diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 58644ea7..b9ea037f 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -33,6 +33,8 @@ jobs: uses: Activiti/Activiti/.github/actions/check-ext-build@d50dea0ec2f4b06b26a8018e5b9083fbced01ed5 # 8.0.0-alpha.10 - name: Setup Helm Docs uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@692f336894abea26ff555cdef6e098f415c47286 # v5.28.3 + with: + version: 1.13.1 - name: Run Checkov uses: bridgecrewio/checkov-action@e1bb78184f5dd3690fb1089d6c4f51295f9dff48 # v12.1839.0 with: @@ -56,8 +58,7 @@ jobs: chart-dir: ${{ env.CHART_DIR }} - name: Setup Helm test plugin - run: helm plugin install https://github.com/helm-unittest/helm-unittest.git --version v0.3.2 - + run: helm plugin install https://github.com/helm-unittest/helm-unittest.git --version v0.5.1 || true - name: Test run: helm unittest $CHART_DIR @@ -111,6 +112,8 @@ jobs: helm-repo-url: ${{ env.HELM_REPO_BASE_URL }} - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@692f336894abea26ff555cdef6e098f415c47286 # v5.28.3 + with: + version: 1.13.1 - uses: Alfresco/alfresco-build-tools/.github/actions/jx-updatebot-pr@692f336894abea26ff555cdef6e098f415c47286 # v5.28.3 env: GH_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }} diff --git a/.gitignore b/.gitignore index 0c00dbf5..9d8643f8 100644 --- a/.gitignore +++ b/.gitignore @@ -37,3 +37,5 @@ hs_err_pid* #updatebot checkout dir .updatebot-repos/ .updatebot-repos/** + +node_modules/ diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 0ba4e978..bdaa783d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,14 +1,14 @@ repos: - repo: https://github.com/norwoodj/helm-docs - rev: v1.11.1 + rev: v1.13.1 hooks: - id: helm-docs - repo: https://github.com/gruntwork-io/pre-commit - rev: v0.1.22 + rev: v0.1.23 hooks: - id: helmlint - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.4.0 + rev: v4.6.0 hooks: - id: check-merge-conflict - id: fix-byte-order-marker @@ -20,14 +20,14 @@ repos: args: [--allow-multiple-documents] exclude: charts/.*/templates - repo: https://github.com/pre-commit/mirrors-prettier - rev: v3.0.1 + rev: v4.0.0-alpha.8 hooks: - id: prettier types_or: - markdown exclude: charts/.*/README.md - repo: https://github.com/sirosen/check-jsonschema - rev: 0.23.3 + rev: 0.28.5 hooks: - id: check-dependabot - id: check-github-actions diff --git a/charts/common/Makefile b/charts/common/Makefile index 58a53627..94e4c363 100644 --- a/charts/common/Makefile +++ b/charts/common/Makefile @@ -6,8 +6,8 @@ GITHUB_CHARTS_REPO := "https://${GITHUB_TOKEN}@github.com/Activiti/activiti-clou GITHUB_CHARTS_BRANCH := $(or $(GITHUB_CHARTS_BRANCH),gh-pages) plugin: - helm plugin install https://github.com/helm-unittest/helm-unittest.git --version v0.3.2 || true - helm plugin install https://github.com/jtyr/kubeconform-helm --version v0.1.12 || true + helm plugin install https://github.com/helm-unittest/helm-unittest.git --version v0.5.1 || true + helm plugin install https://github.com/jtyr/kubeconform-helm.git --version v0.1.16 || true build: clean helm dep up diff --git a/charts/common/README.md b/charts/common/README.md index 40d7a9ac..98178df0 100644 --- a/charts/common/README.md +++ b/charts/common/README.md @@ -109,6 +109,8 @@ A Helm chart for Activiti Cloud Common Templates | pgchecker.resources | object | `{"limits":{"cpu":"10m","memory":"16Mi"},"requests":{"cpu":"10m","memory":"16Mi"}}` | Resource requests and limits for the pgchecker container | | pgchecker.securityContext | object | `{"allowPrivilegeEscalation":false,"runAsGroup":1000,"runAsNonRoot":true,"runAsUser":1000}` | SecurityContext for the pgchecker container | | podAnnotations | object | `{}` | configure deployment pod podAnnotations as dict | +| podDisruptionBudget.enabled | bool | `false` | set to true to enable PodDisruptionBudget | +| podDisruptionBudget.minAvailable | int | `1` | min replicas to keep | | podLabels | object | `{}` | configure deployment pod podLabels as dict | | podSecurityContext | object | `{}` | | | postgresql.enabled | bool | `false` | | @@ -149,6 +151,3 @@ A Helm chart for Activiti Cloud Common Templates | tolerations | list | `[]` | allows customising tolerations | | volumeMounts | list | `[]` | add additional volume mounts as list | | volumes | list | `[]` | add additional volumes as list | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) diff --git a/charts/common/README.md.gotmpl b/charts/common/README.md.gotmpl new file mode 100644 index 00000000..9174c355 --- /dev/null +++ b/charts/common/README.md.gotmpl @@ -0,0 +1,16 @@ +{{ template "chart.header" . }} +{{ template "chart.deprecationWarning" . }} + +{{ template "chart.badgesSection" . }} + +{{ template "chart.description" . }} + +{{ template "chart.homepageLine" . }} + +{{ template "chart.maintainersSection" . }} + +{{ template "chart.sourcesSection" . }} + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} diff --git a/charts/common/templates/_pdb.yaml b/charts/common/templates/_pdb.yaml new file mode 100644 index 00000000..1ed301a2 --- /dev/null +++ b/charts/common/templates/_pdb.yaml @@ -0,0 +1,20 @@ +{{- define "common.pdb.tpl" -}} +{{- if .Values.podDisruptionBudget.enabled }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ template "common.fullname" . }} + labels: + {{- include "common.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "common.selectorLabels" . | nindent 6 }} + minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} +{{- end }} +{{- end -}} +{{- define "common.pdb" -}} + {{- if index (first .) "Values" "podDisruptionBudget" "enabled" -}} + {{- template "common.util.merge" (append . "common.pdb.tpl") -}} + {{- end -}} +{{- end -}} diff --git a/charts/common/templates/pdb.yaml b/charts/common/templates/pdb.yaml new file mode 100644 index 00000000..03d8e595 --- /dev/null +++ b/charts/common/templates/pdb.yaml @@ -0,0 +1,5 @@ +{{- if .Values.enabled -}} +{{- template "common.pdb" (list . "activiti.cloud.pdb") -}} +{{- end -}} +{{- define "activiti.cloud.pdb" -}} +{{- end -}} diff --git a/charts/common/tests/pdb_test.yaml b/charts/common/tests/pdb_test.yaml new file mode 100644 index 00000000..4fc9aa3e --- /dev/null +++ b/charts/common/tests/pdb_test.yaml @@ -0,0 +1,41 @@ +suite: test pdb +templates: + - pdb.yaml +tests: + - it: should render nothing when not enabled + set: + enabled: false + asserts: + - hasDocuments: + count: 0 + - it: should render nothing when podDisruptionBudget.enabled=false + set: + enabled: true + podDisruptionBudget: + enabled: false + asserts: + - hasDocuments: + count: 0 + - it: should render minAvailable + set: + enabled: true + podDisruptionBudget: + enabled: true + minAvailable: 5 + asserts: + - hasDocuments: + count: 1 + - isKind: + of: PodDisruptionBudget + - equal: + path: spec.minAvailable + value: 5 + - it: should render the releaseName in the metadata.name + set: + enabled: true + podDisruptionBudget: + enabled: true + asserts: + - equal: + path: metadata.name + value: RELEASE-NAME-common diff --git a/charts/common/values.yaml b/charts/common/values.yaml index de48f4ad..accab22f 100644 --- a/charts/common/values.yaml +++ b/charts/common/values.yaml @@ -340,3 +340,9 @@ sidecars: [] hpa: enabled: false + +podDisruptionBudget: + # podDisruptionBudget.enabled -- set to true to enable PodDisruptionBudget + enabled: false + # podDisruptionBudget.minAvailable -- min replicas to keep + minAvailable: 1