From f3c2902666fd78ff33eb7562d3fb7f6fabaa594c Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Thu, 23 May 2024 21:17:00 +0000 Subject: [PATCH] Ci: make dev_apply work from local files --- admin/dev_apply.sh | 2 ++ admin/libhelm.sh | 15 +++++---- charts/kubezero-telemetry/fluentd.patch | 44 +++++++++++++++++++++++++ scripts/extract_sealedsecrets_key.sh | 3 ++ scripts/git-pre-receive-hook.sh | 0 5 files changed, 57 insertions(+), 7 deletions(-) create mode 100644 charts/kubezero-telemetry/fluentd.patch create mode 100755 scripts/extract_sealedsecrets_key.sh mode change 100644 => 100755 scripts/git-pre-receive-hook.sh diff --git a/admin/dev_apply.sh b/admin/dev_apply.sh index be7a898c..5c877d7e 100755 --- a/admin/dev_apply.sh +++ b/admin/dev_apply.sh @@ -6,6 +6,8 @@ set -x ARTIFACTS=($(echo $1 | tr "," "\n")) ACTION=${2:-apply} +LOCAL_DEV=1 + #VERSION="latest" KUBE_VERSION="$(kubectl version -o json | jq -r .serverVersion.gitVersion)" diff --git a/admin/libhelm.sh b/admin/libhelm.sh index 2e4aa524..68f95261 100644 --- a/admin/libhelm.sh +++ b/admin/libhelm.sh @@ -19,7 +19,11 @@ function wait_for() { function chart_location() { - echo "$1 --repo https://cdn.zero-downtime.net/charts" + if [ -n "$LOCAL_DEV" ]; then + echo $CHARTS/$1 + else + echo "$1 --repo https://cdn.zero-downtime.net/charts" + fi } @@ -105,8 +109,8 @@ function delete_ns() { # Extract crds via helm calls and apply delta=crds only function _crds() { - helm template $(chart_location $chart) -n $namespace --name-template $module $targetRevision --skip-crds --set ${module}.installCRDs=false -f $WORKDIR/values.yaml $API_VERSIONS --kube-version $KUBE_VERSION > $WORKDIR/helm-no-crds.yaml - helm template $(chart_location $chart) -n $namespace --name-template $module $targetRevision --include-crds --set ${module}.installCRDs=true -f $WORKDIR/values.yaml $API_VERSIONS --kube-version $KUBE_VERSION > $WORKDIR/helm-crds.yaml + helm secrets --evaluate-templates template $(chart_location $chart) -n $namespace --name-template $module $targetRevision --skip-crds --set ${module}.installCRDs=false -f $WORKDIR/values.yaml $API_VERSIONS --kube-version $KUBE_VERSION > $WORKDIR/helm-no-crds.yaml + helm secrets --evaluate-templates template $(chart_location $chart) -n $namespace --name-template $module $targetRevision --include-crds --set ${module}.installCRDs=true -f $WORKDIR/values.yaml $API_VERSIONS --kube-version $KUBE_VERSION > $WORKDIR/helm-crds.yaml diff -e $WORKDIR/helm-no-crds.yaml $WORKDIR/helm-crds.yaml | head -n-1 | tail -n+2 > $WORKDIR/crds.yaml # Only apply if there are actually any crds @@ -120,7 +124,7 @@ function _crds() { # helm template | kubectl apply -f - # confine to one namespace if possible function render() { - helm template $(chart_location $chart) -n $namespace --name-template $module $targetRevision --skip-crds -f $WORKDIR/values.yaml $API_VERSIONS --kube-version $KUBE_VERSION $@ \ + helm secrets --evaluate-templates template $(chart_location $chart) -n $namespace --name-template $module $targetRevision --skip-crds -f $WORKDIR/values.yaml $API_VERSIONS --kube-version $KUBE_VERSION $@ \ | python3 -c ' #!/usr/bin/python3 import yaml @@ -169,9 +173,6 @@ function _helm() { render kubectl $action -f $WORKDIR/helm.yaml --server-side --force-conflicts && rc=$? || rc=$? - # Try again without server-side, review with 1.26, required for cert-manager during 1.25 - [ $rc -ne 0 ] && kubectl $action -f $WORKDIR/helm.yaml && rc=$? || rc=$? - # Optional post hook declare -F ${module}-post && ${module}-post diff --git a/charts/kubezero-telemetry/fluentd.patch b/charts/kubezero-telemetry/fluentd.patch new file mode 100644 index 00000000..f6e11db5 --- /dev/null +++ b/charts/kubezero-telemetry/fluentd.patch @@ -0,0 +1,44 @@ +diff -rtuN charts/fluentd.orig/templates/fluentd-configurations-cm.yaml charts/fluentd/templates/fluentd-configurations-cm.yaml +--- charts/fluentd.orig/templates/fluentd-configurations-cm.yaml 2024-04-08 11:00:03.030515998 +0000 ++++ charts/fluentd/templates/fluentd-configurations-cm.yaml 2024-04-08 11:00:03.040516045 +0000 +@@ -9,7 +9,7 @@ + data: + {{- range $key, $value := .Values.fileConfigs }} + {{$key }}: |- +- {{- $value | nindent 4 }} ++ {{- (tpl $value $) | nindent 4 }} + {{- end }} + {{- end }} + +diff -rtuN charts/fluentd.orig/templates/tests/test-connection.yaml charts/fluentd/templates/tests/test-connection.yaml +--- charts/fluentd.orig/templates/tests/test-connection.yaml 2024-04-08 11:00:03.030515998 +0000 ++++ charts/fluentd/templates/tests/test-connection.yaml 2024-04-08 11:03:16.254774985 +0000 +@@ -4,6 +4,7 @@ + If the fluentd config is overriden and the metrics server removed + this will fail. + */}} ++{{- if .Values.testFramework.enabled }} + {{ if empty .Values.service.ports }} + apiVersion: v1 + kind: Pod +@@ -26,4 +27,5 @@ + while :; do nc -vz {{ include "fluentd.fullname" . }}:24231 && break; sleep 1; done + wget '{{ include "fluentd.fullname" . }}:24231/metrics' + restartPolicy: Never +-{{ end }} +\ No newline at end of file ++{{ end }} ++{{- end }} +diff -rtuN charts/fluentd.orig/values.yaml charts/fluentd/values.yaml +--- charts/fluentd.orig/values.yaml 2024-04-08 11:00:03.030515998 +0000 ++++ charts/fluentd/values.yaml 2024-04-08 11:00:03.040516045 +0000 +@@ -13,6 +13,9 @@ + pullPolicy: "IfNotPresent" + tag: "" + ++testFramework: ++ enabled: false ++ + ## Optional array of imagePullSecrets containing private registry credentials + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + imagePullSecrets: [] diff --git a/scripts/extract_sealedsecrets_key.sh b/scripts/extract_sealedsecrets_key.sh new file mode 100755 index 00000000..3c6ffff3 --- /dev/null +++ b/scripts/extract_sealedsecrets_key.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +kubectl get secret -n kube-system -l sealedsecrets.bitnami.com/sealed-secrets-key -o yaml diff --git a/scripts/git-pre-receive-hook.sh b/scripts/git-pre-receive-hook.sh old mode 100644 new mode 100755