Merge pull request #29 from defenseunicorns/23-remove-hardcoded-archi…

…tecture-in-zarf-packages fix: remove hardcoded architecture in zarf packages
defenseunicorns · Feb 14, 2024 · 2c4e869 · 2c4e869
2 parents 57a625b + bc64fd9
commit 2c4e869
Show file tree

Hide file tree

Showing 13 changed files with 209 additions and 63 deletions.
diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml
@@ -22,7 +22,9 @@ jobs:
         uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
 
       - name: Install commitlint
-        run: npm install --save-dev @commitlint/{config-conventional,cli}
+        run: |
+          npm install --save-dev @commitlint/config-conventional@18.6.0
+          npm install --save-dev @commitlint/cli@18.6.0
 
       - name: Lint PR title
         run: echo "${{ github.event.pull_request.title }}" | npx commitlint
diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml
@@ -20,6 +20,9 @@ jobs:
         run: echo "release_created=${{ steps.tag.outputs.release_created || false }}" >> $GITHUB_OUTPUT
 
   publish-package:
+    strategy:
+      matrix:
+        flavor: [upstream, registry1]
     needs: tag-new-version
     if: ${{ needs.tag-new-version.outputs.release_created == 'true' }}
     runs-on: ubuntu-latest
@@ -46,4 +49,10 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Publish Package
-        run: uds run -f tasks/publish.yaml package
+        run: uds run -f tasks/publish.yaml package  --set FLAVOR=${{ matrix.flavor }}
+
+      - name: Save logs
+        if: always()
+        uses: ./.github/actions/save-logs
+        with:
+          suffix: -${{ matrix.flavor }}
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -0,0 +1,47 @@
+{
+    "debug.javascript.terminalOptions": {
+      "enableTurboSourcemaps": true,
+      "resolveSourceMapLocations": [
+        "${workspaceFolder}/**",
+        "node_modules/kubernetes-fluent-client/**",
+        "node_modules/pepr/**"
+      ]
+    },
+    "yaml.schemas": {
+      // renovate: datasource=github-tags depName=defenseunicorns/uds-cli versioning=semver
+      "https://raw.githubusercontent.com/defenseunicorns/uds-cli/v0.8.1/uds.schema.json": [
+        "uds-bundle.yaml"
+      ],
+
+      // renovate: datasource=github-tags depName=defenseunicorns/uds-cli versioning=semver
+      "https://raw.githubusercontent.com/defenseunicorns/uds-cli/v0.8.1/tasks.schema.json": [
+        "tasks.yaml",
+        "tasks/**/*.yaml",
+        "src/**/validate.yaml"
+      ],
+      // renovate: datasource=github-tags depName=defenseunicorns/zarf versioning=semver
+      "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.32.2/zarf.schema.json": [
+        "zarf.yaml"
+      ]
+    },
+    "cSpell.words": [
+      "alertmanager",
+      "Authservice",
+      "automount",
+      "controlplane",
+      "crds",
+      "distros",
+      "ironbank",
+      "Kiali",
+      "Kyverno",
+      "MITM",
+      "neuvector",
+      "opensource",
+      "promtail",
+      "Quickstart",
+      "Gitlab",
+      "seccomp",
+      "Sysctls",
+      "Velero"
+    ]
+  }
diff --git a/bundle/uds-bundle.yaml b/bundle/uds-bundle.yaml
@@ -28,3 +28,32 @@ packages:
     # x-release-please-start-version
     ref: 16.8.1-uds.2
     # x-release-please-end
+    overrides:
+      gitlab:
+        gitlab:
+          variables:
+            - name: MIGRATIONS_RESOURCES
+              description: "Gitlab Migrations Resources"
+              path: "gitlab.migrations.resources"
+            - name: WEBSERVICE_REPLICAS
+              description: "Gitlab Webservice Min Replicas"
+              path: "gitlab.webservice.minReplicas"
+            - name: WEBSERVICE_RESOURCES
+              description: "Gitlab Webservice Resources"
+              path: "gitlab.webservice.resources"
+            - name: WORKHORSE_RESOURCES
+              description: "Gitlab Workhorse Resources"
+              path: "gitlab.workhorse.resources"
+            - name: SIDEKIQ_REPLICAS
+              description: "Gitlab Sidekiq Min Replicas"
+              path: "gitlab.sidekiq.minReplicas"
+            - name: SIDEKIQ_RESOURCES
+              description: "Gitlab Sidekiq Resources"
+              path: "gitlab.sidekiq.resources"
+            - name: REGISTRY_REPLICAS
+              description: "Gitlab Registry Min Replicas"
+              path: "registry.hpa.minReplicas"
+            - name: SHELL_REPLICAS
+              description: "Gitlab Shell Min Replicas"
+              path: "gitlab.gitlab-shell.minReplicas"
+
diff --git a/bundle/uds-config.yaml b/bundle/uds-config.yaml
@@ -20,3 +20,30 @@ variables:
     gitlab_redis_endpoint: "redis-master.dev-redis.svc.cluster.local"
     gitlab_db_endpoint: "postgresql.dev-postgres.svc.cluster.local"
     DISABLE_REGISTRY_REDIRECT: "true"
+    # # Overrides for scaled down cluster for local dev and CI
+    webservice_replicas: 1
+    webservice_resources:
+      limits:
+        memory: 2.5G
+      requests:
+        cpu: 300m
+        memory: 2.5G    
+    migrations_resources:
+      limits:
+        cpu: 500m
+        memory: 4G
+    workhorse_resources:
+        limits:
+          memory: 100M
+        requests:
+          cpu: 10m
+          memory: 10M
+    sidekiq_replicas: 1
+    sidekiq_resources:
+        limits:
+          memory: 1.5G
+        requests:
+          cpu: 50m
+          memory: 625M
+    registry_replicas: 1
+    shell_replicas: 1
diff --git a/common/zarf.yaml b/common/zarf.yaml
@@ -7,7 +7,6 @@ metadata:
 components:
   - name: gitlab
     required: true
-    description: "Deploy gitlab"
     charts:
     - name: uds-gitlab-config
       namespace: gitlab
@@ -19,4 +18,4 @@ components:
       gitPath: chart
       version: "7.8.1-bb.0"
       valuesFiles:
-        - ../values/gitlab-values.yaml
+        - ../values/common-values.yaml
diff --git a/docs/DEVELOPMENT_MAINTENANCE.md b/docs/DEVELOPMENT_MAINTENANCE.md
@@ -11,20 +11,15 @@ To upgrade
 1) Update any base values if necessary.
 1) Update the `gitlab` component in the [zarf.yaml](../zarf.yaml) file to pull in the correct images needed for the updated version of the chart.
 
-## How to test this capability
-
-1) With docker running and while connected to an aws account.
-2) Set these env variables.
-```bash
-export REPO_URL=https://github.com/defenseunicorns/uds-capability-gitlab.git
-export GIT_BRANCH=<REPLACE_ME>
-export REGISTRY1_USERNAME=<REPLACE_ME>
-export REGISTRY1_PASSWORD=<REPLACE_ME>
-export GHCR_USERNAME=<REPLACE_ME>
-export GHCR_PASSWORD=<REPLACE_ME>
-export AWS_AVAILABILITY_ZONE=a
-```
-
- 3) At the root of this repository, you can run `make test`. This will provision an ec2 instance, build and deploy all dependencies and packages, and run an e2e test to insure the capability is deploying successfully, available and ready.
-
-You can also follow the bread crumbs of the Makefile to manually create the cluster as well as build and deploy all the necessary packages.
+## How to test this package locally
+
+Prerequisites:
+- Docker
+- latest version of UDS CLI
+- K3d
+
+Note: If developing on an Apple Silicon Mac, colima is an excellent option. If using colima, the following command will provision a VM that should be adequate to deploy this package:  
+
+`colima start --cpu 8 --memory 25 --disk 50 --vm-type vz  --vz-rosetta --profile uds --arch aarch64`
+
+ 1) From the root of the repository run `uds run`. To test a specific package flavor, specify that via the --set flag. For example: `uds run --set FLAVOR=upstream`
diff --git a/renovate.json b/renovate.json
@@ -84,12 +84,11 @@
       "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?<version>.*)${{/if}}"
     },
     {
-      "fileMatch": ["^Makefile$"],
+      "fileMatch": ["^\\.github/workflows/commitlint\\.yaml$"],
       "matchStrings": [
-        "renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?( extractVersion=(?<extractVersion>.*?))?( registryUrl=(?<registryUrl>.*?))?\\s.*?=\\s*['\"]?(?<currentValue>.*?)['\"]?\\s"
+        "npm install --save-dev (?<depName>@?.*?)@(?<currentValue>.+)"
       ],
-      "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}",
-      "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?<version>.*)${{/if}}"
+      "datasourceTemplate": "npm"
     }
   ],
   "packageRules": [

diff --git a/src/dev-secrets/zarf.yaml b/src/dev-secrets/zarf.yaml
@@ -3,7 +3,7 @@ kind: ZarfPackageConfig
 metadata:
   name: dev-secrets
   version: "0.1.0"
-  architecture: amd64
+
 
 components:
   - name: minio-password

diff --git a/values/gitlab-values.yaml → values/common-values.yaml b/values/gitlab-values.yaml → values/common-values.yaml
diff --git a/values/registry1-values.yaml b/values/registry1-values.yaml
@@ -0,0 +1,69 @@
+gitlab:
+  webservice:
+    image:
+      repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice
+      tag: 16.8.1
+    workhorse:
+      image: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse
+      tag: 16.8.1
+  sidekiq:
+    image:
+      repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq
+      tag: 16.8.1
+  migrations:
+    image:
+      repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox
+      tag: 16.8.1
+  gitaly:
+    image:
+      repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitaly
+      tag: 16.8.1
+  gitlab-exporter:
+    image:
+      repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter
+      tag: 16.8.1
+  gitlab-pages:
+    image:
+      repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages
+      tag: 16.8.1
+  gitlab-shell:
+    image:
+      repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell
+      tag: 16.8.1
+  praefect:
+    image:
+      repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitaly
+      tag: 16.8.1
+  toolbox:
+    image:
+      repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox
+      tag: 16.8.1
+
+global:
+  certificates:
+    image:
+      repository: registry1.dso.mil/ironbank/gitlab/gitlab/certificates
+      tag: 16.8.1
+  gitlabBase:
+    image:
+      repository: registry1.dso.mil/ironbank/redhat/ubi/ubi9
+      tag: "9.3"
+  kubectl:
+    image:
+      repository: registry1.dso.mil/ironbank/gitlab/gitlab/kubectl
+      tag: 16.8.1
+
+registry:
+  image:
+    repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry
+    tag: 16.8.1
+
+shared-secrets:
+  selfsign:
+    image:
+      repository: registry1.dso.mil/ironbank/gitlab/gitlab/cfssl-self-sign
+
+upgradeCheck:
+  image:
+    repository: registry1.dso.mil/ironbank/redhat/ubi/ubi9
+    tag: "9.3"
diff --git a/values/upstream.yaml → values/upstream-values.yaml b/values/upstream.yaml → values/upstream-values.yaml
@@ -53,30 +53,6 @@ global:
       repository: registry.gitlab.com/gitlab-org/build/cng/kubectl
       tag: v16.8.1
 
-minio:
-  image: docker.io/minio/minio
-  imageTag: RELEASE.2022-12-12T19-27-27Z
-  minioMc:
-    image: docker.io/minio/mc
-    tag: RELEASE.2022-12-24T15-21-38Z
-
-postgresql:
-  image:
-    registry: docker.io
-    repository: bitnami/postgresql
-    tag: "14.8.0"
-
-redis:
-  image:
-    registry: docker.io
-    repository: bitnami/redis
-    tag: 7.0.0-debian-10-r3
-  metrics:
-    image:
-      registry: docker.io
-      repository: bitnami/redis-exporter
-      tag: "1.55.0"
-
 registry:
   image:
     repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-container-registry

diff --git a/zarf.yaml b/zarf.yaml
@@ -6,7 +6,7 @@ metadata:
   # x-release-please-start-version
   version: "16.8.1-uds.2"
   # x-release-please-end
-  architecture: amd64
+
 
 variables:
   - name: DOMAIN
@@ -34,16 +34,18 @@ variables:
 components:
   - name: gitlab
     required: true
-    description: "Deploy gitlab"
+    description: "Deploy gitlab with registry1 images"
     import:
       path: common
     only:
       flavor: registry1
+      cluster:
+        architecture: amd64
     charts:
     - name: gitlab
+      valuesFiles:
+        - values/registry1-values.yaml
     images:
-      - "registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter:v1.56.0"
-      - "registry1.dso.mil/ironbank/bitnami/redis:7.0.0-debian-10-r3"
       - "registry1.dso.mil/ironbank/gitlab/gitlab/certificates:16.8.1"
       - "registry1.dso.mil/ironbank/gitlab/gitlab/cfssl-self-sign:1.6.1"
       - "registry1.dso.mil/ironbank/gitlab/gitlab/gitaly:16.8.1"
@@ -55,9 +57,6 @@ components:
       - "registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice:16.8.1"
       - "registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse:16.8.1"
       - "registry1.dso.mil/ironbank/gitlab/gitlab/kubectl:16.8.1"
-      - "registry1.dso.mil/ironbank/opensource/minio/mc:RELEASE.2022-12-24T15-21-38Z"
-      - "registry1.dso.mil/ironbank/opensource/minio/minio:RELEASE.2022-12-12T19-27-27Z"
-      - "registry1.dso.mil/ironbank/opensource/postgres/postgresql:14.9"
       - "registry1.dso.mil/ironbank/redhat/ubi/ubi9:9.3"
       - "registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter:16.8.1"
 
@@ -72,10 +71,8 @@ components:
     charts:
     - name: gitlab
       valuesFiles:
-        - values/upstream.yaml
+        - values/upstream-values.yaml
     images:
-      - "docker.io/bitnami/redis-exporter:1.55.0"
-      - "docker.io/bitnami/redis:7.0.0-debian-10-r3"
       - "registry.gitlab.com/gitlab-org/build/cng/certificates:v16.8.1"
       - "registry.gitlab.com/gitlab-org/build/cng/cfssl-self-sign:1.6.1"
       - "registry.gitlab.com/gitlab-org/build/cng/gitaly:v16.8.1"
@@ -87,8 +84,5 @@ components:
       - "registry.gitlab.com/gitlab-org/build/cng/gitlab-webservice-ee:v16.8.1"
       - "registry.gitlab.com/gitlab-org/build/cng/gitlab-workhorse-ee:v16.8.1"
       - "registry.gitlab.com/gitlab-org/build/cng/kubectl:v16.8.1"
-      - "docker.io/minio/mc:RELEASE.2022-12-24T15-21-38Z"
-      - "docker.io/minio/minio:RELEASE.2022-12-12T19-27-27Z"
-      - "docker.io/bitnami/postgresql:14.8.0"
       - "docker.io/redhat/ubi8:8.8"
       - "registry.gitlab.com/gitlab-org/build/cng/gitlab-exporter:v16.8.1"