From db040b58c327158467e8e607980c4c360e345d1e Mon Sep 17 00:00:00 2001 From: Jacob May Date: Wed, 2 Oct 2024 18:29:30 +0000 Subject: [PATCH 1/3] Enable metrics-server component in core --- bundles/eksd/uds-bundle.yaml | 2 ++ bundles/rke2/uds-bundle.yaml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/bundles/eksd/uds-bundle.yaml b/bundles/eksd/uds-bundle.yaml index 2936309a..c4993207 100644 --- a/bundles/eksd/uds-bundle.yaml +++ b/bundles/eksd/uds-bundle.yaml @@ -88,6 +88,8 @@ packages: - name: core repository: ghcr.io/defenseunicorns/packages/uds/core ref: 0.27.3-registry1 + optionalComponents: + - metrics-server overrides: grafana: grafana: diff --git a/bundles/rke2/uds-bundle.yaml b/bundles/rke2/uds-bundle.yaml index a229acd9..2caf1c70 100644 --- a/bundles/rke2/uds-bundle.yaml +++ b/bundles/rke2/uds-bundle.yaml @@ -86,6 +86,8 @@ packages: - name: core repository: ghcr.io/defenseunicorns/packages/uds/core ref: 0.27.3-registry1 + optionalComponents: + - metrics-server overrides: grafana: grafana: From 4829440ba15ba6d4be3832357027541ea85502f6 Mon Sep 17 00:00:00 2001 From: Jacob May Date: Wed, 2 Oct 2024 19:36:49 +0000 Subject: [PATCH 2/3] Enable metrics server that is now optional and mount CA bundle in apps missing them --- bundles/eksd/uds-bundle.yaml | 14 ++++++++++++++ bundles/rke2/uds-bundle.yaml | 14 ++++++++++++++ 2 files changed, 28 insertions(+) diff --git a/bundles/eksd/uds-bundle.yaml b/bundles/eksd/uds-bundle.yaml index c4993207..0d82cfa2 100644 --- a/bundles/eksd/uds-bundle.yaml +++ b/bundles/eksd/uds-bundle.yaml @@ -558,6 +558,10 @@ packages: value: "###ZARF_VAR_SONARQUBE_DB_PASSWORD###" - path: "jdbcOverwrite.jdbcUsername" value: "###ZARF_VAR_SONARQUBE_DB_USERNAME###" + - path: extraVolumes + value: *extra-volumes + - path: extraVolumeMounts + value: *extra-volume-mounts - name: jira repository: ghcr.io/defenseunicorns/packages/uds/jira @@ -572,6 +576,10 @@ packages: value: "###ZARF_VAR_JIRA_DB_USERNAME###" - path: postgres.password value: "###ZARF_VAR_JIRA_DB_PASSWORD###" + - path: volumes.additional + value: *extra-volumes + - path: jira.additionalVolumeMounts + value: *extra-volume-mounts jira: variables: - name: JIRA_LOCAL_HOME_ENABLED @@ -612,6 +620,12 @@ packages: value: "###ZARF_VAR_CONFLUENCE_DB_USERNAME###" - path: postgres.password value: "###ZARF_VAR_CONFLUENCE_DB_PASSWORD###" + - path: additionalFiles + value: + - name: trust-bundle + mountPath: /etc/pki/ca-trust/extracted/java/cacerts + key: "ca-bundle.jks" + type: configMap confluence: variables: - name: CONFLUENCE_LOCAL_HOME_ENABLED diff --git a/bundles/rke2/uds-bundle.yaml b/bundles/rke2/uds-bundle.yaml index 2caf1c70..369221bb 100644 --- a/bundles/rke2/uds-bundle.yaml +++ b/bundles/rke2/uds-bundle.yaml @@ -559,6 +559,10 @@ packages: value: "###ZARF_VAR_SONARQUBE_DB_PASSWORD###" - path: "jdbcOverwrite.jdbcUsername" value: "###ZARF_VAR_SONARQUBE_DB_USERNAME###" + - path: extraVolumes + value: *extra-volumes + - path: extraVolumeMounts + value: *extra-volume-mounts - name: jira repository: ghcr.io/defenseunicorns/packages/uds/jira @@ -573,6 +577,10 @@ packages: value: "###ZARF_VAR_JIRA_DB_USERNAME###" - path: postgres.password value: "###ZARF_VAR_JIRA_DB_PASSWORD###" + - path: volumes.additional + value: *extra-volumes + - path: jira.additionalVolumeMounts + value: *extra-volume-mounts jira: variables: - name: JIRA_LOCAL_HOME_ENABLED @@ -613,6 +621,12 @@ packages: value: "###ZARF_VAR_CONFLUENCE_DB_USERNAME###" - path: postgres.password value: "###ZARF_VAR_CONFLUENCE_DB_PASSWORD###" + - path: additionalFiles + value: + - name: trust-bundle + mountPath: /etc/pki/ca-trust/extracted/java/cacerts + key: "ca-bundle.jks" + type: configMap confluence: variables: - name: CONFLUENCE_LOCAL_HOME_ENABLED From 0f4bd34809da5f1b49eb11924d350a5a9b9339b6 Mon Sep 17 00:00:00 2001 From: Jacob May Date: Fri, 4 Oct 2024 20:59:37 +0000 Subject: [PATCH 3/3] Fix confluence, Jira, and Sonarqube value overrides --- bundles/eksd/uds-bundle.yaml | 12 ++++++++---- bundles/rke2/uds-bundle.yaml | 20 +++++++++++++++++++- tasks/deploy.yaml | 4 ++-- 3 files changed, 29 insertions(+), 7 deletions(-) diff --git a/bundles/eksd/uds-bundle.yaml b/bundles/eksd/uds-bundle.yaml index 0d82cfa2..c7f5f180 100644 --- a/bundles/eksd/uds-bundle.yaml +++ b/bundles/eksd/uds-bundle.yaml @@ -558,6 +558,8 @@ packages: value: "###ZARF_VAR_SONARQUBE_DB_PASSWORD###" - path: "jdbcOverwrite.jdbcUsername" value: "###ZARF_VAR_SONARQUBE_DB_USERNAME###" + sonarqube: + values: - path: extraVolumes value: *extra-volumes - path: extraVolumeMounts @@ -576,11 +578,12 @@ packages: value: "###ZARF_VAR_JIRA_DB_USERNAME###" - path: postgres.password value: "###ZARF_VAR_JIRA_DB_PASSWORD###" + jira: + values: - path: volumes.additional value: *extra-volumes - path: jira.additionalVolumeMounts value: *extra-volume-mounts - jira: variables: - name: JIRA_LOCAL_HOME_ENABLED path: "volumes.localHome.persistentVolumeClaim.create" @@ -620,13 +623,14 @@ packages: value: "###ZARF_VAR_CONFLUENCE_DB_USERNAME###" - path: postgres.password value: "###ZARF_VAR_CONFLUENCE_DB_PASSWORD###" + confluence: + values: - path: additionalFiles value: - name: trust-bundle - mountPath: /etc/pki/ca-trust/extracted/java/cacerts + mountPath: /var/ssl key: "ca-bundle.jks" type: configMap - confluence: variables: - name: CONFLUENCE_LOCAL_HOME_ENABLED path: "volumes.localHome.persistentVolumeClaim.create" @@ -715,7 +719,7 @@ packages: # Nexus - name: nexus repository: ghcr.io/defenseunicorns/packages/uds/nexus - ref: 3.71.0-uds.1-registry1 + ref: 3.72.0-uds.0-registry1 overrides: nexus: nexus: diff --git a/bundles/rke2/uds-bundle.yaml b/bundles/rke2/uds-bundle.yaml index 369221bb..0e95b8c3 100644 --- a/bundles/rke2/uds-bundle.yaml +++ b/bundles/rke2/uds-bundle.yaml @@ -563,6 +563,12 @@ packages: value: *extra-volumes - path: extraVolumeMounts value: *extra-volume-mounts + sonarqube: + values: + - path: extraVolumes + value: *extra-volumes + - path: extraVolumeMounts + value: *extra-volume-mounts - name: jira repository: ghcr.io/defenseunicorns/packages/uds/jira @@ -582,6 +588,11 @@ packages: - path: jira.additionalVolumeMounts value: *extra-volume-mounts jira: + values: + - path: volumes.additional + value: *extra-volumes + - path: jira.additionalVolumeMounts + value: *extra-volume-mounts variables: - name: JIRA_LOCAL_HOME_ENABLED path: "volumes.localHome.persistentVolumeClaim.create" @@ -628,6 +639,13 @@ packages: key: "ca-bundle.jks" type: configMap confluence: + values: + - path: additionalFiles + value: + - name: trust-bundle + mountPath: /var/ssl + key: "ca-bundle.jks" + type: configMap variables: - name: CONFLUENCE_LOCAL_HOME_ENABLED path: "volumes.localHome.persistentVolumeClaim.create" @@ -716,7 +734,7 @@ packages: # Nexus - name: nexus repository: ghcr.io/defenseunicorns/packages/uds/nexus - ref: 3.71.0-uds.1-registry1 + ref: 3.72.0-uds.0-registry1 overrides: nexus: nexus: diff --git a/tasks/deploy.yaml b/tasks/deploy.yaml index 34239d73..6fdfab4d 100644 --- a/tasks/deploy.yaml +++ b/tasks/deploy.yaml @@ -33,7 +33,7 @@ tasks: default: "eksd" description: Input to specify the type of bundle to deploy actions: - - cmd: docker run --rm -e ARCH=${ARCH} -e BUNDLE_VERSION=${BUNDLE_VERSION} -e BUNDLE_TYPE=${INPUT_BUNDLE_TYPE} -e UDS_CONFIG=/configs/uds-config.yaml -e KUBECONFIG=/configs/kubeconfig -e PACKAGE_LIST="${INPUT_PACKAGE_LIST}" -v /tmp:/tmp -v ${INPUT_CONFIG_DIR}:/configs -v ${INPUT_BUILD_DIR}:/build ${DEPLOY_IMAGE} bash -c 'uds deploy /build/uds-bundle-software-factory-nutanix-${BUNDLE_TYPE}-${ARCH}-${BUNDLE_VERSION}.tar.zst ${PACKAGE_LIST} --confirm' + - cmd: docker run --rm -e ARCH=${ARCH} -e BUNDLE_VERSION=${BUNDLE_VERSION} -e BUNDLE_TYPE=${INPUT_BUNDLE_TYPE} -e UDS_CONFIG=/configs/uds-config.yaml -e KUBECONFIG=/configs/kubeconfig -e PACKAGE_LIST="${INPUT_PACKAGE_LIST}" -v /tmp:/tmp -v ${INPUT_CONFIG_DIR}:/configs -v ${INPUT_BUILD_DIR}:/build ${DEPLOY_IMAGE} bash -c 'uds deploy /build/uds-bundle-software-factory-nutanix-${BUNDLE_TYPE}-${ARCH}-${BUNDLE_VERSION}.tar.zst ${PACKAGE_LIST} --no-progress --confirm' - name: deploy-published description: Deploy published oci of bundle from ghcr @@ -48,4 +48,4 @@ tasks: default: "eksd" description: Input to specify the type of bundle to deploy actions: - - cmd: docker run --rm -e BUNDLE_VERSION=${BUNDLE_VERSION} -e BUNDLE_TYPE=${INPUT_BUNDLE_TYPE} -e UDS_CONFIG=/configs/uds-config.yaml -e KUBECONFIG=/configs/kubeconfig -e PACKAGE_LIST="${INPUT_PACKAGE_LIST}" -v /tmp:/tmp -v ${INPUT_CONFIG_DIR}:/configs ${DEPLOY_IMAGE} bash -c 'uds deploy oci://ghcr.io/defenseunicorns/uds-bundle/software-factory-nutanix-${BUNDLE_TYPE}:${BUNDLE_VERSION} ${PACKAGE_LIST} --confirm' + - cmd: docker run --rm -e BUNDLE_VERSION=${BUNDLE_VERSION} -e BUNDLE_TYPE=${INPUT_BUNDLE_TYPE} -e UDS_CONFIG=/configs/uds-config.yaml -e KUBECONFIG=/configs/kubeconfig -e PACKAGE_LIST="${INPUT_PACKAGE_LIST}" -v /tmp:/tmp -v ${INPUT_CONFIG_DIR}:/configs ${DEPLOY_IMAGE} bash -c 'uds deploy oci://ghcr.io/defenseunicorns/uds-bundle/software-factory-nutanix-${BUNDLE_TYPE}:${BUNDLE_VERSION} ${PACKAGE_LIST} --no-progress --confirm'