diff --git a/.github/workflows/test-bigbang.yml b/.github/workflows/test-bigbang.yml deleted file mode 100644 index fb83764515..0000000000 --- a/.github/workflows/test-bigbang.yml +++ /dev/null @@ -1,119 +0,0 @@ -name: Test Big Bang extension -on: - pull_request: - paths-ignore: - - "**.md" - - "**.jpg" - - "**.png" - - "**.gif" - - "**.svg" - - "adr/**" - - "docs/**" - - "CODEOWNERS" - merge_group: - paths-ignore: - - "**.md" - - "**.jpg" - - "**.png" - - "**.gif" - - "**.svg" - - "adr/**" - - "docs/**" - - "CODEOWNERS" - -permissions: - contents: read - -# Abort prior jobs in the same workflow / PR -concurrency: - group: e2e-bb-${{ github.ref }} - cancel-in-progress: true - -jobs: - build-bigbang: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - - - name: Setup golang - uses: ./.github/actions/golang - - - name: Build Zarf binary - uses: ./.github/actions/packages - with: - init-package: "false" - build-examples: "false" - - - name: Login to Iron Bank - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 - if: ${{ env.IRON_BANK_ROBOT_USERNAME != '' }} - env: - IRON_BANK_ROBOT_USERNAME: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - with: - registry: registry1.dso.mil - username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} - - - name: Build a registry1.dso.mil Zarf 'init' package - if: ${{ env.IRON_BANK_ROBOT_USERNAME != '' }} - env: - IRON_BANK_ROBOT_USERNAME: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - run: make ib-init-package - - # Upload the contents of the build directory for later stages to use - - name: Upload build artifacts - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 - with: - name: build-artifacts - path: build/ - retention-days: 1 - - validate-bigbang: - runs-on: ubuntu-latest - needs: build-bigbang - steps: - - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - - - name: Download build artifacts - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 - with: - name: build-artifacts - path: build/ - - - name: Setup golang - uses: ./.github/actions/golang - - - name: Make Zarf executable - run: | - chmod +x build/zarf - - # Before we run the tests we need to aggressively cleanup files to reduce disk pressure - - name: Cleanup files - uses: ./.github/actions/cleanup-files - - - name: Setup K3d - uses: ./.github/actions/k3d - - - name: Login to Iron Bank - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 - if: ${{ env.IRON_BANK_ROBOT_USERNAME != '' }} - env: - IRON_BANK_ROBOT_USERNAME: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - with: - registry: registry1.dso.mil - username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} - - - name: Run tests - if: ${{ env.IRON_BANK_ROBOT_USERNAME != '' }} - env: - IRON_BANK_ROBOT_USERNAME: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - run: | - sudo mkdir /mnt/zarf-tmp - sudo chown -R runner:runner /mnt/zarf-tmp - CI=true go test ./src/extensions/bigbang/test -failfast -v -timeout 30m - - - name: Save logs - uses: ./.github/actions/save-logs diff --git a/.github/workflows/test-shim.yml b/.github/workflows/test-shim.yml index 0b9616930b..b4df3bf4b5 100644 --- a/.github/workflows/test-shim.yml +++ b/.github/workflows/test-shim.yml @@ -103,13 +103,6 @@ jobs: run: | echo skipped - validate-bigbang: - runs-on: ubuntu-latest - steps: - - name: Skipped - run: | - echo skipped - validate-external: runs-on: ubuntu-latest steps: diff --git a/Makefile b/Makefile index bdce6970d3..9f39e23ac7 100644 --- a/Makefile +++ b/Makefile @@ -210,7 +210,7 @@ test-upgrade: ## Run the Zarf CLI E2E tests for an external registry and cluster .PHONY: test-unit test-unit: ## Run unit tests - go test -failfast -v -coverprofile=coverage.out -covermode=atomic $$(go list ./... | grep -v '^github.com/zarf-dev/zarf/src/test' | grep -v 'github.com/zarf-dev/zarf/src/extensions/bigbang/test') + go test -failfast -v -coverprofile=coverage.out -covermode=atomic $$(go list ./... | grep -v '^github.com/zarf-dev/zarf/src/test') # INTERNAL: used to test that a dev has ran `make docs-and-schema` in their PR test-docs-and-schema: diff --git a/examples/big-bang/config/disable-all.yaml b/examples/big-bang/config/disable-all.yaml deleted file mode 100644 index 153ce37c80..0000000000 --- a/examples/big-bang/config/disable-all.yaml +++ /dev/null @@ -1,58 +0,0 @@ -# Disable everything -istio: - enabled: false - -istioOperator: - enabled: false - -jaeger: - enabled: false - -kiali: - enabled: false - -clusterAuditor: - enabled: false - -gatekeeper: - enabled: false - -kyverno: - enabled: false - -kyvernoPolicies: - enabled: false - -kyvernoReporter: - enabled: false - -elasticsearchKibana: - enabled: false - -eckOperator: - enabled: false - -fluentbit: - enabled: false - -promtail: - enabled: false - -loki: - enabled: false - -neuvector: - enabled: false - -tempo: - enabled: false - -monitoring: - enabled: false - -twistlock: - enabled: false - -addons: - metricsServer: - enabled: false diff --git a/examples/big-bang/config/ingress.yaml b/examples/big-bang/config/ingress.yaml deleted file mode 100644 index 0ceaa53056..0000000000 --- a/examples/big-bang/config/ingress.yaml +++ /dev/null @@ -1,128 +0,0 @@ -# Configure Istio -domain: "###ZARF_VAR_DOMAIN###" - -istio: - gateways: - public: - tls: # certs for *.bigbang.dev - key: | - -----BEGIN PRIVATE KEY----- - MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDDvKUzWiZucm6/ - 8D2Nx4KVe8t6uHtARpw112f4yGv7xKcOJkbxLbVtor8pj/HS5tRSZq2ziIQl9y98 - 8TVAOBezgzPPMDxOqDeyHl5gAtqzpK/eSPmueZIhR88BH2+SMYqa5kxmjn752Rf0 - jVeCrVdQ5MD9rqA00oQi/zO+gQQoz6QSuiEQ2pSKYB3gv9oIoJorIU1n4qLYAezn - TvFwjmKWPPhRdyslpcAi1rVO+mVX3Y2DKU/CfpWNFVVT+H788Srn4yP6iWUymfQU - vHOXII1erMnES2H9BDffumrRf3m3IpgueQ3vPhB8ftjFZozURj2t/WSeaKsyQSoZ - Wr99DWxpAgMBAAECggEAAW8ARsACSAzOgtlfmgo8Cpw9gUiYnn/l5P8O4+OT5uQp - 1RCytFGBYqwuej9zpffK1k+qNgZp8V0+G8wod6/xfH8Zggr4ZhsVTVirmEhtEaPD - Jf2i1oRNbbD48yknyApU2Y2WQaoJhArzAfeHDI34db83KqR8x+ZC0X7NAjgvr5zS - b0OfY2tht4oxEWh2m67FzlFgF+cWyszRYyfvHfOFBqLesuCnSfMoOzmbT3SlnxHo - 6GSa1e/kCJVzFJNb74BZTIH0w6Ar/a0QG829VXivqj8lRENU/1xUI2JhNz4RdH7F - 6MeiwQbq4pWjHfh4djuzQFIwOgCnSNRnNuNywOVuAQKBgQDjleEI1XFQawXmHtHu - 6GMhbgptRoSUyutDDdo2MHGvDbxDOIsczIBjxCuYAM47nmGMuWbDJUN+2VQAX32J - WZagRxWikxnEqv3B7No7tLSQ42rRo/tDBrZPCCuS9u/ZJM4o7MCa/VzTtbicGOCh - bTIoTeEtT2piIdkrjHFGGlYOLQKBgQDcLNFHrSJCkHfCoz75+zytfYan+2dIxuV/ - MlnrT8XHt33cst4ZwoIQbsE6mv7J4CJqOgUYDvoJpioLV3InUACDxXd+bVY7RwxP - j25pXzYL++RctVO3IEOCmFkwlq0fNFdrOn8Y/cnRTwd2e60n08rCKgJS8KhEAaO0 - QvVmAHw4rQKBgQDL7hCAnunzuoLFqpZI8tlpKjaTpp3EynO3WSFQb2ZfCvrIbVFS - U/kz7KN3iDlEeO5GcBeiA7EQaGN6FhbiTXHIWwoK7K8paGMMM1V2LL2kGvQruDm8 - 3LXd6Z9KCJXxSKanS0ZnW2KjnnE3Bp+6ZqOMNATzWfckydnUyPrza0PzXQKBgEYS - 1YCUb8Tzqcn+nrp85XDp9INeFh8pfj0fT1L/DpljouEs5Fcaer60ITd/wPuLJCje - 0mQ30AhmJBd7+07bvW4y2LcaIUm4cQiZQ7CxpsfloWaIJ16vHA1iY3B9ZBf8Vp4/ - /dd8XlEJb/ybnB6C35MwP5EaGtOaGfnzHZsbKG35AoGAWm9tpqhuldQ3MCvoAr5Q - b42JLSKqwpvVjQDiFZPI/0wZTo3WkWm9Rd7CAACheb8S70K1r/JIzsmIcnj0v4xs - sfd+R35UE+m8MExbDP4lKFParmvi2/UZfb3VFNMmMPTV6AEIBl6N4PmhHMZOsIRs - H4RxbE+FpmsMAUCpdrzvFkc= - -----END PRIVATE KEY----- - cert: | - -----BEGIN CERTIFICATE----- - MIIFHzCCBAegAwIBAgISA5mpYS+M8wSuhJbgCNVoGbYiMA0GCSqGSIb3DQEBCwUA - MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD - EwJSMzAeFw0yMzAyMjQxMzU1MzBaFw0yMzA1MjUxMzU1MjlaMBgxFjAUBgNVBAMM - DSouYmlnYmFuZy5kZXYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD - vKUzWiZucm6/8D2Nx4KVe8t6uHtARpw112f4yGv7xKcOJkbxLbVtor8pj/HS5tRS - Zq2ziIQl9y988TVAOBezgzPPMDxOqDeyHl5gAtqzpK/eSPmueZIhR88BH2+SMYqa - 5kxmjn752Rf0jVeCrVdQ5MD9rqA00oQi/zO+gQQoz6QSuiEQ2pSKYB3gv9oIoJor - IU1n4qLYAeznTvFwjmKWPPhRdyslpcAi1rVO+mVX3Y2DKU/CfpWNFVVT+H788Srn - 4yP6iWUymfQUvHOXII1erMnES2H9BDffumrRf3m3IpgueQ3vPhB8ftjFZozURj2t - /WSeaKsyQSoZWr99DWxpAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYD - VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O - BBYEFFWw8Antpeyt5+/J//sIHTWkf8MtMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ - QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz - Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv - MBgGA1UdEQQRMA+CDSouYmlnYmFuZy5kZXYwTAYDVR0gBEUwQzAIBgZngQwBAgEw - NwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5j - cnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQB6MoxU2LcttiDqOOBS - HumEFnAyE4VNO9IrwTpXo1LrUgAAAYaD7AyTAAAEAwBGMEQCIG1jzmcfMv+DNdJh - 8gYpo44sgsASNEF8CjWCyHFhvITiAiASh+KhZXLaFXKsKF99fd6CTnKX30nOz2UR - NfSnXwW5JwB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABhoPs - DHAAAAQDAEcwRQIhALnaITI/ItM9FxxA0hc2VAVJ5xk36/FZtjMJyDAx2dmHAiAT - hnn8YDRB/fPRnv8PUOcubqK2mNwMRCk5wQBjQGYanTANBgkqhkiG9w0BAQsFAAOC - AQEAeviZDlTw9bzxF9vIZ1F+ijIQmnma6CD32eIEQmD/tIpOeayxuRiNFzIt/ixo - uC0/hKcC+JbVb7ZJOT9woPDce+g3gbA2i390yf3av3EP7sptV90rTM8gLPAdtHxo - RW14cSGmGFmaBRhr7ZbaSumztWcqgOF5orBq26wkhPT5bmqn7YX1W/H7/OMjP1Z+ - fQTfgFnfkBtzg1Ib4z3SHIPTqo2kAN3cF+b8AxrUKlk0STwesX2mR9h9jUKTapGg - Y36zDlKTOI3edM22AZDSmrIiR2LV1qGBDoxrsJmnK/Ci3t0KjwzJz45tyzenk8kO - imbt/HYVhe8WfukQ/kQdlhsHCw== - -----END CERTIFICATE----- - -----BEGIN CERTIFICATE----- - MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw - TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh - cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw - WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg - RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK - AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP - R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx - sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm - NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg - Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG - /kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC - AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB - Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA - FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw - AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw - Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB - gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W - PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl - ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz - CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm - lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 - avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 - yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O - yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids - hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ - HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv - MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX - nLRbwHOoq7hHwg== - -----END CERTIFICATE----- - -----BEGIN CERTIFICATE----- - MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/ - MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT - DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow - TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh - cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB - AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC - ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL - wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D - LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK - 4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5 - bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y - sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ - Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4 - FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc - SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql - PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND - TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw - SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1 - c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx - +tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB - ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu - b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E - U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu - MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC - 5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW - 9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG - WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O - he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC - Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5 - -----END CERTIFICATE----- diff --git a/examples/big-bang/config/kyverno.yaml b/examples/big-bang/config/kyverno.yaml deleted file mode 100644 index 0270d2975f..0000000000 --- a/examples/big-bang/config/kyverno.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# Use Kyverno instead of Gatekeeper -gatekeeper: - enabled: false -clusterAuditor: - enabled: false -kyverno: - enabled: true -kyvernoPolicies: - enabled: true - values: - policies: - disallow-shared-subpath-volume-writes: - validationFailureAction: audit - restrict-host-ports: - validationFailureAction: audit - restrict-capabilities: - validationFailureAction: audit - restrict-image-registries: - validationFailureAction: audit - disallow-host-namespaces: - validationFailureAction: audit - disallow-privileged-containers: - validationFailureAction: audit - require-non-root-user: - validationFailureAction: audit - restrict-host-path-mount-pv: - validationFailureAction: audit diff --git a/examples/big-bang/config/loki.yaml b/examples/big-bang/config/loki.yaml deleted file mode 100644 index 8a85cfd658..0000000000 --- a/examples/big-bang/config/loki.yaml +++ /dev/null @@ -1,15 +0,0 @@ -# Use Loki instead of EFK -elasticsearchKibana: - enabled: false - -eckOperator: - enabled: false - -fluentbit: - enabled: false - -loki: - enabled: true - -promtail: - enabled: true diff --git a/examples/big-bang/config/neuvector.yaml b/examples/big-bang/config/neuvector.yaml deleted file mode 100644 index d804274901..0000000000 --- a/examples/big-bang/config/neuvector.yaml +++ /dev/null @@ -1,5 +0,0 @@ -# If running in k3s, this is needed for Neuvector to start properly -neuvector: - values: - k3s: - enabled: true diff --git a/examples/big-bang/virtualservices/gitea.yaml b/examples/big-bang/virtualservices/gitea.yaml deleted file mode 100644 index 713d683055..0000000000 --- a/examples/big-bang/virtualservices/gitea.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: networking.istio.io/v1alpha3 -kind: VirtualService -metadata: - name: gitea - namespace: zarf -spec: - gateways: - - istio-system/public - hosts: - - gitea.###ZARF_VAR_DOMAIN### - http: - - route: - - destination: - host: zarf-gitea-http.zarf.svc.cluster.local - port: - number: 3000 diff --git a/examples/big-bang/yolo/credentials.yaml b/examples/big-bang/yolo/credentials.yaml deleted file mode 100644 index 40b651da01..0000000000 --- a/examples/big-bang/yolo/credentials.yaml +++ /dev/null @@ -1,5 +0,0 @@ -registryCredentials: - registry: registry1.dso.mil - username: "###ZARF_VAR_REGISTRY1_USERNAME###" - password: "###ZARF_VAR_REGISTRY1_CLI_SECRET###" - email: "" diff --git a/examples/big-bang/yolo/private-registry.yaml b/examples/big-bang/yolo/private-registry.yaml deleted file mode 100644 index 11f1449e1c..0000000000 --- a/examples/big-bang/yolo/private-registry.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: private-registry - namespace: flux-system -type: kubernetes.io/dockerconfigjson -stringData: - .dockerconfigjson: |- - { - "auths": { - "registry1.dso.mil": { - "username": "###ZARF_VAR_REGISTRY1_USERNAME###", - "password": "###ZARF_VAR_REGISTRY1_CLI_SECRET###", - "email": "", - "auth": "###ZARF_VAR_REGISTRY1_AUTH###" - } - } - } diff --git a/examples/big-bang/yolo/zarf.yaml b/examples/big-bang/yolo/zarf.yaml deleted file mode 100644 index 80caf3bfd1..0000000000 --- a/examples/big-bang/yolo/zarf.yaml +++ /dev/null @@ -1,41 +0,0 @@ -kind: ZarfPackageConfig - -metadata: - name: yolo-big-bang - description: Deploy Big Bang Core in YOLO mode - # renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/ - version: 2.19.2 - url: https://p1.dso.mil/products/big-bang - architecture: amd64 - yolo: true - -variables: - - name: REGISTRY1_USERNAME - description: The username for pulling images from registry1.dso.mil - prompt: true - - name: REGISTRY1_CLI_SECRET - description: The CLI secret for pulling images from registry1.dso.mil - prompt: true - - name: REGISTRY1_AUTH - description: A base64 encoded concatenation of 'REGISTRY1_USERNAME:REGISTRY1_CLI_SECRET' - prompt: true - -components: - - name: flux-private-registry - required: true - manifests: - - name: private-registry - namespace: flux-system - files: - - private-registry.yaml - - name: bigbang - required: true - extensions: - bigbang: - # renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/ - version: 2.19.2 - valuesFiles: - - credentials.yaml - - ../config/ingress.yaml - - ../config/kyverno.yaml - - ../config/loki.yaml diff --git a/examples/big-bang/zarf.yaml b/examples/big-bang/zarf.yaml deleted file mode 100644 index 672ec4f8d1..0000000000 --- a/examples/big-bang/zarf.yaml +++ /dev/null @@ -1,99 +0,0 @@ -kind: ZarfPackageConfig -metadata: - name: big-bang-example - description: Deploy Big Bang Core - # renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/ - version: 2.19.2 - url: https://p1.dso.mil/products/big-bang - # Big Bang / Iron Bank are only amd64 - architecture: amd64 - -variables: - - name: DOMAIN - default: bigbang.dev - prompt: false - -components: - - name: bigbang - required: true - actions: - onRemove: - before: - - cmd: | - ./zarf tools kubectl patch helmrelease -n bigbang bigbang --type=merge -p '{"spec":{"suspend":true}}' - ./zarf tools kubectl delete helmrelease -n bigbang istio --ignore-not-found - ./zarf tools kubectl delete helmrelease -n bigbang istio-operator --ignore-not-found - ./zarf tools kubectl delete helmrelease -n bigbang monitoring --ignore-not-found - ./zarf tools kubectl delete providers grafana -n monitoring --ignore-not-found - ./zarf tools kubectl delete alerts grafana -n monitoring --ignore-not-found - ./zarf tools kubectl delete helmrelease -n bigbang promtail --ignore-not-found - ./zarf tools kubectl delete helmrelease -n bigbang loki --ignore-not-found - ./zarf tools kubectl delete kiali -n kiali kiali --ignore-not-found - ./zarf tools kubectl delete helmrelease -n bigbang tempo --ignore-not-found - ./zarf tools kubectl delete helmrelease -n bigbang neuvector --ignore-not-found - ./zarf tools kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io neuvector-validating-crd-webhook --ignore-not-found - ./zarf tools kubectl delete helmrelease -n bigbang kyverno-reporter --ignore-not-found - ./zarf tools kubectl delete helmrelease -n bigbang kyverno-policies --ignore-not-found - ./zarf tools kubectl delete helmrelease -n bigbang kyverno --ignore-not-found - ./zarf tools kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io kyverno-policy-validating-webhook-cfg kyverno-resource-validating-webhook-cfg --ignore-not-found - ./zarf tools kubectl delete helmrelease -n bigbang kiali --ignore-not-found - ./zarf tools kubectl delete helmrelease -n bigbang metrics-server --ignore-not-found - ./zarf tools kubectl delete apiservices.apiregistration.k8s.io -l helm.toolkit.fluxcd.io/namespace=bigbang,helm.toolkit.fluxcd.io/name=metrics-server --ignore-not-found - ./zarf tools kubectl delete gitrepositories -n bigbang -l app.kubernetes.io/part-of=bigbang - description: "Cleaning up Big Bang resources" - extensions: - bigbang: - # renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/ - version: 2.19.2 - valuesFiles: - # Istio configs - - config/ingress.yaml - # Use Kyverno instead of Gatekeeper - - config/kyverno.yaml - # Use PLG instead of EFK - - config/loki.yaml - # Needed when running in k3s. Otherwise Neuvector fails to start with an error saying it can't detect its runtime - - config/neuvector.yaml - # Values are merged in order, so this would override the above and disable everything if uncommented - # - config/disable-all.yaml - - name: gitea-virtual-service - description: > - Expose the internal Zarf Gitea server through the Big Bang Istio deployment via a virtual service. - (only applies if you are using the Zarf-provided Gitea deployment - not an externally configured git host) - manifests: - - name: gitea - namespace: zarf - files: - - virtualservices/gitea.yaml - -# YAML keys starting with `x-` are custom keys that are ignored by the Zarf CLI -# The `x-mdx` key is used to render the markdown content for https://docs.zarf.dev/ref/examples -x-mdx: | - import Properties from "@components/SchemaItemProperties.astro"; - - This package deploys [Big Bang](https://repo1.dso.mil/platform-one/big-bang/bigbang) using the Zarf `bigbang` extension. - - The `bigbang` noun sits within the `extensions` specification of Zarf and provides the following configuration: - - - - To see a tutorial for the creation and deployment of this package see the [Big Bang Tutorial](/tutorials/5-big-bang/). - - :::caution - - `valuesFiles` are processed in the order provided with Zarf adding an initial values file to populate registry - and git server credentials as the first file. Including credential `values` (even empty ones) will override - these values. This can be used to our advantage however for things like YOLO mode as described below. - - ::: - - ## Big Bang YOLO Mode Support - - The Big Bang extension also supports YOLO mode, provided that you add your own credentials for the image registry. - This is accomplished below with the `provision-flux-credentials` component and the `credentials.yaml` values file - which allows images to be pulled from [registry1.dso.mil](https://registry1.dso.mil). We demonstrate providing account - credentials via Zarf Variables, but there are other ways to populate the data in `private-registry.yaml`. - - You can learn about YOLO mode in the [FAQ](/faq#what-is-yolo-mode-and-why-would-i-use-it) or the [YOLO mode example](/ref/examples/yolo/). - - [Big Bang YOLO Mode Example](https://github.com/zarf-dev/zarf/tree/main/examples/big-bang/yolo). diff --git a/go.mod b/go.mod index 8c3819ac71..4a6222ab78 100644 --- a/go.mod +++ b/go.mod @@ -25,7 +25,6 @@ require ( github.com/fairwindsops/pluto/v5 v5.18.4 github.com/fatih/color v1.17.0 github.com/fluxcd/gitkit v0.6.0 - github.com/fluxcd/helm-controller/api v1.1.0 github.com/fluxcd/pkg/apis/meta v1.6.1 github.com/fluxcd/source-controller/api v1.4.1 github.com/go-git/go-git/v5 v5.12.0 @@ -285,7 +284,6 @@ require ( github.com/felixge/fgprof v0.9.3 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect github.com/fluxcd/pkg/apis/acl v0.3.0 // indirect - github.com/fluxcd/pkg/apis/kustomize v1.6.1 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/fvbommel/sortorder v1.1.0 // indirect github.com/gabriel-vasile/mimetype v1.4.4 // indirect diff --git a/go.sum b/go.sum index b36c5e5e4e..14e8c6f9e0 100644 --- a/go.sum +++ b/go.sum @@ -735,12 +735,8 @@ github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2 github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/fluxcd/gitkit v0.6.0 h1:iNg5LTx6ePo+Pl0ZwqHTAkhbUHxGVSY3YCxCdw7VIFg= github.com/fluxcd/gitkit v0.6.0/go.mod h1:svOHuKi0fO9HoawdK4HfHAJJseZDHHjk7I3ihnCIqNo= -github.com/fluxcd/helm-controller/api v1.1.0 h1:NS5Wm3U6Kv4w7Cw2sDOV++vf2ecGfFV00x1+2Y3QcOY= -github.com/fluxcd/helm-controller/api v1.1.0/go.mod h1:BgHMgMY6CWynzl4KIbHpd6Wpn3FN9BqgkwmvoKCp6iE= github.com/fluxcd/pkg/apis/acl v0.3.0 h1:UOrKkBTOJK+OlZX7n8rWt2rdBmDCoTK+f5TY2LcZi8A= github.com/fluxcd/pkg/apis/acl v0.3.0/go.mod h1:WVF9XjSMVBZuU+HTTiSebGAWMgM7IYexFLyVWbK9bNY= -github.com/fluxcd/pkg/apis/kustomize v1.6.1 h1:22FJc69Mq4i8aCxnKPlddHhSMyI4UPkQkqiAdWFcqe0= -github.com/fluxcd/pkg/apis/kustomize v1.6.1/go.mod h1:5dvQ4IZwz0hMGmuj8tTWGtarsuxW0rWsxJOwC6i+0V8= github.com/fluxcd/pkg/apis/meta v1.6.1 h1:maLhcRJ3P/70ArLCY/LF/YovkxXbX+6sTWZwZQBeNq0= github.com/fluxcd/pkg/apis/meta v1.6.1/go.mod h1:YndB/gxgGZmKfqpAfFxyCDNFJFP0ikpeJzs66jwq280= github.com/fluxcd/source-controller/api v1.4.1 h1:zV01D7xzHOXWbYXr36lXHWWYS7POARsjLt61Nbh3kVY= diff --git a/site/src/content/docs/contribute/style-guide.mdx b/site/src/content/docs/contribute/style-guide.mdx index 48ece3aad9..8fd8c82c43 100644 --- a/site/src/content/docs/contribute/style-guide.mdx +++ b/site/src/content/docs/contribute/style-guide.mdx @@ -36,8 +36,8 @@ Follow these guidelines for creating Defense Unicorns content: - Use sentence-style capitalization for all body text. - Capitalize the first word of a sentence, heading, title, or label. - - Capitalize proper nouns and Defense Unicorn products. - - Zarf/Big Bang/K8s/K9s + - Capitalize proper nouns + - Zarf/K8s/K9s - When words are joined by a slash, capitalize the word after the slash if the word before it is capitalized. #### Title/Heading Style Capitalization diff --git a/site/src/content/docs/ref/components.mdx b/site/src/content/docs/ref/components.mdx index 419d43bc6d..debb24517c 100644 --- a/site/src/content/docs/ref/components.mdx +++ b/site/src/content/docs/ref/components.mdx @@ -261,12 +261,6 @@ When merging components together Zarf will adopt the following strategies depend | Un'name'd Primitive Arrays | `actions`, `dataInjections`, `files`, `images`, `repos` | These keys will append the overriding component's version of the array to the end of the base component's array | | 'name'd Primitive Arrays | `charts`, `manifests` | For any given element in the overriding component, if the element matches based on `name` then its values will be merged with the base element of the same `name`. If not then the element will be appended to the end of the array | -### Extensions - - - - - ### Health Checks @@ -321,3 +315,7 @@ $ zarf package deploy ./path/to/package.tar.zst --components=optional-component- ``` ::: + +## Extensions (Removed) + +Extensions were removed from Zarf in v0.41.0. To create packages similar to those previously built with extensions, check out https://github.com/defenseunicorns-partnerships/generate-big-bang-zarf-package diff --git a/site/src/content/docs/tutorials/5-big-bang.mdx b/site/src/content/docs/tutorials/5-big-bang.mdx deleted file mode 100644 index bf073df59a..0000000000 --- a/site/src/content/docs/tutorials/5-big-bang.mdx +++ /dev/null @@ -1,211 +0,0 @@ ---- -title: Using Big Bang with Zarf -sidebar: - order: 6 ---- - -## Introduction - -This tutorial describes how to use Big Bang with Zarf for Air Gap deployments through the use of the Big Bang Zarf extension. If you are not familiar with Big Bang you can learn more about it here: https://p1.dso.mil/products/big-bang, but in short it is a DevSecOps platform that contains many useful tools for building, managing, and running software projects while adhering to the [United States Department of Defense DevSecOps Reference Design](https://public.cyber.mil/devsecops/). - -Zarf integrates with Big Bang through the use of an extension that simplifies the selection of Big Bang packages and the pulling of the required artifacts to deploy those packages in an Air Gap. - -### Limitations - -The current version of this extension requires Big Bang version `1.54.0` or later, and is not fully integrated into the `zarf package remove` lifecycle (see the [Big Bang example](/ref/examples/big-bang/) for how to introduce those lifecycle hooks manually). Zarf also relies on [helm.sh/images annotations](https://github.com/helm/community/blob/main/hips/hip-0015.md) to discover images within charts (e.g. [GitLab](https://repo1.dso.mil/big-bang/product/packages/gitlab/-/blob/main/chart/Chart.yaml#L61)) - this is a relatively new feature for Big Bang so if you see an `ImagePullBackOff` error, check that these annotations are set correctly for the sub charts you are using. To work around this issue if you come across it, simply add the missing image to the images list on the same component that contains the Big Bang extension like the following: - -```yaml -components: - - name: bigbang - required: true - images: - - registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter:15.9.2 - extensions: - bigbang: - version: 1.54.0 -``` - -## System Requirements - -Big Bang requires a reasonably powerful `amd64` system that scales up with the number of components deployed. We recommend at least `32 GB` of RAM and a high-speed internet connection to complete this tutorial. - -To learn more about Big Bang's requirements in general, see their documentation: https://docs-bigbang.dso.mil/latest/docs/prerequisites/minimum-hardware-requirements/ - -## Prerequisites - -Before beginning this tutorial you will need the following: - -- A local copy of the Zarf repository - - `git clone https://github.com/zarf-dev/zarf.git` -- A kubernetes cluster onto which you can deploy Zarf and Big Bang -- The latest version of the Zarf `cli` - - Follow instructions on https://docs.zarf.dev/getting-started/install/ -- An account on `https://registry1.dso.mil` to retrieve Big Bang images - - You can register for an account [here](https://login.dso.mil/auth/realms/baby-yoda/protocol/openid-connect/registrations?client_id=account&response_type=code) - -:::note - -If you followed the [Setting Up a Local Kubernetes Cluster](/tutorials/#setting-up-a-local-kubernetes-cluster) instructions for other Zarf tutorials, you will need to pass additional command flags to `k3d` for it to work with Big Bang. See the below to create a working cluster: - -```bash -k3d cluster create - # Required by the PLG stack - --volume /etc/machine-id:/etc/machine-id - - # Required for Istio ingress - --k3s-arg "--disable=traefik@server:0" - --port 80:80@loadbalancer - --port 443:443@loadbalancer - - # Required for TLS to work correctly with kubectl - --k3s-arg "--tls-san=$SERVER_IP@server:0" - --api-port 6443 -``` - -If you tweak the packages that are deployed there may be other configuration options you need to specify, please refer to the [Big Bang documentation](https://docs-bigbang.dso.mil/latest/) for more details. - -::: - -## Package Creation - -The below section covers creating and tuning the Big Bang package: - -### Setup - -By default, Big Bang uses images from [Iron Bank](https://p1.dso.mil/products/iron-bank) which will require you to set your login credentials for [Registry One](https://registry1.dso.mil) (see [pre-requisites](#prerequisites) for information on account setup). - -```bash -# Authenticate to https://registry1.dso.mil/, then retrieve your CLI secret from your User Profile and run the following: -set +o history -export REGISTRY1_USERNAME= -export REGISTRY1_CLI_SECRET= -echo $REGISTRY1_CLI_SECRET | zarf tools registry login registry1.dso.mil --username $REGISTRY1_USERNAME --password-stdin -set -o history -``` - -Now navigate to the `examples/big-bang` folder within the Zarf repository you cloned in the [pre-requisites](#prerequisites) section. - -### Configure Big Bang - -Within the `examples/big-bang` folder you will see a `zarf.yaml` that has the following [component](/ref/components/) defined: - -```yaml -components: - - name: bigbang - required: true - extensions: - bigbang: - version: 1.54.0 - skipFlux: false - valuesFiles: - - config/minimal.yaml #turns on just istio - - config/ingress.yaml # adds istio certs for *.bigbang.dev - - config/kyverno.yaml # turns on kyverno - - config/loki.yaml # turns on loki and monitoring -``` - -This component uses the `bigbang` extension to define the version of Big Bang to use and the values files to apply. Feel free to inspect and configure the values.yaml files as you wish and to learn more about Big Bang's configuration see their values guide: https://docs-bigbang.dso.mil/latest/docs/guides/using-bigbang/values-guide/ - -:::note - -The `valuesFiles` are applied from top to bottom and will apply the last value that was provided for any given key. - -::: - -:::note - -This extension requires Big Bang version `1.54.0` or later. - -::: - - -### Package Big Bang - -When you're ready to continue you can create a Big Bang package by running the following command in `examples/big-bang`: - -```bash -zarf package create -``` - -Now wait for the package creation to complete and you should see a `zarf-package-big-bang-example-amd64-x.x.x.tar.zst` file in the directory. - - -## Package Deployment - -The below section covers deploying the Big Bang package from the previous section: - -### Initialize Zarf - -Before you can deploy the Big Bang package you must first initialize Zarf on the cluster you created in the [pre-requisites](#prerequisites) section. To do so you can run the following: - -```bash -# Initialize Zarf (interactively) -zarf init -# Make these choices at the prompts -# ? Do you want to download this init package? Yes -# ? Deploy this Zarf package? Yes -# ? Deploy the k3s component? No -# ? Deploy the git-server component? Yes - -# (Optional) Inspect the results -zarf tools k9s -``` - -:::note - -The `git-server` component is required by Big Bang as it uses it as a source for Flux deployments. - -::: - - -### Deploy Big Bang - -Now you are ready to deploy Big Bang, and can do so with the following in the `examples/big-bang` directory: - -```bash -# Deploy Big Bang (interactively) -zarf package deploy -# Make these choices at the prompts -# ? Choose or type the package file [tab for suggestions] zarf-package-big-bang-example-amd64-x.x.x.tar.zst -# ? Deploy this Zarf package? Yes -``` - -### See The Results - -Once the install completes you can inspect the results and watch the Big Bang components deploy using the following: - -```bash -zarf tools k9s - -# To view different k8s objects you can use the following: - -# Helm Releases: -# :hr [Enter] -# Pods: -# :pods [Enter] -# Services: -# :svc [Enter] -# Secrets: -# :secret [Enter] -# ConfigMaps: -# :configmap [Enter] - -# When you are done use the following to quit -# :q [Enter] -``` - -## Package Removal - -The Big Bang extension is not fully integrated into the Zarf package remove lifecycle. To get around this limitation, an [`onRemove.before` action](/ref/actions/) has been added to the bigbang component in the zarf.yaml file that ensures all the Big Bang resources are torn down in the correct order when Zarf is used to remove the package: - -```bash -zarf package remove big-bang-example --confirm -``` - -## Troubleshooting - -See the Troubleshooting section of the Big Bang Quick Start for help troubleshooting the Big Bang deployment: https://repo1.dso.mil/big-bang/bigbang/-/blob/master/docs/guides/deployment-scenarios/quickstart.md#troubleshooting - -Also, ensure that you have followed all of the steps required in the [pre-requisites](#prerequisites) section. - -If you feel that the error you are encountering is one with Zarf feel free to [open an issue](https://github.com/zarf-dev/zarf/issues/new/choose) or reach out via [slack](https://kubernetes.slack.com/archives/C03B6BJAUJ3). diff --git a/src/api/v1alpha1/component.go b/src/api/v1alpha1/component.go index 9827410b43..74ac45251c 100644 --- a/src/api/v1alpha1/component.go +++ b/src/api/v1alpha1/component.go @@ -6,7 +6,6 @@ package v1alpha1 import ( "github.com/invopop/jsonschema" - "github.com/zarf-dev/zarf/src/api/v1alpha1/extensions" ) // ZarfComponent is the primary functional grouping of assets to deploy by Zarf. @@ -53,9 +52,6 @@ type ZarfComponent struct { // List of git repos to include in the package. Repos []string `json:"repos,omitempty"` - // Extend component functionality with additional features. - Extensions extensions.ZarfComponentExtensions `json:"extensions,omitempty"` - // [Deprecated] (replaced by actions) Custom commands to run before or after package deployment. This will be removed in Zarf v1.0.0. DeprecatedScripts DeprecatedZarfComponentScripts `json:"scripts,omitempty" jsonschema:"deprecated=true"` diff --git a/src/api/v1alpha1/extensions/bigbang.go b/src/api/v1alpha1/extensions/bigbang.go deleted file mode 100644 index af357d5990..0000000000 --- a/src/api/v1alpha1/extensions/bigbang.go +++ /dev/null @@ -1,19 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -// Package extensions contains the types for all official extensions. -package extensions - -// BigBang holds the configuration for the Big Bang extension. -type BigBang struct { - // The version of Big Bang to use. - Version string `json:"version"` - // Override repo to pull Big Bang from instead of Repo One. - Repo string `json:"repo,omitempty"` - // The list of values files to pass to Big Bang; these will be merged together. - ValuesFiles []string `json:"valuesFiles,omitempty"` - // Whether to skip deploying flux; Defaults to false. - SkipFlux bool `json:"skipFlux,omitempty"` - // Optional paths to Flux kustomize strategic merge patch files. - FluxPatchFiles []string `json:"fluxPatchFiles,omitempty"` -} diff --git a/src/api/v1alpha1/extensions/common.go b/src/api/v1alpha1/extensions/common.go deleted file mode 100644 index 1df82730ab..0000000000 --- a/src/api/v1alpha1/extensions/common.go +++ /dev/null @@ -1,11 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -// Package extensions contains the types for all official extensions. -package extensions - -// ZarfComponentExtensions is a struct that contains all the official extensions. -type ZarfComponentExtensions struct { - // Configurations for installing Big Bang and Flux in the cluster. - BigBang *BigBang `json:"bigbang,omitempty"` -} diff --git a/src/extensions/bigbang/banner.go b/src/extensions/bigbang/banner.go deleted file mode 100644 index e6791eec58..0000000000 --- a/src/extensions/bigbang/banner.go +++ /dev/null @@ -1,101 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -// Package bigbang contains the logic for installing Big Bang and Flux -package bigbang - -import ( - "github.com/pterm/pterm" - "github.com/zarf-dev/zarf/src/pkg/message" -) - -func printBanner() { - // Only print the banner if the terminal is wide enough and no-progress isn't set. - if message.NoProgress || pterm.GetTerminalWidth() < 125 { - message.Note("Loading Big Bang extension (this may take a few minutes)") - return - } - - smokey := `` - - pterm.Print(smokey) -} diff --git a/src/extensions/bigbang/bigbang.go b/src/extensions/bigbang/bigbang.go deleted file mode 100644 index 6b59d2a829..0000000000 --- a/src/extensions/bigbang/bigbang.go +++ /dev/null @@ -1,553 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -// Package bigbang contains the logic for installing Big Bang and Flux -package bigbang - -import ( - "context" - "fmt" - "os" - "path" - "path/filepath" - "strings" - "time" - - "github.com/Masterminds/semver/v3" - "github.com/defenseunicorns/pkg/helpers/v2" - fluxHelmCtrl "github.com/fluxcd/helm-controller/api/v2beta1" - fluxSrcCtrl "github.com/fluxcd/source-controller/api/v1beta2" - "github.com/zarf-dev/zarf/src/api/v1alpha1" - "github.com/zarf-dev/zarf/src/api/v1alpha1/extensions" - "github.com/zarf-dev/zarf/src/internal/packager/helm" - "github.com/zarf-dev/zarf/src/pkg/layout" - "github.com/zarf-dev/zarf/src/pkg/message" - "github.com/zarf-dev/zarf/src/pkg/utils" - "github.com/zarf-dev/zarf/src/pkg/variables" - "helm.sh/helm/v3/pkg/chartutil" - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "sigs.k8s.io/yaml" -) - -// Default location for pulling Big Bang. -const ( - bb = "bigbang" - bbRepo = "https://repo1.dso.mil/big-bang/bigbang.git" - bbMinRequiredVersion = "1.54.0" -) - -var tenMins = metav1.Duration{ - Duration: 10 * time.Minute, -} - -// Run mutates a component that should deploy Big Bang to a set of manifests -// that contain the flux deployment of Big Bang -func Run(ctx context.Context, YOLO bool, tmpPaths *layout.ComponentPaths, c v1alpha1.ZarfComponent) (v1alpha1.ZarfComponent, error) { - cfg := c.Extensions.BigBang - manifests := []v1alpha1.ZarfManifest{} - - validVersionResponse, err := isValidVersion(cfg.Version) - - if err != nil { - return c, fmt.Errorf("could not parse the Big Bang version %s: %w", cfg.Version, err) - } - - // Make sure the version is valid. - if !validVersionResponse { - return c, fmt.Errorf("Big Bang version %s must be at least %s", cfg.Version, bbMinRequiredVersion) - } - - // Print the banner for Big Bang. - printBanner() - - // If no repo is provided, use the default. - if cfg.Repo == "" { - cfg.Repo = bbRepo - } - - // By default, we want to deploy flux. - if !cfg.SkipFlux { - fluxManifest, images, err := getFlux(tmpPaths.Temp, cfg) - if err != nil { - return c, err - } - - // Add the flux manifests to the list of manifests to be pulled down by Zarf. - manifests = append(manifests, fluxManifest) - - if !YOLO { - // Add the images to the list of images to be pulled down by Zarf. - c.Images = append(c.Images, images...) - } - } - - bbRepo := fmt.Sprintf("%s@%s", cfg.Repo, cfg.Version) - - // Configure helm to pull down the Big Bang chart. - helmCfg := helm.New( - v1alpha1.ZarfChart{ - Name: bb, - Namespace: bb, - URL: bbRepo, - Version: cfg.Version, - ValuesFiles: cfg.ValuesFiles, - GitPath: "./chart", - }, - path.Join(tmpPaths.Temp, bb), - path.Join(tmpPaths.Temp, bb, "values"), - helm.WithVariableConfig(&variables.VariableConfig{}), - ) - - // Download the chart from Git and save it to a temporary directory. - err = helmCfg.PackageChartFromGit(ctx, c.DeprecatedCosignKeyPath) - if err != nil { - return c, fmt.Errorf("unable to download Big Bang Chart: %w", err) - } - - // Template the chart so we can see what GitRepositories are being referenced in the - // manifests created with the provided Helm. - template, _, err := helmCfg.TemplateChart(ctx) - if err != nil { - return c, fmt.Errorf("unable to template Big Bang Chart: %w", err) - } - - // Add the Big Bang repo to the list of repos to be pulled down by Zarf. - if !YOLO { - bbRepo := fmt.Sprintf("%s@%s", cfg.Repo, cfg.Version) - c.Repos = append(c.Repos, bbRepo) - } - // Parse the template for GitRepository objects and add them to the list of repos to be pulled down by Zarf. - gitRepos, hrDependencies, hrValues, err := findBBResources(template) - if err != nil { - return c, fmt.Errorf("unable to find Big Bang resources: %w", err) - } - if !YOLO { - for _, gitRepo := range gitRepos { - c.Repos = append(c.Repos, gitRepo) - } - } - - // Generate a list of HelmReleases that need to be deployed in order. - dependencies := []utils.Dependency{} - for _, hrDep := range hrDependencies { - dependencies = append(dependencies, hrDep) - } - namespacedHelmReleaseNames, err := utils.SortDependencies(dependencies) - if err != nil { - return c, fmt.Errorf("unable to sort Big Bang HelmReleases: %w", err) - } - - // ten minutes in seconds - maxTotalSeconds := 10 * 60 - - defaultMaxTotalSeconds := c.Actions.OnDeploy.Defaults.MaxTotalSeconds - if defaultMaxTotalSeconds > maxTotalSeconds { - maxTotalSeconds = defaultMaxTotalSeconds - } - - // Add wait actions for each of the helm releases in generally the order they should be deployed. - for _, hrNamespacedName := range namespacedHelmReleaseNames { - hr := hrDependencies[hrNamespacedName] - action := v1alpha1.ZarfComponentAction{ - Description: fmt.Sprintf("Big Bang Helm Release `%s` to be ready", hrNamespacedName), - MaxTotalSeconds: &maxTotalSeconds, - Wait: &v1alpha1.ZarfComponentActionWait{ - Cluster: &v1alpha1.ZarfComponentActionWaitCluster{ - Kind: "HelmRelease", - Name: hr.Metadata.Name, - Namespace: hr.Metadata.Namespace, - Condition: "ready", - }, - }, - } - - // In Big Bang the metrics-server is a special case that only deploy if needed. - // The check it, we need to look for the existence of APIService instead of the HelmRelease, which - // may not ever be created. See links below for more details. - // https://repo1.dso.mil/big-bang/bigbang/-/blob/1.54.0/chart/templates/metrics-server/helmrelease.yaml - if hr.Metadata.Name == "metrics-server" { - action.Description = "K8s metric server to exist or be deployed by Big Bang" - action.Wait.Cluster = &v1alpha1.ZarfComponentActionWaitCluster{ - Kind: "APIService", - // https://github.com/kubernetes-sigs/metrics-server#compatibility-matrix - Name: "v1beta1.metrics.k8s.io", - } - } - - c.Actions.OnDeploy.OnSuccess = append(c.Actions.OnDeploy.OnSuccess, action) - } - - t := true - failureGeneral := []string{ - "get nodes -o wide", - "get hr -n bigbang", - "get gitrepo -n bigbang", - "get pods -A", - } - failureDebug := []string{ - "describe hr -n bigbang", - "describe gitrepo -n bigbang", - "describe pods -A", - "describe nodes", - "get events -A", - } - - // Add onFailure actions with additional troubleshooting information. - for _, cmd := range failureGeneral { - c.Actions.OnDeploy.OnFailure = append(c.Actions.OnDeploy.OnFailure, v1alpha1.ZarfComponentAction{ - Cmd: fmt.Sprintf("./zarf tools kubectl %s", cmd), - }) - } - - for _, cmd := range failureDebug { - c.Actions.OnDeploy.OnFailure = append(c.Actions.OnDeploy.OnFailure, v1alpha1.ZarfComponentAction{ - Mute: &t, - Description: "Storing debug information to the log for troubleshooting.", - Cmd: fmt.Sprintf("./zarf tools kubectl %s", cmd), - }) - } - - // Add a pre-remove action to suspend the Big Bang HelmReleases to prevent reconciliation during removal. - c.Actions.OnRemove.Before = append(c.Actions.OnRemove.Before, v1alpha1.ZarfComponentAction{ - Description: "Suspend Big Bang HelmReleases to prevent reconciliation during removal.", - Cmd: `./zarf tools kubectl patch helmrelease -n bigbang bigbang --type=merge -p '{"spec":{"suspend":true}}'`, - }) - - // Select the images needed to support the repos for this configuration of Big Bang. - if !YOLO { - for _, hr := range hrDependencies { - namespacedName := getNamespacedNameFromMeta(hr.Metadata) - gitRepo := gitRepos[hr.NamespacedSource] - values := hrValues[namespacedName] - - images, err := findImagesforBBChartRepo(ctx, gitRepo, values) - if err != nil { - return c, fmt.Errorf("unable to find images for chart repo: %w", err) - } - - c.Images = append(c.Images, images...) - } - - // Make sure the list of images is unique. - c.Images = helpers.Unique(c.Images) - } - - // Create the flux wrapper around Big Bang for deployment. - manifest, err := addBigBangManifests(YOLO, tmpPaths.Temp, cfg) - if err != nil { - return c, err - } - - // Add the Big Bang manifests to the list of manifests to be pulled down by Zarf. - manifests = append(manifests, manifest) - - // Prepend the Big Bang manifests to the list of manifests to be pulled down by Zarf. - // This is done so that the Big Bang manifests are deployed first. - c.Manifests = append(manifests, c.Manifests...) - - return c, nil -} - -// Skeletonize mutates a component so that the valuesFiles can be contained inside a skeleton package -func Skeletonize(tmpPaths *layout.ComponentPaths, c v1alpha1.ZarfComponent) (v1alpha1.ZarfComponent, error) { - for valuesIdx, valuesFile := range c.Extensions.BigBang.ValuesFiles { - // Get the base file name for this file. - baseName := filepath.Base(valuesFile) - - // Define the name as the file name without the extension. - baseName = strings.TrimSuffix(baseName, filepath.Ext(baseName)) - - // Add the skeleton name prefix. - skelName := fmt.Sprintf("bb-skel-vals-%d-%s.yaml", valuesIdx, baseName) - - rel := filepath.Join(layout.TempDir, skelName) - dst := filepath.Join(tmpPaths.Base, rel) - - if err := helpers.CreatePathAndCopy(valuesFile, dst); err != nil { - return c, err - } - - c.Extensions.BigBang.ValuesFiles[valuesIdx] = rel - } - - for fluxPatchFileIdx, fluxPatchFile := range c.Extensions.BigBang.FluxPatchFiles { - // Get the base file name for this file. - baseName := filepath.Base(fluxPatchFile) - - // Define the name as the file name without the extension. - baseName = strings.TrimSuffix(baseName, filepath.Ext(baseName)) - - // Add the skeleton name prefix. - skelName := fmt.Sprintf("bb-skel-flux-patch-%d-%s.yaml", fluxPatchFileIdx, baseName) - - rel := filepath.Join(layout.TempDir, skelName) - dst := filepath.Join(tmpPaths.Base, rel) - - if err := helpers.CreatePathAndCopy(fluxPatchFile, dst); err != nil { - return c, err - } - - c.Extensions.BigBang.FluxPatchFiles[fluxPatchFileIdx] = rel - } - - return c, nil -} - -// Compose mutates a component so that its local paths are relative to the provided path -// -// additionally, it will merge any overrides -func Compose(c *v1alpha1.ZarfComponent, override v1alpha1.ZarfComponent, relativeTo string) { - // perform any overrides - if override.Extensions.BigBang != nil { - for valuesIdx, valuesFile := range override.Extensions.BigBang.ValuesFiles { - if helpers.IsURL(valuesFile) { - continue - } - - fixed := filepath.Join(relativeTo, valuesFile) - override.Extensions.BigBang.ValuesFiles[valuesIdx] = fixed - } - - for fluxPatchFileIdx, fluxPatchFile := range override.Extensions.BigBang.FluxPatchFiles { - if helpers.IsURL(fluxPatchFile) { - continue - } - - fixed := filepath.Join(relativeTo, fluxPatchFile) - override.Extensions.BigBang.FluxPatchFiles[fluxPatchFileIdx] = fixed - } - - if c.Extensions.BigBang == nil { - c.Extensions.BigBang = override.Extensions.BigBang - } else { - c.Extensions.BigBang.ValuesFiles = append(c.Extensions.BigBang.ValuesFiles, override.Extensions.BigBang.ValuesFiles...) - c.Extensions.BigBang.FluxPatchFiles = append(c.Extensions.BigBang.FluxPatchFiles, override.Extensions.BigBang.FluxPatchFiles...) - } - } -} - -// isValidVersion check if the version is 1.54.0 or greater. -func isValidVersion(version string) (bool, error) { - specifiedVersion, err := semver.NewVersion(version) - - if err != nil { - return false, err - } - - minRequiredVersion, _ := semver.NewVersion(bbMinRequiredVersion) - - // Evaluating pre-releases too - c, _ := semver.NewConstraint(fmt.Sprintf(">= %s-0", minRequiredVersion)) - - // This extension requires BB 1.54.0 or greater. - return c.Check(specifiedVersion), nil -} - -// findBBResources takes a list of yaml objects (as a string) and -// parses it for GitRepository objects that it then parses -// to return the list of git repos and tags needed. -func findBBResources(t string) (gitRepos map[string]string, helmReleaseDeps map[string]HelmReleaseDependency, helmReleaseValues map[string]map[string]interface{}, err error) { - // Break the template into separate resources. - yamls, _ := utils.SplitYAMLToString([]byte(t)) - - gitRepos = map[string]string{} - helmReleaseDeps = map[string]HelmReleaseDependency{} - helmReleaseValues = map[string]map[string]interface{}{} - secrets := map[string]corev1.Secret{} - configMaps := map[string]corev1.ConfigMap{} - - for _, y := range yamls { - var ( - h fluxHelmCtrl.HelmRelease - g fluxSrcCtrl.GitRepository - s corev1.Secret - c corev1.ConfigMap - ) - - if err := yaml.Unmarshal([]byte(y), &h); err != nil { - continue - } - - // If the resource is a HelmRelease, parse it for the dependencies. - if h.Kind == fluxHelmCtrl.HelmReleaseKind { - var deps []string - for _, d := range h.Spec.DependsOn { - depNamespacedName := getNamespacedNameFromStr(d.Namespace, d.Name) - deps = append(deps, depNamespacedName) - } - - namespacedName := getNamespacedNameFromMeta(h.ObjectMeta) - srcNamespacedName := getNamespacedNameFromStr(h.Spec.Chart.Spec.SourceRef.Namespace, - h.Spec.Chart.Spec.SourceRef.Name) - - helmReleaseDeps[namespacedName] = HelmReleaseDependency{ - Metadata: h.ObjectMeta, - NamespacedDependencies: deps, - NamespacedSource: srcNamespacedName, - ValuesFrom: h.Spec.ValuesFrom, - } - - // Skip the rest as this is not a GitRepository. - continue - } - - if err := yaml.Unmarshal([]byte(y), &g); err != nil { - continue - } - - // If the resource is a GitRepository, parse it for the URL and tag. - if g.Kind == fluxSrcCtrl.GitRepositoryKind && g.Spec.URL != "" { - ref := "master" - - switch { - case g.Spec.Reference.Commit != "": - ref = g.Spec.Reference.Commit - - case g.Spec.Reference.SemVer != "": - ref = g.Spec.Reference.SemVer - - case g.Spec.Reference.Tag != "": - ref = g.Spec.Reference.Tag - - case g.Spec.Reference.Branch != "": - ref = g.Spec.Reference.Branch - } - - // Set the URL and tag in the repo map - namespacedName := getNamespacedNameFromMeta(g.ObjectMeta) - gitRepos[namespacedName] = fmt.Sprintf("%s@%s", g.Spec.URL, ref) - } - - if err := yaml.Unmarshal([]byte(y), &s); err != nil { - continue - } - - // If the resource is a Secret, parse it so it can be used later for value templating. - if s.Kind == "Secret" { - namespacedName := getNamespacedNameFromMeta(s.ObjectMeta) - secrets[namespacedName] = s - } - - if err := yaml.Unmarshal([]byte(y), &c); err != nil { - continue - } - - // If the resource is a Secret, parse it so it can be used later for value templating. - if c.Kind == "ConfigMap" { - namespacedName := getNamespacedNameFromMeta(c.ObjectMeta) - configMaps[namespacedName] = c - } - } - - for _, hr := range helmReleaseDeps { - namespacedName := getNamespacedNameFromMeta(hr.Metadata) - values, err := composeValues(hr, secrets, configMaps) - if err != nil { - return nil, nil, nil, err - } - helmReleaseValues[namespacedName] = values - } - - return gitRepos, helmReleaseDeps, helmReleaseValues, nil -} - -// addBigBangManifests creates the manifests component for deploying Big Bang. -func addBigBangManifests(YOLO bool, manifestDir string, cfg *extensions.BigBang) (v1alpha1.ZarfManifest, error) { - // Create a manifest component that we add to the zarf package for bigbang. - manifest := v1alpha1.ZarfManifest{ - Name: bb, - Namespace: bb, - } - - // Helper function to marshal and write a manifest and add it to the component. - addManifest := func(name string, data any) error { - path := path.Join(manifestDir, name) - out, err := yaml.Marshal(data) - if err != nil { - return err - } - - if err := os.WriteFile(path, out, helpers.ReadWriteUser); err != nil { - return err - } - - manifest.Files = append(manifest.Files, path) - return nil - } - - // Create the GitRepository manifest. - if err := addManifest("bb-ext-gitrepository.yaml", manifestGitRepo(cfg)); err != nil { - return manifest, err - } - - var hrValues []fluxHelmCtrl.ValuesReference - - // If YOLO mode is enabled, do not include the zarf-credentials secret - if !YOLO { - // Create the zarf-credentials secret manifest. - if err := addManifest("bb-ext-zarf-credentials.yaml", manifestZarfCredentials(cfg.Version)); err != nil { - return manifest, err - } - - // Create the list of values manifests starting with zarf-credentials. - hrValues = []fluxHelmCtrl.ValuesReference{{ - Kind: "Secret", - Name: "zarf-credentials", - }} - } - - // Loop through the valuesFrom list and create a manifest for each. - for valuesIdx, valuesFile := range cfg.ValuesFiles { - data, err := manifestValuesFile(valuesIdx, valuesFile) - if err != nil { - return manifest, err - } - - path := fmt.Sprintf("%s.yaml", data.Name) - if err := addManifest(path, data); err != nil { - return manifest, err - } - - // Add it to the list of valuesFrom for the HelmRelease - hrValues = append(hrValues, fluxHelmCtrl.ValuesReference{ - Kind: "Secret", - Name: data.Name, - }) - } - - if err := addManifest("bb-ext-helmrelease.yaml", manifestHelmRelease(hrValues)); err != nil { - return manifest, err - } - - return manifest, nil -} - -// findImagesforBBChartRepo finds and returns the images for the Big Bang chart repo -func findImagesforBBChartRepo(ctx context.Context, repo string, values chartutil.Values) (images []string, err error) { - matches := strings.Split(repo, "@") - if len(matches) < 2 { - return images, fmt.Errorf("cannot convert git repo %s to helm chart without a version tag", repo) - } - - spinner := message.NewProgressSpinner("Discovering images in %s", repo) - defer spinner.Stop() - - gitPath, err := helm.DownloadChartFromGitToTemp(ctx, repo) - if err != nil { - return images, err - } - defer os.RemoveAll(gitPath) - - // Set the directory for the chart - chartPath := filepath.Join(gitPath, "chart") - - images, err = helm.FindAnnotatedImagesForChart(chartPath, values) - if err != nil { - return images, err - } - - spinner.Success() - - return images, err -} diff --git a/src/extensions/bigbang/bigbang_test.go b/src/extensions/bigbang/bigbang_test.go deleted file mode 100644 index 9d17e49831..0000000000 --- a/src/extensions/bigbang/bigbang_test.go +++ /dev/null @@ -1,37 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -package bigbang - -import ( - "testing" - - "github.com/stretchr/testify/require" -) - -func TestRequiredBigBangVersions(t *testing.T) { - // Support 1.54.0 and beyond - vv, err := isValidVersion("1.54.0") - require.NoError(t, err) - require.True(t, vv) - - // Do not support earlier than 1.54.0 - vv, err = isValidVersion("1.53.0") - require.NoError(t, err) - require.False(t, vv) - - // Support for Big Bang release candidates - vv, err = isValidVersion("1.57.0-rc.0") - require.NoError(t, err) - require.True(t, vv) - - // Support for Big Bang 2.0.0 - vv, err = isValidVersion("2.0.0") - require.NoError(t, err) - require.True(t, vv) - - // Fail on non-semantic versions - vv, err = isValidVersion("1.57b") - require.EqualError(t, err, "Invalid Semantic Version") - require.False(t, vv) -} diff --git a/src/extensions/bigbang/flux.go b/src/extensions/bigbang/flux.go deleted file mode 100644 index 2acdee4f99..0000000000 --- a/src/extensions/bigbang/flux.go +++ /dev/null @@ -1,180 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -// Package bigbang contains the logic for installing Big Bang and Flux -package bigbang - -import ( - "fmt" - "os" - "path" - "path/filepath" - - "github.com/defenseunicorns/pkg/helpers/v2" - fluxHelmCtrl "github.com/fluxcd/helm-controller/api/v2beta1" - "github.com/zarf-dev/zarf/src/api/v1alpha1" - "github.com/zarf-dev/zarf/src/api/v1alpha1/extensions" - "github.com/zarf-dev/zarf/src/internal/packager/kustomize" - "github.com/zarf-dev/zarf/src/pkg/utils" - "helm.sh/helm/v3/pkg/chartutil" - v1 "k8s.io/api/apps/v1" - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - krustytypes "sigs.k8s.io/kustomize/api/types" -) - -// HelmReleaseDependency is a struct that represents a Flux Helm Release from an HR DependsOn list. -type HelmReleaseDependency struct { - Metadata metav1.ObjectMeta - NamespacedDependencies []string - NamespacedSource string - ValuesFrom []fluxHelmCtrl.ValuesReference -} - -// Name returns a namespaced name for the HelmRelease for dependency sorting. -func (h HelmReleaseDependency) Name() string { - return getNamespacedNameFromMeta(h.Metadata) -} - -// Dependencies returns a list of namespaced dependencies for the HelmRelease for dependency sorting. -func (h HelmReleaseDependency) Dependencies() []string { - return h.NamespacedDependencies -} - -// getFlux Creates a component to deploy Flux. -func getFlux(baseDir string, cfg *extensions.BigBang) (manifest v1alpha1.ZarfManifest, images []string, err error) { - localPath := path.Join(baseDir, "bb-ext-flux.yaml") - kustomizePath := path.Join(baseDir, "kustomization.yaml") - - if cfg.Repo == "" { - cfg.Repo = bbRepo - } - - remotePath := fmt.Sprintf("%s//base/flux?ref=%s", cfg.Repo, cfg.Version) - - fluxKustomization := krustytypes.Kustomization{ - Resources: []string{remotePath}, - } - - for _, path := range cfg.FluxPatchFiles { - absFluxPatchPath, _ := filepath.Abs(path) - fluxKustomization.Patches = append(fluxKustomization.Patches, krustytypes.Patch{Path: absFluxPatchPath}) - } - - if err := utils.WriteYaml(kustomizePath, fluxKustomization, helpers.ReadWriteUser); err != nil { - return manifest, images, fmt.Errorf("unable to write kustomization: %w", err) - } - - // Perform Kustomization now to get the flux.yaml file. - if err := kustomize.Build(baseDir, localPath, true); err != nil { - return manifest, images, fmt.Errorf("unable to build kustomization: %w", err) - } - - // Add the flux.yaml file to the component manifests. - manifest = v1alpha1.ZarfManifest{ - Name: "flux-system", - Namespace: "flux-system", - Files: []string{localPath}, - } - - // Read the flux.yaml file to get the images. - if images, err = readFluxImages(localPath); err != nil { - return manifest, images, fmt.Errorf("unable to read flux images: %w", err) - } - - return manifest, images, nil -} - -// readFluxImages finds the images Flux needs to deploy -func readFluxImages(localPath string) (images []string, err error) { - contents, err := os.ReadFile(localPath) - if err != nil { - return images, fmt.Errorf("unable to read flux manifest: %w", err) - } - - // Break the manifest into separate resources. - yamls, _ := utils.SplitYAML(contents) - - // Loop through each resource and find the images. - for _, yaml := range yamls { - // Flux controllers are Deployments. - if yaml.GetKind() == "Deployment" { - deployment := v1.Deployment{} - content := yaml.UnstructuredContent() - - // Convert the unstructured content into a Deployment. - if err := runtime.DefaultUnstructuredConverter.FromUnstructured(content, &deployment); err != nil { - return nil, fmt.Errorf("could not parse deployment: %w", err) - } - - // Get the pod spec. - pod := deployment.Spec.Template.Spec - - // Flux controllers do not have init containers today, but this is future proofing. - for _, container := range pod.InitContainers { - images = append(images, container.Image) - } - - // Add the main containers. - for _, container := range pod.Containers { - images = append(images, container.Image) - } - } - } - - return images, nil -} - -// composeValues composes values from a Flux HelmRelease and Secrets Map -// (loosely based on upstream https://github.com/fluxcd/helm-controller/blob/main/controllers/helmrelease_controller.go#L551) -func composeValues(hr HelmReleaseDependency, secrets map[string]corev1.Secret, configMaps map[string]corev1.ConfigMap) (valuesMap chartutil.Values, err error) { - valuesMap = chartutil.Values{} - - for _, v := range hr.ValuesFrom { - var valuesData string - namespacedName := getNamespacedNameFromStr(hr.Metadata.Namespace, v.Name) - - switch v.Kind { - case "ConfigMap": - cm, ok := configMaps[namespacedName] - if !ok { - return nil, fmt.Errorf("could not find values %s '%s'", v.Kind, namespacedName) - } - - valuesData, ok = cm.Data[v.GetValuesKey()] - if !ok { - return nil, fmt.Errorf("missing key '%s' in %s '%s'", v.GetValuesKey(), v.Kind, namespacedName) - } - case "Secret": - sec, ok := secrets[namespacedName] - if !ok { - return nil, fmt.Errorf("could not find values %s '%s'", v.Kind, namespacedName) - } - - valuesData, ok = sec.StringData[v.GetValuesKey()] - if !ok { - return nil, fmt.Errorf("missing key '%s' in %s '%s'", v.GetValuesKey(), v.Kind, namespacedName) - } - default: - return nil, fmt.Errorf("unsupported ValuesReference kind '%s'", v.Kind) - } - - values, err := chartutil.ReadValues([]byte(valuesData)) - if err != nil { - return nil, fmt.Errorf("unable to read values from key '%s' in %s '%s': %w", v.GetValuesKey(), v.Kind, hr.Name(), err) - } - - valuesMap = helpers.MergeMapRecursive(valuesMap, values) - } - - return valuesMap, nil -} - -func getNamespacedNameFromMeta(o metav1.ObjectMeta) string { - return getNamespacedNameFromStr(o.Namespace, o.Name) -} - -func getNamespacedNameFromStr(namespace, name string) string { - return fmt.Sprintf("%s.%s", namespace, name) -} diff --git a/src/extensions/bigbang/manifests.go b/src/extensions/bigbang/manifests.go deleted file mode 100644 index c10d81390a..0000000000 --- a/src/extensions/bigbang/manifests.go +++ /dev/null @@ -1,195 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -// Package bigbang contains the logic for installing Big Bang and Flux -package bigbang - -import ( - "fmt" - "os" - "path/filepath" - "strings" - - "github.com/Masterminds/semver/v3" - fluxHelmCtrl "github.com/fluxcd/helm-controller/api/v2beta1" - fluxSrcCtrl "github.com/fluxcd/source-controller/api/v1" - "github.com/zarf-dev/zarf/src/api/v1alpha1/extensions" - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -const bbV1ZarfCredentialsValues = ` -registryCredentials: - registry: "###ZARF_REGISTRY###" - username: "zarf-pull" - password: "###ZARF_REGISTRY_AUTH_PULL###" -git: - existingSecret: "private-git-server" # -- Chart created secrets with user defined values - credentials: - # -- HTTP git credentials, both username and password must be provided - username: "###ZARF_GIT_PUSH###" - password: "###ZARF_GIT_AUTH_PUSH###" -# -- Big Bang v1 Kyverno Support -kyvernopolicies: - values: - exclude: - any: - - resources: - namespaces: - - zarf # don't have Kyverno prevent Zarf from doing zarf things - ` - -const bbV2ZarfCredentialsValues = ` -registryCredentials: - registry: "###ZARF_REGISTRY###" - username: "zarf-pull" - password: "###ZARF_REGISTRY_AUTH_PULL###" -git: - existingSecret: "private-git-server" # -- Chart created secrets with user defined values - credentials: - # -- HTTP git credentials, both username and password must be provided - username: "###ZARF_GIT_PUSH###" - password: "###ZARF_GIT_AUTH_PUSH###" -# -- Big Bang v2 Kyverno Support -kyvernoPolicies: - values: - exclude: - any: - - resources: - namespaces: - - zarf # don't have Kyverno prevent Zarf from doing zarf things - ` - -func manifestZarfCredentials(version string) corev1.Secret { - values := bbV1ZarfCredentialsValues - - semverVersion, err := semver.NewVersion(version) - if err == nil && semverVersion.Major() == 2 { - values = bbV2ZarfCredentialsValues - } - - return corev1.Secret{ - TypeMeta: metav1.TypeMeta{ - Kind: "Secret", - APIVersion: "v1", - }, - ObjectMeta: metav1.ObjectMeta{ - Namespace: bb, - Name: "zarf-credentials", - }, - StringData: map[string]string{ - "values.yaml": values, - }, - } -} - -// manifestGitRepo generates a GitRepository object for the Big Bang umbrella repo. -func manifestGitRepo(cfg *extensions.BigBang) fluxSrcCtrl.GitRepository { - apiVersion := "source.toolkit.fluxcd.io/v1beta2" - - // Set apiVersion to v1 on BB v2.7.0 or higher falling back to v1beta2 as needed - semverVersion, _ := semver.NewVersion(cfg.Version) - if semverVersion != nil { - c, _ := semver.NewConstraint(">= 2.7.0") - if c != nil { - updateFlux, _ := c.Validate(semverVersion) - if updateFlux && !cfg.SkipFlux { - apiVersion = "source.toolkit.fluxcd.io/v1" - } - } - } - - return fluxSrcCtrl.GitRepository{ - TypeMeta: metav1.TypeMeta{ - Kind: fluxSrcCtrl.GitRepositoryKind, - APIVersion: apiVersion, - }, - ObjectMeta: metav1.ObjectMeta{ - Name: bb, - Namespace: bb, - }, - Spec: fluxSrcCtrl.GitRepositorySpec{ - URL: cfg.Repo, - Interval: tenMins, - Reference: &fluxSrcCtrl.GitRepositoryRef{ - Tag: cfg.Version, - }, - }, - } -} - -// manifestValuesFile generates a Secret object for the Big Bang umbrella repo. -func manifestValuesFile(idx int, path string) (secret corev1.Secret, err error) { - // Read the file from the path. - file, err := os.ReadFile(path) - if err != nil { - return secret, err - } - - // Get the base file name for this file. - baseName := filepath.Base(path) - - // Define the name as the file name without the extension. - baseName = strings.TrimSuffix(baseName, filepath.Ext(baseName)) - - // Add the name prefix. - name := fmt.Sprintf("bb-usr-vals-%d-%s", idx, baseName) - - // Create a secret with the file contents. - secret = corev1.Secret{ - TypeMeta: metav1.TypeMeta{ - Kind: "Secret", - APIVersion: "v1", - }, - ObjectMeta: metav1.ObjectMeta{ - Namespace: bb, - Name: name, - }, - StringData: map[string]string{ - "values.yaml": string(file), - }, - } - - return secret, nil -} - -// manifestHelmRelease generates a HelmRelease object for the Big Bang umbrella repo. -func manifestHelmRelease(values []fluxHelmCtrl.ValuesReference) fluxHelmCtrl.HelmRelease { - return fluxHelmCtrl.HelmRelease{ - TypeMeta: metav1.TypeMeta{ - Kind: fluxHelmCtrl.HelmReleaseKind, - APIVersion: "helm.toolkit.fluxcd.io/v2beta1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: bb, - Namespace: bb, - }, - Spec: fluxHelmCtrl.HelmReleaseSpec{ - Timeout: &tenMins, - Chart: &fluxHelmCtrl.HelmChartTemplate{ - Spec: fluxHelmCtrl.HelmChartTemplateSpec{ - Chart: "./chart", - SourceRef: fluxHelmCtrl.CrossNamespaceObjectReference{ - Kind: fluxSrcCtrl.GitRepositoryKind, - Name: bb, - }, - }, - }, - Install: &fluxHelmCtrl.Install{ - Remediation: &fluxHelmCtrl.InstallRemediation{ - Retries: -1, - }, - }, - Upgrade: &fluxHelmCtrl.Upgrade{ - Remediation: &fluxHelmCtrl.UpgradeRemediation{ - Retries: 5, - }, - CleanupOnFail: true, - }, - Rollback: &fluxHelmCtrl.Rollback{ - CleanupOnFail: true, - }, - ValuesFrom: values, - }, - } -} diff --git a/src/extensions/bigbang/test/bigbang_test.go b/src/extensions/bigbang/test/bigbang_test.go deleted file mode 100644 index 16bf87bdbc..0000000000 --- a/src/extensions/bigbang/test/bigbang_test.go +++ /dev/null @@ -1,200 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -package main - -import ( - "context" - "encoding/json" - "fmt" - "io" - "net/http" - "os" - "regexp" - "strings" - "testing" - - "github.com/stretchr/testify/require" - "github.com/zarf-dev/zarf/src/pkg/cluster" - "github.com/zarf-dev/zarf/src/pkg/utils/exec" - test "github.com/zarf-dev/zarf/src/test" -) - -// The Big Bang project ID on Repo1 -const bbProjID = "2872" - -var ( - zarf string - previous string - latest string -) - -func TestMain(m *testing.M) { - var err error - - // Change to the build dir - if err := os.Chdir("../../../../build/"); err != nil { - panic(err) - } - - // Get the latest and previous releases - latest, previous, err = getReleases() - if err != nil { - panic(err) - } - - // Get the Zarf CLI path - zarf = fmt.Sprintf("./%s", test.GetCLIName()) - - // Run the tests - os.Exit(m.Run()) -} - -func TestReleases(t *testing.T) { - CIMount := "/mnt/zarf-tmp" - tmpdir := fmt.Sprintf("--tmpdir=%s", t.TempDir()) - zarfCache := "" - // If we are in CI set the temporary directory to /mnt/zarf-tmp to reduce disk pressure - if os.Getenv("CI") == "true" { - tmpdir = fmt.Sprintf("--tmpdir=%s", CIMount) - zarfCache = fmt.Sprintf("--zarf-cache=%s", CIMount) - } - - ctx := context.Background() - - // Initialize the cluster with the Git server and AMD64 architecture - arch := "amd64" - stdOut, stdErr, err := zarfExec(ctx, "init", "--components", "git-server", "--architecture", arch, tmpdir, "--confirm", zarfCache) - require.NoError(t, err, stdOut, stdErr) - - // Remove the init package to free up disk space on the test runner - err = os.RemoveAll(fmt.Sprintf("zarf-init-%s-%s.tar.zst", arch, getZarfVersion(ctx, t))) - require.NoError(t, err) - - // Build the previous version - bbVersion := fmt.Sprintf("--set=BB_VERSION=%s", previous) - bbMajor := fmt.Sprintf("--set=BB_MAJOR=%s", previous[0:1]) - stdOut, stdErr, err = zarfExec(ctx, "package", "create", "../src/extensions/bigbang/test/package", bbVersion, bbMajor, tmpdir, "--confirm") - require.NoError(t, err, stdOut, stdErr) - - // Clean up zarf cache to reduce disk pressure - stdOut, stdErr, err = zarfExec(ctx, "tools", "clear-cache") - require.NoError(t, err, stdOut, stdErr) - - // Deploy the previous version - pkgPath := fmt.Sprintf("zarf-package-big-bang-test-%s-%s.tar.zst", arch, previous) - stdOut, stdErr, err = zarfExec(ctx, "package", "deploy", pkgPath, tmpdir, "--confirm") - require.NoError(t, err, stdOut, stdErr) - - // HACK: scale down the flux deployments due to very-low CPU in the test runner - fluxControllers := []string{"helm-controller", "source-controller", "kustomize-controller", "notification-controller"} - for _, deployment := range fluxControllers { - stdOut, stdErr, err = zarfExec(ctx, "tools", "kubectl", "-n", "flux-system", "scale", "deployment", deployment, "--replicas=0") - require.NoError(t, err, stdOut, stdErr) - } - - // Cluster info - stdOut, stdErr, err = zarfExec(ctx, "tools", "kubectl", "describe", "nodes") - require.NoError(t, err, stdOut, stdErr) - - // Build the latest version - bbVersion = fmt.Sprintf("--set=BB_VERSION=%s", latest) - bbMajor = fmt.Sprintf("--set=BB_MAJOR=%s", latest[0:1]) - stdOut, stdErr, err = zarfExec(ctx, "package", "create", "../src/extensions/bigbang/test/package", bbVersion, bbMajor, "--differential", pkgPath, tmpdir, "--confirm") - require.NoError(t, err, stdOut, stdErr) - - // Remove the previous version package - err = os.RemoveAll(pkgPath) - require.NoError(t, err) - - // Clean up zarf cache to reduce disk pressure - stdOut, stdErr, err = zarfExec(ctx, "tools", "clear-cache") - require.NoError(t, err, stdOut, stdErr) - - // Deploy the latest version - pkgPath = fmt.Sprintf("zarf-package-big-bang-test-%s-%s-differential-%s.tar.zst", arch, previous, latest) - stdOut, stdErr, err = zarfExec(ctx, "package", "deploy", pkgPath, tmpdir, "--confirm") - require.NoError(t, err, stdOut, stdErr) - - // Cluster info - stdOut, stdErr, err = zarfExec(ctx, "tools", "kubectl", "describe", "nodes") - require.NoError(t, err, stdOut, stdErr) - - // Test connectivity to Twistlock - testConnection(ctx, t) -} - -func testConnection(ctx context.Context, t *testing.T) { - // Establish the tunnel config - c, err := cluster.NewCluster() - require.NoError(t, err) - tunnel, err := c.NewTunnel("twistlock", "svc", "twistlock-console", "", 0, 8081) - require.NoError(t, err) - - // Establish the tunnel connection - _, err = tunnel.Connect(ctx) - require.NoError(t, err) - defer tunnel.Close() - - // Test the connection - resp, err := http.Get(tunnel.HTTPEndpoint()) - require.NoError(t, err) - require.Equal(t, 200, resp.StatusCode) -} - -func zarfExec(ctx context.Context, args ...string) (string, string, error) { - return exec.CmdWithContext(ctx, exec.PrintCfg(), zarf, args...) -} - -// getZarfVersion returns the current build/zarf version -func getZarfVersion(ctx context.Context, t *testing.T) string { - // Get the version of the CLI - stdOut, stdErr, err := zarfExec(ctx, "version") - require.NoError(t, err, stdOut, stdErr) - return strings.Trim(stdOut, "\n") -} - -func getReleases() (latest, previous string, err error) { - // Create the URL for the API endpoint - url := fmt.Sprintf("https://repo1.dso.mil/api/v4/projects/%s/repository/tags", bbProjID) - - // Send an HTTP GET request to the API endpoint - resp, err := http.Get(url) - if err != nil { - return latest, previous, err - } - defer resp.Body.Close() - - // Read the response body - body, err := io.ReadAll(resp.Body) - if err != nil { - return latest, previous, err - } - - // Parse the response body as a JSON array of objects - var data []map[string]interface{} - err = json.Unmarshal(body, &data) - if err != nil { - return latest, previous, err - } - - // Compile the regular expression for filtering tags that don't contain a hyphen - re := regexp.MustCompile("^[^-]+$") - - // Create a slice to store the tag names that match the regular expression - var releases []string - - // Iterate over the tags returned by the API, and filter out tags that don't match the regular expression - for _, tag := range data { - name, ok := tag["name"].(string) - if !ok { - return "", "", fmt.Errorf("name key is not of type string") - } - if re.MatchString(name) { - releases = append(releases, name) - } - } - - // Set the latest and previous release variables to the first two releases - return releases[0], releases[1], nil -} diff --git a/src/extensions/bigbang/test/package/disable-all-bb1.yaml b/src/extensions/bigbang/test/package/disable-all-bb1.yaml deleted file mode 100644 index c51a3d1095..0000000000 --- a/src/extensions/bigbang/test/package/disable-all-bb1.yaml +++ /dev/null @@ -1,58 +0,0 @@ -# Disable everything -istio: - enabled: false - -istiooperator: - enabled: false - -jaeger: - enabled: false - -kiali: - enabled: false - -clusterAuditor: - enabled: false - -gatekeeper: - enabled: false - -kyverno: - enabled: false - -kyvernopolicies: - enabled: false - -kyvernoreporter: - enabled: false - -logging: - enabled: false - -eckoperator: - enabled: false - -fluentbit: - enabled: false - -promtail: - enabled: false - -loki: - enabled: false - -neuvector: - enabled: false - -tempo: - enabled: false - -monitoring: - enabled: false - -twistlock: - enabled: false - -addons: - metricsServer: - enabled: false diff --git a/src/extensions/bigbang/test/package/disable-all-bb2.yaml b/src/extensions/bigbang/test/package/disable-all-bb2.yaml deleted file mode 100644 index b8776699bc..0000000000 --- a/src/extensions/bigbang/test/package/disable-all-bb2.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Disable everything -istio: - enabled: false - -istioOperator: - enabled: false - -jaeger: - enabled: false - -kiali: - enabled: false - -clusterAuditor: - enabled: false - -gatekeeper: - enabled: false - -kyverno: - enabled: false - -kyvernoPolicies: - enabled: false - -kyvernoReporter: - enabled: false - -elasticsearchKibana: - enabled: false - -eckOperator: - enabled: false - -fluentbit: - enabled: false - -promtail: - enabled: false - -loki: - enabled: false - -neuvector: - enabled: false - -tempo: - enabled: false - -monitoring: - enabled: false - -twistlock: - enabled: false - -grafana: - enabled: false - -addons: - metricsServer: - enabled: false diff --git a/src/extensions/bigbang/test/package/enable-twistlock.yaml b/src/extensions/bigbang/test/package/enable-twistlock.yaml deleted file mode 100644 index da002df723..0000000000 --- a/src/extensions/bigbang/test/package/enable-twistlock.yaml +++ /dev/null @@ -1,9 +0,0 @@ -twistlock: - enabled: true - # Disable init so github runners don't suffocate without enough CPU - values: - init: - enabled: false - - console: - volumeUpgrade: false diff --git a/src/extensions/bigbang/test/package/flux-overrides-helm-controller.yaml b/src/extensions/bigbang/test/package/flux-overrides-helm-controller.yaml deleted file mode 100644 index d5e68feaee..0000000000 --- a/src/extensions/bigbang/test/package/flux-overrides-helm-controller.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: helm-controller - namespace: flux-system -spec: - template: - spec: - containers: - - name: manager - resources: - limits: - cpu: 200m - memory: 256Mi - requests: - cpu: 100m - memory: 64Mi diff --git a/src/extensions/bigbang/test/package/flux-overrides-kustomize-controller.yaml b/src/extensions/bigbang/test/package/flux-overrides-kustomize-controller.yaml deleted file mode 100644 index 22e1d7d16b..0000000000 --- a/src/extensions/bigbang/test/package/flux-overrides-kustomize-controller.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: kustomize-controller - namespace: flux-system -spec: - template: - spec: - containers: - - name: manager - resources: - limits: - cpu: 200m - memory: 256Mi - requests: - cpu: 100m - memory: 64Mi diff --git a/src/extensions/bigbang/test/package/flux-overrides-notification-controller.yaml b/src/extensions/bigbang/test/package/flux-overrides-notification-controller.yaml deleted file mode 100644 index a2476b01d2..0000000000 --- a/src/extensions/bigbang/test/package/flux-overrides-notification-controller.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: notification-controller - namespace: flux-system -spec: - template: - spec: - containers: - - name: manager - resources: - limits: - cpu: 200m - memory: 256Mi - requests: - cpu: 100m - memory: 64Mi diff --git a/src/extensions/bigbang/test/package/flux-overrides-source-controller.yaml b/src/extensions/bigbang/test/package/flux-overrides-source-controller.yaml deleted file mode 100644 index 292492775a..0000000000 --- a/src/extensions/bigbang/test/package/flux-overrides-source-controller.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: source-controller - namespace: flux-system -spec: - template: - spec: - containers: - - name: manager - resources: - limits: - cpu: 100m - memory: 256Mi - requests: - cpu: 50m - memory: 64Mi diff --git a/src/extensions/bigbang/test/package/zarf.yaml b/src/extensions/bigbang/test/package/zarf.yaml deleted file mode 100644 index 426fed8f54..0000000000 --- a/src/extensions/bigbang/test/package/zarf.yaml +++ /dev/null @@ -1,33 +0,0 @@ -kind: ZarfPackageConfig -metadata: - name: big-bang-test - description: Deploy Big Bang Core - version: "###ZARF_PKG_TMPL_BB_VERSION###" - url: https://p1.dso.mil/products/big-bang - # Big Bang / Iron Bank are only amd64 - architecture: amd64 - -variables: - - name: DOMAIN - default: bigbang.dev - prompt: false - -components: - - name: bigbang - required: true - extensions: - bigbang: - version: "###ZARF_PKG_TMPL_BB_VERSION###" - fluxPatchFiles: - - flux-overrides-helm-controller.yaml - - flux-overrides-source-controller.yaml - - flux-overrides-kustomize-controller.yaml - - flux-overrides-notification-controller.yaml - valuesFiles: - - disable-all-bb###ZARF_PKG_TMPL_BB_MAJOR###.yaml - - enable-twistlock.yaml - actions: - onDeploy: - onFailure: - - cmd: ./zarf tools kubectl describe nodes - - cmd: ./zarf tools kubectl describe pods -A diff --git a/src/pkg/packager/composer/list.go b/src/pkg/packager/composer/list.go index b021355739..65d9a3209b 100644 --- a/src/pkg/packager/composer/list.go +++ b/src/pkg/packager/composer/list.go @@ -13,7 +13,6 @@ import ( "github.com/defenseunicorns/pkg/helpers/v2" "github.com/zarf-dev/zarf/src/api/v1alpha1" - "github.com/zarf-dev/zarf/src/extensions/bigbang" "github.com/zarf-dev/zarf/src/pkg/layout" "github.com/zarf-dev/zarf/src/pkg/packager/deprecated" "github.com/zarf-dev/zarf/src/pkg/utils" @@ -339,8 +338,6 @@ func (ic *ImportChain) Compose(ctx context.Context) (composed *v1alpha1.ZarfComp overrideActions(composed, node.ZarfComponent) composed.HealthChecks = append(composed.HealthChecks, node.ZarfComponent.HealthChecks...) - bigbang.Compose(composed, node.ZarfComponent, node.relativeToHead) - node = node.prev } diff --git a/src/pkg/packager/composer/list_test.go b/src/pkg/packager/composer/list_test.go index a64de955e0..238aa77cec 100644 --- a/src/pkg/packager/composer/list_test.go +++ b/src/pkg/packager/composer/list_test.go @@ -14,7 +14,6 @@ import ( "github.com/stretchr/testify/require" "github.com/zarf-dev/zarf/src/api/v1alpha1" - "github.com/zarf-dev/zarf/src/api/v1alpha1/extensions" ) func TestNewImportChain(t *testing.T) { @@ -280,21 +279,6 @@ func TestCompose(t *testing.T) { }, }, }, - // Extensions should be appended with corrected directories - Extensions: extensions.ZarfComponentExtensions{ - BigBang: &extensions.BigBang{ - ValuesFiles: []string{ - fmt.Sprintf("%s%svalues.yaml", finalDirectory, string(os.PathSeparator)), - fmt.Sprintf("%s%svalues.yaml", firstDirectory, string(os.PathSeparator)), - "values.yaml", - }, - FluxPatchFiles: []string{ - fmt.Sprintf("%s%spatch.yaml", finalDirectory, string(os.PathSeparator)), - fmt.Sprintf("%s%spatch.yaml", firstDirectory, string(os.PathSeparator)), - "patch.yaml", - }, - }, - }, }, }, } @@ -599,16 +583,6 @@ func createDummyComponent(t *testing.T, name, importDir, subName string) v1alpha }, }, }, - Extensions: extensions.ZarfComponentExtensions{ - BigBang: &extensions.BigBang{ - ValuesFiles: []string{ - "values.yaml", - }, - FluxPatchFiles: []string{ - "patch.yaml", - }, - }, - }, } } diff --git a/src/pkg/packager/creator/normal.go b/src/pkg/packager/creator/normal.go index 4c71ec9ac7..9b2c8ab372 100644 --- a/src/pkg/packager/creator/normal.go +++ b/src/pkg/packager/creator/normal.go @@ -21,7 +21,6 @@ import ( "github.com/zarf-dev/zarf/src/api/v1alpha1" "github.com/zarf-dev/zarf/src/config" "github.com/zarf-dev/zarf/src/config/lang" - "github.com/zarf-dev/zarf/src/extensions/bigbang" "github.com/zarf-dev/zarf/src/internal/git" "github.com/zarf-dev/zarf/src/internal/packager/helm" "github.com/zarf-dev/zarf/src/internal/packager/images" @@ -85,12 +84,6 @@ func (pc *PackageCreator) LoadPackageDefinition(ctx context.Context, src *layout warnings = append(warnings, templateWarnings...) - // After templates are filled process any create extensions - pkg.Components, err = pc.processExtensions(ctx, pkg.Components, src, pkg.Metadata.YOLO) - if err != nil { - return v1alpha1.ZarfPackage{}, nil, err - } - // If we are creating a differential package, remove duplicate images and repos. if pc.createOpts.DifferentialPackagePath != "" { pkg.Build.Differential = true @@ -333,27 +326,6 @@ func (pc *PackageCreator) Output(ctx context.Context, dst *layout.PackagePaths, return nil } -func (pc *PackageCreator) processExtensions(ctx context.Context, components []v1alpha1.ZarfComponent, layout *layout.PackagePaths, isYOLO bool) (processedComponents []v1alpha1.ZarfComponent, err error) { - // Create component paths and process extensions for each component. - for _, c := range components { - componentPaths, err := layout.Components.Create(c) - if err != nil { - return nil, err - } - - // Big Bang - if c.Extensions.BigBang != nil { - if c, err = bigbang.Run(ctx, isYOLO, componentPaths, c); err != nil { - return nil, fmt.Errorf("unable to process bigbang extension: %w", err) - } - } - - processedComponents = append(processedComponents, c) - } - - return processedComponents, nil -} - func (pc *PackageCreator) addComponent(ctx context.Context, component v1alpha1.ZarfComponent, dst *layout.PackagePaths) error { message.HeaderInfof("📦 %s COMPONENT", strings.ToUpper(component.Name)) diff --git a/src/pkg/packager/creator/skeleton.go b/src/pkg/packager/creator/skeleton.go index 648fb562b3..8d1acbdf34 100644 --- a/src/pkg/packager/creator/skeleton.go +++ b/src/pkg/packager/creator/skeleton.go @@ -17,7 +17,6 @@ import ( "github.com/zarf-dev/zarf/src/api/v1alpha1" "github.com/zarf-dev/zarf/src/config" "github.com/zarf-dev/zarf/src/config/lang" - "github.com/zarf-dev/zarf/src/extensions/bigbang" "github.com/zarf-dev/zarf/src/internal/packager/helm" "github.com/zarf-dev/zarf/src/internal/packager/kustomize" "github.com/zarf-dev/zarf/src/pkg/layout" @@ -62,11 +61,6 @@ func (sc *SkeletonCreator) LoadPackageDefinition(ctx context.Context, src *layou warnings = append(warnings, composeWarnings...) - pkg.Components, err = sc.processExtensions(pkg.Components, src) - if err != nil { - return v1alpha1.ZarfPackage{}, nil, err - } - for _, warning := range warnings { message.Warn(warning) } @@ -126,27 +120,6 @@ func (sc *SkeletonCreator) Output(_ context.Context, dst *layout.PackagePaths, p return dst.SignPackage(sc.publishOpts.SigningKeyPath, sc.publishOpts.SigningKeyPassword, !config.CommonOptions.Confirm) } -func (sc *SkeletonCreator) processExtensions(components []v1alpha1.ZarfComponent, layout *layout.PackagePaths) (processedComponents []v1alpha1.ZarfComponent, err error) { - // Create component paths and process extensions for each component. - for _, c := range components { - componentPaths, err := layout.Components.Create(c) - if err != nil { - return nil, err - } - - // Big Bang - if c.Extensions.BigBang != nil { - if c, err = bigbang.Skeletonize(componentPaths, c); err != nil { - return nil, fmt.Errorf("unable to process bigbang extension: %w", err) - } - } - - processedComponents = append(processedComponents, c) - } - - return processedComponents, nil -} - func (sc *SkeletonCreator) addComponent(component v1alpha1.ZarfComponent, dst *layout.PackagePaths) (updatedComponent *v1alpha1.ZarfComponent, err error) { message.HeaderInfof("📦 %s COMPONENT", strings.ToUpper(component.Name)) diff --git a/src/pkg/utils/sort.go b/src/pkg/utils/sort.go deleted file mode 100644 index 6fd625c96d..0000000000 --- a/src/pkg/utils/sort.go +++ /dev/null @@ -1,81 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -// Package utils provides generic utility functions. -package utils - -import "fmt" - -// Dependency is an interface that represents a node in a list of dependencies. -type Dependency interface { - Name() string - Dependencies() []string -} - -// SortDependencies performs a topological sort on a dependency graph and -// returns a slice of the nodes in order of their precedence. -// The input data is a map of nodes to a slice of its dependencies. -// -// E.g: -// A depends on B & C, B depends on C and C has no dependencies: -// {"A": ["B", "C"], "B": ["C"], "C": []string{}} -// -// Note sort order is dependent on the slice order of the input data for -// nodes with the same in-degree (i.e. the same number of dependencies). -func SortDependencies(data []Dependency) ([]string, error) { - // Initialize the in-degree and out-degree maps. - inDegree := make(map[string]int) - outDegree := make(map[string][]string) - - // Populate the in-degree and out-degree maps. - for _, d := range data { - outDegree[d.Name()] = d.Dependencies() - inDegree[d.Name()] = 0 - } - for _, deps := range data { - for _, d := range deps.Dependencies() { - inDegree[d]++ - } - } - - // Initialize the queue and the result list. - queue := make([]string, 0) - result := make([]string, 0) - - // Enqueue all nodes with zero in-degree. - for _, d := range data { - if inDegree[d.Name()] == 0 { - queue = append(queue, d.Name()) - } - } - - // Process the queue. - for len(queue) > 0 { - // Dequeue a node from the queue. - node := queue[0] - queue = queue[1:] - - // Add the node to the result list. - result = append([]string{node}, result...) - - // Decrement the in-degree of all outgoing neighbors. - for _, neighbor := range outDegree[node] { - inDegree[neighbor]-- - // If the neighbor has zero in-degree, enqueue it. - if inDegree[neighbor] == 0 { - queue = append(queue, neighbor) - } - } - } - - // If there are still nodes with non-zero in-degree, there is a cycle in the graph. - // Return an empty result list to indicate this. - for _, degree := range inDegree { - if degree > 0 { - return result, fmt.Errorf("dependency cycle detected") - } - } - - // Return the result list. - return result, nil -} diff --git a/src/pkg/utils/sort_test.go b/src/pkg/utils/sort_test.go deleted file mode 100644 index beee3e160b..0000000000 --- a/src/pkg/utils/sort_test.go +++ /dev/null @@ -1,174 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -// Package utils provides generic utility functions. -package utils - -import ( - "testing" - - "github.com/stretchr/testify/require" -) - -type TestDependency struct { - name string - dependencies []string -} - -func (t TestDependency) Name() string { - return t.name -} - -func (t TestDependency) Dependencies() []string { - return t.dependencies -} - -func TestSortDependencies(t *testing.T) { - tests := []struct { - name string - data []TestDependency // input data: a map of nodes to their dependencies - expected []string // expected output: a slice of nodes in order of their precedence - success bool // whether the test should succeed or fail - }{ - { - name: "simple graph", - data: []TestDependency{ - { - name: "A", - dependencies: []string{"B", "C"}, - }, - { - name: "B", - dependencies: []string{"C"}, - }, - { - name: "C", - }, - }, - // C has no dependencies, B depends on C, and A depends on both B and C - expected: []string{"C", "B", "A"}, - success: true, - }, - { - name: "complex graph", - data: []TestDependency{ - { - name: "A", - dependencies: []string{"B", "C", "D"}, - }, - { - name: "B", - dependencies: []string{"C", "D", "E"}, - }, - { - name: "C", - dependencies: []string{"E"}, - }, - { - name: "D", - dependencies: []string{"E"}, - }, - { - name: "E", - }, - }, - expected: []string{"E", "D", "C", "B", "A"}, - success: true, - }, - { - name: "graph with multiple roots", - data: []TestDependency{ - { - name: "A", - }, - { - name: "B", - }, - { - name: "C", - dependencies: []string{"A", "B"}, - }, - { - name: "D", - dependencies: []string{"C", "E"}, - }, - { - name: "E", - dependencies: []string{"F"}, - }, - { - name: "F", - }, - }, - expected: []string{"F", "B", "A", "E", "C", "D"}, - success: true, - }, - { - name: "graph with multiple sinks", - data: []TestDependency{ - { - name: "A", - dependencies: []string{"B"}, - }, - { - name: "B", - dependencies: []string{"C"}, - }, - { - name: "C", - }, - { - name: "D", - dependencies: []string{"E"}, - }, - { - name: "E", - dependencies: []string{"F"}, - }, - { - name: "F", - }, - { - name: "G", - }, - }, - expected: []string{"F", "C", "E", "B", "G", "D", "A"}, - success: true, - }, - { - name: "graph with circular dependencies", - data: []TestDependency{ - { - name: "A", - dependencies: []string{"B"}, - }, - { - name: "B", - dependencies: []string{"C"}, - }, - { - name: "C", - dependencies: []string{"A"}, - }, - }, - expected: []string{}, - success: false, - }, - } - - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - deps := make([]Dependency, len(tt.data)) - for i := range tt.data { - deps[i] = tt.data[i] - } - result, err := SortDependencies(deps) - if tt.success { - require.NoError(t, err) - } else { - require.Error(t, err) - } - require.Equal(t, tt.expected, result) - }) - } -} diff --git a/src/test/e2e/14_oci_compose_test.go b/src/test/e2e/14_oci_compose_test.go index 6dfbe1f45c..e186a6e076 100644 --- a/src/test/e2e/14_oci_compose_test.go +++ b/src/test/e2e/14_oci_compose_test.go @@ -69,11 +69,6 @@ func (suite *PublishCopySkeletonSuite) Test_0_Publish_Skeletons() { suite.NoError(err) suite.Contains(stdErr, "Published "+ref) - bigBang := filepath.Join("src", "test", "packages", "14-import-everything", "big-bang-min") - _, stdErr, err = e2e.Zarf(suite.T(), "package", "publish", bigBang, "oci://"+ref, "--plain-http") - suite.NoError(err) - suite.Contains(stdErr, "Published "+ref) - composable := filepath.Join("src", "test", "packages", "09-composable-packages") _, stdErr, err = e2e.Zarf(suite.T(), "package", "publish", composable, "oci://"+ref, "--plain-http") suite.NoError(err) @@ -92,9 +87,6 @@ func (suite *PublishCopySkeletonSuite) Test_0_Publish_Skeletons() { _, _, err = e2e.Zarf(suite.T(), "package", "pull", "oci://"+ref+"/helm-charts:0.0.1", "-o", "build", "--plain-http", "-a", "skeleton") suite.NoError(err) - _, _, err = e2e.Zarf(suite.T(), "package", "pull", "oci://"+ref+"/big-bang-min:2.10.0", "-o", "build", "--plain-http", "-a", "skeleton") - suite.NoError(err) - _, _, err = e2e.Zarf(suite.T(), "package", "pull", "oci://"+ref+"/test-compose-package:0.0.1", "-o", "build", "--plain-http", "-a", "skeleton") suite.NoError(err) } @@ -114,7 +106,6 @@ func (suite *PublishCopySkeletonSuite) Test_1_Compose_Everything_Inception() { targets := []string{ "import-component-local == import-component-local", "import-component-oci == import-component-oci", - "import-big-bang == import-big-bang", "file-imports == file-imports", "local-chart-import == local-chart-import", } @@ -132,7 +123,6 @@ func (suite *PublishCopySkeletonSuite) Test_2_FilePaths() { filepath.Join("build", "zarf-package-import-everything-skeleton-0.0.1.tar.zst"), filepath.Join("build", fmt.Sprintf("zarf-package-importception-%s-0.0.1.tar.zst", e2e.Arch)), filepath.Join("build", "zarf-package-helm-charts-skeleton-0.0.1.tar.zst"), - filepath.Join("build", "zarf-package-big-bang-min-skeleton-2.10.0.tar.zst"), filepath.Join("build", "zarf-package-test-compose-package-skeleton-0.0.1.tar.zst"), } @@ -268,12 +258,6 @@ func (suite *PublishCopySkeletonSuite) verifyComponentPaths(unpackedPath string, suite.FileExists(filepath.Join(base, component.DeprecatedCosignKeyPath)) } - if isSkeleton && component.Extensions.BigBang != nil { - for _, valuesFile := range component.Extensions.BigBang.ValuesFiles { - suite.FileExists(filepath.Join(base, valuesFile)) - } - } - for chartIdx, chart := range component.Charts { if isSkeleton && chart.URL != "" { continue diff --git a/src/test/packages/14-import-everything/big-bang-min/flux-overrides-helm-controller.yaml b/src/test/packages/14-import-everything/big-bang-min/flux-overrides-helm-controller.yaml deleted file mode 100644 index d5e68feaee..0000000000 --- a/src/test/packages/14-import-everything/big-bang-min/flux-overrides-helm-controller.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: helm-controller - namespace: flux-system -spec: - template: - spec: - containers: - - name: manager - resources: - limits: - cpu: 200m - memory: 256Mi - requests: - cpu: 100m - memory: 64Mi diff --git a/src/test/packages/14-import-everything/big-bang-min/zarf.yaml b/src/test/packages/14-import-everything/big-bang-min/zarf.yaml deleted file mode 100644 index 6fd483c848..0000000000 --- a/src/test/packages/14-import-everything/big-bang-min/zarf.yaml +++ /dev/null @@ -1,26 +0,0 @@ -kind: ZarfPackageConfig -metadata: - name: big-bang-min - description: A minimal Big Bang package for use in testing - version: 2.10.0 - url: https://p1.dso.mil/products/big-bang - # Big Bang / Iron Bank are only amd64 - architecture: amd64 - -variables: - - name: DOMAIN - default: bigbang.dev - prompt: false - -components: - - name: bigbang - required: true - extensions: - bigbang: - repo: https://github.com/DoD-Platform-One/big-bang.git - version: 2.10.0 - skipFlux: true - fluxPatchFiles: - - flux-overrides-helm-controller.yaml - valuesFiles: - - ../../../../extensions/bigbang/test/package/disable-all-bb2.yaml diff --git a/src/test/packages/14-import-everything/inception/zarf.yaml b/src/test/packages/14-import-everything/inception/zarf.yaml index c137443618..6721fbd109 100644 --- a/src/test/packages/14-import-everything/inception/zarf.yaml +++ b/src/test/packages/14-import-everything/inception/zarf.yaml @@ -15,11 +15,6 @@ components: import: url: oci://localhost:31888/import-everything:0.0.1 - - name: import-big-bang - required: true - import: - url: oci://localhost:31888/import-everything:0.0.1 - - name: file-imports required: true import: diff --git a/src/test/packages/14-import-everything/zarf.yaml b/src/test/packages/14-import-everything/zarf.yaml index 546c1a873a..5a096ae3db 100644 --- a/src/test/packages/14-import-everything/zarf.yaml +++ b/src/test/packages/14-import-everything/zarf.yaml @@ -21,14 +21,6 @@ components: name: import-component-oci path: oci-import - # Test big bang extension files - - name: import-big-bang - description: "import-big-bang == ###ZARF_COMPONENT_NAME###" - required: false - import: - name: bigbang - url: oci://localhost:31888/big-bang-min:2.10.0 - # Test file imports including cosignKeyPath - name: file-imports description: "file-imports == ###ZARF_COMPONENT_NAME###" diff --git a/zarf.schema.json b/zarf.schema.json index d5067e42ad..67094c0f38 100644 --- a/zarf.schema.json +++ b/zarf.schema.json @@ -2,45 +2,6 @@ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://github.com/zarf-dev/zarf/src/api/v1alpha1/zarf-package", "$defs": { - "BigBang": { - "properties": { - "version": { - "type": "string", - "description": "The version of Big Bang to use." - }, - "repo": { - "type": "string", - "description": "Override repo to pull Big Bang from instead of Repo One." - }, - "valuesFiles": { - "items": { - "type": "string" - }, - "type": "array", - "description": "The list of values files to pass to Big Bang; these will be merged together." - }, - "skipFlux": { - "type": "boolean", - "description": "Whether to skip deploying flux; Defaults to false." - }, - "fluxPatchFiles": { - "items": { - "type": "string" - }, - "type": "array", - "description": "Optional paths to Flux kustomize strategic merge patch files." - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "version" - ], - "description": "BigBang holds the configuration for the Big Bang extension.", - "patternProperties": { - "^x-": {} - } - }, "Constant": { "properties": { "name": { @@ -533,10 +494,6 @@ "type": "array", "description": "List of git repos to include in the package." }, - "extensions": { - "$ref": "#/$defs/ZarfComponentExtensions", - "description": "Extend component functionality with additional features." - }, "scripts": { "$ref": "#/$defs/DeprecatedZarfComponentScripts", "description": "[Deprecated] (replaced by actions) Custom commands to run before or after package deployment. This will be removed in Zarf v1.0.0." @@ -824,20 +781,6 @@ "^x-": {} } }, - "ZarfComponentExtensions": { - "properties": { - "bigbang": { - "$ref": "#/$defs/BigBang", - "description": "Configurations for installing Big Bang and Flux in the cluster." - } - }, - "additionalProperties": false, - "type": "object", - "description": "ZarfComponentExtensions is a struct that contains all the official extensions.", - "patternProperties": { - "^x-": {} - } - }, "ZarfComponentImport": { "properties": { "name": {