Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update swf bundle dependencies #53

Merged
merged 5 commits into from
Jul 15, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/commitlint.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,4 @@ on:
jobs:
validate:
name: Validate
uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@6e6f60bef00842dffbde8409b466256e5a478e78 # v0.4.4
uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@172a905901cb9bd76d096d2850bf31af5c5a4fa1 # v0.8.0
4 changes: 2 additions & 2 deletions .github/workflows/lint.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,12 @@ jobs:

steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0

- name: Environment setup
uses: defenseunicorns/uds-common/.github/actions/setup@6e6f60bef00842dffbde8409b466256e5a478e78 # v0.4.4
uses: defenseunicorns/uds-common/.github/actions/setup@172a905901cb9bd76d096d2850bf31af5c5a4fa1 # v0.8.0
with:
registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/scorecard.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:

steps:
- name: "Checkout code"
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
persist-credentials: false

Expand All @@ -37,14 +37,14 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
with:
sarif_file: results.sarif
29 changes: 21 additions & 8 deletions .github/workflows/tag-and-release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,22 +25,24 @@ jobs:
publish-package:
needs: tag-new-version
if: ${{ needs.tag-new-version.outputs.release_created == 'true' }}
runs-on: uds-swf-ubuntu-big-boy-4-core
name: Publish ${{ matrix.bundle }} ${{ matrix.flavor }}
# TODO: (@WSTARR) since we don't run the tests on arm currently we don't need to use the 16 core
runs-on: ${{ matrix.architecture == 'arm64' && 'uds-swf-ubuntu-arm64-4-core' || 'uds-swf-ubuntu-big-boy-16-core' }}
name: Publish ${{ matrix.bundle }} ${{ matrix.flavor }} ${{ matrix.architecture }}
strategy:
matrix:
flavor: [upstream]
architecture: [amd64, arm64]
bundle: ["k3d-demo", "dev"]

permissions:
contents: read
packages: write

steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Environment setup
uses: defenseunicorns/uds-common/.github/actions/setup@6e6f60bef00842dffbde8409b466256e5a478e78 # v0.4.4
uses: defenseunicorns/uds-common/.github/actions/setup@172a905901cb9bd76d096d2850bf31af5c5a4fa1 # v0.8.0
with:
registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
Expand All @@ -53,11 +55,22 @@ jobs:
username: dummy
password: ${{ secrets.GITHUB_TOKEN }}

- name: Publish Package
run: uds run -f tasks/publish.yaml test-bundle --set FLAVOR=${{ matrix.flavor }} --set BUNDLE_PATH="bundles/${{ matrix.bundle }}"
- name: Build Bundle
run: uds run -f tasks/publish.yaml build-bundle --set FLAVOR=${{ matrix.flavor }}

- name: Test Bundle
if: ${{ runner.arch != 'ARM64' }}
run: uds run -f tasks/publish.yaml test-bundle --set FLAVOR=${{ matrix.flavor }}

- name: Publish Bundle
run: uds run -f tasks/publish.yaml publish-bundle --set FLAVOR=${{ matrix.flavor }} --set BUNDLE_PATH="bundles/${{ matrix.bundle }}"

- name: Debug Output
if: ${{ always() }}
uses: defenseunicorns/uds-common/.github/actions/debug-output@172a905901cb9bd76d096d2850bf31af5c5a4fa1 # v0.8.0

- name: Save logs
if: always()
uses: defenseunicorns/uds-common/.github/actions/save-logs@6e6f60bef00842dffbde8409b466256e5a478e78 # v0.4.4
uses: defenseunicorns/uds-common/.github/actions/save-logs@172a905901cb9bd76d096d2850bf31af5c5a4fa1 # v0.8.0
with:
suffix: '${{ matrix.bundle }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}'
suffix: '${{ matrix.bundle }}-${{ matrix.flavor }}-${{ matrix.architecture }}-${{ github.run_id }}-${{ github.run_attempt }}'
10 changes: 5 additions & 5 deletions .github/workflows/test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -47,28 +47,28 @@ jobs:
flavor: upstream
steps:
- name: Checkout repository
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Environment setup
uses: defenseunicorns/uds-common/.github/actions/setup@6e6f60bef00842dffbde8409b466256e5a478e78 # v0.4.4
uses: defenseunicorns/uds-common/.github/actions/setup@172a905901cb9bd76d096d2850bf31af5c5a4fa1 # v0.8.0
with:
registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
ghToken: ${{ secrets.GITHUB_TOKEN }}

- name: Test
uses: defenseunicorns/uds-common/.github/actions/test@6e6f60bef00842dffbde8409b466256e5a478e78 # v0.4.4
uses: defenseunicorns/uds-common/.github/actions/test@172a905901cb9bd76d096d2850bf31af5c5a4fa1 # v0.8.0
with:
flavor: ${{ matrix.flavor }}
type: ${{ matrix.type }}
options: "--set BUNDLE_PATH=bundles/${{ matrix.bundle }}"

- name: Debug Output
if: ${{ always() }}
uses: defenseunicorns/uds-common/.github/actions/debug-output@6e6f60bef00842dffbde8409b466256e5a478e78 # v0.4.4
uses: defenseunicorns/uds-common/.github/actions/debug-output@172a905901cb9bd76d096d2850bf31af5c5a4fa1 # v0.8.0

- name: Save logs
if: always()
uses: defenseunicorns/uds-common/.github/actions/save-logs@6e6f60bef00842dffbde8409b466256e5a478e78 # v0.4.4
uses: defenseunicorns/uds-common/.github/actions/save-logs@172a905901cb9bd76d096d2850bf31af5c5a4fa1 # v0.8.0
with:
suffix: ${{ matrix.type }}-${{ matrix.bundle }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ Alternatively, you can deploy from OCI by running the following two commands:
> [!NOTE]: You can append `--set INSECURE_ADMIN_PASSWORD_GENERATION=true` to the below command to enable a default keycloak admin. This is useful for development and testing of the SWF stack and enables the ability to run `uds run setup:create-doug-user` to create a user to test with using the username `doug` and the password `unicorn123!@#`.

```bash
uds deploy k3d-core-slim-dev:0.22.0
uds deploy k3d-core-slim-dev:0.24.0
```

1. Run the below command to deploy the `swf-dev` bundle on top of the dev cluster:
Expand Down
141 changes: 71 additions & 70 deletions bundles/dev/uds-bundle.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -33,15 +33,14 @@ packages:
- name: uds-gitlab-tmp
- name: uds-mattermost-dev


# Namespaces are deployed prior to the packages to faciliate use of the postgres-operator cross namespace secret creation
# Namespaces are deployed prior to the packages to facilitate use of the postgres-operator cross namespace secret creation
- name: dev-namespaces
path: ../../
ref: 0.1.0

- name: postgres-operator
repository: ghcr.io/defenseunicorns/packages/uds/postgres-operator
ref: 1.10.1-uds.4-upstream
ref: 1.12.2-uds.1-upstream
overrides:
postgres-operator:
uds-postgres-config:
Expand All @@ -61,20 +60,38 @@ packages:
mattermost.mattermost: []
databases:
gitlabdb: gitlab.gitlab
mattermost: mattermost.mattermost
sonarqubedb: sonarqube.sonarqube
version: "13"
mattermost: mattermost.mattermost
version: "14"
ingress:
remoteGenerated: Anywhere
- remoteNamespace: gitlab
- remoteNamespace: sonarqube
- remoteNamespace: mattermost

- name: dev-redis
repository: ghcr.io/defenseunicorns/packages/uds/dev-redis
ref: 0.0.2
- name: valkey
repository: ghcr.io/defenseunicorns/packages/uds/valkey
ref: 7.2.5-uds.1-upstream
overrides:
redis:
redis:
valkey:
uds-valkey-config:
values:
- path: custom
value:
- direction: Ingress
selector:
app.kubernetes.io/name: valkey
remoteNamespace: gitlab
port: 6379
description: "Ingress from GitLab"
- path: copyPassword
value:
enabled: true
namespace: gitlab
secretName: gitlab-redis
secretKey: password
valkey:
variables:
- name: REDIS_RESOURCES
- name: VALKEY_RESOURCES
path: "master.resources"
default:
limits:
Expand All @@ -93,7 +110,7 @@ packages:

- name: gitlab
repository: ghcr.io/defenseunicorns/packages/uds/gitlab
ref: 17.0.1-uds.1-upstream
ref: 17.1.1-uds.1-upstream
overrides:
gitlab:
uds-gitlab-config:
Expand All @@ -102,6 +119,15 @@ packages:
description: "Boolean to enable or disable sso things"
path: "sso.enabled"
gitlab:
values:
- path: global.psql.host
value: pg-cluster.postgres.svc.cluster.local
- path: "global.psql.username"
value: "gitlab.gitlab"
- path: "global.psql.password.secret"
value: "gitlab.gitlab.pg-cluster.credentials.postgresql.acid.zalan.do"
- path: global.redis.host
value: valkey-master.valkey.svc.cluster.local
variables:
- name: GITLAB_SSO_ENABLED
description: "Boolean to enable or disable sso things"
Expand Down Expand Up @@ -179,58 +205,38 @@ packages:
description: "Gitlab Shell Min Replicas"
path: "gitlab.gitlab-shell.minReplicas"
default: 1
- name: POSTGRES_USERNAME
description: "Gitlab Postgres Username"
path: "global.psql.username"
default: "gitlab.gitlab"
- name: POSTGRES_SECRET_REF
description: "Gitlab Postgres Password Secret Ref"
path: "global.psql.password.secret"
default: "gitlab.gitlab.pg-cluster.credentials.postgresql.acid.zalan.do"
- name: POSTGRES_ENDPOINT
description: "Gitlab Postgres endpoint"
path: "global.psql.host"
default: "pg-cluster.postgres.svc.cluster.local"
- name: REDIS_ENDPOINT
description: "Gitlab Redis endpoint"
path: "global.redis.host"
default: "redis-master.dev-redis.svc.cluster.local"
- name: REDIS_SCHEME
description: "Gitlab Redis SCHEME"
path: "global.redis.scheme"
default: "redis"

- name: gitlab-runner
repository: ghcr.io/defenseunicorns/packages/uds/gitlab-runner
ref: 17.0.0-uds.0-upstream
ref: 17.0.0-uds.1-upstream

- name: sonarqube
repository: ghcr.io/defenseunicorns/packages/uds/sonarqube
ref: 9.9.5-uds.0-upstream
ref: 9.9.5-uds.1-upstream
overrides:
sonarqube:
sonarqube:
values:
- path: "jdbcOverwrite.jdbcSecretName"
value: "sonarqube.sonarqube.pg-cluster.credentials.postgresql.acid.zalan.do"
- path: "jdbcOverwrite.jdbcUsername"
value: "sonarqube.sonarqube"
- path: "jdbcOverwrite.jdbcUrl"
value: "jdbc:postgresql://pg-cluster.postgres.svc.cluster.local:5432/sonarqubedb"
variables:
- name: SONARQUBE_POSTGRES_USERNAME
description: "Sonarqube Postgres Username"
path: "jdbcOverwrite.jdbcUsername"
default: "sonarqube.sonarqube"
- name: SONARQUBE_POSTGRES_SECRET_REF
description: "Sonarqube Postgres Password Secret Ref"
path: "jdbcOverwrite.jdbcSecretName"
default: "sonarqube.sonarqube.pg-cluster.credentials.postgresql.acid.zalan.do"
- name: SONARQUBE_POSTGRES_CONNECTION_STRING
description: "Sonarqube Postgres DB Endpoint"
path: "jdbcOverwrite.jdbcUrl"
default: "jdbc:postgresql://pg-cluster.postgres.svc.cluster.local:5432/sonarqubedb"
- name: SONARQUBE_POSTGRES_ENDPOINT
description: "Sonarqube Postgres DB Endpoint"
path: "postgresql.postgresqlServer"
default: "pg-cluster.postgres.svc.cluster.local"
- name: SONARQUBE_RESOURCES
path: "resources"
default:
limits:
cpu: 800m
memory: 6144M
requests:
cpu: 400m
memory: 2048M

- name: mattermost
repository: ghcr.io/defenseunicorns/packages/uds/mattermost
ref: 9.7.2-uds.1-upstream
ref: 9.9.1-uds.0-upstream
imports:
- name: ACCESS_KEY
package: dev-secrets
Expand All @@ -239,25 +245,20 @@ packages:
overrides:
mattermost:
uds-mattermost-config:
values:
- path: "objectStorage.secure"
value: "false"
- path: "objectStorage.endpoint"
value: "minio.dev-minio.svc.cluster.local:9000"
- path: "objectStorage.bucket"
value: "uds-mattermost-dev"
- path: "postgres.host"
value: "pg-cluster.postgres.svc.cluster.local"
- path: "postgres.connectionOptions"
value: "?connect_timeout=10"
- path: "postgres.username"
value: "mattermost.mattermost"
variables:
- name: MATTERMOST_DB_ENDPOINT
path: "postgres.host"
default: "pg-cluster.postgres.svc.cluster.local"
- name: MATTERMOST_DB_CONNECTION_OPTIONS
path: "postgres.connectionOptions"
default: "?connect_timeout=10"
- name: MATTERMOST_DB_USERNAME
path: "postgres.username"
default: "mattermost.mattermost"
- name: MATTERMOST_OBJECT_STORAGE_SECURE
path: "objectStorage.secure"
default: "false"
- name: MATTERMOST_OBJECT_STORAGE_ENDPOINT
path: "objectStorage.endpoint"
default: "minio.dev-minio.svc.cluster.local:9000"
- name: MATTERMOST_OBJECT_STORAGE_BUCKET
path: "objectStorage.bucket"
default: "uds-mattermost-dev"
- name: MATTERMOST_RESOURCES
path: "resources"
default:
Expand Down
Loading