diff --git a/.cruft.json b/.cruft.json index c7a8e8f..ff273fc 100644 --- a/.cruft.json +++ b/.cruft.json @@ -10,7 +10,7 @@ "test_cases": "defaults", "add_lib": "n", "add_pp": "n", - "add_golden": "n", + "add_golden": "y", "add_matrix": "n", "add_go_unit": "n", "copyright_holder": "VSHN AG ", diff --git a/.editorconfig b/.editorconfig index 56b9042..ef177f7 100644 --- a/.editorconfig +++ b/.editorconfig @@ -27,3 +27,10 @@ insert_final_newline = false [Makefile] indent_style = tab + +; Ignore golden test outputs +[tests/golden/**] +indent_size = unset +indent_style = unset +insert_final_newline = unset +trim_trailing_whitespace = unset diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 885ee37..340be9c 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -38,3 +38,14 @@ jobs: path: ${{ env.COMPONENT_NAME }} - name: Compile component run: make test + golden: + runs-on: ubuntu-latest + defaults: + run: + working-directory: ${{ env.COMPONENT_NAME }} + steps: + - uses: actions/checkout@v4 + with: + path: ${{ env.COMPONENT_NAME }} + - name: Golden diff + run: make golden-diff diff --git a/Makefile b/Makefile index 0bd6775..f2e80be 100644 --- a/Makefile +++ b/Makefile @@ -21,7 +21,7 @@ help: ## Show this help all: lint .PHONY: lint -lint: lint_jsonnet lint_yaml lint_adoc ## All-in-one linting +lint: lint_jsonnet lint_yaml lint_adoc lint_kubent ## All-in-one linting .PHONY: lint_jsonnet lint_jsonnet: $(JSONNET_FILES) ## Lint jsonnet files @@ -34,6 +34,9 @@ lint_yaml: ## Lint yaml files .PHONY: lint_adoc lint_adoc: ## Lint documentation $(VALE_CMD) $(VALE_ARGS) +.PHONY: lint_kubent +lint_kubent: ## Check for deprecated Kubernetes API versions + $(KUBENT_DOCKER) $(KUBENT_ARGS) -f $(KUBENT_FILES) .PHONY: format format: format_jsonnet ## All-in-one formatting @@ -54,6 +57,17 @@ docs-serve: ## Preview the documentation .PHONY: test test: commodore_args += -f tests/$(instance).yml test: .compile ## Compile the component +.PHONY: gen-golden +gen-golden: commodore_args += -f tests/$(instance).yml +gen-golden: clean .compile ## Update the reference version for target `golden-diff`. + @rm -rf tests/golden/$(instance) + @mkdir -p tests/golden/$(instance) + @cp -R compiled/. tests/golden/$(instance)/. + +.PHONY: golden-diff +golden-diff: commodore_args += -f tests/$(instance).yml +golden-diff: clean .compile ## Diff compile output against the reference version. Review output and run `make gen-golden golden-diff` if this target fails. + @git diff --exit-code --minimal --no-index -- tests/golden/$(instance) compiled/ .PHONY: clean clean: ## Clean the project diff --git a/Makefile.vars.mk b/Makefile.vars.mk index 0c7dcf4..c16ae45 100644 --- a/Makefile.vars.mk +++ b/Makefile.vars.mk @@ -48,5 +48,11 @@ ANTORA_PREVIEW_CMD ?= $(DOCKER_CMD) run --rm --publish 35729:35729 --publish 202 COMMODORE_CMD ?= $(DOCKER_CMD) $(DOCKER_ARGS) $(git_volume) $(root_volume) docker.io/projectsyn/commodore:latest COMPILE_CMD ?= $(COMMODORE_CMD) component compile . $(commodore_args) JB_CMD ?= $(DOCKER_CMD) $(DOCKER_ARGS) --entrypoint /usr/local/bin/jb docker.io/projectsyn/commodore:latest install +GOLDEN_FILES ?= $(shell find tests/golden/$(instance) -type f) + +KUBENT_FILES ?= $(shell echo "$(GOLDEN_FILES)" | sed 's/ /,/g') +KUBENT_ARGS ?= -c=false --helm3=false -e +KUBENT_IMAGE ?= ghcr.io/doitintl/kube-no-trouble:latest +KUBENT_DOCKER ?= $(DOCKER_CMD) $(DOCKER_ARGS) $(root_volume) --entrypoint=/app/kubent $(KUBENT_IMAGE) instance ?= defaults diff --git a/class/defaults.yml b/class/defaults.yml index fb256ef..ae63397 100644 --- a/class/defaults.yml +++ b/class/defaults.yml @@ -17,3 +17,5 @@ parameters: argocd: image: quay.io/argoproj/argocd tag: 'v2.3.12@sha256:57474c3c31d2e3606e9c7dad2e449e604a48ac8e9aaaa413274aed41e6550e59' + + additional_facts: {} diff --git a/component/main.jsonnet b/component/main.jsonnet index 8db48fa..f14177a 100644 --- a/component/main.jsonnet +++ b/component/main.jsonnet @@ -70,8 +70,24 @@ local deployment = kube.Deployment('steward') { }, }; +local additionalFacts = kube.ConfigMap('additional-facts') { + metadata+: { + namespace: params.namespace, + labels: { + 'app.kubernetes.io/name': 'steward', + 'app.kubernetes.io/managed-by': 'syn', + }, + }, + data: std.mapWithKey( + function(_, v) + if std.isString(v) then v else std.manifestJsonMinified(v), + std.prune(params.additional_facts) + ), +}; + { '01_rbac': [ cluster_role, service_account, cluster_role_binding ], '05_secret': secret, '10_deployment': deployment, + '20_additional_facts': additionalFacts, } diff --git a/docs/modules/ROOT/pages/references/parameters.adoc b/docs/modules/ROOT/pages/references/parameters.adoc index 27efdaf..a37074c 100644 --- a/docs/modules/ROOT/pages/references/parameters.adoc +++ b/docs/modules/ROOT/pages/references/parameters.adoc @@ -57,6 +57,26 @@ defaults:: https://github.com/projectsyn/component-steward/blob/master/class/def The Steward and ArgoCD container image versions which the component should use. +== `additional_facts` + +[horizontal] +type:: dict +default:: `{}` +example:: ++ +[source,yaml] +---- +additional_facts: + myIdFromHierarchy: mx7bMF3VIfVpGhMZDnoW65oG08Wv9ICYXetH5DNM + glusterVersion: + major: 11 + minor: 1 +---- + +Additional facts to be added to the dynamic facts Steward provides to Lieutenant. +Objects are serialized to JSON. +Dynamic facts implemented in Steward can't be overridden. + == Example [source,yaml] diff --git a/renovate.json b/renovate.json index 8453e41..4b304e3 100644 --- a/renovate.json +++ b/renovate.json @@ -7,6 +7,14 @@ "ignorePaths": [ ".github/**" ], + "postUpgradeTasks": { + "commands": [ + "make gen-golden" + ], + "fileFilters": [ "tests/golden/**" ], + "executionMode": "update" + }, + "suppressNotifications": [ "artifactErrors" ], "labels": [ "dependency" ], diff --git a/tests/defaults.yml b/tests/defaults.yml index 8b13789..a4d1366 100644 --- a/tests/defaults.yml +++ b/tests/defaults.yml @@ -1 +1,7 @@ - +parameters: + steward: + additional_facts: + blub: blub + blubobj: + blub: blub + deleted_blub: null diff --git a/tests/golden/defaults/steward/apps/steward.yaml b/tests/golden/defaults/steward/apps/steward.yaml new file mode 100644 index 0000000..e69de29 diff --git a/tests/golden/defaults/steward/steward/01_rbac.yaml b/tests/golden/defaults/steward/steward/01_rbac.yaml new file mode 100644 index 0000000..03e97fa --- /dev/null +++ b/tests/golden/defaults/steward/steward/01_rbac.yaml @@ -0,0 +1,43 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + annotations: {} + labels: + name: syn-admin + name: syn-admin +rules: + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + - nonResourceURLs: + - '*' + verbs: + - '*' +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + labels: + name: steward + name: steward + namespace: syn +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + annotations: {} + labels: + name: syn-steward + name: syn-steward +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: syn-admin +subjects: + - kind: ServiceAccount + name: steward + namespace: syn diff --git a/tests/golden/defaults/steward/steward/05_secret.yaml b/tests/golden/defaults/steward/steward/05_secret.yaml new file mode 100644 index 0000000..93b79aa --- /dev/null +++ b/tests/golden/defaults/steward/steward/05_secret.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +data: + token: '' +kind: Secret +metadata: + annotations: {} + labels: + name: steward + name: steward + namespace: syn +stringData: + token: t-silent-test-1234/c-green-test-1234/steward/token +type: Opaque diff --git a/tests/golden/defaults/steward/steward/10_deployment.yaml b/tests/golden/defaults/steward/steward/10_deployment.yaml new file mode 100644 index 0000000..f179a0a --- /dev/null +++ b/tests/golden/defaults/steward/steward/10_deployment.yaml @@ -0,0 +1,69 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + labels: + app.kubernetes.io/managed-by: syn + app.kubernetes.io/name: steward + name: steward + namespace: syn +spec: + minReadySeconds: 30 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/managed-by: syn + app.kubernetes.io/name: steward + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + annotations: {} + labels: + app.kubernetes.io/managed-by: syn + app.kubernetes.io/name: steward + spec: + containers: + - args: [] + env: + - name: STEWARD_API + value: https://api.syn.vshn.net/ + - name: STEWARD_ARGO_IMAGE + value: quay.io/argoproj/argocd:v2.3.12@sha256:57474c3c31d2e3606e9c7dad2e449e604a48ac8e9aaaa413274aed41e6550e59 + - name: STEWARD_CLUSTER_ID + value: c-green-test-1234 + - name: STEWARD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: STEWARD_TOKEN + valueFrom: + secretKeyRef: + key: token + name: steward + image: docker.io/projectsyn/steward:v0.10.0@sha256:97d526bf5493e9dd8923818ff70ae7c778f0b726efbafb1f42f8b6316fd4cd03 + imagePullPolicy: Always + name: steward + ports: [] + resources: + limits: + cpu: 200m + memory: 64Mi + requests: + cpu: 100m + memory: 32Mi + securityContext: + runAsNonRoot: true + stdin: false + tty: false + volumeMounts: [] + imagePullSecrets: [] + initContainers: [] + serviceAccountName: steward + terminationGracePeriodSeconds: 30 + volumes: [] diff --git a/tests/golden/defaults/steward/steward/20_additional_facts.yaml b/tests/golden/defaults/steward/steward/20_additional_facts.yaml new file mode 100644 index 0000000..de259f2 --- /dev/null +++ b/tests/golden/defaults/steward/steward/20_additional_facts.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +data: + blub: blub + blubobj: '{"blub":"blub"}' +kind: ConfigMap +metadata: + annotations: {} + labels: + app.kubernetes.io/managed-by: syn + app.kubernetes.io/name: steward + name: additional-facts + namespace: syn