diff --git a/.github/scripts/e2e-debug-failure.sh b/.github/scripts/e2e-debug-failure.sh new file mode 100755 index 00000000..9bf6af23 --- /dev/null +++ b/.github/scripts/e2e-debug-failure.sh @@ -0,0 +1,5 @@ +kubectl -n flux-system get all +kubectl -n flux-system logs deploy/source-controller +kubectl -n flux-system logs deploy/kustomize-controller +kubectl -n flux-system logs deploy/helm-controller +flux get all --all-namespaces \ No newline at end of file diff --git a/.github/scripts/e2e-setup-cluster-reconciliation.sh b/.github/scripts/e2e-setup-cluster-reconciliation.sh new file mode 100755 index 00000000..ae9d70e7 --- /dev/null +++ b/.github/scripts/e2e-setup-cluster-reconciliation.sh @@ -0,0 +1,20 @@ +if [ -z "$1" ]; then + echo "Error: 'repository_url' argument not set" + exit 1 +fi + +if [ -z "$2" ]; then + echo "Error: 'branch_name' argument not set" + exit 1 +fi + +repository_url=$1 +branch_name=$2 + +flux create source git flux-system \ + --url=$repository_url \ + --branch=$branch_name \ + --ignore-paths="k8s/clusters/**/flux-system/" +flux create kustomization flux-system \ + --source=flux-system \ + --path=./k8s/clusters/development diff --git a/.github/scripts/e2e-verify-cluster-reconciliation.sh b/.github/scripts/e2e-verify-cluster-reconciliation.sh new file mode 100755 index 00000000..f0a5cf97 --- /dev/null +++ b/.github/scripts/e2e-verify-cluster-reconciliation.sh @@ -0,0 +1,2 @@ +kubectl -n flux-system wait kustomization/infrastructure --for=condition=ready --timeout=5m +kubectl -n flux-system wait kustomization/apps --for=condition=ready --timeout=5m diff --git a/.github/scripts/e2e-verify-helm-reconciliation.sh b/.github/scripts/e2e-verify-helm-reconciliation.sh new file mode 100755 index 00000000..2118dcf9 --- /dev/null +++ b/.github/scripts/e2e-verify-helm-reconciliation.sh @@ -0,0 +1 @@ +# kubectl -n ingress-traefik wait helmrelease/ingress-traefik --for=condition=ready --timeout=5m diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml new file mode 100644 index 00000000..1b1bb9bd --- /dev/null +++ b/.github/workflows/e2e.yaml @@ -0,0 +1,36 @@ +name: End-to-end test + +on: + workflow_dispatch: + push: + branches: 'main' + pull_request: + branches: 'main' + +jobs: + end-to-end-test: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v3 + - name: Setup Flux + uses: fluxcd/flux2/action@main + - name: Extract branch name + run: echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT + id: extract_branch + - name: Setup Kubernetes + uses: nolar/setup-k3d-k3s@v1 + with: + k3d-name: cluster-test + github-token: ${{ secrets.GITHUB_TOKEN }} + - name: Install Flux + run: flux install + - name: Setup cluster reconciliation + run: ./.github/scripts/e2e-setup-cluster-reconciliation.sh ${{ github.event.repository.html_url }} ${{ steps.extract_branch.outputs.branch }} + - name: Verify cluster reconciliation + run: ./.github/scripts/e2e-verify-cluster-reconciliation.sh + - name: Verify helm reconciliation + run: ./.github/scripts/e2e-verify-helm-reconciliation.sh + - name: Debug failure + if: failure() + run: ./.github/scripts/e2e-debug-failure.sh diff --git a/.github/workflows/end-to-end-test.yaml b/.github/workflows/end-to-end-test.yaml deleted file mode 100644 index 44be972d..00000000 --- a/.github/workflows/end-to-end-test.yaml +++ /dev/null @@ -1,53 +0,0 @@ -name: End-to-end test of cluster reconciliation - -on: - workflow_dispatch: - push: - branches: 'main' - pull_request: - branches: 'main' - -jobs: - end-to-end-test: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Setup Flux - uses: fluxcd/flux2/action@main - - name: Extract branch name - shell: bash - run: echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT - id: extract_branch - - name: Setup Kubernetes - uses: nolar/setup-k3d-k3s@v1 - with: - k3d-name: cluster-test - github-token: ${{ secrets.GITHUB_TOKEN }} - - name: Install Flux - run: | - flux install - - name: Setup cluster reconciliation - run: | - flux create source git flux-system \ - --url=${{ github.event.repository.html_url }} \ - --branch=${{ steps.extract_branch.outputs.branch }} \ - --ignore-paths="./k8s/clusters/**/flux-system/" - flux create kustomization flux-system \ - --source=flux-system \ - --path=./k8s/clusters/development - - name: Verify cluster reconciliation - run: | - kubectl -n flux-system wait kustomization/infra-controllers --for=condition=ready --timeout=5m - kubectl -n flux-system wait kustomization/apps --for=condition=ready --timeout=5m - - name: Verify helm reconciliation - run: | - kubectl -n ingress-traefik wait helmrelease/ingress-traefik --for=condition=ready --timeout=5m - - name: Debug failure - if: failure() - run: | - kubectl -n flux-system get all - kubectl -n flux-system logs deploy/source-controller - kubectl -n flux-system logs deploy/kustomize-controller - kubectl -n flux-system logs deploy/helm-controller - flux get all --all-namespaces \ No newline at end of file diff --git a/k8s/clusters/development/apps.yaml b/k8s/clusters/development/apps.yaml index 6117afab..2feb6415 100644 --- a/k8s/clusters/development/apps.yaml +++ b/k8s/clusters/development/apps.yaml @@ -6,7 +6,7 @@ metadata: spec: interval: 10m dependsOn: - - name: infra-configs + - name: infrastructure sourceRef: kind: GitRepository name: flux-system diff --git a/k8s/clusters/development/infrastructure.yaml b/k8s/clusters/development/infrastructure.yaml index 2dc38c98..ae00383c 100644 --- a/k8s/clusters/development/infrastructure.yaml +++ b/k8s/clusters/development/infrastructure.yaml @@ -1,7 +1,7 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: infra-controllers + name: infrastructure namespace: flux-system spec: interval: 1h @@ -9,30 +9,7 @@ spec: sourceRef: kind: GitRepository name: flux-system - path: ./k8s/infrastructure/controllers + path: ./k8s/infrastructure/overlays/development prune: true wait: true ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: infra-configs - namespace: flux-system -spec: - dependsOn: - - name: infra-controllers - interval: 1h - retryInterval: 1m - sourceRef: - kind: GitRepository - name: flux-system - path: ./k8s/infrastructure/configs - prune: true - patches: - - patch: | - - op: replace - path: /spec/acme/server - value: https://acme-staging-v02.api.letsencrypt.org/directory - target: - kind: ClusterIssuer - name: letsencrypt + diff --git a/k8s/clusters/production/apps.yaml b/k8s/clusters/production/apps.yaml new file mode 100644 index 00000000..a3d2e396 --- /dev/null +++ b/k8s/clusters/production/apps.yaml @@ -0,0 +1,15 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: apps + namespace: flux-system +spec: + interval: 10m + dependsOn: + - name: infrastructure + sourceRef: + kind: GitRepository + name: flux-system + path: ./k8s/apps/overlays/production + prune: true + wait: true diff --git a/k8s/clusters/production/infrastructure.yaml b/k8s/clusters/production/infrastructure.yaml new file mode 100644 index 00000000..9e448421 --- /dev/null +++ b/k8s/clusters/production/infrastructure.yaml @@ -0,0 +1,15 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: infrastructure + namespace: flux-system +spec: + interval: 1h + retryInterval: 1m + sourceRef: + kind: GitRepository + name: flux-system + path: ./k8s/infrastructure/overlays/production + prune: true + wait: true + diff --git a/k8s/infrastructure/base/.gitkeep b/k8s/infrastructure/base/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/k8s/infrastructure/configs/cluster-issuers.yaml b/k8s/infrastructure/configs/cluster-issuers.yaml deleted file mode 100644 index a6ea00ff..00000000 --- a/k8s/infrastructure/configs/cluster-issuers.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt -spec: - acme: - # Replace the email address with your own contact email - email: cluster@devantler.com - # The server is replaced in /clusters/production/infrastructure.yaml - server: https://acme-staging-v02.api.letsencrypt.org/directory - privateKeySecretRef: - name: letsencrypt-traefik - solvers: - - http01: - ingress: - class: traefik \ No newline at end of file diff --git a/k8s/infrastructure/configs/network-policies.yaml b/k8s/infrastructure/configs/network-policies.yaml deleted file mode 100644 index 26acf412..00000000 --- a/k8s/infrastructure/configs/network-policies.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: weave-gitops-ingress - namespace: flux-system -spec: - policyTypes: - - Ingress - ingress: - - from: - - namespaceSelector: {} - podSelector: - matchLabels: - app.kubernetes.io/name: weave-gitops \ No newline at end of file diff --git a/k8s/infrastructure/controllers/ingress-traefik/kustomization.yaml b/k8s/infrastructure/controllers/ingress-traefik/kustomization.yaml deleted file mode 100644 index abf6261c..00000000 --- a/k8s/infrastructure/controllers/ingress-traefik/kustomization.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: ingress-traefik -resources: - - namespace.yaml - - repository.yaml - - release.yaml - diff --git a/k8s/infrastructure/controllers/ingress-traefik/namespace.yaml b/k8s/infrastructure/controllers/ingress-traefik/namespace.yaml deleted file mode 100644 index aedf6c4e..00000000 --- a/k8s/infrastructure/controllers/ingress-traefik/namespace.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: ingress-traefik \ No newline at end of file diff --git a/k8s/infrastructure/controllers/ingress-traefik/release.yaml b/k8s/infrastructure/controllers/ingress-traefik/release.yaml deleted file mode 100644 index 9da9dca1..00000000 --- a/k8s/infrastructure/controllers/ingress-traefik/release.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: ingress-traefik -spec: - interval: 30m - chart: - spec: - chart: traefik - version: "*" - sourceRef: - kind: HelmRepository - name: ingress-traefik - interval: 12h diff --git a/k8s/infrastructure/controllers/ingress-traefik/repository.yaml b/k8s/infrastructure/controllers/ingress-traefik/repository.yaml deleted file mode 100644 index 1c42b2c4..00000000 --- a/k8s/infrastructure/controllers/ingress-traefik/repository.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: source.toolkit.fluxcd.io/v1beta2 -kind: HelmRepository -metadata: - name: ingress-traefik -spec: - interval: 24h - url: https://traefik.github.io/charts \ No newline at end of file diff --git a/k8s/infrastructure/controllers/kustomization.yaml b/k8s/infrastructure/kustomization.yaml similarity index 68% rename from k8s/infrastructure/controllers/kustomization.yaml rename to k8s/infrastructure/kustomization.yaml index 3dd73a9c..419dcad1 100644 --- a/k8s/infrastructure/controllers/kustomization.yaml +++ b/k8s/infrastructure/kustomization.yaml @@ -1,4 +1,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: - - ingress-traefik \ No newline at end of file +resources: [] \ No newline at end of file diff --git a/k8s/infrastructure/configs/kustomization.yaml b/k8s/infrastructure/overlays/development/kustomization.yaml similarity index 50% rename from k8s/infrastructure/configs/kustomization.yaml rename to k8s/infrastructure/overlays/development/kustomization.yaml index 19f36876..419dcad1 100644 --- a/k8s/infrastructure/configs/kustomization.yaml +++ b/k8s/infrastructure/overlays/development/kustomization.yaml @@ -1,5 +1,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: - # - cluster-issuers.yaml - - network-policies.yaml \ No newline at end of file +resources: [] \ No newline at end of file diff --git a/k8s/infrastructure/overlays/production/kustomization.yaml b/k8s/infrastructure/overlays/production/kustomization.yaml new file mode 100644 index 00000000..419dcad1 --- /dev/null +++ b/k8s/infrastructure/overlays/production/kustomization.yaml @@ -0,0 +1,3 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: [] \ No newline at end of file