Skip to content

Commit

Permalink
feat: burn the boats
Browse files Browse the repository at this point in the history
  • Loading branch information
mjnagel committed Jan 30, 2024
2 parents 1bdd963 + 29c7b8d commit d25c6bb
Show file tree
Hide file tree
Showing 14 changed files with 93 additions and 84 deletions.
30 changes: 0 additions & 30 deletions .github/workflows/pull-request-conditionals.yaml

This file was deleted.

32 changes: 18 additions & 14 deletions .github/workflows/test.yaml
Original file line number Diff line number Diff line change
@@ -1,25 +1,33 @@
name: Test package
name: Test

# This workflow is triggered on pull requests to the main branch.
on:
# Manual trigger
workflow_dispatch:

# Triggered by pull-request-conditionals.yaml
workflow_call:
pull_request:
paths:
- ".github/**"
- "bundle/**"
- "values/**"
- "tasks/**"
- "tests/**"
- "tasks.yaml"
- "zarf.yaml"

# Abort prior jobs in the same workflow / PR
concurrency:
group: test-${{ github.ref }}-${{ inputs.package }}
group: test-${{ github.ref }}
cancel-in-progress: true

permissions:
contents: read

jobs:
test:
runs-on: "uds-ubuntu-big-boy-16-core"
runs-on: "ubuntu-latest"
timeout-minutes: 20
name: Test
name: Deploy ${{ matrix.flavor }}
strategy:
matrix:
flavor: [upstream, registry1]

steps:
- name: Checkout repository
Expand All @@ -32,7 +40,7 @@ jobs:
run: zarf tools registry login -u "${{secrets.IRON_BANK_ROBOT_USERNAME}}" -p "${{secrets.IRON_BANK_ROBOT_PASSWORD}}" registry1.dso.mil

- name: Create test bundle
run: uds run create-test-bundle
run: uds run create-test-bundle --set FLAVOR=${{ matrix.flavor }}

- name: Setup cluster
run: uds run setup-cluster
Expand All @@ -43,10 +51,6 @@ jobs:
- name: Test package
run: uds run test-package

- name: Cleanup
if: always()
run: uds run cleanup

- name: Save logs
if: always()
uses: ./.github/actions/save-logs
2 changes: 1 addition & 1 deletion .release-please-manifest.json
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
{
".": "9.3.0-uds.1"
".": "9.3.0-uds.2"
}
8 changes: 8 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,14 @@

All notable changes to this project will be documented in this file.

## [9.3.0-uds.2](https://github.com/defenseunicorns/uds-package-mattermost/compare/v9.3.0-uds.1...v9.3.0-uds.2) (2024-01-30)


### Features

* add irsa/sa auth support ([f178a54](https://github.com/defenseunicorns/uds-package-mattermost/commit/f178a5422e0bc84bb591532015df8e9a7acb0b54))
* add irsa/sa auth support ([c3d5acb](https://github.com/defenseunicorns/uds-package-mattermost/commit/c3d5acb55e48fb4a92b62523b32ca2b90d181614))

## [9.3.0-uds.1](https://github.com/defenseunicorns/uds-package-mattermost/compare/v9.3.0-uds.0...v9.3.0-uds.1) (2024-01-29)


Expand Down
43 changes: 43 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,46 @@
# uds-package-mattermost

UDS Mattermost Zarf Package

## Dependencies

Mattermost requires two dependencies, postgres and s3 compatible object storage. Wiring Mattermost to your dependencies is done via secrets created in the `mattermost` namespace.

### Postgres

You should create a secret named `mattermost-postgres` with a single key containing the DB connection string like the following:

```yaml
apiVersion: v1
kind: Secret
metadata:
name: mattermost-postgres
namespace: mattermost
type: kubernetes.io/opaque
stringData:
DB_CONNECTION_STRING: "postgres://username:password@hostname:port/dbname?postgresoptions"
```
### S3 Compatible Object Storage
You should create a secret named `mattermost-object-store` with a number of keys matching the below:

```yaml
apiVersion: v1
kind: Secret
metadata:
name: mattermost-object-store
namespace: mattermost
type: kubernetes.io/opaque
stringData:
secure_connection: <true/false> # Typically false for insecure connections like MinIO
access_key: <your-access-key>
secret_key: <your-secret-key>
region: <your-region>
bucket: <your-bucket>
endpoint: <your-endpoint>
```

To use IRSA make sure to set the two keys to empty strings and add the appropriate annotations to the service account via `serviceAccount.annotations` (override in a UDS Bundle).

TODO: Figure out if this setup works and a better way to handle the keys...
4 changes: 2 additions & 2 deletions bundle/uds-bundle.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ metadata:
name: mattermost-test
description: A UDS bundle for deploying Mattermost and it's dependencies on a development cluster
# x-release-please-start-version
version: 9.3.0-uds.1
version: 9.3.0-uds.2
# x-release-please-end

packages:
Expand All @@ -22,5 +22,5 @@ packages:
- name: mattermost
path: ../
# x-release-please-start-version
ref: 9.3.0-uds.1
ref: 9.3.0-uds.2
# x-release-please-end
12 changes: 6 additions & 6 deletions src/dev-secrets/minio-secret.yaml
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
# Source: bigbang/templates/mattermost/secret-objectstore.yaml
apiVersion: v1
kind: Secret
metadata:
name: mattermost-object-store
namespace: mattermost
type: kubernetes.io/opaque
stringData:
MM_FILESETTINGS_AMAZONS3SSL: "false"
MM_FILESETTINGS_AMAZONS3ACCESSKEYID: ###ZARF_VAR_ACCESS_KEY###
MM_FILESETTINGS_AMAZONS3SECRETACCESSKEY: ###ZARF_VAR_SECRET_KEY###
MM_FILESETTINGS_AMAZONS3BUCKET: "uds-mattermost-dev"
MM_FILESETTINGS_AMAZONS3ENDPOINT: "minio.dev-minio.svc.cluster.local:9000"
secure_connection: "false"
access_key: ###ZARF_VAR_ACCESS_KEY###
secret_key: ###ZARF_VAR_SECRET_KEY###
region: "minio"
bucket: "uds-mattermost-dev"
endpoint: "minio.dev-minio.svc.cluster.local:9000"
2 changes: 1 addition & 1 deletion src/dev-secrets/postgres-secret.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,4 @@ metadata:
namespace: mattermost
type: kubernetes.io/opaque
stringData:
DB_CONNECTION_STRING: "postgres://mattermost:###ZARF_VAR_POSTGRES_DB_PASSWORD###@postgresql.dev-postgres.svc.cluster.local:5432/mattermostdb?connect_timeout=10&sslmode=disable"
db_connection_string: "postgres://mattermost:###ZARF_VAR_POSTGRES_DB_PASSWORD###@postgresql.dev-postgres.svc.cluster.local:5432/mattermostdb?connect_timeout=10&sslmode=disable"
1 change: 0 additions & 1 deletion tasks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,6 @@ tasks:

- name: test-package
actions:
- task: test:health-check
- task: test:ingress

- name: cleanup
Expand Down
2 changes: 1 addition & 1 deletion tasks/publish.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ variables:
- name: VERSION
description: The version of the package to build
# x-release-please-start-version
default: "9.3.0-uds.1"
default: "9.3.0-uds.2"
# x-release-please-end

tasks:
Expand Down
16 changes: 0 additions & 16 deletions tasks/test.yaml
Original file line number Diff line number Diff line change
@@ -1,20 +1,4 @@
tasks:
- name: health-check
actions:
- description: Mattermost Operator Health Check
wait:
cluster:
kind: Deployment
name: mattermost-operator
namespace: mattermost-operator

- description: Mattermost Health Check
wait:
cluster:
kind: Deployment
name: mattermost
namespace: mattermost

- name: ingress
actions:
- description: Mattermost UI Health Check
Expand Down
17 changes: 11 additions & 6 deletions values/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -59,27 +59,32 @@ mattermostApp:
- name: MM_FILESETTINGS_AMAZONS3SSL
valueFrom:
secretKeyRef:
key: MM_FILESETTINGS_AMAZONS3SSL
key: secure_connection
name: "mattermost-object-store"
- name: MM_FILESETTINGS_AMAZONS3ACCESSKEYID
valueFrom:
secretKeyRef:
key: MM_FILESETTINGS_AMAZONS3ACCESSKEYID
key: access_key
name: "mattermost-object-store"
- name: MM_FILESETTINGS_AMAZONS3SECRETACCESSKEY
valueFrom:
secretKeyRef:
key: MM_FILESETTINGS_AMAZONS3SECRETACCESSKEY
key: secret_key
name: "mattermost-object-store"
- name: MM_FILESETTINGS_AMAZONS3BUCKET
valueFrom:
secretKeyRef:
key: MM_FILESETTINGS_AMAZONS3BUCKET
key: bucket
name: "mattermost-object-store"
- name: MM_FILESETTINGS_AMAZONS3ENDPOINT
valueFrom:
secretKeyRef:
key: MM_FILESETTINGS_AMAZONS3ENDPOINT
key: endpoint
name: "mattermost-object-store"
- name: MM_FILESETTINGS_AMAZONS3REGION
valueFrom:
secretKeyRef:
key: region
name: "mattermost-object-store"
securityContext:
runAsUser: 2000
Expand All @@ -99,7 +104,7 @@ global:
useInternal: false
existingDatabaseSecret:
name: mattermost-postgres
key: DB_CONNECTION_STRING
key: db_connection_string
# The job server is only necessary on multi-node/enterprise clusters
# https://docs.mattermost.com/scale/high-availability-cluster.html#job-server
# It also will error due to its init container being blocked by Istio mTLS
Expand Down
2 changes: 1 addition & 1 deletion version.txt
Original file line number Diff line number Diff line change
@@ -1 +1 @@
9.3.0-uds.1
9.3.0-uds.2
6 changes: 1 addition & 5 deletions zarf.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,18 +4,14 @@ metadata:
name: mattermost
description: "UDS Mattermost Package"
# x-release-please-start-version
version: "9.3.0-uds.1"
version: "9.3.0-uds.2"
# x-release-please-end
architecture: amd64

variables:
- name: MATTERMOST_ENTERPRISE_LICENSE
default: ""
autoIndent: true
- name: MATTERMOST_BUCKET_SUFFIX
default: ""
- name: MATTERMOST_FILE_STORE_ENDPOINT
default: "minio"
- name: MATTERMOST_SSO_ENABLED
default: "false"
- name: MATTERMOST_SSO_CLIENT_ID
Expand Down

0 comments on commit d25c6bb

Please sign in to comment.