add precommit and fix postgres job

aenix-io · Oct 10, 2024 · 910a026 · 910a026
1 parent dc9d8bb
commit 910a026
Show file tree

Hide file tree

Showing 9 changed files with 137 additions and 27 deletions.
diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml
@@ -0,0 +1,21 @@
+name: Pre-Commit Checks
+
+on: [push, pull_request]
+
+jobs:
+  pre-commit:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Set up Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: '3.8'
+
+      - name: Install pre-commit
+        run: pip install pre-commit
+
+      - name: Run pre-commit hooks
+        run: git diff --name-only HEAD^ | grep '\.yaml\|\.md' | xargs pre-commit run --files
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -0,0 +1,16 @@
+repos:
+- repo: https://github.com/pre-commit/pre-commit-hooks
+  rev: v4.5.0
+  hooks:
+    - id: end-of-file-fixer
+    - id: trailing-whitespace
+    - id: mixed-line-ending
+      args: [--fix=lf]
+    - id: check-yaml
+      exclude: packages/apps/postgres/templates/init-script.yaml
+      args: [--unsafe]
+- repo: https://github.com/igorshubovych/markdownlint-cli
+  rev: v0.41.0
+  hooks:
+  - id: markdownlint
+    args: [--fix, --disable, MD013, MD041, --]
diff --git a/README.md b/README.md
@@ -6,25 +6,25 @@
 [![Support](https://img.shields.io/badge/$-support-12a0df.svg?style=flat)](https://aenix.io/contact-us/#meet)
 [![Active](http://img.shields.io/badge/Status-Active-green.svg)](https://aenix.io/cozystack/)
 [![GitHub Release](https://img.shields.io/github/release/aenix-io/cozystack.svg?style=flat)](https://github.com/aenix-io/cozystack)
-[![GitHub Commit](https://img.shields.io/github/commit-activity/y/aenix-io/cozystack)](https://github.com/aenix-io/cozystack) 
+[![GitHub Commit](https://img.shields.io/github/commit-activity/y/aenix-io/cozystack)](https://github.com/aenix-io/cozystack)
 
 # Cozystack
 
 **Cozystack** is a free PaaS platform and framework for building clouds.
 
 With Cozystack, you can transform your bunch of servers into an intelligent system with a simple REST API for spawning Kubernetes clusters, Database-as-a-Service, virtual machines, load balancers, HTTP caching services, and other services with ease.
 
-You can use Cozystack to build your own cloud or to provide a cost-effective development environments.  
+You can use Cozystack to build your own cloud or to provide a cost-effective development environments.
 
 ## Use-Cases
 
-* [**Using Cozystack to build public cloud**](https://cozystack.io/docs/use-cases/public-cloud/)  
+* [**Using Cozystack to build public cloud**](https://cozystack.io/docs/use-cases/public-cloud/)
 You can use Cozystack as backend for a public cloud
 
-* [**Using Cozystack to build private cloud**](https://cozystack.io/docs/use-cases/private-cloud/)  
+* [**Using Cozystack to build private cloud**](https://cozystack.io/docs/use-cases/private-cloud/)
 You can use Cozystack as platform to build a private cloud powered by Infrastructure-as-Code approach
 
-* [**Using Cozystack as Kubernetes distribution**](https://cozystack.io/docs/use-cases/kubernetes-distribution/)  
+* [**Using Cozystack as Kubernetes distribution**](https://cozystack.io/docs/use-cases/kubernetes-distribution/)
 You can use Cozystack as Kubernetes distribution for Bare Metal
 
 ## Screenshot
@@ -41,10 +41,10 @@ If you encounter any difficulties, start with the [troubleshooting guide](https:
 
 ## Versioning
 
-Versioning adheres to the [Semantic Versioning](http://semver.org/) principles.  
+Versioning adheres to the [Semantic Versioning](http://semver.org/) principles.
 A full list of the available releases is available in the GitHub repository's [Release](https://github.com/aenix-io/cozystack/releases) section.
 
-- [Roadmap](https://github.com/orgs/aenix-io/projects/2)
+* [Roadmap](https://github.com/orgs/aenix-io/projects/2)
 
 ## Contributions
 
@@ -62,7 +62,7 @@ You can join our weekly community meetings (just add this events to your [Google
 
 ## License
 
-Cozystack is licensed under Apache 2.0.  
+Cozystack is licensed under Apache 2.0.
 The code is provided as-is with no warranties.
 
 ## Commercial Support

diff --git a/packages/apps/README.md b/packages/apps/README.md
@@ -0,0 +1,9 @@
+### How to test packages local
+
+```bash
+cd packages/core/installer
+make image-cozystack REGISTRY=YOUR_CUSTOM_REGISTRY
+make apply
+kubectl delete pod dashboard-redis-master-0 -n cozy-dashboard
+kubectl delete po -l app=source-controller -n cozy-fluxcd
+```
diff --git a/packages/apps/postgres/README.md b/packages/apps/postgres/README.md
@@ -6,30 +6,34 @@ PostgreSQL is currently the leading choice among relational databases, known for
 
 This managed service is controlled by the CloudNativePG operator, ensuring efficient management and seamless operation.
 
-- Docs: https://cloudnative-pg.io/docs/
-- Github: https://github.com/cloudnative-pg/cloudnative-pg
+- Docs: <https://cloudnative-pg.io/docs/>
+- Github: <https://github.com/cloudnative-pg/cloudnative-pg>
 
 ## HowTos
 
 ### How to switch master/slave replica
 
 See:
-- https://cloudnative-pg.io/documentation/1.15/rolling_update/#manual-updates-supervised
 
-### How to restore backup:
+- <https://cloudnative-pg.io/documentation/1.15/rolling_update/#manual-updates-supervised>
+
+### How to restore backup
 
 find snapshot:
-```
+
+```bash
 restic -r s3:s3.example.org/postgres-backups/database_name snapshots
 ```
 
 restore:
-```
+
+```bash
 restic -r s3:s3.example.org/postgres-backups/database_name restore latest --target /tmp/
 ```
 
 more details:
-- https://itnext.io/restic-effective-backup-from-stdin-4bc1e8f083c1
+
+- <https://itnext.io/restic-effective-backup-from-stdin-4bc1e8f083c1>
 
 ## Parameters
 
@@ -64,5 +68,3 @@ more details:
 | `backup.s3AccessKey`     | The access key for S3, used for authentication | `oobaiRus9pah8PhohL1ThaeTa4UVa7gu`                     |
 | `backup.s3SecretKey`     | The secret key for S3, used for authentication | `ju3eum4dekeich9ahM1te8waeGai0oog`                     |
 | `backup.resticPassword`  | The password for Restic backup encryption      | `ChaXoveekoh6eigh4siesheeda2quai0`                     |
-
-
diff --git a/packages/apps/postgres/templates/init-script.yaml b/packages/apps/postgres/templates/init-script.yaml
@@ -34,6 +34,9 @@ stringData:
   init.sh: |
     #!/bin/bash
     set -e
+
+    until pg_isready ; do sleep 5; done
+
     echo "== create users"
     {{- if .Values.users }}
     psql -v ON_ERROR_STOP=1 <<\EOT
@@ -60,7 +63,7 @@ stringData:
     DROP USER $user;
     EOT
     done
-    
+
     echo "== create databases and roles"
     {{- if .Values.databases }}
     psql -v ON_ERROR_STOP=1 --echo-all <<\EOT
@@ -92,7 +95,7 @@ stringData:
         FOR schema_record IN SELECT schema_name FROM information_schema.schemata WHERE schema_name NOT IN ('pg_catalog', 'information_schema') LOOP
             -- Changing Schema Ownership
             EXECUTE format('ALTER SCHEMA %I OWNER TO %I', schema_record.schema_name, '{{ $database }}_admin');
-    
+
             -- Add rights for the admin role
             EXECUTE format('GRANT ALL ON SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_admin');
             EXECUTE format('GRANT ALL ON ALL TABLES IN SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_admin');
@@ -101,7 +104,7 @@ stringData:
             EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON TABLES TO %I', schema_record.schema_name, '{{ $database }}_admin');
             EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON SEQUENCES TO %I', schema_record.schema_name, '{{ $database }}_admin');
             EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON FUNCTIONS TO %I', schema_record.schema_name, '{{ $database }}_admin');
-    
+
             -- Add rights for the readonly role
             EXECUTE format('GRANT USAGE ON SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_readonly');
             EXECUTE format('GRANT SELECT ON ALL TABLES IN SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_readonly');
@@ -119,9 +122,9 @@ stringData:
     CREATE OR REPLACE FUNCTION auto_grant_schema_privileges()
     RETURNS event_trigger LANGUAGE plpgsql AS $$
     DECLARE
-      obj record;
+        obj record;
     BEGIN
-      FOR obj IN SELECT * FROM pg_event_trigger_ddl_commands() WHERE command_tag = 'CREATE SCHEMA' LOOP
+        FOR obj IN SELECT * FROM pg_event_trigger_ddl_commands() WHERE command_tag = 'CREATE SCHEMA' LOOP
         EXECUTE format('ALTER SCHEMA %I OWNER TO %I', obj.object_identity, '{{ $database }}_admin');
         EXECUTE format('GRANT ALL ON SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_admin');
         EXECUTE format('GRANT USAGE ON SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_readonly');
@@ -146,7 +149,7 @@ stringData:
         EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT SELECT ON TABLES TO %I', obj.object_identity, '{{ $database }}_readonly');
         EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT USAGE ON SEQUENCES TO %I', obj.object_identity, '{{ $database }}_readonly');
         EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT EXECUTE ON FUNCTIONS TO %I', obj.object_identity, '{{ $database }}_readonly');
-      END LOOP;
+        END LOOP;
     END;
     $$;
 

diff --git a/packages/core/installer/Makefile b/packages/core/installer/Makefile
@@ -1,5 +1,8 @@
 NAME=installer
 NAMESPACE=cozy-system
+YQ_VERSION=v4.35.1
+RED = \033[31m
+RESET = \033[0m
 
 TALOS_VERSION=$(shell awk '/^version:/ {print $$2}' images/talos/profiles/installer.yaml)
 
@@ -17,22 +20,36 @@ diff:
 update:
 	hack/gen-profiles.sh
 
-image: image-cozystack image-talos image-matchbox
+image: check-yq-version image-cozystack image-talos image-matchbox
+
+check-yq-version:
+	@current_version=$$(yq -V | grep -oP 'v[0-9]+\.[0-9]+\.[0-9]+') ; \
+	if [ -z "$$current_version" ]; then \
+	    echo "yq is not installed or version cannot be determined." ; \
+	    exit 1 ; \
+	fi ; \
+	echo "Current yq version: $$current_version" ; \
+	if [ "$$(printf '%s\n' "$(YQ_VERSION)" "$$current_version" | sort -V | head -n1)" = "$(YQ_VERSION)" ]; then \
+	    echo "Greater than or equal to $(YQ_VERSION)" ; \
+	else \
+	    echo "$(RED)ERROR: yq version less than $(YQ_VERSION)$(RESET)" ; \
+	    exit 1 ; \
+	fi
 
 image-cozystack:
 	make -C ../../.. repos
 	docker buildx build -f images/cozystack/Dockerfile ../../.. \
 		--provenance false \
 		--tag $(REGISTRY)/cozystack:$(call settag,$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/cozystack:latest \
-		--platform linux/amd64,linux/arm64 \
+		--platform linux/amd64 \
 		--cache-to type=inline \
 		--metadata-file images/cozystack.json \
 		--push=$(PUSH) \
 		--load=$(LOAD)
 	IMAGE="$(REGISTRY)/cozystack:$(call settag,$(TAG))@$$(yq e '."containerimage.digest"' images/cozystack.json -o json -r)" \
 		yq -i '.cozystack.image = strenv(IMAGE)' values.yaml
-	rm -f images/cozystack.json
+
 
 image-talos:
 	test -f ../../../_out/assets/installer-amd64.tar || make talos-installer

diff --git a/packages/core/installer/images/cozystack.json b/packages/core/installer/images/cozystack.json
@@ -0,0 +1,42 @@
+{
+  "buildx.build.provenance": {
+    "buildType": "https://mobyproject.org/buildkit@v1",
+    "materials": [
+      {
+        "uri": "pkg:docker/[email protected]?platform=linux%2Famd64",
+        "digest": {
+          "sha256": "ae65dbf8749a7d4527648ccee1fa3deb6bfcae34cbc30fc67aa45c44dcaa90ee"
+        }
+      },
+      {
+        "uri": "pkg:docker/[email protected]?platform=linux%2Famd64",
+        "digest": {
+          "sha256": "f6392ffebb028fed5ffe743ddb9716e38402c978779edd66474bb5d05f5e65e4"
+        }
+      }
+    ],
+    "invocation": {
+      "configSource": {
+        "entryPoint": "Dockerfile"
+      },
+      "parameters": {
+        "frontend": "dockerfile.v0",
+        "locals": [
+          {
+            "name": "context"
+          },
+          {
+            "name": "dockerfile"
+          }
+        ]
+      },
+      "environment": {
+        "platform": "linux/amd64"
+      }
+    }
+  },
+  "buildx.build.ref": "default/default/0xfyd6oaq6jf2ad1uyltla63y",
+  "containerimage.config.digest": "sha256:18de848878b8ae2fddaa05c199b7679b305d7666049e21c2e81a01a6e95bd05c",
+  "containerimage.digest": "sha256:734e5cf818dbf886c165a49dbbd2776efc87adae046cf5f24f1d0ae98ea16dbe",
+  "image.name": "docker.io/kklinch0/cozystack:latest"
+}
diff --git a/packages/core/installer/values.yaml b/packages/core/installer/values.yaml
@@ -1,2 +1,2 @@
 cozystack:
-  image: ghcr.io/aenix-io/cozystack/cozystack:v0.16.4@sha256:e2de79d1dd00a95a6876f6e4daf281eb27e8cc9d57fa2e9ea137192b544d38a7
+  image: kklinch0/cozystack:latest@sha256:734e5cf818dbf886c165a49dbbd2776efc87adae046cf5f24f1d0ae98ea16dbe