back-stack · kurktchiev · Feb 21, 2024 · Feb 8, 2024 · Feb 12, 2024 · Feb 13, 2024
diff --git a/.DS_Store b/.DS_Store
diff --git a/.github/workflows/generate-cluster-claim.yml b/.github/workflows/generate-cluster-claim.yml
@@ -10,18 +10,18 @@ on:
     inputs:
       clustername:
         # Friendly description to be shown in the UI instead of 'name'
-        description: 'Cluster name'
+        description: "Cluster name"
         # Default value if no value is explicitly provided
-        default: 'cluster'
+        default: "cluster"
         # Input has to be provided for the workflow to run
         required: true
         # The data type of the input
         type: string
       numNodes:
         # Friendly description to be shown in the UI instead of 'name'
-        description: 'Number of nodes in this cluster'
+        description: "Number of nodes in this cluster"
         # Default value if no value is explicitly provided
-        default: '1'
+        default: "1"
         # Input has to be provided for the workflow to run
         required: true
         # The data type of the input
@@ -36,33 +36,33 @@ jobs:
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
-    - name: Checkout template
-      uses: actions/checkout@v2
-
-    # Runs a single command using the runners shell
-    - name: Generate cluster claim
-      run: |
-        cp demo/template/cluster-claim-template.yaml ./demo/clusters/${{ inputs.clustername }}-cluster.yaml
-        sed -i 's/{{cluster-name}}/${{ inputs.clustername }}/g' ./demo/clusters/${{ inputs.clustername }}-cluster.yaml
-        sed -i 's/{{num-nodes}}/${{ inputs.numNodes }}/g' ./demo/clusters/${{ inputs.clustername }}-cluster.yaml
-
-    - name: Install Kyverno CLI
-      uses: kyverno/action-install-cli@v0.2.0
+      - name: Checkout template
+        uses: actions/checkout@v2
 
-    - name: Check Kyverno install
-      run: kyverno version
+      # Runs a single command using the runners shell
+      - name: Generate cluster claim
+        run: |
+          cp demo/template/cluster-claim-template.yaml ./demo/clusters/${{ inputs.clustername }}-cluster.yaml
+          sed -i 's/{{cluster-name}}/${{ inputs.clustername }}/g' ./demo/clusters/${{ inputs.clustername }}-cluster.yaml
+          sed -i 's/{{num-nodes}}/${{ inputs.numNodes }}/g' ./demo/clusters/${{ inputs.clustername }}-cluster.yaml
 
-    - name: Validate cluster claim
-      run: |
-        kyverno apply ./kyverno/policies/crossplane -b main  --resource=./demo/clusters/${{ inputs.clustername }}-cluster.yaml        
-
-    - name: Setup git config
-      run: |
-        # setup the username and email. I tend to use 'GitHub Actions Bot' with no email by default
-        git config user.name "GitHub Actions Bot"
-        git config user.email "<>"
-    - name: Commit file
-      run: |
-        git add ./demo/clusters/${{ inputs.clustername }}-cluster.yaml
-        git commit -m "Created cluster claim"
-        git push origin
+      - name: Install Kyverno CLI
+        uses: kyverno/action-install-cli@v0.2.0
+
+      - name: Check Kyverno install
+        run: kyverno version
+
+      - name: Validate cluster claim
+        run: |
+          kyverno apply ./kyverno/policies/crossplane -b main  --resource=./demo/clusters/${{ inputs.clustername }}-cluster.yaml
+
+      - name: Setup git config
+        run: |
+          # setup the username and email. I tend to use 'GitHub Actions Bot' with no email by default
+          git config user.name "GitHub Actions Bot"
+          git config user.email "<>"
+      - name: Commit file
+        run: |
+          git add ./demo/clusters/${{ inputs.clustername }}-cluster.yaml
+          git commit -m "Created cluster claim"
+          git push origin
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -7,29 +7,34 @@ on:
   workflow_dispatch: {}
 
 env:
+  BACK_STACK_VERSION: v0.1.0
   REGISTRY: ghcr.io
   IMAGE_NAME: ${{ github.repository }}
   CROSSPLANE_VERSION: v1.14.4
   PORTER_VERSION: v1.0.15
+  PORTER_MIXIN_DOCKER_VERSION: v1.0.2
+  PORTER_MIXIN_KUBERNETES_VERSION: v1.0.3
+  PORTER_MIXIN_HELM_VERSION: v1.0.1
+  PORTER_MIXIN_HELM_URL: https://mchorfa.github.io/porter-helm3/atom.xml
 
 jobs:
   configuration:
     runs-on: ubuntu-22.04
-    
+
     permissions:
       contents: read
       packages: write
-    
+
     steps:
       - name: Checkout
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      
+
       - name: Fetch Package Tag
         run: echo "VERSION_TAG=$(git rev-parse --short=8 HEAD)" >> $GITHUB_OUTPUT
         id: tag
-      
+
       - name: Log into ${{ env.REGISTRY }}
         uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
         with:
@@ -41,28 +46,28 @@ jobs:
         run: |
           curl -Lo /usr/local/bin/crossplane "https://releases.crossplane.io/stable/${{ env.CROSSPLANE_VERSION }}/bin/linux_amd64/crank" \
           && chmod +x /usr/local/bin/crossplane
-      
+
       - name: Build Configuration Package
         run: |
           crossplane xpkg build --package-root=crossplane/ -o crossplane/back-stack.xpkg
-      
+
       - name: Push ${{ steps.tag.outputs.VERSION_TAG }} & latest
         run: |
           crossplane xpkg push -f crossplane/back-stack.xpkg ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-configuration:${{ steps.tag.outputs.VERSION_TAG }}
           crossplane xpkg push -f crossplane/back-stack.xpkg ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-configuration:latest
 
   backstage:
     runs-on: ubuntu-latest
-    
+
     permissions:
       contents: read
       packages: write
-    
+
     steps:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      
+
       - name: Set tag
         run: echo "VERSION_TAG=$(git rev-parse --short=8 HEAD)" >> $GITHUB_OUTPUT
         id: tag
@@ -71,7 +76,7 @@ jobs:
         uses: actions/setup-node@v3
         with:
           node-version: 18.x
-      
+
       - name: Log in to the Container registry
         uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
         with:
@@ -90,7 +95,7 @@ jobs:
         with:
           dir: backstage
           cmd: build:backend
-      
+
       - name: Build the image
         uses: borales/actions-yarn@v4
         with:
@@ -102,23 +107,23 @@ jobs:
         run: |
           docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-backstage:${{ steps.tag.outputs.VERSION_TAG }}
           docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-backstage:latest
-  
+
   bundle:
     runs-on: ubuntu-latest
-    
+
     permissions:
       contents: read
       packages: write
-    
+
     steps:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      
+
       - name: Set tag
         run: echo "VERSION_TAG=$(git rev-parse --short=8 HEAD)" >> $GITHUB_OUTPUT
         id: tag
-      
+
       - name: Log in to the Container registry
         uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
         with:
@@ -133,13 +138,13 @@ jobs:
 
       - name: Install porter mixins
         run: |
-          porter mixin install docker --version v1.0.2 && porter mixin install kubernetes --version v1.0.3 && porter mixin install helm3 --feed-url https://mchorfa.github.io/porter-helm3/atom.xml --version v1.0.1
+          porter mixin install docker --version $PORTER_MIXIN_DOCKER_VERSION && porter mixin install kubernetes --version $PORTER_MIXIN_KUBERNETES_VERSION && porter mixin install helm3 --feed-url $PORTER_MIXIN_HELM_URL --version $PORTER_MIXIN_HELM_VERSION
 
       - name: Build Porter bundle
         run: |
-          porter build --dir bundle --version 0.5.0+${{ steps.tag.outputs.VERSION_TAG }}
-      
+          porter build --dir bundle --version $BACK_STACK_VERSION+${{ steps.tag.outputs.VERSION_TAG }}
+
       - name: Publish Porter bundle
         run: |
           porter publish --dir bundle --registry ${{ env.REGISTRY }}/back-stack
-          porter publish --dir bundle --registry ${{ env.REGISTRY }}/back-stack --tag latest
+          porter publish --dir bundle --registry ${{ env.REGISTRY }}/back-stack --tag latest --force
diff --git a/.github/workflows/validate-apps-workflow.yml b/.github/workflows/validate-apps-workflow.yml
@@ -3,9 +3,9 @@ name: Validate applications workflow
 on:
   pull_request:
     branches:
-    - main
+      - main
     paths:
-    - 'demo/applications/*.yaml'
+      - "demo/applications/*.yaml"
 
 # A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
@@ -16,15 +16,15 @@ jobs:
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
-    - name: Checkout template
-      uses: actions/checkout@v2
+      - name: Checkout template
+        uses: actions/checkout@v2
 
-    - name: Install Kyverno CLI
-      uses: kyverno/action-install-cli@v0.2.0
+      - name: Install Kyverno CLI
+        uses: kyverno/action-install-cli@v0.2.0
 
-    - name: Check Kyverno install
-      run: kyverno version
+      - name: Check Kyverno install
+        run: kyverno version
 
-    - name: Validate application
-      run: |
-        kyverno apply ./kyverno/policies/pod-security -b main  --resource=./demo/applications
+      - name: Validate application
+        run: |
+          kyverno apply ./kyverno/policies/pod-security -b main  --resource=./demo/applications
diff --git a/.github/workflows/validate-cluster-claim.yml b/.github/workflows/validate-cluster-claim.yml
@@ -3,9 +3,9 @@ name: Validate cluster claim workflow
 on:
   pull_request:
     branches:
-    - main
+      - main
     paths:
-    - 'demo/clusters/*.yaml'
+      - "demo/clusters/*.yaml"
 
 # A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
@@ -16,15 +16,15 @@ jobs:
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
-    - name: Checkout template
-      uses: actions/checkout@v2
+      - name: Checkout template
+        uses: actions/checkout@v2
 
-    - name: Install Kyverno CLI
-      uses: kyverno/action-install-cli@v0.2.0
+      - name: Install Kyverno CLI
+        uses: kyverno/action-install-cli@v0.2.0
 
-    - name: Check Kyverno install
-      run: kyverno version
+      - name: Check Kyverno install
+        run: kyverno version
 
-    - name: Validate cluster claim
-      run: |
-        kyverno apply ./kyverno/policies/crossplane -b main  --resource=./demo/clusters
+      - name: Validate cluster claim
+        run: |
+          kyverno apply ./kyverno/policies/crossplane -b main  --resource=./demo/clusters
diff --git a/argocd/appsets/appset_kyverno.yaml b/argocd/appsets/appset_kyverno.yaml
@@ -5,34 +5,34 @@ metadata:
   namespace: argocd
 spec:
   generators:
-  - clusters:
-      selector:
-        matchLabels:
-          clusterType: spoke        
-  template: 
+    - clusters:
+        selector:
+          matchLabels:
+            clusterType: spoke
+  template:
     metadata:
-      name: '{{name}}-kyverno'
+      name: "{{name}}-kyverno"
       annotations:
         argocd.argoproj.io/sync-wave: "1"
     spec:
       project: "default"
       source:
         repoURL: https://github.com/kyverno/kyverno
-        targetRevision: release-1.10
+        targetRevision: release-1.11
         path: charts/kyverno
         helm:
           releaseName: "{{name}}-kyverno"
           valueFiles:
-          - "values.yaml"
+            - "values.yaml"
       destination:
-        server: '{{server}}'
+        server: "{{server}}"
         namespace: kyverno
       syncPolicy:
         syncOptions:
-        - Replace=true
-        - CreateNamespace=true
+          - Replace=true
+          - CreateNamespace=true
         automated:
-          selfHeal: true  
+          selfHeal: true
         retry:
           limit: 30
           backoff:

diff --git a/argocd/appsets/appset_kyverno_policies.yaml b/argocd/appsets/appset_kyverno_policies.yaml
@@ -5,33 +5,33 @@ metadata:
   namespace: argocd
 spec:
   generators:
-  - clusters:
-      selector:
-        matchLabels:
-          clusterType: spoke        
-  template: 
+    - clusters:
+        selector:
+          matchLabels:
+            clusterType: spoke
+  template:
     metadata:
-      name: '{{name}}-kyverno-policies'
+      name: "{{name}}-kyverno-policies"
       annotations:
         argocd.argoproj.io/sync-wave: "1"
     spec:
       project: "default"
       source:
         repoURL: https://github.com/kyverno/kyverno
-        targetRevision: release-1.10
+        targetRevision: release-1.11
         path: charts/kyverno-policies
         helm:
           releaseName: "{{name}}-kyverno-policies"
           valueFiles:
-          - "values.yaml"
+            - "values.yaml"
       destination:
-        server: '{{server}}'
+        server: "{{server}}"
         namespace: kyverno
       syncPolicy:
         syncOptions:
-        - Replace=true
+          - Replace=true
         automated:
-          selfHeal: true  
+          selfHeal: true
         retry:
           limit: 30
           backoff: