Skip to content

Commit

Permalink
Merge branch 'master' into PPD-1502
Browse files Browse the repository at this point in the history
  • Loading branch information
@achuribooks
achuribooks authored Jan 24, 2025
2 parents d9bcc88 + cc8fc20 commit 8c77931
Show file tree
Hide file tree
Showing 16 changed files with 141 additions and 3 deletions.
87 changes: 87 additions & 0 deletions .github/workflows/cluster-scanner-librarium.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
name: Cluster Scanner

on:
# Every Tuesday and Friday at 17 UTC
schedule:
- cron: "0 17 * * 2,5"
workflow_dispatch:

jobs:
scan-clusters:
name: cluster-scan
runs-on: ubuntu-latest
strategy:
max-parallel: 1
matrix:
environment: [PROD, DEV, STAGE]

steps:
- name: Checkout Palette Samples Repository
uses: actions/checkout@v4
with:
repository: spectrocloud/palette-samples

- name: Set Up Go
uses: actions/setup-go@v5
with:
go-version-file: "scripts/cluster-scanner/go.mod"

- name: Install Dependencies
working-directory: scripts/cluster-scanner
run: go get ./...

- name: Set Environment Variables Based on Environment
run: |
if [ "${{ matrix.environment }}" = "DEV" ]; then
echo "PALETTE_API_KEY=${{ secrets.SCAN_PALETTE_API_KEY_DEV }}" >> $GITHUB_ENV
echo "PALETTE_HOST=${{ secrets.SCAN_PALETTE_HOST_DEV }}" >> $GITHUB_ENV
elif [ "${{ matrix.environment }}" = "PROD" ]; then
echo "PALETTE_API_KEY=${{ secrets.SCAN_PALETTE_API_KEY_PROD }}" >> $GITHUB_ENV
echo "PALETTE_HOST=${{ secrets.SCAN_PALETTE_HOST_PROD }}" >> $GITHUB_ENV
else
echo "PALETTE_API_KEY=${{ secrets.SCAN_PALETTE_API_KEY_STAGE }}" >> $GITHUB_ENV
echo "PALETTE_HOST=${{ secrets.SCAN_PALETTE_HOST_STAGE }}" >> $GITHUB_ENV
fi
- name: Build and Run the App
working-directory: scripts/cluster-scanner
env:
PALETTE_API_KEY: ${{ env.PALETTE_API_KEY }}
PALETTE_HOST: ${{ env.PALETTE_HOST }}
run: |
set -e
go build -o cluster-scanner
./cluster-scanner | tee result.log
- name: Get Clusters With More Than 24 Hours and Format Output
working-directory: scripts/cluster-scanner
run: |
if grep -q "The following clusters have been running" result.log; then
echo "CLUSTERS_FOUND=true" >> $GITHUB_ENV
{
echo 'LOG_MESSAGE<<EOF'
echo "Palette Environment: ${{ matrix.environment }}"
sed 's/^.*msg=//' result.log | sed -n '/The following clusters/,/$/p' | sed 's/"//g'
echo EOF
} >> "$GITHUB_ENV"
fi
- name: Send Slack Notification
if: ${{ success() && env.CLUSTERS_FOUND == 'true' }}
uses: rtCamp/[email protected]
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_PRIVATE_TEAM_WEBHOOK }}
SLACK_COLOR: "good"
SLACKIFY_MARKDOWN: true
ENABLE_ESCAPES: true
SLACK_MESSAGE: ${{ env.LOG_MESSAGE }}

- name: Slack Notification on Failure
if: ${{ failure() }}
uses: rtCamp/[email protected]
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_PRIVATE_TEAM_WEBHOOK }}
SLACK_COLOR: "danger"
SLACKIFY_MARKDOWN: true
ENABLE_ESCAPES: true
SLACK_MESSAGE: "The cluster scan job for `${{ github.workflow }}` in `${{ github.repository }}` failed. [View details](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})."
1 change: 1 addition & 0 deletions .github/workflows/dependabot.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ env:
PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }}
DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }}
DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }}
SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }}
DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }}

jobs:
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/nightly-docker-build.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ env:
PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }}
DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }}
DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }}
SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }}
DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }}

jobs:
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/post_release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ env:
PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }}
DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }}
DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }}
SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }}
DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }}

jobs:
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/pull_request.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ env:
PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }}
DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }}
DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }}
SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }}
DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }}

jobs:
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/release-branch-pr.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ env:
PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }}
DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }}
DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }}
SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }}
DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }}


Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/release-preview.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,9 @@ env:
PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }}
DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }}
DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }}
SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }}
DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }}
UNRELEASED_VERSION_BANNER: true


concurrency:
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ env:
PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }}
DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }}
DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }}
SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }}
DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }}


Expand Down
1 change: 1 addition & 0 deletions .github/workflows/screenshot_capture.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ env:
PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }}
DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }}
DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }}
SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }}
DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }}


Expand Down
3 changes: 2 additions & 1 deletion .github/workflows/visual-comparison.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,8 @@ env:
ALGOLIA_INDEX_NAME: ${{ secrets.ALGOLIA_INDEX_NAME }}
HTML_REPORT_URL_PATH: reports/${{ github.head_ref }}/${{ github.run_id }}/${{ github.run_attempt }}
DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }}
DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }}
DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }}
SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }}
DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }}


Expand Down
1 change: 1 addition & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,7 @@ init: ## Initialize npm dependencies
grep -q "^ALGOLIA_INDEX_NAME=" .env || echo "\nALGOLIA_INDEX_NAME=spectrocloud" >> .env
grep -q "^DSO_AUTH_TOKEN=" .env || echo "\nDISABLE_SECURITY_INTEGRATIONS=true\nDSO_AUTH_TOKEN=" >> .env
grep -q "^PALETTE_API_KEY=" .env || echo "\nDISABLE_PACKS_INTEGRATIONS=true" >> .env
grep -q "^SHOW_LAST_UPDATE_TIME=" .env || echo "\nSHOW_LAST_UPDATE_TIME=false" >> .env
npx husky install

start: ## Start a local development server
Expand Down
17 changes: 17 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,13 @@ PALETTE_API_KEY="<your-palette-api-key>"
> [Create API Key](https://docs.spectrocloud.com/user-management/authentication/api-key/create-api-key/) guide to learn
> how to create a Palette API key.
By default, last update times are hidden on local development. You can enable them by setting the
`SHOW_LAST_UPDATE_TIME` variable in you `.env` file.

```shell
SHOW_LAST_UPDATE_TIME=true
```

## Documentation Content

Create a branch to keep track of all your changes.
Expand Down Expand Up @@ -1201,3 +1208,13 @@ Librarium provides the following exit codes. These exit codes are returned by bo
| `5` | The command failed due to errors received from the API service related to packs. These requests are issued by the [Packs Component](#packs-component) and librarium cannot start without loading packs, either from the API service or the [cached packs data](#cached-packs-data) |
| `7` | The command failed due to errors received from the API service related to security bulletins. These requests are issued by the [CVE script](./utils/cves/index.js) and librarium cannot start without loading the security bulletins. The [Build with Cached CVE](./.github/actions/build-cached-cves/action.yaml) action is built to handle this exit situation and build with cached CVEs. You can issue the command `make get-cached-cves` to fetch cached CVEs to build locally. |
| Any other non-zero exit code. | The command failed due to another error. Check the command output. |
## Unreleased Version Banner
The `UNRELEASED_VERSION_BANNER` environment variable is used to determine if the unreleased version banner should be
displayed. The default value is `false`. If you want to display the unreleased version banner, set the
`UNRELEASED_VERSION_BANNER` environment variable to `true`.
```shell
export UNRELEASED_VERSION_BANNER=true
```
1 change: 1 addition & 0 deletions docs/docs-content/release-notes/known-issues.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ The following table lists all known issues that are currently active and affecti

| Description | Workaround | Publish Date | Product Component |
| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | ---------------------------- |
| Clusters that are currently deployed and attempting to upgrade from Kubernetes version 1.31.1 to newer versions are getting stuck in the upgrade state. This issue also affects Day-2 operations related to changes in the Kubernetes layer YAML for clusters on Kubernetes version 1.31.1. The root of the problem is an internal conversion error stemming from an internal type change introduced in Kubernetes version 1.31.x. | Avoid upgrading Kubernetes clusters from version 1.31.1 or modifying the Kubernetes YAML as a Day-2 operation on clusters with Kubernetes 1.31.1. You can deploy new clusters using version 1.31.4, as new deployments are unaffected by the issue. If you upgraded and the cluster remains stuck, revert the change and downgrade to version 1.31.1. | January 19, 2025 | Clusters, Packs |
| For clusters deployed with [agent mode](../deployment-modes/agent-mode/agent-mode.md) on Palette agent version 4.5.14, having a custom `stylus.path` defined in the **user-data** file causes Kubernetes upgrades to fail. This affects all Kubernetes packs. | No workaround available. Refer to [Identify the Target Agent Version](../clusters/edge/cluster-management/agent-upgrade-airgap.md#identify-the-target-agent-version) for guidance in retrieving your Palette agent version number. | January 19, 2025 | Edge |
| For clusters deployed with <VersionedLink text="Palette eXtended Kubernetes - Edge (PXK-E)" url="/integrations/packs/?pack=edge-k8s"/> and [agent mode](../deployment-modes/agent-mode/agent-mode.md) on Palette agent version 4.5.14, adding a custom `stylus.path` to the **user-data** file causes cluster creation to fail as it cannot find [kubeadm](https://kubernetes.io/docs/reference/setup-tools/kubeadm/). | Review the [Edge Troubleshooting](../troubleshooting/edge.md) section for workarounds. Refer to [Identify the Target Agent Version](../clusters/edge/cluster-management/agent-upgrade-airgap.md#identify-the-target-agent-version) for guidance in retrieving your Palette agent version number. | January 19, 2025 | Edge |
| For clusters deployed with <VersionedLink text="Palette eXtended Kubernetes - Edge (PXK-E)" url="/integrations/packs/?pack=edge-k8s"/> and [agent mode](../deployment-modes/agent-mode/agent-mode.md), upgrades to higher Kubernetes versions are not supported with Palette agent version 4.5.12 or earlier. | No workaround available. Upgrades to higher Kubernetes versions are only supported from Palette agent version 4.5.14 and above for clusters deployed with PXK-E and agent mode. Refer to [Identify the Target Agent Version](../clusters/edge/cluster-management/agent-upgrade-airgap.md#identify-the-target-agent-version) for guidance in retrieving your Palette agent version number. | January 19, 2025 | Edge |
Expand Down
10 changes: 10 additions & 0 deletions docs/docs-content/release-notes/release-notes.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,16 @@ about the rolling upgrade strategy.
[Image Pull Secret](../enterprise-version/install-palette/install-on-kubernetes/palette-helm-ref.md#image-pull-secret)
section of the Palette Helm Chart documentation to learn more about using custom image pull secrets.

#### Known Issues

- Clusters that are currently deployed and attempting to upgrade from Kubernetes version 1.31.1 to newer versions are
getting stuck in the upgrade state. This issue also affects Day-2 operations related to changes in the Kubernetes
layer YAML for clusters on Kubernetes version 1.31.1. The root of the problem is an internal conversion error stemming
from a change introduced in Kubernetes version 1.31.x. clusters from version 1.31.1 or modifying the Kubernetes YAML
as a Day-2 operation on clusters with Kubernetes 1.31.1. You can deploy new clusters using version 1.31.4, as new
deployments are unaffected by the issue. If you upgraded and the cluster remains stuck, revert the change and
downgrade to version 1.31.1.

### Edge

#### Features
Expand Down
14 changes: 13 additions & 1 deletion docusaurus.config.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,17 @@ const { pluginPacksAndIntegrationsData } = require("./plugins/packs-integrations
const { pluginImportFontAwesomeIcons } = require("./plugins/font-awesome");
import path from "path";

// We will only show the update time if the environment variable is set to true.
function showLastUpdateTime() {
const envValue = process.env.SHOW_LAST_UPDATE_TIME || "";
const trimmedValue = envValue.trim().toLowerCase();
if (trimmedValue === "true") {
return true;
}

return false;
}

/** @type {import('@docusaurus/types').Config} */
const config = {
title: "Palette",
Expand Down Expand Up @@ -81,13 +92,14 @@ const config = {
docs: {
path: "docs/docs-content",
showLastUpdateAuthor: false,
showLastUpdateTime: true,
showLastUpdateTime: showLastUpdateTime(),
routeBasePath: "/",
lastVersion: "current",
includeCurrentVersion: true,
versions: {
current: {
label: "latest",
banner: process.env.UNRELEASED_VERSION_BANNER == "true" ? "unreleased" : "none",
},
},
admonitions: {
Expand Down
2 changes: 1 addition & 1 deletion scripts/update_docusarus_config.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ const updateVersionsObject = (versionsObject) => {
const override = versionsOverride.find((item) => item.version === version) || {};

// Get the "banner" and "label" values from the override object, or use default values if not found
const bannerValue = override.banner || "none";
const bannerValue = override.banner || process.env.UNRELEASED_VERSION_BANNER == "true" ? "unreleased" : "none";
const labelValue = override.label || `v${version}`;

// Create a new object property with the version as the key and an object expression as the value
Expand Down

0 comments on commit 8c77931

Please sign in to comment.