kube-workflow - npm Package Compare versions

Comparing version 1.2.2 to 1.2.3

.git/objects/pack/pack-a4e52bc8dd40cfc746b37b5a321eb371849d1dce.idx

.git/objects/pack/pack-a4e52bc8dd40cfc746b37b5a321eb371849d1dce.pack

CHANGELOG.md

		@@ -5,2 +5,15 @@ # Changelog

		### [1.2.3](https://github.com/SocialGouv/kube-workflow/compare/v1.2.2...v1.2.3) (2022-03-23)


		### Bug Fixes

		* force retag ([58b8ae2](https://github.com/SocialGouv/kube-workflow/commit/58b8ae2230d7f3bc4e14f1d4adbf69cfa453dbbf))
		* job add psp ([4618de7](https://github.com/SocialGouv/kube-workflow/commit/4618de7c4df6617699f1bbccc0ad46527939a847))
		* kapp override existing resources ([cb2d9c9](https://github.com/SocialGouv/kube-workflow/commit/cb2d9c932217c5e648872ff91470517f61b31e47))
		* security context ([79c0a6d](https://github.com/SocialGouv/kube-workflow/commit/79c0a6d06879c3b9a0060c90e772d16850cfe25e))
		* security context ([867ee47](https://github.com/SocialGouv/kube-workflow/commit/867ee47668eaa0fd52aaafb00b535452dc1e7185))
		* security context ([4975ed9](https://github.com/SocialGouv/kube-workflow/commit/4975ed9c89127ba453aaa74fba9d51e8fc872a46))
		* security context option ([e335f1f](https://github.com/SocialGouv/kube-workflow/commit/e335f1f5b4e563915f6560ab30b399a682be6826))

		### [1.2.2](https://github.com/SocialGouv/kube-workflow/compare/v1.2.1...v1.2.2) (2022-03-22)
		@@ -7,0 +20,0 @@

package.json

		{
		"name": "kube-workflow",
		"version": "1.2.2",
		"version": "1.2.3",
		"repository": "git@github.com:SocialGouv/kube-workflow.git",
		@@ -55,4 +55,10 @@ "license": "MIT",
		"build-manifests": "node action/build/build.js",
		"release": "standard-version"
		"release": "standard-version",
		"retag": "git tag -f $(git describe --tags $(git rev-list --tags --max-count=1) \| cut -d '.' -f 1)"
		},
		"standard-version": {
		"scripts": {
		"posttag": "yarn retag && git push -f --tags"
		}
		},
		"bin": {
		@@ -59,0 +65,0 @@ "kube-workflow": "./bin/cli.js"

268

README.md

		@@ -1,10 +0,12 @@
		# `socialgouv/kube-workflow` 🚀
		Deploy application over kubernetes
		# Kube-Workflow - CI on Kubernetes 🚀

		## Call it in review, preprod, and prod github workflows
		## GitHub Action Entrypoint

		Call it in review, preprod, and prod github workflows

		`.github/workflow/review.yaml`
		```yaml
		- uses: SocialGouv/kube-workflow@master
		with:
		environment: "dev"
		environment: dev
		token: ${{ secrets.GITHUB_TOKEN }}
		@@ -14,8 +16,8 @@ kubeconfig: ${{ secrets.KUBECONFIG }}
		rancherProjectName: ${{ secrets.RANCHER_PROJECT_NAME }}
		imagePackage: app
		# imageName: fabrique/www
		# components: app hasura
		```

		## Configure your project's Helm Charts values
		You can configure your project by adding `.kube-workflow/common/values.yaml` and `.kube-workflow/$ENVIRONMENT/values.yaml`.
		## Configure your project
		`.kube-workflow/common/values.yaml`

		```yaml
		@@ -25,15 +27,123 @@ # here you define variables shared by all helm subcharts/components

		# here you can configure components values, key same name as in `components` sections
		# here you can configure components values
		app:
		enabled: true
		containerPort: 80
		enabled: true # enable each component
		containerPort: 3000
		```

		Here is the order, the last in the list is the last applied:
		- `$KUBEWORKFLOW_ACTION/chart/values.yaml` (the defaults)
		- default values generated by the pipeline [$KUBEWORKFLOW_ACTION/action/values.js](action/values.js)
		- `.kube-workflow/common/values.yaml` (the common project's config)
		- `.kube-workflow/$ENVIRONMENT/values.yaml`

		From kube-workflow repository:
		- `$KUBEWORKFLOW_ACTION/charts/$COMPONENT/values.yaml` (the defaults)
		- default values generated by the pipeline [$KUBEWORKFLOW_ACTION/action/build/values.js](action/build/values.js)

		From your project repository:
		- `.kube-workflow/common/values.yaml`
		- `.kube-workflow/env/$ENVIRONMENT/values.yaml`

		## Generate manifests

		see kube manifests for your project directory
		```sh
		npx kube-workflow b -so
		```

		get documentation of kube-workflow cli
		```
		npx kube-workflow --help
		npx kube-workflow b --help
		```


		pre-requisites:
		- helm v3 [install guide](https://helm.sh/docs/intro/install/)
		```sh
		curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 \| bash
		```
		- kustomize v4 [install guide](https://kubectl.docs.kubernetes.io/installation/kustomize/binaries/)
		```sh
		curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" \| bash
		```
		- node >= 14
		- yarn


		## Components

		To see all components availables go to [charts folder](charts/):
		- [app](charts/app)
		- [hasura](charts/hasura)
		- [jobs](charts/jobs)
		- [maildev](charts/maildev)
		- [metabase](charts/metabase)
		- [pgweb](charts/pgweb)

		To see all availables options by component see each chart's values.yaml file:
		- [app](charts/app/values.yaml)
		- [hasura](charts/hasura/values.yaml)
		- [jobs](charts/jobs/values.yaml)
		- [maildev](charts/maildev/values.yaml)
		- [metabase](charts/metabase/values.yaml)
		- [pgweb](charts/pgweb/values.yaml)

		## Components instance

		You can declare as many instances as you want of a component, the name must start with the chart's name suffixed by `-`, eg:
		```yaml
		app:
		enabled: true
		host: ozensemble.fr
		redirectFrom:
		- "{{ .Values.global.host }}"
		- www.ozensemble.fr

		app-2nd-instance:
		enabled: true
		probesPath: /healthz
		envFrom:
		- secretRef:
		name: "{{ .Values.global.pgSecretName }}"
		- secretRef:
		name: app-sealed-secret
		- configMapRef:
		name: app-configmap

		```

		## The "jobs" component

		The component called "jobs" is a special component that allow you to define a full pipeline:

		```yaml
		hasura:
		needs: [db]

		jobs:
		enabled: true
		runs:
		- name: db
		# use: ./.kube-workflow/jobs/create-db # local job, defined in project repository
		# use: https://github.com/SocialGouv/kube-workflow/jobs/create-db # degit full url
		use: SocialGouv/kube-workflow/jobs/create-db # degit implicit github
		with:
		pgAdminSecretRefName: pg-scaleway
		```
		see [jobs/create-db/use.yaml](jobs/create-db/use.yaml) for full example.
		All vues from `runs` keys will be interpolated in the job, but you can also uses all parameters directly, except the `with` parameter that is reserved to be used with `use` and inject variable to the called job.

		All others components can declare dependencies on jobs using the `needs` key, and all jobs can declare depencencies on other jobs and other components too, using instances names.

		Mains jobs parameters are:
		- `use` and `with`: to include job definition from elsewhere, usage can be recursive (job can use job, that can use job etc...)
		- `image` the docker image file that will run the job (default is debian for now, in future this will be a generic image with almost all needed tooling)
		- `action` repository (or subfolder in a repository) that will be degitted in mountpoint `/action/` in the job execition
		- `run` a custom command that will override docker image default run, can be a full bash script or just a call to a command
		- `checkout` (default `true`), this enable the degit of the repository at current commit in mountpoint `/workspace/` in the job

		There is a shared storage volume between jobs of a same pipeline, it's mounted at `/workflow/` in the job execution, you can share artifacts between jobs in this directory.

		Same as other components, you can define multiple instance of jobs, for example, if you want to use one pipeline from a manual triggered action.

		## Merge commons manifests as helm templates
		Every yaml file in `.kube-workflow/templates` will be merged with the helm Chart `templates` folder before the build.
		Every yaml file in `.kube-workflow/common/templates` will be merged with the helm Chart `templates` folder before the build.

		@@ -51,11 +161,3 @@ All theses files can use the Helm templating syntax (or not if you don't need it, helm template is a superset of yaml).

		## Override and extends everything from your project
		Everything is overridable using filesystem merging.

		The `.kube-workflow` directoty of your project will be merged and eventually overwrite content of this repository `chart` directory.

		### Override the full Chart
		- You can optout from the generic Chart and define a new one by creating your own `Chart.yaml` in the directory `.kube-workflow/charts/kube-workflow`. More often, you can use kustomize to adjust the manifests.

		### Override and extends kustomizations
		## Override and extends kustomizations
		The kustomization patches are applied after Helm template rendering.
		@@ -101,65 +203,54 @@
		more_set_headers "X-Content-Type-Options: nosniff";
		```

		- target:
		kind: Deployment
		path: patches/kapp-delete-orphan.yaml
		- target:
		kind: Service
		path: patches/kapp-delete-orphan.yaml
		- target:
		kind: Ingress
		path: patches/kapp-delete-orphan.yaml
		If you think you patches can be reused by other project, contribute to [common/patches](common/patches) and `env/*/patches` folders of the action by sharing them.

		# - target:
		# kind: Service
		# path: patches/kapp.yaml
		## Charts re-use

		All charts are published and released as a chart repository at `https://socialgouv.github.io/kube-workflow/`.
		You can use it in your Chart.yaml as:
		```yaml
		dependencies:
		- repository: https://socialgouv.github.io/kube-workflow/
		name: kube-workflow
		version: "1"
		```
		`kube-workflow` is the "umbrella hcart" (the main chart in helm jargon), it contain namespace, psp and all others components as subcharts, you can call all components from subkeys in your values, global remain at top.

		If you think you patches can be reused by other project, contribute to [chart/patches](chart/patches) folder of the action by sharing them.
		## Releasing

		### Test Helm chart generation
		Releasing follow semantic versioning using standard-version tool. Versioning is volountary trigerred manually on dev machine too not block rapid iteration of master branch code.
		Just run `yarn release` on master branch and CHANGELOG will be feeded with informations from commits using the conventionnal commit standard, then package will be bumped, as the charts versions and commited, then tagged. Then just follow cli instruction that say: git push --follow-tags.
		Then the action will publish automatically new version of npm cli, and charts index.

		#### required:
		- helm v3 [install guide](https://helm.sh/docs/intro/install/)
		```sh
		curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 \| bash
		```
		- kustomize v4 [install guide](https://kubectl.docs.kubernetes.io/installation/kustomize/binaries/)
		```sh
		curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" \| bash
		```
		- node >= 16
		- yarn
		## CONTRIBUTING (developments on kube-workflow)

		#### developments on your project, easy test, got to your project directory
		### Test
		all directories added to [tests/samples](tests/samples) are like a `.kube-workflow` directory in a project, it will be automatically tested when you will run `yarn test`.
		To run only one test at once you can run `yarn test -t name-of-my-test`.
		To upgrade snapshots run `yarn test -u`.

		```sh
		npx kube-workflow b
		```
		### Contribute adding more Helm charts
		New charts are welcome in folder [charts/](charts/).
		More options on existing charts will be carefully design, in case of doubt, or if you don't want to wait, you can hack everything using kustomize from your repository. Feel free, then give us feedback to ensure we follow best practices and are preserving project maintainability.

		#### developments on kubeworkflow, test with local kube-workflow repository and local project
		Wee need:
		- oauth2-proxy-service
		... (many things that we don't know that we need until we'll have them)

		```sh
		# get kube-workflow
		export KUBEWORKFLOW_PATH=$PWD/kube-workflow
		git clone https://github.com/SocialGouv/kube-workflow $KUBEWORKFLOW_PATH
		yarn --cwd $KUBEWORKFLOW_PATH
		### Contribute adding more kustomize patches
		New patches are welcome in folders [common/patches/](common/patches/) and `env/*/patches/`

		# get the project repository, here template for example
		export WORKSPACE_PATH=$PWD/template
		git clone https://github.com/SocialGouv/template $WORKSPACE_PATH
		### Contribute adding more jobs
		New jobs are welcome in folder [jobs/](jobs/)

		# run manifest generation as snapshots using symlink to tests
		REPOSITORY_NAME=$(basename $WORKSPACE_PATH)
		ln -s $WORKSPACE_PATH/.kube-workflow $KUBEWORKFLOW_PATH/tests/samples/$REPOSITORY_NAME
		cd $KUBEWORKFLOW_PATH
		yarn test -t $REPOSITORY_NAME
		```
		wee need:
		- drop-db
		- docker-build (using buildkit)
		- generate-sitemap
		- comments publish to github pr
		...

		then check content of
		- `$KUBEWORKFLOW_PATH/tests/__snapshots__/
		- $REPOSITORY_NAME.dev.yaml
		- $REPOSITORY_NAME.preprod.yaml
		- $REPOSITORY_NAME.prod.yaml


		### Development resources
		@@ -178,30 +269,1 @@
		- [Kapp doc](https://carvel.dev/kapp/docs/v0.46.0/)


		### TODO
		#### documentation:
		- jobs workflow (needs, shared-storage, action, image, run, shell, uses)
		- tests
		- best-practices and contributing how-to add
		- charts
		- jobs
		- patches
		- options
		- tests

		#### features
		- add default runner image with all base tooling for actions

		#### repo cycle automation
		- build docker image for default runner image
		via itself with jobs/docker-build, et la boucle est bouclée

		#### more jobs
		- add jobs:
		- docker-build
		- run-workflow (to replace github action)
		triggerable by webhook (need to add webhook as app on argoCD before)

		#### more charts
		- add charts:
		- an oauth2 proxy service (?)

.git/objects/pack/pack-4e541903eb25de056999e6d46719f111361b30ad.idx

.git/objects/pack/pack-4e541903eb25de056999e6d46719f111361b30ad.pack

.git/config