From 910a026742cfe1983b6abb63412097bfc39288dd Mon Sep 17 00:00:00 2001 From: Floppy Disk Date: Thu, 10 Oct 2024 18:29:36 +0300 Subject: [PATCH] add precommit and fix postgres job --- .github/workflows/pre-commit.yml | 21 ++++++++++ .pre-commit-config.yaml | 16 +++++++ README.md | 16 +++---- packages/apps/README.md | 9 ++++ packages/apps/postgres/README.md | 20 +++++---- .../apps/postgres/templates/init-script.yaml | 15 ++++--- packages/core/installer/Makefile | 23 ++++++++-- packages/core/installer/images/cozystack.json | 42 +++++++++++++++++++ packages/core/installer/values.yaml | 2 +- 9 files changed, 137 insertions(+), 27 deletions(-) create mode 100644 .github/workflows/pre-commit.yml create mode 100644 .pre-commit-config.yaml create mode 100644 packages/apps/README.md create mode 100644 packages/core/installer/images/cozystack.json diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml new file mode 100644 index 00000000..f6304bf5 --- /dev/null +++ b/.github/workflows/pre-commit.yml @@ -0,0 +1,21 @@ +name: Pre-Commit Checks + +on: [push, pull_request] + +jobs: + pre-commit: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: '3.8' + + - name: Install pre-commit + run: pip install pre-commit + + - name: Run pre-commit hooks + run: git diff --name-only HEAD^ | grep '\.yaml\|\.md' | xargs pre-commit run --files diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 00000000..c669497f --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,16 @@ +repos: +- repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.5.0 + hooks: + - id: end-of-file-fixer + - id: trailing-whitespace + - id: mixed-line-ending + args: [--fix=lf] + - id: check-yaml + exclude: packages/apps/postgres/templates/init-script.yaml + args: [--unsafe] +- repo: https://github.com/igorshubovych/markdownlint-cli + rev: v0.41.0 + hooks: + - id: markdownlint + args: [--fix, --disable, MD013, MD041, --] diff --git a/README.md b/README.md index 6cd02fbe..476f5f0a 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ [![Support](https://img.shields.io/badge/$-support-12a0df.svg?style=flat)](https://aenix.io/contact-us/#meet) [![Active](http://img.shields.io/badge/Status-Active-green.svg)](https://aenix.io/cozystack/) [![GitHub Release](https://img.shields.io/github/release/aenix-io/cozystack.svg?style=flat)](https://github.com/aenix-io/cozystack) -[![GitHub Commit](https://img.shields.io/github/commit-activity/y/aenix-io/cozystack)](https://github.com/aenix-io/cozystack) +[![GitHub Commit](https://img.shields.io/github/commit-activity/y/aenix-io/cozystack)](https://github.com/aenix-io/cozystack) # Cozystack @@ -14,17 +14,17 @@ With Cozystack, you can transform your bunch of servers into an intelligent system with a simple REST API for spawning Kubernetes clusters, Database-as-a-Service, virtual machines, load balancers, HTTP caching services, and other services with ease. -You can use Cozystack to build your own cloud or to provide a cost-effective development environments. +You can use Cozystack to build your own cloud or to provide a cost-effective development environments. ## Use-Cases -* [**Using Cozystack to build public cloud**](https://cozystack.io/docs/use-cases/public-cloud/) +* [**Using Cozystack to build public cloud**](https://cozystack.io/docs/use-cases/public-cloud/) You can use Cozystack as backend for a public cloud -* [**Using Cozystack to build private cloud**](https://cozystack.io/docs/use-cases/private-cloud/) +* [**Using Cozystack to build private cloud**](https://cozystack.io/docs/use-cases/private-cloud/) You can use Cozystack as platform to build a private cloud powered by Infrastructure-as-Code approach -* [**Using Cozystack as Kubernetes distribution**](https://cozystack.io/docs/use-cases/kubernetes-distribution/) +* [**Using Cozystack as Kubernetes distribution**](https://cozystack.io/docs/use-cases/kubernetes-distribution/) You can use Cozystack as Kubernetes distribution for Bare Metal ## Screenshot @@ -41,10 +41,10 @@ If you encounter any difficulties, start with the [troubleshooting guide](https: ## Versioning -Versioning adheres to the [Semantic Versioning](http://semver.org/) principles. +Versioning adheres to the [Semantic Versioning](http://semver.org/) principles. A full list of the available releases is available in the GitHub repository's [Release](https://github.com/aenix-io/cozystack/releases) section. -- [Roadmap](https://github.com/orgs/aenix-io/projects/2) +* [Roadmap](https://github.com/orgs/aenix-io/projects/2) ## Contributions @@ -62,7 +62,7 @@ You can join our weekly community meetings (just add this events to your [Google ## License -Cozystack is licensed under Apache 2.0. +Cozystack is licensed under Apache 2.0. The code is provided as-is with no warranties. ## Commercial Support diff --git a/packages/apps/README.md b/packages/apps/README.md new file mode 100644 index 00000000..b2cb30cf --- /dev/null +++ b/packages/apps/README.md @@ -0,0 +1,9 @@ +### How to test packages local + +```bash +cd packages/core/installer +make image-cozystack REGISTRY=YOUR_CUSTOM_REGISTRY +make apply +kubectl delete pod dashboard-redis-master-0 -n cozy-dashboard +kubectl delete po -l app=source-controller -n cozy-fluxcd +``` diff --git a/packages/apps/postgres/README.md b/packages/apps/postgres/README.md index bf053ed4..c0d2dfd7 100644 --- a/packages/apps/postgres/README.md +++ b/packages/apps/postgres/README.md @@ -6,30 +6,34 @@ PostgreSQL is currently the leading choice among relational databases, known for This managed service is controlled by the CloudNativePG operator, ensuring efficient management and seamless operation. -- Docs: https://cloudnative-pg.io/docs/ -- Github: https://github.com/cloudnative-pg/cloudnative-pg +- Docs: +- Github: ## HowTos ### How to switch master/slave replica See: -- https://cloudnative-pg.io/documentation/1.15/rolling_update/#manual-updates-supervised -### How to restore backup: +- + +### How to restore backup find snapshot: -``` + +```bash restic -r s3:s3.example.org/postgres-backups/database_name snapshots ``` restore: -``` + +```bash restic -r s3:s3.example.org/postgres-backups/database_name restore latest --target /tmp/ ``` more details: -- https://itnext.io/restic-effective-backup-from-stdin-4bc1e8f083c1 + +- ## Parameters @@ -64,5 +68,3 @@ more details: | `backup.s3AccessKey` | The access key for S3, used for authentication | `oobaiRus9pah8PhohL1ThaeTa4UVa7gu` | | `backup.s3SecretKey` | The secret key for S3, used for authentication | `ju3eum4dekeich9ahM1te8waeGai0oog` | | `backup.resticPassword` | The password for Restic backup encryption | `ChaXoveekoh6eigh4siesheeda2quai0` | - - diff --git a/packages/apps/postgres/templates/init-script.yaml b/packages/apps/postgres/templates/init-script.yaml index d02a1894..69d91c25 100644 --- a/packages/apps/postgres/templates/init-script.yaml +++ b/packages/apps/postgres/templates/init-script.yaml @@ -34,6 +34,9 @@ stringData: init.sh: | #!/bin/bash set -e + + until pg_isready ; do sleep 5; done + echo "== create users" {{- if .Values.users }} psql -v ON_ERROR_STOP=1 <<\EOT @@ -60,7 +63,7 @@ stringData: DROP USER $user; EOT done - + echo "== create databases and roles" {{- if .Values.databases }} psql -v ON_ERROR_STOP=1 --echo-all <<\EOT @@ -92,7 +95,7 @@ stringData: FOR schema_record IN SELECT schema_name FROM information_schema.schemata WHERE schema_name NOT IN ('pg_catalog', 'information_schema') LOOP -- Changing Schema Ownership EXECUTE format('ALTER SCHEMA %I OWNER TO %I', schema_record.schema_name, '{{ $database }}_admin'); - + -- Add rights for the admin role EXECUTE format('GRANT ALL ON SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_admin'); EXECUTE format('GRANT ALL ON ALL TABLES IN SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_admin'); @@ -101,7 +104,7 @@ stringData: EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON TABLES TO %I', schema_record.schema_name, '{{ $database }}_admin'); EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON SEQUENCES TO %I', schema_record.schema_name, '{{ $database }}_admin'); EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON FUNCTIONS TO %I', schema_record.schema_name, '{{ $database }}_admin'); - + -- Add rights for the readonly role EXECUTE format('GRANT USAGE ON SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_readonly'); EXECUTE format('GRANT SELECT ON ALL TABLES IN SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_readonly'); @@ -119,9 +122,9 @@ stringData: CREATE OR REPLACE FUNCTION auto_grant_schema_privileges() RETURNS event_trigger LANGUAGE plpgsql AS $$ DECLARE - obj record; + obj record; BEGIN - FOR obj IN SELECT * FROM pg_event_trigger_ddl_commands() WHERE command_tag = 'CREATE SCHEMA' LOOP + FOR obj IN SELECT * FROM pg_event_trigger_ddl_commands() WHERE command_tag = 'CREATE SCHEMA' LOOP EXECUTE format('ALTER SCHEMA %I OWNER TO %I', obj.object_identity, '{{ $database }}_admin'); EXECUTE format('GRANT ALL ON SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_admin'); EXECUTE format('GRANT USAGE ON SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_readonly'); @@ -146,7 +149,7 @@ stringData: EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT SELECT ON TABLES TO %I', obj.object_identity, '{{ $database }}_readonly'); EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT USAGE ON SEQUENCES TO %I', obj.object_identity, '{{ $database }}_readonly'); EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT EXECUTE ON FUNCTIONS TO %I', obj.object_identity, '{{ $database }}_readonly'); - END LOOP; + END LOOP; END; $$; diff --git a/packages/core/installer/Makefile b/packages/core/installer/Makefile index edca0f8e..5c37192b 100644 --- a/packages/core/installer/Makefile +++ b/packages/core/installer/Makefile @@ -1,5 +1,8 @@ NAME=installer NAMESPACE=cozy-system +YQ_VERSION=v4.35.1 +RED = \033[31m +RESET = \033[0m TALOS_VERSION=$(shell awk '/^version:/ {print $$2}' images/talos/profiles/installer.yaml) @@ -17,7 +20,21 @@ diff: update: hack/gen-profiles.sh -image: image-cozystack image-talos image-matchbox +image: check-yq-version image-cozystack image-talos image-matchbox + +check-yq-version: + @current_version=$$(yq -V | grep -oP 'v[0-9]+\.[0-9]+\.[0-9]+') ; \ + if [ -z "$$current_version" ]; then \ + echo "yq is not installed or version cannot be determined." ; \ + exit 1 ; \ + fi ; \ + echo "Current yq version: $$current_version" ; \ + if [ "$$(printf '%s\n' "$(YQ_VERSION)" "$$current_version" | sort -V | head -n1)" = "$(YQ_VERSION)" ]; then \ + echo "Greater than or equal to $(YQ_VERSION)" ; \ + else \ + echo "$(RED)ERROR: yq version less than $(YQ_VERSION)$(RESET)" ; \ + exit 1 ; \ + fi image-cozystack: make -C ../../.. repos @@ -25,14 +42,14 @@ image-cozystack: --provenance false \ --tag $(REGISTRY)/cozystack:$(call settag,$(TAG)) \ --cache-from type=registry,ref=$(REGISTRY)/cozystack:latest \ - --platform linux/amd64,linux/arm64 \ + --platform linux/amd64 \ --cache-to type=inline \ --metadata-file images/cozystack.json \ --push=$(PUSH) \ --load=$(LOAD) IMAGE="$(REGISTRY)/cozystack:$(call settag,$(TAG))@$$(yq e '."containerimage.digest"' images/cozystack.json -o json -r)" \ yq -i '.cozystack.image = strenv(IMAGE)' values.yaml - rm -f images/cozystack.json + image-talos: test -f ../../../_out/assets/installer-amd64.tar || make talos-installer diff --git a/packages/core/installer/images/cozystack.json b/packages/core/installer/images/cozystack.json new file mode 100644 index 00000000..d81bf216 --- /dev/null +++ b/packages/core/installer/images/cozystack.json @@ -0,0 +1,42 @@ +{ + "buildx.build.provenance": { + "buildType": "https://mobyproject.org/buildkit@v1", + "materials": [ + { + "uri": "pkg:docker/alpine@3.19?platform=linux%2Famd64", + "digest": { + "sha256": "ae65dbf8749a7d4527648ccee1fa3deb6bfcae34cbc30fc67aa45c44dcaa90ee" + } + }, + { + "uri": "pkg:docker/golang@alpine3.19?platform=linux%2Famd64", + "digest": { + "sha256": "f6392ffebb028fed5ffe743ddb9716e38402c978779edd66474bb5d05f5e65e4" + } + } + ], + "invocation": { + "configSource": { + "entryPoint": "Dockerfile" + }, + "parameters": { + "frontend": "dockerfile.v0", + "locals": [ + { + "name": "context" + }, + { + "name": "dockerfile" + } + ] + }, + "environment": { + "platform": "linux/amd64" + } + } + }, + "buildx.build.ref": "default/default/0xfyd6oaq6jf2ad1uyltla63y", + "containerimage.config.digest": "sha256:18de848878b8ae2fddaa05c199b7679b305d7666049e21c2e81a01a6e95bd05c", + "containerimage.digest": "sha256:734e5cf818dbf886c165a49dbbd2776efc87adae046cf5f24f1d0ae98ea16dbe", + "image.name": "docker.io/kklinch0/cozystack:latest" +} diff --git a/packages/core/installer/values.yaml b/packages/core/installer/values.yaml index 75a31fcd..8b84f39a 100644 --- a/packages/core/installer/values.yaml +++ b/packages/core/installer/values.yaml @@ -1,2 +1,2 @@ cozystack: - image: ghcr.io/aenix-io/cozystack/cozystack:v0.16.4@sha256:e2de79d1dd00a95a6876f6e4daf281eb27e8cc9d57fa2e9ea137192b544d38a7 \ No newline at end of file + image: kklinch0/cozystack:latest@sha256:734e5cf818dbf886c165a49dbbd2776efc87adae046cf5f24f1d0ae98ea16dbe