diff --git a/deployment-configuration/codefresh-template-dev.yaml b/deployment-configuration/codefresh-template-dev.yaml index 78460d49..1101f374 100644 --- a/deployment-configuration/codefresh-template-dev.yaml +++ b/deployment-configuration/codefresh-template-dev.yaml @@ -35,7 +35,7 @@ steps: commands: - bash cloud-harness/install.sh - export HELM_META_ARGS="$( [ -n "${{HARNESS_CHART_NAME}}" ] && printf -- "--name %s " "${{HARNESS_CHART_NAME}}"; [ -n "${{HARNESS_CHART_VERSION}}" ] && printf -- "--chart-version %s " "${{HARNESS_CHART_VERSION}}"; [ -n "${{HARNESS_APP_VERSION}}" ] && printf -- "--app-version %s" "${{HARNESS_APP_VERSION}}" )" - - harness-deployment $PATHS -d ${{DOMAIN}} -r ${{REGISTRY}} -rs '${{REGISTRY_SECRET}}' -n ${{NAMESPACE}} --write-env -e $ENV --cache-url '${{IMAGE_CACHE_URL}}' $HELM_META_ARGS $PARAMS + - harness-deployment $PATHS -d ${{DOMAIN}} -r ${{REGISTRY}} -rsn '${{REGISTRY_SECRET}}' -n ${{NAMESPACE}} --write-env -e $ENV --cache-url '${{IMAGE_CACHE_URL}}' $HELM_META_ARGS $PARAMS - cat deployment/.env >> ${{CF_VOLUME_PATH}}/env_vars_to_export - cat ${{CF_VOLUME_PATH}}/env_vars_to_export prepare_deployment_view: diff --git a/deployment-configuration/codefresh-template-prod.yaml b/deployment-configuration/codefresh-template-prod.yaml index 5511635a..a0e48534 100644 --- a/deployment-configuration/codefresh-template-prod.yaml +++ b/deployment-configuration/codefresh-template-prod.yaml @@ -31,7 +31,7 @@ steps: commands: - bash cloud-harness/install.sh - export HELM_META_ARGS="$( [ -n "${{HARNESS_CHART_NAME}}" ] && printf -- "--name %s " "${{HARNESS_CHART_NAME}}"; [ -n "${{HARNESS_CHART_VERSION}}" ] && printf -- "--chart-version %s " "${{HARNESS_CHART_VERSION}}"; [ -n "${{HARNESS_APP_VERSION}}" ] && printf -- "--app-version %s" "${{HARNESS_APP_VERSION}}" )" - - harness-deployment $PATHS -t ${{DEPLOYMENT_TAG}} -d ${{DOMAIN}} -r ${{REGISTRY}} -rs '${{REGISTRY_SECRET}}' -n ${{NAMESPACE}} -e $ENV --no-cd $HELM_META_ARGS $PARAMS + - harness-deployment $PATHS -t ${{DEPLOYMENT_TAG}} -d ${{DOMAIN}} -r ${{REGISTRY}} -rsn '${{REGISTRY_SECRET}}' -n ${{NAMESPACE}} -e $ENV --no-cd $HELM_META_ARGS $PARAMS prepare_deployment_view: commands: - "helm template ./deployment/helm --debug -n ${{NAMESPACE}}" diff --git a/deployment-configuration/codefresh-template-stage.yaml b/deployment-configuration/codefresh-template-stage.yaml index 82acaabf..dcbde4b2 100644 --- a/deployment-configuration/codefresh-template-stage.yaml +++ b/deployment-configuration/codefresh-template-stage.yaml @@ -34,7 +34,7 @@ steps: commands: - bash cloud-harness/install.sh - export HELM_META_ARGS="$( [ -n "${{HARNESS_CHART_NAME}}" ] && printf -- "--name %s " "${{HARNESS_CHART_NAME}}"; [ -n "${{HARNESS_CHART_VERSION}}" ] && printf -- "--chart-version %s " "${{HARNESS_CHART_VERSION}}"; [ -n "${{HARNESS_APP_VERSION}}" ] && printf -- "--app-version %s" "${{HARNESS_APP_VERSION}}" )" - - harness-deployment $PATHS -t ${{DEPLOYMENT_TAG}} -d ${{DOMAIN}} -r ${{REGISTRY}} -rs ${{REGISTRY_SECRET}} -n ${{NAMESPACE}} -e $ENV --no-cd $HELM_META_ARGS $PARAMS + - harness-deployment $PATHS -t ${{DEPLOYMENT_TAG}} -d ${{DOMAIN}} -r ${{REGISTRY}} -rsn ${{REGISTRY_SECRET}} -n ${{NAMESPACE}} -e $ENV --no-cd $HELM_META_ARGS $PARAMS prepare_deployment_view: commands: - "helm template ./deployment/helm --debug -n ${{NAMESPACE}}" diff --git a/deployment-configuration/codefresh-template-test.yaml b/deployment-configuration/codefresh-template-test.yaml index 8048bf47..588b76d5 100644 --- a/deployment-configuration/codefresh-template-test.yaml +++ b/deployment-configuration/codefresh-template-test.yaml @@ -34,7 +34,7 @@ steps: commands: - bash cloud-harness/install.sh - export HELM_META_ARGS="$( [ -n "${{HARNESS_CHART_NAME}}" ] && printf -- "--name %s " "${{HARNESS_CHART_NAME}}"; [ -n "${{HARNESS_CHART_VERSION}}" ] && printf -- "--chart-version %s " "${{HARNESS_CHART_VERSION}}"; [ -n "${{HARNESS_APP_VERSION}}" ] && printf -- "--app-version %s" "${{HARNESS_APP_VERSION}}" )" - - harness-deployment $PATHS -n test-${{NAMESPACE_BASENAME}} -d ${{DOMAIN}} -r ${{REGISTRY}} -rs ${{REGISTRY_SECRET}} -e $ENV --write-env --cache-url '${{IMAGE_CACHE_URL}}' -N $HELM_META_ARGS $PARAMS + - harness-deployment $PATHS -n test-${{NAMESPACE_BASENAME}} -d ${{DOMAIN}} -r ${{REGISTRY}} -rsn ${{REGISTRY_SECRET}} -e $ENV --write-env --cache-url '${{IMAGE_CACHE_URL}}' -N $HELM_META_ARGS $PARAMS - cat deployment/.env >> ${{CF_VOLUME_PATH}}/env_vars_to_export - cat ${{CF_VOLUME_PATH}}/env_vars_to_export prepare_deployment_view: diff --git a/deployment-configuration/helm/templates/auto-deployments.yaml b/deployment-configuration/helm/templates/auto-deployments.yaml index 1815f91c..daad9423 100644 --- a/deployment-configuration/helm/templates/auto-deployments.yaml +++ b/deployment-configuration/helm/templates/auto-deployments.yaml @@ -32,7 +32,7 @@ spec: spec: {{- if and .root.Values.registry.secret (contains .root.Values.registry.name .app.harness.deployment.image) }} imagePullSecrets: - - name: {{ .root.Values.registry.secret }} + - name: {{ .root.Values.registry.secret.name }} {{- end }} {{- if and .app.harness.deployment.volume }} {{- if or (not (hasKey .app.harness.deployment.volume "usenfs")) (not .app.harness.deployment.volume.usenfs) }} diff --git a/deployment-configuration/helm/templates/configmap.yaml b/deployment-configuration/helm/templates/configmap.yaml index 2888fda8..ae526553 100644 --- a/deployment-configuration/helm/templates/configmap.yaml +++ b/deployment-configuration/helm/templates/configmap.yaml @@ -10,6 +10,13 @@ metadata: data: allvalues.yaml: | {{- $values_copy := deepCopy .Values }} +{{- $registry := get $values_copy "registry" }} +{{- if $registry }} + {{- $secret := get $registry "secret" }} + {{- if and (kindIs "map" $secret) (not (empty $secret.value)) }} + {{- $tmp := set $registry "secret" nil }} + {{- end }} +{{- end }} {{- range $key, $val := .Values.apps }} {{- $app := get $values_copy.apps $key }} {{- $tmp := set $app.harness "secrets" dict }} diff --git a/deployment-configuration/helm/templates/registry-secret.yaml b/deployment-configuration/helm/templates/registry-secret.yaml new file mode 100644 index 00000000..4eb7700c --- /dev/null +++ b/deployment-configuration/helm/templates/registry-secret.yaml @@ -0,0 +1,19 @@ +{{- if and .Values.registry.name .Values.registry.secret.name }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.registry.secret.name | quote }} + namespace: {{ .Release.Namespace }} +type: kubernetes.io/dockerconfigjson +stringData: + .dockerconfigjson: |- + { + "auths": { + "{{ .Values.registry.name }}": { + "username": "_json_key", + "password": {{ .Values.registry.secret.value | toJson }}, + "auth": "{{ printf "_json_key:%s" .Values.registry.secret.value | b64enc }}" + } + } + } +{{- end }} \ No newline at end of file diff --git a/deployment-configuration/helm/values.yaml b/deployment-configuration/helm/values.yaml index ec38061b..8b83c047 100644 --- a/deployment-configuration/helm/values.yaml +++ b/deployment-configuration/helm/values.yaml @@ -13,6 +13,10 @@ registry: name: "localhost:5000" # -- Optional secret used for pulling from docker registry. secret: + # -- Secret name used for pulling from docker registry. + name: + # -- Value of the secret used for pulling from docker registry in json encoded format. + value: # -- Docker tag used to pull images. tag: latest # -- List of applications. @@ -85,4 +89,4 @@ proxy: requests: memory: "32Mi" limits: - memory: "64Mi" + memory: "64Mi" \ No newline at end of file diff --git a/deployment/codefresh-test.yaml b/deployment/codefresh-test.yaml index 5fee10af..82c15952 100644 --- a/deployment/codefresh-test.yaml +++ b/deployment/codefresh-test.yaml @@ -25,7 +25,7 @@ steps: -- "--chart-version %s " "${{HARNESS_CHART_VERSION}}"; [ -n "${{HARNESS_APP_VERSION}}" ] && printf -- "--app-version %s" "${{HARNESS_APP_VERSION}}" )" - harness-deployment . -n test-${{NAMESPACE_BASENAME}} -d ${{DOMAIN}} -r ${{REGISTRY}} - -rs ${{REGISTRY_SECRET}} -e test --write-env --cache-url '${{IMAGE_CACHE_URL}}' + -rsn ${{REGISTRY_SECRET}} -e test --write-env --cache-url '${{IMAGE_CACHE_URL}}' -N $HELM_META_ARGS -i samples - cat deployment/.env >> ${{CF_VOLUME_PATH}}/env_vars_to_export - cat ${{CF_VOLUME_PATH}}/env_vars_to_export @@ -42,28 +42,6 @@ steps: type: parallel stage: build steps: - cloudharness-base: - type: build - stage: build - dockerfile: infrastructure/base-images/cloudharness-base/Dockerfile - registry: '${{CODEFRESH_REGISTRY}}' - buildkit: true - build_arguments: - - NOCACHE=${{CF_BUILD_ID}} - image_name: cloud-harness/cloudharness-base - title: Cloudharness base - working_directory: ./. - tags: - - '${{CLOUDHARNESS_BASE_TAG}}' - - '${{DEPLOYMENT_PUBLISH_TAG}}-dev' - - '${{CF_BRANCH_TAG_NORMALIZED_LOWER_CASE}}' - when: - condition: - any: - buildDoesNotExist: includes('${{CLOUDHARNESS_BASE_TAG_EXISTS}}', '{{CLOUDHARNESS_BASE_TAG_EXISTS}}') - == true - forceNoCache: includes('${{CLOUDHARNESS_BASE_TAG_FORCE_BUILD}}', '{{CLOUDHARNESS_BASE_TAG_FORCE_BUILD}}') - == false cloudharness-frontend-build: type: build stage: build @@ -86,27 +64,27 @@ steps: '{{CLOUDHARNESS_FRONTEND_BUILD_TAG_EXISTS}}') == true forceNoCache: includes('${{CLOUDHARNESS_FRONTEND_BUILD_TAG_FORCE_BUILD}}', '{{CLOUDHARNESS_FRONTEND_BUILD_TAG_FORCE_BUILD}}') == false - accounts: + cloudharness-base: type: build stage: build - dockerfile: Dockerfile + dockerfile: infrastructure/base-images/cloudharness-base/Dockerfile registry: '${{CODEFRESH_REGISTRY}}' buildkit: true build_arguments: - NOCACHE=${{CF_BUILD_ID}} - image_name: cloud-harness/accounts - title: Accounts - working_directory: ./applications/accounts + image_name: cloud-harness/cloudharness-base + title: Cloudharness base + working_directory: ./. tags: - - '${{ACCOUNTS_TAG}}' + - '${{CLOUDHARNESS_BASE_TAG}}' - '${{DEPLOYMENT_PUBLISH_TAG}}-dev' - '${{CF_BRANCH_TAG_NORMALIZED_LOWER_CASE}}' when: condition: any: - buildDoesNotExist: includes('${{ACCOUNTS_TAG_EXISTS}}', '{{ACCOUNTS_TAG_EXISTS}}') + buildDoesNotExist: includes('${{CLOUDHARNESS_BASE_TAG_EXISTS}}', '{{CLOUDHARNESS_BASE_TAG_EXISTS}}') == true - forceNoCache: includes('${{ACCOUNTS_TAG_FORCE_BUILD}}', '{{ACCOUNTS_TAG_FORCE_BUILD}}') + forceNoCache: includes('${{CLOUDHARNESS_BASE_TAG_FORCE_BUILD}}', '{{CLOUDHARNESS_BASE_TAG_FORCE_BUILD}}') == false test-e2e: type: build @@ -131,12 +109,7 @@ steps: == true forceNoCache: includes('${{TEST_E2E_TAG_FORCE_BUILD}}', '{{TEST_E2E_TAG_FORCE_BUILD}}') == false - title: Build parallel step 1 - build_application_images_1: - type: parallel - stage: build - steps: - workflows-extract-download: + accounts: type: build stage: build dockerfile: Dockerfile @@ -144,22 +117,26 @@ steps: buildkit: true build_arguments: - NOCACHE=${{CF_BUILD_ID}} - - CLOUDHARNESS_BASE=${{REGISTRY}}/cloud-harness/cloudharness-base:${{CLOUDHARNESS_BASE_TAG}} - image_name: cloud-harness/workflows-extract-download - title: Workflows extract download - working_directory: ./applications/workflows/tasks/extract-download + image_name: cloud-harness/accounts + title: Accounts + working_directory: ./applications/accounts tags: - - '${{WORKFLOWS_EXTRACT_DOWNLOAD_TAG}}' + - '${{ACCOUNTS_TAG}}' - '${{DEPLOYMENT_PUBLISH_TAG}}-dev' - '${{CF_BRANCH_TAG_NORMALIZED_LOWER_CASE}}' when: condition: any: - buildDoesNotExist: includes('${{WORKFLOWS_EXTRACT_DOWNLOAD_TAG_EXISTS}}', - '{{WORKFLOWS_EXTRACT_DOWNLOAD_TAG_EXISTS}}') == true - forceNoCache: includes('${{WORKFLOWS_EXTRACT_DOWNLOAD_TAG_FORCE_BUILD}}', - '{{WORKFLOWS_EXTRACT_DOWNLOAD_TAG_FORCE_BUILD}}') == false - jupyterhub: + buildDoesNotExist: includes('${{ACCOUNTS_TAG_EXISTS}}', '{{ACCOUNTS_TAG_EXISTS}}') + == true + forceNoCache: includes('${{ACCOUNTS_TAG_FORCE_BUILD}}', '{{ACCOUNTS_TAG_FORCE_BUILD}}') + == false + title: Build parallel step 1 + build_application_images_1: + type: parallel + stage: build + steps: + workflows-notify-queue: type: build stage: build dockerfile: Dockerfile @@ -168,21 +145,21 @@ steps: build_arguments: - NOCACHE=${{CF_BUILD_ID}} - CLOUDHARNESS_BASE=${{REGISTRY}}/cloud-harness/cloudharness-base:${{CLOUDHARNESS_BASE_TAG}} - image_name: cloud-harness/jupyterhub - title: Jupyterhub - working_directory: ./applications/jupyterhub + image_name: cloud-harness/workflows-notify-queue + title: Workflows notify queue + working_directory: ./applications/workflows/tasks/notify-queue tags: - - '${{JUPYTERHUB_TAG}}' + - '${{WORKFLOWS_NOTIFY_QUEUE_TAG}}' - '${{DEPLOYMENT_PUBLISH_TAG}}-dev' - '${{CF_BRANCH_TAG_NORMALIZED_LOWER_CASE}}' when: condition: any: - buildDoesNotExist: includes('${{JUPYTERHUB_TAG_EXISTS}}', '{{JUPYTERHUB_TAG_EXISTS}}') - == true - forceNoCache: includes('${{JUPYTERHUB_TAG_FORCE_BUILD}}', '{{JUPYTERHUB_TAG_FORCE_BUILD}}') - == false - cloudharness-flask: + buildDoesNotExist: includes('${{WORKFLOWS_NOTIFY_QUEUE_TAG_EXISTS}}', + '{{WORKFLOWS_NOTIFY_QUEUE_TAG_EXISTS}}') == true + forceNoCache: includes('${{WORKFLOWS_NOTIFY_QUEUE_TAG_FORCE_BUILD}}', + '{{WORKFLOWS_NOTIFY_QUEUE_TAG_FORCE_BUILD}}') == false + samples-secret: type: build stage: build dockerfile: Dockerfile @@ -191,19 +168,19 @@ steps: build_arguments: - NOCACHE=${{CF_BUILD_ID}} - CLOUDHARNESS_BASE=${{REGISTRY}}/cloud-harness/cloudharness-base:${{CLOUDHARNESS_BASE_TAG}} - image_name: cloud-harness/cloudharness-flask - title: Cloudharness flask - working_directory: ./infrastructure/common-images/cloudharness-flask + image_name: cloud-harness/sampleapp-secret + title: Samples secret + working_directory: ./applications/samples/tasks/secret tags: - - '${{CLOUDHARNESS_FLASK_TAG}}' + - '${{SAMPLES_SECRET_TAG}}' - '${{DEPLOYMENT_PUBLISH_TAG}}-dev' - '${{CF_BRANCH_TAG_NORMALIZED_LOWER_CASE}}' when: condition: any: - buildDoesNotExist: includes('${{CLOUDHARNESS_FLASK_TAG_EXISTS}}', '{{CLOUDHARNESS_FLASK_TAG_EXISTS}}') + buildDoesNotExist: includes('${{SAMPLES_SECRET_TAG_EXISTS}}', '{{SAMPLES_SECRET_TAG_EXISTS}}') == true - forceNoCache: includes('${{CLOUDHARNESS_FLASK_TAG_FORCE_BUILD}}', '{{CLOUDHARNESS_FLASK_TAG_FORCE_BUILD}}') + forceNoCache: includes('${{SAMPLES_SECRET_TAG_FORCE_BUILD}}', '{{SAMPLES_SECRET_TAG_FORCE_BUILD}}') == false workflows-send-result-event: type: build @@ -228,7 +205,7 @@ steps: '{{WORKFLOWS_SEND_RESULT_EVENT_TAG_EXISTS}}') == true forceNoCache: includes('${{WORKFLOWS_SEND_RESULT_EVENT_TAG_FORCE_BUILD}}', '{{WORKFLOWS_SEND_RESULT_EVENT_TAG_FORCE_BUILD}}') == false - workflows-notify-queue: + cloudharness-flask: type: build stage: build dockerfile: Dockerfile @@ -237,21 +214,21 @@ steps: build_arguments: - NOCACHE=${{CF_BUILD_ID}} - CLOUDHARNESS_BASE=${{REGISTRY}}/cloud-harness/cloudharness-base:${{CLOUDHARNESS_BASE_TAG}} - image_name: cloud-harness/workflows-notify-queue - title: Workflows notify queue - working_directory: ./applications/workflows/tasks/notify-queue + image_name: cloud-harness/cloudharness-flask + title: Cloudharness flask + working_directory: ./infrastructure/common-images/cloudharness-flask tags: - - '${{WORKFLOWS_NOTIFY_QUEUE_TAG}}' + - '${{CLOUDHARNESS_FLASK_TAG}}' - '${{DEPLOYMENT_PUBLISH_TAG}}-dev' - '${{CF_BRANCH_TAG_NORMALIZED_LOWER_CASE}}' when: condition: any: - buildDoesNotExist: includes('${{WORKFLOWS_NOTIFY_QUEUE_TAG_EXISTS}}', - '{{WORKFLOWS_NOTIFY_QUEUE_TAG_EXISTS}}') == true - forceNoCache: includes('${{WORKFLOWS_NOTIFY_QUEUE_TAG_FORCE_BUILD}}', - '{{WORKFLOWS_NOTIFY_QUEUE_TAG_FORCE_BUILD}}') == false - samples-secret: + buildDoesNotExist: includes('${{CLOUDHARNESS_FLASK_TAG_EXISTS}}', '{{CLOUDHARNESS_FLASK_TAG_EXISTS}}') + == true + forceNoCache: includes('${{CLOUDHARNESS_FLASK_TAG_FORCE_BUILD}}', '{{CLOUDHARNESS_FLASK_TAG_FORCE_BUILD}}') + == false + samples-print-file: type: build stage: build dockerfile: Dockerfile @@ -260,45 +237,44 @@ steps: build_arguments: - NOCACHE=${{CF_BUILD_ID}} - CLOUDHARNESS_BASE=${{REGISTRY}}/cloud-harness/cloudharness-base:${{CLOUDHARNESS_BASE_TAG}} - image_name: cloud-harness/sampleapp-secret - title: Samples secret - working_directory: ./applications/samples/tasks/secret + image_name: cloud-harness/sampleapp-print-file + title: Samples print file + working_directory: ./applications/samples/tasks/print-file tags: - - '${{SAMPLES_SECRET_TAG}}' + - '${{SAMPLES_PRINT_FILE_TAG}}' - '${{DEPLOYMENT_PUBLISH_TAG}}-dev' - '${{CF_BRANCH_TAG_NORMALIZED_LOWER_CASE}}' when: condition: any: - buildDoesNotExist: includes('${{SAMPLES_SECRET_TAG_EXISTS}}', '{{SAMPLES_SECRET_TAG_EXISTS}}') + buildDoesNotExist: includes('${{SAMPLES_PRINT_FILE_TAG_EXISTS}}', '{{SAMPLES_PRINT_FILE_TAG_EXISTS}}') == true - forceNoCache: includes('${{SAMPLES_SECRET_TAG_FORCE_BUILD}}', '{{SAMPLES_SECRET_TAG_FORCE_BUILD}}') + forceNoCache: includes('${{SAMPLES_PRINT_FILE_TAG_FORCE_BUILD}}', '{{SAMPLES_PRINT_FILE_TAG_FORCE_BUILD}}') == false - test-api: + cloudharness-django: type: build stage: build - dockerfile: test/test-api/Dockerfile + dockerfile: Dockerfile registry: '${{CODEFRESH_REGISTRY}}' buildkit: true build_arguments: - NOCACHE=${{CF_BUILD_ID}} - CLOUDHARNESS_BASE=${{REGISTRY}}/cloud-harness/cloudharness-base:${{CLOUDHARNESS_BASE_TAG}} - image_name: cloud-harness/test-api - title: Test api - working_directory: ./. + image_name: cloud-harness/cloudharness-django + title: Cloudharness django + working_directory: ./infrastructure/common-images/cloudharness-django tags: - - '${{TEST_API_TAG}}' + - '${{CLOUDHARNESS_DJANGO_TAG}}' - '${{DEPLOYMENT_PUBLISH_TAG}}-dev' - '${{CF_BRANCH_TAG_NORMALIZED_LOWER_CASE}}' - - latest when: condition: any: - buildDoesNotExist: includes('${{TEST_API_TAG_EXISTS}}', '{{TEST_API_TAG_EXISTS}}') + buildDoesNotExist: includes('${{CLOUDHARNESS_DJANGO_TAG_EXISTS}}', '{{CLOUDHARNESS_DJANGO_TAG_EXISTS}}') == true - forceNoCache: includes('${{TEST_API_TAG_FORCE_BUILD}}', '{{TEST_API_TAG_FORCE_BUILD}}') + forceNoCache: includes('${{CLOUDHARNESS_DJANGO_TAG_FORCE_BUILD}}', '{{CLOUDHARNESS_DJANGO_TAG_FORCE_BUILD}}') == false - samples-print-file: + workflows-extract-download: type: build stage: build dockerfile: Dockerfile @@ -307,21 +283,45 @@ steps: build_arguments: - NOCACHE=${{CF_BUILD_ID}} - CLOUDHARNESS_BASE=${{REGISTRY}}/cloud-harness/cloudharness-base:${{CLOUDHARNESS_BASE_TAG}} - image_name: cloud-harness/sampleapp-print-file - title: Samples print file - working_directory: ./applications/samples/tasks/print-file + image_name: cloud-harness/workflows-extract-download + title: Workflows extract download + working_directory: ./applications/workflows/tasks/extract-download tags: - - '${{SAMPLES_PRINT_FILE_TAG}}' + - '${{WORKFLOWS_EXTRACT_DOWNLOAD_TAG}}' - '${{DEPLOYMENT_PUBLISH_TAG}}-dev' - '${{CF_BRANCH_TAG_NORMALIZED_LOWER_CASE}}' when: condition: any: - buildDoesNotExist: includes('${{SAMPLES_PRINT_FILE_TAG_EXISTS}}', '{{SAMPLES_PRINT_FILE_TAG_EXISTS}}') + buildDoesNotExist: includes('${{WORKFLOWS_EXTRACT_DOWNLOAD_TAG_EXISTS}}', + '{{WORKFLOWS_EXTRACT_DOWNLOAD_TAG_EXISTS}}') == true + forceNoCache: includes('${{WORKFLOWS_EXTRACT_DOWNLOAD_TAG_FORCE_BUILD}}', + '{{WORKFLOWS_EXTRACT_DOWNLOAD_TAG_FORCE_BUILD}}') == false + test-api: + type: build + stage: build + dockerfile: test/test-api/Dockerfile + registry: '${{CODEFRESH_REGISTRY}}' + buildkit: true + build_arguments: + - NOCACHE=${{CF_BUILD_ID}} + - CLOUDHARNESS_BASE=${{REGISTRY}}/cloud-harness/cloudharness-base:${{CLOUDHARNESS_BASE_TAG}} + image_name: cloud-harness/test-api + title: Test api + working_directory: ./. + tags: + - '${{TEST_API_TAG}}' + - '${{DEPLOYMENT_PUBLISH_TAG}}-dev' + - '${{CF_BRANCH_TAG_NORMALIZED_LOWER_CASE}}' + - latest + when: + condition: + any: + buildDoesNotExist: includes('${{TEST_API_TAG_EXISTS}}', '{{TEST_API_TAG_EXISTS}}') == true - forceNoCache: includes('${{SAMPLES_PRINT_FILE_TAG_FORCE_BUILD}}', '{{SAMPLES_PRINT_FILE_TAG_FORCE_BUILD}}') + forceNoCache: includes('${{TEST_API_TAG_FORCE_BUILD}}', '{{TEST_API_TAG_FORCE_BUILD}}') == false - cloudharness-django: + jupyterhub: type: build stage: build dockerfile: Dockerfile @@ -330,19 +330,19 @@ steps: build_arguments: - NOCACHE=${{CF_BUILD_ID}} - CLOUDHARNESS_BASE=${{REGISTRY}}/cloud-harness/cloudharness-base:${{CLOUDHARNESS_BASE_TAG}} - image_name: cloud-harness/cloudharness-django - title: Cloudharness django - working_directory: ./infrastructure/common-images/cloudharness-django + image_name: cloud-harness/jupyterhub + title: Jupyterhub + working_directory: ./applications/jupyterhub tags: - - '${{CLOUDHARNESS_DJANGO_TAG}}' + - '${{JUPYTERHUB_TAG}}' - '${{DEPLOYMENT_PUBLISH_TAG}}-dev' - '${{CF_BRANCH_TAG_NORMALIZED_LOWER_CASE}}' when: condition: any: - buildDoesNotExist: includes('${{CLOUDHARNESS_DJANGO_TAG_EXISTS}}', '{{CLOUDHARNESS_DJANGO_TAG_EXISTS}}') + buildDoesNotExist: includes('${{JUPYTERHUB_TAG_EXISTS}}', '{{JUPYTERHUB_TAG_EXISTS}}') == true - forceNoCache: includes('${{CLOUDHARNESS_DJANGO_TAG_FORCE_BUILD}}', '{{CLOUDHARNESS_DJANGO_TAG_FORCE_BUILD}}') + forceNoCache: includes('${{JUPYTERHUB_TAG_FORCE_BUILD}}', '{{JUPYTERHUB_TAG_FORCE_BUILD}}') == false title: Build parallel step 2 build_application_images_2: @@ -372,7 +372,7 @@ steps: == true forceNoCache: includes('${{WORKFLOWS_TAG_FORCE_BUILD}}', '{{WORKFLOWS_TAG_FORCE_BUILD}}') == false - volumemanager: + samples: type: build stage: build dockerfile: Dockerfile @@ -380,22 +380,23 @@ steps: buildkit: true build_arguments: - NOCACHE=${{CF_BUILD_ID}} + - CLOUDHARNESS_FRONTEND_BUILD=${{REGISTRY}}/cloud-harness/cloudharness-frontend-build:${{CLOUDHARNESS_FRONTEND_BUILD_TAG}} - CLOUDHARNESS_FLASK=${{REGISTRY}}/cloud-harness/cloudharness-flask:${{CLOUDHARNESS_FLASK_TAG}} - image_name: cloud-harness/volumemanager - title: Volumemanager - working_directory: ./applications/volumemanager/server + image_name: cloud-harness/sampleapp + title: Samples + working_directory: ./applications/samples tags: - - '${{VOLUMEMANAGER_TAG}}' + - '${{SAMPLES_TAG}}' - '${{DEPLOYMENT_PUBLISH_TAG}}-dev' - '${{CF_BRANCH_TAG_NORMALIZED_LOWER_CASE}}' when: condition: any: - buildDoesNotExist: includes('${{VOLUMEMANAGER_TAG_EXISTS}}', '{{VOLUMEMANAGER_TAG_EXISTS}}') + buildDoesNotExist: includes('${{SAMPLES_TAG_EXISTS}}', '{{SAMPLES_TAG_EXISTS}}') == true - forceNoCache: includes('${{VOLUMEMANAGER_TAG_FORCE_BUILD}}', '{{VOLUMEMANAGER_TAG_FORCE_BUILD}}') + forceNoCache: includes('${{SAMPLES_TAG_FORCE_BUILD}}', '{{SAMPLES_TAG_FORCE_BUILD}}') == false - samples: + volumemanager: type: build stage: build dockerfile: Dockerfile @@ -403,21 +404,20 @@ steps: buildkit: true build_arguments: - NOCACHE=${{CF_BUILD_ID}} - - CLOUDHARNESS_FRONTEND_BUILD=${{REGISTRY}}/cloud-harness/cloudharness-frontend-build:${{CLOUDHARNESS_FRONTEND_BUILD_TAG}} - CLOUDHARNESS_FLASK=${{REGISTRY}}/cloud-harness/cloudharness-flask:${{CLOUDHARNESS_FLASK_TAG}} - image_name: cloud-harness/sampleapp - title: Samples - working_directory: ./applications/samples + image_name: cloud-harness/volumemanager + title: Volumemanager + working_directory: ./applications/volumemanager/server tags: - - '${{SAMPLES_TAG}}' + - '${{VOLUMEMANAGER_TAG}}' - '${{DEPLOYMENT_PUBLISH_TAG}}-dev' - '${{CF_BRANCH_TAG_NORMALIZED_LOWER_CASE}}' when: condition: any: - buildDoesNotExist: includes('${{SAMPLES_TAG_EXISTS}}', '{{SAMPLES_TAG_EXISTS}}') + buildDoesNotExist: includes('${{VOLUMEMANAGER_TAG_EXISTS}}', '{{VOLUMEMANAGER_TAG_EXISTS}}') == true - forceNoCache: includes('${{SAMPLES_TAG_FORCE_BUILD}}', '{{SAMPLES_TAG_FORCE_BUILD}}') + forceNoCache: includes('${{VOLUMEMANAGER_TAG_FORCE_BUILD}}', '{{VOLUMEMANAGER_TAG_FORCE_BUILD}}') == false common: type: build @@ -505,11 +505,11 @@ steps: - kubectl config use-context ${{CLUSTER_NAME}} - kubectl config set-context --current --namespace=test-${{NAMESPACE_BASENAME}} - kubectl rollout status deployment/workflows - - kubectl rollout status deployment/volumemanager - kubectl rollout status deployment/argo-gk - - kubectl rollout status deployment/accounts + - kubectl rollout status deployment/volumemanager - kubectl rollout status deployment/samples - kubectl rollout status deployment/samples-gk + - kubectl rollout status deployment/accounts - kubectl rollout status deployment/common - sleep 60 tests_api: diff --git a/docs/dev.md b/docs/dev.md index cdd91c98..0d8e2b1c 100644 --- a/docs/dev.md +++ b/docs/dev.md @@ -257,7 +257,7 @@ helm_values = create_helm_chart( # <1> output_path=args.output_path, exclude=args.exclude, include=args.include, - registry_secret=args.registry_secret, + registry_secret_name=args.registry_secret_name, tls=not args.no_tls, env=envs, namespace=args.namespace diff --git a/docs/model/RegistryConfig.md b/docs/model/RegistryConfig.md index b91c107f..f1972293 100644 --- a/docs/model/RegistryConfig.md +++ b/docs/model/RegistryConfig.md @@ -7,7 +7,7 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **name** | **str** | | -**secret** | **str** | Optional secret used for pulling from docker registry. | [optional] +**secret** | [**RegistrySecretConfig**](RegistrySecretConfig.md) | | [optional] ## Example diff --git a/docs/model/RegistrySecretConfig.md b/docs/model/RegistrySecretConfig.md new file mode 100644 index 00000000..faf4450f --- /dev/null +++ b/docs/model/RegistrySecretConfig.md @@ -0,0 +1,31 @@ +# RegistrySecretConfig + + + +## Properties + +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **str** | The name of the secret to create for docker registry credentials | +**value** | **str** | The value of the secret to create for docker registry credentials. This should be the raw JSON content of the Google Cloud service account key used for the registry. | [optional] + +## Example + +```python +from cloudharness_model.models.registry_secret_config import RegistrySecretConfig + +# TODO update the JSON string below +json = "{}" +# create an instance of RegistrySecretConfig from a JSON string +registry_secret_config_instance = RegistrySecretConfig.from_json(json) +# print the JSON string representation of the object +print(RegistrySecretConfig.to_json()) + +# convert the object into a dict +registry_secret_config_dict = registry_secret_config_instance.to_dict() +# create an instance of RegistrySecretConfig from a dict +registry_secret_config_from_dict = RegistrySecretConfig.from_dict(registry_secret_config_dict) +``` +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + + diff --git a/libraries/models/README.md b/libraries/models/README.md index 4cab56aa..a91663a5 100644 --- a/libraries/models/README.md +++ b/libraries/models/README.md @@ -100,6 +100,7 @@ Class | Method | HTTP request | Description - [ProxyPayloadConf](docs/ProxyPayloadConf.md) - [ProxyTimeoutConf](docs/ProxyTimeoutConf.md) - [RegistryConfig](docs/RegistryConfig.md) + - [RegistrySecretConfig](docs/RegistrySecretConfig.md) - [ServiceAutoArtifactConfig](docs/ServiceAutoArtifactConfig.md) - [UnitTestsConfig](docs/UnitTestsConfig.md) - [UriRoleMappingConfig](docs/UriRoleMappingConfig.md) diff --git a/libraries/models/api/openapi.yaml b/libraries/models/api/openapi.yaml index eb554610..5746d932 100644 --- a/libraries/models/api/openapi.yaml +++ b/libraries/models/api/openapi.yaml @@ -124,6 +124,20 @@ components: Values inside this section have a special meaning to cloudharness (e.g. enabling and configuring automatic deployment) additionalProperties: true + RegistrySecretConfig: + description: '' + required: + - name + type: object + properties: + name: + description: The name of the secret to create for docker registry credentials + type: string + value: + description: >- + The value of the secret to create for docker registry credentials. This should be the + raw JSON content of the Google Cloud service account key used for the registry. + type: string RegistryConfig: description: '' required: @@ -134,8 +148,8 @@ components: $ref: '#/components/schemas/URL' description: The docker registry where built images are pushed secret: + $ref: '#/components/schemas/RegistrySecretConfig' description: Optional secret used for pulling from docker registry. - type: string FreeObject: description: '' type: object diff --git a/libraries/models/cloudharness_model/models/__init__.py b/libraries/models/cloudharness_model/models/__init__.py index 82af9e91..2e564493 100644 --- a/libraries/models/cloudharness_model/models/__init__.py +++ b/libraries/models/cloudharness_model/models/__init__.py @@ -47,6 +47,7 @@ from cloudharness_model.models.proxy_payload_conf import ProxyPayloadConf from cloudharness_model.models.proxy_timeout_conf import ProxyTimeoutConf from cloudharness_model.models.registry_config import RegistryConfig +from cloudharness_model.models.registry_secret_config import RegistrySecretConfig from cloudharness_model.models.service_auto_artifact_config import ServiceAutoArtifactConfig from cloudharness_model.models.unit_tests_config import UnitTestsConfig from cloudharness_model.models.uri_role_mapping_config import UriRoleMappingConfig diff --git a/libraries/models/cloudharness_model/models/registry_config.py b/libraries/models/cloudharness_model/models/registry_config.py index d77b4426..4bdc6287 100644 --- a/libraries/models/cloudharness_model/models/registry_config.py +++ b/libraries/models/cloudharness_model/models/registry_config.py @@ -25,13 +25,14 @@ from pydantic import BaseModel, Field, field_validator, StrictStr, StrictBool, StrictInt, StrictFloat from typing import ClassVar, List, Dict, Any, Union, Optional, Annotated import importlib +from cloudharness_model.models.registry_secret_config import RegistrySecretConfig class RegistryConfig(CloudHarnessBaseModel): """ """ # noqa: E501 name: StrictStr - secret: Optional[StrictStr] = Field(default=None, description="Optional secret used for pulling from docker registry.") + secret: Optional[RegistrySecretConfig] = None additional_properties: Dict[str, Any] = {} __properties: ClassVar[List[str]] = ["name", "secret"] @@ -55,6 +56,9 @@ def to_dict(self) -> Dict[str, Any]: exclude=excluded_fields, exclude_none=True, ) + # override the default output from pydantic by calling `to_dict()` of secret + if self.secret: + _dict['secret'] = self.secret.to_dict() # puts key-value pairs in additional_properties in the top level if self.additional_properties is not None: for _key, _value in self.additional_properties.items(): @@ -73,7 +77,7 @@ def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]: _obj = cls.model_validate({ "name": obj.get("name"), - "secret": obj.get("secret") + "secret": RegistrySecretConfig.from_dict(obj["secret"]) if obj.get("secret") is not None else None }) # store additional fields in additional_properties for _key in obj.keys(): diff --git a/libraries/models/cloudharness_model/models/registry_secret_config.py b/libraries/models/cloudharness_model/models/registry_secret_config.py new file mode 100644 index 00000000..2cd8e9ed --- /dev/null +++ b/libraries/models/cloudharness_model/models/registry_secret_config.py @@ -0,0 +1,85 @@ +# coding: utf-8 + +""" + cloudharness + + No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator) + + The version of the OpenAPI document: 1.0.0 + Generated by OpenAPI Generator (https://openapi-generator.tech) + + Do not edit the class manually. +""" # noqa: E501 + + +from __future__ import annotations +import pprint +import re # noqa: F401 +import json + +from typing import Optional, Set +from typing_extensions import Self + + +from cloudharness_model.base_model import CloudHarnessBaseModel +from pydantic import BaseModel, Field, field_validator, StrictStr, StrictBool, StrictInt, StrictFloat +from typing import ClassVar, List, Dict, Any, Union, Optional, Annotated +import importlib + +class RegistrySecretConfig(CloudHarnessBaseModel): + """ + + """ # noqa: E501 + name: StrictStr = Field(description="The name of the secret to create for docker registry credentials") + value: Optional[StrictStr] = Field(default=None, description="The value of the secret to create for docker registry credentials. This should be the raw JSON content of the Google Cloud service account key used for the registry.") + additional_properties: Dict[str, Any] = {} + __properties: ClassVar[List[str]] = ["name", "value"] + + def to_dict(self) -> Dict[str, Any]: + """Return the dictionary representation of the model using alias. + + This has the following differences from calling pydantic's + `self.model_dump(by_alias=True)`: + + * `None` is only added to the output dict for nullable fields that + were set at model initialization. Other fields with value `None` + are ignored. + * Fields in `self.additional_properties` are added to the output dict. + """ + excluded_fields: Set[str] = set([ + "additional_properties", + ]) + + _dict = self.model_dump( + by_alias=True, + exclude=excluded_fields, + exclude_none=True, + ) + # puts key-value pairs in additional_properties in the top level + if self.additional_properties is not None: + for _key, _value in self.additional_properties.items(): + _dict[_key] = _value + + return _dict + + @classmethod + def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]: + """Create an instance of RegistrySecretConfig from a dict""" + if obj is None: + return None + + if not isinstance(obj, dict): + return cls.model_validate(obj) + + _obj = cls.model_validate({ + "name": obj.get("name"), + "value": obj.get("value") + }) + # store additional fields in additional_properties + for _key in obj.keys(): + if _key not in cls.__properties: + _obj.additional_properties[_key] = obj.get(_key) + + return _obj + + diff --git a/libraries/models/docs/RegistryConfig.md b/libraries/models/docs/RegistryConfig.md index b91c107f..f1972293 100644 --- a/libraries/models/docs/RegistryConfig.md +++ b/libraries/models/docs/RegistryConfig.md @@ -7,7 +7,7 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **name** | **str** | | -**secret** | **str** | Optional secret used for pulling from docker registry. | [optional] +**secret** | [**RegistrySecretConfig**](RegistrySecretConfig.md) | | [optional] ## Example diff --git a/libraries/models/docs/RegistrySecretConfig.md b/libraries/models/docs/RegistrySecretConfig.md new file mode 100644 index 00000000..faf4450f --- /dev/null +++ b/libraries/models/docs/RegistrySecretConfig.md @@ -0,0 +1,31 @@ +# RegistrySecretConfig + + + +## Properties + +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **str** | The name of the secret to create for docker registry credentials | +**value** | **str** | The value of the secret to create for docker registry credentials. This should be the raw JSON content of the Google Cloud service account key used for the registry. | [optional] + +## Example + +```python +from cloudharness_model.models.registry_secret_config import RegistrySecretConfig + +# TODO update the JSON string below +json = "{}" +# create an instance of RegistrySecretConfig from a JSON string +registry_secret_config_instance = RegistrySecretConfig.from_json(json) +# print the JSON string representation of the object +print(RegistrySecretConfig.to_json()) + +# convert the object into a dict +registry_secret_config_dict = registry_secret_config_instance.to_dict() +# create an instance of RegistrySecretConfig from a dict +registry_secret_config_from_dict = RegistrySecretConfig.from_dict(registry_secret_config_dict) +``` +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + + diff --git a/tools/deployment-cli-tools/ch_cli_tools/codefresh.py b/tools/deployment-cli-tools/ch_cli_tools/codefresh.py index 89d00f30..b10b81b8 100644 --- a/tools/deployment-cli-tools/ch_cli_tools/codefresh.py +++ b/tools/deployment-cli-tools/ch_cli_tools/codefresh.py @@ -400,6 +400,14 @@ def adjust_build_steps(index): secret_name = secret.replace("_", "__") arguments["custom_values"].append( "apps_%s_harness_secrets_%s=${{%s}}" % (app_name.replace("_", "__"), secret_name, secret_name.upper())) + # Add registry secret value secret if registry secret name is set + registry = getattr(helm_values, "registry", None) + secret = getattr(registry, "secret", None) + registry_secret_name = getattr(secret, "name", None) + if registry_secret_name: + arguments["custom_values"].append( + "registry_secret_value=${{REGISTRY_SECRET_VALUE}}" + ) cmds = codefresh['steps']['prepare_deployment']['commands'] diff --git a/tools/deployment-cli-tools/ch_cli_tools/configurationgenerator.py b/tools/deployment-cli-tools/ch_cli_tools/configurationgenerator.py index 3e061477..d79aed9f 100644 --- a/tools/deployment-cli-tools/ch_cli_tools/configurationgenerator.py +++ b/tools/deployment-cli-tools/ch_cli_tools/configurationgenerator.py @@ -35,7 +35,7 @@ class ConfigurationGenerator(object, metaclass=abc.ABCMeta): def __init__(self, root_paths: List[str], tag: Union[str, int, None] = 'latest', registry='', local=True, domain=None, exclude=(), secured=True, - output_path='./deployment', include: List[str] = None, registry_secret: str = None, tls: str = True, env: str = None, + output_path='./deployment', include: List[str] = None, registry_secret_name: str = None, tls: str = True, env: str = None, namespace: str = None, templates_path: str = HELM_PATH): assert domain, 'A domain must be specified' self.root_paths = [Path(r) for r in root_paths] @@ -50,7 +50,7 @@ def __init__(self, root_paths: List[str], tag: Union[str, int, None] = 'latest', self.secured = secured self.output_path = Path(output_path) self.include = include - self.registry_secret = registry_secret + self.registry_secret_name = registry_secret_name self.tls = tls self.env = env or {} self.namespace = namespace diff --git a/tools/deployment-cli-tools/ch_cli_tools/dockercompose.py b/tools/deployment-cli-tools/ch_cli_tools/dockercompose.py index 53ccbfe0..d7f9104d 100644 --- a/tools/deployment-cli-tools/ch_cli_tools/dockercompose.py +++ b/tools/deployment-cli-tools/ch_cli_tools/dockercompose.py @@ -22,12 +22,12 @@ def create_docker_compose_configuration(root_paths, tag: Union[str, int, None] = 'latest', registry='', local=True, domain=None, exclude=(), secured=True, - output_path='./deployment', include=None, registry_secret=None, tls=True, env=None, + output_path='./deployment', include=None, registry_secret_name=None, tls=True, env=None, namespace=None) -> HarnessMainConfig: if (type(env)) == str: env = [env] return CloudHarnessDockerCompose(root_paths, tag=tag, registry=registry, local=local, domain=domain, exclude=exclude, secured=secured, - output_path=output_path, include=include, registry_secret=registry_secret, tls=tls, env=env, + output_path=output_path, include=include, registry_secret_name=registry_secret_name, tls=tls, env=env, namespace=namespace, templates_path=COMPOSE).process_values() @@ -176,10 +176,10 @@ def __finish_helm_values(self, values, defer_task_images=False): logging.info(f"Registry set: {self.registry}") if self.local: values['registry']['secret'] = '' - if self.registry_secret: + if self.registry_secret_name: logging.info(f"Registry secret set") values['registry']['name'] = self.registry - values['registry']['secret'] = self.registry_secret + values['registry']['secret'] = self.registry_secret_name values['tag'] = self.tag if self.namespace: values['namespace'] = self.namespace diff --git a/tools/deployment-cli-tools/ch_cli_tools/helm.py b/tools/deployment-cli-tools/ch_cli_tools/helm.py index 094330b4..768d9770 100644 --- a/tools/deployment-cli-tools/ch_cli_tools/helm.py +++ b/tools/deployment-cli-tools/ch_cli_tools/helm.py @@ -30,12 +30,12 @@ def deploy(namespace, output_path='./deployment'): def create_helm_chart(root_paths, tag: Union[str, int, None] = 'latest', registry='', local=True, domain=None, exclude=(), secured=True, - output_path='./deployment', include=None, registry_secret=None, tls=True, env=None, + output_path='./deployment', include=None, registry_secret_name=None, tls=True, env=None, namespace=None, name=None, chart_version=None, app_version=None) -> HarnessMainConfig: if (type(env)) == str: env = [env] return CloudHarnessHelm(root_paths, tag=tag, registry=registry, local=local, domain=domain, exclude=exclude, secured=secured, - output_path=output_path, include=include, registry_secret=registry_secret, tls=tls, env=env, + output_path=output_path, include=include, registry_secret_name=registry_secret_name, tls=tls, env=env, namespace=namespace, name=name, chart_version=chart_version, app_version=app_version).process_values() @@ -43,10 +43,10 @@ def create_helm_chart(root_paths, tag: Union[str, int, None] = 'latest', registr class CloudHarnessHelm(ConfigurationGenerator): def __init__(self, root_paths, tag: Union[str, int, None] = 'latest', registry='', local=True, domain=None, exclude=(), secured=True, - output_path='./deployment', include=None, registry_secret=None, tls=True, env=None, + output_path='./deployment', include=None, registry_secret_name=None, tls=True, env=None, namespace=None, name=None, chart_version=None, app_version=None): super().__init__(root_paths, tag=tag, registry=registry, local=local, domain=domain, exclude=exclude, secured=secured, - output_path=output_path, include=include, registry_secret=registry_secret, tls=tls, env=env, + output_path=output_path, include=include, registry_secret_name=registry_secret_name, tls=tls, env=env, namespace=namespace) self.chart_name = name self.chart_version = chart_version @@ -144,6 +144,14 @@ def process_values(self) -> HarnessMainConfig: self.dest_deployment_path, VALUES_MANUAL_PATH)) self._merge_chart_metadata(helm_values['name']) validate_helm_values(merged_values) + registry = merged_values.get("registry") + if registry is not None: + secret = registry.get("secret") + if isinstance(secret, dict): + if secret.get("name") in (None, "") and secret.get("value") in (None, ""): + registry["secret"] = None + elif secret in (None, ""): + registry["secret"] = None return HarnessMainConfig.from_dict(merged_values) def _aggregate_task_images(self, values): @@ -184,10 +192,10 @@ def __finish_helm_values(self, values, defer_task_images=False): if self.local: values['registry']['secret'] = '' - if self.registry_secret: - logging.info(f"Registry secret set") values['registry']['name'] = self.registry - values['registry']['secret'] = self.registry_secret + if self.registry_secret_name: + logging.info(f"Registry secret set") + values['registry']['secret']['name'] = self.registry_secret_name values['tag'] = self.tag values['build_hash'] = get_git_commit_hash(self.root_paths[-1]) # Fix: Call the defined function to get the git commit hash if self.namespace: diff --git a/tools/deployment-cli-tools/harness-deployment b/tools/deployment-cli-tools/harness-deployment index 19d714d0..6b17490a 100644 --- a/tools/deployment-cli-tools/harness-deployment +++ b/tools/deployment-cli-tools/harness-deployment @@ -45,7 +45,7 @@ if __name__ == "__main__": parser.add_argument('-r', '--registry', dest='registry', action="store", default='', help='Specify image registry prefix') - parser.add_argument('-rs', '--registry-secret', dest='registry_secret', action="store", default='', + parser.add_argument('-rsn', '--registry-secret-name', dest='registry_secret_name', action="store", default='', help='Specify image registry secret') parser.add_argument('-o', '--output', dest='output_path', action="store", default='./deployment', help='Specify helm chart base path (default `./deployment)`') @@ -113,7 +113,7 @@ if __name__ == "__main__": output_path=args.output_path, exclude=args.exclude, include=args.include, - registry_secret=args.registry_secret, + registry_secret_name=args.registry_secret_name, tls=not args.no_tls, env=envs, namespace=args.namespace,