diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml index 24495034..762f2277 100644 --- a/.github/workflows/commitlint.yaml +++ b/.github/workflows/commitlint.yaml @@ -22,7 +22,9 @@ jobs: uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0 - name: Install commitlint - run: npm install --save-dev @commitlint/{config-conventional,cli} + run: | + npm install --save-dev @commitlint/config-conventional@18.6.0 + npm install --save-dev @commitlint/cli@18.6.0 - name: Lint PR title run: echo "${{ github.event.pull_request.title }}" | npx commitlint diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml index 27deaf92..6e953264 100644 --- a/.github/workflows/tag-and-release.yaml +++ b/.github/workflows/tag-and-release.yaml @@ -20,6 +20,9 @@ jobs: run: echo "release_created=${{ steps.tag.outputs.release_created || false }}" >> $GITHUB_OUTPUT publish-package: + strategy: + matrix: + flavor: [upstream, registry1] needs: tag-new-version if: ${{ needs.tag-new-version.outputs.release_created == 'true' }} runs-on: ubuntu-latest @@ -46,4 +49,10 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Publish Package - run: uds run -f tasks/publish.yaml package + run: uds run -f tasks/publish.yaml package --set FLAVOR=${{ matrix.flavor }} + + - name: Save logs + if: always() + uses: ./.github/actions/save-logs + with: + suffix: -${{ matrix.flavor }} \ No newline at end of file diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 00000000..a6bd88ad --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,47 @@ +{ + "debug.javascript.terminalOptions": { + "enableTurboSourcemaps": true, + "resolveSourceMapLocations": [ + "${workspaceFolder}/**", + "node_modules/kubernetes-fluent-client/**", + "node_modules/pepr/**" + ] + }, + "yaml.schemas": { + // renovate: datasource=github-tags depName=defenseunicorns/uds-cli versioning=semver + "https://raw.githubusercontent.com/defenseunicorns/uds-cli/v0.8.1/uds.schema.json": [ + "uds-bundle.yaml" + ], + + // renovate: datasource=github-tags depName=defenseunicorns/uds-cli versioning=semver + "https://raw.githubusercontent.com/defenseunicorns/uds-cli/v0.8.1/tasks.schema.json": [ + "tasks.yaml", + "tasks/**/*.yaml", + "src/**/validate.yaml" + ], + // renovate: datasource=github-tags depName=defenseunicorns/zarf versioning=semver + "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.32.2/zarf.schema.json": [ + "zarf.yaml" + ] + }, + "cSpell.words": [ + "alertmanager", + "Authservice", + "automount", + "controlplane", + "crds", + "distros", + "ironbank", + "Kiali", + "Kyverno", + "MITM", + "neuvector", + "opensource", + "promtail", + "Quickstart", + "Gitlab", + "seccomp", + "Sysctls", + "Velero" + ] + } \ No newline at end of file diff --git a/bundle/uds-bundle.yaml b/bundle/uds-bundle.yaml index 7861cf78..aa31af37 100644 --- a/bundle/uds-bundle.yaml +++ b/bundle/uds-bundle.yaml @@ -28,3 +28,32 @@ packages: # x-release-please-start-version ref: 16.8.1-uds.2 # x-release-please-end + overrides: + gitlab: + gitlab: + variables: + - name: MIGRATIONS_RESOURCES + description: "Gitlab Migrations Resources" + path: "gitlab.migrations.resources" + - name: WEBSERVICE_REPLICAS + description: "Gitlab Webservice Min Replicas" + path: "gitlab.webservice.minReplicas" + - name: WEBSERVICE_RESOURCES + description: "Gitlab Webservice Resources" + path: "gitlab.webservice.resources" + - name: WORKHORSE_RESOURCES + description: "Gitlab Workhorse Resources" + path: "gitlab.workhorse.resources" + - name: SIDEKIQ_REPLICAS + description: "Gitlab Sidekiq Min Replicas" + path: "gitlab.sidekiq.minReplicas" + - name: SIDEKIQ_RESOURCES + description: "Gitlab Sidekiq Resources" + path: "gitlab.sidekiq.resources" + - name: REGISTRY_REPLICAS + description: "Gitlab Registry Min Replicas" + path: "registry.hpa.minReplicas" + - name: SHELL_REPLICAS + description: "Gitlab Shell Min Replicas" + path: "gitlab.gitlab-shell.minReplicas" + diff --git a/bundle/uds-config.yaml b/bundle/uds-config.yaml index 30f58f81..75aaf7d9 100644 --- a/bundle/uds-config.yaml +++ b/bundle/uds-config.yaml @@ -20,3 +20,30 @@ variables: gitlab_redis_endpoint: "redis-master.dev-redis.svc.cluster.local" gitlab_db_endpoint: "postgresql.dev-postgres.svc.cluster.local" DISABLE_REGISTRY_REDIRECT: "true" + # # Overrides for scaled down cluster for local dev and CI + webservice_replicas: 1 + webservice_resources: + limits: + memory: 2.5G + requests: + cpu: 300m + memory: 2.5G + migrations_resources: + limits: + cpu: 500m + memory: 4G + workhorse_resources: + limits: + memory: 100M + requests: + cpu: 10m + memory: 10M + sidekiq_replicas: 1 + sidekiq_resources: + limits: + memory: 1.5G + requests: + cpu: 50m + memory: 625M + registry_replicas: 1 + shell_replicas: 1 diff --git a/common/zarf.yaml b/common/zarf.yaml index 32782a0d..28725e32 100644 --- a/common/zarf.yaml +++ b/common/zarf.yaml @@ -7,7 +7,6 @@ metadata: components: - name: gitlab required: true - description: "Deploy gitlab" charts: - name: uds-gitlab-config namespace: gitlab @@ -19,4 +18,4 @@ components: gitPath: chart version: "7.8.1-bb.0" valuesFiles: - - ../values/gitlab-values.yaml + - ../values/common-values.yaml diff --git a/docs/DEVELOPMENT_MAINTENANCE.md b/docs/DEVELOPMENT_MAINTENANCE.md index 8f7c668b..3682ab4b 100644 --- a/docs/DEVELOPMENT_MAINTENANCE.md +++ b/docs/DEVELOPMENT_MAINTENANCE.md @@ -11,20 +11,15 @@ To upgrade 1) Update any base values if necessary. 1) Update the `gitlab` component in the [zarf.yaml](../zarf.yaml) file to pull in the correct images needed for the updated version of the chart. -## How to test this capability - -1) With docker running and while connected to an aws account. -2) Set these env variables. -```bash -export REPO_URL=https://github.com/defenseunicorns/uds-capability-gitlab.git -export GIT_BRANCH= -export REGISTRY1_USERNAME= -export REGISTRY1_PASSWORD= -export GHCR_USERNAME= -export GHCR_PASSWORD= -export AWS_AVAILABILITY_ZONE=a -``` - - 3) At the root of this repository, you can run `make test`. This will provision an ec2 instance, build and deploy all dependencies and packages, and run an e2e test to insure the capability is deploying successfully, available and ready. - -You can also follow the bread crumbs of the Makefile to manually create the cluster as well as build and deploy all the necessary packages. \ No newline at end of file +## How to test this package locally + +Prerequisites: +- Docker +- latest version of UDS CLI +- K3d + +Note: If developing on an Apple Silicon Mac, colima is an excellent option. If using colima, the following command will provision a VM that should be adequate to deploy this package: + +`colima start --cpu 8 --memory 25 --disk 50 --vm-type vz --vz-rosetta --profile uds --arch aarch64` + + 1) From the root of the repository run `uds run`. To test a specific package flavor, specify that via the --set flag. For example: `uds run --set FLAVOR=upstream` diff --git a/renovate.json b/renovate.json index 676a8658..0a9586b6 100644 --- a/renovate.json +++ b/renovate.json @@ -84,12 +84,11 @@ "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?.*)${{/if}}" }, { - "fileMatch": ["^Makefile$"], + "fileMatch": ["^\\.github/workflows/commitlint\\.yaml$"], "matchStrings": [ - "renovate: datasource=(?.*?) depName=(?.*?)( versioning=(?.*?))?( extractVersion=(?.*?))?( registryUrl=(?.*?))?\\s.*?=\\s*['\"]?(?.*?)['\"]?\\s" + "npm install --save-dev (?@?.*?)@(?.+)" ], - "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}", - "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?.*)${{/if}}" + "datasourceTemplate": "npm" } ], "packageRules": [ diff --git a/src/dev-secrets/zarf.yaml b/src/dev-secrets/zarf.yaml index a0e7273c..6afa2bd0 100644 --- a/src/dev-secrets/zarf.yaml +++ b/src/dev-secrets/zarf.yaml @@ -3,7 +3,7 @@ kind: ZarfPackageConfig metadata: name: dev-secrets version: "0.1.0" - architecture: amd64 + components: - name: minio-password diff --git a/values/gitlab-values.yaml b/values/common-values.yaml similarity index 100% rename from values/gitlab-values.yaml rename to values/common-values.yaml diff --git a/values/registry1-values.yaml b/values/registry1-values.yaml new file mode 100644 index 00000000..fdb8b4c7 --- /dev/null +++ b/values/registry1-values.yaml @@ -0,0 +1,69 @@ +gitlab: + webservice: + image: + repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice + tag: 16.8.1 + workhorse: + image: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse + tag: 16.8.1 + sidekiq: + image: + repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq + tag: 16.8.1 + migrations: + image: + repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox + tag: 16.8.1 + gitaly: + image: + repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitaly + tag: 16.8.1 + gitlab-exporter: + image: + repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter + tag: 16.8.1 + gitlab-pages: + image: + repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages + tag: 16.8.1 + gitlab-shell: + image: + repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell + tag: 16.8.1 + praefect: + image: + repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitaly + tag: 16.8.1 + toolbox: + image: + repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox + tag: 16.8.1 + +global: + certificates: + image: + repository: registry1.dso.mil/ironbank/gitlab/gitlab/certificates + tag: 16.8.1 + gitlabBase: + image: + repository: registry1.dso.mil/ironbank/redhat/ubi/ubi9 + tag: "9.3" + kubectl: + image: + repository: registry1.dso.mil/ironbank/gitlab/gitlab/kubectl + tag: 16.8.1 + +registry: + image: + repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry + tag: 16.8.1 + +shared-secrets: + selfsign: + image: + repository: registry1.dso.mil/ironbank/gitlab/gitlab/cfssl-self-sign + +upgradeCheck: + image: + repository: registry1.dso.mil/ironbank/redhat/ubi/ubi9 + tag: "9.3" diff --git a/values/upstream.yaml b/values/upstream-values.yaml similarity index 79% rename from values/upstream.yaml rename to values/upstream-values.yaml index a24d3570..01e6cecb 100644 --- a/values/upstream.yaml +++ b/values/upstream-values.yaml @@ -53,30 +53,6 @@ global: repository: registry.gitlab.com/gitlab-org/build/cng/kubectl tag: v16.8.1 -minio: - image: docker.io/minio/minio - imageTag: RELEASE.2022-12-12T19-27-27Z - minioMc: - image: docker.io/minio/mc - tag: RELEASE.2022-12-24T15-21-38Z - -postgresql: - image: - registry: docker.io - repository: bitnami/postgresql - tag: "14.8.0" - -redis: - image: - registry: docker.io - repository: bitnami/redis - tag: 7.0.0-debian-10-r3 - metrics: - image: - registry: docker.io - repository: bitnami/redis-exporter - tag: "1.55.0" - registry: image: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-container-registry diff --git a/zarf.yaml b/zarf.yaml index 497b3e11..87542fd6 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -6,7 +6,7 @@ metadata: # x-release-please-start-version version: "16.8.1-uds.2" # x-release-please-end - architecture: amd64 + variables: - name: DOMAIN @@ -34,16 +34,18 @@ variables: components: - name: gitlab required: true - description: "Deploy gitlab" + description: "Deploy gitlab with registry1 images" import: path: common only: flavor: registry1 + cluster: + architecture: amd64 charts: - name: gitlab + valuesFiles: + - values/registry1-values.yaml images: - - "registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter:v1.56.0" - - "registry1.dso.mil/ironbank/bitnami/redis:7.0.0-debian-10-r3" - "registry1.dso.mil/ironbank/gitlab/gitlab/certificates:16.8.1" - "registry1.dso.mil/ironbank/gitlab/gitlab/cfssl-self-sign:1.6.1" - "registry1.dso.mil/ironbank/gitlab/gitlab/gitaly:16.8.1" @@ -55,9 +57,6 @@ components: - "registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice:16.8.1" - "registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse:16.8.1" - "registry1.dso.mil/ironbank/gitlab/gitlab/kubectl:16.8.1" - - "registry1.dso.mil/ironbank/opensource/minio/mc:RELEASE.2022-12-24T15-21-38Z" - - "registry1.dso.mil/ironbank/opensource/minio/minio:RELEASE.2022-12-12T19-27-27Z" - - "registry1.dso.mil/ironbank/opensource/postgres/postgresql:14.9" - "registry1.dso.mil/ironbank/redhat/ubi/ubi9:9.3" - "registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter:16.8.1" @@ -72,10 +71,8 @@ components: charts: - name: gitlab valuesFiles: - - values/upstream.yaml + - values/upstream-values.yaml images: - - "docker.io/bitnami/redis-exporter:1.55.0" - - "docker.io/bitnami/redis:7.0.0-debian-10-r3" - "registry.gitlab.com/gitlab-org/build/cng/certificates:v16.8.1" - "registry.gitlab.com/gitlab-org/build/cng/cfssl-self-sign:1.6.1" - "registry.gitlab.com/gitlab-org/build/cng/gitaly:v16.8.1" @@ -87,8 +84,5 @@ components: - "registry.gitlab.com/gitlab-org/build/cng/gitlab-webservice-ee:v16.8.1" - "registry.gitlab.com/gitlab-org/build/cng/gitlab-workhorse-ee:v16.8.1" - "registry.gitlab.com/gitlab-org/build/cng/kubectl:v16.8.1" - - "docker.io/minio/mc:RELEASE.2022-12-24T15-21-38Z" - - "docker.io/minio/minio:RELEASE.2022-12-12T19-27-27Z" - - "docker.io/bitnami/postgresql:14.8.0" - "docker.io/redhat/ubi8:8.8" - "registry.gitlab.com/gitlab-org/build/cng/gitlab-exporter:v16.8.1"