From 5e2bea1fb7cb43f546cd1247e8273941bbe00d3b Mon Sep 17 00:00:00 2001 From: Marek Markiewka Date: Mon, 4 Oct 2021 15:39:35 +0200 Subject: [PATCH 01/10] implemented credentials for docker registries Signed-off-by: Marek Markiewka --- .gitignore | 6 +++- .../deployment/Deployment.groovy | 8 ++--- .../helm/helmrelease/ArgoCDRelease.groovy | 4 +-- .../deployment/helm/repotype/RepoType.groovy | 4 +-- .../docker/DockerWrapper.groovy | 18 ++++++++++- .../validation/Validator.groovy | 10 +++--- .../gitopsbuildlib/deployment/HelmTest.groovy | 8 +++-- .../helm/helmrelease/ArgoCDReleaseTest.groovy | 12 +++++-- .../helm/repotype/GitRepoTest.groovy | 4 ++- .../helm/repotype/HelmRepoTest.groovy | 4 ++- .../validation/ValidatorTest.groovy | 32 ++++++++++--------- vars/deployViaGitops.groovy | 25 ++++++++++++--- 12 files changed, 93 insertions(+), 42 deletions(-) diff --git a/.gitignore b/.gitignore index e8b1e20..dde869f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,8 @@ .idea *.iml maven-wrapper.jar -target/ \ No newline at end of file +target/ +.classpath +.factorypath +.project +.settings/ diff --git a/src/com/cloudogu/gitopsbuildlib/deployment/Deployment.groovy b/src/com/cloudogu/gitopsbuildlib/deployment/Deployment.groovy index 0445e26..9bf1f6c 100644 --- a/src/com/cloudogu/gitopsbuildlib/deployment/Deployment.groovy +++ b/src/com/cloudogu/gitopsbuildlib/deployment/Deployment.groovy @@ -4,7 +4,7 @@ import com.cloudogu.gitopsbuildlib.docker.DockerWrapper abstract class Deployment { - protected static String getKubectlImage() { 'lachlanevenson/k8s-kubectl:v1.19.3' } + protected static Map getKubectlImage() { [ image: 'lachlanevenson/k8s-kubectl:v1.19.3' ] } protected String extraResourcesFolder = "" static String getConfigDir() { '.config' } @@ -55,7 +55,7 @@ abstract class Deployment { String createConfigMap(String key, String filePath, String name, String namespace) { String configMap = "" - withDockerImage(kubectlImage) { + withDockerImage(kubectlImage as Map) { String kubeScript = "KUBECONFIG=${writeKubeConfig()} kubectl create configmap ${name} " + "--from-file=${key}=${filePath} " + "--dry-run=client -o yaml -n ${namespace}" @@ -65,8 +65,8 @@ abstract class Deployment { return configMap } - void withDockerImage(String image, Closure body) { - dockerWrapper.withDockerImage(image, body) + void withDockerImage(def imageConfig, Closure body) { + dockerWrapper.withDockerImage(imageConfig, body) } // Dummy kubeConfig, so we can use `kubectl --dry-run=client` diff --git a/src/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDRelease.groovy b/src/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDRelease.groovy index a2d02e7..b6b0f45 100644 --- a/src/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDRelease.groovy +++ b/src/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDRelease.groovy @@ -40,9 +40,9 @@ class ArgoCDRelease extends HelmRelease { return createHelmRelease(gitopsConfig.deployments.helm.chartName, application, gitopsConfig.buildImages.helm, mergedValuesFile) } - private String createHelmRelease(def chartPath, String application, def helmImage, String mergedValuesFile) { + private String createHelmRelease(def chartPath, String application, def helmImageConfig, String mergedValuesFile) { String helmRelease = "" - dockerWrapper.withDockerImage(helmImage) { + dockerWrapper.withDockerImage(helmImageConfig) { String templateScript = "helm template ${application} ${script.env.WORKSPACE}/.helmChartTempDir/chart/${chartPath} -f ${mergedValuesFile}" helmRelease = script.sh returnStdout: true, script: templateScript } diff --git a/src/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/RepoType.groovy b/src/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/RepoType.groovy index 1b18b80..5a5c15c 100644 --- a/src/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/RepoType.groovy +++ b/src/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/RepoType.groovy @@ -14,7 +14,7 @@ abstract class RepoType { abstract void prepareRepo(Map gitopsConfig, String helmChartTempDir, String chartRootDir) - void withDockerImage(String image, Closure body) { - dockerWrapper.withDockerImage(image, body) + void withDockerImage(def imageConfig, Closure body) { + dockerWrapper.withDockerImage(imageConfig, body) } } diff --git a/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy b/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy index 8bd6dbc..2e5f22f 100644 --- a/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy +++ b/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy @@ -7,7 +7,23 @@ class DockerWrapper { this.script = script } - void withDockerImage(String image, Closure body) { + void withDockerImage(def imageConfig, Closure body) { + if(imageConfig.containsKey('registryCredentialsId') && imageConfig.registryCredentialsId) { + def registryUrl = getRegistryUrlFromImage(imageConfig.image) + script.docker.withRegistry(registryUrl, imageConfig.registryCredentialsId) { + runDockerImage(imageConfig.image, body) + } + } else { + runDockerImage(imageConfig.image, body) + } + } + + private String getRegistryUrlFromImage(String image) { + int i = s.lastIndexOf('/') + return s.substring(0, i) + } + + private void runDockerImage(String image, Closure body) { script.docker.image(image).inside( // Allow accessing WORKSPACE even when we are in a child dir (using "dir() {}") "${script.pwd().equals(script.env.WORKSPACE) ? '' : "-v ${script.env.WORKSPACE}:${script.env.WORKSPACE} "}" + diff --git a/src/com/cloudogu/gitopsbuildlib/validation/Validator.groovy b/src/com/cloudogu/gitopsbuildlib/validation/Validator.groovy index 4274f17..f7ed449 100644 --- a/src/com/cloudogu/gitopsbuildlib/validation/Validator.groovy +++ b/src/com/cloudogu/gitopsbuildlib/validation/Validator.groovy @@ -18,7 +18,7 @@ abstract class Validator { void validate(boolean enabled, GitopsTool gitopsTool, SourceType sourceType, String targetDirectory, Map validatorConfig, Map gitopsConfig) { if (enabled && getSupportedGitopsTools().contains(gitopsTool) && getSupportedSourceTypes().contains(sourceType)) { script.echo "Starting validator ${this.getClass().getSimpleName()} for ${gitopsTool.name()} in ${sourceType.name()} resources" - withDockerImage(getImage(gitopsConfig, validatorConfig)) { + withDockerImage(getImageConfig(gitopsConfig, validatorConfig)) { validate(targetDirectory, validatorConfig, gitopsConfig) } } else { @@ -30,13 +30,13 @@ abstract class Validator { abstract SourceType[] getSupportedSourceTypes() abstract GitopsTool[] getSupportedGitopsTools() - protected void withDockerImage(String image, Closure body) { - dockerWrapper.withDockerImage(image, body) + protected void withDockerImage(def imageConfig, Closure body) { + dockerWrapper.withDockerImage(imageConfig, body) } - protected String getImage(Map gitopsConfig, Map validatorConfig) { + protected getImageConfig(Map gitopsConfig, Map validatorConfig) { if (validatorConfig.containsKey('image')) { - return validatorConfig.image + return [ image: validatorConfig.image ] } else if (validatorConfig.containsKey('imageRef') && gitopsConfig.buildImages.containsKey(validatorConfig.imageRef)) { return gitopsConfig.buildImages[validatorConfig.imageRef] } else { diff --git a/test/com/cloudogu/gitopsbuildlib/deployment/HelmTest.groovy b/test/com/cloudogu/gitopsbuildlib/deployment/HelmTest.groovy index 518d76f..eccc6d0 100644 --- a/test/com/cloudogu/gitopsbuildlib/deployment/HelmTest.groovy +++ b/test/com/cloudogu/gitopsbuildlib/deployment/HelmTest.groovy @@ -40,8 +40,12 @@ class HelmTest { ] ], buildImages: [ - helm: 'helmImage', - kubectl: 'kubectlImage' + helm: [ + image: 'helmImage', + ], + kubectl: [ + image: 'kubectlImage' + ] ], deployments: deployment, validators: [ diff --git a/test/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDReleaseTest.groovy b/test/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDReleaseTest.groovy index 5382ee1..4ed06d7 100644 --- a/test/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDReleaseTest.groovy +++ b/test/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDReleaseTest.groovy @@ -24,7 +24,9 @@ class ArgoCDReleaseTest { ] ], buildImages: [ - helm: 'helmImg' + helm: [ + image: 'helmImg' + ] ] ], 'namespace', @@ -47,7 +49,9 @@ class ArgoCDReleaseTest { ] ], buildImages: [ - helm: 'helmImg' + helm: [ + image: 'helmImg' + ] ] ], 'namespace', @@ -70,7 +74,9 @@ class ArgoCDReleaseTest { ] ], buildImages: [ - helm: 'helmImg' + helm: [ + image: 'helmImg' + ] ] ], 'namespace', diff --git a/test/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/GitRepoTest.groovy b/test/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/GitRepoTest.groovy index 6f52712..3c8c816 100644 --- a/test/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/GitRepoTest.groovy +++ b/test/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/GitRepoTest.groovy @@ -14,7 +14,9 @@ class GitRepoTest { void 'merges values successfully'() { gitRepo.prepareRepo([ buildImages: [ - helm: 'helmImage' + helm: [ + image: 'helmImage' + ] ], deployments: [ helm: [ diff --git a/test/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/HelmRepoTest.groovy b/test/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/HelmRepoTest.groovy index 76aa2a0..04174ca 100644 --- a/test/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/HelmRepoTest.groovy +++ b/test/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/HelmRepoTest.groovy @@ -13,7 +13,9 @@ class HelmRepoTest { void 'merges values successfully'() { helmRepo.prepareRepo([ buildImages: [ - helm: 'helmImage' + helm: [ + image: 'helmImage' + ] ], deployments: [ helm: [ diff --git a/test/com/cloudogu/gitopsbuildlib/validation/ValidatorTest.groovy b/test/com/cloudogu/gitopsbuildlib/validation/ValidatorTest.groovy index 86d4381..4842d38 100644 --- a/test/com/cloudogu/gitopsbuildlib/validation/ValidatorTest.groovy +++ b/test/com/cloudogu/gitopsbuildlib/validation/ValidatorTest.groovy @@ -10,22 +10,23 @@ class ValidatorTest { def scriptMock = new ScriptMock() def dockerMock = scriptMock.dockerMock def validator = new ValidatorUnderTest(scriptMock.mock) - boolean closureCalled = false boolean validateCalled = false @Test void 'withDockerImage mounts workspace'() { - validator.validate(true, GitopsTool.ARGO, SourceType.HELM, "helmDir", [ + validator.validate(true, GitopsTool.ARGO, SourceType.HELM, "helmDir", + [ imageRef: 'helm' ], - [ + [ buildImages: [ - helm: 'helmImage' + helm: [ + image: 'helmImage' + ] ] ]) assertThat(dockerMock.actualImages[0]).isEqualTo('helmImage') assertThat(dockerMock.actualInsideArgs[0]).isEqualTo('-v workspace:workspace --entrypoint=""') - assertThat(closureCalled).as("Closure was not called").isTrue() assertThat(validateCalled).as("Validate was not called").isTrue() } @@ -37,12 +38,13 @@ class ValidatorTest { ], [ buildImages: [ - helm: 'helmImageNotBeingUsed' + helm: [ + image: 'helmImageNotBeingUsed' + ] ] ]) assertThat(dockerMock.actualImages[0]).isEqualTo('helmImage') assertThat(dockerMock.actualInsideArgs[0]).isEqualTo('--entrypoint=""') - assertThat(closureCalled).as("Closure was not called").isTrue() assertThat(validateCalled).as("Validate was not called").isTrue() } @@ -64,14 +66,14 @@ class ValidatorTest { @Test void 'get null if no imageRef or image is set in validator'() { - def output = validator.getImage([:], [:]) + def output = validator.getImageConfig([:], [:]) assertThat(output).isEqualTo(null) } @Test void 'get image if specifically set in validator while also having an imageRef'() { - def output = validator.getImage( + def output = validator.getImageConfig( [ buildImages: [ notUsedImage: 'nope' @@ -81,13 +83,15 @@ class ValidatorTest { image: 'realImage', imageRef: 'buildimage.notUsedImage' ]) + + def expected = [image: 'realImage'] - assertThat(output).isEqualTo('realImage') + assertThat(output).isEqualTo(expected) } @Test void 'get image if specifically set in validator whisle also having an imageRef'() { - def output = validator.getImage( + def output = validator.getImageConfig( [ buildImages: [ usedImage: 'yes' @@ -108,11 +112,9 @@ class ValidatorTest { } @Override - void validate(String targetDirectory, Map config, Map gitopsConfig) { + void validate(String targetDirectory, Map validatorConfig, Map gitopsConfig) { + println "validatorundertest validate" validateCalled = true - withDockerImage('') { - closureCalled = true - } } @Override diff --git a/vars/deployViaGitops.groovy b/vars/deployViaGitops.groovy index 974e072..d8c9ddd 100644 --- a/vars/deployViaGitops.groovy +++ b/vars/deployViaGitops.groovy @@ -23,12 +23,27 @@ Map getDefaultConfig() { cesBuildLibCredentialsId: '', mainBranch : 'main', buildImages : [ - helm: 'ghcr.io/cloudogu/helm:3.5.4-1', - kubectl: 'lachlanevenson/k8s-kubectl:v1.19.3', + helm: [ + registryCredentialsId: '', + image: 'ghcr.io/cloudogu/helm:3.5.4-1' + ], + kubectl: [ + registryCredentialsId: '', + image: 'lachlanevenson/k8s-kubectl:v1.19.3' + ], // We use the helm image (that also contains kubeval plugin) to speed up builds by allowing to reuse image - kubeval: 'ghcr.io/cloudogu/helm:3.5.4-1', - helmKubeval: 'ghcr.io/cloudogu/helm:3.5.4-1', - yamllint: 'cytopia/yamllint:1.25-0.7' + kubeval: [ + registryCredentialsId: '', + image: 'ghcr.io/cloudogu/helm:3.5.4-1' + ], + helmKubeval: [ + registryCredentialsId: '', + image: 'ghcr.io/cloudogu/helm:3.5.4-1' + ], + yamllint: [ + registryCredentialsId: '', + image: 'cytopia/yamllint:1.25-0.7' + ] ], deployments : [ sourcePath: 'k8s', From 34cd27f3521d5aef0ebc861dac3c2843a0f0d3e3 Mon Sep 17 00:00:00 2001 From: Marek Markiewka Date: Mon, 4 Oct 2021 18:18:05 +0200 Subject: [PATCH 02/10] fixed parameter bug Signed-off-by: Marek Markiewka --- src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy b/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy index 2e5f22f..cb2aeec 100644 --- a/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy +++ b/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy @@ -19,8 +19,8 @@ class DockerWrapper { } private String getRegistryUrlFromImage(String image) { - int i = s.lastIndexOf('/') - return s.substring(0, i) + int i = image.lastIndexOf('/') + return image.substring(0, i) } private void runDockerImage(String image, Closure body) { From 9b632c623edd93d3721e3568194613c0b4ae0ff0 Mon Sep 17 00:00:00 2001 From: Marek Markiewka <5881806+marekzan@users.noreply.github.com> Date: Mon, 11 Oct 2021 16:23:40 +0200 Subject: [PATCH 03/10] added protocol to registry url --- src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy b/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy index cb2aeec..0e954db 100644 --- a/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy +++ b/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy @@ -10,7 +10,7 @@ class DockerWrapper { void withDockerImage(def imageConfig, Closure body) { if(imageConfig.containsKey('registryCredentialsId') && imageConfig.registryCredentialsId) { def registryUrl = getRegistryUrlFromImage(imageConfig.image) - script.docker.withRegistry(registryUrl, imageConfig.registryCredentialsId) { + script.docker.withRegistry("https://${registryUrl}", imageConfig.registryCredentialsId) { runDockerImage(imageConfig.image, body) } } else { From 39f3276ec7d4dceed0352a5c7dca614f233eaf0a Mon Sep 17 00:00:00 2001 From: Marek Markiewka <5881806+marekzan@users.noreply.github.com> Date: Mon, 11 Oct 2021 19:19:38 +0200 Subject: [PATCH 04/10] using kubectl image from config --- src/com/cloudogu/gitopsbuildlib/deployment/Deployment.groovy | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/com/cloudogu/gitopsbuildlib/deployment/Deployment.groovy b/src/com/cloudogu/gitopsbuildlib/deployment/Deployment.groovy index 9bf1f6c..c98a05f 100644 --- a/src/com/cloudogu/gitopsbuildlib/deployment/Deployment.groovy +++ b/src/com/cloudogu/gitopsbuildlib/deployment/Deployment.groovy @@ -4,7 +4,6 @@ import com.cloudogu.gitopsbuildlib.docker.DockerWrapper abstract class Deployment { - protected static Map getKubectlImage() { [ image: 'lachlanevenson/k8s-kubectl:v1.19.3' ] } protected String extraResourcesFolder = "" static String getConfigDir() { '.config' } @@ -55,7 +54,7 @@ abstract class Deployment { String createConfigMap(String key, String filePath, String name, String namespace) { String configMap = "" - withDockerImage(kubectlImage as Map) { + withDockerImage(configMap.buildImages.kubectl) { String kubeScript = "KUBECONFIG=${writeKubeConfig()} kubectl create configmap ${name} " + "--from-file=${key}=${filePath} " + "--dry-run=client -o yaml -n ${namespace}" From 243ac51865a0ecdc2eb8677dad5155e9d6dc0e00 Mon Sep 17 00:00:00 2001 From: Marek Markiewka <5881806+marekzan@users.noreply.github.com> Date: Wed, 13 Oct 2021 12:22:18 +0200 Subject: [PATCH 05/10] added namespace to argo helm release --- .../helm/helmrelease/ArgoCDRelease.groovy | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDRelease.groovy b/src/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDRelease.groovy index b6b0f45..daa68b8 100644 --- a/src/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDRelease.groovy +++ b/src/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDRelease.groovy @@ -18,14 +18,14 @@ class ArgoCDRelease extends HelmRelease { String helmRelease = "" if (helmConfig.repoType == 'GIT') { - helmRelease = createResourcesFromGitRepo(gitopsConfig, application, mergedValuesFile) + helmRelease = createResourcesFromGitRepo(gitopsConfig, application, namespace, mergedValuesFile) } else if (helmConfig.repoType == 'HELM') { - helmRelease = createResourcesFromHelmRepo(gitopsConfig, application, mergedValuesFile) + helmRelease = createResourcesFromHelmRepo(gitopsConfig, application, namespace, mergedValuesFile) } return helmRelease } - private String createResourcesFromGitRepo(Map gitopsConfig, String application, String mergedValuesFile) { + private String createResourcesFromGitRepo(Map gitopsConfig, String application, String namespace, String mergedValuesFile) { Map helmConfig = gitopsConfig.deployments.helm def chartPath = '' @@ -33,17 +33,17 @@ class ArgoCDRelease extends HelmRelease { chartPath = helmConfig.chartPath } - return createHelmRelease(chartPath as String, application, gitopsConfig.buildImages.helm, mergedValuesFile) + return createHelmRelease(chartPath as String, application, namespace, gitopsConfig.buildImages.helm, mergedValuesFile) } - private String createResourcesFromHelmRepo(Map gitopsConfig, String application, String mergedValuesFile) { - return createHelmRelease(gitopsConfig.deployments.helm.chartName, application, gitopsConfig.buildImages.helm, mergedValuesFile) + private String createResourcesFromHelmRepo(Map gitopsConfig, String application, String namespace, String mergedValuesFile) { + return createHelmRelease(gitopsConfig.deployments.helm.chartName, application, namespace, gitopsConfig.buildImages.helm, mergedValuesFile) } - private String createHelmRelease(def chartPath, String application, def helmImageConfig, String mergedValuesFile) { + private String createHelmRelease(def chartPath, String application, String namespace, def helmImageConfig, String mergedValuesFile) { String helmRelease = "" dockerWrapper.withDockerImage(helmImageConfig) { - String templateScript = "helm template ${application} ${script.env.WORKSPACE}/.helmChartTempDir/chart/${chartPath} -f ${mergedValuesFile}" + String templateScript = "helm template ${application} ${script.env.WORKSPACE}/.helmChartTempDir/chart/${chartPath} -n ${namespace} -f ${mergedValuesFile}" helmRelease = script.sh returnStdout: true, script: templateScript } From 8bcb4733207ecb3694ebb1a93f40ad89f280146c Mon Sep 17 00:00:00 2001 From: Marek Markiewka <5881806+marekzan@users.noreply.github.com> Date: Wed, 13 Oct 2021 12:26:21 +0200 Subject: [PATCH 06/10] added option for other mainbranches in helm git repositories --- .../deployment/helm/repotype/GitRepo.groovy | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/GitRepo.groovy b/src/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/GitRepo.groovy index 8e16e15..7ab838c 100644 --- a/src/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/GitRepo.groovy +++ b/src/com/cloudogu/gitopsbuildlib/deployment/helm/repotype/GitRepo.groovy @@ -32,9 +32,13 @@ class GitRepo extends RepoType { } else { git = script.cesBuildLib.Git.new(script) } - - git url: helmConfig.repoUrl, branch: 'main', changelog: false, poll: false - + + if (helmConfig.containsKey('mainBranch') && helmConfig.mainBranch) { + git url: helmConfig.repoUrl, branch: helmConfig.mainBranch, changelog: false, poll: false + } else { + git url: helmConfig.repoUrl, branch: 'main', changelog: false, poll: false + } + if(helmConfig.containsKey('version') && helmConfig.version) { git.fetch() git.checkout(helmConfig.version) From 8984cd811c893f5881b20a6446e6adeb36486c4f Mon Sep 17 00:00:00 2001 From: Marek Markiewka Date: Wed, 13 Oct 2021 12:42:18 +0200 Subject: [PATCH 07/10] adjusted tests Signed-off-by: Marek Markiewka --- .../cloudogu/gitopsbuildlib/deployment/Deployment.groovy | 2 +- .../gitopsbuildlib/deployment/DeploymentTest.groovy | 6 ++++++ .../deployment/helm/helmrelease/ArgoCDReleaseTest.groovy | 6 +++--- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/src/com/cloudogu/gitopsbuildlib/deployment/Deployment.groovy b/src/com/cloudogu/gitopsbuildlib/deployment/Deployment.groovy index c98a05f..ed16bcc 100644 --- a/src/com/cloudogu/gitopsbuildlib/deployment/Deployment.groovy +++ b/src/com/cloudogu/gitopsbuildlib/deployment/Deployment.groovy @@ -54,7 +54,7 @@ abstract class Deployment { String createConfigMap(String key, String filePath, String name, String namespace) { String configMap = "" - withDockerImage(configMap.buildImages.kubectl) { + withDockerImage(gitopsConfig.buildImages.kubectl) { String kubeScript = "KUBECONFIG=${writeKubeConfig()} kubectl create configmap ${name} " + "--from-file=${key}=${filePath} " + "--dry-run=client -o yaml -n ${namespace}" diff --git a/test/com/cloudogu/gitopsbuildlib/deployment/DeploymentTest.groovy b/test/com/cloudogu/gitopsbuildlib/deployment/DeploymentTest.groovy index ccb04e9..b6eb337 100644 --- a/test/com/cloudogu/gitopsbuildlib/deployment/DeploymentTest.groovy +++ b/test/com/cloudogu/gitopsbuildlib/deployment/DeploymentTest.groovy @@ -23,6 +23,12 @@ class DeploymentTest { sourcePath: 'k8s', plain: [:] ], + buildImages: [ + kubectl: [ + image: "kubectlImage", + credentialsId: "credentials" + ] + ], validators: [ yamllint: [ validator: new Yamllint(scriptMock.mock), diff --git a/test/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDReleaseTest.groovy b/test/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDReleaseTest.groovy index 4ed06d7..7c93405 100644 --- a/test/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDReleaseTest.groovy +++ b/test/com/cloudogu/gitopsbuildlib/deployment/helm/helmrelease/ArgoCDReleaseTest.groovy @@ -33,7 +33,7 @@ class ArgoCDReleaseTest { 'this/is/a/valuesfile') assertThat(scriptMock.dockerMock.actualImages[0]).isEqualTo('helmImg') - assertThat(scriptMock.actualShArgs[0]).isEqualTo('[returnStdout:true, script:helm template app workspace/.helmChartTempDir/chart/path -f this/is/a/valuesfile]') + assertThat(scriptMock.actualShArgs[0]).isEqualTo('[returnStdout:true, script:helm template app workspace/.helmChartTempDir/chart/path -n namespace -f this/is/a/valuesfile]') } @Test @@ -58,7 +58,7 @@ class ArgoCDReleaseTest { 'this/is/a/valuesfile') assertThat(scriptMock.dockerMock.actualImages[0]).isEqualTo('helmImg') - assertThat(scriptMock.actualShArgs[0]).isEqualTo('[returnStdout:true, script:helm template app workspace/.helmChartTempDir/chart/ -f this/is/a/valuesfile]') + assertThat(scriptMock.actualShArgs[0]).isEqualTo('[returnStdout:true, script:helm template app workspace/.helmChartTempDir/chart/ -n namespace -f this/is/a/valuesfile]') } @Test @@ -83,6 +83,6 @@ class ArgoCDReleaseTest { 'this/is/a/valuesfile') assertThat(scriptMock.dockerMock.actualImages[0]).isEqualTo('helmImg') - assertThat(scriptMock.actualShArgs[0]).isEqualTo('[returnStdout:true, script:helm template app workspace/.helmChartTempDir/chart/chartName -f this/is/a/valuesfile]') + assertThat(scriptMock.actualShArgs[0]).isEqualTo('[returnStdout:true, script:helm template app workspace/.helmChartTempDir/chart/chartName -n namespace -f this/is/a/valuesfile]') } } From ad7e1815d6b5e5020c46e2463b8b0b909ed59a6d Mon Sep 17 00:00:00 2001 From: Marek Markiewka Date: Thu, 18 Nov 2021 13:49:10 +0100 Subject: [PATCH 08/10] changed naming set registryCredentialsId to credentialsId. This is now in line with the naming and behaviour of other credentialIds Signed-off-by: Marek Markiewka --- .../gitopsbuildlib/docker/DockerWrapper.groovy | 4 ++-- vars/deployViaGitops.groovy | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy b/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy index 0e954db..85821a5 100644 --- a/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy +++ b/src/com/cloudogu/gitopsbuildlib/docker/DockerWrapper.groovy @@ -8,9 +8,9 @@ class DockerWrapper { } void withDockerImage(def imageConfig, Closure body) { - if(imageConfig.containsKey('registryCredentialsId') && imageConfig.registryCredentialsId) { + if(imageConfig.containsKey('credentialsId') && imageConfig.credentialsId) { def registryUrl = getRegistryUrlFromImage(imageConfig.image) - script.docker.withRegistry("https://${registryUrl}", imageConfig.registryCredentialsId) { + script.docker.withRegistry("https://${registryUrl}", imageConfig.credentialsId) { runDockerImage(imageConfig.image, body) } } else { diff --git a/vars/deployViaGitops.groovy b/vars/deployViaGitops.groovy index d8c9ddd..50ec1fd 100644 --- a/vars/deployViaGitops.groovy +++ b/vars/deployViaGitops.groovy @@ -24,24 +24,24 @@ Map getDefaultConfig() { mainBranch : 'main', buildImages : [ helm: [ - registryCredentialsId: '', + credentialsId: '', image: 'ghcr.io/cloudogu/helm:3.5.4-1' ], kubectl: [ - registryCredentialsId: '', + credentialsId: '', image: 'lachlanevenson/k8s-kubectl:v1.19.3' ], // We use the helm image (that also contains kubeval plugin) to speed up builds by allowing to reuse image kubeval: [ - registryCredentialsId: '', + credentialsId: '', image: 'ghcr.io/cloudogu/helm:3.5.4-1' ], helmKubeval: [ - registryCredentialsId: '', + credentialsId: '', image: 'ghcr.io/cloudogu/helm:3.5.4-1' ], yamllint: [ - registryCredentialsId: '', + credentialsId: '', image: 'cytopia/yamllint:1.25-0.7' ] ], From 1f8a45dc6b6d483970661cc6551869e0ef96011c Mon Sep 17 00:00:00 2001 From: Marek Markiewka Date: Thu, 18 Nov 2021 14:14:11 +0100 Subject: [PATCH 09/10] fixed tests after adding credentialsid for buildimages we had to extend the dockermock to catch the arguments of dockers withregistry function. now we can check for these in our testcases Signed-off-by: Marek Markiewka --- test/com/cloudogu/gitopsbuildlib/DockerMock.groovy | 10 ++++++++++ .../gitopsbuildlib/deployment/DeploymentTest.groovy | 5 ++++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/test/com/cloudogu/gitopsbuildlib/DockerMock.groovy b/test/com/cloudogu/gitopsbuildlib/DockerMock.groovy index 72308f6..386aad1 100644 --- a/test/com/cloudogu/gitopsbuildlib/DockerMock.groovy +++ b/test/com/cloudogu/gitopsbuildlib/DockerMock.groovy @@ -11,6 +11,7 @@ import static org.mockito.Mockito.when class DockerMock { List actualInsideArgs = new LinkedList<>() + List actualRegistryArgs = new LinkedList<>() List actualImages = new LinkedList<>() Docker createMock() { @@ -24,6 +25,15 @@ class DockerMock { } }) + when(dockerMock.withRegistry(anyString(), anyString(), any())).thenAnswer(new Answer() { + @Override + Object answer(InvocationOnMock invocationOnMock) throws Throwable { + actualRegistryArgs += invocationOnMock.getArgument(0) + actualRegistryArgs += invocationOnMock.getArgument(1) + Closure closure = invocationOnMock.getArgument(2) + closure.call() + } + }) when(imageMock.mountJenkinsUser()).thenReturn(imageMock) when(imageMock.mountJenkinsUser(anyBoolean())).thenReturn(imageMock) when(imageMock.mountDockerSocket()).thenReturn(imageMock) diff --git a/test/com/cloudogu/gitopsbuildlib/deployment/DeploymentTest.groovy b/test/com/cloudogu/gitopsbuildlib/deployment/DeploymentTest.groovy index b6eb337..ce6007d 100644 --- a/test/com/cloudogu/gitopsbuildlib/deployment/DeploymentTest.groovy +++ b/test/com/cloudogu/gitopsbuildlib/deployment/DeploymentTest.groovy @@ -25,7 +25,7 @@ class DeploymentTest { ], buildImages: [ kubectl: [ - image: "kubectlImage", + image: "http://my-private-registry.com/repo/kubectlImage", credentialsId: "credentials" ] ], @@ -76,6 +76,9 @@ class DeploymentTest { deploymentUnderTest.createFileConfigmaps('staging') + assertThat(scriptMock.dockerMock.actualRegistryArgs[0]).isEqualTo('https://http://my-private-registry.com/repo') + assertThat(scriptMock.dockerMock.actualRegistryArgs[1]).isEqualTo('credentials') + assertThat(scriptMock.actualShArgs[0]).isEqualTo('[returnStdout:true, script:KUBECONFIG=pwd/.kube/config kubectl create configmap index --from-file=index.html=workspace/k8s/../index.html --dry-run=client -o yaml -n fluxv1-staging]') assertThat(scriptMock.actualWriteFileArgs[0]).isEqualTo('''[file:pwd/.kube/config, text:apiVersion: v1 From 8dd57d4e242f1707327b0ca1bf1e4e5733b58cc5 Mon Sep 17 00:00:00 2001 From: Marek Markiewka <5881806+marekzan@users.noreply.github.com> Date: Thu, 18 Nov 2021 15:00:28 +0100 Subject: [PATCH 10/10] Update README.md adjusted new buid image credentials options --- README.md | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 38d8fd6..3340118 100644 --- a/README.md +++ b/README.md @@ -330,12 +330,28 @@ All of these have set default images, but you can change them if you wish to. def gitopsConfig = [ buildImages: [ // These are used to run helm and kubectl commands in the core logic - helm: 'ghcr.io/cloudogu/helm:3.5.4-1', - kubectl: 'lachlanevenson/k8s-kubectl:v1.19.3', + // + helm: [ + image: 'ghcr.io/cloudogu/helm:3.5.4-1' + credentialsId: 'myCredentials' (optional - only needed if image is in a private repository. CredentialsId is getting pulled from Jenkins credentials) + ], + kubectl: [ + image: 'lachlanevenson/k8s-kubectl:v1.19.3' + credentialsId: 'myCredentials' (optional - only needed if image is in a private repository. CredentialsId is getting pulled from Jenkins credentials) + ], // These are used for each specific validator via an imageRef property inside the validators config. See [Validators] for examples. - kubeval: 'ghcr.io/cloudogu/helm:3.5.4-1', - helmKubeval: 'ghcr.io/cloudogu/helm:3.5.4-1', - yamllint: 'cytopia/yamllint:1.25-0.7' + kubeval: [ + image: 'ghcr.io/cloudogu/helm:3.5.4-1' + credentialsId: 'myCredentials' (optional - only needed if image is in a private repository. CredentialsId is getting pulled from Jenkins credentials) + ], + helmKubeval: [ + image: 'ghcr.io/cloudogu/helm:3.5.4-1' + credentialsId: 'myCredentials' (optional - only needed if image is in a private repository. CredentialsId is getting pulled from Jenkins credentials) + ], + yamllint: [ + image: 'cytopia/yamllint:1.25-0.7' + credentialsId: 'myCredentials' (optional - only needed if image is in a private repository. CredentialsId is getting pulled from Jenkins credentials) + ] ] ] ```