From 20a4809fc7594e53c91e8ad87a08b4d840d8c86c Mon Sep 17 00:00:00 2001 From: ArchitectBot <61872893+architectbot@users.noreply.github.com> Date: Mon, 22 May 2023 14:27:12 +0200 Subject: [PATCH] Align files (#1005) * Align files * Update .nancy-ignore * Generate Helm values schema --------- Co-authored-by: github-actions Co-authored-by: Laszlo Uveges --- .circleci/config.yml | 2 +- .../zz_generated.check_values_schema.yaml | 27 +- .../zz_generated.create_release.yaml | 2 +- .../zz_generated.create_release_pr.yaml | 2 +- .github/workflows/zz_generated.gitleaks.yaml | 2 +- .nancy-ignore | 3 + Makefile | 4 +- Makefile.gen.app.mk | 2 +- Makefile.gen.go.mk | 2 +- helm/chart-operator/values.schema.json | 305 ++++++++++++++++++ 10 files changed, 331 insertions(+), 20 deletions(-) create mode 100644 helm/chart-operator/values.schema.json diff --git a/.circleci/config.yml b/.circleci/config.yml index 65fb03f4f..0ab429410 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,6 +1,6 @@ version: 2.1 orbs: - architect: giantswarm/architect@4.28.1 + architect: giantswarm/architect@4.29.0 workflows: build: diff --git a/.github/workflows/zz_generated.check_values_schema.yaml b/.github/workflows/zz_generated.check_values_schema.yaml index 6631d515b..15b85a051 100644 --- a/.github/workflows/zz_generated.check_values_schema.yaml +++ b/.github/workflows/zz_generated.check_values_schema.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@5.22.0 +# devctl@6.1.1 # name: 'Values and schema' on: @@ -13,6 +13,8 @@ on: - 'helm/**/values.schema.json' # schema - 'helm/**/ci/ci-values.yaml' # overrides for CI (can contain required entries) + push: {} + jobs: check: name: 'validate values.yaml against values.schema.json' @@ -30,15 +32,16 @@ jobs: - name: 'Check if values.yaml is a valid instance of values.schema.json' run: | - HELM_DIR=$(git diff --name-only origin/${GITHUB_BASE_REF} ${GITHUB_SHA} \ - | grep 'helm/[-a-z].*\/' | head -1 | awk -F '/' '{print $1"/"$2}') - VALUES=${HELM_DIR}/values.yaml - if [ -f ${HELM_DIR}/ci/ci-values.yaml ]; then - # merge ci-values.yaml into values.yaml (providing required values) - echo -e "\nMerged values:\n==============" - yq '. *= load("'${HELM_DIR}'/ci/ci-values.yaml")' ${HELM_DIR}/values.yaml | tee ${HELM_DIR}/combined-values.yaml - echo -e "\n==============\n" - VALUES=${HELM_DIR}/combined-values.yaml - fi + for chart_yaml in helm/*/Chart.yaml; do + helm_dir="${chart_yaml%/Chart.yaml}" + values=${helm_dir}/values.yaml + if [ -f ${helm_dir}/ci/ci-values.yaml ]; then + # merge ci-values.yaml into values.yaml (providing required values) + echo -e "\nMerged values:\n==============" + yq '. *= load("'${helm_dir}'/ci/ci-values.yaml")' ${helm_dir}/values.yaml | tee ${helm_dir}/combined-values.yaml + echo -e "\n==============\n" + values=${helm_dir}/combined-values.yaml + fi - ${HOME}/yajsv -s ${HELM_DIR}/values.schema.json ${VALUES} + ${HOME}/yajsv -s ${helm_dir}/values.schema.json ${values} + done diff --git a/.github/workflows/zz_generated.create_release.yaml b/.github/workflows/zz_generated.create_release.yaml index a6b058a36..d75983be8 100644 --- a/.github/workflows/zz_generated.create_release.yaml +++ b/.github/workflows/zz_generated.create_release.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@5.22.0 +# devctl@6.1.1 # name: Create Release on: diff --git a/.github/workflows/zz_generated.create_release_pr.yaml b/.github/workflows/zz_generated.create_release_pr.yaml index 88659ec5c..4e2eff1ed 100644 --- a/.github/workflows/zz_generated.create_release_pr.yaml +++ b/.github/workflows/zz_generated.create_release_pr.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@5.22.0 +# devctl@6.1.1 # name: Create Release PR on: diff --git a/.github/workflows/zz_generated.gitleaks.yaml b/.github/workflows/zz_generated.gitleaks.yaml index 1c3e6bb79..2a5f4fb68 100644 --- a/.github/workflows/zz_generated.gitleaks.yaml +++ b/.github/workflows/zz_generated.gitleaks.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@5.22.0 +# devctl@6.1.1 # name: gitleaks diff --git a/.nancy-ignore b/.nancy-ignore index f18f05593..54cebcfe1 100644 --- a/.nancy-ignore +++ b/.nancy-ignore @@ -2,6 +2,9 @@ sonatype-2020-0921 until=2023-06-30 CVE-2020-28483 until=2023-06-30 +# pkg:golang/github.com/gin-gonic/gin@v1.9.0 +CVE-2023-29401 until=2023-06-30 + # pkg:golang/github.com/hashicorp/consul/api@v1.15.3 CVE-2022-29153 until=2023-06-30 diff --git a/Makefile b/Makefile index 5fae57d4d..b19e43817 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@5.22.0 +# devctl@6.1.1 # include Makefile.*.mk @@ -20,4 +20,4 @@ include Makefile.*.mk .PHONY: help help: ## Display this help. - @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-20s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) + @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z%\\\/_0-9-]+:.*?##/ { printf " \033[36m%-20s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) diff --git a/Makefile.gen.app.mk b/Makefile.gen.app.mk index f5ce6d3d3..0af26ad5e 100644 --- a/Makefile.gen.app.mk +++ b/Makefile.gen.app.mk @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@5.22.0 +# devctl@6.1.1 # ##@ App diff --git a/Makefile.gen.go.mk b/Makefile.gen.go.mk index 4d5762c24..b39b17d59 100644 --- a/Makefile.gen.go.mk +++ b/Makefile.gen.go.mk @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@5.22.0 +# devctl@6.1.1 # APPLICATION := $(shell go list -m | cut -d '/' -f 3) diff --git a/helm/chart-operator/values.schema.json b/helm/chart-operator/values.schema.json new file mode 100644 index 000000000..71c411d27 --- /dev/null +++ b/helm/chart-operator/values.schema.json @@ -0,0 +1,305 @@ +{ + "$schema": "http://json-schema.org/schema#", + "type": "object", + "properties": { + "bootstrapMode": { + "type": "object", + "properties": { + "apiServerPodPort": { + "type": "integer" + }, + "enabled": { + "type": "boolean" + } + } + }, + "chartOperator": { + "type": "object", + "properties": { + "cni": { + "type": "object", + "properties": { + "install": { + "type": "boolean" + } + } + } + } + }, + "cluster": { + "type": "object", + "properties": { + "kubernetes": { + "type": "object", + "properties": { + "domain": { + "type": "string" + } + } + }, + "proxy": { + "type": "object", + "properties": { + "http": { + "type": "null" + }, + "https": { + "type": "null" + }, + "noProxy": { + "type": "null" + } + } + } + } + }, + "clusterDNSIP": { + "type": "string" + }, + "deployment": { + "type": "object", + "properties": { + "limits": { + "type": "object", + "properties": { + "memory": { + "type": "string" + } + } + }, + "requests": { + "type": "object", + "properties": { + "cpu": { + "type": "string" + }, + "memory": { + "type": "string" + } + } + } + } + }, + "e2e": { + "type": "boolean" + }, + "externalDNSIP": { + "type": "string" + }, + "helm": { + "type": "object", + "properties": { + "http": { + "type": "object", + "properties": { + "clientTimeout": { + "type": "string" + } + } + }, + "kubernetes": { + "type": "object", + "properties": { + "waitTimeout": { + "type": "string" + }, + "watch": { + "type": "object", + "properties": { + "namespace": { + "type": "string" + } + } + } + } + }, + "maxRollback": { + "type": "integer" + }, + "namespaceWhitelist": { + "type": "array" + }, + "splitClient": { + "type": "boolean" + } + } + }, + "image": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "registry": { + "type": "string" + }, + "tag": { + "type": "string" + } + } + }, + "isManagementCluster": { + "type": "boolean" + }, + "kyvernoPolicyExceptions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "namespace": { + "type": "string" + } + } + }, + "pod": { + "type": "object", + "properties": { + "group": { + "type": "object", + "properties": { + "id": { + "type": "integer" + } + } + }, + "port": { + "type": "integer" + }, + "replicas": { + "type": "integer" + }, + "user": { + "type": "object", + "properties": { + "id": { + "type": "integer" + } + } + } + } + }, + "podSecurityContext": { + "type": "object", + "properties": { + "runAsNonRoot": { + "type": "boolean" + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string" + } + } + } + } + }, + "project": { + "type": "object", + "properties": { + "branch": { + "type": "string" + }, + "commit": { + "type": "string" + } + } + }, + "proxy": { + "type": "object", + "properties": { + "http": { + "type": "null" + }, + "https": { + "type": "null" + }, + "noProxy": { + "type": "null" + } + } + }, + "registry": { + "type": "object", + "properties": { + "domain": { + "type": "string" + } + } + }, + "resource": { + "type": "object", + "properties": { + "default": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + } + }, + "psp": { + "type": "object", + "properties": { + "name": { + "type": "string" + } + } + } + } + }, + "securityContext": { + "type": "object", + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "capabilities": { + "type": "object", + "properties": { + "drop": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "privileged": { + "type": "boolean" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string" + } + } + } + } + }, + "tiller": { + "type": "object", + "properties": { + "namespace": { + "type": "string" + } + } + }, + "verticalPodAutoscaler": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + } + } + } + } +}