Skip to content

Commit

Permalink
chore: renovate config, remote tasks (#14)
Browse files Browse the repository at this point in the history
* chore: renovate config, remote tasks

* fix: flavor?

* Update create.yaml

* Update action.yaml

* remote publish
  • Loading branch information
mjnagel authored Feb 1, 2024
1 parent e177cbe commit bb6c574
Show file tree
Hide file tree
Showing 9 changed files with 72 additions and 101 deletions.
7 changes: 1 addition & 6 deletions .github/actions/setup/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,6 @@ runs:
version: v0.32.1
download-init-package: true

- name: Use Node.js latest
uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
with:
node-version: 20

- name: Install k3d
shell: bash
run: curl -s https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | TAG=v5.6.0 bash
Expand All @@ -27,4 +22,4 @@ runs:
- name: Install UDS CLI
shell: bash
# renovate: datasource=github-tags depName=defenseunicorns/uds-cli versioning=semver
run: brew install defenseunicorns/tap/uds@0.5.3
run: brew install defenseunicorns/tap/uds@0.6.2
12 changes: 11 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,12 @@
# UDS Mattermost Package

This repo contains the UDS Mattermost Package along with an example bundle and UDS tasks for development.
This repo contains a UDS Package for [Mattermost](https://mattermost.com/), along with an example bundle and UDS tasks for development.

## Flavors

Two flavors of this package are produced at this time:
- `upstream`: This flavor uses the upstream images (same ones deployed by the chart by default) and is intended for a quick and seamless development experience
- `registry1` (amd64 architecture only): This flavor uses hardened images from [Ironbank](https://p1.dso.mil/services/iron-bank) and is intended for production environments

## Dependencies

Expand Down Expand Up @@ -43,3 +49,7 @@ To use IRSA make sure to NOT set the two key variables and add the appropriate r
- path: "serviceAccount.annotations.irsa/role-arn"
value: "arn:aws:iam::123456789:role/mattermost-role"
```

## Additional Config

Additional configuration can be done via overrides to configure a number of Mattermost properties like SSO. Check the full list of values in the config chart [here](./chart/values.yaml). If you find that you need something else exposed please open an issue!
105 changes: 44 additions & 61 deletions renovate.json
Original file line number Diff line number Diff line change
Expand Up @@ -4,104 +4,87 @@
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
":dependencyDashboard",
":semanticPrefixFixDepsChoreOthers",
"config:base",
"group:all",
"replacements:all",
"workarounds:all"
":semanticCommits",
":semanticCommitTypeAll(chore)",
"group:all"
],
"timezone": "America/New_York",
"branchConcurrentLimit": 0,
"prConcurrentLimit": 0,
"prHourlyLimit": 0,
"rebaseStalePrs": true,
"schedule": ["after 7am and before 9am every weekday"],
"dependencyDashboard": true,
"platform": "github",
"onboarding": false,
"requireConfig": false,
"dependencyDashboardTitle": "Renovate Dashboard 🤖",
"rebaseWhen": "conflicted",
"commitBodyTable": true,
"ignorePaths": ["archive/**"],
"suppressNotifications": ["prIgnoreNotification"],
"pre-commit": {
"enabled": true
},
"helm-values": {
"fileMatch": ["./.+\\.yaml$"]
},
"kubernetes": {
"fileMatch": ["\\.yaml$"],
"ignorePaths": [
"ansible",
"scripts",
".github"
]
},
"hostRules": [
{
"matchHost": "registry1.dso.mil",
"hostType": "docker",
"description": "Encrypted creds for registry1, scoped to this Github org using: https://github.com/renovatebot/renovate/blob/main/docs/usage/configuration-options.md#encrypted",
"encrypted": {
"username": "wcFMA/xDdHCJBTolARAAiYqwOfwkjFnb7ifSRLxTGwyh5K8sUv4LFnEt9+clanU0hAoab9qY+98XLG9F5q+JuNWW9XSRgEYvg21LPhpux+2n+sF/n5UHNEc0X2C9zPVKBzRBu4RoNlsWNdq+wQaznHuw/iKmcDKddB29GTcXAC27ON78ex4jW4GBBEIY75OYfWUVJl3VM8cbK3t5iPNeldmdtS/1rEe8U2tGRdYvkwbMjM1hscHfc5wK06zt8NKz874jpqDYs9jT3FVrJbG9FHoTsrLvC9cEknu1BR3+LrEEV2UTpN+xkLbkCiI9F3rHwwYrAKpm3VDxjieWP2PbAZcazPvqNrC12pR3QrdbIN+6w7Xc9lIOuCcR+nB1mCTaZv4wGYoHmXat/nW58wAHqGzEnkfgfW7/dXvvZPoV/54CW2B8/iEp3oCf/mHk6tM/nlaN0fOcyFuLthD2t3L8bZEU8v88Bpa9sZgQYTg8vO3zGZeXqTznmq8NfseCXezho0syBize/4c7NI67JoVGJGUtOSZ56cNJkmNEhzH3CCKoD+j6shrojQ1yPLFgfxMa1zkp0tcAJ2dMxBbdMiGRKJcnJLRUi3N0z5I+JdydSZlFFj6Y+w7jWs1cff3mTyFCyhK3USyz+pF/ctTwpWixWWR7Zu/I0lqOr90LMri0bjzOf3xWP0eV3Osbi40BmdjScgG2LbZNVbKesnxaKLqzeubgLz9aTVTjHfHWQ753t4Ge/NPq+618M8JXuujYRc/Hw4bm1G7NHTKxPhiHCmDu+wPsNvt+nUvyk9Wb72XHYNdA8bUjV1gHj/1oSc3yGjOyiyaxDUR+nkPB8B+tr1cMWcVczw",
"password": "wcFMA/xDdHCJBTolAQ/9FqgG7wEhIpomA4DpTgDIQdShdkpUHxRCAaOXOaYamKxmyqQgX0N55hVvMt100/JK0AomtTehrWjsyYmvOA5bi2QqkJgEu7Vk/Nyg+CeJj27lZnbZ2wkWhIPUUZKbnGzNg8vmFqeSbI/nhcwwG+1Iiy06pBf/NB1V8KeezD3ICPJAe7HfW5FYDpuAnqo4ktagTEcmKp9bSztAEmNVgS325mE+SB5oGI7zZre4WLDmYCcawCJfwE2HqiWp9E42oiyEgsAa2RNmy/9RLMRq8QmAJY9UuAMDgyRUKh1bVEh2rhg3pV8N8ImqD8a7y/b5HOH5SE1b459K7rUACimJf8GtQtuUmU3bEhhYzafbN8sB6PByOgWEqPKvcCffLghCzsene4lOyie48rC0UZSTRrNiebcLLeJTnkQsUNm8x6GN34mZU4qkBam7Isvdyc7BcSo2rvMbsuMJEuns8Ua3TQlAab1PXofHjwf7aDPee4hLtJsR75IdeWA3mhPKo2hnZ08cBDwhsB7aXYxrH3rXAbPx7FvgcxGA73gCFwNXLf6S2xHb+D7C/ny4z9XhIQk4BrxKlmPFlfpELoijHQ34VBilM/XkeICbtBJghE31X3Ef/LZdLBsR9gvT4nK+zRRLVnEqndO4YkHFOjwKWQxyaGmN+ZE5gSbPx0R1EBo7vM48merSdgGRZxfF5OodxM/b3+xxBe6CXqi5yYVeNf/Op/lH/5baX6LUQCYHSNPXPHMstFYQm9QBwn6rA2aOYXojRehYwj8ymQo0wJ0TgVtGHDu+ODhTiPjZV1Mm7vVkucl63FLCDe7odIAgNVMBRInDbGYhKmA+I7To1gU"
}
}
],
"regexManagers": [
{
"fileMatch": [".*\\.ya?ml$"],
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"# renovate: datasource=helm\n .*- name: (?<depName>.*?)\n *url: (?<registryUrl>.*?)\n *version: (?<currentValue>.*)\n"
"- name: (?<depName>.*?)\n *url: (?<registryUrl>.*?)\n *version: (?<currentValue>.*)\n",
"- name: (?<depName>.*?)\n *version: (?<currentValue>.*)\n *url: (?<registryUrl>.*?)\n",
"- name: (?<depName>.*?)\n *namespace: .*\n *url: (?<registryUrl>.*?)\n *version: (?<currentValue>.*)\n",
"- name: (?<depName>.*?)\n *namespace: .*\n *version: (?<currentValue>.*)\n *url: (?<registryUrl>.*?)\n"
],
"datasourceTemplate": "helm",
"extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?<version>.*)${{/if}}"
"datasourceTemplate": "helm"
},
{
"fileMatch": [".*\\.ya?ml$"],
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?( extractVersion=(?<extractVersion>.*?))?( registryUrl=(?<registryUrl>.*?))?\\s.*?:\\s*['\"]?(?<currentValue>.*?)['\"]?\\s"
"- [\"]?(?<depName>[^\"\n]*):(?<currentValue>[^\"\n]*)[\"]?"
],
"versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}",
"extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?<version>.*)${{/if}}"
"datasourceTemplate": "docker"
},
{
"fileMatch": [".*\\.ya?ml$"],
"depNameTemplate": "defenseunicorns/uds-cli",
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"# renovate: zarf-uri datasource=github-tags depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\s.*?uri: ['\"]https:\\/\\/github.com\\/defenseunicorns\\/zarf\\/releases\\/download\\/(?<currentValue>.*)\\/zarf_.*_Linux_amd64['\"]",
"# renovate: zarf-uri datasource=github-tags depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\s.*?uri: ['\"]https:\\/\\/github.com\\/defenseunicorns\\/zarf\\/releases\\/download\\/.*\\/zarf_(?<currentValue>.*)_Linux_amd64['\"]"
"# renovate: datasource=github-tags depName=defenseunicorns/uds-cli versioning=(?<versioning>[^\n]+)\n.*?uds@(?<currentValue>.*)"
],
"versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}",
"datasourceTemplate": "github-tags"
"datasourceTemplate": "github-tags",
"extractVersionTemplate": "^v(?<version>.*)$"
},
{
"fileMatch": [".*\/?zarf\\.ya?ml$"],
"depNameTemplate": "defenseunicorns/zarf",
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"-\\s+['\"](?<depName>[^:]+):(?<currentValue>.*)['\"]"
"# renovate: datasource=github-tags depName=defenseunicorns/zarf versioning=(?<versioning>.*?)\n.*?(version:) (?<currentValue>.*)"
],
"versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}",
"datasourceTemplate": "docker",
"extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?<version>.*)${{/if}}"
"datasourceTemplate": "github-tags"
},
{
"fileMatch": ["^Makefile$"],
"depNameTemplate": "defenseunicorns/uds-common-tasks",
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?( extractVersion=(?<extractVersion>.*?))?( registryUrl=(?<registryUrl>.*?))?\\s.*?=\\s*['\"]?(?<currentValue>.*?)['\"]?\\s"
"https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/(?<currentValue>[^/]+)/.*"
],
"versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}",
"extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?<version>.*)${{/if}}"
"datasourceTemplate": "github-tags"
}
],
"packageRules": [
"hostRules": [
{
"matchManagers": ["terraform"],
"matchDepTypes": ["module"],
"matchDatasources": ["github-tags", "git-tags"],
"versioning": "loose"
},
"matchHost": "registry1.dso.mil",
"hostType": "docker",
"description": "Encrypted creds for registry1, scoped to this Github org using: https://github.com/renovatebot/renovate/blob/main/docs/usage/configuration-options.md#encrypted",
"encrypted": {
"username": "wcFMA/xDdHCJBTolAQ/9FXYzgNUO6MJ9crVH8W1p5U8ecnK6yamVOBmKib+9Lu4dtldIzqJBObR8Ctvq+our0VTXbhuCU0AvghJO+Rbjij+sDK3VNL93ojD2Xcd3IHeZhz4U+K2VPIRKHGPTC2mfc9pRZ076hoRqeAPWYrtU3gtNk7ZedMX75+yEuUWax5wS0gIjHnbu/R8fLTadNPbdyRaVGYembtuF8P2hMorCrjAED07UNivnaJaNb6Dj72Bticwqs2gIStoed3S8luzUJIgOOdS9J4Dq3ybkSIWg3+GJQhLyKIhZpgbRQoMbYLQ/z7obT1xX0avXnjobb5rW445R0LXLXj4MokgGo1p5cA+AhP5JEk49w2uutzD3tPZB58edH4USOk4q/9MXNdXzvU5RxOA6ScGeh1JNa+62/N4HA8UtYEudTFOcHkt3xq6h5VKc5k7JbvkCso29wqC8AR5ctBzuLspnzxhPrjm/BcfB/FMnwJE2MbtBxa8R1Z5Hd1DEfsEV57mF7dtV0SIImV+l/4bK/1xz/G9v31u/5DrfkQR6DjAvX8w4zUZE5gHKGsZoeZEFuUc5YQuwdeWEg20Qah4v6rbDfJUzXj9vbyFLMdIomPkuWkNSDzg6oMWCmeQAeL3+ykjsVdoBoJCvHvFEpw4dlrdlnQK1VXsWSX7TTDkRuYKQUKbKIBOWOCXScgFDQwu+f0mUkmFX1MrAojYgfWyZ1hlUDGcsE4pvTWJKP1lHykRM/qPUVh/YXfayh5upYh2MXT44yqMHhyNJE/KlCTp9KXsdflm3kaCAhqEC746IbvBpPjz3DTA7nwLUhDB3K2Zi9t/kIhMQCbV+wI2FgA",
"password": "wcFMA/xDdHCJBTolAQ/6A4VHieAREvIZ35w9tpdLuvCysq3951xcwBD+o5A6QNYz9K5J0X4NDp2NF5FwEeEBgh3CGF7t/jXHdvvFUSo1wnTT0N+XoU4fXta1px9rkZssPWaMmqbmQ+KWXrEo7SMYK4nXBdExtIZ/j8XvjvTZ1apAh+ySW41eAKXbeQC+5I2rjDJegH6hI7kGkQDzmSAoaDX/Nw8seccozzOj9GEGxPbtF1UYJIfG0jZObf0GowXXCtCOEd5QcQQnzILIaiN0tgZgXrQKFehMTboi8rgYLtRI3LIObUjxl7O59q7ZBCkUuyt9nYF14i9PD8IltVdPsTrGpyK/yQMFrjHWkIPGFHZC9dLyjQlhTjMFBYdye9KGfoZHnKR5pXZw7JvCho/PaP3S8y4LXPJa7YHty0wEcP1eWT0b1hapHnsyDEJ22xyCz0hVFeUnXRPj3zSqBzn4+wVPZmxcCwuLNmu28JJ76SNYAf/4hTjlc2+8WasB/C8rNA+ASf+C6SsMMp677JffWXJtfJHgtPGV+gTCBITG7D8pkCVyIdoiGDv503QDiw59YdocEHkIaRw6EzSZ5XFEHz0mbnTZ7HgRYPklsQzVvetEOmctFdZgYZZ1hjVOkWIjiuSR+hDc3IT/TdXEohZxizAZAEmmsli0Q70m2EWJo1tUqxS9soQGKGQc/crIdpHSdgFfBI3gyKZP4ehv1WzYqrWlg1syDgbNllgEJIIBxv+ZI+QMJUF8SdtleMkxE6PYvc1bzpj6nTrM1oahiK8BUKS+cTpXQr1+LneL1mQ/4rSqNQO5ooBweej3Ql0cDNzjahfYc/1AwctQOdjZRpmGUs+RaMezgF8"
}
}
],
"packageRules": [
{
"matchPackagePatterns": ["big-bang/.*"],
"matchDatasources": ["mattermost-tags"],
"allowedVersions": "!/^v.*$/"
"matchFileNames": [".github/**"],
"excludePackageNames": ["defenseunicorns/zarf","defenseunicorns/uds-cli"],
"groupName": "githubactions",
"commitMessageTopic": "githubactions",
"pinDigests": true
}
]
}
8 changes: 4 additions & 4 deletions tasks.yaml
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
includes:
- cleanup: ./tasks/cleanup.yaml
- create: ./tasks/create.yaml
- deploy: ./tasks/deploy.yaml
- setup: ./tasks/setup.yaml
- deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.1.2/tasks/deploy.yaml
- setup: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.1.2/tasks/setup.yaml
- test: ./tasks/test.yaml

tasks:
Expand All @@ -26,11 +26,11 @@ tasks:

- name: deploy-package
actions:
- task: deploy:mattermost-package
- task: deploy:package

- name: deploy-test-bundle
actions:
- task: deploy:mattermost-test-bundle
- task: deploy:test-bundle

- name: test-package
actions:
Expand Down
13 changes: 6 additions & 7 deletions tasks/create.yaml
Original file line number Diff line number Diff line change
@@ -1,21 +1,20 @@
variables:
- name: FLAVOR
default: "registry1"
includes:
- create: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.1.2/tasks/create.yaml

tasks:
- name: mattermost-test-bundle
description: Create the UDS bundle with Mattermost and its dependencies
actions:
- task: mattermost-package
- task: create:package
- task: dependency-package
- cmd: uds create bundle --confirm --no-progress --architecture=${UDS_ARCH}
- task: create:test-bundle

- name: mattermost-package
description: Create the UDS Mattermost Zarf Package
actions:
- cmd: zarf package create --confirm --no-progress --architecture=${ZARF_ARCHITECTURE} --flavor ${FLAVOR}
- task: create:package

- name: dependency-package
description: Create the Minio, PostgreSQL, and Redis Dependency Zarf Packages
description: Create the Dependency Zarf Package
actions:
- cmd: zarf package create src/dev-secrets/ --confirm --no-progress --architecture=${UDS_ARCH}
10 changes: 0 additions & 10 deletions tasks/deploy.yaml

This file was deleted.

10 changes: 4 additions & 6 deletions tasks/publish.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
includes:
- publish: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.1.2/tasks/publish.yaml

variables:
- name: TARGET_REPO
default: oci://ghcr.io/defenseunicorns/packages/uds
Expand All @@ -21,9 +24,4 @@ tasks:
fi
- description: Publish the packages
cmd: |
set -e
zarf package publish zarf-package-mattermost-amd64-${VERSION}.tar.zst ${TARGET_REPO}
if [ "${FLAVOR}" != "registry1" ]; then
zarf package publish zarf-package-mattermost-arm64-${VERSION}.tar.zst ${TARGET_REPO}
fi
task: publish:package
5 changes: 0 additions & 5 deletions tasks/setup.yaml

This file was deleted.

3 changes: 2 additions & 1 deletion zarf.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ metadata:
# x-release-please-start-version
version: "9.4.1-uds.2"
# x-release-please-end
architecture: amd64

variables:
- name: SUBDOMAIN
Expand Down Expand Up @@ -51,6 +50,8 @@ components:
description: "Deploy Mattermost"
only:
flavor: registry1
cluster:
architecture: amd64
charts:
- name: uds-mattermost-config
namespace: mattermost
Expand Down

0 comments on commit bb6c574

Please sign in to comment.