diff --git a/.github/workflows/update-release-notes.yml b/.github/workflows/update-release-notes.yml index ed6d35fdac6..b2641ec3970 100644 --- a/.github/workflows/update-release-notes.yml +++ b/.github/workflows/update-release-notes.yml @@ -7,6 +7,7 @@ on: - closed branches: - main + - develop # Allows you to run this workflow manually from the Actions tab workflow_dispatch: diff --git a/CHANGELOG/release-notes-v0.7.2.md b/CHANGELOG/release-notes-v0.7.2.md new file mode 100644 index 00000000000..e78a01c4176 --- /dev/null +++ b/CHANGELOG/release-notes-v0.7.2.md @@ -0,0 +1,127 @@ +## v0.7.2 + +## Bugs +- fix: error in enable change ci (#5358) +- fix: ci patch rbac fixes (#5461) +- fix: bitbucket commit race condition for concurrent requests (#5505) +- fix: handle nil check image scanning (#5497) +- fix: error in switching ci to external ci (#5500) +- fix: autoscale error handling (#5481) +- fix: ci material update fixes for linked ci pipelines (#5523) +- fix: Unable to get HPA manifest for no-gitops deployment (#5522) +- fix: Deployment stuck in starting for no-gitops based pipelines (#5526) +- fix: panic handling for deleted app in app group and env group filters (#5541) +- fix: security time fix when scanning is passed (#5549) +- fix: app group query optimisations (#5558) +- fix: version and fixed_version in image scan result table (#5552) +- fix: add if not exists in migration script for avoiding any errors while rerunning scripts (#5579) +- fix: Resource Browser Shortnames are not applying dynamically (#5573) +- fix: tls enabled flag not getting passed (#5609) +- fix: reverting acd token fetch logic (#5614) +- fix: query optimisations for app group cd listing and ci pipeline blockage state (#5641) +- fix: dependabot security updates (#5608) +- fix: default PipelineType given (#5668) +- fix: validation in CiJob for external Artifact (#5669) +- fix: Nats Panic Error in Orchestrator (#5670) +- fix: SSH & Proxy Cluster flows broken (#5675) +- fix: Restart in orchestrator just after release (#5671) +- fix: Sql query optimisation for application group app status listing (#5672) +- fix: handling for HPA (autoscaling) (#5666) +- fix: refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) +- fix: Decode secret fix on add update oss (#5695) +- fix: saving pco concurrency case handled (#5688) +- fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) +- fix: Issue in EA Mode Cluster - error: pg: multiple rows in result set. (#5708) +- fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712) +- fix: migration syn (#5718) +- fix: ci patch rbac for branch update (#5759) +- fix: Bitnami chart repo tls issue (#5740) +- fix: check rbac on env if envName is present (#5765) +- fix: scan tool active check removed (#5771) +- fix: panic handlings and argocd app delete stuck in partial stage (#5770) +- fix: unimplemented cluster cron service (#5781) +- fix: sql injection fixes (#5783) +- fix: sql injection fixes (#5801) +- fix: upgraded to /argo-cd/v2 v2.9.21 (#5758) +- fix: Ea rbac issues and not working on airgapped (#5813) +- fix: scan list in global security page sql injection fix (#5808) +- fix: app details page breaking (#5823) +- fix: plugin ip variables value getting changed (#5844) +- fix: ignore kubelink errors in server startup (#5852) (#5854) +- fix: user rbac flows (#5804) +- fix: pg multiple rows in EA mode (#5869) +- fix: app overview panic for helm app (#5863) +- fix: app detail page breaking (#5873) +- fix: copy container image plugin issue (#5876) +- fix: create GitOps configuration issue (#5883) +## Enhancements +- feat: support for handling hibernation and un-hibernation for keda enabled (#5431) +- feat: Async ArgoCd App refresh operation (#5448) +- feat: deployment config migration (#5368) +- feat: Skipping falg based CMCS for Ci Job (#5536) +- feat: expose git commit data as env vars for ci stage (#5534) +- feat: Defining applications as part of release track (#5489) +- feat: gitlab webhook support (#5420) +- feat: Enhance the buildx to use cache for multi arch builds (#5307) +- feat: bug fix for picking wrong values in docker arguments (#5565) +- feat: enable external argocd listing (#5585) +- feat: plugin versioning feature (#5352) +- feat: service account in chart sync (#5584) +- feat: panic in sync pod cron and terminal not opening fix (#5603) +- feat: tls support for git and gitops (#5305) +- feat: system network controller sql script (#5637) +- feat: skip argowf logs from ci logs (#5646) +- feat: gitops support for oci repositories (#5577) +- feat: ext argo app rbac and missing common features and flux app listing and details with rbac (#5528) +- feat: expose git ops metrics (#5582) +- feat: Generate config and secret hash for application mounting external k8s secrets (#5626) +- feat: Env description handling (#5744) +- feat: Added basic auth support for servicemonitor (#5761) +- feat: Docker pull env driven (#5767) +- feat: plugin creation support (#5630) +- feat: Added multiple features support in servicemonitor (#5789) +## Documentation +- doc: Added FAQ no. 28 + GoLang-migrate Link + Code Block Fix (#5502) +- docs: Drafted Software Distribution Hub (#5459) +- doc: Created Image Label + Comments Doc (#5314) +- doc: FAQ added for Bitnami Charts (#5545) +- doc: Added Keycloak SSO Doc (#5571) +- doc: Code scan plugin docs (#5562) +- docs: jenkins-plugin (#5542) +- doc: Copacetic plugin docs (#5564) +- doc: Pull images from container repository (#5563) +- doc: Collated Doc Fixes for July (#5591) +- doc: Drafted Schema Driven DT (#5533) +- doc: fixes in Copacetic plugin doc (#5622) +- doc: Edit Deployment Chart Schema (#5735) +- doc: Redirection of old entry in gitbook.yaml (#5738) +- docs: added Documentation for Air-Gapped Installation (#5360) +- doc: Update prerequisites of code-scan (#5625) +- doc: Cosign plugin doc (#5665) +- doc: CraneCopy plugin doc (#5658) +- doc: Devtron CD Trigger Plugin doc (#5747) +- doc: DockerSlim plugin doc (#5660) +- doc: Devtron Job Trigger Plugin doc (#5742) +- doc: Vulnerability Scanning Plugin doc (#5722) +- docs: Jira plugins doc (Validator + Updater) (#5709) +- docs: added commands enable ingress during helm installation (#5794) +- doc: Revamped + Restructured Ingress Setup Doc (#5798) +- docs: modifying route in ingress doc (#5799) +- docs: modified the anchorlink in ingress.md (#5800) +- doc: ArgoCD + FluxCD App Listing (#5636) +- doc: Added Special CEL Expr in Filter Condition doc (#5850) +## Others +- misc: removal of azure-devops-issue-sync.yml (#5592) +- misc: added action for discrod webhook (#5615) +- misc: Revert "misc: added action for discrod webhook" (#5619) +- chore: Plugin script fix oss (#5661) +- misc: Release candidate v0.16.0 (#5687) +- chore: migration number changes (#5692) +- chore: ea fixes for helm app (#5713) +- misc: Main sync rc - branch update (#5753) +- chore: Revert "feat: plugin creation support" (#5778) +- chore: cron status update refactoring (#5790) +- misc: sync with common-lib changes with release candidate 18 (#5830) +- chore: Custom tag for copy container image plugin (#5760) (#5841) +- chore: migration number fix (#5840) +- misc: Update CODEOWNERS (#5885) diff --git a/charts/devtron/Chart.yaml b/charts/devtron/Chart.yaml index 9f5318f6307..4c50dadb084 100644 --- a/charts/devtron/Chart.yaml +++ b/charts/devtron/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: devtron-operator -appVersion: 0.7.1 +appVersion: 0.7.2 description: Chart to configure and install Devtron. Devtron is a Kubernetes Orchestration system. keywords: - Devtron @@ -11,7 +11,7 @@ keywords: - argocd - Hyperion engine: gotpl -version: 0.22.73 +version: 0.22.74 sources: - https://github.com/devtron-labs/charts dependencies: diff --git a/charts/devtron/devtron-bom.yaml b/charts/devtron/devtron-bom.yaml index 6e35b6fc0ab..9f96cb713f4 100644 --- a/charts/devtron/devtron-bom.yaml +++ b/charts/devtron/devtron-bom.yaml @@ -8,13 +8,9 @@ global: runAsUser: 1000 runAsNonRoot: true containerRegistry: "quay.io/devtron" - # The below values can be specified both at global as well as component level - nodeSelector: {} - tolerations: [] - imagePullSecrets: [] extraManifests: [] installer: - release: "v0.7.1" + release: "v0.7.2" registry: "" image: "inception" tag: "473deaa4-185-21582" @@ -30,21 +26,25 @@ components: ENABLE_CI_JOB: "true" GLOBAL_API_TIMEOUT: "60000" TRIGGER_API_TIMEOUT: "60000" - ENABLE_EXTERNAL_ARGO_CD: "false" + ENABLE_EXTERNAL_ARGO_CD: "true" SERVICE_WORKER_TIMEOUT: "1" API_BATCH_SIZE: "30" + FEATURE_EXTERNAL_FLUX_CD_ENABLE: "true" + FEATURE_STEP_WISE_LOGS_ENABLE: "true" + FEATURE_USER_DEFINED_GITOPS_REPO_ENABLE: "true" + ENABLE_RESOURCE_SCAN: "true" registry: "" - image: "dashboard:5f95d187-690-23841" + image: "dashboard:215319c7-690-25536" imagePullPolicy: IfNotPresent devtron: registry: "" - image: "hyperion:291c4c75-280-23860" - cicdImage: "devtron:291c4c75-434-23853" + image: "hyperion:3f68456b-280-25566" + cicdImage: "devtron:3f68456b-434-25567" imagePullPolicy: IfNotPresent customOverrides: {} ciRunner: registry: "" - image: "ci-runner:48aca9f4-138-23844" + image: "ci-runner:fd5702db-138-25483" argocdDexServer: registry: "" image: "dex:v2.30.2" @@ -53,7 +53,7 @@ components: authenticator: "authenticator:e414faff-393-13273" kubelink: registry: "" - image: "kubelink:0dee6306-564-23843" + image: "kubelink:6ef0fbbe-564-25533" imagePullPolicy: IfNotPresent configs: ENABLE_HELM_RELEASE_CACHE: "true" @@ -71,7 +71,7 @@ components: keyName: postgresql-password kubewatch: registry: "" - image: "kubewatch:850b40d5-419-23840" + image: "kubewatch:7c8611f4-419-25531" imagePullPolicy: IfNotPresent configs: devtroncd_NAMESPACE: "devtron-ci" @@ -91,7 +91,7 @@ components: armImage: postgres_exporter:v0.10.1 gitsensor: registry: "" - image: "git-sensor:86e13283-200-23847" + image: "git-sensor:5b9cf0ec-200-25481" imagePullPolicy: IfNotPresent serviceMonitor: enabled: false @@ -109,7 +109,7 @@ components: # Values for lens lens: registry: "" - image: "lens:56211042-333-23839" + image: "lens:9db8a2fb-333-25482" imagePullPolicy: IfNotPresent configs: GIT_SENSOR_PROTOCOL: GRPC @@ -154,7 +154,7 @@ components: DB_NAME: "lens" chartSync: registry: "" - image: chart-sync:5a1d0301-150-23845 + image: chart-sync:13ffae06-150-25515 # values for argocd integration argo-cd: global: @@ -174,14 +174,14 @@ workflowController: IMDSv1ExecutorImage: "argoexec:v3.0.7" security: imageScanner: - image: "image-scanner:137872c2-141-23848" + image: "image-scanner:348201f8-141-25486" clair: image: repository: clair tag: 4.3.6 # Values for notifier integration notifier: - image: "notifier:9639b1ab-372-23850" + image: "notifier:06392394-372-25535" minio: image: "minio:RELEASE.2021-02-14T04-01-33Z" mbImage: "minio-mc:RELEASE.2021-02-14T04-28-06Z" @@ -200,3 +200,27 @@ monitoring: image: "k8s-sidecar:1.1.0" curlImage: "curl:7.73.0" imagePullPolicy: IfNotPresent +devtronEnterprise: + enabled: false + casbin: + registry: "" + image: "casbin:efc28fb2-6de0e914-462-25420" + imagePullPolicy: IfNotPresent + configs: + PG_ADDR: postgresql-postgresql.devtroncd + PG_DATABASE: casbin + PG_PORT: "5432" + PG_USER: postgres + dbconfig: + secretName: postgresql-postgresql + keyName: postgresql-password + resources: {} + scoop: + enabled: false + registry: "" + image: "scoop:296d351d-629-24001" + imagePullPolicy: IfNotPresent + resources: {} + configs: + CLUSTER_ID: "1" + ORCHESTRATOR_URL: http://devtron-service.devtroncd.svc.cluster.local/orchestrator diff --git a/charts/devtron/templates/_helpers.tpl b/charts/devtron/templates/_helpers.tpl index 97da656497d..97f2766cc7b 100644 --- a/charts/devtron/templates/_helpers.tpl +++ b/charts/devtron/templates/_helpers.tpl @@ -19,13 +19,19 @@ it randomly. {{- end -}} {{- end }} +{{- define "imagePullSecret" }} +{{- with .Values.imagePullSecret.credentials }} +{{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password (printf "%s:%s" .username .password | b64enc) | b64enc }} +{{- end }} +{{- end }} + {{/* Expand the node selectors, tolerations, and image pull secrets for a Kubernetes resource. Usage: -{{ include "common.nodeSelector" (dict "nodeSelector" .Values.path.to.nodeSelector "tolerations" .Values.path.to.tolerations "imagePullSecrets" .Values.path.to.imagePullSecrets "global" .Values.global ) }} +{{ include "common.schedulerConfig" (dict "nodeSelector" .Values.path.to.nodeSelector "tolerations" .Values.path.to.tolerations "imagePullSecrets" .Values.path.to.imagePullSecrets "global" .Values.global ) }} */}} -{{- define "common.nodeSelector" -}} +{{- define "common.schedulerConfig" -}} {{- if .nodeSelector }} nodeSelector: {{ toYaml .nodeSelector | indent 2 }} diff --git a/charts/devtron/templates/app-sync-job.yaml b/charts/devtron/templates/app-sync-job.yaml index d665faadc8e..92da12d5a25 100644 --- a/charts/devtron/templates/app-sync-job.yaml +++ b/charts/devtron/templates/app-sync-job.yaml @@ -11,7 +11,7 @@ spec: template: spec: serviceAccountName: devtron - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.chartSync.nodeSelector "tolerations" $.Values.components.chartSync.tolerations "imagePullSecrets" $.Values.components.chartSync.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.chartSync.nodeSelector "tolerations" $.Values.components.chartSync.tolerations "imagePullSecrets" $.Values.components.chartSync.imagePullSecrets "global" $.Values.global) | indent 6 }} initContainers: - name: migration-wait image: {{ include "common.image" (dict "component" $.Values.components.migrator "global" $.Values.global "extraImage" $.Values.components.migrator.kubectlImage ) }} @@ -75,7 +75,8 @@ spec: spec: template: spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.chartSync.nodeSelector "tolerations" $.Values.components.chartSync.tolerations "imagePullSecrets" $.Values.components.chartSync.imagePullSecrets "global" $.Values.global) | indent 10 }} + serviceAccountName: chart-sync + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.chartSync.nodeSelector "tolerations" $.Values.components.chartSync.tolerations "imagePullSecrets" $.Values.components.chartSync.imagePullSecrets "global" $.Values.global) | indent 10 }} {{- if and $.Values.global $.Values.global.podSecurityContext }} securityContext: {{- toYaml $.Values.global.podSecurityContext | nindent 12 }} diff --git a/charts/devtron/templates/casbin.yaml b/charts/devtron/templates/casbin.yaml new file mode 100644 index 00000000000..1a21f32143a --- /dev/null +++ b/charts/devtron/templates/casbin.yaml @@ -0,0 +1,125 @@ +{{- if and .Values.devtronEnterprise.enabled }} +{{- with .Values.devtronEnterprise.casbin }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: casbin + release: casbin + name: casbin + namespace: devtroncd +spec: + minReadySeconds: 60 + replicas: 1 + revisionHistoryLimit: 3 + selector: + matchLabels: + app: casbin + release: casbin + template: + metadata: + labels: + app: casbin + release: casbin + spec: + serviceAccountName: devtron-default-sa + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.devtronEnterprise.casbin.nodeSelector "tolerations" $.Values.devtronEnterprise.casbin.tolerations "imagePullSecrets" $.Values.devtronEnterprise.casbin.imagePullSecrets "global" $.Values.global) | indent 6 }} + containers: + - name: casbin + image: {{ include "common.image" (dict "component" $.Values.devtronEnterprise.casbin "global" $.Values.global) }} + {{- if .imagePullPolicy }} + imagePullPolicy: {{ .imagePullPolicy }} + {{- end }} + env: + - name: DEVTRON_APP_NAME + value: casbin + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + {{- if .dbconfig }} + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .dbconfig.secretName }} + key: {{ .dbconfig.keyName }} + {{- end }} + envFrom: + - configMapRef: + name: casbin-cm + livenessProbe: + failureThreshold: 3 + httpGet: + path: /health + port: 8080 + initialDelaySeconds: 20 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + readinessProbe: + failureThreshold: 3 + httpGet: + path: /health + port: 8080 + initialDelaySeconds: 20 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + ports: + - containerPort: 8080 + name: http + protocol: TCP + - containerPort: 9000 + name: app + protocol: TCP + {{- if .resources }} + resources: +{{ toYaml .resources | indent 12 }} + {{- end }} + volumeMounts: [] + restartPolicy: Always + terminationGracePeriodSeconds: 30 + volumes: [] +--- +# Casbin ConfigMap +apiVersion: v1 +kind: ConfigMap +metadata: + name: casbin-cm + namespace: devtroncd + labels: + app: casbin + release: casbin +{{- if .configs }} +data: +{{ toYaml .configs | indent 2 }} +{{- end }} +--- +# Casbin Service +apiVersion: v1 +kind: Service +metadata: + labels: + app: casbin + release: casbin + annotations: + "helm.sh/resource-policy": keep + name: casbin-service + namespace: devtroncd +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: http + - name: app + port: 9000 + protocol: TCP + targetPort: app + selector: + app: casbin + release: casbin + type: ClusterIP +{{- end}} +{{- end}} diff --git a/charts/devtron/templates/configmap-secret.yaml b/charts/devtron/templates/configmap-secret.yaml index b856f736dcc..3b6127f3ccd 100644 --- a/charts/devtron/templates/configmap-secret.yaml +++ b/charts/devtron/templates/configmap-secret.yaml @@ -247,9 +247,9 @@ data: PG_PASSWORD: {{ $postgresPwd }} {{- if $.Values.installer.modules }} {{- if has "cicd" $.Values.installer.modules }} + ORCH_TOKEN: {{ $ORCH_TOKEN }} EXTERNAL_CI_API_SECRET: {{ $EXTERNAL_CI_API_SECRET }} WEBHOOK_TOKEN: {{ $WEBHOOK_TOKEN }} - ORCH_TOKEN: {{ $ORCH_TOKEN }} DEX_SECRET: {{ $DEX_SECRET }} DEX_JWTKEY: {{ $DEX_JWTKEY }} DEX_CSTOREKEY: {{ $DEX_CSTOREKEY }} @@ -289,3 +289,57 @@ data: {{- end }} {{- end }} type: Opaque + +{{- if $.Values.imagePullSecret }} +{{- if $.Values.imagePullSecret.create }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ default "devtron-image-pull" .Values.imagePullSecret.name }} + namespace: devtroncd + annotations: + "helm.sh/hook": pre-install,pre-upgrade +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ include "imagePullSecret" . }} + +{{- if eq .Values.imagePullSecret.namespaceScope "all" }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ default "devtron-image-pull" .Values.imagePullSecret.name }} + namespace: devtron-cd + annotations: + "helm.sh/hook": pre-install,pre-upgrade +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ include "imagePullSecret" . }} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ default "devtron-image-pull" .Values.imagePullSecret.name }} + namespace: devtron-ci + annotations: + "helm.sh/hook": pre-install,pre-upgrade +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ include "imagePullSecret" . }} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ default "devtron-image-pull" .Values.imagePullSecret.name }} + namespace: argo + annotations: + "helm.sh/hook": pre-install,pre-upgrade +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ include "imagePullSecret" . }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/devtron/templates/dashboard.yaml b/charts/devtron/templates/dashboard.yaml index d909d4978dd..8d978e8cace 100644 --- a/charts/devtron/templates/dashboard.yaml +++ b/charts/devtron/templates/dashboard.yaml @@ -77,7 +77,8 @@ spec: securityContext: {{- toYaml $.Values.global.podSecurityContext | nindent 8 }} {{- end }} - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.dashboard.nodeSelector "tolerations" $.Values.components.dashboard.tolerations "imagePullSecrets" $.Values.components.dashboard.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.dashboard.nodeSelector "tolerations" $.Values.components.dashboard.tolerations "imagePullSecrets" $.Values.components.dashboard.imagePullSecrets "global" $.Values.global) | indent 6 }} + serviceAccountName: devtron-default-sa containers: - name: dashboard image: {{ include "common.image" (dict "component" $.Values.components.dashboard "global" $.Values.global) }} diff --git a/charts/devtron/templates/devtron-scc.yaml b/charts/devtron/templates/devtron-scc.yaml index b6f1c9680e8..1f5f10d03eb 100644 --- a/charts/devtron/templates/devtron-scc.yaml +++ b/charts/devtron/templates/devtron-scc.yaml @@ -32,6 +32,8 @@ users: - system:serviceaccount:devtroncd:argocd-server - system:serviceaccount:devtron-ci:ci-runner - system:serviceaccount:devtron-cd:cd-runner +- system:serviceaccount:devtroncd:chart-sync +- system:serviceaccount:devtroncd:devtron-default-sa volumes: - '*' {{- end }} diff --git a/charts/devtron/templates/devtron.yaml b/charts/devtron/templates/devtron.yaml index db2f24ccc8f..23c39c90b7a 100644 --- a/charts/devtron/templates/devtron.yaml +++ b/charts/devtron/templates/devtron.yaml @@ -1,4 +1,5 @@ {{- with .Values.components.devtron }} +{{- $argocdEnabled := index $.Values "argo-cd" }} --- apiVersion: v1 kind: ConfigMap @@ -19,6 +20,12 @@ data: DEX_HOST: http://argocd-dex-server.devtroncd DEX_PORT: "5556" APP_SYNC_IMAGE: {{ include "common.image" (dict "component" $.Values.components.chartSync "global" $.Values.global ) }} + {{- if and $.Values.devtronEnterprise.enabled $.Values.devtronEnterprise.scoop.enabled }} + SCOOP_CLUSTER_CONFIG: '{"1":{"serviceName":"scoop-service","passKey":"qhihdidhwid","namespace":"devtroncd","port":"80"}}' + {{- end }} + {{- if $.Values.devtronEnterprise.enabled }} + CASBIN_CLIENT_URL: casbin-service.devtroncd:9000 + {{- end }} {{- if $.Values.installer.modules }} {{- if has "cicd" $.Values.installer.modules }} CD_HOST: "argocd-server.devtroncd" @@ -86,7 +93,16 @@ data: ENFORCER_MAX_BATCH_SIZE: "1" DEVTRON_SECRET_NAME: "devtron-secret" ENABLE_ASYNC_ARGO_CD_INSTALL_DEVTRON_CHART: "false" - USE_ARTIFACT_LISTING_API_V2: "true" + USE_ARTIFACT_LISTING_API_V2: "false" + ASYNC_BUILDX_CACHE_EXPORT: "true" + BUILDX_CACHE_MODE_MIN: "false" + DEVTRON_CHART_ARGO_CD_INSTALL_REQUEST_TIMEOUT: "1" + IN_APP_LOGGING_ENABLED: "true" + PARALLELISM_LIMIT_FOR_TAG_PROCESSING: "2" + SCAN_V2_ENABLED: "false" + TIMEOUT_IN_SECONDS: "60" + SHOW_DOCKER_BUILD_ARGS: "true" + FORCE_SECURITY_SCANNING: "false" RUN_HELM_INSTALL_IN_ASYNC_MODE_HELM_APPS: "true" ENABLE_ASYNC_INSTALL_DEVTRON_CHART: "true" DEVTRON_CHART_INSTALL_REQUEST_TIMEOUT: "6" @@ -160,6 +176,26 @@ data: {{- if .customOverrides }} {{ toYaml .customOverrides | indent 2}} {{- end }} + {{- $modules := list }} + {{- if has "cicd" $.Values.installer.modules }} + {{- $modules = append $modules "cicd" }} + {{- if $.Values.notifier.enabled }} + {{- $modules = append $modules "notifier" }} + {{- end }} + {{- if and $.Values.security.enabled $.Values.security.trivy.enabled }} + {{- $modules = append $modules "security.trivy" }} + {{- end }} + {{- if and $.Values.security.enabled $.Values.security.clair.enabled }} + {{- $modules = append $modules "security.clair" }} + {{- end }} + {{- if $.Values.monitoring.grafana.enabled }} + {{- $modules = append $modules "monitoring.grafana" }} + {{- end }} + {{- if ($argocdEnabled.enabled) }} + {{- $modules = append $modules "argo-cd" }} + {{- end }} + {{- end }} + INSTALLED_MODULES: {{ if $modules }}{{ printf "'%s'" (join "," $modules) }}{{ else }}""{{ end }} DEFAULT_CI_IMAGE: {{ include "common.image" (dict "component" $.Values.components.ciRunner "global" $.Values.global ) }} --- apiVersion: v1 @@ -201,7 +237,7 @@ spec: app: devtron release: devtron spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.devtron.nodeSelector "tolerations" $.Values.components.devtron.tolerations "imagePullSecrets" $.Values.components.devtron.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.devtron.nodeSelector "tolerations" $.Values.components.devtron.tolerations "imagePullSecrets" $.Values.components.devtron.imagePullSecrets "global" $.Values.global) | indent 6 }} terminationGracePeriodSeconds: 30 restartPolicy: Always serviceAccountName: devtron diff --git a/charts/devtron/templates/dex.yaml b/charts/devtron/templates/dex.yaml index b5bbaadbcc9..a95c0379b7c 100644 --- a/charts/devtron/templates/dex.yaml +++ b/charts/devtron/templates/dex.yaml @@ -59,7 +59,7 @@ spec: labels: app.kubernetes.io/name: argocd-dex-server spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.argocdDexServer.nodeSelector "tolerations" $.Values.components.argocdDexServer.tolerations "imagePullSecrets" $.Values.components.argocdDexServer.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.argocdDexServer.nodeSelector "tolerations" $.Values.components.argocdDexServer.tolerations "imagePullSecrets" $.Values.components.argocdDexServer.imagePullSecrets "global" $.Values.global) | indent 6 }} affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: diff --git a/charts/devtron/templates/gitsensor.yaml b/charts/devtron/templates/gitsensor.yaml index 4697699b0b4..6248b7381b3 100644 --- a/charts/devtron/templates/gitsensor.yaml +++ b/charts/devtron/templates/gitsensor.yaml @@ -73,7 +73,8 @@ spec: securityContext: runAsGroup: 1000 runAsUser: 1000 - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.gitsensor.nodeSelector "tolerations" $.Values.components.gitsensor.tolerations "imagePullSecrets" $.Values.components.gitsensor.imagePullSecrets "global" $.Values.global) | indent 6 }} + serviceAccountName: devtron-default-sa + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.gitsensor.nodeSelector "tolerations" $.Values.components.gitsensor.tolerations "imagePullSecrets" $.Values.components.gitsensor.imagePullSecrets "global" $.Values.global) | indent 6 }} initContainers: - command: - /bin/sh diff --git a/charts/devtron/templates/grafana.yaml b/charts/devtron/templates/grafana.yaml index c99a841e4af..3fb4b8a6212 100644 --- a/charts/devtron/templates/grafana.yaml +++ b/charts/devtron/templates/grafana.yaml @@ -12,9 +12,10 @@ kind: Job metadata: name: grafana-org-job spec: + ttlSecondsAfterFinished: 100 template: spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.monitoring.grafana.nodeSelector "tolerations" $.Values.monitoring.grafana.tolerations "imagePullSecrets" $.Values.monitoring.grafana.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.monitoring.grafana.nodeSelector "tolerations" $.Values.monitoring.grafana.tolerations "imagePullSecrets" $.Values.monitoring.grafana.imagePullSecrets "global" $.Values.global) | indent 6 }} serviceAccountName: devtron containers: - name: grafana-restart @@ -511,7 +512,7 @@ spec: fsGroup: 472 runAsGroup: 472 runAsUser: 472 - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.monitoring.grafana.nodeSelector "tolerations" $.Values.monitoring.grafana.tolerations "imagePullSecrets" $.Values.monitoring.grafana.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.monitoring.grafana.nodeSelector "tolerations" $.Values.monitoring.grafana.tolerations "imagePullSecrets" $.Values.monitoring.grafana.imagePullSecrets "global" $.Values.global) | indent 6 }} initContainers: - name: init-chown-data image: {{ include "common.image" (dict "component" $.Values.monitoring.grafana "global" $.Values.global "extraImage" $.Values.monitoring.grafana.busyboxImage ) }} @@ -660,7 +661,7 @@ metadata: namespace: devtroncd spec: serviceAccountName: devtron-grafana-test - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.monitoring.grafana.nodeSelector "tolerations" $.Values.monitoring.grafana.tolerations "imagePullSecrets" $.Values.monitoring.grafana.imagePullSecrets "global" $.Values.global) | indent 2 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.monitoring.grafana.nodeSelector "tolerations" $.Values.monitoring.grafana.tolerations "imagePullSecrets" $.Values.monitoring.grafana.imagePullSecrets "global" $.Values.global) | indent 2 }} containers: - name: devtron-test image: {{ include "common.image" (dict "component" $.Values.monitoring.grafana "global" $.Values.global "extraImage" $.Values.monitoring.grafana.batsImage ) }} @@ -679,4 +680,4 @@ spec: {{- end }} {{- end }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/devtron/templates/install.yaml b/charts/devtron/templates/install.yaml index 123e037885a..e3e6192910f 100644 --- a/charts/devtron/templates/install.yaml +++ b/charts/devtron/templates/install.yaml @@ -80,6 +80,7 @@ spec: labels: app: inception spec: + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.installer.nodeSelector "tolerations" $.Values.installer.tolerations "imagePullSecrets" $.Values.installer.imagePullSecrets "global" $.Values.global) | indent 6 }} {{- if and $.Values.global $.Values.global.podSecurityContext }} securityContext: {{- toYaml $.Values.global.podSecurityContext | nindent 8 }} diff --git a/charts/devtron/templates/kubelink.yaml b/charts/devtron/templates/kubelink.yaml index 25436ac2a4d..f4e93054f0b 100644 --- a/charts/devtron/templates/kubelink.yaml +++ b/charts/devtron/templates/kubelink.yaml @@ -57,7 +57,7 @@ spec: labels: app: kubelink spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.kubelink.nodeSelector "tolerations" $.Values.components.kubelink.tolerations "imagePullSecrets" $.Values.components.kubelink.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.kubelink.nodeSelector "tolerations" $.Values.components.kubelink.tolerations "imagePullSecrets" $.Values.components.kubelink.imagePullSecrets "global" $.Values.global) | indent 6 }} terminationGracePeriodSeconds: 30 restartPolicy: Always serviceAccount: devtron diff --git a/charts/devtron/templates/kubewatch.yaml b/charts/devtron/templates/kubewatch.yaml index fc7366deda3..fa199caf3ca 100644 --- a/charts/devtron/templates/kubewatch.yaml +++ b/charts/devtron/templates/kubewatch.yaml @@ -167,7 +167,7 @@ spec: app: kubewatch release: devtron spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.kubewatch.nodeSelector "tolerations" $.Values.components.kubewatch.tolerations "imagePullSecrets" $.Values.components.kubewatch.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.kubewatch.nodeSelector "tolerations" $.Values.components.kubewatch.tolerations "imagePullSecrets" $.Values.components.kubewatch.imagePullSecrets "global" $.Values.global) | indent 6 }} terminationGracePeriodSeconds: 30 restartPolicy: Always serviceAccountName: kubewatch diff --git a/charts/devtron/templates/lens.yaml b/charts/devtron/templates/lens.yaml index 503fd22eb44..c3a87b34626 100644 --- a/charts/devtron/templates/lens.yaml +++ b/charts/devtron/templates/lens.yaml @@ -66,7 +66,8 @@ spec: app: lens release: devtron spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.lens.nodeSelector "tolerations" $.Values.components.lens.tolerations "imagePullSecrets" $.Values.components.lens.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.lens.nodeSelector "tolerations" $.Values.components.lens.tolerations "imagePullSecrets" $.Values.components.lens.imagePullSecrets "global" $.Values.global) | indent 6 }} + serviceAccountName: devtron-default-sa terminationGracePeriodSeconds: 30 restartPolicy: Always {{- if and $.Values.global $.Values.global.podSecurityContext }} diff --git a/charts/devtron/templates/migrator.yaml b/charts/devtron/templates/migrator.yaml index 00313889aee..31247c32776 100644 --- a/charts/devtron/templates/migrator.yaml +++ b/charts/devtron/templates/migrator.yaml @@ -14,7 +14,8 @@ metadata: spec: template: spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.migrator.nodeSelector "tolerations" $.Values.components.migrator.tolerations "imagePullSecrets" $.Values.components.migrator.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.migrator.nodeSelector "tolerations" $.Values.components.migrator.tolerations "imagePullSecrets" $.Values.components.migrator.imagePullSecrets "global" $.Values.global) | indent 6 }} + serviceAccountName: devtron-default-sa {{- if and $.Values.global $.Values.global.podSecurityContext }} securityContext: {{- toYaml $.Values.global.podSecurityContext | nindent 8 }} @@ -122,7 +123,7 @@ metadata: spec: template: spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.migrator.nodeSelector "tolerations" $.Values.components.migrator.tolerations "imagePullSecrets" $.Values.components.migrator.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.migrator.nodeSelector "tolerations" $.Values.components.migrator.tolerations "imagePullSecrets" $.Values.components.migrator.imagePullSecrets "global" $.Values.global) | indent 6 }} serviceAccountName: devtron {{- if and $.Values.global $.Values.global.podSecurityContext }} securityContext: @@ -221,7 +222,8 @@ metadata: spec: template: spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.migrator.nodeSelector "tolerations" $.Values.components.migrator.tolerations "imagePullSecrets" $.Values.components.migrator.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.migrator.nodeSelector "tolerations" $.Values.components.migrator.tolerations "imagePullSecrets" $.Values.components.migrator.imagePullSecrets "global" $.Values.global) | indent 6 }} + serviceAccountName: devtron-default-sa {{- if and $.Values.global $.Values.global.podSecurityContext }} securityContext: {{- toYaml $.Values.global.podSecurityContext | nindent 8 }} @@ -300,7 +302,8 @@ metadata: spec: template: spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.migrator.nodeSelector "tolerations" $.Values.components.migrator.tolerations "imagePullSecrets" $.Values.components.migrator.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.migrator.nodeSelector "tolerations" $.Values.components.migrator.tolerations "imagePullSecrets" $.Values.components.migrator.imagePullSecrets "global" $.Values.global) | indent 6 }} + serviceAccountName: devtron-default-sa {{- if and $.Values.global $.Values.global.podSecurityContext }} securityContext: {{- toYaml $.Values.global.podSecurityContext | nindent 8 }} @@ -378,9 +381,10 @@ kind: Job metadata: name: postgresql-miscellaneous spec: + ttlSecondsAfterFinished: 100 template: spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.migrator.nodeSelector "tolerations" $.Values.components.migrator.tolerations "imagePullSecrets" $.Values.components.migrator.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.migrator.nodeSelector "tolerations" $.Values.components.migrator.tolerations "imagePullSecrets" $.Values.components.migrator.imagePullSecrets "global" $.Values.global) | indent 6 }} securityContext: fsGroup: 1000 runAsGroup: 1000 @@ -415,4 +419,4 @@ spec: backoffLimit: 20 activeDeadlineSeconds: 1800 {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/devtron/templates/minio.yaml b/charts/devtron/templates/minio.yaml index e445ca43931..1f788bfe82c 100644 --- a/charts/devtron/templates/minio.yaml +++ b/charts/devtron/templates/minio.yaml @@ -259,7 +259,7 @@ spec: app: minio release: {{ $.Release.Name }} spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.minio.nodeSelector "tolerations" $.Values.minio.tolerations "imagePullSecrets" $.Values.minio.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.minio.nodeSelector "tolerations" $.Values.minio.tolerations "imagePullSecrets" $.Values.minio.imagePullSecrets "global" $.Values.global) | indent 6 }} serviceAccountName: "devtron-minio" securityContext: runAsUser: 1000 @@ -322,13 +322,14 @@ metadata: release: {{ $.Release.Name }} heritage: Helm spec: + ttlSecondsAfterFinished: 100 template: metadata: labels: app: minio-job release: {{ $.Release.Name }} spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.minio.nodeSelector "tolerations" $.Values.minio.tolerations "imagePullSecrets" $.Values.minio.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.minio.nodeSelector "tolerations" $.Values.minio.tolerations "imagePullSecrets" $.Values.minio.imagePullSecrets "global" $.Values.global) | indent 6 }} restartPolicy: OnFailure volumes: - name: minio-configuration @@ -384,7 +385,7 @@ spec: app: minio release: devtron-minio spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.minio.nodeSelector "tolerations" $.Values.minio.tolerations "imagePullSecrets" $.Values.minio.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.minio.nodeSelector "tolerations" $.Values.minio.tolerations "imagePullSecrets" $.Values.minio.imagePullSecrets "global" $.Values.global) | indent 6 }} serviceAccountName: "devtron-minio" containers: - name: minio @@ -415,4 +416,4 @@ spec: secretName: devtron-minio {{- end }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/devtron/templates/nats-server.yaml b/charts/devtron/templates/nats-server.yaml index 0c06cd9fe94..e6aa25f71e6 100644 --- a/charts/devtron/templates/nats-server.yaml +++ b/charts/devtron/templates/nats-server.yaml @@ -91,8 +91,9 @@ spec: app.kubernetes.io/name: nats app.kubernetes.io/instance: devtron-nats spec: + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.nats.nodeSelector "tolerations" $.Values.components.nats.tolerations "imagePullSecrets" $.Values.components.nats.imagePullSecrets "global" $.Values.global) | indent 6 }} + serviceAccountName: devtron-default-sa # Common volumes for the containers. - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.nats.nodeSelector "tolerations" $.Values.components.nats.tolerations "imagePullSecrets" $.Values.components.nats.imagePullSecrets "global" $.Values.global) | indent 6 }} volumes: - name: config-volume @@ -139,8 +140,6 @@ spec: name: cluster - containerPort: 8222 name: monitor - - containerPort: 7777 - name: metrics command: - "nats-server" @@ -268,7 +267,7 @@ metadata: app.kubernetes.io/instance: devtron-nats app.kubernetes.io/managed-by: Helm spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.nats.nodeSelector "tolerations" $.Values.components.nats.tolerations "imagePullSecrets" $.Values.components.nats.imagePullSecrets "global" $.Values.global) | indent 2 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.nats.nodeSelector "tolerations" $.Values.components.nats.tolerations "imagePullSecrets" $.Values.components.nats.imagePullSecrets "global" $.Values.global) | indent 2 }} containers: - name: nats-box image: {{ include "common.image" (dict "component" $.Values.components.nats.natsBox "global" $.Values.global) }} @@ -316,4 +315,4 @@ spec: {{- end }} {{- end }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/devtron/templates/notifier.yaml b/charts/devtron/templates/notifier.yaml index 054046e5a3e..55116ed1431 100644 --- a/charts/devtron/templates/notifier.yaml +++ b/charts/devtron/templates/notifier.yaml @@ -72,7 +72,8 @@ spec: app: notifier release: devtron spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.notifier.nodeSelector "tolerations" $.Values.notifier.tolerations "imagePullSecrets" $.Values.notifier.imagePullSecrets "global" $.Values.global) | indent 6 }} + serviceAccountName: devtron-default-sa + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.notifier.nodeSelector "tolerations" $.Values.notifier.tolerations "imagePullSecrets" $.Values.notifier.imagePullSecrets "global" $.Values.global) | indent 6 }} terminationGracePeriodSeconds: 30 restartPolicy: Always {{- if and $.Values.global $.Values.global.podSecurityContext }} diff --git a/charts/devtron/templates/postgresql.yaml b/charts/devtron/templates/postgresql.yaml index efcabcd0207..01e7e974866 100644 --- a/charts/devtron/templates/postgresql.yaml +++ b/charts/devtron/templates/postgresql.yaml @@ -113,7 +113,8 @@ spec: release: "devtron" role: master spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.postgres.nodeSelector "tolerations" $.Values.components.postgres.tolerations "imagePullSecrets" $.Values.components.postgres.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.postgres.nodeSelector "tolerations" $.Values.components.postgres.tolerations "imagePullSecrets" $.Values.components.postgres.imagePullSecrets "global" $.Values.global) | indent 6 }} + serviceAccountName: devtron-default-sa securityContext: fsGroup: 1001 initContainers: @@ -443,7 +444,8 @@ spec: app.kubernetes.io/name: postgres app.kubernetes.io/instance: devtron spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.components.postgres.nodeSelector "tolerations" $.Values.components.postgres.tolerations "imagePullSecrets" $.Values.components.postgres.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.components.postgres.nodeSelector "tolerations" $.Values.components.postgres.tolerations "imagePullSecrets" $.Values.components.postgres.imagePullSecrets "global" $.Values.global) | indent 6 }} + serviceAccountName: devtron-default-sa securityContext: fsGroup: 999 initContainers: diff --git a/charts/devtron/templates/scoop.yaml b/charts/devtron/templates/scoop.yaml new file mode 100644 index 00000000000..53a7587db1e --- /dev/null +++ b/charts/devtron/templates/scoop.yaml @@ -0,0 +1,169 @@ +{{- if and .Values.devtronEnterprise.enabled .Values.devtronEnterprise.scoop.enabled }} +{{- with .Values.devtronEnterprise.scoop }} +{{- $passKey := randAlphaNum 12 | lower }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: scoop-devtron + namespace: devtroncd + labels: + app: scoop +spec: + minReadySeconds: 60 + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 3 + selector: + matchLabels: + app: scoop + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + app: scoop + spec: + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.devtronEnterprise.scoop.nodeSelector "tolerations" $.Values.devtronEnterprise.scoop.tolerations "imagePullSecrets" $.Values.devtronEnterprise.scoop.imagePullSecrets "global" $.Values.global) | indent 6 }} + terminationGracePeriodSeconds: 30 + restartPolicy: Always + schedulerName: default-scheduler + serviceAccountName: sa-scoop + containers: + - name: scoop + image: {{ include "common.image" (dict "component" $.Values.devtronEnterprise.scoop "global" $.Values.global) }} + {{- if .imagePullPolicy }} + imagePullPolicy: {{ .imagePullPolicy }} + {{- end }} + {{- if and $.Values.global $.Values.global.containerSecurityContext }} + securityContext: +{{- toYaml $.Values.global.containerSecurityContext | nindent 12 }} + {{- end }} + env: + - name: X-PASS-KEY + value: qhihdidhwid + - name: PASS_KEY + value: qhihdidhwid + - name: RETENTION + value: "10080" + - name: TOKEN + valueFrom: + secretKeyRef: + name: devtron-secret + key: ORCH_TOKEN + envFrom: + - configMapRef: + name: scoop-cm + ports: + - containerPort: 8080 + name: app + protocol: TCP + {{- if .resources }} + resources: + {{- toYaml .resources | nindent 12 }} + {{- end }} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File +--- +# Scoop-service +apiVersion: v1 +kind: Service +metadata: + labels: + app: scoop + name: scoop-service + namespace: devtroncd +spec: + ports: + - name: app + port: 80 + protocol: TCP + targetPort: app + selector: + app: scoop + sessionAffinity: None + type: ClusterIP + +--- +# Scoop ConfigMap +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: scoop + name: scoop-cm + namespace: devtroncd +{{- if .configs }} +data: +{{ toYaml .configs | indent 2 }} +{{- end }} + +--- +# Scoop ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + annotations: + rbac.authorization.kubernetes.io/autoupdate: "true" + labels: + app.kubernetes.io/instance: devtron + name: read-only-cluster-role-scoop +rules: + - apiGroups: + - "*" + resources: + - "*" + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - "*" + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - "*" + verbs: + - get + - list + - watch + +--- +# Scoop ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: read-only-user-crb-scoop + annotations: + "helm.sh/resource-policy": keep +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: read-only-cluster-role-scoop +subjects: + - kind: ServiceAccount + name: sa-scoop + namespace: devtroncd + +--- +# Scoop ServiceAccount +apiVersion: v1 +kind: ServiceAccount +metadata: + name: sa-scoop + namespace: devtroncd + labels: + app: scoop + annotations: + "helm.sh/resource-policy": keep +{{- end }} +{{- end }} diff --git a/charts/devtron/templates/workflow.yaml b/charts/devtron/templates/workflow.yaml index 61e38396607..e20c28be175 100644 --- a/charts/devtron/templates/workflow.yaml +++ b/charts/devtron/templates/workflow.yaml @@ -37,6 +37,29 @@ metadata: annotations: "helm.sh/hook": pre-install "helm.sh/resource-policy": keep +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: chart-sync + namespace: devtroncd + labels: + release: devtron +{{- if $.Values.components.chartSync.imagePullSecrets }} +imagePullSecrets: +{{ toYaml .Values.components.chartSync.imagePullSecrets | indent 2 }} +{{- else if $.Values.global.imagePullSecrets }} +imagePullSecrets: +{{ toYaml .Values.global.imagePullSecrets | indent 2 }} +{{- end }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: devtron-default-sa + namespace: devtroncd + labels: + release: devtron {{- if $.Values.installer.modules }} {{- if has "cicd" $.Values.installer.modules }} --- @@ -1270,7 +1293,7 @@ spec: labels: app: workflow-controller spec: - {{ include "common.nodeSelector" (dict "nodeSelector" $.Values.workflowController.nodeSelector "tolerations" $.Values.workflowController.tolerations "imagePullSecrets" $.Values.workflowController.imagePullSecrets "global" $.Values.global) | indent 6 }} + {{- include "common.schedulerConfig" (dict "nodeSelector" $.Values.workflowController.nodeSelector "tolerations" $.Values.workflowController.tolerations "imagePullSecrets" $.Values.workflowController.imagePullSecrets "global" $.Values.global) | indent 6 }} containers: - args: - --configmap diff --git a/charts/devtron/values.yaml b/charts/devtron/values.yaml index 19f6854f385..f8b39288472 100644 --- a/charts/devtron/values.yaml +++ b/charts/devtron/values.yaml @@ -9,13 +9,22 @@ global: runAsNonRoot: true containerRegistry: "quay.io/devtron" # The below values can be specified both at global as well as component level + # nodeSelector: + # key: value + # tolerations: + # - key: "key1" + # operator: "Equal" + # value: "value1" + # effect: "NoSchedule" + # imagePullSecrets: + # - name: your-image-pull-secret nodeSelector: {} tolerations: [] imagePullSecrets: [] extraManifests: [] installer: repo: "devtron-labs/devtron" - release: "v0.7.1" + release: "v0.7.2" registry: "" image: inception tag: 473deaa4-185-21582 @@ -24,7 +33,6 @@ installer: openshift: false # Set this to true if you are installing on openshift production_overrides: "" # Set true if you want to use this Devtron stack in Production (This will require more resources) # Change the below values for full mode only - #Use secrets in plaintext, they'll be encoded to base64 automatically. secrets: {} # REQUIRED IF BLOB_STORAGE_PROVIDER=AZURE Token with read write access to AZURE_BLOB_CONTAINER_CI_LOG and AZURE_BLOB_CONTAINER_CI_CACHE @@ -61,16 +69,20 @@ components: ENABLE_CI_JOB: "true" GLOBAL_API_TIMEOUT: "60000" TRIGGER_API_TIMEOUT: "60000" - ENABLE_EXTERNAL_ARGO_CD: "false" + ENABLE_EXTERNAL_ARGO_CD: "true" SERVICE_WORKER_TIMEOUT: "1" API_BATCH_SIZE: "30" + FEATURE_EXTERNAL_FLUX_CD_ENABLE: "true" + FEATURE_STEP_WISE_LOGS_ENABLE: "true" + FEATURE_USER_DEFINED_GITOPS_REPO_ENABLE: "true" + ENABLE_RESOURCE_SCAN: "true" registry: "" - image: "dashboard:5f95d187-690-23841" + image: "dashboard:215319c7-690-25536" imagePullPolicy: IfNotPresent devtron: registry: "" - image: "hyperion:291c4c75-280-23860" - cicdImage: "devtron:291c4c75-434-23853" + image: "hyperion:3f68456b-280-25566" + cicdImage: "devtron:3f68456b-434-25567" imagePullPolicy: IfNotPresent customOverrides: {} serviceMonitor: @@ -96,7 +108,7 @@ components: # - devtron.example.com ciRunner: registry: "" - image: "ci-runner:48aca9f4-138-23844" + image: "ci-runner:fd5702db-138-25483" argocdDexServer: registry: "" image: "dex:v2.30.2" @@ -105,7 +117,7 @@ components: authenticator: "authenticator:e414faff-393-13273" kubelink: registry: "" - image: "kubelink:0dee6306-564-23843" + image: "kubelink:6ef0fbbe-564-25533" imagePullPolicy: IfNotPresent configs: ENABLE_HELM_RELEASE_CACHE: "true" @@ -123,7 +135,7 @@ components: keyName: postgresql-password kubewatch: registry: "" - image: "kubewatch:850b40d5-419-23840" + image: "kubewatch:7c8611f4-419-25531" imagePullPolicy: IfNotPresent configs: devtroncd_NAMESPACE: "devtron-ci" @@ -145,7 +157,7 @@ components: volumeSize: "20Gi" gitsensor: registry: "" - image: "git-sensor:86e13283-200-23847" + image: "git-sensor:5b9cf0ec-200-25481" imagePullPolicy: IfNotPresent serviceMonitor: enabled: false @@ -163,7 +175,7 @@ components: # Values for lens lens: registry: "" - image: "lens:56211042-333-23839" + image: "lens:9db8a2fb-333-25482" imagePullPolicy: IfNotPresent secrets: {} resources: {} @@ -210,7 +222,7 @@ components: DB_NAME: "lens" chartSync: registry: "" - image: chart-sync:5a1d0301-150-23845 + image: chart-sync:13ffae06-150-25515 # values for argocd integration argo-cd: enabled: false @@ -251,13 +263,7 @@ argo-cd: - all readOnlyRootFilesystem: true runAsNonRoot: true - env: - - name: ARGOCD_RECONCILIATION_TIMEOUT - valueFrom: - configMapKeyRef: - key: timeout.reconciliation - name: argocd-cm - optional: true + env: [] affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: @@ -347,12 +353,6 @@ argo-cd: - --parallelismlimit - "50" env: - - name: ARGOCD_RECONCILIATION_TIMEOUT - valueFrom: - configMapKeyRef: - key: timeout.reconciliation - name: argocd-cm - optional: true - name: ARGOCD_EXEC_TIMEOUT value: 180s containerSecurityContext: @@ -370,7 +370,7 @@ argo-cd: security: enabled: false imageScanner: - image: "image-scanner:137872c2-141-23848" + image: "image-scanner:348201f8-141-25486" # Values for trivy trivy: enabled: false @@ -385,7 +385,7 @@ security: notifier: enabled: false imagePullPolicy: IfNotPresent - image: "notifier:9639b1ab-372-23850" + image: "notifier:06392394-372-25535" configs: CD_ENVIRONMENT: PROD DB: orchestrator @@ -436,3 +436,28 @@ monitoring: resources: {} persistence: storage: "2Gi" +# Change these values for Devtron-Enterprise +devtronEnterprise: + enabled: false + casbin: + registry: "" + image: "casbin:efc28fb2-6de0e914-462-25420" + imagePullPolicy: IfNotPresent + configs: + PG_ADDR: postgresql-postgresql.devtroncd + PG_DATABASE: casbin + PG_PORT: "5432" + PG_USER: postgres + dbconfig: + secretName: postgresql-postgresql + keyName: postgresql-password + resources: {} + scoop: + enabled: false + registry: "" + image: "scoop:296d351d-629-24001" + imagePullPolicy: IfNotPresent + resources: {} + configs: + CLUSTER_ID: "1" + ORCHESTRATOR_URL: http://devtron-service.devtroncd.svc.cluster.local/orchestrator diff --git a/manifests/install/devtron-installer.yaml b/manifests/install/devtron-installer.yaml index f0bb4839be2..c13839c9b9e 100644 --- a/manifests/install/devtron-installer.yaml +++ b/manifests/install/devtron-installer.yaml @@ -4,4 +4,4 @@ metadata: name: installer-devtron namespace: devtroncd spec: - url: https://raw.githubusercontent.com/devtron-labs/devtron/v0.7.1/manifests/installation-script + url: https://raw.githubusercontent.com/devtron-labs/devtron/v0.7.2/manifests/installation-script diff --git a/manifests/installation-script b/manifests/installation-script index fe6032030c7..b1c4d67d2f6 100644 --- a/manifests/installation-script +++ b/manifests/installation-script @@ -1,4 +1,4 @@ -LTAG="v0.7.1"; +LTAG="v0.7.2"; REPO_RAW_URL="https://raw.githubusercontent.com/devtron-labs/devtron/"; log("executed devtron setup installation"); diff --git a/manifests/release.txt b/manifests/release.txt index d1895904915..8e6c98d5c6d 100644 --- a/manifests/release.txt +++ b/manifests/release.txt @@ -1 +1 @@ -stable -1 v0.7.1 +stable -1 v0.7.2 diff --git a/manifests/yamls/dashboard.yaml b/manifests/yamls/dashboard.yaml index ae5a449c43b..6f05ac96502 100644 --- a/manifests/yamls/dashboard.yaml +++ b/manifests/yamls/dashboard.yaml @@ -235,7 +235,7 @@ spec: - name: envoy-config-volume mountPath: /etc/envoy-config/ - name: dashboard - image: "quay.io/devtron/dashboard:5f95d187-690-23841" + image: "quay.io/devtron/dashboard:215319c7-690-25536" imagePullPolicy: IfNotPresent securityContext: allowPrivilegeEscalation: false diff --git a/manifests/yamls/devtron.yaml b/manifests/yamls/devtron.yaml index ac0833faa66..6ccd9b8cc09 100644 --- a/manifests/yamls/devtron.yaml +++ b/manifests/yamls/devtron.yaml @@ -53,7 +53,7 @@ data: CD_NODE_TAINTS_VALUE: "ci" CD_ARTIFACT_LOCATION_FORMAT: "%d/%d.zip" DEFAULT_CD_NAMESPACE: "devtron-cd" - DEFAULT_CI_IMAGE: "quay.io/devtron/ci-runner:48aca9f4-138-23844" + DEFAULT_CI_IMAGE: "quay.io/devtron/ci-runner:fd5702db-138-25483" DEFAULT_CD_TIMEOUT: "3600" WF_CONTROLLER_INSTANCE_ID: "devtron-runner" CI_LOGS_KEY_PREFIX: "ci-artifacts" @@ -89,7 +89,7 @@ data: ENFORCER_CACHE: "true" ENFORCER_CACHE_EXPIRATION_IN_SEC: "345600" ENFORCER_MAX_BATCH_SIZE: "1" - APP_SYNC_IMAGE: "quay.io/devtron/chart-sync:5a1d0301-150-23845" + APP_SYNC_IMAGE: "quay.io/devtron/chart-sync:13ffae06-150-25515" DEVTRON_SECRET_NAME: "devtron-secret" GIT_SENSOR_PROTOCOL: GRPC GIT_SENSOR_URL: git-sensor-service.devtroncd:90 @@ -169,7 +169,7 @@ spec: runAsUser: 1000 containers: - name: devtron - image: "quay.io/devtron/devtron:291c4c75-434-23853" + image: "quay.io/devtron/devtron:b5a2f8ba-434-25563" securityContext: allowPrivilegeEscalation: false runAsUser: 1000 diff --git a/manifests/yamls/gitsensor.yaml b/manifests/yamls/gitsensor.yaml index e16b5199343..9c19b458858 100644 --- a/manifests/yamls/gitsensor.yaml +++ b/manifests/yamls/gitsensor.yaml @@ -67,7 +67,7 @@ spec: - /bin/sh - -c - mkdir -p /git-base/ssh-keys && chown -R devtron:devtron /git-base && chmod 777 /git-base/ssh-keys - image: "quay.io/devtron/git-sensor:86e13283-200-23847" + image: "quay.io/devtron/git-sensor:5b9cf0ec-200-25481" imagePullPolicy: IfNotPresent name: chown-git-base resources: {} @@ -80,7 +80,7 @@ spec: name: git-volume containers: - name: git-sensor - image: "quay.io/devtron/git-sensor:86e13283-200-23847" + image: "quay.io/devtron/git-sensor:5b9cf0ec-200-25481" securityContext: allowPrivilegeEscalation: false runAsUser: 1000 diff --git a/manifests/yamls/image-scanner.yaml b/manifests/yamls/image-scanner.yaml index 9c8a06e861f..61344fddbe1 100644 --- a/manifests/yamls/image-scanner.yaml +++ b/manifests/yamls/image-scanner.yaml @@ -73,7 +73,7 @@ spec: runAsUser: 1000 containers: - name: image-scanner - image: "quay.io/devtron/image-scanner:137872c2-141-23848" + image: "quay.io/devtron/image-scanner:348201f8-141-25486" imagePullPolicy: IfNotPresent securityContext: allowPrivilegeEscalation: false diff --git a/manifests/yamls/kubelink.yaml b/manifests/yamls/kubelink.yaml index 21531cf24c7..6502a2ff93c 100644 --- a/manifests/yamls/kubelink.yaml +++ b/manifests/yamls/kubelink.yaml @@ -25,7 +25,7 @@ spec: runAsUser: 1000 containers: - name: kubelink - image: "quay.io/devtron/kubelink:0dee6306-564-23843" + image: "quay.io/devtron/kubelink:6ef0fbbe-564-25533" securityContext: allowPrivilegeEscalation: false runAsUser: 1000 diff --git a/manifests/yamls/kubewatch.yaml b/manifests/yamls/kubewatch.yaml index e00be3131aa..2fabe230ef4 100644 --- a/manifests/yamls/kubewatch.yaml +++ b/manifests/yamls/kubewatch.yaml @@ -164,7 +164,7 @@ spec: runAsUser: 1000 containers: - name: kubewatch - image: "quay.io/devtron/kubewatch:850b40d5-419-23840" + image: "quay.io/devtron/kubewatch:7c8611f4-419-25531" securityContext: allowPrivilegeEscalation: false runAsUser: 1000 diff --git a/manifests/yamls/lens.yaml b/manifests/yamls/lens.yaml index dc92100db6c..fd2b4c4e393 100644 --- a/manifests/yamls/lens.yaml +++ b/manifests/yamls/lens.yaml @@ -71,7 +71,7 @@ spec: runAsUser: 1000 containers: - name: lens - image: "quay.io/devtron/lens:56211042-333-23839" + image: "quay.io/devtron/lens:9db8a2fb-333-25482" imagePullPolicy: IfNotPresent securityContext: allowPrivilegeEscalation: false diff --git a/manifests/yamls/notifier.yaml b/manifests/yamls/notifier.yaml index e182739a9ea..437b2938538 100644 --- a/manifests/yamls/notifier.yaml +++ b/manifests/yamls/notifier.yaml @@ -66,7 +66,7 @@ spec: restartPolicy: Always containers: - name: notifier - image: quay.io/devtron/notifier:9639b1ab-372-23850" + image: quay.io/devtron/notifier:06392394-372-25535" imagePullPolicy: IfNotPresent ports: - name: app diff --git a/releasenotes.md b/releasenotes.md index 8e333d8e676..e78a01c4176 100644 --- a/releasenotes.md +++ b/releasenotes.md @@ -1,59 +1,127 @@ -## v0.7.1 +## v0.7.2 ## Bugs -- fix: EA mode wire fix (#5462) -- fix: compare manifest fixes (#5430) -- fix: override clusterRbac with direct allow behaviour for super admin (#5449) -- fix: external helm app when linked to devtron and page breaks while adding project to it, without switching back to applist (#5443) -- fix: empty the code and image scan script (#5434) -- fix: K8s Resource list RBAC ignore for Superadmin (#5415) -- fix: repo url and name handling with argocd (#5445) -- fix: fix for terminal disconnect issue when custom transport is being used (#5436) -- fix: gitops async failed for git cli mode in concurrent cases (#5412) -- fix: Updating pr-issue-validator-script (#5384) -- fix: optimised FetchLatestDeploymentWithChartRefs query (#5393) -- fix: nats consumer deleted on shutdown (#5377) -- fix: panic issue in get/ download pod logs api (#5342) -- fix: encountering panic in application groups in build and deploy page (#5330) -- fix: chart group rbac issue (#5183) -- fix: Multiple choice option for namespace in Kubernetes resource permission (#5293) -- fix: restart workloads fix in app group (#5313) -- fix: deployment chart fix (#5215) -- fix: docker file version fix (#5299) -- fix: hibernating status is not being updated in app listing page (#5294) +- fix: error in enable change ci (#5358) +- fix: ci patch rbac fixes (#5461) +- fix: bitbucket commit race condition for concurrent requests (#5505) +- fix: handle nil check image scanning (#5497) +- fix: error in switching ci to external ci (#5500) +- fix: autoscale error handling (#5481) +- fix: ci material update fixes for linked ci pipelines (#5523) +- fix: Unable to get HPA manifest for no-gitops deployment (#5522) +- fix: Deployment stuck in starting for no-gitops based pipelines (#5526) +- fix: panic handling for deleted app in app group and env group filters (#5541) +- fix: security time fix when scanning is passed (#5549) +- fix: app group query optimisations (#5558) +- fix: version and fixed_version in image scan result table (#5552) +- fix: add if not exists in migration script for avoiding any errors while rerunning scripts (#5579) +- fix: Resource Browser Shortnames are not applying dynamically (#5573) +- fix: tls enabled flag not getting passed (#5609) +- fix: reverting acd token fetch logic (#5614) +- fix: query optimisations for app group cd listing and ci pipeline blockage state (#5641) +- fix: dependabot security updates (#5608) +- fix: default PipelineType given (#5668) +- fix: validation in CiJob for external Artifact (#5669) +- fix: Nats Panic Error in Orchestrator (#5670) +- fix: SSH & Proxy Cluster flows broken (#5675) +- fix: Restart in orchestrator just after release (#5671) +- fix: Sql query optimisation for application group app status listing (#5672) +- fix: handling for HPA (autoscaling) (#5666) +- fix: refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) +- fix: Decode secret fix on add update oss (#5695) +- fix: saving pco concurrency case handled (#5688) +- fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) +- fix: Issue in EA Mode Cluster - error: pg: multiple rows in result set. (#5708) +- fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712) +- fix: migration syn (#5718) +- fix: ci patch rbac for branch update (#5759) +- fix: Bitnami chart repo tls issue (#5740) +- fix: check rbac on env if envName is present (#5765) +- fix: scan tool active check removed (#5771) +- fix: panic handlings and argocd app delete stuck in partial stage (#5770) +- fix: unimplemented cluster cron service (#5781) +- fix: sql injection fixes (#5783) +- fix: sql injection fixes (#5801) +- fix: upgraded to /argo-cd/v2 v2.9.21 (#5758) +- fix: Ea rbac issues and not working on airgapped (#5813) +- fix: scan list in global security page sql injection fix (#5808) +- fix: app details page breaking (#5823) +- fix: plugin ip variables value getting changed (#5844) +- fix: ignore kubelink errors in server startup (#5852) (#5854) +- fix: user rbac flows (#5804) +- fix: pg multiple rows in EA mode (#5869) +- fix: app overview panic for helm app (#5863) +- fix: app detail page breaking (#5873) +- fix: copy container image plugin issue (#5876) +- fix: create GitOps configuration issue (#5883) ## Enhancements -- feat: Checking multiarchitecture of images (#5232) -- feat: updated kubelink grpc client cfg (#5426) -- feat: Integration of Cranecopy plugin (#5131) -- feat: casbin upgraded to v2 (#5329) -- feat: new scripts added for rescan sbom support , helm manifest scan flag and git container links (#5406) -- feat: Reload materials api added (#5182) -- feat: mirgator plugin (#5347) -- feat: insecure support for chart-sync (#5328) -- feat: GitOps async install for devtron applications (#5169) -- feat: chart ref schema db migration (#5319) -- feat: Up and Down Script for BitBucket Plugin v1.0.0 (#4949) -- feat: Added statefulset chart 5.1.0 (#5199) -- feat: air gap registry v2 (#5220) -- feat: tenants and installations migration (#5187) +- feat: support for handling hibernation and un-hibernation for keda enabled (#5431) +- feat: Async ArgoCd App refresh operation (#5448) +- feat: deployment config migration (#5368) +- feat: Skipping falg based CMCS for Ci Job (#5536) +- feat: expose git commit data as env vars for ci stage (#5534) +- feat: Defining applications as part of release track (#5489) +- feat: gitlab webhook support (#5420) +- feat: Enhance the buildx to use cache for multi arch builds (#5307) +- feat: bug fix for picking wrong values in docker arguments (#5565) +- feat: enable external argocd listing (#5585) +- feat: plugin versioning feature (#5352) +- feat: service account in chart sync (#5584) +- feat: panic in sync pod cron and terminal not opening fix (#5603) +- feat: tls support for git and gitops (#5305) +- feat: system network controller sql script (#5637) +- feat: skip argowf logs from ci logs (#5646) +- feat: gitops support for oci repositories (#5577) +- feat: ext argo app rbac and missing common features and flux app listing and details with rbac (#5528) +- feat: expose git ops metrics (#5582) +- feat: Generate config and secret hash for application mounting external k8s secrets (#5626) +- feat: Env description handling (#5744) +- feat: Added basic auth support for servicemonitor (#5761) +- feat: Docker pull env driven (#5767) +- feat: plugin creation support (#5630) +- feat: Added multiple features support in servicemonitor (#5789) ## Documentation -- doc: Blob Storage Redirection + Other Fixes (#5432) -- doc: Added migration steps for 0.6 to 0.7 upgrade (#5411) -- doc: Created Deployment Window Draft (#4800) -- doc: Redirection Fix for User Permissions Doc + Other Fixes (#5382) -- doc: Redirection Fixes for 0.7 (#5381) -- doc: Redirection Issue Trial Fix (#5378) -- doc: Plugin Creation Doc (#5372) -- docs: Added specs for the global plugin Apis (#5362) -- docs: Fixes + Corrections in Docs (#5335) -- docs: fixed broken link in readme (#5337) -- docs: removed users (#5324) -- docs: Created a file for listing Devtron Users (#5310) +- doc: Added FAQ no. 28 + GoLang-migrate Link + Code Block Fix (#5502) +- docs: Drafted Software Distribution Hub (#5459) +- doc: Created Image Label + Comments Doc (#5314) +- doc: FAQ added for Bitnami Charts (#5545) +- doc: Added Keycloak SSO Doc (#5571) +- doc: Code scan plugin docs (#5562) +- docs: jenkins-plugin (#5542) +- doc: Copacetic plugin docs (#5564) +- doc: Pull images from container repository (#5563) +- doc: Collated Doc Fixes for July (#5591) +- doc: Drafted Schema Driven DT (#5533) +- doc: fixes in Copacetic plugin doc (#5622) +- doc: Edit Deployment Chart Schema (#5735) +- doc: Redirection of old entry in gitbook.yaml (#5738) +- docs: added Documentation for Air-Gapped Installation (#5360) +- doc: Update prerequisites of code-scan (#5625) +- doc: Cosign plugin doc (#5665) +- doc: CraneCopy plugin doc (#5658) +- doc: Devtron CD Trigger Plugin doc (#5747) +- doc: DockerSlim plugin doc (#5660) +- doc: Devtron Job Trigger Plugin doc (#5742) +- doc: Vulnerability Scanning Plugin doc (#5722) +- docs: Jira plugins doc (Validator + Updater) (#5709) +- docs: added commands enable ingress during helm installation (#5794) +- doc: Revamped + Restructured Ingress Setup Doc (#5798) +- docs: modifying route in ingress doc (#5799) +- docs: modified the anchorlink in ingress.md (#5800) +- doc: ArgoCD + FluxCD App Listing (#5636) +- doc: Added Special CEL Expr in Filter Condition doc (#5850) ## Others -- chore: common-lib upgrade for nats replicas (#5446) -- chore: migration for gitops config (#5383) -- chore: update common-lib tag version (#5333) -- chore: updated go version in EA dockerfile (#5327) - - - +- misc: removal of azure-devops-issue-sync.yml (#5592) +- misc: added action for discrod webhook (#5615) +- misc: Revert "misc: added action for discrod webhook" (#5619) +- chore: Plugin script fix oss (#5661) +- misc: Release candidate v0.16.0 (#5687) +- chore: migration number changes (#5692) +- chore: ea fixes for helm app (#5713) +- misc: Main sync rc - branch update (#5753) +- chore: Revert "feat: plugin creation support" (#5778) +- chore: cron status update refactoring (#5790) +- misc: sync with common-lib changes with release candidate 18 (#5830) +- chore: Custom tag for copy container image plugin (#5760) (#5841) +- chore: migration number fix (#5840) +- misc: Update CODEOWNERS (#5885)