Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: DRA helm chart installs failing #82

Merged
merged 3 commits into from
Oct 16, 2023
Merged

fix: DRA helm chart installs failing #82

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
c41d5c5
fix: DRA helm chart installs failing
iuliams Oct 13, 2023
94be98b
fix: add tests for cra
iuliams Oct 13, 2023
f82e66d
chore: update CODEOWNERS
iuliams Oct 13, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .github/CODEOWNERS
View file
Open in desktop
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
@@ -1,2 +1,6 @@
* @snyk/team-broker

charts/snyk-broker/templates/cra_deployment.yaml @snyk/container-integration
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the codeownership should be broker team only to align with:

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's not exactly the same though. This here is the deployment of the agent, not the CRA flavored broker. So I agree for the broker repo but here this is a distinct deployment and the specifics of what env vars are needed etc are a bit unknown to us, so I'd keep it that way.

charts/snyk-broker/tests/broker_cra_deployment_test.yaml @snyk/container-integration
charts/snyk-broker/tests/cra_deployment_test.yaml @snyk/container-integration
charts/snyk-broker/tests/fixtures/default_values_cra.yaml @snyk/container-integration
2 changes: 1 addition & 1 deletion charts/snyk-broker/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
apiVersion: v2
name: snyk-broker
version: 2.0.1
version: 2.0.2
description: A Helm chart for Kubernetes
type: application
4 changes: 2 additions & 2 deletions charts/snyk-broker/templates/broker_deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -270,7 +270,7 @@ spec:
name: {{ .Values.scmType}}-broker-token-{{ .Release.Name }}
key: "{{ .Values.scmType}}-broker-token-key"
- name: CR_AGENT_URL
value: http://cra-service:{{ .Values.deployment.container.crSnykPort | toString }}
value: http://cra-service-{{ .Release.Name }}:{{ .Values.deployment.container.crSnykPort | toString }}
- name: CR_TYPE
value: {{ .Values.crType }}
- name: CR_BASE
Expand Down Expand Up @@ -298,7 +298,7 @@ spec:
- name: BROKER_CLIENT_URL
value: {{ .Values.brokerClientUrl }}
- name: BROKER_CLIENT_VALIDATION_URL
value: http://cra-service:{{ .Values.deployment.container.crSnykPort | toString }}/healthcheck
value: http://cra-service-{{ .Release.Name }}:{{ .Values.deployment.container.crSnykPort | toString }}/healthcheck
{{- end }}
{{- if .Values.enableCodeAgent }}
# Code Agent
Expand Down
4 changes: 2 additions & 2 deletions charts/snyk-broker/templates/cra_deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "snyk-broker.serviceAccountName" . }}
serviceAccountName: {{ include "snyk-broker.serviceAccountName" . }}-{{ .Release.Name }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
Expand Down Expand Up @@ -77,6 +77,6 @@ spec:
- port: {{ .Values.deployment.container.crSnykPort }}
targetPort: {{ .Values.deployment.container.crSnykPort}}
selector:
app.kubernetes.io/name: {{ .Release.Name }}-cr
app.kubernetes.io/name: {{ .Release.Name }}-cr-{{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
152 changes: 152 additions & 0 deletions charts/snyk-broker/tests/__snapshot__/broker_cra_deployment_test.yaml.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,152 @@
with CRA:
1: |
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.2
name: container-registry-agent-broker-RELEASE-NAME
namespace: NAMESPACE
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
template:
metadata:
labels:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
spec:
containers:
- env:
- name: BROKER_SERVER_URL
value: https://broker.test.snyk.io
- name: BROKER_HEALTHCHECK_PATH
value: /healthcheck
- name: BROKER_SYSTEMCHECK_PATH
value: /systemcheck
- name: BROKER_TOKEN
valueFrom:
secretKeyRef:
key: container-registry-agent-broker-token-key
name: container-registry-agent-broker-token-RELEASE-NAME
- name: CR_AGENT_URL
value: http://cra-service-RELEASE-NAME:8081
- name: CR_TYPE
value: null
- name: CR_BASE
value: null
- name: CR_USERNAME
value: null
- name: CR_PASSWORD
valueFrom:
secretKeyRef:
key: container-registry-agent-token-key
name: container-registry-agent-token-RELEASE-NAME
- name: CR_TOKEN
valueFrom:
secretKeyRef:
key: container-registry-agent-token-key
name: container-registry-agent-token-RELEASE-NAME
- name: CR_ROLE_ARN
value: arn:aws-us-gov:iam::123456789012:role
- name: CR_REGION
value: eu-west
- name: CR_EXTERNAL_ID
value: 11111111-1111-1111-1111-111111111111
- name: PORT
value: "8000"
- name: BROKER_CLIENT_URL
value: http://brokerclient
- name: BROKER_CLIENT_VALIDATION_URL
value: http://cra-service-RELEASE-NAME:8081/healthcheck
- name: LOG_LEVEL
value: info
- name: LOG_ENABLE_BODY
value: "false"
- name: BROKER_DISPATCHER_BASE_URL
value: https://api.test.snyk.io
image: snyk/broker:container-registry-agent
imagePullPolicy: Always
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthcheck
port: 8000
initialDelaySeconds: 3
periodSeconds: 10
timeoutSeconds: 1
name: container-registry-agent-broker-RELEASE-NAME
ports:
- containerPort: 8000
name: http
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthcheck
port: 8000
initialDelaySeconds: 3
periodSeconds: 10
timeoutSeconds: 1
resources:
limits:
cpu: 1
memory: 256Mi
requests:
cpu: 1
memory: 256Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
volumeMounts: null
securityContext: {}
serviceAccountName: snyk-broker-RELEASE-NAME
volumes: null
2: |
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.2
name: container-registry-agent-broker-service-RELEASE-NAME
namespace: NAMESPACE
spec:
ports:
- port: 8000
targetPort: 8000
selector:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
type: ClusterIP
3: |
apiVersion: v1
data:
container-registry-agent-broker-token-key: MTIz
kind: Secret
metadata:
name: container-registry-agent-broker-token-RELEASE-NAME
type: Opaque
4: |
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.2
name: snyk-broker-RELEASE-NAME
namespace: NAMESPACE
16 changes: 8 additions & 8 deletions charts/snyk-broker/tests/__snapshot__/broker_deployment_configmap_test.yaml.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ cacert:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.1
helm.sh/chart: snyk-broker-2.0.2
name: github-com-broker-RELEASE-NAME
namespace: NAMESPACE
spec:
Expand Down Expand Up @@ -111,7 +111,7 @@ cacert:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.1
helm.sh/chart: snyk-broker-2.0.2
name: github-com-broker-service-RELEASE-NAME
namespace: NAMESPACE
spec:
Expand Down Expand Up @@ -153,7 +153,7 @@ cacert:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.1
helm.sh/chart: snyk-broker-2.0.2
name: RELEASE-NAME-snyk-broker-cacert-configmap-RELEASE-NAME
namespace: NAMESPACE
4: |
Expand All @@ -172,7 +172,7 @@ cacert:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.1
helm.sh/chart: snyk-broker-2.0.2
name: snyk-broker-RELEASE-NAME
namespace: NAMESPACE
cacertfile:
Expand All @@ -184,7 +184,7 @@ cacertfile:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.1
helm.sh/chart: snyk-broker-2.0.2
name: github-com-broker-RELEASE-NAME
namespace: NAMESPACE
spec:
Expand Down Expand Up @@ -280,7 +280,7 @@ cacertfile:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.1
helm.sh/chart: snyk-broker-2.0.2
name: github-com-broker-service-RELEASE-NAME
namespace: NAMESPACE
spec:
Expand All @@ -301,7 +301,7 @@ cacertfile:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.1
helm.sh/chart: snyk-broker-2.0.2
name: RELEASE-NAME-snyk-broker-cacert-configmap-RELEASE-NAME
namespace: NAMESPACE
4: |
Expand All @@ -320,6 +320,6 @@ cacertfile:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.1
helm.sh/chart: snyk-broker-2.0.2
name: snyk-broker-RELEASE-NAME
namespace: NAMESPACE
8 changes: 4 additions & 4 deletions charts/snyk-broker/tests/__snapshot__/broker_deployment_ingress_test.yaml.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ ingress:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.1
helm.sh/chart: snyk-broker-2.0.2
name: github-com-broker-RELEASE-NAME
namespace: NAMESPACE
spec:
Expand Down Expand Up @@ -103,7 +103,7 @@ ingress:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.1
helm.sh/chart: snyk-broker-2.0.2
name: RELEASE-NAME-snyk-broker-RELEASE-NAME
namespace: NAMESPACE
spec:
Expand All @@ -123,7 +123,7 @@ ingress:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.1
helm.sh/chart: snyk-broker-2.0.2
name: github-com-broker-service-RELEASE-NAME
namespace: NAMESPACE
spec:
Expand All @@ -150,6 +150,6 @@ ingress:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: snyk-broker-RELEASE-NAME
helm.sh/chart: snyk-broker-2.0.1
helm.sh/chart: snyk-broker-2.0.2
name: snyk-broker-RELEASE-NAME
namespace: NAMESPACE
Loading
Loading