From df1f130fd654a51576ebe4775f428b4557ca0dc1 Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Sun, 3 Sep 2023 12:39:17 +0200 Subject: [PATCH 1/6] Add Kyverno to platform Fixes gh-23 --- package/config/buildpacks-catalog.yml | 1 + package/config/cartographer-blueprints.yml | 1 + package/config/cartographer-delivery.yml | 1 + package/config/cartographer-supply-chains.yml | 1 + package/config/cartographer.yml | 1 + package/config/cert-manager-issuers.yml | 1 + package/config/cert-manager.yml | 1 + package/config/contour.yml | 1 + package/config/fluxcd-source.controller.yml | 1 + package/config/knative-serving.yml | 1 + package/config/kpack.yml | 1 + package/config/kyverno.yml | 47 +++++++++++++++++++ package/config/metrics-server.yml | 1 + package/config/spring-boot-conventions.yml | 1 + package/config/tekton-catalog.yml | 1 + package/config/tekton-pipelines.yml | 1 + package/config/values-schema.yml | 6 +++ package/config/workspace-provisioner.yml | 1 + 18 files changed, 69 insertions(+) create mode 100644 package/config/kyverno.yml diff --git a/package/config/buildpacks-catalog.yml b/package/config/buildpacks-catalog.yml index 7137347..b9569d6 100644 --- a/package/config/buildpacks-catalog.yml +++ b/package/config/buildpacks-catalog.yml @@ -28,6 +28,7 @@ metadata: annotations: kapp.k14s.io/change-group: buildpacks-catalog kapp.k14s.io/change-rule.kpack: upsert after upserting kpack + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/cartographer-blueprints.yml b/package/config/cartographer-blueprints.yml index 8074fc0..8ebbf2a 100644 --- a/package/config/cartographer-blueprints.yml +++ b/package/config/cartographer-blueprints.yml @@ -18,6 +18,7 @@ metadata: annotations: kapp.k14s.io/change-group: cartographer-blueprints kapp.k14s.io/change-rule.cartographer: upsert after upserting cartographer + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.secretgen-controller: upsert after upserting secretgen-controller kapp.k14s.io/change-rule.tekton-catalog: upsert after upserting tekton-catalog kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount diff --git a/package/config/cartographer-delivery.yml b/package/config/cartographer-delivery.yml index 5df9203..c9d3164 100644 --- a/package/config/cartographer-delivery.yml +++ b/package/config/cartographer-delivery.yml @@ -30,6 +30,7 @@ metadata: kapp.k14s.io/change-group: cartographer-delivery kapp.k14s.io/change-rule.cartographer: upsert after upserting cartographer kapp.k14s.io/change-rule.cartographer-blueprints: upsert after upserting cartographer-blueprints + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/cartographer-supply-chains.yml b/package/config/cartographer-supply-chains.yml index f85237f..dd9a325 100644 --- a/package/config/cartographer-supply-chains.yml +++ b/package/config/cartographer-supply-chains.yml @@ -51,6 +51,7 @@ metadata: kapp.k14s.io/change-group: cartographer-supply-chains kapp.k14s.io/change-rule.cartographer: upsert after upserting cartographer kapp.k14s.io/change-rule.cartographer-blueprints: upsert after upserting cartographer-blueprints + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/cartographer.yml b/package/config/cartographer.yml index 7e95dcb..7b7ad8d 100644 --- a/package/config/cartographer.yml +++ b/package/config/cartographer.yml @@ -25,6 +25,7 @@ metadata: annotations: kapp.k14s.io/change-group: cartographer kapp.k14s.io/change-rule.cert-manager: upsert after upserting cert-manager + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/cert-manager-issuers.yml b/package/config/cert-manager-issuers.yml index 6cfc787..d5f072f 100644 --- a/package/config/cert-manager-issuers.yml +++ b/package/config/cert-manager-issuers.yml @@ -41,6 +41,7 @@ metadata: annotations: kapp.k14s.io/change-group: cert-manager-issuers kapp.k14s.io/change-rule.cert-manager: upsert after upserting cert-manager + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/cert-manager.yml b/package/config/cert-manager.yml index 4ffefb4..0d59699 100644 --- a/package/config/cert-manager.yml +++ b/package/config/cert-manager.yml @@ -17,6 +17,7 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: cert-manager + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/contour.yml b/package/config/contour.yml index 9dab085..f65277d 100644 --- a/package/config/contour.yml +++ b/package/config/contour.yml @@ -31,6 +31,7 @@ metadata: annotations: kapp.k14s.io/change-group: contour kapp.k14s.io/change-rule.cert-manager: upsert after upserting cert-manager + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/fluxcd-source.controller.yml b/package/config/fluxcd-source.controller.yml index bdec9f7..a9bee67 100644 --- a/package/config/fluxcd-source.controller.yml +++ b/package/config/fluxcd-source.controller.yml @@ -17,6 +17,7 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: fluxcd + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/knative-serving.yml b/package/config/knative-serving.yml index d920e28..27bc70d 100644 --- a/package/config/knative-serving.yml +++ b/package/config/knative-serving.yml @@ -36,6 +36,7 @@ metadata: kapp.k14s.io/change-group: knative-serving kapp.k14s.io/change-rule.cert-manager-issuers: upsert after upserting cert-manager-issuers kapp.k14s.io/change-rule.contour: upsert after upserting contour + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/kpack.yml b/package/config/kpack.yml index fbd56df..0f78259 100644 --- a/package/config/kpack.yml +++ b/package/config/kpack.yml @@ -47,6 +47,7 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: kpack + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.workspace-provisioner: upsert after upserting workspace-provisioner kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount spec: diff --git a/package/config/kyverno.yml b/package/config/kyverno.yml new file mode 100644 index 0000000..0a59209 --- /dev/null +++ b/package/config/kyverno.yml @@ -0,0 +1,47 @@ +#@ load("@ytt:data", "data") +#@ load("@ytt:struct", "struct") +#@ load("@ytt:yaml", "yaml") +#@ load("/helpers.star", "is_package_enabled") + +#@ if is_package_enabled("kyverno"): + +#@ def compute_package_values(): +#@ values = struct.decode(data.values.kyverno.core) +#@ +#@ #! Compute values for CA Certificates +#@ if data.values.platform.ca_cert_data: +#@ values["ca_cert_data"] = values["ca_cert_data"] + data.values.platform.ca_cert_data +#@ end +#@ +#@ return struct.encode(values) +#@ end + +--- +apiVersion: packaging.carvel.dev/v1alpha1 +kind: PackageInstall +metadata: + name: kyverno + namespace: #@ data.values.platform.namespace + annotations: + kapp.k14s.io/change-group: kyverno + kapp.k14s.io/change-rule.secretgen-controller: upsert after upserting secretgen-controller + kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount +spec: + serviceAccountName: kadras-install-sa + packageRef: + refName: kyverno.packages.kadras.io + versionSelection: + constraints: 1.10.3+kadras.1 + values: + - secretRef: + name: kyverno-values +--- +apiVersion: v1 +kind: Secret +metadata: + name: kyverno-values + namespace: #@ data.values.platform.namespace +stringData: + values.yaml: #@ yaml.encode(compute_package_values()) + +#@ end diff --git a/package/config/metrics-server.yml b/package/config/metrics-server.yml index ae87bb1..2b3ab17 100644 --- a/package/config/metrics-server.yml +++ b/package/config/metrics-server.yml @@ -17,6 +17,7 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: metrics-server + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/spring-boot-conventions.yml b/package/config/spring-boot-conventions.yml index ddbd6cc..f55359e 100644 --- a/package/config/spring-boot-conventions.yml +++ b/package/config/spring-boot-conventions.yml @@ -17,6 +17,7 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: spring-boot-conventions + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.spring-boot-conventions: upsert after upserting cartographer kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: diff --git a/package/config/tekton-catalog.yml b/package/config/tekton-catalog.yml index a49fd64..c92f1e2 100644 --- a/package/config/tekton-catalog.yml +++ b/package/config/tekton-catalog.yml @@ -17,6 +17,7 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: tekton-catalog + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.tekton-pipelines: upsert after upserting tekton-pipelines kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount spec: diff --git a/package/config/tekton-pipelines.yml b/package/config/tekton-pipelines.yml index af5d9a8..5d9d990 100644 --- a/package/config/tekton-pipelines.yml +++ b/package/config/tekton-pipelines.yml @@ -24,6 +24,7 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: tekton-pipelines + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/values-schema.yml b/package/config/values-schema.yml index 0e213bc..97bb729 100644 --- a/package/config/values-schema.yml +++ b/package/config/values-schema.yml @@ -131,6 +131,12 @@ knative: #@schema/type any=True serving: {} +#@schema/desc "Configuration for the Kyverno related packages." +kyverno: + #@schema/desc "Configuration for the Kyverno package." + #@schema/type any=True + core: {} + #@schema/desc "Configuration for the Metrics Server package." #@schema/type any=True metrics_server: {} diff --git a/package/config/workspace-provisioner.yml b/package/config/workspace-provisioner.yml index 22a4e8e..226531b 100644 --- a/package/config/workspace-provisioner.yml +++ b/package/config/workspace-provisioner.yml @@ -61,6 +61,7 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: workspace-provisioner + kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.secretgen-controller: upsert after upserting secretgen-controller kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: From 555f2f587fad76beceec105fe73f8531e89c58ae Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Sun, 3 Sep 2023 12:41:00 +0200 Subject: [PATCH 2/6] Include Kyverno in integration tests --- test/integration/kuttl-test.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/test/integration/kuttl-test.yml b/test/integration/kuttl-test.yml index 692b5c5..0caef4a 100644 --- a/test/integration/kuttl-test.yml +++ b/test/integration/kuttl-test.yml @@ -32,6 +32,10 @@ commands: kapp deploy -a knative-serving-package -n kadras-packages -y \ -f https://github.com/kadras-io/package-for-knative-serving/releases/latest/download/metadata.yml \ -f https://github.com/kadras-io/package-for-knative-serving/releases/latest/download/package.yml + - script: | + kapp deploy -a kyverno-package -n kadras-packages -y \ + -f https://github.com/kadras-io/package-for-kyverno/releases/latest/download/metadata.yml \ + -f https://github.com/kadras-io/package-for-kyverno/releases/latest/download/package.yml - script: | kapp deploy -a metrics-server-package -n kadras-packages -y \ -f https://github.com/kadras-io/package-for-metrics-server/releases/latest/download/metadata.yml \ From 8def82ecd53a2a487bbfd2d8995fe1a6157a016d Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Sun, 3 Sep 2023 12:42:10 +0200 Subject: [PATCH 3/6] Update docs with Kyverno --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index e816498..0d5dbd7 100644 --- a/README.md +++ b/README.md @@ -134,6 +134,7 @@ Each Kadras package included in the platform can be configured independently. | `conventions.spring_boot` | `{}` | Configuration for the Spring Boot Conventions package. | | `flux.source_controller` | `{}` | Configuration for the FluxCD Source Controller package. | | `knative.serving` | `{}` | Configuration for the Knative Serving package. | +| `kyverno.core` | `{}` | Configuration for the Kyverno package. | | `metrics_server` | `{}` | Configuration for the Metrics Server package. | | `secretgen_controller` | `{}` | Configuration for the Secretgen Controller package. | | `tekton.catalog` | `{}` | Configuration for the Tekton Catalog package. | From c3a47cd308b0bae73d0cf160011d7d5f53d53084 Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Sun, 3 Sep 2023 12:57:49 +0200 Subject: [PATCH 4/6] Update config --- package/config/buildpacks-catalog.yml | 1 - package/config/cartographer-blueprints.yml | 1 - package/config/cartographer-delivery.yml | 1 - package/config/cartographer-supply-chains.yml | 1 - package/config/cartographer.yml | 1 - package/config/cert-manager-issuers.yml | 1 - package/config/cert-manager.yml | 1 - package/config/contour.yml | 1 - package/config/fluxcd-source.controller.yml | 1 - package/config/knative-serving.yml | 1 - package/config/kpack.yml | 1 - package/config/kyverno.yml | 1 - package/config/metrics-server.yml | 1 - package/config/spring-boot-conventions.yml | 1 - package/config/tekton-catalog.yml | 1 - package/config/tekton-pipelines.yml | 1 - package/config/workspace-provisioner.yml | 1 - 17 files changed, 17 deletions(-) diff --git a/package/config/buildpacks-catalog.yml b/package/config/buildpacks-catalog.yml index b9569d6..7137347 100644 --- a/package/config/buildpacks-catalog.yml +++ b/package/config/buildpacks-catalog.yml @@ -28,7 +28,6 @@ metadata: annotations: kapp.k14s.io/change-group: buildpacks-catalog kapp.k14s.io/change-rule.kpack: upsert after upserting kpack - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/cartographer-blueprints.yml b/package/config/cartographer-blueprints.yml index 8ebbf2a..8074fc0 100644 --- a/package/config/cartographer-blueprints.yml +++ b/package/config/cartographer-blueprints.yml @@ -18,7 +18,6 @@ metadata: annotations: kapp.k14s.io/change-group: cartographer-blueprints kapp.k14s.io/change-rule.cartographer: upsert after upserting cartographer - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.secretgen-controller: upsert after upserting secretgen-controller kapp.k14s.io/change-rule.tekton-catalog: upsert after upserting tekton-catalog kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount diff --git a/package/config/cartographer-delivery.yml b/package/config/cartographer-delivery.yml index c9d3164..5df9203 100644 --- a/package/config/cartographer-delivery.yml +++ b/package/config/cartographer-delivery.yml @@ -30,7 +30,6 @@ metadata: kapp.k14s.io/change-group: cartographer-delivery kapp.k14s.io/change-rule.cartographer: upsert after upserting cartographer kapp.k14s.io/change-rule.cartographer-blueprints: upsert after upserting cartographer-blueprints - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/cartographer-supply-chains.yml b/package/config/cartographer-supply-chains.yml index dd9a325..f85237f 100644 --- a/package/config/cartographer-supply-chains.yml +++ b/package/config/cartographer-supply-chains.yml @@ -51,7 +51,6 @@ metadata: kapp.k14s.io/change-group: cartographer-supply-chains kapp.k14s.io/change-rule.cartographer: upsert after upserting cartographer kapp.k14s.io/change-rule.cartographer-blueprints: upsert after upserting cartographer-blueprints - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/cartographer.yml b/package/config/cartographer.yml index 7b7ad8d..7e95dcb 100644 --- a/package/config/cartographer.yml +++ b/package/config/cartographer.yml @@ -25,7 +25,6 @@ metadata: annotations: kapp.k14s.io/change-group: cartographer kapp.k14s.io/change-rule.cert-manager: upsert after upserting cert-manager - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/cert-manager-issuers.yml b/package/config/cert-manager-issuers.yml index d5f072f..6cfc787 100644 --- a/package/config/cert-manager-issuers.yml +++ b/package/config/cert-manager-issuers.yml @@ -41,7 +41,6 @@ metadata: annotations: kapp.k14s.io/change-group: cert-manager-issuers kapp.k14s.io/change-rule.cert-manager: upsert after upserting cert-manager - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/cert-manager.yml b/package/config/cert-manager.yml index 0d59699..4ffefb4 100644 --- a/package/config/cert-manager.yml +++ b/package/config/cert-manager.yml @@ -17,7 +17,6 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: cert-manager - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/contour.yml b/package/config/contour.yml index f65277d..9dab085 100644 --- a/package/config/contour.yml +++ b/package/config/contour.yml @@ -31,7 +31,6 @@ metadata: annotations: kapp.k14s.io/change-group: contour kapp.k14s.io/change-rule.cert-manager: upsert after upserting cert-manager - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/fluxcd-source.controller.yml b/package/config/fluxcd-source.controller.yml index a9bee67..bdec9f7 100644 --- a/package/config/fluxcd-source.controller.yml +++ b/package/config/fluxcd-source.controller.yml @@ -17,7 +17,6 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: fluxcd - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/knative-serving.yml b/package/config/knative-serving.yml index 27bc70d..d920e28 100644 --- a/package/config/knative-serving.yml +++ b/package/config/knative-serving.yml @@ -36,7 +36,6 @@ metadata: kapp.k14s.io/change-group: knative-serving kapp.k14s.io/change-rule.cert-manager-issuers: upsert after upserting cert-manager-issuers kapp.k14s.io/change-rule.contour: upsert after upserting contour - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/kpack.yml b/package/config/kpack.yml index 0f78259..fbd56df 100644 --- a/package/config/kpack.yml +++ b/package/config/kpack.yml @@ -47,7 +47,6 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: kpack - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.workspace-provisioner: upsert after upserting workspace-provisioner kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount spec: diff --git a/package/config/kyverno.yml b/package/config/kyverno.yml index 0a59209..b340940 100644 --- a/package/config/kyverno.yml +++ b/package/config/kyverno.yml @@ -24,7 +24,6 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: kyverno - kapp.k14s.io/change-rule.secretgen-controller: upsert after upserting secretgen-controller kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/metrics-server.yml b/package/config/metrics-server.yml index 2b3ab17..ae87bb1 100644 --- a/package/config/metrics-server.yml +++ b/package/config/metrics-server.yml @@ -17,7 +17,6 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: metrics-server - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/spring-boot-conventions.yml b/package/config/spring-boot-conventions.yml index f55359e..ddbd6cc 100644 --- a/package/config/spring-boot-conventions.yml +++ b/package/config/spring-boot-conventions.yml @@ -17,7 +17,6 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: spring-boot-conventions - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.spring-boot-conventions: upsert after upserting cartographer kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: diff --git a/package/config/tekton-catalog.yml b/package/config/tekton-catalog.yml index c92f1e2..a49fd64 100644 --- a/package/config/tekton-catalog.yml +++ b/package/config/tekton-catalog.yml @@ -17,7 +17,6 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: tekton-catalog - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.tekton-pipelines: upsert after upserting tekton-pipelines kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount spec: diff --git a/package/config/tekton-pipelines.yml b/package/config/tekton-pipelines.yml index 5d9d990..af5d9a8 100644 --- a/package/config/tekton-pipelines.yml +++ b/package/config/tekton-pipelines.yml @@ -24,7 +24,6 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: tekton-pipelines - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.service-account: delete before deleting serviceaccount spec: serviceAccountName: kadras-install-sa diff --git a/package/config/workspace-provisioner.yml b/package/config/workspace-provisioner.yml index 226531b..22a4e8e 100644 --- a/package/config/workspace-provisioner.yml +++ b/package/config/workspace-provisioner.yml @@ -61,7 +61,6 @@ metadata: namespace: #@ data.values.platform.namespace annotations: kapp.k14s.io/change-group: workspace-provisioner - kapp.k14s.io/change-rule.kyverno: upsert after upserting kyverno kapp.k14s.io/change-rule.secretgen-controller: upsert after upserting secretgen-controller kapp.k14s.io/change-rule.serviceaccount: delete before deleting serviceaccount spec: From 437854b77bb55dfa0d9feed9e67f9402ef942899 Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Sun, 3 Sep 2023 14:07:49 +0200 Subject: [PATCH 5/6] Update test setup --- test/integration/kuttl-test.yml | 38 ++++-------------------------- test/setup/dependencies/.gitignore | 2 ++ test/setup/dependencies/vendir.yml | 13 ++++++++++ 3 files changed, 20 insertions(+), 33 deletions(-) create mode 100644 test/setup/dependencies/.gitignore create mode 100644 test/setup/dependencies/vendir.yml diff --git a/test/integration/kuttl-test.yml b/test/integration/kuttl-test.yml index 0caef4a..3e27dfd 100644 --- a/test/integration/kuttl-test.yml +++ b/test/integration/kuttl-test.yml @@ -8,43 +8,15 @@ parallel: 1 startKIND: true kindContext: integration kindNodeCache: true -timeout: 120 +timeout: 300 artifactsDir: /tmp/kuttl-artifacts commands: - script: | kapp deploy -a kapp-controller -y \ -f https://github.com/carvel-dev/kapp-controller/releases/latest/download/release.yml - script: | - kubectl create namespace kadras-packages - - script: | - kapp deploy -a cert-manager-issuers-package -n kadras-packages -y \ - -f https://github.com/kadras-io/cert-manager-issuers/releases/latest/download/metadata.yml \ - -f https://github.com/kadras-io/cert-manager-issuers/releases/latest/download/package.yml - - script: | - kapp deploy -a cert-manager-package -n kadras-packages -y \ - -f https://github.com/kadras-io/package-for-cert-manager/releases/latest/download/metadata.yml \ - -f https://github.com/kadras-io/package-for-cert-manager/releases/latest/download/package.yml - - script: | - kapp deploy -a contour-package -n kadras-packages -y \ - -f https://github.com/kadras-io/package-for-contour/releases/latest/download/metadata.yml \ - -f https://github.com/kadras-io/package-for-contour/releases/latest/download/package.yml - - script: | - kapp deploy -a knative-serving-package -n kadras-packages -y \ - -f https://github.com/kadras-io/package-for-knative-serving/releases/latest/download/metadata.yml \ - -f https://github.com/kadras-io/package-for-knative-serving/releases/latest/download/package.yml + cd test/setup/dependencies + vendir sync - script: | - kapp deploy -a kyverno-package -n kadras-packages -y \ - -f https://github.com/kadras-io/package-for-kyverno/releases/latest/download/metadata.yml \ - -f https://github.com/kadras-io/package-for-kyverno/releases/latest/download/package.yml - - script: | - kapp deploy -a metrics-server-package -n kadras-packages -y \ - -f https://github.com/kadras-io/package-for-metrics-server/releases/latest/download/metadata.yml \ - -f https://github.com/kadras-io/package-for-metrics-server/releases/latest/download/package.yml - - script: | - kapp deploy -a secretgen-controller-package -n kadras-packages -y \ - -f https://github.com/kadras-io/package-for-secretgen-controller/releases/latest/download/metadata.yml \ - -f https://github.com/kadras-io/package-for-secretgen-controller/releases/latest/download/package.yml - - script: | - kapp deploy -a workspace-provisioner-package -n kadras-packages -y \ - -f https://github.com/kadras-io/workspace-provisioner/releases/latest/download/metadata.yml \ - -f https://github.com/kadras-io/workspace-provisioner/releases/latest/download/package.yml + kubectl create namespace kadras-packages + kapp deploy -a kadras-packages -n kadras-packages -f test/setup/dependencies/package-repo -y diff --git a/test/setup/dependencies/.gitignore b/test/setup/dependencies/.gitignore new file mode 100644 index 0000000..2f6f5f4 --- /dev/null +++ b/test/setup/dependencies/.gitignore @@ -0,0 +1,2 @@ +package-repo/ +vendir.lock.yml \ No newline at end of file diff --git a/test/setup/dependencies/vendir.yml b/test/setup/dependencies/vendir.yml new file mode 100644 index 0000000..28b5290 --- /dev/null +++ b/test/setup/dependencies/vendir.yml @@ -0,0 +1,13 @@ +apiVersion: vendir.k14s.io/v1alpha1 +directories: +- contents: + - git: + ref: main + url: https://github.com/kadras-io/kadras-packages + includePaths: + - repo/packages/**/* + newRootPath: repo/packages + path: . + path: package-repo +kind: Config +minimumRequiredVersion: 0.32.0 From bff59ba49cae364dfcf1b5b290e7837df8e44bc0 Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Sun, 3 Sep 2023 14:27:50 +0200 Subject: [PATCH 6/6] Update test config --- test/integration/serving/config/values.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/integration/serving/config/values.yml b/test/integration/serving/config/values.yml index e909e7d..387b15d 100644 --- a/test/integration/serving/config/values.yml +++ b/test/integration/serving/config/values.yml @@ -11,3 +11,5 @@ stringData: infrastructure_provider: local ingress: domain: 127.0.0.1.sslip.io + excluded_packages: + - kyverno