Merge branch 'release/v2.9.1-3' into main

.env.template

@@ -1 +1,2 @@
-NAMESPACE=ecosystem
+NAMESPACE=ecosystem
+STAGE=development

CHANGELOG.md

@@ -7,6 +7,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [v2.9.1-3] - 2023-12-06
+### Added
+- [#2] Add patch templates for using the chart in airgapped environments.
+- [#4] Add default configuration for using k8s-minio and add shared secrets k8s-promtail to send data to k8s-loki
+
 ## [v2.9.1-2] - 2023-09-27
 ### Fixed
 - Fix release to helm-registry

Jenkinsfile

@@ -1,5 +1,5 @@
 #!groovy
-@Library('github.com/cloudogu/ces-build-lib@1.67.0')
+@Library('github.com/cloudogu/ces-build-lib@1.68.0')
 import com.cloudogu.ces.cesbuildlib.*
 
 git = new Git(this, "cesmarvin")
@@ -12,9 +12,14 @@ changelog = new Changelog(this)
 repositoryName = "k8s-loki"
 productionReleaseBranch = "main"
 
-node('docker') {
-    K3d k3d = new K3d(this, "${WORKSPACE}", "${WORKSPACE}/k3d", env.PATH)
+registryNamespace = "k8s"
+registryUrl = "registry.cloudogu.com"
+
+goVersion = "1.21"
+helmTargetDir = "target/k8s"
+helmChartDir = "${helmTargetDir}/helm"
 
+node('docker') {
     timestamps {
         catchError {
             timeout(activity: false, time: 60, unit: 'MINUTES') {
@@ -23,33 +28,57 @@ node('docker') {
                     make 'clean'
                 }
 
-                kubevalImage = "cytopia/kubeval:0.15"
-                stage("Lint k8s Resources") {
-                    new Docker(this)
-                            .image(kubevalImage)
-                            .inside("-v ${WORKSPACE}/loki/manifests/:/data -t --entrypoint=")
-                                    {
-                                        sh "kubeval manifests/loki.yaml --ignore-missing-schemas"
+                new Docker(this)
+                        .image("golang:${goVersion}")
+                        .mountJenkinsUser()
+                        .inside("--volume ${WORKSPACE}:/${repositoryName} -w /${repositoryName}")
+                                {
+                                    stage('Generate k8s Resources') {
+                                        make 'helm-update-dependencies'
+                                        make 'helm-generate'
+                                        archiveArtifacts "${helmTargetDir}/**/*"
                                     }
-                }
 
-                stage('Set up k3d cluster') {
-                    k3d.startK3d()
-                }
-                stage('Install kubectl') {
-                    k3d.installKubectl()
-                }
+                                    stage("Lint helm") {
+                                        make 'helm-lint'
+                                    }
+                                }
 
-                stage('Test loki') {
-                    echo "Loki testing stage not implemented yet"
+                K3d k3d = new K3d(this, "${WORKSPACE}", "${WORKSPACE}/k3d", env.PATH)
+
+                try {
+                    stage('Set up k3d cluster') {
+                        k3d.startK3d()
+                    }
+
+                    stage('Deploy minio') {
+                        withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: 'harborhelmchartpush', usernameVariable: 'HARBOR_USERNAME', passwordVariable: 'HARBOR_PASSWORD']]) {
+                            k3d.helm("registry login ${registryUrl} --username '${HARBOR_USERNAME}' --password '${HARBOR_PASSWORD}'")
+                            k3d.helm("install k8s-minio oci://${registryUrl}/${registryNamespace}/k8s-minio --version 2023.9.23-3")
+                        }
+                    }
+
+                    stage('Deploy k8s-loki') {
+                        k3d.helm("install ${repositoryName} ${helmChartDir}")
+                    }
+
+                    stage('Test k8s-loki') {
+                        // Sleep because it takes time for the controller to create the resource. Without it would end up
+                        // in error "no matching resource found when run the wait command"
+                        sleep(20)
+                        k3d.kubectl("wait --for=condition=ready pod -l app.kubernetes.io/instance=k8s-loki --timeout=300s")
+                    }
+                } catch(Exception e) {
+                    k3d.collectAndArchiveLogs()
+                    throw e as java.lang.Throwable
+                } finally {
+                    stage('Remove k3d cluster') {
+                        k3d.deleteK3d()
+                    }
                 }
             }
         }
 
-        stage('Remove k3d cluster') {
-            k3d.deleteK3d()
-        }
-
         stageAutomaticRelease()
     }
 }
@@ -59,40 +88,27 @@ void stageAutomaticRelease() {
         Makefile makefile = new Makefile(this)
         String releaseVersion = makefile.getVersion()
         String changelogVersion = git.getSimpleBranchName()
-        String registryNamespace = "k8s"
-        String registryUrl = "registry.cloudogu.com"
-
-        stage('Finish Release') {
-            gitflow.finishRelease(changelogVersion, productionReleaseBranch)
-        }
-
-        stage('Generate release resource') {
-            make 'generate-release-resource'
-        }
-
-        stage('Push to Registry') {
-            GString targetResourceYaml = "target/make/${registryNamespace}/${repositoryName}_${releaseVersion}.yaml"
-
-            DoguRegistry registry = new DoguRegistry(this)
-            registry.pushK8sYaml(targetResourceYaml, repositoryName, registryNamespace, "${releaseVersion}")
-        }
 
         stage('Push Helm chart to Harbor') {
             new Docker(this)
-                    .image("golang:1.20")
+                    .image("golang:${goVersion}")
                     .mountJenkinsUser()
                     .inside("--volume ${WORKSPACE}:/${repositoryName} -w /${repositoryName}")
                             {
-                                make "k8s/helm/charts"
-                                make 'helm-package-release'
+                                make 'helm-package'
+                                archiveArtifacts "${helmTargetDir}/**/*"
 
                                 withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: 'harborhelmchartpush', usernameVariable: 'HARBOR_USERNAME', passwordVariable: 'HARBOR_PASSWORD']]) {
                                     sh ".bin/helm registry login ${registryUrl} --username '${HARBOR_USERNAME}' --password '${HARBOR_PASSWORD}'"
-                                    sh ".bin/helm push target/make/k8s/helm/${repositoryName}-${releaseVersion}.tgz oci://${registryUrl}/${registryNamespace}"
+                                    sh ".bin/helm push ${helmChartDir}/${repositoryName}-${releaseVersion}.tgz oci://${registryUrl}/${registryNamespace}"
                                 }
                             }
         }
 
+        stage('Finish Release') {
+            gitflow.finishRelease(changelogVersion, productionReleaseBranch)
+        }
+
         stage('Add Github-Release') {
             releaseId = github.createReleaseWithChangelog(changelogVersion, changelog, productionReleaseBranch)
         }

Makefile

@@ -1,6 +1,6 @@
 ARTIFACT_ID=k8s-loki
-MAKEFILES_VERSION=8.4.0
-VERSION=2.9.1-2
+MAKEFILES_VERSION=9.0.1
+VERSION=2.9.1-3
 
 .DEFAULT_GOAL:=help
 
@@ -15,35 +15,9 @@ include build/make/self-update.mk
 
 ##@ Release
 
-K8S_PRE_GENERATE_TARGETS=generate-release-resource
 include build/make/k8s-component.mk
 
-.PHONY: generate-release-resource
-generate-release-resource: $(K8S_RESOURCE_TEMP_FOLDER)
-	@cp manifests/loki.yaml ${K8S_RESOURCE_TEMP_YAML}
-
 .PHONY: loki-release
 loki-release: ## Interactively starts the release workflow for loki
 	@echo "Starting git flow release..."
 	@build/make/release.sh loki
-
-##@ Helm dev targets
-# Loki needs a copy of the targets from k8s.mk without image-import because we use an external image here.
-
-.PHONY: ${K8S_HELM_RESSOURCES}/charts
-${K8S_HELM_RESSOURCES}/charts: ${BINARY_HELM}
-	@cd ${K8S_HELM_RESSOURCES} && ${BINARY_HELM} repo add grafana https://grafana.github.io/helm-charts && ${BINARY_HELM} dependency build
-
-.PHONY: helm-loki-apply
-helm-loki-apply: ${BINARY_HELM} ${K8S_HELM_RESSOURCES}/charts helm-generate $(K8S_POST_GENERATE_TARGETS) ## Generates and installs the helm chart.
-	@echo "Apply generated helm chart"
-	@${BINARY_HELM} upgrade -i ${ARTIFACT_ID} ${K8S_HELM_TARGET} --namespace ${NAMESPACE}
-
-.PHONY: helm-loki-reinstall
-helm-loki-reinstall: helm-delete helm-loki-apply ## Uninstalls the current helm chart and reinstalls it.
-
-.PHONY: helm-loki-chart-import
-helm-loki-chart-import: ${BINARY_HELM} ${K8S_HELM_RESSOURCES}/charts k8s-generate helm-generate-chart helm-package-release ## Pushes the helm chart to the k3ces registry.
-	@echo "Import ${K8S_HELM_RELEASE_TGZ} into K8s cluster ${K3CES_REGISTRY_URL_PREFIX}..."
-	@${BINARY_HELM} push ${K8S_HELM_RELEASE_TGZ} oci://${K3CES_REGISTRY_URL_PREFIX}/k8s ${BINARY_HELM_ADDITIONAL_PUSH_ARGS}
-	@echo "Done."

build/make/coder-lib.sh

@@ -2,8 +2,19 @@
 # a collection of helpful functions to update coder workspaces for rapid development
 set -e -u -x -o pipefail
 
+function getContainerBin() {
+  if [ -x "$(command -v podman)" ]; then
+    echo "podman";
+  else
+    echo "docker";
+  fi
+}
+
 function getCoderUser() {
-  coder users show me -o json | jq -r '.username'
+  # check if coder is installed, so that there is no problem with build and release targets if this is called before
+  if [ -x "$(command -v coder)" ]; then
+    coder users show me -o json | jq -r '.username';
+  fi
 }
 
 function getAllWorkspaces() {
@@ -40,23 +51,27 @@ function generateUniqueWorkspaceName() {
 
 function buildImage() {
   local tag="$1"
-  local buildDir="${2:-./build}"
-  local secretDir="${3:-./secretArgs}"
+  local containerBuildDir="${2:-./container}"
+  local secretDir="${3:-./secrets}"
   local containerExec="${4:-podman}"
-  local secretArgs=()
+
   # include build-secrets if there are any
-  # shellcheck disable=SC2231
-  for secretPath in $secretDir/*; do
-    # do not match .sh scripts
-    [[ $secretPath == *.sh ]] && continue
-    local secretName
-    secretName=$(basename "$secretPath")
-    secretArgs+=("--secret=id=$secretName,src=$secretDir/$secretName")
-  done
+  local secretArgs=()
+  if [ -d "$secretDir" ]; then
+    # shellcheck disable=SC2231
+    for secretPath in $secretDir/*; do
+      # do not match .sh scripts
+      [[ $secretPath == *.sh ]] && continue
+      local secretName
+      secretName=$(basename "$secretPath")
+      secretArgs+=("--secret=id=$secretName,src=$secretDir/$secretName")
+    done
+  fi
+
   if [ "$containerExec" = "podman" ]; then
-    $containerExec build -t "$tag" --pull=newer "$buildDir" "${secretArgs[@]}"
+    $containerExec build -t "$tag" --pull=newer "$containerBuildDir" "${secretArgs[@]}"
   else
-    $containerExec build -t "$tag" --pull "$buildDir" "${secretArgs[@]}"
+    $containerExec build -t "$tag" --pull "$containerBuildDir" "${secretArgs[@]}"
   fi
 }
 

build/make/coder.mk

@@ -28,10 +28,9 @@ CHANGELOG_FILE=${WORKDIR}/CHANGELOG.md
 TEMPLATE_RELEASE_TAR_GZ=${RELEASE_DIR}/${TEMPLATE_NAME}-template.tar.gz
 
 TEST_WORKSPACE_PREFIX?=test-${TEMPLATE_NAME}
-# only set if coder is installed, so that there is no problem with build and release targets
-CODER_USER?=$(shell if [ -x "$(command -v coder)" ]; then coder users show me -o json | jq -r '.username'; else echo ""; fi )
+CODER_USER?=$(shell . ${CODER_LIB_PATH} && getCoderUser)
 
-CONTAINER_BIN?=$(shell if [ -x "$(command -v podman)" ]; then echo "podman"; else echo "docker"; fi)
+CONTAINER_BIN?=$(shell . ${CODER_LIB_PATH} && getContainerBin)
 GOPASS_BIN?=$(shell command -v gopass 2> /dev/null)
 
 EXCLUDED_TEMPLATE_FILES?=rich-parameters.yaml variables.yaml