diff --git a/Makefile b/Makefile index 62df046a8..db2c0112d 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,7 @@ GIT_REMOTE_URL ?= $(shell git remote get-url origin) # - git@github.com:mesosphere/charts.git GITHUB_USER := $(shell git remote get-url origin | sed -E 's|.*github.com[/:]([^/]+)/charts.*|\1|') -GIT_REF = $(shell git rev-parse HEAD) +GIT_REF = $(shell git rev-parse HEAD) LAST_COMMIT_MESSAGE := $(shell git log -1 --pretty=format:'%B') NON_DOCS_FILES := $(filter-out docs,$(wildcard *)) @@ -105,5 +105,5 @@ $(TMPDIR)/.helm/repository/local/index.yaml: $(HELM) ct.lint: ifneq (,$(wildcard /teamcity/system/git)) $(DRUN) git fetch origin dev -endif +endif $(DRUN) ct lint diff --git a/stable/dex/Chart.yaml b/stable/dex/Chart.yaml index 7c40b2891..e07fa9445 100644 --- a/stable/dex/Chart.yaml +++ b/stable/dex/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v1 name: dex -version: 1.6.12 +version: 1.6.13 appVersion: 2.17.0 description: CoreOS Dex keywords: diff --git a/stable/dex/templates/config-openssl.yaml b/stable/dex/templates/config-openssl.yaml index 16ab3f458..0415aa483 100644 --- a/stable/dex/templates/config-openssl.yaml +++ b/stable/dex/templates/config-openssl.yaml @@ -8,10 +8,6 @@ metadata: heritage: "{{ .Release.Service }}" release: "{{ .Release.Name }}" name: {{ template "dex.fullname" . }}-openssl-config - annotations: - "helm.sh/hook": post-install - "helm.sh/hook-weight": "1" - "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation data: openssl.conf: | {{ .Files.Get "config/openssl.conf" | indent 4 }} diff --git a/staging/cert-manager-setup/Chart.yaml b/staging/cert-manager-setup/Chart.yaml index a80fb8bd8..dcb114a2e 100644 --- a/staging/cert-manager-setup/Chart.yaml +++ b/staging/cert-manager-setup/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 name: cert-manager-setup home: https://github.com/mesosphere/charts -version: 0.1.6 +version: 0.1.7 appVersion: 0.10.1 description: Install cert-manager and optionally add a ClusterIssuer keywords: diff --git a/staging/cert-manager-setup/ci/test-values.yaml b/staging/cert-manager-setup/ci/test-values.yaml new file mode 100644 index 000000000..d3d49424b --- /dev/null +++ b/staging/cert-manager-setup/ci/test-values.yaml @@ -0,0 +1,5 @@ +clusterissuer: + name: kubernetes-ca + spec: + ca: + secretName: kubernetes-intermediate-ca diff --git a/test/ct-e2e.yaml b/test/ct-e2e.yaml new file mode 100644 index 000000000..4dcec2cda --- /dev/null +++ b/test/ct-e2e.yaml @@ -0,0 +1,38 @@ +debug: true +target-branch: dev +chart-dirs: + - stable + - staging +excluded-charts: + - common + - dex-controller # Moved to a different helm repo + - azuredisk-csi-driver # DCOS-62804 + - defaultstorageclass # DCOS-62803 + - dispatch # DCOS-62802 + - gcpdiskprovisioner # DCOS-62801 + - kommander # DCOS-62800 + - kommander-karma # DCOS-62799 + - kommander-thanos # DCOS-62798 + - mtls-proxy # DCOS-62805 + - dex-k8s-authenticator # DCOS-62806 + - flagger # DCOS-62809 + - gatekeeper # DCOS-62810 + - generic-ingress # DCOS-62811 + - istio # DCOS-62812 + - knative # DCOS-62813 + - kube-oidc-proxy # DCOS-62814 + - kudo # DCOS-62815 + - nvidia # DCOS-62816 + - prometheus-operator # DCOS-62817 + - traefik # DCOS-62818 + - traefik-forward-auth # DCOS-62819 +chart-repos: + - mesosphere-staging=https://mesosphere.github.io/charts/staging + - mesosphere-stable=https://mesosphere.github.io/charts/stable + - kubefed-charts=https://raw.githubusercontent.com/kubernetes-sigs/kubefed/master/charts + - jetstack-charts=https://charts.jetstack.io + - kommander-cluster-lifecycle=https://mesosphere.github.io/kommander-cluster-lifecycle/charts + - banzaicloud=https://kubernetes-charts.banzaicloud.com + - helm-stable=https://kubernetes-charts.storage.googleapis.com/ + - dex-controller=https://mesosphere.github.io/dex-controller/charts +helm-extra-args: --timeout 600 diff --git a/test/e2e-kind.sh b/test/e2e-kind.sh new file mode 100755 index 000000000..b02ece715 --- /dev/null +++ b/test/e2e-kind.sh @@ -0,0 +1,119 @@ +#!/usr/bin/env bash + +set -o errexit +set -o nounset +set -o pipefail + +readonly CT_VERSION=v2.4.0 +readonly KIND_VERSION=v0.6.1 +readonly CLUSTER_NAME=chart-testing +readonly K8S_VERSION=v1.16.3 + +tmp=$(mktemp -d) + +run_ct_container() { + echo 'Running ct container...' + docker run --rm --interactive --detach --network host --name ct \ + --volume "$(pwd)/test/ct-e2e.yaml:/etc/ct/ct.yaml" \ + --volume "$(pwd):/workdir" \ + --workdir /workdir \ + "quay.io/helmpack/chart-testing:$CT_VERSION" \ + cat + echo +} + +cleanup() { + echo 'Removing ct container...' + docker kill ct > /dev/null 2>&1 + "${tmp}/kind" delete cluster --name "$CLUSTER_NAME" + rm -rf "${tmp}" + echo 'Done!' +} + +docker_exec() { + docker exec --interactive ct "$@" +} + +create_kind_cluster() { + echo 'Downloading kind...' + + curl -sSLo "${tmp}/kind" \ + "https://github.com/kubernetes-sigs/kind/releases/download/$KIND_VERSION/kind-$(uname)-amd64" + chmod +x "${tmp}/kind" + + "${tmp}/kind" create cluster --name "$CLUSTER_NAME" \ + --config test/kind-config.yaml --image "kindest/node:$K8S_VERSION" \ + --wait 60s + + docker_exec mkdir -p /root/.kube + + echo 'Copying kubeconfig to container...' + "${tmp}/kind" get kubeconfig --name "$CLUSTER_NAME" > "${tmp}/kube.config" + docker cp "${tmp}/kube.config" ct:/root/.kube/config + + docker_exec kubectl cluster-info + echo + + docker_exec kubectl get nodes + echo + + echo 'Cluster ready!' + echo +} + +install_local-path-provisioner() { + # kind doesn't support Dynamic PVC provisioning yet, this is one ways to + # get it working + # https://github.com/rancher/local-path-provisioner + + # Remove default storage class. It will be recreated by + # local-path-provisioner + docker_exec kubectl delete storageclass standard + + echo 'Installing local-path-provisioner...' + docker_exec kubectl apply -f \ + https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml + echo +} + +install_tiller() { + echo 'Installing tiller...' + docker_exec kubectl --namespace kube-system create serviceaccount tiller + docker_exec kubectl create clusterrolebinding tiller-cluster-rule \ + --clusterrole=cluster-admin --serviceaccount=kube-system:tiller + docker_exec helm init --history-max 10 --service-account tiller --wait + echo +} + +install_certmanager() { + echo 'Generating root ca...' + docker_exec apk add openssl + docker_exec openssl genrsa -out /tmp/ca.key 4096 + docker_exec openssl req -x509 -new -nodes -key /tmp/ca.key \ + -sha256 -days 1 -out /tmp/ca.crt -subj "/CN=testing" + echo + + echo 'Installing cert-manager...' + docker_exec kubectl create namespace cert-manager + docker_exec kubectl create secret tls kubernetes-root-ca \ + --namespace=cert-manager --cert=/tmp/ca.crt --key=/tmp/ca.key + docker_exec helm install \ + --values staging/cert-manager-setup/ci/test-values.yaml \ + --namespace cert-manager staging/cert-manager-setup + echo +} + +main() { + run_ct_container + trap cleanup EXIT + + create_kind_cluster + install_local-path-provisioner + install_tiller + install_certmanager + + docker_exec ct lint-and-install --upgrade --debug "$@" + echo +} + +main "$@" diff --git a/test/kind-config.yaml b/test/kind-config.yaml new file mode 100644 index 000000000..cebee6d5b --- /dev/null +++ b/test/kind-config.yaml @@ -0,0 +1,5 @@ +kind: Cluster +apiVersion: kind.x-k8s.io/v1alpha4 +nodes: + - role: control-plane + - role: worker