Skip to content

Commit d1a6e3a

Browse files
ATGardnerilia-medvedev-codefresh
ATGardner
and
ilia-medvedev-codefresh
authoredMay 23, 2023
CR-18430-del-git-source (#45)
* add volume + mount to pre-uninstall hook * updated `argo-cd` to `v2.6.0-cap-CR-18430-del-app` --------- Co-authored-by: Ilia Medvedev <ilia.medvedev@codefresh.io>
·
cutoff-security-0.160.2.6-alpha
1 parent 3cf7f28 commit d1a6e3a

File tree

5 files changed

+96
-16
lines changed

5 files changed

+96
-16
lines changed
 

‎charts/gitops-runtime/Chart.yaml

+6-4
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,9 @@ apiVersion: v2
22
appVersion: 0.1.29
33
description: A Helm chart for Codefresh gitops runtime
44
name: gitops-runtime
5-
version: 0.2.5-alpha
5+
version: 0.2.6-alpha
66
home: https://github.com/codefresh-io/gitops-runtime-helm
7-
icon: https://codefresh.io/docs/assets/brand/codefresh_purple_dark_logo.png
7+
icon: https://avatars1.githubusercontent.com/u/11412079?v=3
88
keywords:
99
- codefresh
1010
- gitops
@@ -15,12 +15,14 @@ annotations:
1515
artifacthub.io/alternativeName: "codefresh-gitops-runtime"
1616
artifacthub.io/prerelease: "true"
1717
artifacthub.io/changes: |
18+
- kind: changed
19+
description: updated `argo-cd` to `v2.6.0-cap-CR-18430-del-app` (fix application/git-source deletion)
1820
- kind: fixed
19-
description: bump `cap-app-proxy` to `1.2257.0` (fix convertToGitops)
21+
description: Fix delete runtime hook when using custom CA
2022
dependencies:
2123
- name: argo-cd
2224
repository: https://codefresh-io.github.io/argo-helm
23-
version: 5.29.1-1-cap-CR-17237
25+
version: 5.29.2-cap-CR-18430
2426
- name: argo-events
2527
repository: https://codefresh-io.github.io/argo-helm
2628
version: 2.0.5-1-cf-init

‎charts/gitops-runtime/README.md

+2-2
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# gitops-runtime
22

3-
![Version: 0.2.5-alpha](https://img.shields.io/badge/Version-0.2.5--alpha-informational?style=flat-square) ![AppVersion: 0.1.29](https://img.shields.io/badge/AppVersion-0.1.29-informational?style=flat-square)
3+
![Version: 0.2.6-alpha](https://img.shields.io/badge/Version-0.2.6--alpha-informational?style=flat-square) ![AppVersion: 0.1.29](https://img.shields.io/badge/AppVersion-0.1.29-informational?style=flat-square)
44

55
A Helm chart for Codefresh gitops runtime
66

@@ -18,7 +18,7 @@ A Helm chart for Codefresh gitops runtime
1818
|------------|------|---------|
1919
| https://bitnami-labs.github.io/sealed-secrets/ | sealed-secrets | 2.7.3 |
2020
| https://chartmuseum.codefresh.io/codefresh-tunnel-client | tunnel-client(codefresh-tunnel-client) | 0.1.12 |
21-
| https://codefresh-io.github.io/argo-helm | argo-cd | 5.29.1-1-cap-CR-17237 |
21+
| https://codefresh-io.github.io/argo-helm | argo-cd | 5.29.2-cap-CR-18430 |
2222
| https://codefresh-io.github.io/argo-helm | argo-events | 2.0.5-1-cf-init |
2323
| https://codefresh-io.github.io/argo-helm | argo-rollouts | 2.22.1-1-cap-sw |
2424
| https://codefresh-io.github.io/argo-helm | argo-workflows | 0.22.9-1-CR-17426 |

‎charts/gitops-runtime/templates/app-proxy/deployment.yaml

+5-4
Original file line numberDiff line numberDiff line change
@@ -9,13 +9,14 @@
99
{{/* Add extra volumes (used for cutom tls) */}}
1010
{{- $calculatedVolumes := include "codefresh-gitops-runtime.app-proxy.extra-volumes" . | fromYaml }}
1111
{{- if $calculatedVolumes.extraVolumes }}
12-
{{- $additionalVolumes := concat (get $calculatedVolumes "extraVolumes") $appProxyContext.Values.extraVolumes }}
13-
{{- $_ := set $appProxyContext.Values "extraVolumes" $additionalVolumes }}
12+
{{- $additionalVolumes := concat (get $calculatedVolumes "extraVolumes") $appProxyContext.Values.extraVolumes }}
13+
{{- $_ := set $appProxyContext.Values "extraVolumes" $additionalVolumes }}
1414
{{- end }}
15+
1516
{{- $initContainerCalculatedVolumeMounts := include "codefresh-gitops-runtime.app-proxy.init.extra-volume-mounts" . | fromYaml }}
1617
{{- if $initContainerCalculatedVolumeMounts.extraVolumeMounts }}
17-
{{- $initContainerExtraVolumeMounts := concat (get $initContainerCalculatedVolumeMounts "extraVolumeMounts") $appProxyContext.Values.extraVolumeMounts }}
18-
{{- $_ := set $appProxyContext.Values.initContainer "extraVolumeMounts" $initContainerExtraVolumeMounts }}
18+
{{- $initContainerExtraVolumeMounts := concat (get $initContainerCalculatedVolumeMounts "extraVolumeMounts") $appProxyContext.Values.extraVolumeMounts }}
19+
{{- $_ := set $appProxyContext.Values.initContainer "extraVolumeMounts" $initContainerExtraVolumeMounts }}
1920
{{- end }}
2021

2122
{{- include "cap-app-proxy.resources.deployment" $appProxyContext }}

‎charts/gitops-runtime/templates/hooks/pre-uninstall/delete-runtime-from-platform.yaml

+23-5
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,9 @@
1+
{{- $customCASecretName := ""}}
2+
{{- $customCASecretKey := ""}}
3+
{{- if or .Values.global.codefresh.tls.caCerts.secret.create .Values.global.codefresh.tls.caCerts.secretKeyRef }}
4+
{{- $customCASecretName = .Values.global.codefresh.tls.caCerts.secret.create | ternary "codefresh-tls-certs" .Values.global.codefresh.tls.caCerts.secretKeyRef.name }}
5+
{{- $customCASecretKey = .Values.global.codefresh.tls.caCerts.secret.create | ternary (default "ca-bundle.crt" .Values.global.codefresh.tls.caCerts.secret.key) .Values.global.codefresh.tls.caCerts.secretKeyRef.key }}
6+
{{- end }}
17
apiVersion: batch/v1
28
kind: Job
39
metadata:
@@ -13,20 +19,24 @@ spec:
1319
containers:
1420
- name: delete-runtime-from-platform
1521
image: "{{ .Values.installer.image.repository }}:{{ .Values.installer.image.tag | default .Chart.Version }}"
22+
imagePullPolicy: {{ .Values.installer.image.pullPolicy }}
1623
env:
1724
- name: RUNTIME_NAME
1825
value: {{ .Values.global.runtime.name }}
1926
- name: PLATFORM_URL
2027
value: {{ .Values.global.codefresh.url }}
2128
- name: USER_TOKEN
2229
{{- include "codefresh-gitops-runtime.installation-token-env-var-value" . | nindent 10 }}
23-
{{- if or .Values.global.codefresh.tls.caCerts.secret.create .Values.global.codefresh.tls.caCerts.secretKeyRef }}
24-
{{- $name := .Values.global.codefresh.tls.caCerts.secret.create | ternary "codefresh-tls-certs" .Values.global.codefresh.tls.caCerts.secretKeyRef.name }}
25-
{{- $key := .Values.global.codefresh.tls.caCerts.secret.create | ternary (default "ca-bundle.crt" .Values.global.codefresh.tls.caCerts.secret.key) .Values.global.codefresh.tls.caCerts.secretKeyRef.key }}
30+
{{- if $customCASecretName }}
2631
- name: SSL_CERT_FILE
27-
value: /app/config/{{ $name }}/{{ $key }}
32+
value: /app/config/codefresh-tls-certs/{{ $customCASecretKey }}
33+
{{- end }}
34+
{{- if $customCASecretName }}
35+
volumeMounts:
36+
- mountPath: /app/config/codefresh-tls-certs
37+
name: codefresh-tls-certs
38+
readOnly: true
2839
{{- end }}
29-
imagePullPolicy: {{ .Values.installer.image.pullPolicy }}
3040
command: ["sh", "-c"]
3141
args:
3242
- |
@@ -36,3 +46,11 @@ spec:
3646
echo "User token unavailable, unable to remove runtime ${RUNTIME_NAME} from platform, please remove it from UI"
3747
exit 1
3848
fi
49+
{{- if $customCASecretName }}
50+
volumes:
51+
- name: codefresh-tls-certs
52+
secret:
53+
secretName: {{ $customCASecretName }}
54+
defaultMode: 420
55+
optional: true
56+
{{- end }}

‎charts/gitops-runtime/tests/custom-ca_test.yaml

+60-1
Original file line numberDiff line numberDiff line change
@@ -122,6 +122,65 @@ tests:
122122
name: codefresh-tls-certs
123123
readOnly: true
124124

125+
- it: volume in pre-delete-hook - chart created secret
126+
template: 'hooks/pre-uninstall/delete-runtime-from-platform.yaml'
127+
values:
128+
- ./values/mandatory-values.yaml
129+
set:
130+
global.codefresh.tls.caCerts.secret.create: true
131+
global.codefresh.tls.caCerts.secret.content: |
132+
-----BEGIN CERTIFICATE-----
133+
... encoded certificate data here ...
134+
-----END CERTIFICATE-----
135+
asserts:
136+
- contains:
137+
path: spec.template.spec.volumes
138+
content:
139+
name: codefresh-tls-certs
140+
secret:
141+
secretName: codefresh-tls-certs
142+
defaultMode: 420
143+
optional: true
144+
- contains:
145+
path: spec.template.spec.containers[0].volumeMounts
146+
content:
147+
mountPath: /app/config/codefresh-tls-certs
148+
name: codefresh-tls-certs
149+
readOnly: true
150+
151+
- it: volume in pre-delete-hook - no tls
152+
template: 'hooks/pre-uninstall/delete-runtime-from-platform.yaml'
153+
values:
154+
- ./values/mandatory-values.yaml
155+
asserts:
156+
- isNull:
157+
path: spec.template.spec.volumes
158+
- isNull:
159+
path: spec.template.spec.containers[0].volumeMounts
160+
161+
- it: volume in pre-delete-hook - secret ref
162+
template: 'hooks/pre-uninstall/delete-runtime-from-platform.yaml'
163+
values:
164+
- ./values/mandatory-values.yaml
165+
set:
166+
global.codefresh.tls.caCerts.secretKeyRef.name: my-secret
167+
global.codefresh.tls.caCerts.secretKeyRef.key: my-key
168+
asserts:
169+
- contains:
170+
path: spec.template.spec.volumes
171+
content:
172+
name: codefresh-tls-certs
173+
secret:
174+
secretName: my-secret
175+
defaultMode: 420
176+
optional: true
177+
- contains:
178+
path: spec.template.spec.containers[0].volumeMounts
179+
content:
180+
mountPath: /app/config/codefresh-tls-certs
181+
name: codefresh-tls-certs
182+
readOnly: true
183+
125184
- it: environment variable in pre-delete hook - secret ref
126185
template: 'hooks/pre-uninstall/delete-runtime-from-platform.yaml'
127186
values:
@@ -134,7 +193,7 @@ tests:
134193
path: spec.template.spec.containers[0].env
135194
content:
136195
name: SSL_CERT_FILE
137-
value: /app/config/my-secret/my-key
196+
value: /app/config/codefresh-tls-certs/my-key
138197

139198
- it: environment variable in pre-delete hook - chart created secret
140199
template: 'hooks/pre-uninstall/delete-runtime-from-platform.yaml'

0 commit comments

Comments
 (0)
Please sign in to comment.