Merge branch 'release/v0.2.0' into main

cloudogu · Oct 5, 2023 · ba5e3cd · ba5e3cd
2 parents 2dd6cc9 + 63cca7b
commit ba5e3cd
Show file tree

Hide file tree

Showing 20 changed files with 870 additions and 153 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [v0.2.0] - 2023-10-05
+### Added
+- [#4] Add CRD-Release to Jenkinsfile
+
 ## [v0.1.0] - 2023-09-05
 
 Initial release

diff --git a/Dockerfile b/Dockerfile
@@ -33,7 +33,7 @@ RUN make compile-generic
 FROM gcr.io/distroless/static:nonroot
 LABEL maintainer="[email protected]" \
       NAME="k8s-backup-operator" \
-      VERSION="0.1.0"
+      VERSION="0.2.0"
 
 WORKDIR /
 COPY --from=builder /workspace/target/k8s-backup-operator .

diff --git a/Jenkinsfile b/Jenkinsfile
@@ -187,9 +187,8 @@ void stageStaticAnalysisSonarQube() {
 
 void stageAutomaticRelease(Makefile makefile) {
     if (gitflow.isReleaseBranch()) {
-        String releaseVersion = git.getSimpleBranchName()
-        String dockerReleaseVersion = releaseVersion.split("v")[1]
         String controllerVersion = makefile.getVersion()
+        String releaseVersion = "v${controllerVersion}".toString()
 
         stage('Build & Push Image') {
             withCredentials([usernamePassword(credentialsId: 'cesmarvin',
@@ -200,10 +199,10 @@ void stageAutomaticRelease(Makefile makefile) {
                         "login ${CES_MARVIN_USERNAME}\n" +
                         "password ${CES_MARVIN_PASSWORD}\" >> ~/.netrc"
             }
-            def dockerImage = docker.build("cloudogu/${repositoryName}:${dockerReleaseVersion}")
+            def dockerImage = docker.build("cloudogu/${repositoryName}:${controllerVersion}")
             sh "rm ~/.netrc"
             docker.withRegistry('https://registry.hub.docker.com/', 'dockerHubCredentials') {
-                dockerImage.push("${dockerReleaseVersion}")
+                dockerImage.push("${controllerVersion}")
             }
         }
 
@@ -238,11 +237,16 @@ void stageAutomaticRelease(Makefile makefile) {
                     .mountJenkinsUser()
                     .inside("--volume ${WORKSPACE}:/go/src/${project} -w /go/src/${project}")
                             {
-                                make 'k8s-helm-package-release'
+                                // Package operator-chart & crd-chart
+                                make 'helm-package-release'
+                                make 'crd-helm-package'
 
+                                // Push charts
                                 withCredentials([usernamePassword(credentialsId: 'harborhelmchartpush', usernameVariable: 'HARBOR_USERNAME', passwordVariable: 'HARBOR_PASSWORD')]) {
                                     sh ".bin/helm registry login ${registry} --username '${HARBOR_USERNAME}' --password '${HARBOR_PASSWORD}'"
+
                                     sh ".bin/helm push target/helm/${repositoryName}-${controllerVersion}.tgz oci://${registry}/${registry_namespace}/"
+                                    sh ".bin/helm push target/helm-crd/${repositoryName}-crd-${controllerVersion}.tgz oci://${registry}/${registry_namespace}/"
                                 }
                             }
         }

diff --git a/Makefile b/Makefile
@@ -1,11 +1,11 @@
 # Set these to the desired values
 ARTIFACT_ID=k8s-backup-operator
-VERSION=0.1.0
+VERSION=0.2.0
 ## Image URL to use all building/pushing image targets
 IMAGE_DEV=${K3CES_REGISTRY_URL_PREFIX}/${ARTIFACT_ID}:${VERSION}
 IMAGE=cloudogu/${ARTIFACT_ID}:${VERSION}
 GOTAG?=1.21
-MAKEFILES_VERSION=7.13.1
+MAKEFILES_VERSION=8.5.0
 LINT_VERSION=v1.52.1
 STAGE?=production
 

diff --git a/build/make/bats/Dockerfile b/build/make/bats/Dockerfile
@@ -4,4 +4,4 @@ ARG BATS_TAG
 FROM ${BATS_BASE_IMAGE}:${BATS_TAG}
 
 # Make bash more findable by scripts and tests
-RUN apk add make git bash
+RUN apk add make git bash
diff --git a/build/make/coder-lib.sh b/build/make/coder-lib.sh
@@ -0,0 +1,167 @@
+#!/bin/bash
+# a collection of helpful functions to update coder workspaces for rapid development
+set -e -u -x -o pipefail
+
+function getCoderUser() {
+  coder users show me -o json | jq -r '.username'
+}
+
+function getAllWorkspaces() {
+  coder list -c workspace | tail -n+2
+}
+
+function doesWorkspaceExist() {
+  coderUser="$1"
+  workspaceName="$2"
+
+  workspace=$(coder list -a -o json | jq -r "select(.[].owner_name == \"${coderUser}\" and  .[].name == \"${workspaceName}\") | .[0].name")
+  if [ -z "$workspace" ]; then
+    return 1 #workspace does not exist
+  else
+    return 0
+  fi
+}
+
+function generateUniqueWorkspaceName() {
+  local wantedWorkspacePrefix="$1"
+  # use time to make name unique
+  local time
+  time=$(date +'%H-%M-%S')
+  local lengthOfTime=${#time}
+  local delimiter='-'
+  local lengthOfDelimiter=${#delimiter}
+  # trim prefix, as workspace names are limited to 32 chars
+  local trimmedPrefix="${wantedWorkspacePrefix:0:$((32 - lengthOfDelimiter - lengthOfTime))}"
+  local uniqueName="${trimmedPrefix}${delimiter}${time}"
+  # '--' is forbidden in coder, replace multiple '-' with a single one.
+  echo "${uniqueName}" | awk '{gsub(/[-]+/,"-")}1'
+  # returns sth like 'myPrefix-12-45-23'
+}
+
+function buildImage() {
+  local tag="$1"
+  local buildDir="${2:-./build}"
+  local secretDir="${3:-./secretArgs}"
+  local containerExec="${4:-podman}"
+  local secretArgs=()
+  # include build-secrets if there are any
+  # shellcheck disable=SC2231
+  for secretPath in $secretDir/*; do
+    # do not match .sh scripts
+    [[ $secretPath == *.sh ]] && continue
+    local secretName
+    secretName=$(basename "$secretPath")
+    secretArgs+=("--secret=id=$secretName,src=$secretDir/$secretName")
+  done
+  if [ "$containerExec" = "podman" ]; then
+    $containerExec build -t "$tag" --pull=newer "$buildDir" "${secretArgs[@]}"
+  else
+    $containerExec build -t "$tag" --pull "$buildDir" "${secretArgs[@]}"
+  fi
+}
+
+function doTrivyConvert() {
+  local trivyFlags=$1
+  local outputFile=$2
+  local containerExec=$3
+  local jsonScanToConvert=$4
+
+  local containerJsonScanFile="/tmp/scan.json"
+
+  # shellcheck disable=SC2086
+  # as globbing is what we want here
+  "$containerExec" run --rm --pull=always \
+    -v trivy-cache:/root/.cache \
+    -v "$jsonScanToConvert:$containerJsonScanFile" \
+    aquasec/trivy -q \
+    convert $trivyFlags "$containerJsonScanFile"  > "$outputFile"
+}
+
+function uploadTemplate() {
+  local templateDir="${1:?"Error. you need to add the template directory as the first parameter"}"
+  local templateName="${2:?"Error. you need to add the template name as the second parameter"}"
+  # for terraform variables (not editable by workspace users)
+  local variablesFile="${templateDir}/variables.yaml"
+  if [ -f "$variablesFile" ]; then
+    local doesVariablesFileExist=1
+  fi
+  if ! coder template push -y -d "$templateDir" ${doesVariablesFileExist:+--variables-file "$variablesFile"} "$templateName"; then
+    # if template does not exist yet, create it in coder
+    coder template create -y -d "$templateDir" ${doesVariablesFileExist:+--variables-file "$variablesFile"} "$templateName"
+  fi
+}
+
+function createNewWorkspace() {
+  local templateName="$1"
+  local workspaceName="$2"
+  # 3. param is optional, set it to autofill prompts for coder params
+  local templateDir="${3-unset}"
+  local richParametersFile="${templateDir}/rich-parameters.yaml"
+  if [ -n "${templateDir+x}" ] && [ -f "$richParametersFile" ]; then
+    local doesRichParametersFileExist=1
+  fi
+  coder create -t "$templateName" -y "$workspaceName" ${doesRichParametersFileExist:+--rich-parameter-file "$richParametersFile"}
+}
+
+function removeAllOtherWorkspaces() {
+  local CODER_USER="$1"
+  local WORKSPACE_PREFIX="$2"
+  local IGNORED_WORKSPACE="$3"
+  WORKSPACES="$(getAllWorkspaces)"
+  for ws in $WORKSPACES; do
+    if [ "$ws" != "$CODER_USER/$IGNORED_WORKSPACE" ] && [[ "$ws" =~ ^"$CODER_USER/$WORKSPACE_PREFIX" ]]; then
+      echo "delete $ws"
+      if ! coder delete "$ws" -y; then
+        #do it twice as podman always throws an error at the first time
+        coder delete "$ws" -y
+      fi
+    fi
+  done
+}
+
+function updateWorkspace() {
+  local coderUser="$1"
+  local workspaceName="$2"
+  local qualifiedWorkspaceName="$coderUser/$workspaceName"
+  if ! coder stop "$qualifiedWorkspaceName" -y; then
+    #do it twice as podman always throws an error at the first time
+    coder stop "$qualifiedWorkspaceName" -y
+  fi
+  coder update "$qualifiedWorkspaceName"
+}
+
+function startTestWorkspace() {
+  local coderUser="$1"
+  local templateDir="$2"
+  local workspacePrefix="$3"
+  local templateName="$4"
+  local reuseTestWorkspace="$5"
+
+  local newWorkspaceName
+  if [ "$reuseTestWorkspace" = false ]; then
+    newWorkspaceName="$(generateUniqueWorkspaceName "$workspacePrefix")"
+    # do that before deleting others, so that i don't need to wait
+    createNewWorkspace "$templateName" "$newWorkspaceName" "$templateDir"
+    # trim prefix as the name of the workspace can also get trimmed
+    removeAllOtherWorkspaces "$coderUser" "${workspacePrefix:0:22}" "$newWorkspaceName"
+  else
+    newWorkspaceName="$workspacePrefix"
+    if ! doesWorkspaceExist "$coderUser" "$newWorkspaceName"; then
+      createNewWorkspace "$templateName" "$newWorkspaceName" "$templateDir"
+    else
+      updateWorkspace "$coderUser" "$newWorkspaceName"
+    fi
+  fi
+}
+
+function uploadToNexus() {
+  local fileToUpload="$1"
+  local fileNameNexus="${fileToUpload##*/}"
+  local templateName="$2"
+  local releaseVersion="$3"
+  local nexusUrl="${4:-https://ecosystem.cloudogu.com/nexus/repository/itz-bund/coder}"
+  set +x #disable command printing because of the password
+  curl --progress-bar -u "$(cat secrets/nexus-user):$(cat secrets/nexus-pw)" --upload-file "$fileToUpload" \
+    "$nexusUrl/$templateName/$releaseVersion/$fileNameNexus"
+  set -x
+}