Merge branch 'main' into 0123-metrics-gs

Signed-off-by: Meg McRoberts <[email protected]>
keptn · Apr 3, 2024 · ba01989 · ba01989
2 parents 723d2c3 + b75a004
commit ba01989
Show file tree

Hide file tree

Showing 1,103 changed files with 71,191 additions and 25,158 deletions.
diff --git a/.chainsaw-local.yaml b/.chainsaw-local.yaml
@@ -0,0 +1,11 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/configuration-chainsaw-v1alpha1.json
+apiVersion: chainsaw.kyverno.io/v1alpha1
+kind: Configuration
+metadata:
+  name: configuration-local
+spec:
+  template: true
+  timeouts:
+    assert: 5m
+    cleanup: 5m
+    error: 5m
diff --git a/.chainsaw.yaml b/.chainsaw.yaml
@@ -0,0 +1,13 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/configuration-chainsaw-v1alpha1.json
+apiVersion: chainsaw.kyverno.io/v1alpha1
+kind: Configuration
+metadata:
+  name: configuration
+spec:
+  skipDelete: true
+  template: true
+  timeouts:
+    assert: 6m40s
+    cleanup: 6m40s
+    error: 6m40s
+    exec: 6m40s
diff --git a/.github/actions/deploy-keptn-on-cluster/action.yml b/.github/actions/deploy-keptn-on-cluster/action.yml
@@ -26,24 +26,28 @@ inputs:
     required: false
     description: "Decides whether to allow only certain namespaces"
     default: "allowed_ns_off"
+  cert-manager-io-enabled:
+    required: false
+    description: "Decides whether to use cert-manager.io"
+    default: "cert_manager_io_off"
 runs:
   using: "composite"
   steps:
     - name: Set up Go 1.x
-      uses: actions/setup-go@v5
+      uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5
       with:
         go-version: ${{ env.GO_VERSION }}
         cache: true
         cache-dependency-path: '**/go.sum'
         check-latest: true
 
     - name: Download artifacts
-      uses: actions/download-artifact@v3
+      uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4
       with:
         path: ~/download/artifacts
 
     - name: "Create single kind Cluster"
-      uses: helm/kind-action@v1.8.0
+      uses: helm/kind-action@99576bfa6ddf9a8e612d83b513da5a75875caced # v1.9.0
       with:
         cluster_name: ${{ inputs.cluster-name }}
         version: ${{ inputs.kind-version }}
@@ -60,7 +64,8 @@ runs:
           kind load image-archive $image/$image -n ${{ inputs.cluster-name }}
         done
 
-    - name: Install lifecycle-toolkit with helm
+    - name: Install Keptn with helm
+      if: inputs.cert-manager-io-enabled == 'cert_manager_io_off'
       env:
         RELEASE_REGISTRY: "localhost:5000/keptn"
       shell: bash
@@ -101,3 +106,59 @@ runs:
         helm install -n keptn-system --create-namespace keptn ../../../chart \
           --values ./tmp.yaml \
           --debug --wait --timeout 1m
+
+    - name: Install cert-manager.io
+      if: inputs.cert-manager-io-enabled == 'cert_manager_io_on'
+      env:
+        # renovate: datasource=github-releases depName=cert-manager/cert-manager
+        CERT_MANAGER_IO_VERSION: "v1.14.4"
+      shell: bash
+      run: |
+        kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/$CERT_MANAGER_IO_VERSION/cert-manager.yaml
+        kubectl wait --for=condition=Available deployment/cert-manager-webhook -n cert-manager --timeout=120s
+        kubectl wait --for=condition=ready pod -l app=webhook -n cert-manager --timeout=60s
+
+    - name: Install Keptn using cert-manager.io with helm
+      if: inputs.cert-manager-io-enabled == 'cert_manager_io_on'
+      env:
+        RELEASE_REGISTRY: "localhost:5000/keptn"
+      shell: bash
+      run: |
+        echo "Installing Keptn using helm"
+        helm version
+
+        helm repo add keptn "https://charts.lifecycle.keptn.sh"
+        helm repo update
+
+        for chart_dir in ./lifecycle-operator/chart \
+                ./metrics-operator/chart \
+                ./chart; do
+            cd "$chart_dir"
+            echo "updating charts for" $chart_dir
+            helm dependency update
+            helm dependency build
+            cd -  # Return to the previous directory
+        done
+
+        cd .github/actions/deploy-keptn-on-cluster
+
+        if [ "${{ inputs.allowed-namespaces }}" == "allowed_ns_on" ]; then
+          echo "  allowedNamespaces: [allowed-ns-test]" >> values-cert-manager-io.yaml
+        fi
+
+        if [ "${{ inputs.scheduling-gates }}" == "gates_on" ]; then
+          echo "  schedulingGatesEnabled: true" >> values-cert-manager-io.yaml
+        fi
+
+        export TAG=${{ inputs.runtime_tag }}
+        envsubst < values-cert-manager-io.yaml > tmp.yaml
+
+        echo "installing with values-cert-manager-io.yaml file:"
+        cat tmp.yaml
+
+        kubectl create ns keptn-system
+        kubectl apply -f certificate.yaml
+
+        helm install -n keptn-system keptn ../../../chart \
+          --values ./tmp.yaml \
+          --debug --wait --timeout 1m
diff --git a/.github/actions/deploy-keptn-on-cluster/certificate.yaml b/.github/actions/deploy-keptn-on-cluster/certificate.yaml
@@ -0,0 +1,23 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: keptn-certs
+  namespace: keptn-system
+spec:
+  dnsNames:
+    - lifecycle-webhook-service.keptn-system.svc
+    - lifecycle-webhook-service.keptn-system.svc.cluster.local
+    - metrics-webhook-service.keptn-system.svc
+    - metrics-webhook-service.keptn-system.svc.cluster.local
+  issuerRef:
+    kind: Issuer
+    name: keptn-selfsigned-issuer
+  secretName: keptn-certs
+---
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: keptn-selfsigned-issuer
+  namespace: keptn-system
+spec:
+  selfSigned: {}
diff --git a/.github/actions/deploy-keptn-on-cluster/values-cert-manager-io.yaml b/.github/actions/deploy-keptn-on-cluster/values-cert-manager-io.yaml
@@ -0,0 +1,24 @@
+global:
+  imageRegistry: "localhost:5000"
+  certManagerEnabled: false
+  caInjectionAnnotations:
+    cert-manager.io/inject-ca-from: keptn-system/keptn-certs
+
+metricsOperator:
+  imagePullPolicy: Never
+  image:
+    tag: $TAG
+
+lifecycleOperator:
+  promotionTasksEnabled: true
+  lifecycleOperator:
+    imagePullPolicy: Never
+    image:
+      tag: $TAG
+    env:
+      functionRunnerImage: localhost:5000/keptn/deno-runtime:$TAG
+      pythonRunnerImage: localhost:5000/keptn/python-runtime:$TAG
+  scheduler:
+    imagePullPolicy: Never
+    image:
+      tag: $TAG
diff --git a/.github/actions/deploy-keptn-on-cluster/values.yaml b/.github/actions/deploy-keptn-on-cluster/values.yaml
@@ -11,6 +11,7 @@ metricsOperator:
     tag: $TAG
 
 lifecycleOperator:
+  promotionTasksEnabled: true
   lifecycleOperator:
     imagePullPolicy: Never
     image: