diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml new file mode 100644 index 000000000..f6304bf55 --- /dev/null +++ b/.github/workflows/pre-commit.yml @@ -0,0 +1,21 @@ +name: Pre-Commit Checks + +on: [push, pull_request] + +jobs: + pre-commit: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: '3.8' + + - name: Install pre-commit + run: pip install pre-commit + + - name: Run pre-commit hooks + run: git diff --name-only HEAD^ | grep '\.yaml\|\.md' | xargs pre-commit run --files diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 000000000..c669497fb --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,16 @@ +repos: +- repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.5.0 + hooks: + - id: end-of-file-fixer + - id: trailing-whitespace + - id: mixed-line-ending + args: [--fix=lf] + - id: check-yaml + exclude: packages/apps/postgres/templates/init-script.yaml + args: [--unsafe] +- repo: https://github.com/igorshubovych/markdownlint-cli + rev: v0.41.0 + hooks: + - id: markdownlint + args: [--fix, --disable, MD013, MD041, --] diff --git a/README.md b/README.md index 6cd02fbef..476f5f0a2 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ [![Support](https://img.shields.io/badge/$-support-12a0df.svg?style=flat)](https://aenix.io/contact-us/#meet) [![Active](http://img.shields.io/badge/Status-Active-green.svg)](https://aenix.io/cozystack/) [![GitHub Release](https://img.shields.io/github/release/aenix-io/cozystack.svg?style=flat)](https://github.com/aenix-io/cozystack) -[![GitHub Commit](https://img.shields.io/github/commit-activity/y/aenix-io/cozystack)](https://github.com/aenix-io/cozystack) +[![GitHub Commit](https://img.shields.io/github/commit-activity/y/aenix-io/cozystack)](https://github.com/aenix-io/cozystack) # Cozystack @@ -14,17 +14,17 @@ With Cozystack, you can transform your bunch of servers into an intelligent system with a simple REST API for spawning Kubernetes clusters, Database-as-a-Service, virtual machines, load balancers, HTTP caching services, and other services with ease. -You can use Cozystack to build your own cloud or to provide a cost-effective development environments. +You can use Cozystack to build your own cloud or to provide a cost-effective development environments. ## Use-Cases -* [**Using Cozystack to build public cloud**](https://cozystack.io/docs/use-cases/public-cloud/) +* [**Using Cozystack to build public cloud**](https://cozystack.io/docs/use-cases/public-cloud/) You can use Cozystack as backend for a public cloud -* [**Using Cozystack to build private cloud**](https://cozystack.io/docs/use-cases/private-cloud/) +* [**Using Cozystack to build private cloud**](https://cozystack.io/docs/use-cases/private-cloud/) You can use Cozystack as platform to build a private cloud powered by Infrastructure-as-Code approach -* [**Using Cozystack as Kubernetes distribution**](https://cozystack.io/docs/use-cases/kubernetes-distribution/) +* [**Using Cozystack as Kubernetes distribution**](https://cozystack.io/docs/use-cases/kubernetes-distribution/) You can use Cozystack as Kubernetes distribution for Bare Metal ## Screenshot @@ -41,10 +41,10 @@ If you encounter any difficulties, start with the [troubleshooting guide](https: ## Versioning -Versioning adheres to the [Semantic Versioning](http://semver.org/) principles. +Versioning adheres to the [Semantic Versioning](http://semver.org/) principles. A full list of the available releases is available in the GitHub repository's [Release](https://github.com/aenix-io/cozystack/releases) section. -- [Roadmap](https://github.com/orgs/aenix-io/projects/2) +* [Roadmap](https://github.com/orgs/aenix-io/projects/2) ## Contributions @@ -62,7 +62,7 @@ You can join our weekly community meetings (just add this events to your [Google ## License -Cozystack is licensed under Apache 2.0. +Cozystack is licensed under Apache 2.0. The code is provided as-is with no warranties. ## Commercial Support diff --git a/packages/apps/README.md b/packages/apps/README.md new file mode 100644 index 000000000..b2cb30cf4 --- /dev/null +++ b/packages/apps/README.md @@ -0,0 +1,9 @@ +### How to test packages local + +```bash +cd packages/core/installer +make image-cozystack REGISTRY=YOUR_CUSTOM_REGISTRY +make apply +kubectl delete pod dashboard-redis-master-0 -n cozy-dashboard +kubectl delete po -l app=source-controller -n cozy-fluxcd +``` diff --git a/packages/apps/postgres/Chart.yaml b/packages/apps/postgres/Chart.yaml index 029983438..40483895f 100644 --- a/packages/apps/postgres/Chart.yaml +++ b/packages/apps/postgres/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.7.0 +version: 0.7.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/postgres/README.md b/packages/apps/postgres/README.md index bf053ed4f..c0d2dfd71 100644 --- a/packages/apps/postgres/README.md +++ b/packages/apps/postgres/README.md @@ -6,30 +6,34 @@ PostgreSQL is currently the leading choice among relational databases, known for This managed service is controlled by the CloudNativePG operator, ensuring efficient management and seamless operation. -- Docs: https://cloudnative-pg.io/docs/ -- Github: https://github.com/cloudnative-pg/cloudnative-pg +- Docs: +- Github: ## HowTos ### How to switch master/slave replica See: -- https://cloudnative-pg.io/documentation/1.15/rolling_update/#manual-updates-supervised -### How to restore backup: +- + +### How to restore backup find snapshot: -``` + +```bash restic -r s3:s3.example.org/postgres-backups/database_name snapshots ``` restore: -``` + +```bash restic -r s3:s3.example.org/postgres-backups/database_name restore latest --target /tmp/ ``` more details: -- https://itnext.io/restic-effective-backup-from-stdin-4bc1e8f083c1 + +- ## Parameters @@ -64,5 +68,3 @@ more details: | `backup.s3AccessKey` | The access key for S3, used for authentication | `oobaiRus9pah8PhohL1ThaeTa4UVa7gu` | | `backup.s3SecretKey` | The secret key for S3, used for authentication | `ju3eum4dekeich9ahM1te8waeGai0oog` | | `backup.resticPassword` | The password for Restic backup encryption | `ChaXoveekoh6eigh4siesheeda2quai0` | - - diff --git a/packages/apps/postgres/templates/init-script.yaml b/packages/apps/postgres/templates/init-script.yaml index d02a1894f..69d91c25a 100644 --- a/packages/apps/postgres/templates/init-script.yaml +++ b/packages/apps/postgres/templates/init-script.yaml @@ -34,6 +34,9 @@ stringData: init.sh: | #!/bin/bash set -e + + until pg_isready ; do sleep 5; done + echo "== create users" {{- if .Values.users }} psql -v ON_ERROR_STOP=1 <<\EOT @@ -60,7 +63,7 @@ stringData: DROP USER $user; EOT done - + echo "== create databases and roles" {{- if .Values.databases }} psql -v ON_ERROR_STOP=1 --echo-all <<\EOT @@ -92,7 +95,7 @@ stringData: FOR schema_record IN SELECT schema_name FROM information_schema.schemata WHERE schema_name NOT IN ('pg_catalog', 'information_schema') LOOP -- Changing Schema Ownership EXECUTE format('ALTER SCHEMA %I OWNER TO %I', schema_record.schema_name, '{{ $database }}_admin'); - + -- Add rights for the admin role EXECUTE format('GRANT ALL ON SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_admin'); EXECUTE format('GRANT ALL ON ALL TABLES IN SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_admin'); @@ -101,7 +104,7 @@ stringData: EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON TABLES TO %I', schema_record.schema_name, '{{ $database }}_admin'); EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON SEQUENCES TO %I', schema_record.schema_name, '{{ $database }}_admin'); EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON FUNCTIONS TO %I', schema_record.schema_name, '{{ $database }}_admin'); - + -- Add rights for the readonly role EXECUTE format('GRANT USAGE ON SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_readonly'); EXECUTE format('GRANT SELECT ON ALL TABLES IN SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_readonly'); @@ -119,9 +122,9 @@ stringData: CREATE OR REPLACE FUNCTION auto_grant_schema_privileges() RETURNS event_trigger LANGUAGE plpgsql AS $$ DECLARE - obj record; + obj record; BEGIN - FOR obj IN SELECT * FROM pg_event_trigger_ddl_commands() WHERE command_tag = 'CREATE SCHEMA' LOOP + FOR obj IN SELECT * FROM pg_event_trigger_ddl_commands() WHERE command_tag = 'CREATE SCHEMA' LOOP EXECUTE format('ALTER SCHEMA %I OWNER TO %I', obj.object_identity, '{{ $database }}_admin'); EXECUTE format('GRANT ALL ON SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_admin'); EXECUTE format('GRANT USAGE ON SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_readonly'); @@ -146,7 +149,7 @@ stringData: EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT SELECT ON TABLES TO %I', obj.object_identity, '{{ $database }}_readonly'); EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT USAGE ON SEQUENCES TO %I', obj.object_identity, '{{ $database }}_readonly'); EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT EXECUTE ON FUNCTIONS TO %I', obj.object_identity, '{{ $database }}_readonly'); - END LOOP; + END LOOP; END; $$; diff --git a/packages/apps/versions_map b/packages/apps/versions_map index 302bbcae5..05f8cb7f3 100644 --- a/packages/apps/versions_map +++ b/packages/apps/versions_map @@ -52,7 +52,8 @@ postgres 0.4.1 5ca8823 postgres 0.5.0 c07c4bbd postgres 0.6.0 2a4768a postgres 0.6.2 54fd61c -postgres 0.7.0 HEAD +postgres 0.7.0 dc9d8bb +postgres 0.7.1 HEAD rabbitmq 0.1.0 f642698 rabbitmq 0.2.0 5ca8823 rabbitmq 0.3.0 9e33dc0 diff --git a/packages/core/installer/Makefile b/packages/core/installer/Makefile index edca0f8ea..5c37192b5 100644 --- a/packages/core/installer/Makefile +++ b/packages/core/installer/Makefile @@ -1,5 +1,8 @@ NAME=installer NAMESPACE=cozy-system +YQ_VERSION=v4.35.1 +RED = \033[31m +RESET = \033[0m TALOS_VERSION=$(shell awk '/^version:/ {print $$2}' images/talos/profiles/installer.yaml) @@ -17,7 +20,21 @@ diff: update: hack/gen-profiles.sh -image: image-cozystack image-talos image-matchbox +image: check-yq-version image-cozystack image-talos image-matchbox + +check-yq-version: + @current_version=$$(yq -V | grep -oP 'v[0-9]+\.[0-9]+\.[0-9]+') ; \ + if [ -z "$$current_version" ]; then \ + echo "yq is not installed or version cannot be determined." ; \ + exit 1 ; \ + fi ; \ + echo "Current yq version: $$current_version" ; \ + if [ "$$(printf '%s\n' "$(YQ_VERSION)" "$$current_version" | sort -V | head -n1)" = "$(YQ_VERSION)" ]; then \ + echo "Greater than or equal to $(YQ_VERSION)" ; \ + else \ + echo "$(RED)ERROR: yq version less than $(YQ_VERSION)$(RESET)" ; \ + exit 1 ; \ + fi image-cozystack: make -C ../../.. repos @@ -25,14 +42,14 @@ image-cozystack: --provenance false \ --tag $(REGISTRY)/cozystack:$(call settag,$(TAG)) \ --cache-from type=registry,ref=$(REGISTRY)/cozystack:latest \ - --platform linux/amd64,linux/arm64 \ + --platform linux/amd64 \ --cache-to type=inline \ --metadata-file images/cozystack.json \ --push=$(PUSH) \ --load=$(LOAD) IMAGE="$(REGISTRY)/cozystack:$(call settag,$(TAG))@$$(yq e '."containerimage.digest"' images/cozystack.json -o json -r)" \ yq -i '.cozystack.image = strenv(IMAGE)' values.yaml - rm -f images/cozystack.json + image-talos: test -f ../../../_out/assets/installer-amd64.tar || make talos-installer