From 1b437de000f3fa171249aa9c4962348352ad95c3 Mon Sep 17 00:00:00 2001 From: Eriks Zelenka Date: Fri, 12 Jan 2024 09:27:29 +0200 Subject: [PATCH] Fix typo --- .github/workflows/ci.yaml | 280 ++++++++++++++++----------------- .github/workflows/release.yaml | 74 +++++++++ Dockerfile | 2 +- 3 files changed, 209 insertions(+), 147 deletions(-) create mode 100644 .github/workflows/release.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index de75a7c3..9baf3972 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -4,6 +4,8 @@ on: push: branches: - '**' + - '!master' + - '!main' jobs: build: @@ -12,161 +14,147 @@ jobs: environment: ci-cd runs-on: ubuntu-20.04 env: - # https://github.com/github/hub/releases - HUB_VERSION: 2.14.2 - # https://github.com/docker/buildx/releases - BUILDX_BINARY_VERSION: 0.12.0 # https://hub.docker.com/r/rancher/k3s/tags K3S_VERSION: v1.28.5-k3s1 # https://github.com/helm-unittest/helm-unittest/releases HELM_UNITTEST_VERSION: 0.4.1 - # https://github.com/kubernetes-sigs/controller-tools/releases - CONTROLLER_GEN_VERSION: "v0.13.0" - # https://github.com/kubernetes-sigs/controller-runtime/releases - CONTROLLER_RUNTIME_VERSION: "v0.16.3" + steps: - uses: actions/checkout@v2 name: Check out code - #- name: Install asdf tools - # uses: asdf-vm/actions/install@v2 - - #- name: install gpg2 - # run: | - # sudo apt update - # sudo apt install -f - # sudo apt-get install gnupg2 -y - # sudo apt-get install qemu-user-static -y - #- name: install hub - # run: | - # curl -sSLO https://github.com/github/hub/releases/download/v${HUB_VERSION}/hub-linux-amd64-${HUB_VERSION}.tgz - # tar -xzf hub-linux-amd64-${HUB_VERSION}.tgz - # chmod +x hub-linux-amd64-${HUB_VERSION}/bin/hub - # sudo mv hub-linux-amd64-${HUB_VERSION}/bin/hub /usr/local/bin/ - #- name: install helm unittest plugin - # run: | - # helm plugin install https://github.com/helm-unittest/helm-unittest --version ${HELM_UNITTEST_VERSION} - # helm unittest --help - #- name: Install setup-envtest - # run: | - # go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest - # asdf reshim golang - - #- name: start k3d - # run: | - # docker version - # k3d cluster create operator --agents 1 --image rancher/k3s:${K3S_VERSION} - # JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.type}={@.status};{end}{end}'; - # until kubectl get nodes -o jsonpath="$JSONPATH" 2>&1 | grep -q "Ready=True"; do - # sleep 1; - # done - - # # Dump cluster info - # kubectl cluster-info - # which kubectl - # kubectl version - # kubectl describe node k3d-operator-server-0 - # kubectl describe node k3d-operator-agent-0 - - #- name: Test helm charts - # run: make test-helm - - #- name: Unit tests and envtest integration tests - # run: make test - - ## k3d integration tests - #- name: In cluster integration tests - # run: | - # export GNUPGHOME="$(mktemp -d)" - # cat >$GNUPGHOME/foo < config/samples/isindir_v1alpha3_sopssecret.enc.yaml - # file config/samples/isindir_v1alpha3_sopssecret.enc.yaml - # echo "=====================================" - # cat config/samples/isindir_v1alpha3_sopssecret.enc.yaml - # echo "=====================================" - # kubectl apply -f config/samples/isindir_v1alpha3_sopssecret.enc.yaml --namespace sops - # sleep 3 - # nohup make run & - # sleep 150 - # kubectl get sops --namespace sops - # echo - # kubectl get secrets --namespace sops - # echo - # export SECRETS_NUMBER=$( kubectl get secrets --namespace sops --no-headers \ - # | awk '$0 !~ /default-token/ { print $1; }' \ - # | wc -l ) - # if [[ $SECRETS_NUMBER -ne 5 ]]; then - # echo "Expected number of secrets in sops namespace is 5 - Failed" - # tail -40 nohup.out - # exit 1 - # fi - # # Check specific k8s for amount of data entries - # ## my-secret-name-0 - # export DATA_ENTRIES=$( kubectl get secrets my-secret-name-0 --namespace sops --no-headers \ - # | awk '{print $3}' ) - # if [[ $DATA_ENTRIES -ne 2 ]]; then - # echo "Expected number of data entries in my-secret-name-0 is 2 - Failed" - # tail -40 nohup.out - # exit 1 - # fi - # ## my-secret-name-1 - # export DATA_ENTRIES=$( kubectl get secrets my-secret-name-1 --namespace sops --no-headers \ - # | awk '{print $3}' ) - # if [[ $DATA_ENTRIES -ne 3 ]]; then - # echo "Expected number of data entries in my-secret-name-1 is 3 - Failed" - # tail -40 nohup.out - # exit 1 - # fi - # ## my-secret-name-2 - # export DATA_ENTRIES=$( kubectl get secrets my-secret-name-2 --namespace sops --no-headers \ - # | awk '{print $3}' ) - # if [[ $DATA_ENTRIES -ne 2 ]]; then - # echo "Expected number of data entries in my-secret-name-2 is 2 - Failed" - # tail -40 nohup.out - # exit 1 - # fi - # # Delete to check GC works - # kubectl delete -f config/samples/isindir_v1alpha3_sopssecret.enc.yaml --namespace sops - # sleep 15 - # kubectl get sops --namespace sops - # echo - # kubectl get secrets --namespace sops - # echo - # export SECRETS_NUMBER=$( kubectl get secrets --namespace sops \ - # | awk '$0!~/default-token/ && $0!~/NAME/ { print $1; }' \ - # | wc -l ) - # if [[ $SECRETS_NUMBER -ne 0 ]]; then - # echo "Expected number of secrets in sops namespace is 0 - Failed" - # exit 1 - # fi - # rm -fr $GNUPGHOME + - name: Install asdf tools + uses: asdf-vm/actions/install@v2 + + - name: install gpg2 + run: | + sudo apt update + sudo apt install -f + sudo apt-get install gnupg2 -y + sudo apt-get install qemu-user-static -y + + - name: install helm unittest plugin + run: | + helm plugin install https://github.com/helm-unittest/helm-unittest --version ${HELM_UNITTEST_VERSION} + helm unittest --help + + - name: Test helm charts + run: make test-helm + + - name: Unit tests and envtest integration tests + run: make test + + - name: start k3d + run: | + docker version + k3d cluster create operator --agents 1 --image rancher/k3s:${K3S_VERSION} + JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.type}={@.status};{end}{end}'; + until kubectl get nodes -o jsonpath="$JSONPATH" 2>&1 | grep -q "Ready=True"; do + sleep 1; + done + + # Dump cluster info + kubectl cluster-info + which kubectl + kubectl version + kubectl describe node k3d-operator-server-0 + kubectl describe node k3d-operator-agent-0 + + + # k3d integration tests + - name: In cluster integration tests + run: | + export GNUPGHOME="$(mktemp -d)" + cat >$GNUPGHOME/foo < config/samples/isindir_v1alpha3_sopssecret.enc.yaml + file config/samples/isindir_v1alpha3_sopssecret.enc.yaml + echo "=====================================" + cat config/samples/isindir_v1alpha3_sopssecret.enc.yaml + echo "=====================================" + kubectl apply -f config/samples/isindir_v1alpha3_sopssecret.enc.yaml --namespace sops + sleep 3 + nohup make run & + sleep 150 + kubectl get sops --namespace sops + echo + kubectl get secrets --namespace sops + echo + export SECRETS_NUMBER=$( kubectl get secrets --namespace sops --no-headers \ + | awk '$0 !~ /default-token/ { print $1; }' \ + | wc -l ) + if [[ $SECRETS_NUMBER -ne 5 ]]; then + echo "Expected number of secrets in sops namespace is 5 - Failed" + tail -40 nohup.out + exit 1 + fi + # Check specific k8s for amount of data entries + ## my-secret-name-0 + export DATA_ENTRIES=$( kubectl get secrets my-secret-name-0 --namespace sops --no-headers \ + | awk '{print $3}' ) + if [[ $DATA_ENTRIES -ne 2 ]]; then + echo "Expected number of data entries in my-secret-name-0 is 2 - Failed" + tail -40 nohup.out + exit 1 + fi + ## my-secret-name-1 + export DATA_ENTRIES=$( kubectl get secrets my-secret-name-1 --namespace sops --no-headers \ + | awk '{print $3}' ) + if [[ $DATA_ENTRIES -ne 3 ]]; then + echo "Expected number of data entries in my-secret-name-1 is 3 - Failed" + tail -40 nohup.out + exit 1 + fi + ## my-secret-name-2 + export DATA_ENTRIES=$( kubectl get secrets my-secret-name-2 --namespace sops --no-headers \ + | awk '{print $3}' ) + if [[ $DATA_ENTRIES -ne 2 ]]; then + echo "Expected number of data entries in my-secret-name-2 is 2 - Failed" + tail -40 nohup.out + exit 1 + fi + # Delete to check GC works + kubectl delete -f config/samples/isindir_v1alpha3_sopssecret.enc.yaml --namespace sops + sleep 15 + kubectl get sops --namespace sops + echo + kubectl get secrets --namespace sops + echo + export SECRETS_NUMBER=$( kubectl get secrets --namespace sops \ + | awk '$0!~/default-token/ && $0!~/NAME/ { print $1; }' \ + | wc -l ) + if [[ $SECRETS_NUMBER -ne 0 ]]; then + echo "Expected number of secrets in sops namespace is 0 - Failed" + exit 1 + fi + rm -fr $GNUPGHOME + - name: Set Variable id: set_variable run: | diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 00000000..4a7c6825 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,74 @@ +name: release +on: + workflow_dispatch: + push: + branches: + - 'master' + +jobs: + build: + + name: Release + environment: ci-cd + runs-on: ubuntu-20.04 + env: + # https://github.com/github/hub/releases + HUB_VERSION: 2.14.2 + + steps: + + - uses: actions/checkout@v2 + name: Check out code + + - name: Install asdf tools + uses: asdf-vm/actions/install@v2 + + - name: install hub + run: | + curl -sSLO https://github.com/github/hub/releases/download/v${HUB_VERSION}/hub-linux-amd64-${HUB_VERSION}.tgz + tar -xzf hub-linux-amd64-${HUB_VERSION}.tgz + chmod +x hub-linux-amd64-${HUB_VERSION}/bin/hub + sudo mv hub-linux-amd64-${HUB_VERSION}/bin/hub /usr/local/bin/ + + - name: Set Variable + id: set_variable + run: | + echo "SOPS_SEC_OPERATOR_VERSION=$(make image_tag)" >> $GITHUB_ENV + echo "IMAGE_FULL_NAME=$(make image_full_name)" >> $GITHUB_ENV + echo "IMAGE_LATEST_NAME=$(make image_latest_name)" >> $GITHUB_ENV + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASS }} + + - name: Tag and release + run: | + set +e + git tag "${SOPS_SEC_OPERATOR_VERSION}" + tagResult=$? + if [[ $tagResult -ne 0 ]]; then + echo "Release '${SOPS_SEC_OPERATOR_VERSION}' exists - skipping" + exit 1 + else + set -e + git-chglog "${SOPS_SEC_OPERATOR_VERSION}" > chglog.tmp + hub release create -F chglog.tmp "${SOPS_SEC_OPERATOR_VERSION}" + fi + + - name: Docker build + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: ${{ steps.set_variable.outputs.IMAGE_LATEST_NAME }},${{ steps.set_variable.outputs.IMAGE_FULL_NAME }} + platforms: linux/amd64,linux/arm64 + cache-from: type=registry,ref=isindir/sops-secrets-operator:cache + cache-to: type=registry,ref=isindir/sops-secrets-operator:cache,mode=max diff --git a/Dockerfile b/Dockerfile index 64439b01..2f40ed40 100644 --- a/Dockerfile +++ b/Dockerfile @@ -52,7 +52,7 @@ RUN CGO_ENABLED=0 GO111MODULE=on go build -a -o manager cmd/main.go ############################################################ # UPDATE_HERE -FROM ubuntu:lunar-20231128 +FROM ubuntu:noble-20231221 # Install build tools RUN apt-get -y update \