From d081a30c39f2d6d6c526db3fca641466912c4d81 Mon Sep 17 00:00:00 2001 From: indresh-28 Date: Mon, 22 Jan 2024 19:22:02 +0530 Subject: [PATCH 01/11] testing the PR --- .../internal/api/plugin_tekton_pipelines.go | 92 +++++++++---------- .../internal/tekton/config_tekton_app.go | 28 +++--- 2 files changed, 60 insertions(+), 60 deletions(-) diff --git a/capten/agent/internal/api/plugin_tekton_pipelines.go b/capten/agent/internal/api/plugin_tekton_pipelines.go index f4ee93cd..0e5b7f80 100644 --- a/capten/agent/internal/api/plugin_tekton_pipelines.go +++ b/capten/agent/internal/api/plugin_tekton_pipelines.go @@ -61,23 +61,23 @@ func (a *Agent) CreateTektonPipeline(ctx context.Context, request *captenplugins }, nil } - _, err = a.as.GetCrossplaneProjectForID(request.CrossPlaneGitProjectId) - if err != nil { - a.log.Infof("failed to get crossplane git project %s, %v", request.CrossPlaneGitProjectId, err) - return &captenpluginspb.CreateTektonPipelineResponse{ - Status: captenpluginspb.StatusCode_INVALID_ARGUMENT, - StatusMessage: "failed to get crossplane git project", - }, nil - } - - _, err = a.as.GetManagedClusterForID(request.ManagedClusterId) - if err != nil { - a.log.Infof("failed to get managedCluster id %s, %v", request.ManagedClusterId, err) - return &captenpluginspb.CreateTektonPipelineResponse{ - Status: captenpluginspb.StatusCode_INVALID_ARGUMENT, - StatusMessage: "failed to get managedCluster id", - }, nil - } + // _, err = a.as.GetCrossplaneProjectForID(request.CrossPlaneGitProjectId) + // if err != nil { + // a.log.Infof("failed to get crossplane git project %s, %v", request.CrossPlaneGitProjectId, err) + // return &captenpluginspb.CreateTektonPipelineResponse{ + // Status: captenpluginspb.StatusCode_INVALID_ARGUMENT, + // StatusMessage: "failed to get crossplane git project", + // }, nil + // } + + // _, err = a.as.GetManagedClusterForID(request.ManagedClusterId) + // if err != nil { + // a.log.Infof("failed to get managedCluster id %s, %v", request.ManagedClusterId, err) + // return &captenpluginspb.CreateTektonPipelineResponse{ + // Status: captenpluginspb.StatusCode_INVALID_ARGUMENT, + // StatusMessage: "failed to get managedCluster id", + // }, nil + // } a.log.Infof("Add Create Tekton Pipeline registry %s request received", request.PipelineName) @@ -142,23 +142,23 @@ func (a *Agent) UpdateTektonPipeline(ctx context.Context, request *captenplugins }, nil } - _, err = a.as.GetCrossplaneProjectForID(request.CrossPlaneGitProjectId) - if err != nil { - a.log.Infof("failed to get crossplane git project %s, %v", request.CrossPlaneGitProjectId, err) - return &captenpluginspb.UpdateTektonPipelineResponse{ - Status: captenpluginspb.StatusCode_INVALID_ARGUMENT, - StatusMessage: "failed to get crossplane git project", - }, nil - } - - _, err = a.as.GetManagedClusterForID(request.ManagedClusterId) - if err != nil { - a.log.Infof("failed to get managedCluster id %s, %v", request.ManagedClusterId, err) - return &captenpluginspb.UpdateTektonPipelineResponse{ - Status: captenpluginspb.StatusCode_INVALID_ARGUMENT, - StatusMessage: "failed to get managedCluster id", - }, nil - } + // _, err = a.as.GetCrossplaneProjectForID(request.CrossPlaneGitProjectId) + // if err != nil { + // a.log.Infof("failed to get crossplane git project %s, %v", request.CrossPlaneGitProjectId, err) + // return &captenpluginspb.UpdateTektonPipelineResponse{ + // Status: captenpluginspb.StatusCode_INVALID_ARGUMENT, + // StatusMessage: "failed to get crossplane git project", + // }, nil + // } + + // _, err = a.as.GetManagedClusterForID(request.ManagedClusterId) + // if err != nil { + // a.log.Infof("failed to get managedCluster id %s, %v", request.ManagedClusterId, err) + // return &captenpluginspb.UpdateTektonPipelineResponse{ + // Status: captenpluginspb.StatusCode_INVALID_ARGUMENT, + // StatusMessage: "failed to get managedCluster id", + // }, nil + // } a.log.Infof("Update tekton pipelines project, %s request recieved", request.Id) @@ -310,17 +310,17 @@ func (a *Agent) configureTektonPipelinesGitRepo(req *model.TektonPipeline, actio return "", fmt.Errorf("failed to send event to workflow to configure %s, %v", req.GitProjectId, err) } - extraGitProject, err := a.as.GetCrossplaneProjectForID(req.CrossplaneGitProjectId) - if err != nil { - a.log.Infof("failed to get crossplane git project %s, %v", req.CrossplaneGitProjectId, err) - return "", fmt.Errorf("failed to get crossplane git project %s, %v", req.CrossplaneGitProjectId, err) - } + // extraGitProject, err := a.as.GetCrossplaneProjectForID(req.CrossplaneGitProjectId) + // if err != nil { + // a.log.Infof("failed to get crossplane git project %s, %v", req.CrossplaneGitProjectId, err) + // return "", fmt.Errorf("failed to get crossplane git project %s, %v", req.CrossplaneGitProjectId, err) + // } - managedCluster, err := a.as.GetManagedClusterForID(req.ManagedClusterId) - if err != nil { - a.log.Infof("failed to get managed clsuter %s, %v", req.ManagedClusterId, err) - return "", fmt.Errorf("failed to get managed clsuter %s, %v", req.ManagedClusterId, err) - } + // managedCluster, err := a.as.GetManagedClusterForID(req.ManagedClusterId) + // if err != nil { + // a.log.Infof("failed to get managed clsuter %s, %v", req.ManagedClusterId, err) + // return "", fmt.Errorf("failed to get managed clsuter %s, %v", req.ManagedClusterId, err) + // } containerRegURLIdMap := make(map[string]string) containerRegURLIdMap[containerReg.Id] = containerReg.RegistryUrl @@ -331,8 +331,8 @@ func (a *Agent) configureTektonPipelinesGitRepo(req *model.TektonPipeline, actio captenmodel.Git: {Identifier: gitProjectEntityName, Id: req.GitProjectId}, captenmodel.Container: {Identifier: containerRegEntityName, Id: req.ContainerRegId[0], Url: containerReg.RegistryUrl}, - captenmodel.ManagedCluster: {Identifier: ManagedClusterEntityName, Id: req.ManagedClusterId, Url: managedCluster.ClusterName}, - captenmodel.ExtraGitProject: {Identifier: gitProjectEntityName, Id: req.CrossplaneGitProjectId, Url: extraGitProject.GitProjectUrl}, + captenmodel.ManagedCluster: {Identifier: ManagedClusterEntityName, Id: req.ManagedClusterId, Url: "test"}, + captenmodel.ExtraGitProject: {Identifier: gitProjectEntityName, Id: req.CrossplaneGitProjectId, Url: "test"}, }} wd := workers.NewConfig(a.tc, a.log) diff --git a/capten/config-worker/internal/tekton/config_tekton_app.go b/capten/config-worker/internal/tekton/config_tekton_app.go index 6d5d5eb3..59f2d057 100644 --- a/capten/config-worker/internal/tekton/config_tekton_app.go +++ b/capten/config-worker/internal/tekton/config_tekton_app.go @@ -337,22 +337,22 @@ func (cp *TektonApp) createOrUpdateSecrets(ctx context.Context, req *model.Tekto return fmt.Errorf("failed to create/update k8s secret, %v", err) } case extraConfig: - username, token, err := cp.helper.GetGitCreds(ctx, req.CredentialIdentifiers[agentmodel.ExtraGitProject].Id) - if err != nil { - return fmt.Errorf("failed to get git secret, %v", err) - } - - kubeConfig, kubeCa, kubeEndpoint, err := cp.helper.GetClusterCreds(ctx, req.CredentialIdentifiers[agentmodel.ManagedCluster].Identifier, req.CredentialIdentifiers[agentmodel.ManagedCluster].Id) - if err != nil { - return fmt.Errorf("failed to get GetClusterCreds, %v", err) - } - strdata["GIT_USER_NAME"] = []byte(username) - strdata["GIT_TOKEN"] = []byte(token) + // username, token, err := cp.helper.GetGitCreds(ctx, req.CredentialIdentifiers[agentmodel.ExtraGitProject].Id) + // if err != nil { + // return fmt.Errorf("failed to get git secret, %v", err) + // } + + // kubeConfig, kubeCa, kubeEndpoint, err := cp.helper.GetClusterCreds(ctx, req.CredentialIdentifiers[agentmodel.ManagedCluster].Identifier, req.CredentialIdentifiers[agentmodel.ManagedCluster].Id) + // if err != nil { + // return fmt.Errorf("failed to get GetClusterCreds, %v", err) + // } + strdata["GIT_USER_NAME"] = []byte("username") + strdata["GIT_TOKEN"] = []byte("token") strdata["GIT_PROJECT_URL"] = []byte(req.CredentialIdentifiers[agentmodel.ExtraGitProject].Url) strdata["APP_CONFIG_PATH"] = []byte(filepath.Join(cp.crossplanConfig.ClusterEndpointUpdates.DefaultAppValuesPath, req.CredentialIdentifiers[agentmodel.ManagedCluster].Url)) - strdata["CLUSTER_CA"] = []byte(kubeCa) - strdata["CLUSTER_ENDPOINT"] = []byte(kubeEndpoint) - strdata["CLUSTER_CONFIG"] = []byte(kubeConfig) + strdata["CLUSTER_CA"] = []byte("kubeCa") + strdata["CLUSTER_ENDPOINT"] = []byte("kubeEndpoint") + strdata["CLUSTER_CONFIG"] = []byte("kubeConfig") if err := k8sclient.CreateOrUpdateSecret(ctx, pipelineNamespace, secName, v1.SecretTypeBasicAuth, strdata, nil); err != nil { From 8761f77730ef980357949bbc7b10775b53cae910 Mon Sep 17 00:00:00 2001 From: indresh-28 Date: Mon, 22 Jan 2024 20:04:24 +0530 Subject: [PATCH 02/11] udpate var --- capten/agent/internal/capten-store/tekton_pipelines.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/capten/agent/internal/capten-store/tekton_pipelines.go b/capten/agent/internal/capten-store/tekton_pipelines.go index e4ffbce4..a8e5a2d9 100644 --- a/capten/agent/internal/capten-store/tekton_pipelines.go +++ b/capten/agent/internal/capten-store/tekton_pipelines.go @@ -22,7 +22,7 @@ func (a *Store) UpsertTektonPipelines(config *model.TektonPipeline) error { config.LastUpdateTime = time.Now().Format(time.RFC3339) batch := a.client.Session().NewBatch(gocql.LoggedBatch) batch.Query(fmt.Sprintf(insertTektonPipelines, a.keyspace), config.Id, - config.PipelineName, config.GitProjectId, config.ContainerRegId, config.Status, + config.PipelineName, config.GitProjectId, config.ContainerRegId, config.ManagedClusterId, config.CrossplaneGitProjectId, config.Status, config.LastUpdateTime, config.WorkflowId, config.WorkflowStatus) err := a.client.Session().ExecuteBatch(batch) if err != nil { From 117d23275c429bc2ce940f952407ccbf31812e29 Mon Sep 17 00:00:00 2001 From: indresh-28 Date: Mon, 22 Jan 2024 20:33:52 +0530 Subject: [PATCH 03/11] update the chnaged --- capten/config-worker/internal/tekton/config_tekton_app.go | 1 + 1 file changed, 1 insertion(+) diff --git a/capten/config-worker/internal/tekton/config_tekton_app.go b/capten/config-worker/internal/tekton/config_tekton_app.go index 59f2d057..d55d770d 100644 --- a/capten/config-worker/internal/tekton/config_tekton_app.go +++ b/capten/config-worker/internal/tekton/config_tekton_app.go @@ -329,6 +329,7 @@ func (cp *TektonApp) createOrUpdateSecrets(ctx context.Context, req *model.Tekto if err != nil { return fmt.Errorf("failed to get argo-cd secret, %v", err) } + log.Info("DATA : ", cfg) strdata["SERVER_URL"] = []byte(cfg.ServiceURL) strdata["USERNAME"] = []byte(cfg.Username) strdata["PASSWORD"] = []byte(cfg.Password) From fac5a7d73e148310f60a2a8ff38dd6af2ea28085 Mon Sep 17 00:00:00 2001 From: indresh-28 Date: Mon, 22 Jan 2024 20:39:35 +0530 Subject: [PATCH 04/11] update the chnaged --- capten/common-pkg/plugins/argocd/client.go | 3 +++ capten/config-worker/internal/tekton/config_tekton_app.go | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/capten/common-pkg/plugins/argocd/client.go b/capten/common-pkg/plugins/argocd/client.go index 44bb4640..9f791794 100644 --- a/capten/common-pkg/plugins/argocd/client.go +++ b/capten/common-pkg/plugins/argocd/client.go @@ -40,6 +40,7 @@ func GetConfig(logger logging.Logger) (*Configuration, error) { cfg.Password = password + logger.Info("PasswordDATA : ", cfg.ServiceURL, cfg.Password, cfg.Username) } if !cfg.IsSSLEnabled { @@ -47,6 +48,8 @@ func GetConfig(logger logging.Logger) (*Configuration, error) { logger.Errorf("SSL not yet supported, continuing with insecure verify true") } + logger.Info("DATA : ", cfg.ServiceURL, cfg.Password, cfg.Username) + return cfg, nil } diff --git a/capten/config-worker/internal/tekton/config_tekton_app.go b/capten/config-worker/internal/tekton/config_tekton_app.go index d55d770d..f716aae2 100644 --- a/capten/config-worker/internal/tekton/config_tekton_app.go +++ b/capten/config-worker/internal/tekton/config_tekton_app.go @@ -329,7 +329,7 @@ func (cp *TektonApp) createOrUpdateSecrets(ctx context.Context, req *model.Tekto if err != nil { return fmt.Errorf("failed to get argo-cd secret, %v", err) } - log.Info("DATA : ", cfg) + log.Info("DATA : ", cfg.ServiceURL, cfg.Password, cfg.Username) strdata["SERVER_URL"] = []byte(cfg.ServiceURL) strdata["USERNAME"] = []byte(cfg.Username) strdata["PASSWORD"] = []byte(cfg.Password) From f715ba7ad413f00d079e4a339f37c5c7a254dd24 Mon Sep 17 00:00:00 2001 From: indresh-28 Date: Mon, 22 Jan 2024 20:47:30 +0530 Subject: [PATCH 05/11] update the chnaged --- capten/config-worker/internal/tekton/config_tekton_app.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/capten/config-worker/internal/tekton/config_tekton_app.go b/capten/config-worker/internal/tekton/config_tekton_app.go index f716aae2..1962ba39 100644 --- a/capten/config-worker/internal/tekton/config_tekton_app.go +++ b/capten/config-worker/internal/tekton/config_tekton_app.go @@ -334,7 +334,7 @@ func (cp *TektonApp) createOrUpdateSecrets(ctx context.Context, req *model.Tekto strdata["USERNAME"] = []byte(cfg.Username) strdata["PASSWORD"] = []byte(cfg.Password) if err := k8sclient.CreateOrUpdateSecret(ctx, pipelineNamespace, secName, - v1.SecretTypeBasicAuth, strdata, map[string]string{}); err != nil { + v1.SecretTypeOpaque, strdata, map[string]string{}); err != nil { return fmt.Errorf("failed to create/update k8s secret, %v", err) } case extraConfig: @@ -356,7 +356,7 @@ func (cp *TektonApp) createOrUpdateSecrets(ctx context.Context, req *model.Tekto strdata["CLUSTER_CONFIG"] = []byte("kubeConfig") if err := k8sclient.CreateOrUpdateSecret(ctx, pipelineNamespace, secName, - v1.SecretTypeBasicAuth, strdata, nil); err != nil { + v1.SecretTypeOpaque, strdata, nil); err != nil { return fmt.Errorf("failed to create/update k8s secret, %v", err) } From 198d70c1ec194a6dc23c5c75c65f1d9c123b0a0e Mon Sep 17 00:00:00 2001 From: indresh-28 Date: Wed, 24 Jan 2024 18:59:36 +0530 Subject: [PATCH 06/11] create cosign-keys --- .../internal/app_config/app_git_helper.go | 20 +++++++++++++++++++ .../internal/tekton/config_tekton_app.go | 15 ++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/capten/config-worker/internal/app_config/app_git_helper.go b/capten/config-worker/internal/app_config/app_git_helper.go index 774c920d..a32a24b3 100644 --- a/capten/config-worker/internal/app_config/app_git_helper.go +++ b/capten/config-worker/internal/app_config/app_git_helper.go @@ -26,6 +26,8 @@ const ( kubeConfig = "kubeconfig" k8sEndpoint = "endpoint" k8sClusterCA = "clusterCA" + cosignKey = "cosign.key" + cosignPub = "cosign.pub" ) type Config struct { @@ -90,6 +92,24 @@ func (ca *AppGitConfigHelper) GetClusterCreds(ctx context.Context, entityName, p return cred[kubeConfig], cred[k8sClusterCA], cred[k8sEndpoint], nil } +func (ca *AppGitConfigHelper) GetCosingKeys(ctx context.Context, entityName, projectId string) (string, string, error) { + credReader, err := credentials.NewCredentialReader(ctx) + if err != nil { + err = errors.WithMessage(err, "error in initializing credential reader") + return "", "", err + } + + cred, err := credReader.GetCredential(ctx, credentials.GenericCredentialType, + entityName, projectId) + if err != nil { + err = errors.WithMessagef(err, "error while reading credential %s/%s from the vault", + entityName, projectId) + return "", "", err + } + + return cred[cosignKey], cred[cosignPub], nil +} + func (ca *AppGitConfigHelper) GetContainerRegCreds(ctx context.Context, entityName, projectId string) (string, string, error) { credReader, err := credentials.NewCredentialReader(ctx) if err != nil { diff --git a/capten/config-worker/internal/tekton/config_tekton_app.go b/capten/config-worker/internal/tekton/config_tekton_app.go index 1962ba39..40e419a1 100644 --- a/capten/config-worker/internal/tekton/config_tekton_app.go +++ b/capten/config-worker/internal/tekton/config_tekton_app.go @@ -35,6 +35,9 @@ var ( addPipeline = "add" deletePipeline = "delete" mainAppName = "tekton-apps" + cosignEntityName = "cosign" + cosignVaultId = "signer" + cosignSecName = "cosign-keys" ) type Config struct { @@ -291,6 +294,18 @@ func (cp *TektonApp) createOrUpdateSecrets(ctx context.Context, req *model.Tekto k8sclient.Clientset.CoreV1().Namespaces().Create(ctx, &v1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: pipelineNamespace}}, metav1.CreateOptions{}) + // One time activity + key, pub, err := cp.helper.GetCosingKeys(ctx, cosignEntityName, cosignVaultId) + if err != nil { + return fmt.Errorf("failed to get cosign keys from vault, %v", err) + } + + if err := k8sclient.CreateOrUpdateSecret(ctx, pipelineNamespace, cosignSecName, + v1.SecretTypeOpaque, map[string][]byte{"COSIGN_KEY": []byte(key), "COSIGN_PUB": []byte(pub)}, + map[string]string{}); err != nil { + return fmt.Errorf("failed to create/update cosign-keys k8s secret, %v", err) + } + for _, secret := range secrets { strdata := make(map[string][]byte) secName := secret + "-" + req.PipelineName From 3109b6e048ae2546c9381654e595c26f684514ca Mon Sep 17 00:00:00 2001 From: indresh-28 Date: Fri, 26 Jan 2024 11:21:17 +0530 Subject: [PATCH 07/11] update the changes --- .../internal/app_config/app_git_helper.go | 27 +++++++++++++++++-- .../crossplane/config_cluster_updates.go | 25 +++-------------- .../internal/tekton/argocd_app_values.go | 1 - .../internal/tekton/config_tekton_app.go | 21 ++++++++------- 4 files changed, 41 insertions(+), 33 deletions(-) diff --git a/capten/config-worker/internal/app_config/app_git_helper.go b/capten/config-worker/internal/app_config/app_git_helper.go index a32a24b3..1a61ea11 100644 --- a/capten/config-worker/internal/app_config/app_git_helper.go +++ b/capten/config-worker/internal/app_config/app_git_helper.go @@ -11,9 +11,11 @@ import ( "github.com/intelops/go-common/credentials" "github.com/intelops/go-common/logging" "github.com/kelseyhightower/envconfig" + "github.com/kube-tarian/kad/capten/common-pkg/credential" "github.com/kube-tarian/kad/capten/common-pkg/k8s" "github.com/kube-tarian/kad/capten/common-pkg/plugins/git" "github.com/pkg/errors" + "gopkg.in/yaml.v2" "github.com/kube-tarian/kad/capten/common-pkg/plugins/argocd" ) @@ -26,8 +28,9 @@ const ( kubeConfig = "kubeconfig" k8sEndpoint = "endpoint" k8sClusterCA = "clusterCA" - cosignKey = "cosign.key" - cosignPub = "cosign.pub" + CosignKey = "cosign.key" + CosignPub = "cosign.pub" + DomainName = "DomainName" ) type Config struct { @@ -92,6 +95,26 @@ func (ca *AppGitConfigHelper) GetClusterCreds(ctx context.Context, entityName, p return cred[kubeConfig], cred[k8sClusterCA], cred[k8sEndpoint], nil } +func (ca *AppGitConfigHelper) GetClusterGlobalValues(ctx context.Context, val map[string]string) (map[string]string, error) { + cred, err := credential.GetClusterGlobalValues(ctx) + if err != nil { + return nil, err + } + + var gvMap map[string]interface{} + + decoder := yaml.NewDecoder(strings.NewReader(cred)) + if err := decoder.Decode(&gvMap); err != nil { + return nil, err + } + + for key, value := range gvMap { + val[key] = value.(string) + } + + return val, nil +} + func (ca *AppGitConfigHelper) GetCosingKeys(ctx context.Context, entityName, projectId string) (string, string, error) { credReader, err := credentials.NewCredentialReader(ctx) if err != nil { diff --git a/capten/config-worker/internal/crossplane/config_cluster_updates.go b/capten/config-worker/internal/crossplane/config_cluster_updates.go index 626d1297..38bd9289 100644 --- a/capten/config-worker/internal/crossplane/config_cluster_updates.go +++ b/capten/config-worker/internal/crossplane/config_cluster_updates.go @@ -6,11 +6,10 @@ import ( "fmt" "os" "path/filepath" - "strings" "github.com/intelops/go-common/logging" - "github.com/kube-tarian/kad/capten/common-pkg/credential" "github.com/kube-tarian/kad/capten/common-pkg/k8s" + appConf "github.com/kube-tarian/kad/capten/config-worker/internal/app_config" fileutil "github.com/kube-tarian/kad/capten/config-worker/internal/file_util" "github.com/kube-tarian/kad/capten/model" agentmodel "github.com/kube-tarian/kad/capten/model" @@ -287,27 +286,11 @@ func removeClusterValues(valuesFileName, clusterName string) error { func (cp *CrossPlaneApp) prepareTemplateVaules(ctx context.Context, clusterName string) (map[string]string, error) { val := map[string]string{ - "DomainName": cp.cfg.DomainName, - "ClusterName": clusterName, + appConf.DomainName: cp.cfg.DomainName, + "ClusterName": clusterName, } - cred, err := credential.GetClusterGlobalValues(ctx) - if err != nil { - return nil, err - } - - var gvMap map[string]interface{} - - decoder := yaml.NewDecoder(strings.NewReader(cred)) - if err := decoder.Decode(&gvMap); err != nil { - return nil, err - } - - for key, value := range gvMap { - val[key] = value.(string) - } - - return val, nil + return cp.helper.GetClusterGlobalValues(ctx, val) } func prepareClusterData(clusterName, endpoint string, defaultApps []DefaultApps) Cluster { diff --git a/capten/config-worker/internal/tekton/argocd_app_values.go b/capten/config-worker/internal/tekton/argocd_app_values.go index b24f054d..f8a2aba8 100644 --- a/capten/config-worker/internal/tekton/argocd_app_values.go +++ b/capten/config-worker/internal/tekton/argocd_app_values.go @@ -45,7 +45,6 @@ type TektonConfigValues struct { type TektonPieplineConfigValues struct { PipelineName string `json:"pipelineName,omitempty"` IngressDomainName string `json:"ingressDomainName,omitempty"` - TektonDashboard string `json:"tektonDashboard,omitempty"` Namespace string `json:"namespace,omitempty"` SecretName *[]SecretNames `json:"secretName,omitempty"` } diff --git a/capten/config-worker/internal/tekton/config_tekton_app.go b/capten/config-worker/internal/tekton/config_tekton_app.go index 40e419a1..e539d46a 100644 --- a/capten/config-worker/internal/tekton/config_tekton_app.go +++ b/capten/config-worker/internal/tekton/config_tekton_app.go @@ -123,8 +123,14 @@ func (cp *TektonApp) configureProjectAndApps(ctx context.Context, req *model.Tek return string(agentmodel.WorkFlowStatusFailed), errors.WithMessage(err, "failed to updateArgoCDTemplate") } + gloablVal, err := cp.helper.GetClusterGlobalValues(ctx, map[string]string{ + appconfig.DomainName: cp.cfg.DomainName}) + if err != nil { + return string(agentmodel.WorkFlowStatusFailed), errors.WithMessage(err, "failed to get clusetr gloablValues") + } + err = updatePipelineTemplate(filepath.Join(customerRepo, - strings.ReplaceAll(cp.pluginConfig.PipelineSyncUpdate.PipelineValues, "", req.PipelineName)), req.PipelineName, cp.cfg.DomainName) + strings.ReplaceAll(cp.pluginConfig.PipelineSyncUpdate.PipelineValues, "", req.PipelineName)), req.PipelineName, gloablVal["DomainName"]) if err != nil { return string(agentmodel.WorkFlowStatusFailed), errors.WithMessage(err, "failed to updatePipelineTemplate") } @@ -365,11 +371,10 @@ func (cp *TektonApp) createOrUpdateSecrets(ctx context.Context, req *model.Tekto strdata["GIT_USER_NAME"] = []byte("username") strdata["GIT_TOKEN"] = []byte("token") strdata["GIT_PROJECT_URL"] = []byte(req.CredentialIdentifiers[agentmodel.ExtraGitProject].Url) - strdata["APP_CONFIG_PATH"] = []byte(filepath.Join(cp.crossplanConfig.ClusterEndpointUpdates.DefaultAppValuesPath, req.CredentialIdentifiers[agentmodel.ManagedCluster].Url)) - strdata["CLUSTER_CA"] = []byte("kubeCa") - strdata["CLUSTER_ENDPOINT"] = []byte("kubeEndpoint") - strdata["CLUSTER_CONFIG"] = []byte("kubeConfig") - + strdata["APP_CONFIG_PATH"] = []byte(filepath.Join(cp.crossplanConfig.ClusterEndpointUpdates.ClusterDefaultAppValuesPath, req.CredentialIdentifiers[agentmodel.ManagedCluster].Url, "apps")) + strdata["CLUSTER_CA"] = []byte(kubeCa) + strdata["CLUSTER_ENDPOINT"] = []byte(kubeEndpoint) + strdata["CLUSTER_CONFIG"] = []byte(kubeConfig) if err := k8sclient.CreateOrUpdateSecret(ctx, pipelineNamespace, secName, v1.SecretTypeOpaque, strdata, nil); err != nil { return fmt.Errorf("failed to create/update k8s secret, %v", err) @@ -513,10 +518,8 @@ func updatePipelineTemplate(valuesFileName, pipelineName, domainName string) err return err } - // GET dashboard and ingress domain suffix. - tektonPipelineConfig.IngressDomainName = model.TektonHostName + "." + domainName + tektonPipelineConfig.IngressDomainName = domainName tektonPipelineConfig.PipelineName = pipelineName - tektonPipelineConfig.TektonDashboard = "http://" + tektonPipelineConfig.IngressDomainName secretName := []SecretNames{} for _, secret := range secrets { From a87703a50629b2e5bac33383a8f0b8a0fd7a8ee2 Mon Sep 17 00:00:00 2001 From: indresh-28 Date: Fri, 26 Jan 2024 11:38:02 +0530 Subject: [PATCH 08/11] test --- capten/config-worker/internal/app_config/app_git_helper.go | 2 +- capten/config-worker/internal/tekton/config_tekton_app.go | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/capten/config-worker/internal/app_config/app_git_helper.go b/capten/config-worker/internal/app_config/app_git_helper.go index 1a61ea11..3d067884 100644 --- a/capten/config-worker/internal/app_config/app_git_helper.go +++ b/capten/config-worker/internal/app_config/app_git_helper.go @@ -130,7 +130,7 @@ func (ca *AppGitConfigHelper) GetCosingKeys(ctx context.Context, entityName, pro return "", "", err } - return cred[cosignKey], cred[cosignPub], nil + return cred["cosignKey"], cred["cosignPub"], nil } func (ca *AppGitConfigHelper) GetContainerRegCreds(ctx context.Context, entityName, projectId string) (string, string, error) { diff --git a/capten/config-worker/internal/tekton/config_tekton_app.go b/capten/config-worker/internal/tekton/config_tekton_app.go index e539d46a..42e689b8 100644 --- a/capten/config-worker/internal/tekton/config_tekton_app.go +++ b/capten/config-worker/internal/tekton/config_tekton_app.go @@ -372,9 +372,9 @@ func (cp *TektonApp) createOrUpdateSecrets(ctx context.Context, req *model.Tekto strdata["GIT_TOKEN"] = []byte("token") strdata["GIT_PROJECT_URL"] = []byte(req.CredentialIdentifiers[agentmodel.ExtraGitProject].Url) strdata["APP_CONFIG_PATH"] = []byte(filepath.Join(cp.crossplanConfig.ClusterEndpointUpdates.ClusterDefaultAppValuesPath, req.CredentialIdentifiers[agentmodel.ManagedCluster].Url, "apps")) - strdata["CLUSTER_CA"] = []byte(kubeCa) - strdata["CLUSTER_ENDPOINT"] = []byte(kubeEndpoint) - strdata["CLUSTER_CONFIG"] = []byte(kubeConfig) + strdata["CLUSTER_CA"] = []byte("kubeCa") + strdata["CLUSTER_ENDPOINT"] = []byte("kubeEndpoint") + strdata["CLUSTER_CONFIG"] = []byte("kubeConfig") if err := k8sclient.CreateOrUpdateSecret(ctx, pipelineNamespace, secName, v1.SecretTypeOpaque, strdata, nil); err != nil { return fmt.Errorf("failed to create/update k8s secret, %v", err) From 1280945b3acac1d9beedbb8c10a1d1459a56b9dd Mon Sep 17 00:00:00 2001 From: indresh-28 Date: Fri, 26 Jan 2024 11:43:43 +0530 Subject: [PATCH 09/11] test --- capten/common-pkg/plugins/argocd/client.go | 1 + 1 file changed, 1 insertion(+) diff --git a/capten/common-pkg/plugins/argocd/client.go b/capten/common-pkg/plugins/argocd/client.go index f137ae75..185128ff 100644 --- a/capten/common-pkg/plugins/argocd/client.go +++ b/capten/common-pkg/plugins/argocd/client.go @@ -39,6 +39,7 @@ func GetConfig(logger logging.Logger) (*Configuration, error) { } cfg.Password = password + } if !cfg.IsSSLEnabled { // TODO: Configure SSL certificates logger.Errorf("SSL not yet supported, continuing with insecure verify true") From 9c6ca444d66952187780a91613dbcd9fcad1c96f Mon Sep 17 00:00:00 2001 From: indresh-28 Date: Fri, 26 Jan 2024 11:54:44 +0530 Subject: [PATCH 10/11] update cosing keys --- capten/config-worker/internal/app_config/app_git_helper.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/capten/config-worker/internal/app_config/app_git_helper.go b/capten/config-worker/internal/app_config/app_git_helper.go index 3d067884..455439e8 100644 --- a/capten/config-worker/internal/app_config/app_git_helper.go +++ b/capten/config-worker/internal/app_config/app_git_helper.go @@ -130,7 +130,7 @@ func (ca *AppGitConfigHelper) GetCosingKeys(ctx context.Context, entityName, pro return "", "", err } - return cred["cosignKey"], cred["cosignPub"], nil + return cred[CosignKey], cred[CosignPub], nil } func (ca *AppGitConfigHelper) GetContainerRegCreds(ctx context.Context, entityName, projectId string) (string, string, error) { From fa231a2602513e634a32fe580700c8513ea33e4a Mon Sep 17 00:00:00 2001 From: indresh-28 Date: Fri, 26 Jan 2024 11:58:01 +0530 Subject: [PATCH 11/11] update cosing keys --- capten/config-worker/internal/tekton/config_tekton_app.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/capten/config-worker/internal/tekton/config_tekton_app.go b/capten/config-worker/internal/tekton/config_tekton_app.go index 42e689b8..d2ca4334 100644 --- a/capten/config-worker/internal/tekton/config_tekton_app.go +++ b/capten/config-worker/internal/tekton/config_tekton_app.go @@ -130,7 +130,7 @@ func (cp *TektonApp) configureProjectAndApps(ctx context.Context, req *model.Tek } err = updatePipelineTemplate(filepath.Join(customerRepo, - strings.ReplaceAll(cp.pluginConfig.PipelineSyncUpdate.PipelineValues, "", req.PipelineName)), req.PipelineName, gloablVal["DomainName"]) + strings.ReplaceAll(cp.pluginConfig.PipelineSyncUpdate.PipelineValues, "", req.PipelineName)), req.PipelineName, gloablVal[appconfig.DomainName]) if err != nil { return string(agentmodel.WorkFlowStatusFailed), errors.WithMessage(err, "failed to updatePipelineTemplate") } @@ -307,7 +307,7 @@ func (cp *TektonApp) createOrUpdateSecrets(ctx context.Context, req *model.Tekto } if err := k8sclient.CreateOrUpdateSecret(ctx, pipelineNamespace, cosignSecName, - v1.SecretTypeOpaque, map[string][]byte{"COSIGN_KEY": []byte(key), "COSIGN_PUB": []byte(pub)}, + v1.SecretTypeOpaque, map[string][]byte{appconfig.CosignKey: []byte(key), appconfig.CosignPub: []byte(pub)}, map[string]string{}); err != nil { return fmt.Errorf("failed to create/update cosign-keys k8s secret, %v", err) }