kube-workflow - npm Package Compare versions

Comparing version 1.4.13 to 1.5.0

.git/objects/pack/pack-0b16f21a46a65c02793736114d023b2f5e70c981.idx

.git/objects/pack/pack-0b16f21a46a65c02793736114d023b2f5e70c981.pack

charts/kube-workflow/templates/sa.yaml

jobs/seed-db/seed-db.sh

jobs/seed-db/use.yaml

CHANGELOG.md

		@@ -5,2 +5,9 @@ # Changelog

		## 1.5.0 (2022-04-04)


		### Features

		* add seed job ([559d2fd](https://github.com/SocialGouv/kube-workflow/commit/559d2fd8f194e23c6db35bcdd30c76adf9d15689))

		### 1.4.13 (2022-04-04)
		@@ -7,0 +14,0 @@

package.json

		{
		"name": "kube-workflow",
		"version": "1.4.13",
		"version": "1.5.0",
		"repository": "git@github.com:SocialGouv/kube-workflow.git",
		@@ -5,0 +5,0 @@ "license": "MIT",

README.md

		@@ -10,2 +10,3 @@ # Kube-Workflow - CI on Kubernetes 🚀
		`.github/workflow/review.yaml`

		```yaml
		@@ -23,2 +24,3 @@ - uses: SocialGouv/kube-workflow@master
		## Configure your project

		`.kube-workflow/common/values.yaml`
		@@ -39,2 +41,3 @@
		From kube-workflow repository:

		- `$KUBEWORKFLOW_ACTION/charts/$COMPONENT/values.yaml` (the defaults)
		@@ -44,2 +47,3 @@ - default values generated by the pipeline [$KUBEWORKFLOW_ACTION/action/build/values.js](action/build/values.js)
		From your project repository:

		- `.kube-workflow/common/values.yaml`
		@@ -51,2 +55,3 @@ - `.kube-workflow/env/$ENVIRONMENT/values.yaml`
		see kube manifests for your project directory

		```sh
		@@ -57,2 +62,3 @@ npx kube-workflow b -so
		get documentation of kube-workflow cli

		```
		@@ -63,4 +69,4 @@ npx kube-workflow --help

		pre-requisites:

		pre-requisites:
		- helm v3 [install guide](https://helm.sh/docs/intro/install/)
		@@ -77,6 +83,6 @@ ```sh


		## Components

		To see all components availables go to [charts folder](charts/):

		- [app](charts/app)
		@@ -90,2 +96,3 @@ - [hasura](charts/hasura)
		To see all availables options by component see each chart's values.yaml file:

		- [app](charts/app/values.yaml)
		@@ -101,2 +108,3 @@ - [hasura](charts/hasura/values.yaml)
		You can declare as many instances as you want of a component, the name must start with the chart's name suffixed by `-`, eg:

		```yaml
		@@ -120,3 +128,2 @@ app:
		name: app-configmap

		```
		@@ -130,3 +137,3 @@
		hasura:
		needs: [db]
		needs: [seed]

		@@ -142,3 +149,11 @@ jobs:
		pgAdminSecretRefName: pg-scaleway
		- name: seed
		needs: [db]
		# use: ./.kube-workflow/jobs/seed-db # local job, defined in project repository
		# use: https://github.com/SocialGouv/kube-workflow/jobs/seed-db # degit full url
		use: SocialGouv/kube-workflow/jobs/seed-db # degit implicit github
		with:
		seedPath: path/in/repo.sql
		```

		see [jobs/create-db/use.yaml](jobs/create-db/use.yaml) for full example.
		@@ -150,2 +165,3 @@ All vues from `runs` keys will be interpolated in the job, but you can also uses all parameters directly, except the `with` parameter that is reserved to be used with `use` and inject variable to the called job.
		Mains jobs parameters are:

		- `use` and `with`: to include job definition from elsewhere, usage can be recursive (job can use job, that can use job etc...)
		@@ -162,2 +178,3 @@ - `image` the docker image file that will run the job (default is debian for now, in future this will be a generic image with almost all needed tooling)
		## Merge commons manifests as helm templates

		Every yaml file in `.kube-workflow/common/templates` will be merged with the helm Chart `templates` folder before the build.
		@@ -170,2 +187,3 @@
		## Merge manifests per environment as helm templates

		Every yaml files in `.kube-workflow/env/$ENVIRONMENT/templates` will be merged with the helm Chart `templates` folder before the build, according to the `environment` input (dev \| preprod \| prod).
		@@ -178,2 +196,3 @@
		## Override and extends kustomizations

		The kustomization patches are applied after Helm template rendering.
		@@ -184,5 +203,6 @@
		To override it, create a file called `.kube-workflow/env/$ENVIRONMENT/kustomization.yaml` in your project and containing:

		```yaml
		resources:
		- ../../common
		- ../../common

		@@ -192,8 +212,10 @@ patches:
		```

		By doing this way you just optouted from generic kustomization for the selected environment.

		If you want (and more often you want) to keep the generic kustomization, containing some infra logic defined by the advised SRE team, you can extends it like this.

		```yaml
		resources:
		- ../../common.autodevops
		- ../../common.autodevops

		@@ -205,18 +227,19 @@ patches:
		You can do it as well for the common base file called by environment kustomizations, just add a file called `.kube-workflow/common/kustomization.yaml` in your project and containing:

		```yaml
		resources:
		# - ../base # here is if you want to optout
		- ../common.autodevops # here is if you want to extends from autodevops default settings
		# - ../base # here is if you want to optout
		- ../common.autodevops # here is if you want to extends from autodevops default settings

		patches:
		- target:
		kind: Ingress
		patch: \|
		- op: add
		path: "/metadata/annotations~1nginx.ingress.kubernetes.io~1configuration-snippet"
		value: \|
		more_set_headers "Content-Security-Policy: default-src 'none'; connect-src 'self' https://.gouv.fr; font-src 'self'; img-src 'self'; prefetch-src 'self' https://.gouv.fr; script-src 'self' https://.gouv.fr; frame-src 'self' https://.gouv.fr; style-src 'self' 'unsafe-inline'";
		more_set_headers "X-Frame-Options: deny";
		more_set_headers "X-XSS-Protection: 1; mode=block";
		more_set_headers "X-Content-Type-Options: nosniff";
		- target:
		kind: Ingress
		patch: \|
		- op: add
		path: "/metadata/annotations~1nginx.ingress.kubernetes.io~1configuration-snippet"
		value: \|
		more_set_headers "Content-Security-Policy: default-src 'none'; connect-src 'self' https://.gouv.fr; font-src 'self'; img-src 'self'; prefetch-src 'self' https://.gouv.fr; script-src 'self' https://.gouv.fr; frame-src 'self' https://.gouv.fr; style-src 'self' 'unsafe-inline'";
		more_set_headers "X-Frame-Options: deny";
		more_set_headers "X-XSS-Protection: 1; mode=block";
		more_set_headers "X-Content-Type-Options: nosniff";
		```
		@@ -230,8 +253,10 @@
		You can use it in your Chart.yaml as:

		```yaml
		dependencies:
		- repository: https://socialgouv.github.io/kube-workflow/
		name: kube-workflow
		version: "1"
		- repository: https://socialgouv.github.io/kube-workflow/
		name: kube-workflow
		version: "1"
		```

		`kube-workflow` is the "umbrella hcart" (the main chart in helm jargon), it contain namespace, psp and all others components as subcharts, you can call all components from subkeys in your values, global remain at top.
		@@ -241,9 +266,14 @@

		Releasing follow semantic versioning using standard-version tool. Versioning is volountary trigerred manually on dev machine too not block rapid iteration of master branch code.
		Just run `yarn release` on master branch and CHANGELOG will be feeded with informations from commits using the conventionnal commit standard, then package will be bumped, as the charts versions and commited, then tagged. Then just follow cli instruction that say: git push --follow-tags.
		Then the action will publish automatically new version of npm cli, and charts index.
		### Automatic

		Execute the [Trigger Release](https://github.com/SocialGouv/kube-workflow/actions/workflows/trigger-release.yml) workflow to trigger a new release of actions and helm charts.

		### Manual

		Releasing follow semantic versioning using [standard-version tool](https://github.com/conventional-changelog/standard-version). Versioning can be trigerred manually on dev machine to not block rapid iteration of master branch code : just run `yarn release` on master branch and CHANGELOG will be feeded with informations from commits using the conventionnal commit standard, then package will be bumped, as the charts versions and commited, then tagged. Then just follow cli instruction that say: `git push --follow-tags`. Then the action will publish automatically new version of npm cli, and charts index.

		## CONTRIBUTING (developments on kube-workflow)

		### Test

		all directories added to [tests/samples](tests/samples) are like a `.kube-workflow` directory in a project, it will be automatically tested when you will run `yarn test`.
		@@ -254,2 +284,3 @@ To run only one test at once you can run `yarn test -t name-of-my-test`.
		### Contribute adding more Helm charts

		New charts are welcome in folder [charts/](charts/).
		@@ -259,12 +290,16 @@ More options on existing charts will be carefully design, in case of doubt, or if you don't want to wait, you can hack everything using kustomize from your repository. Feel free, then give us feedback to ensure we follow best practices and are preserving project maintainability.
		Wee need:

		- oauth2-proxy-service
		... (many things that we don't know that we need until we'll have them)
		... (many things that we don't know that we need until we'll have them)

		### Contribute adding more kustomize patches

		New patches are welcome in folders [common/patches/](common/patches/) and `env/*/patches/`

		### Contribute adding more jobs

		New jobs are welcome in folder [jobs/](jobs/)

		wee need:

		- drop-db
		@@ -274,6 +309,4 @@ - docker-build (using buildkit)
		- comments publish to github pr
		...
		...



		### Development resources
		@@ -285,4 +318,4 @@

		Resources:

		Resources:
		- [Learn YAML in Y minutes](https://learnxinyminutes.com/docs/yaml/)
		@@ -289,0 +322,0 @@ - [JSON to YAML](https://www.json2yaml.com/)

.git/objects/pack/pack-c1d0d8ddd673720125f59616df63e28651d0cdf0.idx

.git/objects/pack/pack-c1d0d8ddd673720125f59616df63e28651d0cdf0.pack

.git/config