diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml index 7f4431737fc81..070114ed4d4d6 100644 --- a/.github/workflows/docs.yaml +++ b/.github/workflows/docs.yaml @@ -7,7 +7,7 @@ on: push: branches: ["main"] paths: - - .github/workflows/publish-docs.yaml + - .github/workflows/docs.yaml - docs/** - README.md diff --git a/.github/workflows/flux-diff.yaml b/.github/workflows/flux-diff.yaml index 3e4d22fec012e..519b71664013b 100644 --- a/.github/workflows/flux-diff.yaml +++ b/.github/workflows/flux-diff.yaml @@ -12,47 +12,13 @@ concurrency: cancel-in-progress: true jobs: - changed-clusters: - name: Changed Clusters - runs-on: ubuntu-latest - outputs: - matrix: ${{ steps.changed-clusters.outputs.all_changed_and_modified_files }} - steps: - - name: Generate Token - uses: actions/create-github-app-token@v1 - id: app-token - with: - app-id: "${{ secrets.BOT_APP_ID }}" - private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - - - name: Checkout Default Branch - uses: actions/checkout@v4 - with: - token: "${{ steps.app-token.outputs.token }}" - fetch-depth: 0 - - - name: Get Changed Clusters - id: changed-clusters - uses: tj-actions/changed-files@v45 - with: - files: kubernetes/** - files_ignore: kubernetes/shared/** - dir_names: true - dir_names_max_depth: 2 - matrix: true - - - name: List All Changed Clusters - run: echo "${{ steps.changed-clusters.outputs.all_changed_and_modified_files }}" - flux-diff: name: Flux Diff runs-on: ubuntu-latest - needs: ["changed-clusters"] permissions: pull-requests: write strategy: matrix: - paths: ${{ fromJSON(needs.changed-clusters.outputs.matrix) }} resources: ["helmrelease", "kustomization"] max-parallel: 4 fail-fast: false @@ -64,7 +30,7 @@ jobs: app-id: "${{ secrets.BOT_APP_ID }}" private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - - name: Checkout + - name: Checkout Pull Request Branch uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" @@ -83,8 +49,8 @@ jobs: args: >- diff ${{ matrix.resources }} --unified 6 - --path /github/workspace/pull/${{ matrix.paths }}/flux - --path-orig /github/workspace/default/${{ matrix.paths }}/flux + --path /github/workspace/pull/kubernetes/main/flux + --path-orig /github/workspace/default/kubernetes/main/flux --strip-attrs "helm.sh/chart,checksum/config,app.kubernetes.io/version,chart" --limit-bytes 10000 --all-namespaces @@ -108,11 +74,11 @@ jobs: } >> "$GITHUB_STEP_SUMMARY" - if: ${{ steps.diff.outputs.diff != '' }} - name: Add comment + name: Add Comment uses: mshick/add-pr-comment@v2 with: repo-token: "${{ steps.app-token.outputs.token }}" - message-id: "${{ github.event.pull_request.number }}/${{ matrix.paths }}/${{ matrix.resources }}" + message-id: "${{ github.event.pull_request.number }}/kubernetes/main/${{ matrix.resources }}" message-failure: Diff was not successful message: | ```diff diff --git a/.github/workflows/helm-repository-sync.yaml b/.github/workflows/helm-repository-sync.yaml index 4a652971fb02c..d32ec49e5807d 100644 --- a/.github/workflows/helm-repository-sync.yaml +++ b/.github/workflows/helm-repository-sync.yaml @@ -5,10 +5,6 @@ name: "Helm Repository Sync" on: workflow_dispatch: inputs: - clusterName: - description: Cluster Name - default: main - required: true helmRepoNamespace: description: Helm Repository Namespace default: flux-system @@ -38,15 +34,14 @@ jobs: token: "${{ steps.app-token.outputs.token }}" fetch-depth: 0 - - name: Setup mise - uses: jdx/mise-action@v2 - with: - mise_toml: | - [tools] - "aqua:fluxcd/flux2" = "latest" - "aqua:mikefarah/yq" = "latest" + - name: Setup Homebrew + uses: Homebrew/actions/setup-homebrew@master - - if: ${{ github.event.inputs.clusterName == '' && github.event.inputs.helmRepoNamespace == '' && github.event.inputs.helmRepoName == '' }} + - name: Setup Workflow Tools + shell: bash + run: brew install fluxcd/tap/flux yq + + - if: ${{ github.event.inputs.helmRepoNamespace == '' && github.event.inputs.helmRepoName == '' }} name: Get Changed Files id: changed-files uses: tj-actions/changed-files@v45 @@ -54,33 +49,26 @@ jobs: files: kubernetes/**/helmrelease.yaml safe_output: false - - if: ${{ github.event.inputs.clusterName == '' && github.event.inputs.helmRepoNamespace == '' && github.event.inputs.helmRepoName == '' }} - name: List All Changed Files - run: echo "${{ steps.changed-files.outputs.all_changed_and_modified_files }}" - - - if: ${{ github.event.inputs.clusterName == '' && github.event.inputs.helmRepoNamespace == '' && github.event.inputs.helmRepoName == '' }} + - if: ${{ github.event.inputs.helmRepoNamespace == '' && github.event.inputs.helmRepoName == '' }} name: Sync Helm Repository shell: bash run: | declare -a repos=() for f in ${{ steps.changed-files.outputs.all_changed_and_modified_files }}; do - cluster_name=$(echo "${f}" | awk -F'/' '{print $2}') repo_namespace="$(yq -r '.spec.chart.spec.sourceRef.namespace' "${f}")" repo_name="$(yq -r '.spec.chart.spec.sourceRef.name' "${f}")" - repos+=("${cluster_name}:${repo_namespace}:${repo_name}") + repos+=("${repo_namespace}:${repo_name}") done mapfile -t repos < <(printf "%s\n" "${repos[@]}" | sort -u) for r in "${repos[@]}"; do - IFS=':' read -r cluster_name repo_namespace repo_name <<< "${r}" - flux \ - --namespace ${repo_namespace} \ - reconcile source helm ${repo_name} || true + IFS=':' read -r repo_namespace repo_name <<< "${r}" + flux --namespace ${repo_namespace} \ + reconcile source helm ${repo_name} done - - if: ${{ github.event.inputs.clusterName != '' && github.event.inputs.helmRepoNamespace != '' && github.event.inputs.helmRepoName != '' }} + - if: ${{ github.event.inputs.helmRepoNamespace != '' && github.event.inputs.helmRepoName != '' }} name: Sync Helm Repository shell: bash run: | - flux \ - --namespace ${{ github.event.inputs.helmRepoNamespace }} \ - reconcile source helm ${{ github.event.inputs.helmRepoName }} || true + flux --namespace ${{ github.event.inputs.helmRepoNamespace }} \ + reconcile source helm ${{ github.event.inputs.helmRepoName }} diff --git a/.github/workflows/pre-pull-images.yaml b/.github/workflows/pre-pull-images.yaml index 06e522f861878..e1990d79938bd 100644 --- a/.github/workflows/pre-pull-images.yaml +++ b/.github/workflows/pre-pull-images.yaml @@ -12,49 +12,11 @@ concurrency: cancel-in-progress: true jobs: - changed-clusters: - name: Changed Clusters - runs-on: ubuntu-latest - outputs: - matrix: ${{ steps.changed-clusters.outputs.all_changed_and_modified_files }} - steps: - - name: Generate Token - uses: actions/create-github-app-token@v1 - id: app-token - with: - app-id: "${{ secrets.BOT_APP_ID }}" - private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - - - name: Checkout - uses: actions/checkout@v4 - with: - token: "${{ steps.app-token.outputs.token }}" - fetch-depth: 0 - - - name: Get Changed Clusters - id: changed-clusters - uses: tj-actions/changed-files@v45 - with: - files: kubernetes/** - files_ignore: kubernetes/shared/** - dir_names: true - dir_names_max_depth: 2 - matrix: true - - - name: List All Changed Clusters - run: echo "${{ steps.changed-clusters.outputs.all_changed_and_modified_files }}" - extract-images: name: Extract Images runs-on: ubuntu-latest - needs: ["changed-clusters"] permissions: pull-requests: write - strategy: - matrix: - paths: ${{ fromJSON(needs.changed-clusters.outputs.matrix) }} - max-parallel: 4 - fail-fast: false outputs: matrix: ${{ steps.extract-images.outputs.images }} steps: @@ -65,12 +27,12 @@ jobs: app-id: "${{ secrets.BOT_APP_ID }}" private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - - name: Setup mise - uses: jdx/mise-action@v2 - with: - mise_toml: | - [tools] - "aqua:mikefarah/yq" = "latest" + - name: Setup Homebrew + uses: Homebrew/actions/setup-homebrew@master + + - name: Setup Workflow Tools + shell: bash + run: brew install yq - name: Checkout Default Branch uses: actions/checkout@v4 @@ -90,7 +52,7 @@ jobs: with: args: >- get cluster - --path /github/workspace/default/${{ matrix.paths }}/flux + --path /github/workspace/default/kubernetes/main/flux --enable-images --output yaml --output-file default.yaml @@ -100,7 +62,7 @@ jobs: with: args: >- get cluster - --path /github/workspace/pull/${{ matrix.paths }}/flux + --path /github/workspace/pull/kubernetes/main/flux --enable-images --output yaml --output-file pull.yaml @@ -121,7 +83,7 @@ jobs: id: extract-images shell: bash run: | - images=$(jq --compact-output --raw-input --null-input '[inputs]' < <(grep -vf default.txt pull.txt)) + images=$(jo -a $(grep -vf default.txt pull.txt)) echo "images=${images}" >> $GITHUB_OUTPUT echo "${images}" echo "### Images" >> $GITHUB_STEP_SUMMARY @@ -138,12 +100,12 @@ jobs: max-parallel: 4 fail-fast: false steps: - - name: Setup mise - uses: jdx/mise-action@v2 - with: - mise_toml: | - [tools] - "aqua:siderolabs/talos" = "latest" + - name: Setup Homebrew + uses: Homebrew/actions/setup-homebrew@master + + - name: Setup Workflow Tools + shell: bash + run: brew install siderolabs/tap/talosctl - name: Pre-pull Image run: talosctl -n $NODE_IP image pull ${{ matrix.images }} diff --git a/.github/workflows/schemas.yaml b/.github/workflows/schemas.yaml index bafdf2814e6f1..079d90d858ccf 100644 --- a/.github/workflows/schemas.yaml +++ b/.github/workflows/schemas.yaml @@ -30,12 +30,12 @@ jobs: with: token: "${{ steps.app-token.outputs.token }}" - - name: Setup mise - uses: jdx/mise-action@v2 - with: - mise_toml: | - [tools] - "aqua:kubernetes/kubectl" = "latest" + - name: Setup Homebrew + uses: Homebrew/actions/setup-homebrew@master + + - name: Setup Workflow Tools + shell: bash + run: brew install kubectl - name: Setup Python uses: actions/setup-python@v5 @@ -47,6 +47,9 @@ jobs: with: node-version: 18.x + - name: Install Python Dependencies + run: pip install pyyaml + - name: Download and run crd-extractor shell: bash run: | diff --git a/.gitignore b/.gitignore index 2d9664d34b636..f295742c097e4 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,5 @@ /.private/ /.task/ -/scripts/ *.secret.env *.secret.yaml *.crt diff --git a/.vscode/extensions.json b/.vscode/extensions.json index b85db9f04314a..0865d69264ad8 100644 --- a/.vscode/extensions.json +++ b/.vscode/extensions.json @@ -9,7 +9,6 @@ "redhat.vscode-yaml", "will-stone.in-any-case", "BriteSnow.vscode-toggle-quotes", - "HashiCorp.terraform", "PKief.material-icon-theme", ] } diff --git a/.vscode/settings.json b/.vscode/settings.json index 907427979c0a1..7773760888e5d 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -32,6 +32,7 @@ "digester-system": "hook", "external-secrets": "secure", "flux-system": "pipe", + "hack": "scripts", "kube-system": "kubernetes", "monitoring": "event", "network": "connection",