Merge branch 'release/v0.4.0' into main

cloudogu · Oct 5, 2023 · f7dd393 · f7dd393
2 parents 2a76a08 + f3ae055
commit f7dd393
Show file tree

Hide file tree

Showing 23 changed files with 802 additions and 136 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,9 +5,22 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+
+## [v0.4.0] - 2023-10-05
+### Added
+- [#30] Add CRD-Release to Jenkinsfile
+
 ## [v0.3.0] - 2023-09-15
 ### Changed
-- [#25] Use component-dependencies from the annotations of a HelmChart instead of the Helm-dependencies 
+- [#25] Use component-dependencies from the annotations of a HelmChart instead of the Helm-dependencies
+- [#27] updated go dependencies
+- [#27] updated kube-rbac-proxy
+
+### Fixed
+- [#27] deprecation warning for argument `logtostderr` in kube-rbac-proxy
+
+### Removed
+- [#27] deprecated argument `logtostderr` from kube-rbac-proxy
 
 ## [v0.2.0] - 2023-09-07
 ### Added

diff --git a/Dockerfile b/Dockerfile
@@ -35,7 +35,7 @@ RUN make compile-generic
 FROM gcr.io/distroless/static:nonroot
 LABEL maintainer="hello@cloudogu.com" \
       NAME="k8s-component-operator" \
-      VERSION="0.3.0"
+      VERSION="0.4.0"
 
 WORKDIR /
 COPY --from=builder /workspace/target/k8s-component-operator .

diff --git a/Jenkinsfile b/Jenkinsfile
@@ -1,6 +1,6 @@
 #!groovy
 
-@Library(['github.com/cloudogu/ces-build-lib@1.65.0'])
+@Library(['github.com/cloudogu/ces-build-lib@1.67.0'])
 import com.cloudogu.ces.cesbuildlib.*
 
 // Creating necessary git objects
@@ -98,8 +98,6 @@ node('docker') {
             }
 
             stage('Deploy Manager') {
-                k3d.kubectl("create secret generic component-operator-helm-registry --from-file=config.json=k8s/emptyHelmRegistry.json --namespace default")
-                k3d.kubectl("create cm component-operator-helm-repository --from-literal=endpoint=dummy --from-literal=schema=oci --namespace default")
                 k3d.kubectl("apply -f ${sourceDeploymentYaml}")
             }
 
@@ -110,7 +108,7 @@ node('docker') {
             stageAutomaticRelease()
         } catch (Exception e) {
             k3d.collectAndArchiveLogs()
-            throw e
+            throw e as java.lang.Throwable
         } finally {
             stage('Remove k3d cluster') {
                 k3d.deleteK3d()
@@ -183,9 +181,8 @@ void stageStaticAnalysisSonarQube() {
 
 void stageAutomaticRelease() {
     if (gitflow.isReleaseBranch()) {
-        String releaseVersion = git.getSimpleBranchName()
-        String dockerReleaseVersion = releaseVersion.split("v")[1]
         String controllerVersion = makefile.getVersion()
+        String releaseVersion = "v${controllerVersion}".toString()
 
         stage('Build & Push Image') {
             withCredentials([usernamePassword(credentialsId: 'cesmarvin',
@@ -196,10 +193,10 @@ void stageAutomaticRelease() {
                         "login ${CES_MARVIN_USERNAME}\n" +
                         "password ${CES_MARVIN_PASSWORD}\" >> ~/.netrc"
             }
-            def dockerImage = docker.build("cloudogu/${repositoryName}:${dockerReleaseVersion}")
+            def dockerImage = docker.build("cloudogu/${repositoryName}:${controllerVersion}")
             sh "rm ~/.netrc"
             docker.withRegistry('https://registry.hub.docker.com/', 'dockerHubCredentials') {
-                dockerImage.push("${dockerReleaseVersion}")
+                dockerImage.push("${controllerVersion}")
             }
         }
 
@@ -235,11 +232,16 @@ void stageAutomaticRelease() {
                 .mountJenkinsUser()
                 .inside("--volume ${WORKSPACE}:/go/src/${project} -w /go/src/${project}")
                         {
+                            // Package operator-chart & crd-chart
                             make 'helm-package-release'
+                            make 'crd-helm-package'
 
+                            // Push charts
                             withCredentials([usernamePassword(credentialsId: 'harborhelmchartpush', usernameVariable: 'HARBOR_USERNAME', passwordVariable: 'HARBOR_PASSWORD')]) {
                                 sh ".bin/helm registry login ${registry} --username '${HARBOR_USERNAME}' --password '${HARBOR_PASSWORD}'"
+
                                 sh ".bin/helm push target/helm/${repositoryName}-${controllerVersion}.tgz oci://${registry}/${registry_namespace}/"
+                                sh ".bin/helm push target/helm-crd/${repositoryName}-crd-${controllerVersion}.tgz oci://${registry}/${registry_namespace}/"
                             }
                         }
         }

diff --git a/Makefile b/Makefile
@@ -1,13 +1,12 @@
 # Set these to the desired values
 ARTIFACT_ID=k8s-component-operator
-VERSION=0.3.0
+VERSION=0.4.0
 ## Image URL to use all building/pushing image targets
 IMAGE_DEV=${K3CES_REGISTRY_URL_PREFIX}/${ARTIFACT_ID}:${VERSION}
 IMAGE=cloudogu/${ARTIFACT_ID}:${VERSION}
 GOTAG?=1.21
-MAKEFILES_VERSION=8.0.0
+MAKEFILES_VERSION=8.5.0
 LINT_VERSION?=v1.52.1
-STAGE?=production
 
 ADDITIONAL_CLEAN=dist-clean
 

diff --git a/build/make/bats/Dockerfile b/build/make/bats/Dockerfile
@@ -4,4 +4,4 @@ ARG BATS_TAG
 FROM ${BATS_BASE_IMAGE}:${BATS_TAG}
 
 # Make bash more findable by scripts and tests
-RUN apk add make git bash
+RUN apk add make git bash
diff --git a/build/make/coder-lib.sh b/build/make/coder-lib.sh
@@ -0,0 +1,167 @@
+#!/bin/bash
+# a collection of helpful functions to update coder workspaces for rapid development
+set -e -u -x -o pipefail
+
+function getCoderUser() {
+  coder users show me -o json | jq -r '.username'
+}
+
+function getAllWorkspaces() {
+  coder list -c workspace | tail -n+2
+}
+
+function doesWorkspaceExist() {
+  coderUser="$1"
+  workspaceName="$2"
+
+  workspace=$(coder list -a -o json | jq -r "select(.[].owner_name == \"${coderUser}\" and  .[].name == \"${workspaceName}\") | .[0].name")
+  if [ -z "$workspace" ]; then
+    return 1 #workspace does not exist
+  else
+    return 0
+  fi
+}
+
+function generateUniqueWorkspaceName() {
+  local wantedWorkspacePrefix="$1"
+  # use time to make name unique
+  local time
+  time=$(date +'%H-%M-%S')
+  local lengthOfTime=${#time}
+  local delimiter='-'
+  local lengthOfDelimiter=${#delimiter}
+  # trim prefix, as workspace names are limited to 32 chars
+  local trimmedPrefix="${wantedWorkspacePrefix:0:$((32 - lengthOfDelimiter - lengthOfTime))}"
+  local uniqueName="${trimmedPrefix}${delimiter}${time}"
+  # '--' is forbidden in coder, replace multiple '-' with a single one.
+  echo "${uniqueName}" | awk '{gsub(/[-]+/,"-")}1'
+  # returns sth like 'myPrefix-12-45-23'
+}
+
+function buildImage() {
+  local tag="$1"
+  local buildDir="${2:-./build}"
+  local secretDir="${3:-./secretArgs}"
+  local containerExec="${4:-podman}"
+  local secretArgs=()
+  # include build-secrets if there are any
+  # shellcheck disable=SC2231
+  for secretPath in $secretDir/*; do
+    # do not match .sh scripts
+    [[ $secretPath == *.sh ]] && continue
+    local secretName
+    secretName=$(basename "$secretPath")
+    secretArgs+=("--secret=id=$secretName,src=$secretDir/$secretName")
+  done
+  if [ "$containerExec" = "podman" ]; then
+    $containerExec build -t "$tag" --pull=newer "$buildDir" "${secretArgs[@]}"
+  else
+    $containerExec build -t "$tag" --pull "$buildDir" "${secretArgs[@]}"
+  fi
+}
+
+function doTrivyConvert() {
+  local trivyFlags=$1
+  local outputFile=$2
+  local containerExec=$3
+  local jsonScanToConvert=$4
+
+  local containerJsonScanFile="/tmp/scan.json"
+
+  # shellcheck disable=SC2086
+  # as globbing is what we want here
+  "$containerExec" run --rm --pull=always \
+    -v trivy-cache:/root/.cache \
+    -v "$jsonScanToConvert:$containerJsonScanFile" \
+    aquasec/trivy -q \
+    convert $trivyFlags "$containerJsonScanFile"  > "$outputFile"
+}
+
+function uploadTemplate() {
+  local templateDir="${1:?"Error. you need to add the template directory as the first parameter"}"
+  local templateName="${2:?"Error. you need to add the template name as the second parameter"}"
+  # for terraform variables (not editable by workspace users)
+  local variablesFile="${templateDir}/variables.yaml"
+  if [ -f "$variablesFile" ]; then
+    local doesVariablesFileExist=1
+  fi
+  if ! coder template push -y -d "$templateDir" ${doesVariablesFileExist:+--variables-file "$variablesFile"} "$templateName"; then
+    # if template does not exist yet, create it in coder
+    coder template create -y -d "$templateDir" ${doesVariablesFileExist:+--variables-file "$variablesFile"} "$templateName"
+  fi
+}
+
+function createNewWorkspace() {
+  local templateName="$1"
+  local workspaceName="$2"
+  # 3. param is optional, set it to autofill prompts for coder params
+  local templateDir="${3-unset}"
+  local richParametersFile="${templateDir}/rich-parameters.yaml"
+  if [ -n "${templateDir+x}" ] && [ -f "$richParametersFile" ]; then
+    local doesRichParametersFileExist=1
+  fi
+  coder create -t "$templateName" -y "$workspaceName" ${doesRichParametersFileExist:+--rich-parameter-file "$richParametersFile"}
+}
+
+function removeAllOtherWorkspaces() {
+  local CODER_USER="$1"
+  local WORKSPACE_PREFIX="$2"
+  local IGNORED_WORKSPACE="$3"
+  WORKSPACES="$(getAllWorkspaces)"
+  for ws in $WORKSPACES; do
+    if [ "$ws" != "$CODER_USER/$IGNORED_WORKSPACE" ] && [[ "$ws" =~ ^"$CODER_USER/$WORKSPACE_PREFIX" ]]; then
+      echo "delete $ws"
+      if ! coder delete "$ws" -y; then
+        #do it twice as podman always throws an error at the first time
+        coder delete "$ws" -y
+      fi
+    fi
+  done
+}
+
+function updateWorkspace() {
+  local coderUser="$1"
+  local workspaceName="$2"
+  local qualifiedWorkspaceName="$coderUser/$workspaceName"
+  if ! coder stop "$qualifiedWorkspaceName" -y; then
+    #do it twice as podman always throws an error at the first time
+    coder stop "$qualifiedWorkspaceName" -y
+  fi
+  coder update "$qualifiedWorkspaceName"
+}
+
+function startTestWorkspace() {
+  local coderUser="$1"
+  local templateDir="$2"
+  local workspacePrefix="$3"
+  local templateName="$4"
+  local reuseTestWorkspace="$5"
+
+  local newWorkspaceName
+  if [ "$reuseTestWorkspace" = false ]; then
+    newWorkspaceName="$(generateUniqueWorkspaceName "$workspacePrefix")"
+    # do that before deleting others, so that i don't need to wait
+    createNewWorkspace "$templateName" "$newWorkspaceName" "$templateDir"
+    # trim prefix as the name of the workspace can also get trimmed
+    removeAllOtherWorkspaces "$coderUser" "${workspacePrefix:0:22}" "$newWorkspaceName"
+  else
+    newWorkspaceName="$workspacePrefix"
+    if ! doesWorkspaceExist "$coderUser" "$newWorkspaceName"; then
+      createNewWorkspace "$templateName" "$newWorkspaceName" "$templateDir"
+    else
+      updateWorkspace "$coderUser" "$newWorkspaceName"
+    fi
+  fi
+}
+
+function uploadToNexus() {
+  local fileToUpload="$1"
+  local fileNameNexus="${fileToUpload##*/}"
+  local templateName="$2"
+  local releaseVersion="$3"
+  local nexusUrl="${4:-https://ecosystem.cloudogu.com/nexus/repository/itz-bund/coder}"
+  set +x #disable command printing because of the password
+  curl --progress-bar -u "$(cat secrets/nexus-user):$(cat secrets/nexus-pw)" --upload-file "$fileToUpload" \
+    "$nexusUrl/$templateName/$releaseVersion/$fileNameNexus"
+  set -x
+}