diff --git a/.github/workflows/cluster-scanner-librarium.yaml b/.github/workflows/cluster-scanner-librarium.yaml new file mode 100644 index 0000000000..7cfe6eb889 --- /dev/null +++ b/.github/workflows/cluster-scanner-librarium.yaml @@ -0,0 +1,87 @@ +name: Cluster Scanner + +on: + # Every Tuesday and Friday at 17 UTC + schedule: + - cron: "0 17 * * 2,5" + workflow_dispatch: + +jobs: + scan-clusters: + name: cluster-scan + runs-on: ubuntu-latest + strategy: + max-parallel: 1 + matrix: + environment: [PROD, DEV, STAGE] + + steps: + - name: Checkout Palette Samples Repository + uses: actions/checkout@v4 + with: + repository: spectrocloud/palette-samples + + - name: Set Up Go + uses: actions/setup-go@v5 + with: + go-version-file: "scripts/cluster-scanner/go.mod" + + - name: Install Dependencies + working-directory: scripts/cluster-scanner + run: go get ./... + + - name: Set Environment Variables Based on Environment + run: | + if [ "${{ matrix.environment }}" = "DEV" ]; then + echo "PALETTE_API_KEY=${{ secrets.SCAN_PALETTE_API_KEY_DEV }}" >> $GITHUB_ENV + echo "PALETTE_HOST=${{ secrets.SCAN_PALETTE_HOST_DEV }}" >> $GITHUB_ENV + elif [ "${{ matrix.environment }}" = "PROD" ]; then + echo "PALETTE_API_KEY=${{ secrets.SCAN_PALETTE_API_KEY_PROD }}" >> $GITHUB_ENV + echo "PALETTE_HOST=${{ secrets.SCAN_PALETTE_HOST_PROD }}" >> $GITHUB_ENV + else + echo "PALETTE_API_KEY=${{ secrets.SCAN_PALETTE_API_KEY_STAGE }}" >> $GITHUB_ENV + echo "PALETTE_HOST=${{ secrets.SCAN_PALETTE_HOST_STAGE }}" >> $GITHUB_ENV + fi + + - name: Build and Run the App + working-directory: scripts/cluster-scanner + env: + PALETTE_API_KEY: ${{ env.PALETTE_API_KEY }} + PALETTE_HOST: ${{ env.PALETTE_HOST }} + run: | + set -e + go build -o cluster-scanner + ./cluster-scanner | tee result.log + + - name: Get Clusters With More Than 24 Hours and Format Output + working-directory: scripts/cluster-scanner + run: | + if grep -q "The following clusters have been running" result.log; then + echo "CLUSTERS_FOUND=true" >> $GITHUB_ENV + { + echo 'LOG_MESSAGE<> "$GITHUB_ENV" + fi + + - name: Send Slack Notification + if: ${{ success() && env.CLUSTERS_FOUND == 'true' }} + uses: rtCamp/action-slack-notify@v2.3.2 + env: + SLACK_WEBHOOK: ${{ secrets.SLACK_PRIVATE_TEAM_WEBHOOK }} + SLACK_COLOR: "good" + SLACKIFY_MARKDOWN: true + ENABLE_ESCAPES: true + SLACK_MESSAGE: ${{ env.LOG_MESSAGE }} + + - name: Slack Notification on Failure + if: ${{ failure() }} + uses: rtCamp/action-slack-notify@v2.3.2 + env: + SLACK_WEBHOOK: ${{ secrets.SLACK_PRIVATE_TEAM_WEBHOOK }} + SLACK_COLOR: "danger" + SLACKIFY_MARKDOWN: true + ENABLE_ESCAPES: true + SLACK_MESSAGE: "The cluster scan job for `${{ github.workflow }}` in `${{ github.repository }}` failed. [View details](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})." \ No newline at end of file diff --git a/.github/workflows/dependabot.yaml b/.github/workflows/dependabot.yaml index 3cae05d3f9..7c2c595404 100644 --- a/.github/workflows/dependabot.yaml +++ b/.github/workflows/dependabot.yaml @@ -27,6 +27,7 @@ env: PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }} DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }} DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }} + SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }} DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }} jobs: diff --git a/.github/workflows/nightly-docker-build.yaml b/.github/workflows/nightly-docker-build.yaml index 5dd718e910..7a29a4d202 100644 --- a/.github/workflows/nightly-docker-build.yaml +++ b/.github/workflows/nightly-docker-build.yaml @@ -22,6 +22,7 @@ env: PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }} DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }} DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }} + SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }} DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }} jobs: diff --git a/.github/workflows/post_release.yaml b/.github/workflows/post_release.yaml index c13c236286..bdce898b4c 100644 --- a/.github/workflows/post_release.yaml +++ b/.github/workflows/post_release.yaml @@ -23,6 +23,7 @@ env: PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }} DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }} DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }} + SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }} DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }} jobs: diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index dabb023e14..63b3c8bbea 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -32,6 +32,7 @@ env: PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }} DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }} DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }} + SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }} DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }} jobs: diff --git a/.github/workflows/release-branch-pr.yaml b/.github/workflows/release-branch-pr.yaml index fca642d4a1..cc32fd6915 100644 --- a/.github/workflows/release-branch-pr.yaml +++ b/.github/workflows/release-branch-pr.yaml @@ -29,6 +29,7 @@ env: PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }} DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }} DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }} + SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }} DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }} diff --git a/.github/workflows/release-preview.yaml b/.github/workflows/release-preview.yaml index c99d3ec3bd..4eb00acc1f 100644 --- a/.github/workflows/release-preview.yaml +++ b/.github/workflows/release-preview.yaml @@ -25,7 +25,9 @@ env: PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }} DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }} DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }} + SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }} DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }} + UNRELEASED_VERSION_BANNER: true concurrency: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 564726591e..b805c466fb 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -35,6 +35,7 @@ env: PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }} DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }} DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }} + SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }} DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }} diff --git a/.github/workflows/screenshot_capture.yaml b/.github/workflows/screenshot_capture.yaml index 0316ce18be..6f09b2cc33 100644 --- a/.github/workflows/screenshot_capture.yaml +++ b/.github/workflows/screenshot_capture.yaml @@ -27,6 +27,7 @@ env: PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }} DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }} DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }} + SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }} DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }} diff --git a/.github/workflows/visual-comparison.yaml b/.github/workflows/visual-comparison.yaml index 44a3198c9b..8ab9a221b9 100644 --- a/.github/workflows/visual-comparison.yaml +++ b/.github/workflows/visual-comparison.yaml @@ -25,7 +25,8 @@ env: ALGOLIA_INDEX_NAME: ${{ secrets.ALGOLIA_INDEX_NAME }} HTML_REPORT_URL_PATH: reports/${{ github.head_ref }}/${{ github.run_id }}/${{ github.run_attempt }} DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }} - DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }} + DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }} + SHOW_LAST_UPDATE_TIME: ${{ secrets.SHOW_LAST_UPDATE_TIME }} DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }} diff --git a/Makefile b/Makefile index b496a72393..45d7bd4d07 100644 --- a/Makefile +++ b/Makefile @@ -87,6 +87,7 @@ init: ## Initialize npm dependencies grep -q "^ALGOLIA_INDEX_NAME=" .env || echo "\nALGOLIA_INDEX_NAME=spectrocloud" >> .env grep -q "^DSO_AUTH_TOKEN=" .env || echo "\nDISABLE_SECURITY_INTEGRATIONS=true\nDSO_AUTH_TOKEN=" >> .env grep -q "^PALETTE_API_KEY=" .env || echo "\nDISABLE_PACKS_INTEGRATIONS=true" >> .env + grep -q "^SHOW_LAST_UPDATE_TIME=" .env || echo "\nSHOW_LAST_UPDATE_TIME=false" >> .env npx husky install start: ## Start a local development server diff --git a/README.md b/README.md index 0e35052690..58a28cab7a 100644 --- a/README.md +++ b/README.md @@ -98,6 +98,13 @@ PALETTE_API_KEY="" > [Create API Key](https://docs.spectrocloud.com/user-management/authentication/api-key/create-api-key/) guide to learn > how to create a Palette API key. +By default, last update times are hidden on local development. You can enable them by setting the +`SHOW_LAST_UPDATE_TIME` variable in you `.env` file. + +```shell +SHOW_LAST_UPDATE_TIME=true +``` + ## Documentation Content Create a branch to keep track of all your changes. @@ -1201,3 +1208,13 @@ Librarium provides the following exit codes. These exit codes are returned by bo | `5` | The command failed due to errors received from the API service related to packs. These requests are issued by the [Packs Component](#packs-component) and librarium cannot start without loading packs, either from the API service or the [cached packs data](#cached-packs-data) | | `7` | The command failed due to errors received from the API service related to security bulletins. These requests are issued by the [CVE script](./utils/cves/index.js) and librarium cannot start without loading the security bulletins. The [Build with Cached CVE](./.github/actions/build-cached-cves/action.yaml) action is built to handle this exit situation and build with cached CVEs. You can issue the command `make get-cached-cves` to fetch cached CVEs to build locally. | | Any other non-zero exit code. | The command failed due to another error. Check the command output. | + +## Unreleased Version Banner + +The `UNRELEASED_VERSION_BANNER` environment variable is used to determine if the unreleased version banner should be +displayed. The default value is `false`. If you want to display the unreleased version banner, set the +`UNRELEASED_VERSION_BANNER` environment variable to `true`. + +```shell +export UNRELEASED_VERSION_BANNER=true +``` diff --git a/docs/docs-content/release-notes/known-issues.md b/docs/docs-content/release-notes/known-issues.md index 2c003ba4f8..a709d723dc 100644 --- a/docs/docs-content/release-notes/known-issues.md +++ b/docs/docs-content/release-notes/known-issues.md @@ -16,6 +16,7 @@ The following table lists all known issues that are currently active and affecti | Description | Workaround | Publish Date | Product Component | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | ---------------------------- | +| Clusters that are currently deployed and attempting to upgrade from Kubernetes version 1.31.1 to newer versions are getting stuck in the upgrade state. This issue also affects Day-2 operations related to changes in the Kubernetes layer YAML for clusters on Kubernetes version 1.31.1. The root of the problem is an internal conversion error stemming from an internal type change introduced in Kubernetes version 1.31.x. | Avoid upgrading Kubernetes clusters from version 1.31.1 or modifying the Kubernetes YAML as a Day-2 operation on clusters with Kubernetes 1.31.1. You can deploy new clusters using version 1.31.4, as new deployments are unaffected by the issue. If you upgraded and the cluster remains stuck, revert the change and downgrade to version 1.31.1. | January 19, 2025 | Clusters, Packs | | For clusters deployed with [agent mode](../deployment-modes/agent-mode/agent-mode.md) on Palette agent version 4.5.14, having a custom `stylus.path` defined in the **user-data** file causes Kubernetes upgrades to fail. This affects all Kubernetes packs. | No workaround available. Refer to [Identify the Target Agent Version](../clusters/edge/cluster-management/agent-upgrade-airgap.md#identify-the-target-agent-version) for guidance in retrieving your Palette agent version number. | January 19, 2025 | Edge | | For clusters deployed with and [agent mode](../deployment-modes/agent-mode/agent-mode.md) on Palette agent version 4.5.14, adding a custom `stylus.path` to the **user-data** file causes cluster creation to fail as it cannot find [kubeadm](https://kubernetes.io/docs/reference/setup-tools/kubeadm/). | Review the [Edge Troubleshooting](../troubleshooting/edge.md) section for workarounds. Refer to [Identify the Target Agent Version](../clusters/edge/cluster-management/agent-upgrade-airgap.md#identify-the-target-agent-version) for guidance in retrieving your Palette agent version number. | January 19, 2025 | Edge | | For clusters deployed with and [agent mode](../deployment-modes/agent-mode/agent-mode.md), upgrades to higher Kubernetes versions are not supported with Palette agent version 4.5.12 or earlier. | No workaround available. Upgrades to higher Kubernetes versions are only supported from Palette agent version 4.5.14 and above for clusters deployed with PXK-E and agent mode. Refer to [Identify the Target Agent Version](../clusters/edge/cluster-management/agent-upgrade-airgap.md#identify-the-target-agent-version) for guidance in retrieving your Palette agent version number. | January 19, 2025 | Edge | diff --git a/docs/docs-content/release-notes/release-notes.md b/docs/docs-content/release-notes/release-notes.md index 540e14eb72..20ca600f06 100644 --- a/docs/docs-content/release-notes/release-notes.md +++ b/docs/docs-content/release-notes/release-notes.md @@ -78,6 +78,16 @@ about the rolling upgrade strategy. [Image Pull Secret](../enterprise-version/install-palette/install-on-kubernetes/palette-helm-ref.md#image-pull-secret) section of the Palette Helm Chart documentation to learn more about using custom image pull secrets. +#### Known Issues + +- Clusters that are currently deployed and attempting to upgrade from Kubernetes version 1.31.1 to newer versions are + getting stuck in the upgrade state. This issue also affects Day-2 operations related to changes in the Kubernetes + layer YAML for clusters on Kubernetes version 1.31.1. The root of the problem is an internal conversion error stemming + from a change introduced in Kubernetes version 1.31.x. clusters from version 1.31.1 or modifying the Kubernetes YAML + as a Day-2 operation on clusters with Kubernetes 1.31.1. You can deploy new clusters using version 1.31.4, as new + deployments are unaffected by the issue. If you upgraded and the cluster remains stuck, revert the change and + downgrade to version 1.31.1. + ### Edge #### Features diff --git a/docusaurus.config.js b/docusaurus.config.js index 76f80064e4..49928a8fc7 100644 --- a/docusaurus.config.js +++ b/docusaurus.config.js @@ -10,6 +10,17 @@ const { pluginPacksAndIntegrationsData } = require("./plugins/packs-integrations const { pluginImportFontAwesomeIcons } = require("./plugins/font-awesome"); import path from "path"; +// We will only show the update time if the environment variable is set to true. +function showLastUpdateTime() { + const envValue = process.env.SHOW_LAST_UPDATE_TIME || ""; + const trimmedValue = envValue.trim().toLowerCase(); + if (trimmedValue === "true") { + return true; + } + + return false; +} + /** @type {import('@docusaurus/types').Config} */ const config = { title: "Palette", @@ -81,13 +92,14 @@ const config = { docs: { path: "docs/docs-content", showLastUpdateAuthor: false, - showLastUpdateTime: true, + showLastUpdateTime: showLastUpdateTime(), routeBasePath: "/", lastVersion: "current", includeCurrentVersion: true, versions: { current: { label: "latest", + banner: process.env.UNRELEASED_VERSION_BANNER == "true" ? "unreleased" : "none", }, }, admonitions: { diff --git a/scripts/update_docusarus_config.js b/scripts/update_docusarus_config.js index d79bd3b4fa..0ff44d76ef 100644 --- a/scripts/update_docusarus_config.js +++ b/scripts/update_docusarus_config.js @@ -70,7 +70,7 @@ const updateVersionsObject = (versionsObject) => { const override = versionsOverride.find((item) => item.version === version) || {}; // Get the "banner" and "label" values from the override object, or use default values if not found - const bannerValue = override.banner || "none"; + const bannerValue = override.banner || process.env.UNRELEASED_VERSION_BANNER == "true" ? "unreleased" : "none"; const labelValue = override.label || `v${version}`; // Create a new object property with the version as the key and an object expression as the value