From 529983b736359b62f2366ab5077d29a9b6613088 Mon Sep 17 00:00:00 2001 From: Shane Unruh Date: Mon, 15 Nov 2021 12:41:40 -0700 Subject: [PATCH] Updated image refs in Helm charts - Reworked image references in the helm charts - Changed image repository from dtr.dev.cray.com to artifactory.algol60.net - Added github workflows to do testing of the charts and images - Added new pull request template Jira: CASMHMS-5198 --- .github/pull_request_template.md | 70 ++++++++----------- .../workflows/charts-lint-test-scan-cron.yml | 22 ++++++ .github/workflows/charts-lint-test-scan.yml | 25 +++++++ .gitignore | 1 + .version | 2 +- CHANGELOG.md | 6 ++ Makefile | 6 ++ kubernetes/cray-hms-smd/Chart.lock | 6 ++ kubernetes/cray-hms-smd/Chart.yaml | 20 ++++-- kubernetes/cray-hms-smd/requirements.lock | 6 -- kubernetes/cray-hms-smd/requirements.yaml | 4 -- .../cray-hms-smd/templates/_helpers.tpl | 16 ----- kubernetes/cray-hms-smd/templates/jobs.yaml | 5 +- kubernetes/cray-hms-smd/values.yaml | 17 ++++- 14 files changed, 130 insertions(+), 76 deletions(-) create mode 100644 .github/workflows/charts-lint-test-scan-cron.yml create mode 100644 .github/workflows/charts-lint-test-scan.yml create mode 100644 kubernetes/cray-hms-smd/Chart.lock delete mode 100644 kubernetes/cray-hms-smd/requirements.lock delete mode 100644 kubernetes/cray-hms-smd/requirements.yaml diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 10228c19..cdd8b2ad 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,58 +1,48 @@ -### Summary and Scope +## Summary and Scope -EXPLAIN WHY THIS PR IS NECESSARY. WHAT IS IMPACTED? -IS THIS A NEW FEATURE OR CRITICAL BUG FIX? SUMMARIZE WHAT CHANGED. +_Summarize what has changed. Explain why this PR is necessary. What is impacted? Is this a new feature, critical bug fix, etc?_ -DOES THIS CHANGE INVOLVE ANY SCHEME CHANGES? Y/N +_Is this change backwards incompatible, backwards compatible, or a backwards compatible bugfix?_ -REMINDER: HAVE YOU INCREMENTED VERSION NUMBERS? E.G., .spec, Chart.yaml, .version, CHANGELOG.md +## Issues and Related PRs -REMINDER 2: HAVE YOU UPDATED THE COPYRIGHT PER hpe GUIDELINES: (C) Copyright 2014-2021 Hewlett Packard Enterprise Development LP ? Y/N +_List and characterize relationship to Jira/Github issues and other pull requests. Be sure to list dependencies._ -### Issues and Related PRs - -LIST AND CHARACTERIZE RELATIONSHIP TO JIRA ISSUES AND OTHER PULL REQUESTS. BE SURE LIST DEPENDENCIES. - -* Resolves CASM-XYZ +* Resolves [issue id](issue link) * Change will also be needed in `` -* Future work required by CASM-ABC -* Merge with `` -* Merge before `` -* Merge after `` +* Future work required by [issue id](issue link) +* Merge with/before/after `` -### Testing +## Testing -LIST THE ENVIRONMENTS IN WHICH THESE CHANGES WERE TESTED. +_List the environments in which these changes were tested._ Tested on: -* `` -* Craystack -* CMS base-box -* Virtual Shasta + * `` + * Local development environment + * Virtual Shasta + +Test description: + +_How were the changes tested and success verified? If schema changes were part of this change, how were those handled in your upgrade/downgrade testing?_ -Were the install/upgrade based validation checks/tests run?(goss tests/install-validation doc) -Were continuous integration tests run? Y/N If not, Why? -Was an Upgrade tested? Y/N If not, Why? -Was a Downgrade tested? Y/N If not, Why? -If schema changes were part of this change, how were those handled in your upgrade/downgrade testing? +- Were the install/upgrade-based validation checks/tests run (goss tests/install-validation doc)? +- Were continuous integration tests run? If not, why? +- Was upgrade tested? If not, why? +- Was downgrade tested? If not, why? -WHAT WAS THE EXTENT OF TESTING PERFORMED? MANUAL VERSUS AUTOMATED TESTS (UNIT/SMOKE/OTHER) -HOW WERE CHANGES VERIFIED TO BE SUCCESSFUL? -### Risks and Mitigations +## Risks and Mitigations -HAS A SECURITY AUDIT BEEN RUN? (./runSnyk.sh) -ARE THERE KNOWN ISSUES WITH THESE CHANGES? -ANY OTHER SPECIAL CONSIDERATIONS? +_Are there known issues with these changes? Any other special considerations?_ -INCLUDE THE FOLLOWING ITEMS THAT APPLY. LIST ADDITIONAL ITEMS AND PROVIDE MORE DETAILED INFORMATION AS APPROPRIATE. -Requires: +## Pull Request Checklist -* Additional testing on bare-metal -* Compute nodes -* 3rd party software -* Broader integration testing -* Fresh install -* Platform upgrade +- [ ] Version number(s) incremented, if applicable +- [ ] Copyrights updated +- [ ] License file intact +- [ ] Target branch correct +- [ ] CHANGELOG.md updated +- [ ] Testing is appropriate and complete, if applicable diff --git a/.github/workflows/charts-lint-test-scan-cron.yml b/.github/workflows/charts-lint-test-scan-cron.yml new file mode 100644 index 00000000..a554c1ba --- /dev/null +++ b/.github/workflows/charts-lint-test-scan-cron.yml @@ -0,0 +1,22 @@ +name: Cron Lint, test, and scan Helm charts +on: + schedule: + - cron: "0 0 * * *" + workflow_dispatch: +jobs: + lint-test-scan: + uses: Cray-HPE/.github/.github/workflows/charts-lint-test-scan.yml@main + with: + ct-config: | + chart-dirs: + - kubernetes + chart-repos: + - cray-algol60=https://artifactory.algol60.net/artifactory/csm-helm-charts + validate-maintainers: false + scan-chart-snyk-args: "--severity-threshold=high" + scan-image-snyk-args: "--severity-threshold=high" + test-charts: false + scan-images: true + secrets: + snyk-token: ${{ secrets.SNYK_TOKEN }} + diff --git a/.github/workflows/charts-lint-test-scan.yml b/.github/workflows/charts-lint-test-scan.yml new file mode 100644 index 00000000..7eb8d72d --- /dev/null +++ b/.github/workflows/charts-lint-test-scan.yml @@ -0,0 +1,25 @@ +name: Lint, test, and scan Helm charts +on: + pull_request: + branches: + - master + - release/** + workflow_dispatch: +jobs: + lint-test-scan: + uses: Cray-HPE/.github/.github/workflows/charts-lint-test-scan.yml@main + with: + lint-charts: ${{ github.event_name == 'pull_request' }} + ct-config: | + chart-dirs: + - kubernetes + chart-repos: + - cray-algol60=https://artifactory.algol60.net/artifactory/csm-helm-charts + validate-maintainers: false + scan-chart-snyk-args: "--severity-threshold=high" + scan-image-snyk-args: "--severity-threshold=high" + test-charts: false + scan-images: false + secrets: + snyk-token: ${{ secrets.SNYK_TOKEN }} + diff --git a/.gitignore b/.gitignore index deb6fef9..bd4ed377 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ .DS_Store *.tgz +*.swp .vscode cmd/smd-loader/node_nid_map.json kubernetes/cray-hms-smd/helm diff --git a/.version b/.version index 2b17ffd5..2aeaa11e 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -1.34.0 +1.35.0 diff --git a/CHANGELOG.md b/CHANGELOG.md index 0634a9e2..c5272b49 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.35.0] - 2021-11-18 + +### Changed + +- CASMHMS-5198 - Updated image refs in the chart. + ## [1.34.0] - 2021-11-16 ### Changed diff --git a/Makefile b/Makefile index 90c6edbf..bd69931c 100644 --- a/Makefile +++ b/Makefile @@ -68,3 +68,9 @@ test_rpm_build_source: test_rpm_build: BUILD_METADATA=$(BUILD_METADATA) rpmbuild -ba $(TEST_SPEC_FILE) --define "_topdir $(TEST_BUILD_DIR)" --nodeps + +clean: + # Remove files generated by helm + rm -rf kubernetes/cray-hms-smd/charts + rm -rf kubernetes/.packaged + diff --git a/kubernetes/cray-hms-smd/Chart.lock b/kubernetes/cray-hms-smd/Chart.lock new file mode 100644 index 00000000..cfb9f7ca --- /dev/null +++ b/kubernetes/cray-hms-smd/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: cray-service + repository: https://artifactory.algol60.net/artifactory/csm-helm-charts + version: 7.0.0 +digest: sha256:c04595364279402b13294b8666a8a97bfa79e4402b42ebbf0d2bcd4f52ec04ad +generated: "2021-11-15T12:49:28.96400053-07:00" diff --git a/kubernetes/cray-hms-smd/Chart.yaml b/kubernetes/cray-hms-smd/Chart.yaml index 5aaf5a0c..96d9c9a2 100644 --- a/kubernetes/cray-hms-smd/Chart.yaml +++ b/kubernetes/cray-hms-smd/Chart.yaml @@ -1,5 +1,17 @@ -apiVersion: v1 -description: "Kubernetes resources for cray-hms-smd" +apiVersion: v2 name: "cray-hms-smd" -home: "HMS/hms-smd" -version: 1.34.0 +version: 1.35.0 +description: "Kubernetes resources for cray-hms-smd" +home: "https://github.com/Cray-HPE/hms-smd" +sources: + - "https://github.com/Cray-HPE/hms-smd" +dependencies: + - name: cray-service + version: "~7.0.0" + repository: https://artifactory.algol60.net/artifactory/csm-helm-charts +maintainers: + - name: Hardware Management + url: https://github.com/orgs/Cray-HPE/teams/hardware-management +appVersion: "1.35.0" +annotations: + artifacthub.io/images: "" diff --git a/kubernetes/cray-hms-smd/requirements.lock b/kubernetes/cray-hms-smd/requirements.lock deleted file mode 100644 index 50cb0ba3..00000000 --- a/kubernetes/cray-hms-smd/requirements.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: cray-service - repository: https://artifactory.algol60.net/artifactory/csm-helm-charts - version: 6.0.0 -digest: sha256:70f9ad5c076e41732062b22a41d72e2fbfd4f6934819bb1c869da90efcdd4252 -generated: "2021-09-28T13:25:02.636266-05:00" diff --git a/kubernetes/cray-hms-smd/requirements.yaml b/kubernetes/cray-hms-smd/requirements.yaml deleted file mode 100644 index c2f34ba3..00000000 --- a/kubernetes/cray-hms-smd/requirements.yaml +++ /dev/null @@ -1,4 +0,0 @@ -dependencies: -- name: cray-service - version: "~6.0.0" - repository: "@cray-algol60" diff --git a/kubernetes/cray-hms-smd/templates/_helpers.tpl b/kubernetes/cray-hms-smd/templates/_helpers.tpl index 7aab8d0c..0f945136 100644 --- a/kubernetes/cray-hms-smd/templates/_helpers.tpl +++ b/kubernetes/cray-hms-smd/templates/_helpers.tpl @@ -1,19 +1,3 @@ {{/* Add helper methods here for your chart */}} - -{{- define "cray-hms-smd.image-prefix" -}} -{{ $base := index . "cray-service" }} -{{- if $base.imagesHost -}} -{{- printf "%s/" $base.imagesHost -}} -{{- else -}} -{{- printf "" -}} -{{- end -}} -{{- end -}} - -{{/* -Helper function to get the proper image tag -*/}} -{{- define "cray-hms-smd.imageTag" -}} -{{- default "latest" .Chart.AppVersion -}} -{{- end -}} \ No newline at end of file diff --git a/kubernetes/cray-hms-smd/templates/jobs.yaml b/kubernetes/cray-hms-smd/templates/jobs.yaml index 4f21381c..9222c996 100644 --- a/kubernetes/cray-hms-smd/templates/jobs.yaml +++ b/kubernetes/cray-hms-smd/templates/jobs.yaml @@ -17,7 +17,8 @@ spec: serviceAccountName: "cray-smd-job-deleter" containers: - name: job-deleter - image: "{{ include "cray-hms-smd.image-prefix" .Values }}loftsman/docker-kubectl:{{ .Values.dockerKubectlTag }}" + image: "{{ .Values.kubectl.image.repository }}:{{ .Values.kubectl.image.tag }}" + imagePullPolicy: "{{ .Values.kubectl.image.pullPolicy }}" command: - /bin/sh - -c @@ -48,7 +49,7 @@ spec: serviceAccountName: "jobs-watcher" containers: - name: cray-smd-init - image: {{ include "cray-hms-smd.image-prefix" .Values }}cray/cray-smd:{{ include "cray-hms-smd.imageTag" . }} + image: {{ .Values.image.repository }}:{{ default .Chart.AppVersion .Values.image.tag }} env: # NOTE: overridden in container if POSTGRES_HOST is set - name: SMD_DBHOST diff --git a/kubernetes/cray-hms-smd/values.yaml b/kubernetes/cray-hms-smd/values.yaml index 640a440a..d9f28deb 100644 --- a/kubernetes/cray-hms-smd/values.yaml +++ b/kubernetes/cray-hms-smd/values.yaml @@ -7,7 +7,18 @@ # tag: "" (default = "latest") # pullPolicy: "" (default = "IfNotPresent") -dockerKubectlTag: 0.2.0 +global: + appVersion: 1.35.0 + +image: + repository: artifactory.algol60.net/csm-docker/stable/cray-smd + pullPolicy: IfNotPresent + +kubectl: + image: + repository: artifactory.algol60.net/csm-docker/stable/docker-kubectl + tag: 1.19.15 + pullPolicy: IfNotPresent schemaStorageClass: ceph-cephfs-external schemaAccessMode: ReadWriteMany @@ -39,7 +50,7 @@ cray-service: cray-smd: name: "cray-smd" image: - repository: "cray/cray-smd" + repository: artifactory.algol60.net/csm-docker/stable/cray-smd resources: limits: cpu: "16" @@ -137,7 +148,7 @@ cray-service: enabled: true backup: enabled: true - schedule: "10 0 * * *" # Once per day at 12:10AM + schedule: "10 0 * * *" # Once per day at 12:10AM users: hmsdsuser: [] databases: