-linux-${ARCHITECTURE}.tar.gz" | \ + tar --extract --gunzip --strip-components 1 --directory="${install_dir}"/ "linux-${ARCHITECTURE}/helm" +} + +function install_helmfile(){ + install_dir=/usr/local/bin + curl --fail --silent --location --show-error \ + "https://github.com/helmfile/helmfile/releases/download/v${HELMFILE_VERSION}/helmfile_${HELMFILE_VERSION}_linux_${ARCHITECTURE}.tar.gz" | \ + tar --extract --gunzip --directory="${install_dir}"/ helmfile } ## Ensure that maven is installed and configured (version from environment) @@ -678,6 +686,7 @@ function main() { install_playwright install_launchable install_helm + install_helmfile echo "== Installed packages:" dpkg -l From 46e734a620a36e1c09be3234ec1e17e534052a17 Mon Sep 17 00:00:00 2001 From: smerle33 Date: Thu, 21 Dec 2023 09:43:55 +0100 Subject: [PATCH 5/8] add sops --- goss/goss-linux.yaml | 5 +++++ provisioning/tools-versions.yml | 1 + provisioning/ubuntu-provision.sh | 9 +++++++++ 3 files changed, 15 insertions(+) diff --git a/goss/goss-linux.yaml b/goss/goss-linux.yaml index c0c8d50c6..ef3ad5eda 100644 --- a/goss/goss-linux.yaml +++ b/goss/goss-linux.yaml @@ -172,6 +172,11 @@ command: exit-status: 0 stdout: - 2.6.10 + sops: + exec: sops --version + exit-status: 0 + stdout: + - 3.8.1 ssh_agent: exec: command -v ssh-agent exit-status: 0 diff --git a/provisioning/tools-versions.yml b/provisioning/tools-versions.yml index 10bb91ebe..d7aba0661 100644 --- a/provisioning/tools-versions.yml +++ b/provisioning/tools-versions.yml @@ -33,6 +33,7 @@ openssh_authorized_keys_url: https://raw.githubusercontent.com/jenkins-infra/aws packer_version: 1.10.0 python3_version: 3.12.1 ruby_version: 2.6.10 +sops_version: 3.8.1 terraform_version: 1.6.6 trivy_version: 0.47.0 updatecli_version: 0.70.0 diff --git a/provisioning/ubuntu-provision.sh b/provisioning/ubuntu-provision.sh index fb3bcd8db..3705de2d8 100755 --- a/provisioning/ubuntu-provision.sh +++ b/provisioning/ubuntu-provision.sh @@ -363,6 +363,7 @@ function install_helm(){ tar --extract --gunzip --strip-components 1 --directory="${install_dir}"/ "linux-${ARCHITECTURE}/helm" } +## Ensure that HELMFILE is installed function install_helmfile(){ install_dir=/usr/local/bin curl --fail --silent --location --show-error \ @@ -370,6 +371,14 @@ function install_helmfile(){ tar --extract --gunzip --directory="${install_dir}"/ helmfile } +## Ensure that SOPS is installed +function install_sops(){ + install_dir=/usr/local/bin + curl --fail --silent --location --show-error --output "${install_dir}"/sops \ + "https://github.com/mozilla/sops/releases/download/v${SOPS_VERSION}/sops-v${SOPS_VERSION}.linux.${ARCHITECTURE}" + chmod +x "${install_dir}"/sops +} + ## Ensure that maven is installed and configured (version from environment) function install_maven() { curl --fail --silent --location --show-error --output "/tmp/apache-maven-${MAVEN_VERSION}-bin.tar.gz" \ From f4a26603a650e5b3d5f6f89b147d9384de018219 Mon Sep 17 00:00:00 2001 From: smerle33 Date: Thu, 21 Dec 2023 09:54:29 +0100 Subject: [PATCH 6/8] helm plugins --- goss/goss-linux.yaml | 7 +++++++ provisioning/tools-versions.yml | 3 +++ provisioning/ubuntu-provision.sh | 6 +++++- 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/goss/goss-linux.yaml b/goss/goss-linux.yaml index ef3ad5eda..9e151bc58 100644 --- a/goss/goss-linux.yaml +++ b/goss/goss-linux.yaml @@ -92,6 +92,13 @@ command: exit-status: 0 stdout: - 0.159.0 + helmplugins: + exec: helm plugin list + exit-status: 0 + stdout: + - /diff.*3.8.1/ + - /helm-git.*0.15.1/ + - /secrets.*4.5.1/ jdk11: exec: /opt/jdk-11/bin/java --version exit-status: 0 diff --git a/provisioning/tools-versions.yml b/provisioning/tools-versions.yml index d7aba0661..ea29ad719 100644 --- a/provisioning/tools-versions.yml +++ b/provisioning/tools-versions.yml @@ -16,7 +16,10 @@ git_windows_version: 2.43.0 goss_version: 0.4.4 hadolint_version: 2.12.0 helm_version: 3.13.2 +helm_diff_version: 3.8.1 helmfile_version: 0.159.0 +helm_git_version: 0.15.1 +helm_secrets_version: 4.5.1 jdk11_version: 11.0.21+9 jdk17_version: 17.0.8.1+1 jdk21_version: 21.0.1+12 diff --git a/provisioning/ubuntu-provision.sh b/provisioning/ubuntu-provision.sh index 3705de2d8..003a40a49 100755 --- a/provisioning/ubuntu-provision.sh +++ b/provisioning/ubuntu-provision.sh @@ -355,12 +355,16 @@ function install_doctl(){ "https://github.com/digitalocean/doctl/releases/download/v${DOCTL_VERSION}/doctl-${DOCTL_VERSION}-linux-${ARCHITECTURE}.tar.gz" | tar --extract --gunzip --directory="${install_dir}"/ doctl } -## Ensure that HELM is installed +## Ensure that HELM and it's plugins are installed function install_helm(){ install_dir=/usr/local/bin curl --fail --silent --location --show-error \ "https://get.helm.sh/helm-v${HELM_VERSION}-linux-${ARCHITECTURE}.tar.gz" | \ tar --extract --gunzip --strip-components 1 --directory="${install_dir}"/ "linux-${ARCHITECTURE}/helm" + + helm plugin install https://github.com/databus23/helm-diff --version v${HELM_DIFF_VERSION} + helm plugin install https://github.com/jkroepke/helm-secrets --version v${HELM_SECRETS_VERSION} + helm plugin install https://github.com/aslafy-z/helm-git.git --version v${HELM_GIT_VERSION} } ## Ensure that HELMFILE is installed From 153206eb3ebbb1d11e7079d8c4583da58589ae4e Mon Sep 17 00:00:00 2001 From: smerle33 Date: Fri, 22 Dec 2023 16:28:54 +0100 Subject: [PATCH 7/8] forgot the sops install call --- provisioning/ubuntu-provision.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/provisioning/ubuntu-provision.sh b/provisioning/ubuntu-provision.sh index 003a40a49..5436d0f31 100755 --- a/provisioning/ubuntu-provision.sh +++ b/provisioning/ubuntu-provision.sh @@ -700,6 +700,7 @@ function main() { install_launchable install_helm install_helmfile + install_sops echo "== Installed packages:" dpkg -l From 247fbf0fc4ec888ecf488eb8df1148c36d61e6ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20MERLE?= <95630726+smerle33@users.noreply.github.com> Date: Tue, 2 Jan 2024 08:31:49 +0100 Subject: [PATCH 8/8] Apply suggestions from code review Co-authored-by: Damien Duportal --- provisioning/ubuntu-provision.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/provisioning/ubuntu-provision.sh b/provisioning/ubuntu-provision.sh index 5436d0f31..5510c8d9b 100755 --- a/provisioning/ubuntu-provision.sh +++ b/provisioning/ubuntu-provision.sh @@ -355,19 +355,19 @@ function install_doctl(){ "https://github.com/digitalocean/doctl/releases/download/v${DOCTL_VERSION}/doctl-${DOCTL_VERSION}-linux-${ARCHITECTURE}.tar.gz" | tar --extract --gunzip --directory="${install_dir}"/ doctl } -## Ensure that HELM and it's plugins are installed +## Ensure that`helm` and its plugins are installed function install_helm(){ install_dir=/usr/local/bin curl --fail --silent --location --show-error \ "https://get.helm.sh/helm-v${HELM_VERSION}-linux-${ARCHITECTURE}.tar.gz" | \ tar --extract --gunzip --strip-components 1 --directory="${install_dir}"/ "linux-${ARCHITECTURE}/helm" - helm plugin install https://github.com/databus23/helm-diff --version v${HELM_DIFF_VERSION} - helm plugin install https://github.com/jkroepke/helm-secrets --version v${HELM_SECRETS_VERSION} - helm plugin install https://github.com/aslafy-z/helm-git.git --version v${HELM_GIT_VERSION} + su - "${username}" -c "helm plugin install https://github.com/databus23/helm-diff --version v${HELM_DIFF_VERSION}" + su - "${username}" -c "helm plugin install https://github.com/jkroepke/helm-secrets --version v${HELM_SECRETS_VERSION}" + su - "${username}" -c "helm plugin install https://github.com/aslafy-z/helm-git.git --version v${HELM_GIT_VERSION}" } -## Ensure that HELMFILE is installed +## Ensure that`helmfile` is installed function install_helmfile(){ install_dir=/usr/local/bin curl --fail --silent --location --show-error \ @@ -375,7 +375,7 @@ function install_helmfile(){ tar --extract --gunzip --directory="${install_dir}"/ helmfile } -## Ensure that SOPS is installed +## Ensure that`sops` is installed function install_sops(){ install_dir=/usr/local/bin curl --fail --silent --location --show-error --output "${install_dir}"/sops \