Merge code from master (#1058)

opendevstack · Nov 7, 2023 · bb5dc58 · bb5dc58
1 parent 767a864
commit bb5dc58
Show file tree

Hide file tree

Showing 27 changed files with 218 additions and 1,167 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,10 @@
+# Set update schedule for GitHub Actions
+
+version: 2
+updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      # Check for updates to GitHub Actions every week
+      interval: "weekly"
diff --git a/.github/workflows/changelog-enforcer.yml b/.github/workflows/changelog-enforcer.yml
@@ -8,8 +8,8 @@ jobs:
   changelog:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: dangoslen/changelog-enforcer@v2
+      - uses: actions/checkout@v4.1.0
+      - uses: dangoslen/changelog-enforcer@v3
         with:
           changeLogPath: 'CHANGELOG.md'
           skipLabels: 'skip changelog'

diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml
@@ -7,7 +7,7 @@ jobs:
         runs-on: ubuntu-latest
         steps:
             - name: Checkout
-              uses: actions/checkout@v2.0.0
+              uses: actions/checkout@v4.1.0
 
             - name: check the value of github.workspace and runner.temp
               run: |
@@ -22,7 +22,7 @@ jobs:
                 check-latest: true
 
             - name: Cache
-              uses: actions/cache@v1
+              uses: actions/cache@v3
               with:
                   path: ~/.gradle/caches
                   key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
@@ -41,14 +41,14 @@ jobs:
                   NO_NEXUS: true
 
             - name: CodeNarc Report
-              uses: actions/upload-artifact@v2
+              uses: actions/upload-artifact@v3
               if: ${{ always() }}
               with:
                   name: CodeNarc Report
                   path: build/reports/codenarc/main.html
 
             - name: Test Report
-              uses: actions/upload-artifact@v2
+              uses: actions/upload-artifact@v3
               if: ${{ always() }}
               with:
                   name: Test Report

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,12 +2,18 @@
 
 ## Unreleased
 
+## [4.3.3] - 2023-11-07
+
 ### Added
+* Add done boolean flag to data passed to the document template service ([#1048](https://github.com/opendevstack/ods-jenkins-shared-library/issues/1048))
+* Add better documentation for Helm ([#1027](https://github.com/opendevstack/ods-jenkins-shared-library/issues/1027))
 
 ### Changed
+* Remove drift alignment code and pause deploy mechanism ([#1054](https://github.com/opendevstack/ods-jenkins-shared-library/pull/1054))
 
 ### Fixed
 - Generate TRC document in D environment instead of Q ([#1029](https://github.com/opendevstack/ods-jenkins-shared-library/pull/1029))
+* Avoid Groovy string interpolation [#1030](https://github.com/opendevstack/ods-jenkins-shared-library/issues/1030)
 
 ## [4.3.2] - 2023-10-02
 

diff --git a/docs/modules/jenkins-shared-library/pages/index.adoc b/docs/modules/jenkins-shared-library/pages/index.adoc
@@ -1,5 +1,4 @@
 = Jenkins Shared Library
-:page-aliases: latest@ods-jenkins-shared-library:ROOT:index.adoc
 
 OpenDevStack provides a https://jenkins.io/doc/book/pipeline/shared-libraries/[Jenkins Shared Library] which offers three pipelines:
 

diff --git a/...enkins-shared-library/partials/odsComponentStageRolloutOpenShiftDeployment.adoc b/...enkins-shared-library/partials/odsComponentStageRolloutOpenShiftDeployment.adoc
@@ -1,11 +1,58 @@
 // Document generated by render-adoc.go from odsComponentStageRolloutOpenShiftDeployment.adoc.tmpl; DO NOT EDIT.
 
+Rolls out the current resources as defined in the component.
+
+Without any configuration the stage tries to guess what a user expects.
+If the component contains a directory name `chart`, a Helm deployment is assumed.
+If the component contains a directory name `openshift`, a Tailor deployment is assumed.
+If neither exists a Tailor deployment is assumed.
+
+== Helm
+
+Triggers a release or update of an release with Helm.
+
+The stage will use the `helm` command to trigger the release.
+The command will be executed in the directory referenced by `chartDir`.
+If the directory does not exist, the stage will fail.
+
+The images used in the deployment will not be tagged or otherwise modified.
+
+[source,shell]
+----
+HELM_DIFF_IGNORE_UNKNOWN_FLAGS=true helm -n play-dev secrets diff upgrade \
+  --install --atomic --force \
+  -f values.yaml \
+  --set registry=registry.example.com \
+  --set componentId=example-helm-chart \
+  --set imageNamespace=example-dev \
+  --set imageTag=deadbeef69cafebabe \
+  --no-color --three-way-merge --normalize-manifests \
+  example-release . || true
+
+# run the upgrade
+helm -n play-dev secrets upgrade \
+  --install --atomic --force \
+  -f values.yaml \
+  --set registry=registry.example.com \
+  --set componentId=example-helm-chart \
+  --set imageNamespace=play-dev \
+  --set imageTag=deadbeef69cafebabe \
+  example-release .
+----
+
+== Tailor
+
 Triggers (and follows) a rollout of the `DeploymentConfig` related to the repository
 being built.
 
-It achieves this by tagging the image built in `odsComponentStageBuildOpenShiftImage` with `latest`. This might already trigger a rollout based on an existing `ImageTrigger`. If none is set, the stage will start a manual rollout.
+It achieves this by tagging the image built in `odsComponentStageBuildOpenShiftImage` with `latest`.
+This might already trigger a rollout based on an existing `ImageTrigger`.
+If none is set, the stage will start a manual rollout.
 
-If the directory referenced by `openshiftDir` exists, the templates in there will be applied using https://github.com/opendevstack/tailor[Tailor]. In this case, it is recommended to remove any image triggers to avoid duplicate rollouts (one when configuration changes due to a config trigger and one when the image is tagged to `latest`). In addition to the configuration options below, one can use e.g. a `Tailorfile` to adjust the behaviour of Tailor as needed.
+If the directory referenced by `openshiftDir` exists, the templates in there will be applied using https://github.com/opendevstack/tailor[Tailor].
+In this case, it is recommended to remove any image triggers to avoid duplicate rollouts
+(one when configuration changes due to a config trigger and one when the image is tagged to `latest`).
+In addition to the configuration options below, one can use e.g. a `Tailorfile` to adjust the behaviour of Tailor as needed.
 
 == Options
 
@@ -166,12 +213,12 @@ _String_
 | *tailorVerify* +
 _boolean_
 |Whether Tailor verifies the live configuration against the desired state
- after application (defaults to `true`). Only relevant if the directory
+ after application (defaults to `false`). Only relevant if the directory
  referenced by `openshiftDir` exists.
 
 |===
 
-== Differences between tailor and helm deployments
+== Notable Differences between tailor and helm deployments
 
 When tailor does the rollout, all the created or updated OpenShift resources are automatically labeled to ease their management.
 This is in contrast to helm rollouts which rely on the chart providing the desired labels.

diff --git a/...les/jenkins-shared-library/partials/odsComponentStageRolloutOpenShiftDeployment.adoc.tmpl b/...les/jenkins-shared-library/partials/odsComponentStageRolloutOpenShiftDeployment.adoc.tmpl
@@ -1,9 +1,56 @@
+Rolls out the current resources as defined in the component.
+
+Without any configuration the stage tries to guess what a user expects.
+If the component contains a directory name `chart`, a Helm deployment is assumed.
+If the component contains a directory name `openshift`, a Tailor deployment is assumed.
+If neither exists a Tailor deployment is assumed.
+
+== Helm
+
+Triggers a release or update of an release with Helm.
+
+The stage will use the `helm` command to trigger the release.
+The command will be executed in the directory referenced by `chartDir`.
+If the directory does not exist, the stage will fail.
+
+The images used in the deployment will not be tagged or otherwise modified.
+
+[source,shell]
+----
+HELM_DIFF_IGNORE_UNKNOWN_FLAGS=true helm -n play-dev secrets diff upgrade \
+  --install --atomic --force \
+  -f values.yaml \
+  --set registry=registry.example.com \
+  --set componentId=example-helm-chart \
+  --set imageNamespace=example-dev \
+  --set imageTag=deadbeef69cafebabe \
+  --no-color --three-way-merge --normalize-manifests \
+  example-release . || true
+
+# run the upgrade
+helm -n play-dev secrets upgrade \
+  --install --atomic --force \
+  -f values.yaml \
+  --set registry=registry.example.com \
+  --set componentId=example-helm-chart \
+  --set imageNamespace=play-dev \
+  --set imageTag=deadbeef69cafebabe \
+  example-release .
+----
+
+== Tailor
+
 Triggers (and follows) a rollout of the `DeploymentConfig` related to the repository
 being built.
 
-It achieves this by tagging the image built in `odsComponentStageBuildOpenShiftImage` with `latest`. This might already trigger a rollout based on an existing `ImageTrigger`. If none is set, the stage will start a manual rollout.
+It achieves this by tagging the image built in `odsComponentStageBuildOpenShiftImage` with `latest`.
+This might already trigger a rollout based on an existing `ImageTrigger`.
+If none is set, the stage will start a manual rollout.
 
-If the directory referenced by `openshiftDir` exists, the templates in there will be applied using https://github.com/opendevstack/tailor[Tailor]. In this case, it is recommended to remove any image triggers to avoid duplicate rollouts (one when configuration changes due to a config trigger and one when the image is tagged to `latest`). In addition to the configuration options below, one can use e.g. a `Tailorfile` to adjust the behaviour of Tailor as needed.
+If the directory referenced by `openshiftDir` exists, the templates in there will be applied using https://github.com/opendevstack/tailor[Tailor].
+In this case, it is recommended to remove any image triggers to avoid duplicate rollouts
+(one when configuration changes due to a config trigger and one when the image is tagged to `latest`).
+In addition to the configuration options below, one can use e.g. a `Tailorfile` to adjust the behaviour of Tailor as needed.
 
 == Options
 
@@ -18,7 +65,7 @@ _{{.Type}}_
 {{end}}
 |===
 
-== Differences between tailor and helm deployments
+== Notable Differences between tailor and helm deployments
 
 When tailor does the rollout, all the created or updated OpenShift resources are automatically labeled to ease their management.
 This is in contrast to helm rollouts which rely on the chart providing the desired labels.

diff --git a/src/org/ods/component/HelmDeploymentStrategy.groovy b/src/org/ods/component/HelmDeploymentStrategy.groovy
@@ -3,7 +3,6 @@ package org.ods.component
 import groovy.json.JsonOutput
 import groovy.transform.TypeChecked
 import groovy.transform.TypeCheckingMode
-import org.ods.openshift.OpenShiftResourceMetadata
 import org.ods.services.JenkinsService
 import org.ods.services.OpenShiftService
 import org.ods.util.ILogger
@@ -104,10 +103,6 @@ class HelmDeploymentStrategy extends AbstractDeploymentStrategy {
             JsonOutput.prettyPrint(
                 JsonOutput.toJson(deploymentResources)))
 
-
-        Map<String,String> labels = showMandatoryLabels()
-        applyMandatoryLabels(labels, deploymentResources)
-
         // // FIXME: pauseRollouts is non trivial to determine!
         // // we assume that Helm does "Deployment" that should work for most
         // // cases since they don't have triggers.
@@ -117,62 +112,6 @@ class HelmDeploymentStrategy extends AbstractDeploymentStrategy {
         return rolloutData
     }
 
-    private void applyMandatoryLabels(Map<String, String> labels, Map<String, List<String>> deploymentResources) {
-        logger.debug("${this.class.name} -- MANDATORY LABELS")
-        logger.debug(
-            JsonOutput.prettyPrint(
-                JsonOutput.toJson(labels)))
-        logger.debug("${this.class.name} -- MANDATORY LABELS (cleaned)")
-        logger.debug(
-            JsonOutput.prettyPrint(
-                JsonOutput.toJson(labels)))
-        labels.remove { it -> it.value == null }
-        def resourcesToLabel = deploymentResources.collectMany { entry ->
-            entry.value.collect {
-                "${entry.key}/${it}"
-            }
-        }
-        logger.debug("${this.class.name} -- RESOURCE TO LABEL")
-        logger.debug(
-            JsonOutput.prettyPrint(
-                JsonOutput.toJson(resourcesToLabel)))
-        resourcesToLabel.each { resourceToLabel ->
-            openShift.labelResources(context.targetProject, resourceToLabel, labels, null)
-        }
-
-        // Add OpenShiftResouceMetadata.strictEntries here to be sure we have them
-        if (context.triggeredByOrchestrationPipeline) {
-            def additionalLabels = [
-                'app.opendevstack.org/system-name': steps.env?.BUILD_PARAM_CONFIGITEM ?: null,
-                'app.opendevstack.org/project-version': steps.env?.BUILD_PARAM_CHANGEID ?: null,
-                'app.opendevstack.org/work-in-progress': steps.env?.BUILD_PARAM_VERSION == 'WIP' ?: null,
-            ]
-            resourcesToLabel.each { resourceToLabel ->
-                openShift.labelResources(context.targetProject, resourceToLabel, additionalLabels, null)
-            }
-        }
-
-    }
-
-    private def showMandatoryLabels() {
-        // FIXME: OpenShiftResourceMetadata.updateMetadata breaks
-        //  This happens because it, unconditionally, tries to reset some fields
-        def metadataSvc = new OpenShiftResourceMetadata(
-            steps,
-            context.properties,
-            options.properties,
-            logger,
-            openShift
-        )
-
-        // DEBUG what we consider "mandatory"
-        def metadata = metadataSvc.getMandatoryMetadata()
-        logger.debug(
-            JsonOutput.prettyPrint(
-                JsonOutput.toJson(metadata)))
-        return metadata
-    }
-
     private void helmUpgrade(String targetProject) {
         steps.dir(options.chartDir) {
             jenkins.maybeWithPrivateKeyCredentials(options.helmPrivateKeyCredentialsId) { String pkeyFile ->
@@ -255,4 +194,5 @@ class HelmDeploymentStrategy extends AbstractDeploymentStrategy {
         }
         rolloutData
     }
+
 }
diff --git a/src/org/ods/component/RolloutOpenShiftDeploymentOptions.groovy b/src/org/ods/component/RolloutOpenShiftDeploymentOptions.groovy
@@ -103,7 +103,7 @@ class RolloutOpenShiftDeploymentOptions extends Options {
 
     /**
      * Whether Tailor verifies the live configuration against the desired state
-     * after application (defaults to `true`). Only relevant if the directory
+     * after application (defaults to `false`). Only relevant if the directory
      * referenced by `openshiftDir` exists. */
     boolean tailorVerify
 

diff --git a/src/org/ods/component/RolloutOpenShiftDeploymentStage.groovy b/src/org/ods/component/RolloutOpenShiftDeploymentStage.groovy
@@ -82,7 +82,7 @@ class RolloutOpenShiftDeploymentStage extends Stage {
             config.tailorSelector = config.selector
         }
         if (!config.containsKey('tailorVerify')) {
-            config.tailorVerify = true
+            config.tailorVerify = false
         }
         if (!config.containsKey('tailorExclude')) {
             config.tailorExclude = 'bc,is'