From e63cf1f7853bf844b3b148b44575efddaad8941b Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Mon, 9 Jun 2025 15:22:32 +0300 Subject: [PATCH 1/2] =?UTF-8?q?Revert=20"chore:=20remove=20deprecated=20ev?= =?UTF-8?q?ent=20reporter=20templates=20for=20rollout=20and=20wor=E2=80=A6?= =?UTF-8?q?=20(#490)"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit 6bf31fe6e658f168ddc2224188eabcfa7a8c963f. --- .../_components/event-reporters/_helpers.tpl | 151 +++++++++++ .../rollout-reporter/_event-source.yaml | 62 +++++ .../rollout-reporter/_rbac.yaml | 31 +++ .../rollout-reporter/_sensor.yaml | 47 ++++ .../rollout-reporter/_serviceaccount.yaml | 10 + .../workflow-reporter/_event-source.yaml | 43 +++ .../workflow-reporter/_rbac.yaml} | 14 +- .../workflow-reporter/_sensor.yaml | 39 +++ .../workflow-reporter/_serviceaccount.yaml} | 11 +- charts/gitops-runtime/templates/_helpers.tpl | 29 -- .../rollout-reporter/clusterrolebinding.yaml | 22 ++ .../rollout-reporter/eventsource.yaml | 6 + .../rollout-reporter/rbac.yaml | 6 + .../rollout-reporter/sensor.yaml | 6 + .../rollout-reporter/serviceaccount.yaml | 6 + .../workflow-reporter/eventsource.yaml | 7 + .../workflow-reporter/rbac.yaml | 7 + .../workflow-reporter/sensor.yaml | 7 + .../workflow-reporter/serviceaccount.yaml | 7 + ...o-projects-templates-integration_test.yaml | 16 ++ .../gitops-runtime/tests/custom-ca_test.yaml | 125 +++++++++ .../tests/event-reporters-sensors_test.yaml | 247 ++++++++++++++++++ .../tests/external_argo_rollouts_test.yaml | 88 +++++++ .../tests/global_constraints_test.yaml | 204 +++++++++++++++ .../tests/rollouts-enabled-disabled_test.yaml | 26 ++ .../values/subcharts-constraints-values.yaml | 16 ++ .../workflows-enabled-disabled_test.yaml | 34 +++ charts/gitops-runtime/values.yaml | 80 +++++- 28 files changed, 1292 insertions(+), 55 deletions(-) create mode 100644 charts/gitops-runtime/templates/_components/event-reporters/_helpers.tpl create mode 100644 charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_event-source.yaml create mode 100644 charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_rbac.yaml create mode 100644 charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_sensor.yaml create mode 100644 charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_serviceaccount.yaml create mode 100644 charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_event-source.yaml rename charts/gitops-runtime/templates/{workflow-reporter-rbac.yaml => _components/event-reporters/workflow-reporter/_rbac.yaml} (64%) create mode 100644 charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_sensor.yaml rename charts/gitops-runtime/templates/{workflow-reporter-sa.yaml => _components/event-reporters/workflow-reporter/_serviceaccount.yaml} (52%) create mode 100644 charts/gitops-runtime/templates/event-reporters/rollout-reporter/clusterrolebinding.yaml create mode 100644 charts/gitops-runtime/templates/event-reporters/rollout-reporter/eventsource.yaml create mode 100644 charts/gitops-runtime/templates/event-reporters/rollout-reporter/rbac.yaml create mode 100644 charts/gitops-runtime/templates/event-reporters/rollout-reporter/sensor.yaml create mode 100644 charts/gitops-runtime/templates/event-reporters/rollout-reporter/serviceaccount.yaml create mode 100644 charts/gitops-runtime/templates/event-reporters/workflow-reporter/eventsource.yaml create mode 100644 charts/gitops-runtime/templates/event-reporters/workflow-reporter/rbac.yaml create mode 100644 charts/gitops-runtime/templates/event-reporters/workflow-reporter/sensor.yaml create mode 100644 charts/gitops-runtime/templates/event-reporters/workflow-reporter/serviceaccount.yaml create mode 100644 charts/gitops-runtime/tests/event-reporters-sensors_test.yaml create mode 100644 charts/gitops-runtime/tests/external_argo_rollouts_test.yaml create mode 100644 charts/gitops-runtime/tests/rollouts-enabled-disabled_test.yaml diff --git a/charts/gitops-runtime/templates/_components/event-reporters/_helpers.tpl b/charts/gitops-runtime/templates/_components/event-reporters/_helpers.tpl new file mode 100644 index 00000000..f8dd300e --- /dev/null +++ b/charts/gitops-runtime/templates/_components/event-reporters/_helpers.tpl @@ -0,0 +1,151 @@ +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "event-reporters.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Expand the name of the chart. +*/}} +{{- define "event-reporters.rollout-reporter.name" -}} +{{- print "rollout-reporter"}} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "event-reporters.rollout-reporter.fullname" -}} +{{- print "rollout-reporter"}} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "event-reporters.rollout-reporter.labels" -}} +helm.sh/chart: {{ include "event-reporters.chart" . }} +{{ include "event-reporters.rollout-reporter.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: Helm +codefresh.io/internal: "true" +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "event-reporters.rollout-reporter.selectorLabels" -}} +app.kubernetes.io/part-of: rollout-reporter +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "event-reporters.rollout-reporter.serviceAccountName" -}} + {{- if .Values.rollout.serviceAccount.create }} + {{- default (include "event-reporters.rollout-reporter.fullname" .) .Values.rollout.serviceAccount.name }} + {{- else }} + {{- default "default" .Values.rollout.serviceAccount.name }} + {{- end }} +{{- end }} + +{{/* +Expand the name of the chart. +*/}} +{{- define "event-reporters.workflow-reporter.name" -}} +{{- print "workflow-reporter"}} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "event-reporters.workflow-reporter.fullname" -}} +{{- print "workflow-reporter"}} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "event-reporters.workflow-reporter.labels" -}} +helm.sh/chart: {{ include "event-reporters.chart" . }} +{{ include "event-reporters.workflow-reporter.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: Helm +codefresh.io/internal: "true" +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "event-reporters.workflow-reporter.selectorLabels" -}} +app.kubernetes.io/part-of: workflow-reporter +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "event-reporters.workflow-reporter.serviceAccountName" -}} + {{- if .Values.workflow.serviceAccount.create }} + {{- default "codefresh-sa" .Values.workflow.serviceAccount.name }} + {{- else }} + {{- default "default" .Values.workflow.serviceAccount.name }} + {{- end }} +{{- end }} + +{{/* +Create a single event-source sensor http trigger +assumes the name, condition and payload.dependencyName are identical +*/}} +{{- define "event-reporters.http.trigger" -}} +{{- $url := (printf "%s%s" .Values.global.codefresh.url .Values.global.codefresh.apiEventsPath | quote) -}} +- template: + name: {{ .name }} + conditions: {{ .name }} + http: + method: POST + url: {{ $url }} + {{- if or .Values.global.codefresh.tls.caCerts.secret.create .Values.global.codefresh.tls.caCerts.secretKeyRef}} + tls: + caCertSecret: + name: {{ .Values.global.codefresh.tls.caCerts.secret.create | ternary "codefresh-tls-certs" .Values.global.codefresh.tls.caCerts.secretKeyRef.name }} + key: {{ .Values.global.codefresh.tls.caCerts.secret.create | ternary (default "ca-bundle.crt" .Values.global.codefresh.tls.caCerts.secret.key) .Values.global.codefresh.tls.caCerts.secretKeyRef.key }} + {{- end }} + headers: + Content-Type: application/json + secureHeaders: + - name: Authorization + valueFrom: + secretKeyRef: + key: token + name: codefresh-token + payload: + - dest: {{ .payloadDest }} + src: + dataKey: body + dependencyName: {{ .name }} + {{- if .retryStrategy }} + retryStrategy: + {{- .retryStrategy | toYaml | nindent 4 }} + {{- end }} +{{- end -}} + +{{/* Logging trigger for the sensor - gets sensor.logging dict */}} +{{- define "event-reporters.log.trigger" -}} + {{- if .enabled }} +- template: + name: log-trigger + {{- if gt (int .intervalSeconds) 0 }} + log: + intervalSeconds: {{ .intervalSeconds }} + {{- else }} + log: {} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_event-source.yaml b/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_event-source.yaml new file mode 100644 index 00000000..b801e593 --- /dev/null +++ b/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_event-source.yaml @@ -0,0 +1,62 @@ +{{- define "event-reporters.rollout-reporter.eventsource"}} +apiVersion: argoproj.io/v1alpha1 +kind: EventSource +metadata: + name: rollout-reporter + labels: + {{- include "event-reporters.rollout-reporter.labels" . | nindent 4}} +spec: + replicas: {{ .Values.rollout.eventSource.replicas }} + eventBusName: {{ default "codefresh-eventbus" .Values.global.runtime.eventBus.name }} + resource: + analysisruns: + eventTypes: + - ADD + - UPDATE + - DELETE + filter: + createdBy: null + group: argoproj.io + resource: analysisruns + version: v1alpha1 + replicasets: + eventTypes: + - ADD + - UPDATE + - DELETE + filter: + createdBy: null + group: apps + resource: replicasets + version: v1 + rollouts: + eventTypes: + - ADD + - UPDATE + - DELETE + filter: + createdBy: null + group: argoproj.io + resource: rollouts + version: v1alpha1 + template: + container: + name: "" + resources: + {{- with .Values.rollout.eventSource.resources }} + {{- . | toYaml | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "event-reporters.rollout-reporter.serviceAccountName" .}} + tolerations: + {{- with .Values.rollout.eventSource.tolerations | default .Values.global.tolerations }} + {{- . | toYaml | nindent 6 }} + {{- end }} + nodeSelector: + {{- with .Values.rollout.eventSource.nodeSelector | default .Values.global.nodeSelector }} + {{- . | toYaml | nindent 6 }} + {{- end }} + affinity: + {{- with .Values.affinity }} + {{- . | toYaml | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_rbac.yaml b/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_rbac.yaml new file mode 100644 index 00000000..bb7966f7 --- /dev/null +++ b/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_rbac.yaml @@ -0,0 +1,31 @@ +{{- define "event-reporters.rollout-reporter.rbac"}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: rollout-reporter-sa + labels: + app.kubernetes.io/part-of: rollout-reporter + codefresh.io/internal: "true" +rules: + - apiGroups: + - "*" + resources: + - "*" + verbs: + - "*" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: rollout-reporter-sa + labels: + app.kubernetes.io/part-of: workflow-reporter + codefresh.io/internal: "true" +roleRef: + apiGroup: "" + kind: Role + name: rollout-reporter-sa +subjects: + - kind: ServiceAccount + name: {{ include "event-reporters.rollout-reporter.serviceAccountName" . }} +{{- end }} \ No newline at end of file diff --git a/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_sensor.yaml b/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_sensor.yaml new file mode 100644 index 00000000..6639b51b --- /dev/null +++ b/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_sensor.yaml @@ -0,0 +1,47 @@ +{{- define "event-reporters.rollout-reporter.sensor"}} +apiVersion: argoproj.io/v1alpha1 +kind: Sensor +metadata: + name: rollout-reporter + labels: + {{- include "event-reporters.rollout-reporter.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.rollout.sensor.replicas }} + dependencies: + - name: rollouts + eventSourceName: rollout-reporter + eventName: rollouts + - name: replicasets + eventSourceName: rollout-reporter + eventName: replicasets + - name: analysisruns + eventSourceName: rollout-reporter + eventName: analysisruns + eventBusName: {{ default "codefresh-eventbus" .Values.global.runtime.eventBus.name }} + template: + serviceAccountName: {{ include "event-reporters.rollout-reporter.serviceAccountName" .}} + container: + name: "" + {{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" .Values.rollout.sensor.env | nindent 6 }} + resources: + {{- with .Values.rollout.sensor.resources }} + {{- . | toYaml | nindent 8 }} + {{- end }} + tolerations: + {{- with .Values.rollout.sensor.tolerations | default .Values.global.tolerations }} + {{- . | toYaml | nindent 6 }} + {{- end }} + nodeSelector: + {{- with .Values.rollout.sensor.nodeSelector | default .Values.global.nodeSelector}} + {{- . | toYaml | nindent 6 }} + {{- end }} + affinity: + {{- with .Values.affinity }} + {{- . | toYaml | nindent 6 }} + {{- end }} + triggers: + {{- include "event-reporters.http.trigger" (dict "name" "rollouts" "Values" .Values "payloadDest" "data.object" "retryStrategy" .Values.rollout.sensor.retryStrategy) | nindent 4 }} + {{- include "event-reporters.http.trigger" (dict "name" "replicasets" "Values" .Values "payloadDest" "data.object" "retryStrategy" .Values.rollout.sensor.retryStrategy) | nindent 4 }} + {{- include "event-reporters.http.trigger" (dict "name" "analysisruns" "Values" .Values "payloadDest" "data.object" "retryStrategy" .Values.rollout.sensor.retryStrategy) | nindent 4 }} + {{- include "event-reporters.log.trigger" (.Values.rollout.sensor.logging) | nindent 4 }} +{{- end }} diff --git a/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_serviceaccount.yaml b/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_serviceaccount.yaml new file mode 100644 index 00000000..1d2ae3f8 --- /dev/null +++ b/charts/gitops-runtime/templates/_components/event-reporters/rollout-reporter/_serviceaccount.yaml @@ -0,0 +1,10 @@ +{{- define "event-reporters.rollout-reporter.sa"}} + {{- if .Values.rollout.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "event-reporters.rollout-reporter.serviceAccountName" .}} + labels: + {{- include "event-reporters.rollout-reporter.labels" . | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_event-source.yaml b/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_event-source.yaml new file mode 100644 index 00000000..c613bb39 --- /dev/null +++ b/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_event-source.yaml @@ -0,0 +1,43 @@ +{{- define "event-reporters.workflow-reporter.eventsource"}} +apiVersion: argoproj.io/v1alpha1 +kind: EventSource +metadata: + name: workflow-reporter + labels: + {{- include "event-reporters.workflow-reporter.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.workflow.eventSource.replicas }} + eventBusName: {{ default "codefresh-eventbus" .Values.global.runtime.eventBus.name }} + resource: + workflows: + eventTypes: + - ADD + - UPDATE + - DELETE + filter: + createdBy: null + namespace: {{ .Release.Namespace }} + group: argoproj.io + resource: workflows + version: v1alpha1 + template: + container: + name: "" + resources: + {{- with .Values.workflow.eventSource.resources }} + {{- . | toYaml | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "event-reporters.workflow-reporter.serviceAccountName" .}} + tolerations: + {{- with .Values.workflow.eventSource.tolerations | default .Values.global.tolerations }} + {{- toYaml . | nindent 6 }} + {{- end }} + nodeSelector: + {{- with .Values.workflow.eventSource.nodeSelector | default .Values.global.nodeSelector }} + {{- toYaml . | nindent 6 }} + {{- end }} + affinity: + {{- with .Values.affinity }} + {{- toYaml . | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/gitops-runtime/templates/workflow-reporter-rbac.yaml b/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_rbac.yaml similarity index 64% rename from charts/gitops-runtime/templates/workflow-reporter-rbac.yaml rename to charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_rbac.yaml index 14dca1b9..38b48031 100644 --- a/charts/gitops-runtime/templates/workflow-reporter-rbac.yaml +++ b/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_rbac.yaml @@ -1,7 +1,4 @@ -{{/* -Workflow reporter RBAC for backward compatibility -*/}} -{{- if (index .Values "event-reporters" "workflow" "serviceAccount" "create") }} +{{- define "event-reporters.workflow-reporter.rbac"}} apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: @@ -21,12 +18,13 @@ kind: RoleBinding metadata: name: workflow-reporter labels: - {{- include "event-reporters.workflow-reporter.labels" . | nindent 4 }} + app.kubernetes.io/part-of: workflow-reporter + codefresh.io/internal: "true" roleRef: - apiGroup: rbac.authorization.k8s.io + apiGroup: "" kind: Role name: workflow-reporter subjects: - kind: ServiceAccount - name: {{ include "event-reporters.workflow-reporter.serviceAccountName" . }} -{{- end }} \ No newline at end of file + name: {{ include "event-reporters.workflow-reporter.serviceAccountName" .}} +{{- end }} diff --git a/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_sensor.yaml b/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_sensor.yaml new file mode 100644 index 00000000..77f02f91 --- /dev/null +++ b/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_sensor.yaml @@ -0,0 +1,39 @@ +{{- define "event-reporters.workflow-reporter.sensor"}} +apiVersion: argoproj.io/v1alpha1 +kind: Sensor +metadata: + name: workflow-reporter + labels: + {{- include "event-reporters.workflow-reporter.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.workflow.sensor.replicas }} + dependencies: + - eventName: workflows + eventSourceName: workflow-reporter + name: workflows + eventBusName: {{ default "codefresh-eventbus" .Values.global.runtime.eventBus.name }} + template: + serviceAccountName: {{ include "event-reporters.workflow-reporter.serviceAccountName" .}} + container: + name: "" + {{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" .Values.workflow.sensor.env | nindent 6 }} + resources: + {{- with .Values.workflow.sensor.resources }} + {{- . | toYaml | nindent 8 }} + {{- end }} + tolerations: + {{- with .Values.workflow.sensor.tolerations | default .Values.global.tolerations}} + {{- . | toYaml | nindent 6 }} + {{- end }} + nodeSelector: + {{- with .Values.workflow.sensor.nodeSelector | default .Values.global.nodeSelector }} + {{- . | toYaml | nindent 6 }} + {{- end }} + affinity: + {{- with .Values.affinity }} + {{- . | toYaml | nindent 6 }} + {{- end }} + triggers: + {{- include "event-reporters.http.trigger" (dict "name" "workflows" "Values" .Values "payloadDest" "data.object" "retryStrategy" .Values.workflow.sensor.retryStrategy) | nindent 4 }} + {{- include "event-reporters.log.trigger" (.Values.workflow.sensor.logging) | nindent 4 }} +{{- end }} diff --git a/charts/gitops-runtime/templates/workflow-reporter-sa.yaml b/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_serviceaccount.yaml similarity index 52% rename from charts/gitops-runtime/templates/workflow-reporter-sa.yaml rename to charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_serviceaccount.yaml index 83abcfe2..023a4c84 100644 --- a/charts/gitops-runtime/templates/workflow-reporter-sa.yaml +++ b/charts/gitops-runtime/templates/_components/event-reporters/workflow-reporter/_serviceaccount.yaml @@ -1,11 +1,10 @@ -{{/* -Workflow reporter service account for backward compatibility -*/}} -{{- if (index .Values "event-reporters" "workflow" "serviceAccount" "create") }} +{{- define "event-reporters.workflow-reporter.sa"}} + {{- if .Values.workflow.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "event-reporters.workflow-reporter.serviceAccountName" . }} + name: {{ include "event-reporters.workflow-reporter.serviceAccountName" .}} labels: {{- include "event-reporters.workflow-reporter.labels" . | nindent 4 }} -{{- end }} \ No newline at end of file + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/gitops-runtime/templates/_helpers.tpl b/charts/gitops-runtime/templates/_helpers.tpl index 1ae368c3..285a1890 100644 --- a/charts/gitops-runtime/templates/_helpers.tpl +++ b/charts/gitops-runtime/templates/_helpers.tpl @@ -507,32 +507,3 @@ valueFrom: optional: true {{- end }} # ------------------------------------------------------------------------------------------------------------ - -# ------------------------------------------------------------------------------------------------------------ -# event-reporters workflow reporter helpers (backward compatibility) -# ------------------------------------------------------------------------------------------------------------ -{{/* -Create the name of the service account to use for workflow reporter -*/}} -{{- define "event-reporters.workflow-reporter.serviceAccountName" -}} - {{- if (index .Values "event-reporters" "workflow" "serviceAccount" "create") }} - {{- default "codefresh-sa" (index .Values "event-reporters" "workflow" "serviceAccount" "name") }} - {{- else }} - {{- default "default" (index .Values "event-reporters" "workflow" "serviceAccount" "name") }} - {{- end }} -{{- end }} - -{{/* -Common labels for workflow reporter -*/}} -{{- define "event-reporters.workflow-reporter.labels" -}} -helm.sh/chart: {{ include "codefresh-gitops-runtime.chart" . }} -app.kubernetes.io/name: workflow-reporter -app.kubernetes.io/instance: {{ .Release.Name }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: Helm -codefresh.io/internal: "true" -{{- end }} -# ------------------------------------------------------------------------------------------------------------ diff --git a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/clusterrolebinding.yaml b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/clusterrolebinding.yaml new file mode 100644 index 00000000..78d1eb36 --- /dev/null +++ b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/clusterrolebinding.yaml @@ -0,0 +1,22 @@ +{{/* Mapping of argo rollouts clusterrole if such is created (see https://github.com/codefresh-io/argo-helm/blob/argo-rollouts/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml) + to the reporters ServiceAccount +*/}} +{{- if or (index (get .Values "argo-rollouts") "enabled") (and (not (index (get .Values "argo-rollouts") "enabled")) (index .Values.global "external-argo-rollouts" "rollout-reporter" "enabled" )) }} + {{- if or (and (index (get .Values "argo-rollouts") "clusterInstall") (index (get .Values "argo-rollouts") "controller" "createClusterRole")) (and (not (index (get .Values "argo-rollouts") "enabled")) (index .Values.global "external-argo-rollouts" "rollout-reporter" "enabled" ))}} + {{- $eventReporterContext := deepCopy . }} + {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} + {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: codefresh-rollouts-reporter +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "codefresh-gitops-runtime.argo-rollouts.name" . }} +subjects: + - kind: ServiceAccount + name: {{ include "event-reporters.rollout-reporter.serviceAccountName" $eventReporterContext }} + namespace: {{ .Release.Namespace }} + {{- end }} +{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/eventsource.yaml b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/eventsource.yaml new file mode 100644 index 00000000..ea09f3a1 --- /dev/null +++ b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/eventsource.yaml @@ -0,0 +1,6 @@ +{{- if or (index (get .Values "argo-rollouts") "enabled") (and (not (index (get .Values "argo-rollouts") "enabled")) (index .Values.global "external-argo-rollouts" "rollout-reporter" "enabled" )) }} + {{- $eventReporterContext := deepCopy . }} + {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} + {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} + {{- include "event-reporters.rollout-reporter.eventsource" $eventReporterContext }} +{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/rbac.yaml b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/rbac.yaml new file mode 100644 index 00000000..bb2c051f --- /dev/null +++ b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/rbac.yaml @@ -0,0 +1,6 @@ +{{- if or (index (get .Values "argo-rollouts") "enabled") (and (not (index (get .Values "argo-rollouts") "enabled")) (index .Values.global "external-argo-rollouts" "rollout-reporter" "enabled" )) }} + {{- $eventReporterContext := deepCopy . }} + {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} + {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} + {{- include "event-reporters.rollout-reporter.rbac" $eventReporterContext }} +{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/sensor.yaml b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/sensor.yaml new file mode 100644 index 00000000..8a097482 --- /dev/null +++ b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/sensor.yaml @@ -0,0 +1,6 @@ +{{- if or (index (get .Values "argo-rollouts") "enabled") (and (not (index (get .Values "argo-rollouts") "enabled")) (index .Values.global "external-argo-rollouts" "rollout-reporter" "enabled" )) }} + {{- $eventReporterContext := deepCopy . }} + {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} + {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} + {{- include "event-reporters.rollout-reporter.sensor" $eventReporterContext }} +{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/rollout-reporter/serviceaccount.yaml b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/serviceaccount.yaml new file mode 100644 index 00000000..ddf72053 --- /dev/null +++ b/charts/gitops-runtime/templates/event-reporters/rollout-reporter/serviceaccount.yaml @@ -0,0 +1,6 @@ +{{- if or (index (get .Values "argo-rollouts") "enabled") (and (not (index (get .Values "argo-rollouts") "enabled")) (index .Values.global "external-argo-rollouts" "rollout-reporter" "enabled" )) }} + {{- $eventReporterContext := deepCopy . }} + {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} + {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} + {{- include "event-reporters.rollout-reporter.sa" $eventReporterContext }} +{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/workflow-reporter/eventsource.yaml b/charts/gitops-runtime/templates/event-reporters/workflow-reporter/eventsource.yaml new file mode 100644 index 00000000..fb23ffd8 --- /dev/null +++ b/charts/gitops-runtime/templates/event-reporters/workflow-reporter/eventsource.yaml @@ -0,0 +1,7 @@ + +{{- if index (get .Values "argo-workflows") "enabled" }} + {{- $eventReporterContext := deepCopy . }} + {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} + {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} + {{- include "event-reporters.workflow-reporter.eventsource" $eventReporterContext }} +{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/workflow-reporter/rbac.yaml b/charts/gitops-runtime/templates/event-reporters/workflow-reporter/rbac.yaml new file mode 100644 index 00000000..93e17e40 --- /dev/null +++ b/charts/gitops-runtime/templates/event-reporters/workflow-reporter/rbac.yaml @@ -0,0 +1,7 @@ + +{{- if index (get .Values "argo-workflows") "enabled" }} + {{- $eventReporterContext := deepCopy . }} + {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} + {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} + {{- include "event-reporters.workflow-reporter.rbac" $eventReporterContext }} +{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/workflow-reporter/sensor.yaml b/charts/gitops-runtime/templates/event-reporters/workflow-reporter/sensor.yaml new file mode 100644 index 00000000..03105bf9 --- /dev/null +++ b/charts/gitops-runtime/templates/event-reporters/workflow-reporter/sensor.yaml @@ -0,0 +1,7 @@ + +{{- if index (get .Values "argo-workflows") "enabled" }} + {{- $eventReporterContext := deepCopy . }} + {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} + {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} + {{- include "event-reporters.workflow-reporter.sensor" $eventReporterContext }} +{{- end }} diff --git a/charts/gitops-runtime/templates/event-reporters/workflow-reporter/serviceaccount.yaml b/charts/gitops-runtime/templates/event-reporters/workflow-reporter/serviceaccount.yaml new file mode 100644 index 00000000..c78179dc --- /dev/null +++ b/charts/gitops-runtime/templates/event-reporters/workflow-reporter/serviceaccount.yaml @@ -0,0 +1,7 @@ + +{{- if index (get .Values "argo-workflows") "enabled" }} + {{- $eventReporterContext := deepCopy . }} + {{- $_ := set $eventReporterContext "Values" (deepCopy (get .Values "event-reporters")) }} + {{- $_ := set $eventReporterContext.Values "global" (deepCopy (get .Values "global")) }} + {{- include "event-reporters.workflow-reporter.sa" $eventReporterContext }} +{{- end }} diff --git a/charts/gitops-runtime/tests/argo-projects-templates-integration_test.yaml b/charts/gitops-runtime/tests/argo-projects-templates-integration_test.yaml index 5293d692..7b79c4fc 100644 --- a/charts/gitops-runtime/tests/argo-projects-templates-integration_test.yaml +++ b/charts/gitops-runtime/tests/argo-projects-templates-integration_test.yaml @@ -6,6 +6,7 @@ templates: - app-proxy/workflows-crb.yaml - app-proxy/config.yaml - internal-router/config.yaml + - event-reporters/rollout-reporter/clusterrolebinding.yaml tests: # ------------------------------------------------------------------------ # ArgoCD @@ -104,3 +105,18 @@ tests: - equal: path: data.argoWorkflowsUrl value: https://argo-test-server:2746 +# ------------------------------------------------------------------------------------------ +# Argo rollouts +# Affected templates - rollouts reporter clusterrolebinding +# ------------------------------------------------------------------------------------------ +- it: test rollout reporter ClusterRoleBinding to argo rollouts role + template: 'event-reporters/rollout-reporter/clusterrolebinding.yaml' + values: + - ./values/mandatory-values.yaml + set: + argo-rollouts.enabled: true + argo-rollouts.fullnameOverride: rollouts-test + asserts: + - equal: + path: roleRef.name + value: rollouts-test diff --git a/charts/gitops-runtime/tests/custom-ca_test.yaml b/charts/gitops-runtime/tests/custom-ca_test.yaml index 326cb87e..a35462c8 100644 --- a/charts/gitops-runtime/tests/custom-ca_test.yaml +++ b/charts/gitops-runtime/tests/custom-ca_test.yaml @@ -4,6 +4,8 @@ templates: - tls-custom-ca/codefresh-tls-certs.yaml - tls-custom-ca/workflow-pipelines-git-webhooks.yaml - app-proxy/deployment.yaml + - event-reporters/workflow-reporter/sensor.yaml + - event-reporters/rollout-reporter/sensor.yaml - hooks/pre-uninstall/delete-runtime-from-platform.yaml - "gitops-operator.yaml" - charts/gitops-operator/* @@ -211,6 +213,129 @@ tests: name: SSL_CERT_FILE value: /app/config/codefresh-tls-certs/ca-bundle.crt +- it: rollout reporter sensor - check chart created secret with default key + template: event-reporters/rollout-reporter/sensor.yaml + values: + - ./values/mandatory-values.yaml + set: + global.codefresh.tls.caCerts.secret.annotations.test: 'test' + global.codefresh.tls.caCerts.secret.create: true + global.codefresh.tls.caCerts.secret.content: | + -----BEGIN CERTIFICATE----- + ... encoded certificate data here ... + -----END CERTIFICATE----- + asserts: + - equal: + path: spec.triggers[0].template.http.tls + value: + caCertSecret: + name: codefresh-tls-certs + key: ca-bundle.crt + +- it: workflow reporter sensor - check chart created secret with default key + template: event-reporters/workflow-reporter/sensor.yaml + values: + - ./values/mandatory-values.yaml + set: + global.codefresh.tls.caCerts.secret.annotations.test: 'test' + global.codefresh.tls.caCerts.secret.create: true + global.codefresh.tls.caCerts.secret.content: | + -----BEGIN CERTIFICATE----- + ... encoded certificate data here ... + -----END CERTIFICATE----- + asserts: + - equal: + path: spec.triggers[0].template.http.tls + value: + caCertSecret: + name: codefresh-tls-certs + key: ca-bundle.crt + +- it: rollout reporter sensor - secretKeyRef + template: event-reporters/rollout-reporter/sensor.yaml + values: + - ./values/mandatory-values.yaml + set: + global.codefresh.tls.caCerts.secretKeyRef.name: my-secret + global.codefresh.tls.caCerts.secretKeyRef.key: my-key + asserts: + - equal: + path: spec.triggers[0].template.http.tls + value: + caCertSecret: + name: my-secret + key: my-key + +- it: workflow reporter sensor - secretKeyRef + template: event-reporters/workflow-reporter/sensor.yaml + values: + - ./values/mandatory-values.yaml + set: + global.codefresh.tls.caCerts.secretKeyRef.name: my-secret + global.codefresh.tls.caCerts.secretKeyRef.key: my-key + asserts: + - equal: + path: spec.triggers[0].template.http.tls + value: + caCertSecret: + name: my-secret + key: my-key + +- it: rollout reporter sensor - check chart created secret with custom key + template: event-reporters/rollout-reporter/sensor.yaml + values: + - ./values/mandatory-values.yaml + set: + global.codefresh.tls.caCerts.secret.annotations.test: 'test' + global.codefresh.tls.caCerts.secret.create: true + global.codefresh.tls.caCerts.secret.key: my-key + global.codefresh.tls.caCerts.secret.content: | + -----BEGIN CERTIFICATE----- + ... encoded certificate data here ... + -----END CERTIFICATE----- + asserts: + - equal: + path: spec.triggers[0].template.http.tls + value: + caCertSecret: + name: codefresh-tls-certs + key: my-key + +- it: workflow reporter sensor - check chart created secret with custom key + template: event-reporters/workflow-reporter/sensor.yaml + values: + - ./values/mandatory-values.yaml + set: + global.codefresh.tls.caCerts.secret.annotations.test: 'test' + global.codefresh.tls.caCerts.secret.create: true + global.codefresh.tls.caCerts.secret.key: my-key + global.codefresh.tls.caCerts.secret.content: | + -----BEGIN CERTIFICATE----- + ... encoded certificate data here ... + -----END CERTIFICATE----- + asserts: + - equal: + path: spec.triggers[0].template.http.tls + value: + caCertSecret: + name: codefresh-tls-certs + key: my-key + +- it: rollout reporter sensor - no tls + template: event-reporters/rollout-reporter/sensor.yaml + values: + - ./values/mandatory-values.yaml + asserts: + - notExists: + path: spec.triggers[0].template.http.tls + +- it: workflow reporter sensor - no tls + template: event-reporters/workflow-reporter/sensor.yaml + values: + - ./values/mandatory-values.yaml + asserts: + - notExists: + path: spec.triggers[0].template.http.tls # -------------------------------------------------------- # workflowPipelinesGitWebhooks # -------------------------------------------------------- diff --git a/charts/gitops-runtime/tests/event-reporters-sensors_test.yaml b/charts/gitops-runtime/tests/event-reporters-sensors_test.yaml new file mode 100644 index 00000000..340b5879 --- /dev/null +++ b/charts/gitops-runtime/tests/event-reporters-sensors_test.yaml @@ -0,0 +1,247 @@ +suite: Test on event reporters sensors +templates: + - event-reporters/workflow-reporter/sensor.yaml + - event-reporters/rollout-reporter/sensor.yaml +tests: + - it: Setting api/events url works - workflow reporter + template: 'event-reporters/workflow-reporter/sensor.yaml' + values: + - './values/mandatory-values.yaml' + set: + global.codefresh.url: "https://my.platform" + global.codefresh.apiEventsPath: "/api-events" + asserts: + - equal: + path: spec.triggers[0].template.http.url + value: https://my.platform/api-events + + - it: Setting api/events url works - rollout reporter + template: 'event-reporters/rollout-reporter/sensor.yaml' + values: + - './values/mandatory-values.yaml' + set: + global.codefresh.url: "https://my.platform" + global.codefresh.apiEventsPath: "/api-events" + asserts: + - equal: + path: spec.triggers[0].template.http.url + value: https://my.platform/api-events + - equal: + path: spec.triggers[1].template.http.url + value: https://my.platform/api-events + - equal: + path: spec.triggers[2].template.http.url + value: https://my.platform/api-events + + - it: Setting various container specs - workflow reporter + template: 'event-reporters/workflow-reporter/sensor.yaml' + values: + - './values/mandatory-values.yaml' + set: + event-reporters.workflow.sensor: + replicas: 2 + resources: + requests: + memory: 1Gi + env: + DEBUG_LOG: "true" + tolerations: + - key: "example-key" + operator: "Exists" + effect: "NoSchedule" + nodeSelector: + region: east + type: user-node + affinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: topology.kubernetes.io/zone + operator: In + values: + - antarctica-east1 + - antarctica-west1 + asserts: + - equal: + path: spec.replicas + value: 2 + - equal: + path: spec.template.container.env + value: + - name: DEBUG_LOG + value: "true" + - equal: + path: spec.template.container.resources + value: + requests: + memory: 1Gi + - equal: + path: spec.template.tolerations + value: + - key: "example-key" + operator: "Exists" + effect: "NoSchedule" + - equal: + path: spec.template.nodeSelector + value: + region: east + type: user-node + + - it: Setting various container specs - rollout reporter + template: 'event-reporters/rollout-reporter/sensor.yaml' + values: + - './values/mandatory-values.yaml' + set: + event-reporters.rollout.sensor: + replicas: 2 + resources: + requests: + memory: 1Gi + env: + DEBUG_LOG: "true" + tolerations: + - key: "example-key" + operator: "Exists" + effect: "NoSchedule" + nodeSelector: + region: east + type: user-node + affinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: topology.kubernetes.io/zone + operator: In + values: + - antarctica-east1 + - antarctica-west1 + asserts: + - equal: + path: spec.replicas + value: 2 + - equal: + path: spec.template.container.env + value: + - name: DEBUG_LOG + value: "true" + - equal: + path: spec.template.container.resources + value: + requests: + memory: 1Gi + - equal: + path: spec.template.tolerations + value: + - key: "example-key" + operator: "Exists" + effect: "NoSchedule" + - equal: + path: spec.template.nodeSelector + value: + region: east + type: user-node + + - it: Logging without interval works - workflow reporter + template: 'event-reporters/workflow-reporter/sensor.yaml' + values: + - './values/mandatory-values.yaml' + set: + event-reporters.workflow.sensor: + logging: + enabled: true + asserts: + - contains: + path: spec.triggers + content: + template: + log: {} + name: log-trigger + + - it: Logging without interval works - rollout reporter + template: 'event-reporters/rollout-reporter/sensor.yaml' + values: + - './values/mandatory-values.yaml' + set: + event-reporters.rollout.sensor: + logging: + enabled: true + asserts: + - contains: + path: spec.triggers + content: + template: + log: {} + name: log-trigger + + - it: Logging with interval works - workflow reporter + template: 'event-reporters/workflow-reporter/sensor.yaml' + values: + - './values/mandatory-values.yaml' + set: + event-reporters.workflow.sensor: + logging: + intervalSeconds: 60 + enabled: true + asserts: + - contains: + path: spec.triggers + content: + template: + log: + intervalSeconds: 60 + name: log-trigger + + - it: HTTP trigger contains retries if set - workflow reporter + template: 'event-reporters/workflow-reporter/sensor.yaml' + values: + - './values/mandatory-values.yaml' + set: + event-reporters.workflow.sensor: + retryStrategy: + steps: 3 + duration: 1 + factor: 1.2 + jitter: 3 + asserts: + - equal: + path: spec.triggers[0].retryStrategy + value: + steps: 3 + duration: 1 + factor: 1.2 + jitter: 3 + + - it: HTTP trigger contains retries if set - rollout reporter + template: 'event-reporters/rollout-reporter/sensor.yaml' + values: + - './values/mandatory-values.yaml' + set: + event-reporters.rollout.sensor: + retryStrategy: + steps: 3 + duration: 1 + factor: 1.2 + jitter: 3 + asserts: + - equal: + path: spec.triggers[0].retryStrategy + value: + steps: 3 + duration: 1 + factor: 1.2 + jitter: 3 + - equal: + path: spec.triggers[1].retryStrategy + value: + steps: 3 + duration: 1 + factor: 1.2 + jitter: 3 + - equal: + path: spec.triggers[2].retryStrategy + value: + steps: 3 + duration: 1 + factor: 1.2 + jitter: 3 + diff --git a/charts/gitops-runtime/tests/external_argo_rollouts_test.yaml b/charts/gitops-runtime/tests/external_argo_rollouts_test.yaml new file mode 100644 index 00000000..9ac49ae0 --- /dev/null +++ b/charts/gitops-runtime/tests/external_argo_rollouts_test.yaml @@ -0,0 +1,88 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: Test External Argo Rolouts with GitOps Runtime +templates: + - event-reporters/rollout-reporter/* +tests: + - it: Should not deploy rollout-reporter if argo-rollouts disabled + set: + argo-rollouts: + enabled: false + asserts: + - containsDocument: + apiVersion: v1 + kind: ServiceAccount + name: rollout-reporter + template: event-reporters/rollout-reporter/serviceaccount.yaml + not: true + - containsDocument: + apiVersion: argoproj.io/v1alpha1 + kind: Sensor + name: rollout-reporter + template: event-reporters/rollout-reporter/sensor.yaml + not: true + - containsDocument: + apiVersion: argoproj.io/v1alpha1 + kind: EventSource + name: rollout-reporter + template: event-reporters/rollout-reporter/eventsource.yaml + not: true + - containsDocument: + apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + name: rollout-reporter-sa + template: event-reporters/rollout-reporter/rbac.yaml + not: true + - containsDocument: + apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + name: rollout-reporter-sa + template: event-reporters/rollout-reporter/rbac.yaml + not: true + - containsDocument: + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + name: codefresh-rollouts-reporter + template: event-reporters/rollout-reporter/clusterrolebinding.yaml + not: true + + - it: Should deploy rollout-reporter if argo-rollouts disabled AND .global.external-argo-rollouts.rollout-reporter.enabled is true + set: + argo-rollouts: + enabled: false + global: + external-argo-rollouts: + rollout-reporter: + enabled: true + asserts: + - containsDocument: + apiVersion: v1 + kind: ServiceAccount + name: rollout-reporter + template: event-reporters/rollout-reporter/serviceaccount.yaml + - containsDocument: + apiVersion: argoproj.io/v1alpha1 + kind: Sensor + name: rollout-reporter + template: event-reporters/rollout-reporter/sensor.yaml + - containsDocument: + apiVersion: argoproj.io/v1alpha1 + kind: EventSource + name: rollout-reporter + template: event-reporters/rollout-reporter/eventsource.yaml + - containsDocument: + apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + name: rollout-reporter-sa + template: event-reporters/rollout-reporter/rbac.yaml + documentIndex: 0 + - containsDocument: + apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + name: rollout-reporter-sa + template: event-reporters/rollout-reporter/rbac.yaml + documentIndex: 1 + - containsDocument: + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + name: codefresh-rollouts-reporter + template: event-reporters/rollout-reporter/clusterrolebinding.yaml diff --git a/charts/gitops-runtime/tests/global_constraints_test.yaml b/charts/gitops-runtime/tests/global_constraints_test.yaml index 9dcee1e2..dccede4a 100644 --- a/charts/gitops-runtime/tests/global_constraints_test.yaml +++ b/charts/gitops-runtime/tests/global_constraints_test.yaml @@ -9,6 +9,10 @@ templates: - charts/gitops-operator/* - charts/codefresh-tunnel-client/* - internal-router/deployment.yaml + - event-reporters/rollout-reporter/eventsource.yaml + - event-reporters/rollout-reporter/sensor.yaml + - event-reporters/workflow-reporter/eventsource.yaml + - event-reporters/workflow-reporter/sensor.yaml - eventbus/codefresh-eventbus.yaml - hooks/pre-install/validate-values.yaml - hooks/pre-install/validate-usage.yaml @@ -120,6 +124,206 @@ tests: value: another-value effect: NoSchedule + - it: rollout-reporter eventsource should have nodeSelector from .Values.global + values: + - ./values/global-constraints-values.yaml + template: event-reporters/rollout-reporter/eventsource.yaml + asserts: + - equal: + path: spec.template.nodeSelector + value: + some-key: some-value + extra-key: extra-value + + - it: rollout-reporter eventsource should have nodeSelector from .Values.event-reporters and NOT from .Values.global + values: + - ./values/global-constraints-values.yaml + - ./values/subcharts-constraints-values.yaml + template: event-reporters/rollout-reporter/eventsource.yaml + asserts: + - equal: + path: spec.template.nodeSelector + value: + some-key: another-value + foo: bar + + - it: rollout-reporter eventsource should have tolerations from .Values.global + values: + - ./values/global-constraints-values.yaml + template: event-reporters/rollout-reporter/eventsource.yaml + asserts: + - equal: + path: spec.template.tolerations + value: + - key: some-key + operator: Equal + value: some-value + effect: NoSchedule + + - it: rollout-reporter eventsource should have tolerations from .Values.event-reporters and NOT from .Values.global + values: + - ./values/global-constraints-values.yaml + - ./values/subcharts-constraints-values.yaml + template: event-reporters/rollout-reporter/eventsource.yaml + asserts: + - equal: + path: spec.template.tolerations + value: + - key: another-key + operator: Equal + value: another-value + effect: NoSchedule + + - it: rollout-reporter sensor should have nodeSelector from .Values.global + values: + - ./values/global-constraints-values.yaml + template: event-reporters/rollout-reporter/sensor.yaml + asserts: + - equal: + path: spec.template.nodeSelector + value: + some-key: some-value + extra-key: extra-value + + - it: rollout-reporter sensor should have nodeSelector from .Values.event-reporters and NOT from .Values.global + values: + - ./values/global-constraints-values.yaml + - ./values/subcharts-constraints-values.yaml + template: event-reporters/rollout-reporter/sensor.yaml + asserts: + - equal: + path: spec.template.nodeSelector + value: + some-key: another-value + foo: bar + + - it: rollout-reporter sensor should have tolerations from .Values.global + values: + - ./values/global-constraints-values.yaml + template: event-reporters/rollout-reporter/sensor.yaml + asserts: + - equal: + path: spec.template.tolerations + value: + - key: some-key + operator: Equal + value: some-value + effect: NoSchedule + + - it: rollout-reporter sensor should have tolerations from .Values.event-reporters and NOT from .Values.global + values: + - ./values/global-constraints-values.yaml + - ./values/subcharts-constraints-values.yaml + template: event-reporters/rollout-reporter/sensor.yaml + asserts: + - equal: + path: spec.template.tolerations + value: + - key: another-key + operator: Equal + value: another-value + effect: NoSchedule + + - it: workflow-reporter eventsource should have nodeSelector from .Values.global + values: + - ./values/global-constraints-values.yaml + template: event-reporters/workflow-reporter/eventsource.yaml + asserts: + - equal: + path: spec.template.nodeSelector + value: + some-key: some-value + extra-key: extra-value + + - it: workflow-reporter eventsource should have nodeSelector from .Values.event-reporters and NOT from .Values.global + values: + - ./values/global-constraints-values.yaml + - ./values/subcharts-constraints-values.yaml + template: event-reporters/workflow-reporter/eventsource.yaml + asserts: + - equal: + path: spec.template.nodeSelector + value: + some-key: another-value + foo: bar + + - it: workflow-reporter eventsource should have tolerations from .Values.global + values: + - ./values/global-constraints-values.yaml + template: event-reporters/workflow-reporter/eventsource.yaml + asserts: + - equal: + path: spec.template.tolerations + value: + - key: some-key + operator: Equal + value: some-value + effect: NoSchedule + + - it: workflow-reporter eventsource should have tolerations from .Values.event-reporters and NOT from .Values.global + values: + - ./values/global-constraints-values.yaml + - ./values/subcharts-constraints-values.yaml + template: event-reporters/workflow-reporter/eventsource.yaml + asserts: + - equal: + path: spec.template.tolerations + value: + - key: another-key + operator: Equal + value: another-value + effect: NoSchedule + + - it: workflow-reporter sensor should have nodeSelector from .Values.global + values: + - ./values/global-constraints-values.yaml + template: event-reporters/workflow-reporter/sensor.yaml + asserts: + - equal: + path: spec.template.nodeSelector + value: + some-key: some-value + extra-key: extra-value + + - it: workflow-reporter sensor should have nodeSelector from .Values.event-reporters and NOT from .Values.global + values: + - ./values/global-constraints-values.yaml + - ./values/subcharts-constraints-values.yaml + template: event-reporters/workflow-reporter/sensor.yaml + asserts: + - equal: + path: spec.template.nodeSelector + value: + some-key: another-value + foo: bar + + - it: workflow-reporter sensor should have tolerations from .Values.global + values: + - ./values/global-constraints-values.yaml + template: event-reporters/workflow-reporter/sensor.yaml + asserts: + - equal: + path: spec.template.tolerations + value: + - key: some-key + operator: Equal + value: some-value + effect: NoSchedule + + - it: workflow-reporter sensor should have tolerations from .Values.event-reporters and NOT from .Values.global + values: + - ./values/global-constraints-values.yaml + - ./values/subcharts-constraints-values.yaml + template: event-reporters/workflow-reporter/sensor.yaml + asserts: + - equal: + path: spec.template.tolerations + value: + - key: another-key + operator: Equal + value: another-value + effect: NoSchedule + - it: codefresh-eventbus should have nodeSelector from .Values.global values: - ./values/global-constraints-values.yaml diff --git a/charts/gitops-runtime/tests/rollouts-enabled-disabled_test.yaml b/charts/gitops-runtime/tests/rollouts-enabled-disabled_test.yaml new file mode 100644 index 00000000..795ed3d0 --- /dev/null +++ b/charts/gitops-runtime/tests/rollouts-enabled-disabled_test.yaml @@ -0,0 +1,26 @@ +suite: Enabling/disabling argo-rollouts should accordingly enable/disable the event reporter +templates: + - event-reporters/rollout-reporter/eventsource.yaml + - event-reporters/rollout-reporter/sensor.yaml +tests: + +- it: event reporter not generated when rollouts disabled + template: 'event-reporters/rollout-reporter/eventsource.yaml' + values: + - ./values/mandatory-values.yaml + set: + argo-rollouts.enabled: false + asserts: + - hasDocuments: + count: 0 + +- it: event reporter generated when rollouts enabled + template: 'event-reporters/rollout-reporter/eventsource.yaml' + values: + - ./values/mandatory-values.yaml + set: + argo-rollouts.enabled: true + asserts: + - containsDocument: + apiVersion: argoproj.io/v1alpha1 + kind: EventSource \ No newline at end of file diff --git a/charts/gitops-runtime/tests/values/subcharts-constraints-values.yaml b/charts/gitops-runtime/tests/values/subcharts-constraints-values.yaml index 49e74444..ede59046 100644 --- a/charts/gitops-runtime/tests/values/subcharts-constraints-values.yaml +++ b/charts/gitops-runtime/tests/values/subcharts-constraints-values.yaml @@ -25,6 +25,22 @@ internal-router: nodeSelector: *nodeSelector tolerations: *tolerations +event-reporters: + rollout: + eventSource: + nodeSelector: *nodeSelector + tolerations: *tolerations + sensor: + nodeSelector: *nodeSelector + tolerations: *tolerations + workflow: + eventSource: + nodeSelector: *nodeSelector + tolerations: *tolerations + sensor: + nodeSelector: *nodeSelector + tolerations: *tolerations + installer: nodeSelector: *nodeSelector tolerations: *tolerations diff --git a/charts/gitops-runtime/tests/workflows-enabled-disabled_test.yaml b/charts/gitops-runtime/tests/workflows-enabled-disabled_test.yaml index c9401fc5..ab013f07 100644 --- a/charts/gitops-runtime/tests/workflows-enabled-disabled_test.yaml +++ b/charts/gitops-runtime/tests/workflows-enabled-disabled_test.yaml @@ -1,9 +1,43 @@ suite: Enabling/disabling argo-workflows should accordingly enable/disable the event reporter and set/unset the routing in internal router templates: + - event-reporters/workflow-reporter/eventsource.yaml + - event-reporters/workflow-reporter/sensor.yaml - internal-router/config.yaml - app-proxy/config.yaml tests: +- it: event reporter eventsource not generated when workflows disabled + template: 'event-reporters/workflow-reporter/eventsource.yaml' + values: + - ./values/mandatory-values.yaml + set: + argo-workflows.enabled: false + asserts: + - hasDocuments: + count: 0 + +- it: event reporter eventsource generated when workflows enabled + template: 'event-reporters/workflow-reporter/eventsource.yaml' + values: + - ./values/mandatory-values.yaml + set: + argo-workflows.enabled: true + asserts: + - containsDocument: + apiVersion: argoproj.io/v1alpha1 + kind: EventSource + +- it: event reporter eventsource generated when workflows enabled + template: 'event-reporters/workflow-reporter/sensor.yaml' + values: + - ./values/mandatory-values.yaml + set: + argo-workflows.enabled: true + asserts: + - containsDocument: + apiVersion: argoproj.io/v1alpha1 + kind: Sensor + - it: internal router config doesn't have workflows route when workflows disabled template: 'internal-router/config.yaml' values: diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index 4046e0d6..7a8d976e 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -330,6 +330,74 @@ argo-rollouts: controller: replicas: 1 installCRDs: true + +#----------------------------------------------------------------------------------------------------------------------- +# Event reporters +#----------------------------------------------------------------------------------------------------------------------- +event-reporters: + rollout: + serviceAccount: + create: true + eventSource: + replicas: 1 + resources: {} + tolerations: [] + nodeSelector: {} + affinity: {} + sensor: + # -- Set to true to enable logging. Set intervalSeconds to add logging interval to moderate log flow. + logging: + enabled: false + intervalSeconds: 0 + # -- Retry strategy for events sent to Codefresh + retryStrategy: + # -- Number of retries + steps: 3 + # -- The initial duration, use strings like "2s", "1m" + duration: 0 + # -- Duration is multiplied by factor each retry, if factor is not zero and steps limit has not been reached. Should not be negative + factor: 1.0 + # -- The sleep between each retry is the duration plus an additional amount chosen uniformly at random from the interval between zero and `jitter * duration`. + jitter: 1 + replicas: 1 + resources: {} + # -- Environment variables for sensor pods - add DEBUG_LOG: "true" to add debug level logs + env: {} + tolerations: [] + nodeSelector: {} + affinity: {} + workflow: + serviceAccount: + create: true + eventSource: + replicas: 1 + resources: {} + tolerations: [] + nodeSelector: {} + affinity: {} + sensor: + # -- Set to true to enable logging. Set intervalSeconds to add logging interval to moderate log flow. + logging: + enabled: false + intervalSeconds: 0 + # -- Retry strategy for events sent to Codefresh + retryStrategy: + # -- Number of retries + steps: 3 + # -- The initial duration, use strings like "2s", "1m" + duration: 0 + # -- Duration is multiplied by factor each retry, if factor is not zero and steps limit has not been reached. Should not be negative + factor: 1.0 + # -- The sleep between each retry is the duration plus an additional amount chosen uniformly at random from the interval between zero and `jitter * duration`. + jitter: 1 + replicas: 1 + resources: {} + # -- Environment variables for sensor pods - add DEBUG_LOG: "true" to add debug level logs + env: {} + tolerations: [] + nodeSelector: {} + affinity: {} + #----------------------------------------------------------------------------------------------------------------------- # Internal router #----------------------------------------------------------------------------------------------------------------------- @@ -660,18 +728,6 @@ gitops-operator: cpu: 100m memory: 128Mi -#----------------------------------------------------------------------------------------------------------------------- -# event-reporters (backward compatibility) -#----------------------------------------------------------------------------------------------------------------------- -# -- Event reporters configuration for backward compatibility -event-reporters: - workflow: - serviceAccount: - # -- Create service account for workflow reporter - create: true - # -- Service account name (defaults to codefresh-sa if not specified) - name: "" - #----------------------------------------------------------------------------------------------------------------------- # cf-argocd-extras #----------------------------------------------------------------------------------------------------------------------- From c6c052bd5536c4b3de3859a46d9acb95d35dee38 Mon Sep 17 00:00:00 2001 From: Daniel Maizel Date: Mon, 9 Jun 2025 15:23:16 +0300 Subject: [PATCH 2/2] bump cf-argocd-extras chart version to 0.5.5 --- charts/gitops-runtime/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 63c92ce4..be567038 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -44,4 +44,4 @@ dependencies: condition: gitops-operator.enabled - name: cf-argocd-extras repository: oci://quay.io/codefresh/charts - version: 0.5.4 + version: 0.5.5