From a6d5eb92e3ea9aefec09014bb77173c72e72a298 Mon Sep 17 00:00:00 2001 From: aimee Date: Wed, 16 Aug 2023 17:36:41 -0500 Subject: [PATCH 01/15] docs(plugins): Fix CDaaS plugin entry in plugins table (#2105) --- content/en/includes/plugins/plugin-compat-matrix.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/en/includes/plugins/plugin-compat-matrix.md b/content/en/includes/plugins/plugin-compat-matrix.md index 48e6eebc72..fbabf2802f 100644 --- a/content/en/includes/plugins/plugin-compat-matrix.md +++ b/content/en/includes/plugins/plugin-compat-matrix.md @@ -1,6 +1,6 @@ | Plugin | Spinnaker | Armory CD | |:-------|:--------:|:--------:| -| {{< linkWithLinkTitle "plugins/cdaas-spinnaker.md" >}}
{{% getPageDesc "/plugins/cdaas-spinnaker.md" %}} | 1.24+ | 2.24+
(included with Armory CD)| +| [Armory CD-as-a-Service Plugin](https://developer.armory.io/docs/integrations/plugin-spinnaker)
The Armory Continuous Deployment-as-a-Service plugin enables performing canary and blue/green deployments in a single stage from Spinnaker to your Kubernetes deployment target using CD-as-a-Service. | 1.24+ | 2.24+
(included with Armory CD)| | {{< linkWithLinkTitle "plugins/plugin-k8s-custom-resource-status.md" >}}
{{% getPageDesc "/plugins/plugin-k8s-custom-resource-status.md" %}} | 1.27+ | 2.27+ | | {{< linkWithLinkTitle "plugins/pipelines-as-code/_index.md" >}}
{{% getPageDesc "/plugins/pipelines-as-code/_index.md" %}} | 1.26+ | 2.21+ | | {{< linkWithLinkTitle "plugins/policy-engine/_index.md" >}}
{{% getPageDesc "/plugins/policy-engine/_index.md" %}} | 1.26+ | 2.26+ | From cb3ddf2a4b348bdfa3a06431cdf55af23aa7ecc6 Mon Sep 17 00:00:00 2001 From: aimee Date: Thu, 17 Aug 2023 10:51:12 -0500 Subject: [PATCH 02/15] docs(plugins): Add Event Filter plugin (#2103) CDSH-186 - Verified with Chris in Slack that I can merge right way --- .../includes/plugins/plugin-compat-matrix.md | 1 + content/en/plugins/echo-event-filter.md | 253 ++++++++++++++++++ .../plugin-k8s-custom-resource-status.md | 4 +- 3 files changed, 256 insertions(+), 2 deletions(-) create mode 100644 content/en/plugins/echo-event-filter.md diff --git a/content/en/includes/plugins/plugin-compat-matrix.md b/content/en/includes/plugins/plugin-compat-matrix.md index fbabf2802f..31003121a9 100644 --- a/content/en/includes/plugins/plugin-compat-matrix.md +++ b/content/en/includes/plugins/plugin-compat-matrix.md @@ -1,6 +1,7 @@ | Plugin | Spinnaker | Armory CD | |:-------|:--------:|:--------:| | [Armory CD-as-a-Service Plugin](https://developer.armory.io/docs/integrations/plugin-spinnaker)
The Armory Continuous Deployment-as-a-Service plugin enables performing canary and blue/green deployments in a single stage from Spinnaker to your Kubernetes deployment target using CD-as-a-Service. | 1.24+ | 2.24+
(included with Armory CD)| +| {{< linkWithLinkTitle "plugins/echo-event-filter.md" >}}
{{% getPageDesc "/plugins/echo-event-filter.md" %}} | 1.29+ | 2.30+ | | {{< linkWithLinkTitle "plugins/plugin-k8s-custom-resource-status.md" >}}
{{% getPageDesc "/plugins/plugin-k8s-custom-resource-status.md" %}} | 1.27+ | 2.27+ | | {{< linkWithLinkTitle "plugins/pipelines-as-code/_index.md" >}}
{{% getPageDesc "/plugins/pipelines-as-code/_index.md" %}} | 1.26+ | 2.21+ | | {{< linkWithLinkTitle "plugins/policy-engine/_index.md" >}}
{{% getPageDesc "/plugins/policy-engine/_index.md" %}} | 1.26+ | 2.26+ | diff --git a/content/en/plugins/echo-event-filter.md b/content/en/plugins/echo-event-filter.md new file mode 100644 index 0000000000..a606c762cd --- /dev/null +++ b/content/en/plugins/echo-event-filter.md @@ -0,0 +1,253 @@ +--- +title: Event Filter Plugin +linkTitle: Event Filter +description: > + The Event Filter Plugin for Spinnaker filters or trims events sent to external log aggregators by Echo. +--- + +![Proprietary](/images/proprietary.svg) + +## What the Event Filter plugin does + +The Event Filter plugin extends Echo and has the following features: + +1. **Skip** sending an event that Echo normally sends to external log aggregators +2. **Trim** the event before sending it to the log aggregators + +The trim and skip functionality uses [JSON Path specification](https://www.ietf.org/archive/id/draft-goessner-dispatch-jsonpath-00.html) syntax. + +The default action is to skip the event if the specified condition matches. To do a trim, you have to configure the trim action (`action: TRIM`). + +Installing the plugin consists of the following: + +1. [Decide what you want to filter or trim](#decide-what-you-want-to-filter) +1. Install in your Spinnaker instance: + * [Spinnaker managed by the Spinnaker Operator](#install---spinnaker-operator) + * [Spinnaker managed by Halyard](#install---halyard) + +## Compatiblity matrix + +| Spinnaker Version | Event Filter Plugin Version | +| ------------------ | -------------------------- | +| 1.30.x | 0.0.2 | +| 1.29.x | 0.0.1 | + +## {{% heading "prereq" %}} + +You should be familiar with the the [_Event types_ section](https://spinnaker.io/docs/setup/other_config/features/notifications/#event-types) of Spinnaker's _Notifications and Events Guide_. That section shows you the structure of an example event and defines `details.type`, `details.application`, and `content.execution`. + +
Show an example event + +```json +{ + "details": { + "source": "orca", + "type": "orca:task:complete", + "created": "1422487582294", + "organization": null, + "project": null, + "application": "asgard", + "_content_id": null + }, + "content": { + "standalone": true, + "context": { + "asgName": "asgard-staging-v048", + "credentials": "test", + "deploy.account.name": "test", + "deploy.server.groups": {}, + "kato.last.task.id": { + "id": "19351" + }, + "kato.task.id": { + "id": "19351" + }, + "kato.tasks": [ + { + "history": [ + ], + "id": "19351", + "resultObjects": [] + } + ], + "notification.type": "enableasg", + "regions": ["us-west-1"], + "targetop.asg.enableAsg.name": "asgard-staging-v048", + "targetop.asg.enableAsg.regions": ["us-west-1"], + "user": "clin@netflix.com", + "zones": ["us-west-1a", "us-west-1c"] + }, + "execution": ... + "executionId": "62ca5574-0629-419a-b9ac-fb873aa165b2", + "taskName": "f92239a7-b57a-408d-9d72-3a77484e050b.enableAsg.monitorAsg.9568e7e5-3c37-4699-9e93-f62118adc7c6" + } + } +``` + +
+ +## Decide what you want to filter + +Before you install the plugin, you should decide what events you want to filter or trim. You configure these filters as part of the installation process. + +### Skip event + +The default behavior is to skip sending any event that matches the configured `path` and `pathValue`. + +For example, if you want to skip the event `orca:pipeline:complete`, you need to define the JSON path and the value for that path. In this configuration, when an event has a `details.type` field with the value `orca:pipeline:complete`, Echo does not send the event to the log aggregator. + +```yaml +event: + filters: + - path: details.type + pathValue: orca:pipeline:complete +``` + +### Trim event + +When you define a `path` and add `action: TRIM`, the Event Filter plugin removes that entry from the event before sending the event to the log aggregator. + +In this example, the plugin trims the `context.execution` entry from all events where the field is available. However, Echo still sends the event to the log aggregator. + +```yaml +event: + filters: + - path: content.execution + action: TRIM +``` + +The trim feature supports advanced configuration with a predicate. In this example, the event filter plugin removes the `content.execution` field from the events that have the `details.type` equal to `orca:pipeline:starting`. + +```yaml +event: + filters: + - path: content.execution + predicate: $.details[?(@.type=='orca:pipeline:starting')] + action: TRIM +``` + +## Install - Spinnaker Operator + +Add a Kustomize patch with the following contents: + +```yaml +spec: + spinnakerConfig: + profiles: + echo: + spinnaker: + extensibility: + plugins: + Armory.EventFilter: + enabled: true + version: + repositories: + eventfilter: + enabled: true + url: https://raw.githubusercontent.com/armory-plugins/pluginRepository/master/repositories.json + event: + filters: + - +``` + +1. Replace `` with the plugin version that's compatible with your Spinnaker version. +1. Add your list of filters. +1. Add the patch to the `patchesStrategicMerge` section of your kustomization file. +1. Apply your update. + +
Show an example with filters + +```yaml +spec: + spinnakerConfig: + profiles: + echo: + spinnaker: + extensibility: + plugins: + Armory.EventFilter: + enabled: true + version: 0.0.2 + repositories: + eventfilter: + enabled: true + url: https://raw.githubusercontent.com/armory-plugins/pluginRepository/master/repositories.json + event: + filters: + - path: details.type + pathValue: manual + - path: details.type + pathValue: orca:pipeline:complete + - path: content.standalone + action: TRIM + - path: content.execution + predicate: $.details[?(@.type=='orca:pipeline:starting')] + action: TRIM +``` +

+ +Alternately, add the plugin configuration in the `spec.spinnakerConfig.profiles.echo` section of your `spinnakerservice.yml` and then apply your update. + +## Install - Halyard + +{{% alert color="warning" title="A note about installing plugins in Spinnaker" %}} +When Halyard adds a plugin to a Spinnaker installation, it adds the plugin repository information to all services, not just the ones the plugin is for. This means that when you restart Spinnaker, each service restarts, downloads the plugin, and checks if an extension exists for that service. Each service restarting is not ideal for large Spinnaker installations due to service restart times. To avoid every Spinnaker service restarting and downloading the plugin, do not add the plugin using Halyard. +{{% /alert %}} + +The Event Filter Plugin extends Echo. You should create or update the extended service's local profile in the same directory as the other Halyard configuration files. This is usually `~/.hal/default/profiles` on the machine where Halyard is running. + +Add the following to your `echo-local.yml` file: + +```yaml +spinnaker: + extensibility: + plugins: + Armory.EventFilter: + enabled: true + version: + repositories: + eventfilter: + enabled: true + url: https://raw.githubusercontent.com/armory-plugins/pluginRepository/master/repositories.json +event: + filters: + +``` + +1. Replace `` with the plugin version that's compatible with your Spinnaker version. +1. Add your list of filters. +1. `hal deploy apply` your update. + +
Show an example with filters + +```yaml +spinnaker: + extensibility: + plugins: + Armory.EventFilter: + enabled: true + version: 0.0.2 + repositories: + eventfilter: + enabled: true + url: https://raw.githubusercontent.com/armory-plugins/pluginRepository/master/repositories.json +event: + filters: + - path: details.type + pathValue: manual + - path: details.type + pathValue: orca:pipeline:complete + - path: content.standalone + action: TRIM + - path: content.execution + predicate: $.details[?(@.type=='orca:pipeline:starting')] + action: TRIM +``` + +

+ +## Release notes + +- 0.0.2: 1.30 compatible version +- 0.0.1: Initial release + diff --git a/content/en/plugins/plugin-k8s-custom-resource-status.md b/content/en/plugins/plugin-k8s-custom-resource-status.md index cc0d8e63cf..21e373c07f 100644 --- a/content/en/plugins/plugin-k8s-custom-resource-status.md +++ b/content/en/plugins/plugin-k8s-custom-resource-status.md @@ -35,7 +35,7 @@ These replica checks are enabled by default and do not require additional config Put the plugin configuration in the `spec.spinnakerConfig.profiles.clouddriver` section of your Operator `spinnakerservice.yml`: -{{< prism lang="yaml" line="5-14" >}} +```yaml ... (omitted for brevity) spec: spinnakerConfig: @@ -50,7 +50,7 @@ spec: repositories: pluginRepository: url: https://raw.githubusercontent.com/armory-plugins/pluginRepository/master/repositories.json -{{< /prism >}} +``` * `version`: The plugin version that corresponds to your Armory CD version. From 525a0c04b59b3d69c9f624dd23a2fe26693569cd Mon Sep 17 00:00:00 2001 From: aimee Date: Thu, 17 Aug 2023 11:28:45 -0500 Subject: [PATCH 03/15] docs(plugins): New Terraform Integration plugin section (#2086) * docs(plugins): New Terraform Integration plugin section CDSH-148 * add 2.30 compat * create sharable components; flesh out install and index * update armory cd to include patches and spinsvc options * Add k8s stuff to Halyard install; configure features * final copy edits --- config.toml | 2 +- .../terraform-enable-integration.md | 476 +----------------- .../continuous-deployment-matrix/_index.md | 22 +- .../armoryspinnaker_v2-26-5.md | 2 +- .../armoryspinnaker_v2-27-3.md | 2 +- .../armoryspinnaker_v2-28-0.md | 5 +- .../contribute/create/guides/tips-tricks.md | 2 +- .../includes/plugins/plugin-compat-matrix.md | 1 + .../plugins/terraform/code/deployment.md | 99 ++++ .../plugins/terraform/code/k8s-permissions.md | 137 +++++ .../terraform/code/terraform-config-map.md | 136 +++++ .../plugins/terraform/compat-matrix.md | 5 + .../plugins/terraform/config-artifact-acct.md | 25 + .../plugins/terraform/config-redis.md | 15 + .../terraform/configure-optional-repos.md | 54 ++ .../en/includes/plugins/terraform/features.md | 6 + .../plugins/terraform/terraform-prereqs.md | 13 + .../plugins/terraform/terraform-versions.md | 9 + .../includes/plugins/terraform/whats-next.md | 2 + .../install/spinnaker-operator.md | 2 +- content/en/plugins/terraform/_index.md | 86 ++++ .../en/plugins/terraform/install/_index.md | 7 + .../en/plugins/terraform/install/armory-cd.md | 176 +++++++ .../en/plugins/terraform/install/configure.md | 298 +++++++++++ .../terraform/install/spinnaker-halyard.md | 135 +++++ .../terraform/install/spinnaker-operator.md | 103 ++++ content/en/plugins/terraform/release-notes.md | 22 + .../terraform/use.md} | 45 +- netlify.toml | 12 +- .../terraform}/terraform-git-repo.png | Bin .../terraform}/terraform_stage_ui.png | Bin .../terraform}/terraform_version.png | Bin .../terraformer-artifact-git-repo.png | Bin .../terraform}/terraformer-ui-logs.png | Bin .../terraform}/terraformer-ui-stage.png | Bin 35 files changed, 1379 insertions(+), 520 deletions(-) create mode 100644 content/en/includes/plugins/terraform/code/deployment.md create mode 100644 content/en/includes/plugins/terraform/code/k8s-permissions.md create mode 100644 content/en/includes/plugins/terraform/code/terraform-config-map.md create mode 100644 content/en/includes/plugins/terraform/compat-matrix.md create mode 100644 content/en/includes/plugins/terraform/config-artifact-acct.md create mode 100644 content/en/includes/plugins/terraform/config-redis.md create mode 100644 content/en/includes/plugins/terraform/configure-optional-repos.md create mode 100644 content/en/includes/plugins/terraform/features.md create mode 100644 content/en/includes/plugins/terraform/terraform-prereqs.md create mode 100644 content/en/includes/plugins/terraform/terraform-versions.md create mode 100644 content/en/includes/plugins/terraform/whats-next.md create mode 100644 content/en/plugins/terraform/_index.md create mode 100644 content/en/plugins/terraform/install/_index.md create mode 100644 content/en/plugins/terraform/install/armory-cd.md create mode 100644 content/en/plugins/terraform/install/configure.md create mode 100644 content/en/plugins/terraform/install/spinnaker-halyard.md create mode 100644 content/en/plugins/terraform/install/spinnaker-operator.md create mode 100644 content/en/plugins/terraform/release-notes.md rename content/en/{continuous-deployment/spinnaker-user-guides/terraform-use-integration.md => plugins/terraform/use.md} (86%) rename static/images/{ => plugins/terraform}/terraform-git-repo.png (100%) rename static/images/{ => plugins/terraform}/terraform_stage_ui.png (100%) rename static/images/{ => plugins/terraform}/terraform_version.png (100%) rename static/images/{ => plugins/terraform}/terraformer-artifact-git-repo.png (100%) rename static/images/{ => plugins/terraform}/terraformer-ui-logs.png (100%) rename static/images/{ => plugins/terraform}/terraformer-ui-stage.png (100%) diff --git a/config.toml b/config.toml index 85a05d21b0..0381709a90 100644 --- a/config.toml +++ b/config.toml @@ -106,7 +106,7 @@ anchor = "smart" [languages] [languages.en] #comment out title as it messes with the new logo -#title = "Armory Docs" +title = "Armory Docs" description = "Unlocking Innovation by Making Software Delivery Continuous, Scalable, and Safe" languageName ="English" # Weight used for sorting. diff --git a/content/en/continuous-deployment/armory-admin/terraform-enable-integration.md b/content/en/continuous-deployment/armory-admin/terraform-enable-integration.md index 7d035d6317..e9fd7e785e 100644 --- a/content/en/continuous-deployment/armory-admin/terraform-enable-integration.md +++ b/content/en/continuous-deployment/armory-admin/terraform-enable-integration.md @@ -1,478 +1,8 @@ --- linkTitle: Enable the Terraform Integration Stage title: Enable the Terraform Integration Stage in Armory Continuous Deployment -aliases: - - /spinnaker/terraform_integration/ - - /spinnaker/terraform-configure-integration/ - - /docs/spinnaker/terraform-enable-integration/ +manualLinkRelRef: "plugins/terraform/install/armory-cd.md" +exclude_search: true description: > Learn how to configure the Terraform Integration stage so that app developers can provision infrastructure using Terraform as part of their delivery pipelines. ---- -![Proprietary](/images/proprietary.svg) -## Overview of Terraform Integration in Spinnaker - -The examples on this page describe how to configure the Terraform Integration stage and an artifact provider to support either GitHub or BitBucket. Note that the Terraform Integration stage also requires a `git/repo` artifact account. For information about how to use the stage, see {{< linkWithTitle "terraform-use-integration.md" >}}. - -Armory's Terraform Integration feature integrates your infrastructure-as-code Terraform workflow into your SDLC. The integration interacts with a source repository you specify to deploy your infrastructure as part of a Spinnaker pipeline. - -## Supported Terraform versions - -Armory ships several versions of Terraform as part of the Terraform Integration feature. The Terraform binaries are verified by checksum and with Hashicorp's GPG key before being installed into an Armory release. - -When creating a Terraform Integration stage, pipeline creators select a specific available version from a list of available versions: - -![Terraform version to use](/images/terraform_version.png) - -Note that all Terraform stages within a pipeline that affects state must use the same Terraform version. - - -## Requirements - -* Credentials (in the form of basic auth) for the Git repository where your Terraform scripts are stored. The Terraform Integration needs access to credentials to download directories that house your Terraform templates. - * Git Repo can be configured with any of the following: - * a Personal Access Token (potentially associated with a service account). For more information, see [Generating a Github Personal Access Token (PAT)](#generating-a-github-personal-access-token-pat). - * SSH protocol in the form of an SSH key or an SSH key file - * basic auth in the form of a user and password, or a user-password file -* A source for Terraform Input Variable Files (`tfvar`) or a backend config. You must have a separate artifact provider that can pull your `tfvar` file(s). The Terraform Integration supports the following artifact providers for `tfvar` files and backend configs: - * GitHub - * BitBucket - * HTTP artifact -* Dedicated external Redis instance - * Armory requires configuring a dedicated external Redis instance for production usage of the Terraform Integration. This is to ensure that you do not encounter scaling or stability issues in production. For more information [Redis](#redis). - -### Redis - -The Terraform Integration uses Redis to store Terraform logs and plans. - -**Note:** The Terraform Integration feature can only be configured to use a password with the default Redis user. - -To set/override the Armory Continuous Deployment Redis settings do the following: - -In `SpinnakerService` manifest: - -```yaml -apiVersion: spinnaker.armory.io/{{< param operator-extended-crd-version >}} -kind: SpinnakerService -metadata: - name: spinnaker -spec: - spinnakerConfig: - profiles: - terraformer: - redis: - baseUrl: "redis://spin-redis:6379" - password: "password" -``` - -```bash -kubectl -n spinnaker apply -f spinnakerservice.yml -``` - - -### Generate a GitHub Personal Access Token (PAT) - -Skip this section if you are using BitBucket, which requires your username and password. - -Before you start, you need a GitHub Personal Access Token (PAT). The Terraform Integration authenticates itself using the PAT to interact with your GitHub repositories. You must create and configure a PAT so that the Terraform Integration can pull a directory of Terraform Templates from GitHub. Additionally, the Spinnaker GitHub artifact provider require a PAT for `tfvar` files. - -Make sure the PAT you create meets the following requirements: - -* The token uses a distinct name and has the **repo** scope. -* If your GitHub organization uses Single Sign-On (SSO), enable -the SSO option for the organizations that host the Terraform template(s) and Terraform `tfvar` files. - -For more information about how to generate a GitHub PAT, see [Creating a Personal Access Token for the Command Line](https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line). - -## Configure your artifact accounts - -The Terraform Integration uses the following artifact accounts: - * **Git Repo** - To fetch the repo housing your main Terraform files. - * **GitHub, BitBucket or HTTP** - *Optional*. To fetch single files such as var-files or backend config files. - - -### Configure the Git Repo artifact - -Spinnaker uses the Git Repo Artifact Provider to download the repo containing your main Terraform templates - -If you already have a Git Repo artifact account configured in Spinnaker, -skip this section. - - - -Edit the `SpinnakerService` manifest to add the following: - -```yaml -apiVersion: spinnaker.armory.io/{{< param operator-extended-crd-version >}} -kind: SpinnakerService -metadata: - name: spinnaker -spec: - spinnakerConfig: - profiles: - clouddriver: - artifacts: - gitRepo: - enabled: true - accounts: - - name: gitrepo - token: # GitHub personal access token -``` - - -For more configuration options, see [Git Repo](https://spinnaker.io/setup/artifacts/gitrepo/). - -## Configure Terraform Integration for GitHub - -These *(optional)* steps describe how to configure GitHub as an artifact provider for the Terraform Integration. For information about BitBucket, see [Configuring the Terraform Integration with BitBucket](#configuring-the-terraform-integration-with-bitbucket). - - -#### Enable and configure the GitHub Artifact Provider - -Spinnaker uses the Github Artifact Provider to download any referenced `tfvar` -files. - -If you already have a GitHub artifact account configured in Spinnaker, -skip this section. - -{{% alert title="Note" %}}The following examples use `github-for-terraform` as a unique identifier for the artifact account. Replace it with your own identifier. -{{% /alert %}} - - - -Edit the `SpinnakerService` manifest to add the following: - -```yaml -apiVersion: spinnaker.armory.io/{{< param operator-extended-crd-version >}} -kind: SpinnakerService -metadata: - name: spinnaker -spec: - spinnakerConfig: - config: - artifacts: - github: - accounts: - - name: github-for-terraform - token: # GitHub personal access token # PAT GitHub token. This field supports "encrypted" field references - enabled: true -``` - - -## Configure Terraform Integration for BitBucket - -This is *(optional)*. - -### Enable and configure the BitBucket Artifact Provider - -Spinnaker uses the BitBucket Artifact Provider to download any referenced `tfvar` -files, so it must be configured with the BitBucket token to pull these files. - -If you already have a BitBucket artifact account configured in Spinnaker, skip this step. - -Replace `bitbucket-for-terraform` with any unique identifier to -identify the artifact account. - - - -```yaml -apiVersion: spinnaker.armory.io/{{< param operator-extended-crd-version >}} -kind: SpinnakerService -metadata: - name: spinnaker -spec: - spinnakerConfig: - config: - artifacts: - bitbucket: - enabled: true - accounts: - - name: bitbucket-for-terraform - username: - password: # This field supports "encrypted" field references -``` - - - -## Enable Terraform Integration - -In `SpinnakerService` manifest: - -```yaml -apiVersion: spinnaker.armory.io/{{< param operator-extended-crd-version >}} -kind: SpinnakerService -metadata: - name: spinnaker -spec: - spinnakerConfig: - config: - armory: - terraform: - enabled: true - profiles: - deck: - # Enables the UI for the Terraform Integration stage - settings-local.js: | - window.spinnakerSettings.feature.terraform = true; -``` - -This example manifest also enables the Terraform Integration UI. - - -### Remote backends - -The Terraform Integration feature supports using remote backends provided by Terraform Cloud and Terraform Enterprise. - -When using remote backends, keep the following in mind: - -* The Terraform stage must use the same Terraform version that your Terraform Cloud/Enterprise workspace is configured to run. -* The minimum supported Terraform version is 0.12.0. -* In the Terraform Cloud/Enterprise UI, the type of `plan` action that the Terraform Integration stage performs is a "speculative plan." For more information, see [Speculative Plans](https://www.terraform.io/docs/cloud/run/index.html#speculative-plans) in the Terraform docs. -* You cannot save and apply a plan file. - -#### Enable remote backend support - -End users can use remote backends by configuring the Terraform Integration stage with the following parameters: - -* A Terraform version that is 0.12.0 or later and matches the version that your Terraform Cloud/Enterprise runs. -* Reference a remote backend in your Terraform code. - -To enable support, add the following config to your `terraformer-local.yml` file in the `.hal/default/profiles` directory: - -```bash -terraform: - remoteBackendSupport: true -``` - -## Enable the Terraform Integration UI - -If you previously used the Terraform Integration stage by editing the JSON representation of the stage, those stages are automatically converted to use the UI. - -## Complete the installation - -After you finish your Terraform Integration configuration, perform the following steps: - -1. Apply the changes: - - - Assuming that Spinnaker lives in the namespace `spinnaker` and the `SpinnakerService` manifest is named `spinnakerservice.yml`: - - ```bash - kubectl -n spinnaker apply -f spinnakerservice.yml - ``` - - - -1. Confirm that the Terraform Integration service (Terraformer) is deployed with your Spinnaker deployment: - - ```bash - kubectl get pods -n - ``` - - In the command output, look for a line similar to the following: - - ```bash - spin-terraformer-d4334g795-sv4vz 2/2 Running 0 0d - ``` - -## Configure Terraform for your cloud provider - ->The Terraform Integration is cloud provider agnostic. Terraform commands execute against the terraform binary. All methods of configuring authentication are supported as per Terraform's compatibility and capabilities. - -You can also configure a profile that grants access to resources such as AWS. - -## Named Profiles - -When creating pipelines, a Named Profile gives you the ability to reference certain kinds of external sources, such as a private remote repository. The supported credentials are described in [Types of credentials](#types-of-credentials). - -### Configure a Named Profile - -Configure profiles that you can select when creating a Terraform Integration stage: - -1. In your `SpinnakerService`, add the profiles to `spec.spinnakerConfig.profiles.terraformer` that you would like to enable. The following example adds a profile named `pixel-git` for an SSH key secured in Vault. You can find additional profile examples at [Types of credentials](#types-of-credentials). - - ```yaml - - name: pixel-git # Unique profile name displayed in Deck - variables: - - kind: git-ssh - options: - sshPrivateKey: encrypted:vault!e:!p:!k:!b: - ``` - -1. Save the file and apply changes: - -```bash -kubectl -n spinnaker apply -f spinnakerservice.yml -``` - -Keep in mind: - -1. When you create or edit a Terraform Integration stage in Deck, you can select the profile `pixel-git` from a dropdown. -1. When adding profiles: - - * You can add multiple profiles under the `profiles` section. - * As a best practice, do not commit plain text secrets to `spec.spinnakerConfig.profiles.terraformer`. Instead, use a [secret store]({{< ref "secrets" >}}): [Vault]({{< ref "secrets-vault" >}}), an [encrypted S3 bucket]({{< ref "secrets-s3" >}}), an [AWS Secrets Manager]({{< ref "secrets-aws-sm" >}}), or an [encrypted GCS bucket]({{< ref "secrets-gcs" >}}). - * For SSH keys, each profile supports only one option parameter at a time. This means that you can use a private key file (`sshPrivateKeyFilePath`) or the key (`sshPrivateKey`) as the option. To use the key file path, use `sshPrivateKeyFilePath` for the option and provide the path to the key file. You can also encrypt the path using a secret store such as Vault. The following `option` example uses `sshPrivateKeyFilePath`: - - ```yaml - options: - sshPrivateKeyFilePath: encryptedFile:!e:... - ``` - - For more information, see the documentation for your secret store. - -### Add authz to Named Profiles - -Armory recommends that you enable authorization for your Named Profiles to provide more granular control and give App Developers better guardrails. When you configure authz for Named Profiles, you need to explicitly grant permission to the roles you want to have access to the profile. Users who do not have permission to use a certain Named Profile do not see it as an option in Deck. Also, any stage that uses a Named Profile that a user is not authorized for fails. - -{{% alert color=note title="Note" %}}Before you start, make sure you enable Fiat. For more information about Fiat, see [Fiat Overview]({{< ref "fiat-permissions-overview" >}}) and [Authorization (RBAC)](https://spinnaker.io/setup/security/authorization/).{{% /alert %}} - -This example does the following: - -* Grants access to the resources and accounts that you need, such as permissions to deploy to AWS via FIAT in Cloud -* Enables FIAT authz to work with Terraformer - -In your `SpinnakerService` manifest: - -```yaml -apiVersion: spinnaker.armory.io/{{< param operator-extended-crd-version >}} -kind: SpinnakerService -metadata: - name: spinnaker -spec: - spinnakerConfig: - profiles: - profiles: - terraformer: - fiat: - enabled: true - baseUrl: https://spin-fiat:7003 # ${services.fiat.baseUrl} -``` - -You can see a demo here: [Named Profiles for the Terraform Integration](https://www.youtube.com/watch?v=RYO-b1kyEU0). - -### Types of credentials - -The Terraform integration supports multiple types of credentials for Named Profiles: - -* AWS -* SSH -* Static -* Terraform remote backend - -If you’re not using AWS, you should configure one of the other credential types in your Named Profile. If you don't see a credential that suits your use case, [submit a feature request](https://feedback.armory.io/feature-requests). - -For information about how to configure a Profile, see [Configuring a profile](#configuring-a-named-profile). - -**AWS** - -Use the `aws` credential type to provide authentication to AWS. There are two methods you can use to provide authentication - by defining a static key pair or a role that should be assumed before a Terraform action is executed. - -For defining a static key pair, supply an `accessKeyId` and a `secretAccessKey`: - -```yaml -- name: devops # Unique name for the profile. Shows up in Deck. - variables: - - kind: aws # Type of credential - options: - accessKeyId: AKIAIOWQXTLW36DV7IEA - secretAccessKey: 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 -``` - -For assuming a role instead of defining a static set of credentials, supply the ARN of the role to assume: - -```yaml -- name: devops # Unique name for the profile. Shows up in Deck. - variables: - - kind: aws # Type of credential - options: - assumeRole: arn:aws:iam::012345567:role/roleAssume -``` - -*When assuming a role, if `accessKeyId` and `secretAccessKey` are supplied, the Terraform integration uses these credentials to assume the role. Otherwise, the environment gets used for authentication, such as a machine role or a shared credentials file.* - -**SSH Key** - -Use the `git-ssh` credential kind to provide authentication to private Git repositories used as modules within your Terraform actions. The supplied SSH key will be available to Terraform for the duration of your execution, allowing it to fetch any modules it needs: - -```yaml -- name: pixel-git # Unique name for the profile. Shows up in Deck. - variables: - - kind: git-ssh # Type of credential - options: - sshPrivateKey: encrypted:vault!e:!p:!k:!b: -``` - -**Static** - -Use the `static` credential kind to provide any arbitrary key/value pair that isn't supported by any of the other credential kinds. For example, if you want all users of the `devops` profile to execute against the `AWS_REGION=us-west-2`, use the following `static` credential configuration. - -```yaml -- name: devops # Unique name for the profile. Shows up in Deck. - variables: - - kind: static # Type of credential - options: - name: AWS_REGION - value: us-west-2 -``` - -**Terraform remote backend** - -Use the `tfc` credential kind to provide authentication to remote Terraform backends. - -```yaml -- name: milton-tfc # Unique name for the profile. Shows up in Deck. - variables: - - kind: tfc - options: - domain: app.terraform.io # or Terraform Enterprise URL - token: # Replace with your token -``` - - -## Retries - -The Terraformer service can retry connections if it fails to fetch artifacts from Clouddriver. Configure the retry behavior in your `terraformer-local.yml` file by adding the following snippet: - - -```yaml -# terraformer-local.yml -clouddriver: - retry: - enabled: true - minWait: 4s # must be a duration, such as 4s for 4 seconds - maxWait: 8s # must be a duration, such as 8s for 8 seconds - maxRetries: 5 -``` - -The preceding example enables retries and sets the minimum wait between attempts to 4 seconds, the maximum wait between attempts to 8s, and the maximum number of retries to 5. - -## Logging and metrics - -> If the logging URL is not responsive, the Terraform Integration may not process deploys until the URL can be reached. - -You can enable logging and metrics for Prometheus by adding the following configuration to the `spec.spinnakerConfig.profiles.terraformer.logging.remote` block in your `SpinnakerService` manifest: - - -```yaml -spec: - spinnakerConfig: - profiles: - terraformer: - logging: - remote: - enabled: true - endpoint: # For example, https://debug.armory.io - version: 1.2.3 - customerId: someCustomer123 # Your Armory Customer ID - metrics: - enabled: true - frequency: # Replace with an integer value for seconds based on how frequently you want metrics to be scraped - prometheus: - enabled: true - commonTags: # The following tags are examples. Use tags that are relevant for your environment - # env: dev - # nf_app: exampleApp - # nf_region: us-west-1 - -``` - +--- \ No newline at end of file diff --git a/content/en/continuous-deployment/feature-status/continuous-deployment-matrix/_index.md b/content/en/continuous-deployment/feature-status/continuous-deployment-matrix/_index.md index 8d25616e1a..1b4682be97 100644 --- a/content/en/continuous-deployment/feature-status/continuous-deployment-matrix/_index.md +++ b/content/en/continuous-deployment/feature-status/continuous-deployment-matrix/_index.md @@ -122,31 +122,15 @@ The following table lists the supported artifact stores: [![Generally available](/images/ga.svg)]({{< ref "release-definitions#ga" >}}) ![Proprietary](/images/proprietary.svg) -Use Terraform within your pipelines to create your infrastructure as part of your software delivery pipeline. For more information see {{< linkWithTitle terraform-enable-integration.md >}} and {{< linkWithTitle terraform-use-integration.md >}}. +Use Terraform within your pipelines to create your infrastructure as part of your software delivery pipeline. Terraform Integration is a feature in Armory CD and a plugin for Spinnaker. For more information see the [Terrafrom Integration docs]({{< ref "plugins/terraform/_index.md" >}}). **Supported Terraform versions** -| CDSH Version | Terraform Supported Versions | Notes | -| ------------ | ------------------------------------------- | ----------------------------------------------------------------------------- | -| 2.27 | 0.11, 0.12, 0.13, 0.14, 0.15, 1.0, 1.1, 1.2 | | -| 2.28 | 0.12, 0.13, 0.14, 0.15, 1.0, 1.1, 1.2 | Version 0.12 was not available in 2.28 but is supported as of release 2.28.1. | -| 2.30 | 0.12, 0.13, 0.14, 0.15, 1.0, 1.1, 1.2, 1.3 | | - -{{% alert title="Note" color="primary" %}} -Not all patch versions are included for each release. Although other Terraform versions may be usable with Armory Continuous Deployment and the Terraform Integration, only the versions listed here are supported. -{{% /alert %}} - - +{{< include "plugins/terraform/terraform-versions.md" >}} **Features** -The following table lists the Terraform Integration features and their supported versions: - -| Feature | Armory Continuous Deployment Version | Notes | -| ---------------------------------------------------------------------------------------------- | ------------------------- | ----- | -| [Base Terraform Integration]({{< ref "terraform-enable-integration" >}}) | All supported versions | | -| [Named Profiles with authorization]({{< ref "terraform-enable-integration#named-profiles" >}}) | All supported versions | | - +{{< include "plugins/terraform/features.md" >}} Support is limited to configuring Terraform Integration and using the stage within Armory Continuous Deployment. Armory's Customer Care team does not troubleshoot Terraform script issues or infrastructure creation using Terraform. If you have questions, contact your assigned Technical Account Manager and/or Account Executive. Alternatively, you can reach our Customer Care team by visiting the [Armory Support Portal](https://support.armory.io/) to [submit a case](https://support.armory.io/support?id=kb_article_view&sysparm_article=KB0010136). diff --git a/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-26-5.md b/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-26-5.md index 35c938e85e..827f9524c0 100644 --- a/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-26-5.md +++ b/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-26-5.md @@ -55,7 +55,7 @@ Each item category (such as UI) under here should be an h3 (###). List the follo There is a new Terraform Show stage available as part of the Terraform Integration. This stage is the equivalent of running the `terraform show` command with Terraform. The JSON output from your `planfile` can be used in subsequent stages. -To use the stage, select **Terraform** for the stage type and **Show** as the action in the stage configuration UI. Note that the Show stage depends on your Plan stage. For more information, see the [Show Stage section in the Terraform Integration docs]({{< ref "terraform-use-integration#example-terraform-integration-stage" >}}). +To use the stage, select **Terraform** for the stage type and **Show** as the action in the stage configuration UI. Note that the Show stage depends on your Plan stage. For more information, see the [Show Stage section in the Terraform Integration docs]({{< ref "plugins/terraform/use#example-terraform-integration-stage" >}}). ### Spinnaker Community Contributions diff --git a/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-27-3.md b/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-27-3.md index 10749fe5d7..722417c077 100644 --- a/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-27-3.md +++ b/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-27-3.md @@ -58,7 +58,7 @@ Armory scans the codebase as we develop and release software. Contact your Armor ### **Show** Added to Terraform Integration Stage There is a new Terraform action available as part of the Terraform Integration stage. This action is the equivalent of running the Terraform ```show``` command with Terraform. The JSON output from your planfile can be used in subsequent stages. -To use the stage, select **Terraform** for the stage type and **Show** as the action in the Stage Configuration UI. Note that the **Show** stage depends on your **Plan** stage. For more information, see [Show Stage section in the Terraform Integration docs]({{< ref "terraform-use-integration#example-terraform-integration-stage" >}}). +To use the stage, select **Terraform** for the stage type and **Show** as the action in the Stage Configuration UI. Note that the **Show** stage depends on your **Plan** stage. For more information, see [Show Stage section in the Terraform Integration docs]({{< ref "plugins/terraform/use#example-terraform-integration-stage" >}}). ## Detailed updates diff --git a/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-28-0.md b/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-28-0.md index f88a0ade5e..797dfa5bd3 100644 --- a/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-28-0.md +++ b/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-28-0.md @@ -82,12 +82,13 @@ EXECUTE defined as a potential permission type. Added support for max concurrent pipeline executions. If concurrent pipeline execution is enabled, pipelines will queue when the max concurrent pipeline executions is reached. Any queued pipelines will be allowed to run once the number of running pipeline executions drops below the max. If the max is set to 0, then pipelines will not queue. ### **Show** Added to Terraform Integration Stage + There is a new Terraform action available as part of the Terraform Integration stage. This action is the equivalent of running the Terraform ```show``` command with Terraform. The JSON output from your planfile can be used in subsequent stages. -To use the stage, select **Terraform** for the stage type and **Show** as the action in the Stage Configuration UI. Note that the **Show** stage depends on your **Plan** stage. For more information, see [Show Stage section in the Terraform Integration docs]({{< ref "terraform-use-integration#example-terraform-integration-stage" >}}). +To use the stage, select **Terraform** for the stage type and **Show** as the action in the Stage Configuration UI. Note that the **Show** stage depends on your **Plan** stage. For more information, see [Show Stage section in the Terraform Integration docs]({{< ref "plugins/terraform/use#example-terraform-integration-stage" >}}). ### Terraform remote backends provided by Terraform Cloud and Terraform Enterprise -Terraform now supports remote backends provided by Terraform Cloud and Terraform Enterprise - see [Remote Backends section in the Terraform Integration docs]({{< ref "terraform-enable-integration#remote-backends" >}}). +Terraform now supports remote backends provided by Terraform Cloud and Terraform Enterprise - see [Remote Backends section in the Terraform Integration docs]({{< ref "plugins/terraform/install/configure" >}}). ### Clouddriver * Improvements to Docker Registry Account Management, including integration of Docker Registry Clouddriver accounts to take advantage of the new self-service on-boarding account management API. diff --git a/content/en/contribute/create/guides/tips-tricks.md b/content/en/contribute/create/guides/tips-tricks.md index 35c4b0b594..d7c4825cc9 100644 --- a/content/en/contribute/create/guides/tips-tricks.md +++ b/content/en/contribute/create/guides/tips-tricks.md @@ -55,7 +55,7 @@ If there isn’t a description, Hugo uses the first 70 words of your content. Fo - /spinnaker/terraform-configure-integration/ - /docs/spinnaker/terraform-enable-integration/---## Overview -The examples on this page describe how to configure the Terraform Integration and an artifact provider to support either GitHub or BitBucket. Note that the Terraform Integration also requires a `git/repo` artifact account. For information about how to use the stage, see [Using the Terraform Integration]({{< ref "terraform-use-integration" >}}). +The examples on this page describe how to configure the Terraform Integration and an artifact provider to support either GitHub or BitBucket. Note that the Terraform Integration also requires a `git/repo` artifact account. For information about how to use the stage, see [Using the Terraform Integration]({{< ref "plugins/terraform/use" >}}). Armory's Terraform Integration integrates your infrastructure-as-code Terraform workflow into your SDLC. The integration interacts with a source repository you specify to deploy your infrastructure as part of a Spinnaker pipeline. ``` diff --git a/content/en/includes/plugins/plugin-compat-matrix.md b/content/en/includes/plugins/plugin-compat-matrix.md index 31003121a9..1a90108c13 100644 --- a/content/en/includes/plugins/plugin-compat-matrix.md +++ b/content/en/includes/plugins/plugin-compat-matrix.md @@ -6,3 +6,4 @@ | {{< linkWithLinkTitle "plugins/pipelines-as-code/_index.md" >}}
{{% getPageDesc "/plugins/pipelines-as-code/_index.md" %}} | 1.26+ | 2.21+ | | {{< linkWithLinkTitle "plugins/policy-engine/_index.md" >}}
{{% getPageDesc "/plugins/policy-engine/_index.md" %}} | 1.26+ | 2.26+ | | {{< linkWithLinkTitle "plugins/scale-agent/_index.md" >}}
{{% getPageDesc "/plugins/scale-agent/_index.md" %}} | 1.26+ | 2.26+ | +| {{< linkWithLinkTitle "plugins/terraform/_index.md" >}}
{{% getPageDesc "/plugins/terraform/_index.md" %}} | 1.26+ | 2.26+ | \ No newline at end of file diff --git a/content/en/includes/plugins/terraform/code/deployment.md b/content/en/includes/plugins/terraform/code/deployment.md new file mode 100644 index 0000000000..ee5b59d15d --- /dev/null +++ b/content/en/includes/plugins/terraform/code/deployment.md @@ -0,0 +1,99 @@ +```yaml +apiVersion: v1 +kind: Service +metadata: + name: spin-terraformer + labels: + app: spin + cluster: spin-terraformer +spec: + selector: + app: spin + cluster: spin-terraformer + ports: + - name: http + port: 7088 + protocol: TCP + targetPort: 7088 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: spin-terraformer + annotations: + deployment.kubernetes.io/revision: "1" + moniker.spinnaker.io/application: '"spin"' + moniker.spinnaker.io/cluster: '"terraformer"' + labels: + app: spin + app.kubernetes.io/managed-by: armory + app.kubernetes.io/name: terraformer + app.kubernetes.io/part-of: spinnaker + app.kubernetes.io/version: # CHANGE + cluster: spin-terraformer +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: spin + cluster: spin-terraformer + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + labels: + app: spin + app.kubernetes.io/managed-by: armory + app.kubernetes.io/name: terraformer + app.kubernetes.io/part-of: spinnaker + app.kubernetes.io/version: # CHANGE + cluster: spin-terraformer + spec: + affinity: {} + containers: + - env: + - name: SPRING_PROFILES_ACTIVE + value: local + image: docker.io/armory/terraformer + imagePullPolicy: IfNotPresent + lifecycle: {} + name: terraformer + ports: + - containerPort: 7088 + protocol: TCP + readinessProbe: + exec: + command: + - wget + - --no-check-certificate + - --spider + - -q + - http://localhost:7088/health + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/spinnaker/config + name: spin-terraformer-config-file + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + runAsUser: 1000 + terminationGracePeriodSeconds: 60 + volumes: + - name: spin-terraformer-config-file + secret: + secretName: spin-terraformer-config-file + +``` diff --git a/content/en/includes/plugins/terraform/code/k8s-permissions.md b/content/en/includes/plugins/terraform/code/k8s-permissions.md new file mode 100644 index 0000000000..623079dbc9 --- /dev/null +++ b/content/en/includes/plugins/terraform/code/k8s-permissions.md @@ -0,0 +1,137 @@ +```yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: terraformer-sa + namespace: spinnaker +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: terraformer-cluster-role +rules: +- apiGroups: + - extensions + resources: + - ingresses + - ingresses/status + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - networking.k8s.io + resources: + - ingresses + - ingresses/status + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - pods + - endpoints + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - services + - services/finalizers + - events + - configmaps + - secrets + - namespaces + - jobs + verbs: + - create + - get + - list + - update + - watch + - patch + - delete +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - get + - list + - update + - watch + - patch +- apiGroups: + - apps + - extensions + resources: + - deployments + - deployments/finalizers + - deployments/scale + - daemonsets + - replicasets + - statefulsets + verbs: + - create + - get + - list + - update + - watch + - patch + - delete +- apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create +- apiGroups: + - spinnaker.armory.io + resources: + - '*' + - spinnakerservices + verbs: + - create + - get + - list + - update + - watch + - patch +- apiGroups: + - admissionregistration.k8s.io + resources: + - validatingwebhookconfigurations + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: terraformer-cluster-role-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: terraformer-cluster-role +subjects: +- kind: ServiceAccount + name: terraformer-sa + namespace: spinnaker +``` \ No newline at end of file diff --git a/content/en/includes/plugins/terraform/code/terraform-config-map.md b/content/en/includes/plugins/terraform/code/terraform-config-map.md new file mode 100644 index 0000000000..a264ccf4b8 --- /dev/null +++ b/content/en/includes/plugins/terraform/code/terraform-config-map.md @@ -0,0 +1,136 @@ +```yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: spin-terraformer-config + namespace: spinnaker +data: + terraformer.yml: | + clouddriver: + baseUrl: ${services.clouddriver.baseUrl} + enabled: true + executor: + scrapeLogsIntervalSecs: 5 + workers: 3 + git: + enabled: false + redis: + baseUrl: ${services.redis.baseUrl} + enabled: ${services.redis.enabled} + server: + host: ${services.terraformer.host} + port: ${services.terraformer.port} + spectator: + applicationName: ${spring.application.name} + webEndpoint: + enabled: false + spinnaker: + extensibility: + plugins: {} + plugins-root-path: /opt/terraformer/plugins + repositories: {} + strict-plugin-loading: false + spinnaker.yml: | + global.spinnaker.timezone: America/Los_Angeles + services: + clouddriver: + baseUrl: http://spin-clouddriver:7002 + enabled: true + host: 0.0.0.0 + port: 7002 + clouddriverCaching: + baseUrl: http://spin-clouddriver-caching:7002 + enabled: false + host: 0.0.0.0 + port: 7002 + clouddriverRo: + baseUrl: http://spin-clouddriver-ro:7002 + enabled: false + host: 0.0.0.0 + port: 7002 + clouddriverRoDeck: + baseUrl: http://spin-clouddriver-ro-deck:7002 + enabled: false + host: 0.0.0.0 + port: 7002 + clouddriverRw: + baseUrl: http://spin-clouddriver-rw:7002 + enabled: false + host: 0.0.0.0 + port: 7002 + deck: + baseUrl: http://localhost:9000 + enabled: true + host: 0.0.0.0 + port: 9000 + dinghy: + baseUrl: http://spin-dinghy:8081 + enabled: true + host: 0.0.0.0 + port: 8081 + echo: + baseUrl: http://spin-echo:8089 + enabled: true + host: 0.0.0.0 + port: 8089 + echoScheduler: + baseUrl: http://spin-echo-scheduler:8089 + enabled: false + host: 0.0.0.0 + port: 8089 + echoWorker: + baseUrl: http://spin-echo-worker:8089 + enabled: false + host: 0.0.0.0 + port: 8089 + fiat: + baseUrl: http://spin-fiat:7003 + enabled: false + host: 0.0.0.0 + port: 7003 + front50: + baseUrl: http://spin-front50:8080 + enabled: true + host: 0.0.0.0 + port: 8080 + gate: + baseUrl: http://localhost:8084 + enabled: true + host: 0.0.0.0 + port: 8084 + igor: + baseUrl: http://spin-igor:8088 + enabled: false + host: 0.0.0.0 + port: 8088 + kayenta: + baseUrl: http://spin-kayenta:8090 + enabled: false + host: 0.0.0.0 + port: 8090 + monitoringDaemon: + baseUrl: http://spin-monitoring-daemon:8008 + enabled: false + host: 0.0.0.0 + port: 8008 + orca: + baseUrl: http://spin-orca:8083 + enabled: true + host: 0.0.0.0 + port: 8083 + redis: + baseUrl: redis://spin-redis:6379 + enabled: true + host: 0.0.0.0 + port: 6379 + rosco: + baseUrl: http://spin-rosco:8087 + enabled: true + host: 0.0.0.0 + port: 8087 + terraformer: + baseUrl: http://spin-terraformer:7088 + enabled: false + host: 0.0.0.0 + port: 7088 +``` diff --git a/content/en/includes/plugins/terraform/compat-matrix.md b/content/en/includes/plugins/terraform/compat-matrix.md new file mode 100644 index 0000000000..de0a07818a --- /dev/null +++ b/content/en/includes/plugins/terraform/compat-matrix.md @@ -0,0 +1,5 @@ +| Spinnaker Version | Terraform Integration Service Version | Terraform Integration Plugin Version | +|:-------------------------- |:------------------------------ | :------------------------------ | +| 1.30.x | 2.30 | 0.0.2 | +| 1.29.x | 2.28 | 0.0.1 | +| 1.28.x | 2.28 | 0.0.1 | diff --git a/content/en/includes/plugins/terraform/config-artifact-acct.md b/content/en/includes/plugins/terraform/config-artifact-acct.md new file mode 100644 index 0000000000..eaaee7b2cf --- /dev/null +++ b/content/en/includes/plugins/terraform/config-artifact-acct.md @@ -0,0 +1,25 @@ +The Terraform Integration uses the following artifact accounts: + * **Git Repo** - To fetch the repo housing your main Terraform files. + * **GitHub, BitBucket or HTTP** - *Optional*. To fetch single files such as var-files or backend config files. + + +**Configure the Git Repo artifact** + +Spinnaker uses the Git Repo Artifact Provider to download the repo containing your main Terraform templates. + +Edit your configuration to add the following: + +```yaml +spec: + spinnakerConfig: + profiles: + clouddriver: + artifacts: + gitRepo: + enabled: true + accounts: + - name: gitrepo + token: # personal access token +``` + +For more configuration options, see [Configure a Git Repo Artifact Account](https://spinnaker.io/setup/artifacts/gitrepo/). \ No newline at end of file diff --git a/content/en/includes/plugins/terraform/config-redis.md b/content/en/includes/plugins/terraform/config-redis.md new file mode 100644 index 0000000000..3fc21932ff --- /dev/null +++ b/content/en/includes/plugins/terraform/config-redis.md @@ -0,0 +1,15 @@ +Terraform Integration uses Redis to store Terraform logs and plans. + +>You can only configure the Terraform Integration feature to use a password with the default Redis user. + +Configure Redis settings in your configuration and then apply. + +```yaml +spec: + spinnakerConfig: + profiles: + terraformer: + redis: + baseUrl: "redis://spin-redis:6379" + password: "password" +``` \ No newline at end of file diff --git a/content/en/includes/plugins/terraform/configure-optional-repos.md b/content/en/includes/plugins/terraform/configure-optional-repos.md new file mode 100644 index 0000000000..f1d523f543 --- /dev/null +++ b/content/en/includes/plugins/terraform/configure-optional-repos.md @@ -0,0 +1,54 @@ +>This step is optional. + +{{< tabpane text=true right=true >}} +{{% tab header="**Configure Optional Repos**:" disabled=true /%}} + +{{% tab header="GitHub" %}} + +These *optional* steps describe how to configure GitHub as an artifact provider for the Terraform Integration. + +Spinnaker uses the Github Artifact Provider to download any referenced `tfvar` files. + +Configure your GitHub artifact: + +```yaml +spec: + spinnakerConfig: + config: + artifacts: + github: + accounts: + - name: + token: + enabled: true +``` + +* `name`: the name for this account; replace `github-for-terraform` with a unique identifier for the artifact account. +* `token`: GitHub personal access token; this field supports "encrypted" field references. + +{{% /tab %}} + +{{% tab header="Bitbucket" %}} +Spinnaker uses the BitBucket Artifact Provider to download any referenced `tfvar` files, so it must be configured with the BitBucket token to pull these files. + +```yaml +spec: + spinnakerConfig: + config: + artifacts: + bitbucket: + enabled: true + accounts: + - name: + username: + password: +``` + +* `name`: the name for this account; replace `` with a unique identifier for the artifact account. +* `username`: Your Bitbucket username. +* `password`: Your Bitbucket password; this field supports "encrypted" field references. + + +{{% /tab %}} + +{{< /tabpane >}} \ No newline at end of file diff --git a/content/en/includes/plugins/terraform/features.md b/content/en/includes/plugins/terraform/features.md new file mode 100644 index 0000000000..b50f5f391b --- /dev/null +++ b/content/en/includes/plugins/terraform/features.md @@ -0,0 +1,6 @@ +The following table lists the Terraform Integration features and their supported versions: + +| Feature | Armory Continuous Deployment Version | Notes | +| ---------------------------------------------------------------------------------------------- | ------------------------- | ----- | +| Base Terraform Integration | All supported versions | | +| Named Profiles with authorization| All supported versions | | diff --git a/content/en/includes/plugins/terraform/terraform-prereqs.md b/content/en/includes/plugins/terraform/terraform-prereqs.md new file mode 100644 index 0000000000..6d985330d5 --- /dev/null +++ b/content/en/includes/plugins/terraform/terraform-prereqs.md @@ -0,0 +1,13 @@ +**Terraform Integration requirements** + +* Basic auth credentials for the Git repository where your store your Terraform scripts. The Terraform Integration plugin needs access to credentials to download directories that house your Terraform templates. + * You can configure your Git repo with any of the following: + * A Personal Access Token (potentially associated with a service account). + * SSH protocol in the form of an SSH key or an SSH key file + * Basic auth in the form of a user and password, or a user-password file +* A source for Terraform Input Variable files (`tfvar`) or a backend config. You must have a separate artifact provider that can pull your `tfvar` file(s). The Terraform Integration plugin supports the following artifact providers for `tfvar` files and backend configs: + * GitHub + * BitBucket + * HTTP artifact +* A dedicated external Redis instance + * Armory requires configuring a dedicated external Redis instance for production usage of the Terraform Integration plugin. This is to ensure that you do not encounter scaling or stability issues in production. \ No newline at end of file diff --git a/content/en/includes/plugins/terraform/terraform-versions.md b/content/en/includes/plugins/terraform/terraform-versions.md new file mode 100644 index 0000000000..8b7a6fb732 --- /dev/null +++ b/content/en/includes/plugins/terraform/terraform-versions.md @@ -0,0 +1,9 @@ +>Not all patch versions are included for each release. Although other Terraform versions may be usable with Spinnaker/Armory CD and Terraform Integration, Armory only supports the versions listed here. + +| Terraform Versions | Armory CD Version | Spinnaker Version | Notes | +| :-------------------------- | :-------------------------- | :-------------------------- | :-------------------------- | +| 0.12, 0.13, 0.14, 0.15, 1.0, 1.1, 1.2, 1.3 | 2.30 | 1.30 | | +| 0.12, 0.13, 0.14, 0.15, 1.0, 1.1, 1.2 | 2.28 | 1.28 | Version 0.12 was not available in 2.28 but is supported as of release 2.28.1. | +| 0.11, 0.12, 0.13, 0.14, 0.15, 1.0, 1.1, 1.2 | 2.27 | 1.27 | | +| 0.11, 0.12, 0.13, 0.14, 0.15, 1.0 | 2.26 | 1.26 | | + diff --git a/content/en/includes/plugins/terraform/whats-next.md b/content/en/includes/plugins/terraform/whats-next.md new file mode 100644 index 0000000000..d81cee7c2d --- /dev/null +++ b/content/en/includes/plugins/terraform/whats-next.md @@ -0,0 +1,2 @@ +* [Configure Terraform Integration optional features]({{< ref "plugins/terraform/install/configure.md" >}}) +* [Use the Terraform Integration stage]({{< ref "plugins/terraform/use.md" >}}) \ No newline at end of file diff --git a/content/en/plugins/pipelines-as-code/install/spinnaker-operator.md b/content/en/plugins/pipelines-as-code/install/spinnaker-operator.md index daec3e4dd2..83309df582 100644 --- a/content/en/plugins/pipelines-as-code/install/spinnaker-operator.md +++ b/content/en/plugins/pipelines-as-code/install/spinnaker-operator.md @@ -1,7 +1,7 @@ --- title: Install Pipelines-as-Code in Spinnaker (Spinnaker Operator) linkTitle: Spinnaker - Operator -weight: 5 +weight: 3 description: > Learn how to install Armory Pipelines-as-Code in a Spinnaker instance managed by the Spinnaker Operator. --- diff --git a/content/en/plugins/terraform/_index.md b/content/en/plugins/terraform/_index.md new file mode 100644 index 0000000000..0b5330a543 --- /dev/null +++ b/content/en/plugins/terraform/_index.md @@ -0,0 +1,86 @@ +--- +title: Terraform Integration Plugin for Spinnaker and Armory CD +linkTitle: Terraform Integration +description: > + The Terraform Integration plugin enables provisioning infrastructure using Terraform as part of your Spinnaker and Armory Continuous Deployment pipelines. +no_list: true +--- + +![Proprietary](/images/proprietary.svg) [![Generally available](/images/ga.svg)]({{< ref "release-definitions#ga" >}}) + +## Overview of Terraform Integration + +Armory's Terraform Integration feature integrates your infrastructure-as-code Terraform workflow into your SDLC. The integration interacts with a source repository you specify to deploy your infrastructure as part of a Spinnaker pipeline. + +Terraform Integration has two components - the plugin and the standalone service. + +* Terraformer service + + * Stores Terraform jobs in an execution queue + * Execute those jobs + * Exposes an API to monitor jobs executions + +* Spinnaker plugin + + * Extends Orca with a new stage and 3 tasks - run terraform, monitor terraform run, bind produced artifacts + * Extends Deck with new component + * Extends Gate with new API + +Additionally, Terraform Integration requires a [Redis](https://redis.io/) instance to store Terraform logs and plans. For production, you should have a dedicated external Redis instance to ensure that you do not encounter scaling or stability issues. + +## Spinnaker compatibility matrix + +{{< include "plugins/terraform/compat-matrix.md" >}} + +## Supported Terraform versions + +{{< include "plugins/terraform/terraform-versions.md" >}} + +Armory ships several versions of Terraform as part of the Terraform Integration feature. The Terraform binaries are verified by checksum and with Hashicorp's GPG key before being installed. + +When creating a Terraform Integration stage, pipeline creators select a specific available version from a list of available versions: + +![Terraform version to use](/images/plugins/terraform/terraform_version.png) + +>All Terraform stages within a pipeline that affects state must use the same Terraform version. + +## Supported Terraform features + +{{< include "plugins/terraform/features.md" >}} + +## Installation paths + +Terraform Integration is a feature in Armory CD, so you only need to enable the service. For Spinnaker, however, you need to install both the Terraform Integration service and the Spinnaker plugin. + +{{< cardpane >}} +{{< card header="Armory CD
Armory Operator" >}} + +1. Configure Armory CD. +1. Enable Terraform Integration. +1. Apply the updated configuration. + +[Instructions]({{< ref "plugins/terraform/install/armory-cd" >}}) +{{< /card >}} + +{{< card header="Spinnaker
Spinnaker Operator" >}} +Use Kustomize patches to deploy the service and install the plugin. + +1. Configure Spinnaker. +1. Configure the service and plugin. +1. Install both at the same time. + +[Instructions]({{< ref "plugins/terraform/install/spinnaker-operator" >}}) +{{< /card >}} + +{{< card header="Spinnaker
Halyard and kubectl" >}} +Use Kubernetes manifests to deploy the service and Spinnaker local config files to install the plugin. + +1. Configure Spinnaker +1. Create ServiceAccount, ClusterRole, and ClusterRoleBinding. +1. Configure the Terraform Integration service in a ConfigMap. +1. Deploy the Terraform Integration service using `kubectl`. +1. Install the plugin using `hal deploy apply`. + +[Instructions]({{< ref "plugins/terraform/install/spinnaker-halyard" >}}) +{{< /card >}} +{{< /cardpane >}} diff --git a/content/en/plugins/terraform/install/_index.md b/content/en/plugins/terraform/install/_index.md new file mode 100644 index 0000000000..fed3cbbab5 --- /dev/null +++ b/content/en/plugins/terraform/install/_index.md @@ -0,0 +1,7 @@ +--- +title: Get Started with Terraform Integration +linkTitle: Get Started +weight: 1 +description: > + In this section, learn how to configure and install the Terraform Integration Plugin for Spinnaker and Armory Continuous Deployment. +--- diff --git a/content/en/plugins/terraform/install/armory-cd.md b/content/en/plugins/terraform/install/armory-cd.md new file mode 100644 index 0000000000..94c01d4981 --- /dev/null +++ b/content/en/plugins/terraform/install/armory-cd.md @@ -0,0 +1,176 @@ +--- +linkTitle: Armory CD +title: Enable the Terraform Integration Stage in Armory Continuous Deployment +weight: 1 +description: > + Learn how to enable the Terraform Integration stage in Armory CD so that your app developers can provision infrastructure using Terraform as part of their delivery pipelines. +--- +![Proprietary](/images/proprietary.svg) + + +## Overview of enabling Terraform Integration + +Enabling the Terraform Integration stage consists of these steps: + +1. [Configure Armory CD](#configure-armory-cd) +1. [Enable Terraform Integration](#enable-terraform-integration) +1. [Apply the update](#apply-the-update) + +### Compatibility + +{{< include "plugins/terraform/compat-matrix.md" >}} + +## {{% heading "prereq" %}} + +* You have read the [Terraform Integration Overview]({{< ref "plugins/terraform/_index.md" >}}). +* You are running Armory Continuous Deployment. +* You manage your instance using the Armory Operator. + +Terraform Integration is a built-in feature of Armory CD. + +If you are running open source Spinnaker, see the [Terraform Integration Overview]({{< ref "plugins/terraform#installation-paths" >}}) for installation paths based on whether you are using Halyard or the Spinnaker Operator. + +{{< include "plugins/terraform/terraform-prereqs.md" >}} + +## Configure Armory CD + +### Configure Redis + +Terraform Integration uses Redis to store Terraform logs and plans. + +>You can only configure the Terraform Integration feature to use a password with the default Redis user. + +Configure Redis settings in your Armory CD configuration and then apply your changes. + +{{< tabpane text=true right=true >}} +{{% tab header="spinnaker-kustomize-patches" %}} +You need to modify `spinnaker-kustomize-patches/armory/features/patch-terraformer.yml`. Add Redis configuration in the `profiles` section. + +```yaml +profiles: + redis: + baseUrl: "" + password: "" +``` + +{{% /tab %}} +{{% tab header="spinnakerservice.yml" %}} + +```yaml +spec: + spinnakerConfig: + profiles: + terraformer: + redis: + baseUrl: "" + password: "" +``` + +{{% /tab %}} +{{< /tabpane >}} + +### Configure your artifact account + +The Terraform Integration uses the following artifact accounts: + * **Git Repo** - To fetch the repo housing your main Terraform files. + * **GitHub, BitBucket or HTTP** - *Optional*. To fetch single files such as var-files or backend config files. + +Spinnaker uses the Git Repo Artifact Provider to download the repo containing your main Terraform templates. For more configuration options, see [Configure a Git Repo Artifact Account](https://spinnaker.io/setup/artifacts/gitrepo/). + +{{< tabpane text=true right=true >}} +{{% tab header="spinnaker-kustomize-patches" %}} +You need to modify `spinnaker-kustomize-patches/armory/features/patch-terraformer.yml`. Configure artifacts in the `spec.spinnakerConfig.config.artifacts` section. + +```yaml +spec: + spinnakerConfig: + config: + armory: + terraform: + enabled: true + artifacts: + gitrepo: + enabled: true + accounts: + - name: gitrepo + username: + token: + # password: + # tokenFile: + # usernamePasswordFile: + # sshPrivateKeyFilePath: + # sshPrivateKeyPassphrase: + # sshKnownHostsFilePath: + # sshTrustUnknownHosts: +``` + +{{% /tab %}} +{{% tab header="spinnakerservice.yml" %}} + +```yaml +spec: + spinnakerConfig: + profiles: + clouddriver: + artifacts: + gitRepo: + enabled: true + accounts: + - name: gitrepo + token: +``` + +{{% /tab %}} +{{< /tabpane >}} + + +### Configure additional repos + +You need to modify `spinnaker-kustomize-patches/armory/features/patch-terraformer.yml`. Configure additional artifacts in the `spec.spinnakerConfig.config.artifacts` section. + +{{< include "plugins/terraform/configure-optional-repos.md" >}} + +## Enable Terraform Integration + +{{< tabpane text=true right=true >}} +{{% tab header="spinnaker-kustomize-patches" %}} +You need to modify your Kustomization recipe to include `patch-terraformer.yml`. + +```yaml +patchesStrategicMerge: + - armory/features/patch-terraformer.yml +``` + +{{% /tab %}} +{{% tab header="spinnakerservice.yml" %}} +Add `enabled: true` to your `terraform` section. + +```yaml +spec: + spinnakerConfig: + config: + armory: + terraform: + enabled: true +``` + +{{% /tab %}} +{{< /tabpane >}} + +## Apply the update + +After you finish your Terraform Integration configuration, apply your changes. Confirm that the Terraform Integration service (Terraformer) is deployed with your Armory CD deployment: + +```bash +kubectl get pods -n +``` + +In the command output, look for a line similar to the following: + +```bash +spin-terraformer-d4334g795-sv4vz 2/2 Running 0 0d +``` + +## {{% heading "nextSteps" %}} + +{{< include "plugins/terraform/whats-next.md" >}} \ No newline at end of file diff --git a/content/en/plugins/terraform/install/configure.md b/content/en/plugins/terraform/install/configure.md new file mode 100644 index 0000000000..86d493a56e --- /dev/null +++ b/content/en/plugins/terraform/install/configure.md @@ -0,0 +1,298 @@ +--- +title: Configure Terraform Integration Optional Features +linkTitle: Configure Features +weight: 10 +description: > + Learn how to configure optional Terraform Integration features in your Spinnaker or Armory CD instance. +--- + +## Where to configure the Terraform Integration service + + +* Spinnaker (Spinnaker Operator): `spinnaker-kustomize-patches/plugins/oss/pipelines-as-code/terraformer.yml`; use `spinnaker-kustomize-patches/plugins/oss/pipelines-as-code/terraformer-local.yml` for [Named Profiles](#named-profiles) +* Spinnaker (Halyard): `terraformer.yml` section of your ConfigMap; create a new `terraformer-local.yml` section to configure [Named Profiles](#named-profiles) +* Armory CD: `spinnaker-kustomize-patches/armory/features/patch-terraformer.yml` + + +## Cloud provider + +Terraform Integration is cloud provider agnostic. Terraform commands execute against the terraform binary. All methods of configuring authentication are supported as per Terraform's compatibility and capabilities. + +You can also configure a [Named Profile](#named-profiles) that grants access to resources such as AWS. + +## Logging and metrics + +> If the logging URL is not responsive, Terraform Integration may not process deploys until the URL can be reached. + +You can enable logging and metrics for Prometheus by adding the following configuration to the `spec.spinnakerConfig.profiles.terraformer.logging.remote` block in your `SpinnakerService` manifest: + +{{< tabpane text=true right=true >}} +{{% tab header="Spinnaker" %}} +Add the following to your `terraformer.yml` config: + +```yaml +logging: + remote: + enabled: true + endpoint: # For example, https://debug.armory.io + version: 1.2.3 + customerId: someCustomer123 # Your Armory Customer ID + metrics: + enabled: true + frequency: # Replace with an integer value for seconds based on how frequently you want metrics to be scraped + prometheus: + enabled: true + commonTags: # The following tags are examples. Use tags that are relevant for your environment + # env: dev + # nf_app: exampleApp + # nf_region: us-west-1 +``` + +{{% /tab %}} +{{% tab header="Armory CD" %}} + +```yaml +spec: + spinnakerConfig: + profiles: + terraformer: + logging: + remote: + enabled: true + endpoint: # For example, https://debug.armory.io + version: 1.2.3 + customerId: someCustomer123 # Your Armory Customer ID + metrics: + enabled: true + frequency: # Replace with an integer value for seconds based on how frequently you want metrics to be scraped + prometheus: + enabled: true + commonTags: # The following tags are examples. Use tags that are relevant for your environment + # env: dev + # nf_app: exampleApp + # nf_region: us-west-1 +``` +{{% /tab %}} +{{< /tabpane >}} + + +## Named Profiles + +When creating pipelines, a Named Profile gives you the ability to reference certain kinds of external sources, such as a private remote repository. The supported credentials are described in [Types of credentials](#types-of-credentials). + +### Configure a Named Profile + +Configure profiles that you can select when creating a Terraform Integration stage. + +{{< tabpane text=true right=true >}} +{{% tab header="Spinnaker (Operator)" %}} + +Add profiles to the `terraformer-local.yml` file. The following example adds a profile named `pixel-git` for an SSH key secured in Vault. You can find additional profile examples at [Types of credentials](#types-of-credentials). + +```yaml +- name: pixel-git # Unique profile name displayed in Deck + variables: + - kind: git-ssh + options: + sshPrivateKey: encrypted:vault!e:!p:!k:!b: +``` + +{{% /tab %}} +{{% tab header="Spinnaker (Halyard)" %}} + +Add profiles to the `terraformer-local.yml` section of your ConfigMap. The following example adds a profile named `pixel-git` for an SSH key secured in Vault. You can find additional profile examples at [Types of credentials](#types-of-credentials). + +```yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: spin-terraformer-config + namespace: spinnaker +data: + terraformer-local.yml | + profiles: + - name: pixel-git # Unique profile name displayed in Deck + variables: + - kind: git-ssh + options: + sshPrivateKey: encrypted:vault!e:!p:!k:!b: +``` + +{{% /tab %}} +{{% tab header="Armory CD" %}} + +Add profiles to the `spec.spinnakerConfig.profiles.terraformer.profiles` section. The following example adds a profile named `pixel-git` for an SSH key secured in Vault. You can find additional profile examples at [Types of credentials](#types-of-credentials). + +```yaml +- name: pixel-git # Unique profile name displayed in Deck + variables: + - kind: git-ssh + options: + sshPrivateKey: encrypted:vault!e:!p:!k:!b: +``` + +{{% /tab %}} +{{< /tabpane >}} + + +Keep in mind: + +1. When you create or edit a Terraform Integration stage in the UI, you can select the profile `pixel-git` from a dropdown. +1. When adding profiles: + + * You can add multiple profiles under the `profiles` section. + * As a best practice, do not commit plain text secrets to `spec.spinnakerConfig.profiles.terraformer`. Instead, use a [secret store]({{< ref "continuous-deployment/armory-admin/Secrets/_index.md" >}}): [Vault]({{< ref "continuous-deployment/armory-admin/Secrets/secrets-vault" >}}), an [encrypted S3 bucket]({{< ref "continuous-deployment/armory-admin/Secrets/secrets-s3" >}}), an [AWS Secrets Manager]({{< ref "continuous-deployment/armory-admin/Secrets/secrets-aws-sm" >}}), or an [encrypted GCS bucket]({{< ref "continuous-deployment/armory-admin/Secrets/secrets-gcs" >}}). + * For SSH keys, each profile supports only one option parameter at a time. This means that you can use a private key file (`sshPrivateKeyFilePath`) or the key (`sshPrivateKey`) as the option. To use the key file path, use `sshPrivateKeyFilePath` for the option and provide the path to the key file. You can also encrypt the path using a secret store such as Vault. The following `option` example uses `sshPrivateKeyFilePath`: + + ```yaml + options: + sshPrivateKeyFilePath: encryptedFile:!e:... + ``` + + For more information, see the documentation for your secret store. + +### Add authz to Named Profiles + +Armory recommends that you enable authorization for your Named Profiles to provide more granular control and give App Developers better guardrails. When you configure authz for Named Profiles, you need to explicitly grant permission to the roles you want to have access to the profile. Users who do not have permission to use a certain Named Profile do not see it as an option in the UI. Also, any stage that uses a Named Profile that a user is not authorized for fails. + +{{% alert color=warning title="Note" %}} +Before you start, make sure you enable Fiat. For more information about Fiat, see [Fiat Overview]({{< ref "fiat-permissions-overview" >}}) and [Authorization (RBAC)](https://spinnaker.io/setup/security/authorization/). +{{% /alert %}} + +This example does the following: + +* Grants access to the resources and accounts that you need, such as permissions to deploy to AWS via FIAT in Cloud +* Enables FIAT authz to work with Terraformer + +```yaml +spec: + spinnakerConfig: + profiles: + terraformer: + profiles: + fiat: + enabled: true + baseUrl: https://spin-fiat:7003 # ${services.fiat.baseUrl} +``` + +### Types of credentials + +The Terraform integration supports multiple types of credentials for Named Profiles: + +* AWS +* SSH +* Static +* Terraform remote backend + +If you’re not using AWS, you should configure one of the other credential types in your Named Profile. + +**AWS** + +Use the `aws` credential type to provide authentication to AWS. There are two methods you can use to provide authentication - by defining a static key pair or a role that should be assumed before a Terraform action is executed. + +For defining a static key pair, supply an `accessKeyId` and a `secretAccessKey`: + +```yaml +- name: devops # Unique name for the profile. Shows up in Deck. + variables: + - kind: aws # Type of credential + options: + accessKeyId: AKIAIOWQXTLW36DV7IEA + secretAccessKey: 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 +``` + +For assuming a role instead of defining a static set of credentials, supply the ARN of the role to assume: + +```yaml +- name: devops # Unique name for the profile. Shows up in Deck. + variables: + - kind: aws # Type of credential + options: + assumeRole: arn:aws:iam::012345567:role/roleAssume +``` + +*When assuming a role, if `accessKeyId` and `secretAccessKey` are supplied, the Terraform integration uses these credentials to assume the role. Otherwise, the environment gets used for authentication, such as a machine role or a shared credentials file.* + +**SSH Key** + +Use the `git-ssh` credential kind to provide authentication to private Git repositories used as modules within your Terraform actions. The supplied SSH key will be available to Terraform for the duration of your execution, allowing it to fetch any modules it needs: + +```yaml +- name: pixel-git # Unique name for the profile. Shows up in Deck. + variables: + - kind: git-ssh # Type of credential + options: + sshPrivateKey: encrypted:vault!e:!p:!k:!b: +``` + +**Static** + +Use the `static` credential kind to provide any arbitrary key/value pair that isn't supported by any of the other credential kinds. For example, if you want all users of the `devops` profile to execute against the `AWS_REGION=us-west-2`, use the following `static` credential configuration. + +```yaml +- name: devops # Unique name for the profile. Shows up in Deck. + variables: + - kind: static # Type of credential + options: + name: AWS_REGION + value: us-west-2 +``` + +**Terraform remote backend** + +Use the `tfc` credential kind to provide authentication to remote Terraform backends. + +```yaml +- name: milton-tfc # Unique name for the profile. Shows up in Deck. + variables: + - kind: tfc + options: + domain: app.terraform.io # or Terraform Enterprise URL + token: # Replace with your token +``` + +## Remote backends + +The Terraform Integration feature supports using remote backends provided by Terraform Cloud and Terraform Enterprise. + +When using remote backends, keep the following in mind: + +* The Terraform stage must use the same Terraform version that your Terraform Cloud/Enterprise workspace is configured to run. +* The minimum supported Terraform version is 0.12.0. +* In the Terraform Cloud/Enterprise UI, the type of `plan` action that the Terraform Integration stage performs is a "speculative plan." For more information, see [Speculative Plans](https://www.terraform.io/docs/cloud/run/index.html#speculative-plans) in the Terraform docs. +* You cannot save and apply a plan file. + +#### Enable remote backend support + +You can use remote backends by configuring the Terraform Integration stage with the following parameters: + +* A Terraform version that is 0.12.0 or later and matches the version that your Terraform Cloud/Enterprise runs. +* Reference a remote backend in your Terraform code. + +To enable support, add the following config to your `terraformer-local.yml` file in the `.hal/default/profiles` directory: + +```bash +terraform: + remoteBackendSupport: true +``` + + +## Retries + +The Terraformer service can retry connections if it fails to fetch artifacts from Clouddriver. Configure the retry behavior in your `terraformer-local.yml` file by adding the following snippet: + +```yaml +# terraformer-local.yml +clouddriver: + retry: + enabled: true + minWait: 4s # must be a duration, such as 4s for 4 seconds + maxWait: 8s # must be a duration, such as 8s for 8 seconds + maxRetries: 5 +``` + +The preceding example enables retries and sets the minimum wait between attempts to 4 seconds, the maximum wait between attempts to 8s, and the maximum number of retries to 5. + +## {{% heading "nextSteps" %}} + +* [Use the Terraform Integration stage]({{< ref "plugins/terraform/use.md" >}}) \ No newline at end of file diff --git a/content/en/plugins/terraform/install/spinnaker-halyard.md b/content/en/plugins/terraform/install/spinnaker-halyard.md new file mode 100644 index 0000000000..50a570a5ae --- /dev/null +++ b/content/en/plugins/terraform/install/spinnaker-halyard.md @@ -0,0 +1,135 @@ +--- +title: Install Terraform Integration in Spinnaker (Halyard) +linkTitle: Spinnaker - Halyard +weight: 5 +description: > + Learn how to install Armory's Terraform Integration Plugin in a Spinnaker instance managed by Halyard. Terraform Integration enables your app developers to provision infrastructure using Terraform as part of their delivery pipelines. +--- + +## Overview of installing Terraform Integration + +Installing the Terraform Integration plugin consists of these steps: + +1. [Configure Spinnaker](#configure-spinnaker): Redis, `gitrepo` artifact, and optional repos +1. [Install the service](#install-the-service): Kubernetes manifests +1. [Install the plugin](#install-the-plugin): Local config files + +### Compatibility + +{{< include "plugins/terraform/compat-matrix.md" >}} + +## {{% heading "prereq" %}} + +You have read the [Terraform Integration Overview]({{< ref "plugins/terraform/_index.md" >}}). + +**Spinnaker requirements** + +* You are running open source Spinnaker. +* You manage your instance using Halyard. If you are using the Spinnaker Operator, see {{< linkWithTitle "plugins/terraform/install/spinnaker-operator.md" >}} + +{{% alert title="Warning" color="warning" %}} +The examples in this guide are for a vanilla Spinnaker installation. You may need to adjust them for your environment. +{{% /alert %}} + +{{< include "plugins/terraform/terraform-prereqs.md" >}} + +## Configure Spinnaker + +### Configure Redis + +{{< include "plugins/terraform/config-redis.md" >}} + +### Configure your artifact account + +{{< include "plugins/terraform/config-artifact-acct.md" >}} + +### Configure additional repos + +{{< include "plugins/terraform/configure-optional-repos.md" >}} + +## Install the service + +### Configure Kubernetes permissions + +The following manifest creates a ServiceAccount, ClusterRole, and ClusterRoleBinding. Apply the manifest in your `spinnaker` namespace. + +{{< include "plugins/terraform/code/k8s-permissions.md" >}} + +### Configure the service + +Create a ConfigMap to contain your Terraformer Integration service configuration. Be sure to check the `spinnaker.yml` entry in the `data` section to ensure the values match your Spinnaker installation. + +{{< include "plugins/terraform/code/terraform-config-map.md" >}} + +### Deploy the service + +Replace `` with the Terraform Integration service version [compatible](#compatibility) with your Spinnaker version. + +{{< include "plugins/terraform/code/deployment.md" >}} + +Apply the ConfigMap and Deployment manifests in your `spinnaker` namespace. + +## Install the plugin + +{{% alert color="warning" title="A note about installing plugins in Spinnaker" %}} +When Halyard adds a plugin to a Spinnaker installation, it adds the plugin repository information to all services, not just the ones the plugin is for. This means that when you restart Spinnaker, each service restarts, downloads the plugin, and checks if an extension exists for that service. Each service restarting is not ideal for large Spinnaker installations due to service restart times. Clouddriver can take an hour or more to restart if you have many accounts configured. +{{% /alert %}} + +The Terraform plugin extends Deck, Gate, and Orca. To avoid every Spinnaker service restarting and downloading the plugin, do not add the plugin using Halyard. Instead, follow the local config installation method, in which you configure the plugin in each extended service’s local profile. + +Replace `` with the plugin version [that's compatible with your Spinnaker instance]. + +1. Add the following to `gate-local.yml`: + + ```yaml + proxies: + - id: terraform + uri: http://spin-terraformer:7088 + methods: + - GET + services: + terraformer: + enabled: true + baseUrl: http://spin-terraformer:7088 + spinnaker: + extensibility: + plugins: + Armory.Terraformer: + enabled: true + version: + repositories: + terraformer: + enabled: true + url: https://raw.githubusercontent.com/armory-plugins/pluginRepository/master/repositories.json + deck-proxy: + enabled: true + plugins: + Armory.Terraformer: + enabled: true + version: + ``` + +1. Add the following to `orca-local.yml`: + + ```yaml + services: + terraformer: + enabled: true + baseUrl: http://spin-terraformer:7088 + spinnaker: + extensibility: + plugins: + Armory.Terraformer: + enabled: true + version: + repositories: + terraformer: + enabled: true + url: https://raw.githubusercontent.com/armory-plugins/pluginRepository/master/repositories.json + ``` + +1. Save your files and apply your changes by running `hal deploy apply`. + +## {{% heading "nextSteps" %}} + +{{< include "plugins/terraform/whats-next.md" >}} diff --git a/content/en/plugins/terraform/install/spinnaker-operator.md b/content/en/plugins/terraform/install/spinnaker-operator.md new file mode 100644 index 0000000000..3ebffde7ef --- /dev/null +++ b/content/en/plugins/terraform/install/spinnaker-operator.md @@ -0,0 +1,103 @@ +--- +title: Install Terraform Integration in Spinnaker (Spinnaker Operator) +linkTitle: Spinnaker - Operator +weight: 3 +description: > + Learn how to install Armory's Terraform Integration Plugin in a Spinnaker instance managed by the Spinnaker Operator. Terraform Integration enables your app developers to provision infrastructure using Terraform as part of their delivery pipelines. +--- + +## Overview of installing Terraform Integration + +In this guide, you use the Kustomize files in the [`spinnaker-kustomize-patches` repo](https://github.com/armory/spinnaker-kustomize-patches) to install the plugin. You do need to update the contents of some files. + +1. [Configure Spinnaker](#configure-spinnaker) +1. [Get the Terraform Integration installation files](#get-the-terraform-integration-installation-files) +1. [Configure the service](#configure-the-service) +1. [Configure the plugin](#configure-the-plugin) +1. [Deploy Terraform Integration](#deploy-terraform-integration) + +### Compatibility + +{{< include "plugins/terraform/compat-matrix.md" >}} + +## {{% heading "prereq" %}} + +You have read the [Terraform Integration Overview]({{< ref "plugins/terraform/_index.md" >}}). + +**Spinnaker requirements** + +* You are running open source Spinnaker. +* You manage your instance using the Spinnaker Operator and the `spinnaker-kustomize-patches` [repo](https://github.com/armory/spinnaker-kustomize-patches). If you are using Halyard, see {{< linkWithTitle "plugins/terraform/install/spinnaker-halyard.md" >}}. + +{{< include "plugins/terraform/terraform-prereqs.md" >}} + +## Configure Spinnaker + +### Configure Redis + +{{< include "plugins/terraform/config-redis.md" >}} + +### Configure your artifact account + +{{< include "plugins/terraform/config-artifact-acct.md" >}} + +### Configure additional repos + +{{< include "plugins/terraform/configure-optional-repos.md" >}} + +## Get the Terraform Integration installation files + +You can find the Terraform Integration service and plugin files in the `spinnaker-kustomize-patches` repo's `plugins/oss/terraformer` directory. + +* `kustomization.yml`: Kustomize build file +* `deployment.yml`: `spin-terraformer` Deployment manifest +* `service.yml`: `spin-terraformer` Service manifest +* `terraformer-plugin-config.yml`: plugin installation +* `terraformer.yml`: config file +* `terraformer-local.yml`: config file for [Named Profiles]({{< ref "plugins/terraform/install/configure#named-profiles" >}}) +* `spinnaker.yml`: Spinnaker service mapping +* `versions` directory: contains version-specific values that Kustomize inserts into the manifest during generation + +The `spinnaker-kustomize-patches/recipes` directory contains the example `kustomization-oss-terraformer.yml` recipe. You can use that recipe or copy the entries to your recipe. This guide uses the `kustomization-oss-terraformer.yml` recipe for examples. + +## Configure the service + +Make sure the service version is compatible with your Spinnaker version. + +You specify the version in the `patchesStrategicMerge` section of `plugins/oss/terraformer/kustomization.yml`. You can find supported versions in the `plugins/oss/terraformer/versions` directory. For example, if you are running Spinnaker 1.27.x, replace `./versions/v-1.28.yml` with `./versions/v-1.27.yml`. + +```yaml +patchesStrategicMerge: + - ./pac-plugin-config.yml + - ./versions/v-1.28.yml +``` + +## Configure the plugin + +In `terraformer-plugin-config.yml`, make sure the `version` number is compatible with your Spinnaker instance. + +```yaml +... + spinnaker: + extensibility: + plugins: + Armory.Terraformer: + enabled: true + version: &pluginversion 0.0.1 +``` + +For example, if you want to use plugin version 0.0.2, your `version` value would be `&pluginversion 0.0.2`. + +## Deploy Terraform Integration + +This step deploys the Terraformer service and installs the plugin. If you want to see the generated manifest before you deploy, execute `kubectl kustomize`. + +Apply the updates to your Kustomization file. + +```bash +kubectl apply -k +``` + +## {{% heading "nextSteps" %}} + +{{< include "plugins/terraform/whats-next.md" >}} \ No newline at end of file diff --git a/content/en/plugins/terraform/release-notes.md b/content/en/plugins/terraform/release-notes.md new file mode 100644 index 0000000000..4058c7013a --- /dev/null +++ b/content/en/plugins/terraform/release-notes.md @@ -0,0 +1,22 @@ +--- +title: Terraform Integration Plugin Release Notes +linkTitle: Release Notes +weight: 99 +description: > + Armory Terraform Integration plugin for Spinnaker and Armory Continuous Deployment release notes. +--- + + +## 2.26.5 + +### **Show** Added to Terraform Integration Stage + +There is a new Terraform action available as part of the Terraform Integration stage. This action is the equivalent of running the Terraform ```show``` command with Terraform. The JSON output from your planfile can be used in subsequent stages. + +To use the stage, select **Terraform** for the stage type and **Show** as the action in the Stage Configuration UI. Note that the **Show** stage depends on your **Plan** stage. For more information, see [Show Stage section in the Terraform Integration docs]({{< ref "plugins/terraform/use#example-terraform-integration-stage" >}}). + +### Terraform remote backends provided by Terraform Cloud and Terraform Enterprise + +Terraform now supports remote backends provided by Terraform Cloud and Terraform Enterprise - see [Remote Backends section in the Terraform Integration docs]({{< ref "terraform-enable-integration#remote-backends" >}}). + + diff --git a/content/en/continuous-deployment/spinnaker-user-guides/terraform-use-integration.md b/content/en/plugins/terraform/use.md similarity index 86% rename from content/en/continuous-deployment/spinnaker-user-guides/terraform-use-integration.md rename to content/en/plugins/terraform/use.md index 3975a06b7d..fade815cfe 100644 --- a/content/en/continuous-deployment/spinnaker-user-guides/terraform-use-integration.md +++ b/content/en/plugins/terraform/use.md @@ -1,15 +1,15 @@ --- -linkTitle: Use the Terraform Integration Stage -title: Use the Terraform Integration Stage in Armory Continuous Deployment -aliases: - - /docs/spinnaker/terraform-use-integration/ +linkTitle: Use +title: Use the Terraform Integration Stage in Spinnaker or Armory Continuous Deployment +weight: 20 description: > Learn how to use the Terraform Integration pipeline stage to execute tasks against your Terraform projects. --- ![Proprietary](/images/proprietary.svg) + ## Overview of Terraform integration -At the core of Terraform Integration is the Terraformer service. This service fetches your Terraform projects from source and executes various Terraform commands against them. When a `terraform` stage starts, Orca submits the task to Terraformer and monitors it until completion. Once a task is submitted, Terraformer fetches your target project, runs `terraform init` to initialize the project, and then runs your desired `action` (`plan` or `apply`). If the task is successful, the stage gets marked successful as well. If the task fails, the stage gets marked as a failure, and the pipeline stops. +At the core of Terraform Integration is the Terraformer service, which fetches your Terraform projects from source and executes various Terraform commands against them. When a `terraform` stage starts, Orca submits the task to Terraformer and monitors it until completion. Once a task is submitted, Terraformer fetches your target project, runs `terraform init` to initialize the project, and then runs your desired `action` (`plan` or `apply`). If the task is successful, the stage gets marked successful as well. If the task fails, the stage gets marked as a failure, and the pipeline stops. A Terraform Integration stage performs the following actions when it runs: @@ -18,19 +18,24 @@ A Terraform Integration stage performs the following actions when it runs: 1. Optionally uses a Spinnaker artifact provider (Github, BitBucket, or HTTP) to pull in a `tfvars`-formatted variable file. 1. Runs the Terraform action you select. -## Requirements - -Before you can use the Terraform Integration stage, verify that Armory's Terraform Integration for Spinnaker is enabled. Additionally, you need to store your Terraform code in either a GitHub or BitBucket repo that Armory Continuous Deployment can access. You grant access as part of the enablement process. +## {{% heading "prereq" %}} -For more information, see {{< linkWithTitle "terraform-enable-integration.md">}}. +* You have read the [Terraform Integration Overview]({{< ref "plugins/terraform/_index.md" >}}). +* If you are using Armory CD, you have [enabled Terraform Integration]({{< ref "plugins/terraform/install/armory-cd.md" >}}). +* If you are using Spinnaker, you have installed the Terraform Integration service and plugin ([Spinnaker Operator]({{< ref "plugins/terraform/install/spinnaker-operator.md" >}}), [Halyard]({{< ref "plugins/terraform/install/spinnaker-halyard.md" >}})) ## Example Terraform Integration stage -The following example describes a basic pipeline that performs the plan and apply Terraform actions. This is a simple example. For a more involved one, watch this [demo](https://youtu.be/_p8v-6_5DTI) of the Terraform Integration. +The following example describes a basic pipeline that performs the `plan` and `apply` Terraform actions. + +The pipeline consists of these stages: -The pipeline consists of these parts: +1. [Plan stage](#plan-stage) +1. [Show stage](#show-stage) +1. [Manual Judgment stage](#manual-judgment-stage) +1. [Apply stage](#apply-stage) -**Plan stage** +### Plan stage A Plan stage in a pipeline performs the same action as running the `terraform plan` command. Although a Plan stage is not strictly required since an Apply stage performs a `terraform plan` if no plan file exists, it's a good idea to have one. You'll understand why during the Manual Judgment stage. @@ -50,7 +55,7 @@ For this stage, configure the following: The output of this stage, the embedded artifact named `planfile`, can be consumed by subsequent stages in this pipeline. In this example, this occurs during the final stage of the pipeline. Additionally, more complex use cases that involve parent-child pipelines can also use plan files. -**Show stage** +### Show stage The Show stage performs the same action as running the `terraform show` command. You can then use the JSON output from your `planfile` in subsequent stages. @@ -72,11 +77,11 @@ You can add an Evaluate Variables stage to get the output from the `planfile` JS - **Variable Name**: `planfile_json` - **Variable Value**: `${#stage('Show').outputs.status.outputs.show.planfile_json}` -**Manual Judgment stage** +### Manual Judgment stage You can use the default values for this stage. Manual judgment stages ask the user to approve or fail a pipeline. Having a Manual Judgment stage between a Plan and Apply stage gives you a chance to confirm that the Terraform code is doing what you expect it to do. -**Apply stage** +### Apply stage The Apply stage performs the same action as running the `terraform apply` command. For this stage, configure the following: @@ -93,12 +98,12 @@ Run the pipeline. ## Create a Terraform Integration stage -![Terraform Stage in Deck](/images/terraform_stage_ui.png) +![Terraform Stage in Deck](/images/plugins/terraform/terraform_stage_ui.png) {{< include "rdbms-utf8-required.md" >}} - {{% alert title="Warning" color=warning %}} - > If the Clouddriver MYSQL schema is not configured correctly, the Terraform Integration stage fails. + {{% alert title="Warning" color=warning %}} +If the Clouddriver MySQL schema is not configured correctly, the Terraform Integration stage fails. {{% /alert %}} To create a new Terraform stage, perform the following steps: @@ -121,7 +126,7 @@ To create a new Terraform stage, perform the following steps: * **Workspace**: [Terraform workspace](https://www.terraform.io/docs/state/workspaces.html) to use. The workspace gets created if it does not already exist. For remote backends, the workspace must be explicit or prefixed. For more information about what that means, see the Terraform documentation about [remote backends](https://www.terraform.io/docs/backends/types/remote.html) * **Main Terraform Artifact** * **Expected Artifact**: Required. Select or define only one `git/repo` type artifact. - ![Terraform git repo artifact](/images/terraform-git-repo.png) + ![Terraform git repo artifact](/images/plugins/terraform/terraform-git-repo.png) * **Account**: The account to use for your artifact. * **URL**: If you use a GitHub artifact, make sure you supply the _API_ URL of the file, not the URL from the `Raw` GitHub page. Use the following examples as a reference for the API URL: @@ -200,7 +205,7 @@ Terraform Integration caches all the defined plugins by default and does not red ## View Terraform log output -![Terraform Integration logs](/images/terraformer-ui-logs.png) +![Terraform Integration logs](/images/plugins/terraform/terraformer-ui-logs.png) Terraform provides logs that describe the status of your Terraform action. When you run Terraform actions on your workstation, the log output is streamed to `stdout`. For Armory's Terraform Integration, Spinnaker captures the log output and makes it available on the **Pipelines** page of Deck as part of the **Execution Details**. Exit codes in the log represent the following states: diff --git a/netlify.toml b/netlify.toml index a70b4a38c8..151d9a2d9f 100644 --- a/netlify.toml +++ b/netlify.toml @@ -52,7 +52,17 @@ [[redirects]] from = "/continuous-deployment/armory-admin/policy-engine/policy-engine-use/*" to = "/plugins/policy-engine/use/:splat" - + +# terraform plugin redirects +[[redirects]] + from = "/continuous-deployment/armory-admin/terraform-enable-integration/" + to = "/plugins/terraform/install/armory-cd/" + force = true # ensure this always redirects because the "from" page does exist and does a TOC redirect but not for users clicking web search result link + +[[redirects]] + from = "/continuous-deployment/spinnaker-user-guides/terraform-use-integration/" + to = "/plugins/terraform/use/" + [[redirects]] from = "/continuous-deployment/plugin-guide/*" to = "/plugins/:splat" diff --git a/static/images/terraform-git-repo.png b/static/images/plugins/terraform/terraform-git-repo.png similarity index 100% rename from static/images/terraform-git-repo.png rename to static/images/plugins/terraform/terraform-git-repo.png diff --git a/static/images/terraform_stage_ui.png b/static/images/plugins/terraform/terraform_stage_ui.png similarity index 100% rename from static/images/terraform_stage_ui.png rename to static/images/plugins/terraform/terraform_stage_ui.png diff --git a/static/images/terraform_version.png b/static/images/plugins/terraform/terraform_version.png similarity index 100% rename from static/images/terraform_version.png rename to static/images/plugins/terraform/terraform_version.png diff --git a/static/images/terraformer-artifact-git-repo.png b/static/images/plugins/terraform/terraformer-artifact-git-repo.png similarity index 100% rename from static/images/terraformer-artifact-git-repo.png rename to static/images/plugins/terraform/terraformer-artifact-git-repo.png diff --git a/static/images/terraformer-ui-logs.png b/static/images/plugins/terraform/terraformer-ui-logs.png similarity index 100% rename from static/images/terraformer-ui-logs.png rename to static/images/plugins/terraform/terraformer-ui-logs.png diff --git a/static/images/terraformer-ui-stage.png b/static/images/plugins/terraform/terraformer-ui-stage.png similarity index 100% rename from static/images/terraformer-ui-stage.png rename to static/images/plugins/terraform/terraformer-ui-stage.png From 02b163b7e2c258dc3156cf1f6736ba9873a5cade Mon Sep 17 00:00:00 2001 From: aimee Date: Fri, 18 Aug 2023 09:50:16 -0500 Subject: [PATCH 04/15] docs(infra): Upgrade Docsy to 0.7.1; Remove Prism (#2104) * docs(infra): Remove Prism; Upgrade Docsy DOC-738 DOC-725 * fix link to CD-as-a-Service plugin in included table * change highlight to backticks if no actual lines highlighted rendered highlight shortcode doesn't have code copy button * update layout pages from latest theme * change guessSyntax to true so rego code blocks render with black background --- config.toml | 38 ++- .../armory-admin/generating-certificates.md | 9 +- .../observe/integrations-logging.md | 4 +- .../observe/observability-configure.md | 4 +- .../armory-operator/op-advanced-config.md | 4 +- .../armory-operator/op-config-kustomize.md | 4 +- .../armory-operator/op-config-manifest.md | 4 +- .../guide/air-gapped/ag-operator.md | 12 +- .../contribute/create/guides/diagram-guide.md | 13 +- .../create/guides/docs-style-guide.md | 5 - content/en/contribute/create/guides/prism.md | 71 ---- .../create/guides/shortcodes/_index.md | 88 +---- .../create/guides/shortcodes/tabs/example1.md | 6 +- .../pipelines-as-code/release-notes.md | 8 +- .../plugin-k8s-custom-resource-status.md | 40 +-- content/en/plugins/policy-engine/_index.md | 20 +- .../en/plugins/policy-engine/use/_index.md | 4 +- .../use/packages/common-objects/input.user.md | 4 +- .../use/packages/opa.pipelines.md | 12 +- .../tasks.before/cleanupArtifacts.md | 5 +- .../tasks.before/deleteManifest.md | 4 +- .../tasks.before/deployManifest.md | 8 +- .../tasks.before/scaleManifest.md | 4 +- .../tasks.before/undoRolloutManifest.md | 4 +- .../spinnaker.execution/pipelines.before.md | 4 +- .../spinnaker.execution/stages.before/bake.md | 4 +- .../stages.before/cloneServerGroup.md | 4 +- .../stages.before/concourse.md | 4 +- .../stages.before/createServerGroup.md | 4 +- .../stages.before/deleteManifest.md | 4 +- .../stages.before/deployManifest.md | 16 +- .../stages.before/manualJudgment.md | 4 +- .../stages.before/patchManifest.md | 8 +- .../stages.before/pipeline.md | 4 +- .../stages.before/scaleManifest.md | 4 +- .../stages.before/undoRolloutManifest.md | 4 +- .../packages/spinnaker.http.authz/_index.md | 4 +- .../spinnaker.http.authz/pipelines.md | 4 +- .../spinnaker.http.authz/tasks/_index.md | 4 +- .../tasks/type.createApplication.md | 8 +- .../tasks/type.deleteManifest.md | 4 +- .../tasks/type.deployManifest.md | 4 +- .../tasks/type.scaleManifest.md | 8 +- .../tasks/type.updateApplication.md | 4 +- .../tasks/type.upsertProject.md | 4 +- .../_index.md | 4 +- .../install/advanced/config-service.md | 8 +- .../helm/frag-helm-agent-mode.md | 10 +- .../helm/frag-helm-infra-mode.md | 16 +- .../advanced/service-deploy/helm/index.md | 125 +++---- .../scale-agent/install/agent-uninstall.md | 8 +- .../scale-agent/tasks/configure-mtls.md | 20 +- .../tasks/dynamic-accounts/enable.md | 16 +- .../scale-agent/tasks/service-vault.md | 13 +- go.mod | 8 +- go.sum | 6 + layouts/continuous-deployment/baseof.html | 13 +- .../continuous-deployment/baseof.print.html | 10 +- layouts/continuous-deployment/list.html | 35 +- layouts/contribute/baseof.html | 14 +- layouts/contribute/baseof.print.html | 10 +- layouts/contribute/glossary.html | 55 --- layouts/contribute/list.html | 35 +- layouts/plugins/baseof.html | 13 +- layouts/plugins/baseof.print.html | 10 +- layouts/plugins/glossary.html | 55 --- layouts/plugins/list.html | 35 +- layouts/shortcodes/codenew.html | 33 -- layouts/shortcodes/prism.html | 25 -- static/css/prism.css | 320 ------------------ static/js/prism.js | 27 -- static/js/sweetalert-2.1.2.min.js | 1 - 72 files changed, 348 insertions(+), 1060 deletions(-) delete mode 100644 content/en/contribute/create/guides/prism.md delete mode 100644 layouts/contribute/glossary.html delete mode 100644 layouts/plugins/glossary.html delete mode 100644 layouts/shortcodes/codenew.html delete mode 100644 layouts/shortcodes/prism.html delete mode 100644 static/css/prism.css delete mode 100644 static/js/prism.js delete mode 100644 static/js/sweetalert-2.1.2.min.js diff --git a/config.toml b/config.toml index 0381709a90..38c0fd45ae 100644 --- a/config.toml +++ b/config.toml @@ -21,16 +21,41 @@ googleAnalytics = 'G-W14B82N2D2' #disableKinds = ["taxonomy", "taxonomyTerm"] -# Highlighting config +# Highlighting config (copied from the docsy example site, tag v0.7.1) pygmentsCodeFences = true pygmentsUseClasses = false # Use the new Chroma Go highlighter in Hugo. pygmentsUseClassic = false #pygmentsOptions = "linenos=table" # See https://help.farbox.com/pygments.html -pygmentsStyle = "tango" +pygmentsStyle = "dracula" + +[markup] + [markup.goldmark] + [markup.goldmark.parser.attribute] + block = true + [markup.goldmark.renderer] + unsafe = true + [markup.highlight] + # See a complete list of available styles at https://xyproto.github.io/splash/docs/all.html + style = "dracula" + # these are defaults https://gohugo.io/getting-started/configuration-markup/#highlight + anchorLineNos = false + codeFences = true + hl_Lines = '' + hl_inline = false + lineAnchors = '' + lineNoStart = 1 + lineNos = false + lineNumbersInTable = true + noClasses = true + noHl = false + tabWidth = 4 + guessSyntax = true + # Set guessSyntax to true if you want your chosen highlight style used for code blocks without a specified language # Docsy is now a Go module; need to map theme dirs to local dirs +# 16 Aug 2023 When I remove the module.imports.mounts entries, compilation breaks with a lot of "not found" - can't find shortcodes or refs [module] proxy = "direct" @@ -112,11 +137,6 @@ languageName ="English" # Weight used for sorting. weight = 1 -[markup] - [markup.goldmark] - [markup.goldmark.renderer] - unsafe = true - [[menu.main]] name = "CD-as-a-Service" weight = 2 @@ -156,7 +176,6 @@ weight = 1 [params] # See codenew shortcode -githubWebsiteRaw = "raw.githubusercontent.com/armory/docs" deploy-engine-plugin-version = "0.16.8" armory-version = "2.30.x" #used in air-gapped @@ -220,9 +239,6 @@ offlineSearch = true offlineSearchMaxResults = 50 offlineSearchSummaryLength = 200 -# Enable syntax highlighting and copy buttons on code blocks with Prism -prism_syntax_highlighting = true - # Armory Agent plugin versions [params.kubesvc-plugin] diff --git a/content/en/continuous-deployment/armory-admin/generating-certificates.md b/content/en/continuous-deployment/armory-admin/generating-certificates.md index 5547c95173..fc42c17ab4 100644 --- a/content/en/continuous-deployment/armory-admin/generating-certificates.md +++ b/content/en/continuous-deployment/armory-admin/generating-certificates.md @@ -94,8 +94,7 @@ The following script generates these files in the `services` directory: - Certificate and key files for each Golang services (`terraformer.crt` and `terraformer.key`, ...) - a `tls-passwords` file containing all the passwords. You can store as-is in a bucket. - -{{< prism lang="shell" line-numbers="true" >}} +```shell #!/bin/bash -e # You can change it to a different method @@ -172,12 +171,12 @@ EOF echo "${svc}: ${password}" >> services/tls-passwords done -{{< /prism >}} +``` ## Troubleshooting You may encounter the following error if the version of Java you are using to generate the certificates is not the same version that Armory Continuous Deployment is using: -{{< prism lang="shell" >}} +```bash java.io.IOException: Integrity check failed: java.security.NoSuchAlgorithmException: Algorithm HmacPBESHA256 not available -{{< /prism >}} +``` diff --git a/content/en/continuous-deployment/armory-admin/observe/integrations-logging.md b/content/en/continuous-deployment/armory-admin/observe/integrations-logging.md index 9dc6617179..d0dbe69b68 100644 --- a/content/en/continuous-deployment/armory-admin/observe/integrations-logging.md +++ b/content/en/continuous-deployment/armory-admin/observe/integrations-logging.md @@ -25,7 +25,7 @@ The following configuration example shows how to configure Echo to send data to Add the rest block to the spec.spinnakerConfig.profiles.echo section of your Operator manifest. -{{< prism lang="yaml" >}} +```yaml apiVersion: spinnaker.armory.io/v1alpha2 kind: SpinnakerService metadata: @@ -43,7 +43,7 @@ spec: Authorization: "" template: '{"event":{{event}} }' insecure: true -{{< /prism >}} +``` * `SERVICE_URL`: the FQDN of the service; for example `https://splunk.armory.io`. diff --git a/content/en/continuous-deployment/armory-admin/observe/observability-configure.md b/content/en/continuous-deployment/armory-admin/observe/observability-configure.md index 675c099000..2eec292087 100644 --- a/content/en/continuous-deployment/armory-admin/observe/observability-configure.md +++ b/content/en/continuous-deployment/armory-admin/observe/observability-configure.md @@ -31,7 +31,7 @@ You have two options for installing the Observability plugin: The following example adds the Observability Plugin configuration for all services to the `spinnaker-local.yml` file and enables Prometheus: -{{< prism lang="yaml" >}} +```yaml # These lines are spring-boot configuration to allow access to the metrics # endpoints. This plugin adds the "aop-prometheus" endpoint on the # ":/aop-prometheus" path. @@ -54,6 +54,6 @@ spinnaker: repositories: armory-observability-plugin-releases: url: https://raw.githubusercontent.com/armory-plugins/armory-observability-plugin-releases/master/repositories.json -{{< /prism >}} +``` You can find more options for management endpoints and the plugin in the [plugin's README](https://github.com/armory-plugins/armory-observability-plugin). diff --git a/content/en/continuous-deployment/installation/armory-operator/op-advanced-config.md b/content/en/continuous-deployment/installation/armory-operator/op-advanced-config.md index 4593e0593a..cb020ac00e 100644 --- a/content/en/continuous-deployment/installation/armory-operator/op-advanced-config.md +++ b/content/en/continuous-deployment/installation/armory-operator/op-advanced-config.md @@ -83,7 +83,7 @@ For example, to ensure that a `ConfigMap` is present on all Spinnaker services, you would add the following configuration block to your `SpinnakerService` config: -{{< prism lang="yaml" line="5-9" >}} +{{< highlight yaml "linenos=table,hl_lines=5-9" >}} apiVersion: spinnaker.armory.io/v1alpha2 kind: SpinnakerService metadata: @@ -105,7 +105,7 @@ spec: mountPath: /opt/spinnaker/config/foo type: configMap name: custom-volume -{{< /prism >}} +{{< /highlight >}} The previous configuration sample indicates how to specify patches in the [`patchesJson6902` diff --git a/content/en/continuous-deployment/installation/armory-operator/op-config-kustomize.md b/content/en/continuous-deployment/installation/armory-operator/op-config-kustomize.md index fb43bf4cbb..1aa05f9e12 100644 --- a/content/en/continuous-deployment/installation/armory-operator/op-config-kustomize.md +++ b/content/en/continuous-deployment/installation/armory-operator/op-config-kustomize.md @@ -100,7 +100,7 @@ version](https://spinnaker.io/community/releases/versions/) that you want to deploy, such as `{{< param "armory-version-exact" >}}` (Armory Continuous Deployment) or `1.25.3` (Spinnaker). -{{< prism lang="yaml" line="8" >}} +{{< highlight yaml "linenos=table,hl_lines=8" >}} kind: SpinnakerService metadata: name: spinnaker @@ -108,7 +108,7 @@ spec: spinnakerConfig: config: version: {{< param "armory-version-exact" >}} -{{< /prism >}} +{{< /highlight >}} ### Verify resources diff --git a/content/en/continuous-deployment/installation/armory-operator/op-config-manifest.md b/content/en/continuous-deployment/installation/armory-operator/op-config-manifest.md index a6e1cdc9f3..9dd694162b 100644 --- a/content/en/continuous-deployment/installation/armory-operator/op-config-manifest.md +++ b/content/en/continuous-deployment/installation/armory-operator/op-config-manifest.md @@ -20,7 +20,7 @@ description: > The structure of the manifest file is the same whether you are using the Armory Operator or the Spinnaker Operator. The value of certain keys, though, depends on whether you are deploying Armory Continuous Deployment or Spinnaker. The following snippet is the first several lines from a `spinnakerservice.yml` manifest that deploys Armory Continuous Deployment. -{{< prism lang="yaml" line="1,8" >}} +{{< highlight yaml "linenos=table,hl_lines=1 8" >}} apiVersion: spinnaker.armory.io/{{< param "operator-extended-crd-version" >}} kind: SpinnakerService metadata: @@ -34,7 +34,7 @@ spec: s3: bucket: rootFolder: front50 -{{< /prism >}} +{{< /highlight >}} * Line 1: `apiVersion` is the CRD version of the `SpinnakerService` custom resource. * If you are deploying Armory Continuous Deployment, the value is `spinnaker.armory.io/{{< param "operator-extended-crd-version" >}}`; if you change this value, the Armory Operator won't process the manifest file. diff --git a/content/en/continuous-deployment/installation/guide/air-gapped/ag-operator.md b/content/en/continuous-deployment/installation/guide/air-gapped/ag-operator.md index 6a43a48580..f3317cf622 100644 --- a/content/en/continuous-deployment/installation/guide/air-gapped/ag-operator.md +++ b/content/en/continuous-deployment/installation/guide/air-gapped/ag-operator.md @@ -144,7 +144,7 @@ Each subdirectory in the `profiles` directory contains a `.yml` pr If you need to change your Docker registry, you can manually edit the `.yml` file located under `halconfig/bom`. Update the value for the key `artifactSources.dockerRegistry`. -{{< prism lang="yaml" line="18" >}} +{{< highlight yaml "linenos=table,hl_lines=18" >}} version: 2.25.0 timestamp: "2021-03-25 09:28:32" services: @@ -163,7 +163,7 @@ dependencies: version: 2:2.8.4-2 artifactSources: dockerRegistry: my.jfrog.io/myteam/armory -{{< /prism >}} +{{< /highlight >}} ## Copy the BOM @@ -257,7 +257,7 @@ From the `spinnaker-kustomize-patches/operator` folder, execute the `operatorima You also need to update Armory Operator configuration to include the secret access key for MinIO. Locate `spinnaker-kustomize-patches/operator/patch-config.yml` and update the `AWS_SECRET_ACCESS_KEY` value with the `minioAccessKey` value you created in the [Deploy MinIO to host the BOM](#deploy-minio-to-host-the-bom) section. -{{< prism lang="yaml" line="14, 24" >}} +{{< highlight yaml "linenos=table,hl_lines=14 24" >}} apiVersion: apps/v1 kind: Deployment metadata: @@ -291,13 +291,13 @@ spec: defaultMode: 420 name: operator-config name: operator-config -{{< /prism >}} +{{< /highlight >}} ### Update Halyard configuration The Armory Operator uses its own Halyard installation to deploy and manage Armory Continuous Deployment. You need to configure the new BOM location in `spinnaker-kustomize-patches/operator/halyard-local.yml`. Update your `halyard-local.yml` to match the content of the highlighted lines in the following example: -{{< prism lang="yaml" line="8-14" >}} +{{< highlight yaml "linenos=table,hl_lines=8-14" >}} halyard: halconfig: directory: /home/spinnaker/.hal @@ -312,7 +312,7 @@ spinnaker: enablePathStyleAccess: true # If you are using a platform that does not support PathStyleAccess, such as MinIO, switch this to true (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro). endpoint: http://minio.spinnaker:9000 anonymousAccess: false -{{< /prism >}} +{{< /highlight >}} ## Deploy the Armory Operator diff --git a/content/en/contribute/create/guides/diagram-guide.md b/content/en/contribute/create/guides/diagram-guide.md index 3e80490966..586625ab8e 100644 --- a/content/en/contribute/create/guides/diagram-guide.md +++ b/content/en/contribute/create/guides/diagram-guide.md @@ -3,6 +3,7 @@ title: Diagram Guide weight: 3 description: > Use Mermaid to create diagrams and charts in your content pages. +draft: true --- ## {{% heading "prereq" %}} @@ -58,7 +59,7 @@ Additional Mermaid resources: ```
Show me the code. -{{< prism >}} +{{< highlight >}} ```mermaid graph TB @@ -95,7 +96,7 @@ Additional Mermaid resources: classDef external fill:#c0d89d,stroke:#39546a; class deck,api external ``` -{{< /prism >}} +{{< /highlight >}}
### Flowchart examples @@ -126,7 +127,7 @@ flowchart LR ```
Show me the code. -{{< prism >}} +{{< highlight >}} ```mermaid flowchart LR id0<--"REST API"-->id2 @@ -151,7 +152,7 @@ flowchart LR class id2,id3,id0 armory class outside ext ``` -{{< /prism >}} +{{< /highlight >}}

@@ -182,7 +183,7 @@ flowchart TB ```
Show me the code. -{{< prism >}} +{{< highlight >}} ```mermaid flowchart TB A --> B @@ -205,7 +206,7 @@ flowchart TB E[Callback to Deployment] end ``` -{{< /prism >}} +{{< /highlight >}}
diff --git a/content/en/contribute/create/guides/docs-style-guide.md b/content/en/contribute/create/guides/docs-style-guide.md index 5a4fd373ec..15e07c14cc 100644 --- a/content/en/contribute/create/guides/docs-style-guide.md +++ b/content/en/contribute/create/guides/docs-style-guide.md @@ -411,8 +411,3 @@ When in doubt, check the company’s website. | Elastic Compute Cloud | EC2 | Spinnaker can deploy EC2 instances after baking an AMI for them. | | NGINX, NGINX Plus, NGINX Controller| | | - -## {{% heading "nextSteps" %}} - -{{< linkWithTitle "diagram-guide.md" >}} -

\ No newline at end of file diff --git a/content/en/contribute/create/guides/prism.md b/content/en/contribute/create/guides/prism.md deleted file mode 100644 index 67de565ab6..0000000000 --- a/content/en/contribute/create/guides/prism.md +++ /dev/null @@ -1,71 +0,0 @@ ---- -title: "Customize Prism" ---- - -In order to extend and update our implementation of Prism, we override the version packaged with Docsy. **Only Docs Team admins should modify the files mentioned in this content.** - -## Updating and Extending Prism - -1. The [Docsy docs](https://www.docsy.dev/docs/adding-content/lookandfeel/#code-highlighting-with-prism) include a link to download their selection of syntaxes and plugins. To update, use that link, then add our custom additions via their checkbox. - -1. Once everything is checked, the JS and CSS files can be downloaded or copied into their respective paths: - - - `static/js/prism.js` - - `static/css/prism.css` - -### Current add-on languages - -None - -### Current add-on themes - -None - -### Current add-on plugins - - - [Line Highlight](https://prismjs.com/plugins/line-highlight/) - -## CSS customizations - -Until an automated process is figured out, we much manually apply our custom css directly to `static/css/prism.css` after updating the Prism bundle. - -### Font family - -In the `pre[class*="language-"]` block, update the font-family to "Rubik": - -{{< prism lang=css line=5 >}} -pre[class*="language-"] { - color: black; - background: none; - text-shadow: 0 1px white; - font-family: Rubik; - font-size: 1em; - text-align: left; - white-space: pre; - word-spacing: normal; - word-break: normal; - word-wrap: normal; - line-height: 1.5; -{{< /prism >}} - -### Line highlights - -In the `.line-highlight` block, update the `linear gradient` section: - -{{< prism lang=css line=9 >}} -.line-highlight { - position: absolute; - left: 0; - right: 0; - padding: inherit 0; - margin-top: 1em; /* Same as .prism’s padding-top */ - - background: hsla(24, 20%, 50%,.08); - background: linear-gradient(to right, rgba(243, 239, 6, 0.418) 1%, hsla(24, 20%, 50%,.1)); - - pointer-events: none; - - line-height: inherit; - white-space: pre; -} -{{< /prism >}} diff --git a/content/en/contribute/create/guides/shortcodes/_index.md b/content/en/contribute/create/guides/shortcodes/_index.md index 48d7c800d8..7c0b0e77e6 100644 --- a/content/en/contribute/create/guides/shortcodes/_index.md +++ b/content/en/contribute/create/guides/shortcodes/_index.md @@ -91,39 +91,6 @@ In your Google sheet, choose "Publish to web" and then copy the URL. {{< gsuite src="https://docs.google.com/presentation/d/e/2PACX-1vQ7b90rHF2gS-4FUJWwuc8sK5JCb-fO-UupXqEZi-7eIdUBIcqTn2IEn0X9WSf0xucHlIVwPgovTQT5/embed?start=false&loop=false&delayms=3000" width="960" height="569" >}} -### codenew for including source code files - -This shortcode is a modified version of the Kubernetes website's `codenew` shortcode. - -From the k8s content: - -You can use the `{{}}` shortcode to embed the contents of file in a code block to allow users to download or copy its content to their clipboard. This shortcode is used when the contents of the sample file is generic and reusable, and you want the users to try it out themselves. - -This shortcode takes in two named parameters: `language` and `file`. The mandatory parameter `file` is used to specify the path to the file being displayed. The optional parameter `language` is used to specify the programming language of the file. If the `language` parameter is not provided, the shortcode will attempt to guess the language based on the file extension. - -For example: - -```none -{{}} -``` - -The output is: - -{{< codenew language="yaml" file="cdaas/deploy/deploy.yaml" >}} - -When adding a new sample file, such as a YAML file, create the file in one of the `content/en/examples/` subdirectories. In the markdown of your page, use the `codenew` shortcode: - -```none -{{/example-yaml>" */>}} -``` -where `` is the path to the sample file to include, relative to the `examples` directory. The following shortcode references a YAML file located at `/content/en/examples/plugins/pac`. - -```none -{{}} -``` - ->Note: if the file doesn't already exist in the master branch of the docs repo... the download link refers to a file that doesn't exist yet! So be aware of this when testing locally or in the Netlify deploy preview. - ## Icons Search for icons at [Font Awesome](https://fontawesome.com/icons/) @@ -138,57 +105,6 @@ Renders to: ## Line highlighting -In order to highlight specific lines in a code block, we must replace the Markdown code fence with a shortcode: - -```markdown -{{}} -A line -another line -A highlighted line -Ooh, that was neat. -Here, have a $var -{{}} -``` - -renders to: - -{{< prism lang="bash" line="3" >}} -A line -another line -A highlighted line -Ooh, that was neat. -Here, have a $var -{{< /prism >}} - -You can highlight multiple lines. From the [Line Highlight](https://prismjs.com/plugins/line-highlight/) docs: - -A single number refers to the line with that number -Ranges are denoted by two numbers, separated with a hyphen (-) -Multiple line numbers or ranges are separated by commas. -Whitespace is allowed anywhere and will be stripped off. -Examples: - -* `line="5"`: The 5th line -* `line="1-5"`: Lines 1 through 5 -* `line="1,4"`: Line 1 and line 4 -* `line="1-2, 5, 9-20"`: Lines 1 through 2, line 5, lines 9 through 20 - -```markdown -{{}} -A line -another line -A highlighted line -Ooh, that was neat. -Here, have a $var -{{}} -``` - -renders to: +In order to highlight specific lines in a code block, you must replace the Markdown code fence with Hugo's `highlight` shortcode: -{{< prism lang="bash" line="1-4" >}} -A line -another line -A highlighted line -Ooh, that was neat. -Here, have a $var -{{< /prism >}} +How to use the highlight shortcode: https://gohugo.io/content-management/syntax-highlighting/. \ No newline at end of file diff --git a/content/en/contribute/create/guides/shortcodes/tabs/example1.md b/content/en/contribute/create/guides/shortcodes/tabs/example1.md index 83c16373fd..0198502869 100644 --- a/content/en/contribute/create/guides/shortcodes/tabs/example1.md +++ b/content/en/contribute/create/guides/shortcodes/tabs/example1.md @@ -7,14 +7,14 @@ This is an **example** content file inside the leaf bundle. {{< alert >}}Included content files can also contain shortcodes.{{< /alert >}} -Code rendered using Prism: +Code rendered using Hugo's `highlight` shortcode: -{{< prism lang="java" line-numbers="true">}} +{{< highlight java "linenos=table" >}} class HelloWorld { static public void main( String args[] ) { System.out.println( "Hello World!" ); } } -{{< /prism >}} +{{< /highlight >}} --- end of file 1 content -- \ No newline at end of file diff --git a/content/en/plugins/pipelines-as-code/release-notes.md b/content/en/plugins/pipelines-as-code/release-notes.md index 1e9677372a..1f3d094403 100644 --- a/content/en/plugins/pipelines-as-code/release-notes.md +++ b/content/en/plugins/pipelines-as-code/release-notes.md @@ -48,15 +48,15 @@ For more information, see [Pull Request Validation]({{< ref "plugins/pipelines-a If Pipelines-as-Code crashes on start up and you encounter an error similar to: -{{< prism lang="bash" >}} +```bash time="2020-03-06T22:35:54Z" level=fatal msg="failed to load configuration: 1 error(s) decoding:\n\n* 'Logging.Level' expected type 'string', got unconvertible type 'map[string]interface {}'" -{{< /prism >}} +``` You probably configured global logging levels with `spinnaker-local.yml`. The workaround is to override Dinghy's logging levels: -{{< prism lang="yaml" line="9-10" >}} +{{< highlight yaml "linenos=table,hl_lines=9-10" >}} apiVersion: spinnaker.armory.io/{{< param operator-extended-crd-version >}} kind: SpinnakerService metadata: @@ -67,4 +67,4 @@ spec: dinghy: Logging: Level: INFO -{{< /prism >}} +{{< /highlight >}} diff --git a/content/en/plugins/plugin-k8s-custom-resource-status.md b/content/en/plugins/plugin-k8s-custom-resource-status.md index 21e373c07f..ab8f29b072 100644 --- a/content/en/plugins/plugin-k8s-custom-resource-status.md +++ b/content/en/plugins/plugin-k8s-custom-resource-status.md @@ -35,7 +35,7 @@ These replica checks are enabled by default and do not require additional config Put the plugin configuration in the `spec.spinnakerConfig.profiles.clouddriver` section of your Operator `spinnakerservice.yml`: -```yaml +{{< highlight yaml "linenos=table,hl_lines=5-14">}} ... (omitted for brevity) spec: spinnakerConfig: @@ -50,7 +50,7 @@ spec: repositories: pluginRepository: url: https://raw.githubusercontent.com/armory-plugins/pluginRepository/master/repositories.json -``` +{{< /highlight >}} * `version`: The plugin version that corresponds to your Armory CD version. @@ -80,7 +80,7 @@ The plugin uses the following statuses: All supported properties with some example values: -{{< prism lang="yaml" >}} +```yaml spinnaker: extensibility: plugins: @@ -148,7 +148,7 @@ spinnaker: fields: - field1: value1 - field2: value2 -{{< /prism >}} +``` * `markAsUnavailableUntilStable`: (Optional) Only used under `stable` properties. If the plugin doesn't find any of the fields declared under `stable`, it marks the deployment as unavailable and waits for the deployment to become stable. The status changes to stable when the plugin finds any of the fields in the properties. * `failIfNoMatch`: (Optional) Only used under `stable` properties. In this example, if the plugin doesn't find any of the fields, it marks the deployment as failed. @@ -181,7 +181,7 @@ Accepted field formats: For example, if you want to access the field `ready` with the value `True`: -{{< prism lang="yaml" >}} +```yaml apiVersion: example.com kind: Foo metadata: @@ -193,18 +193,18 @@ status: observedGeneration: 12 values: - ready: "True" -{{< /prism >}} +``` The syntax is: -{{< prism lang="yaml" >}}ml +```yamlml config: kind: status: available: fields: - status.values.[0].ready: "True" -{{< /prism >}} +``` ## Examples @@ -212,7 +212,7 @@ config: `kubectl get foo -o yaml` -{{< prism lang="yaml" >}} +```yaml apiVersion: example.com kind: Foo metadata: @@ -233,13 +233,13 @@ status: lastUpdateTime: "2020-03-25T21:20:39Z" status: "False" type: Stalled -{{< /prism>}} +``` First map this custom resource's status values to the plugin configuration. The plugin updates the status if the values from the config match the values from your custom resource. #### Example 1.1: Config per kind -{{< prism lang="yaml" >}} +```yaml spinnaker: extensibility: plugins: @@ -274,13 +274,13 @@ spinnaker: reason: Reconciling status: "True" type: Reconciling -{{< /prism >}} +``` These properties are only for `Foo` kind. Every time you deploy `Foo`, the plugin compares the resource status values against these properties. In this case, the plugin marks the deployment as unavailable since it matches your custom resource. #### Example 1.2: Config for all Custom Resources -{{< prism lang="yaml" >}} +```yaml spinnaker: extensibility: plugins: @@ -314,7 +314,7 @@ spinnaker: reason: Reconciling status: "True" type: Reconciling -{{< /prism >}} +``` These properties apply to all custom resource kinds you deploy. If you deploy different kinds with different statuses, you should declare per kind like in `Example 1.1`. In this case, the plugin marks the deployment as unavailable since that matches your custom resource. @@ -322,7 +322,7 @@ These properties apply to all custom resource kinds you deploy. If you deploy di `kubectl get foo -o yaml` -{{< prism lang="yaml" >}} +```yaml apiVersion: example.com kind: Foo metadata: @@ -334,13 +334,13 @@ status: status: Ready message: API is ready collisionCount: 0 -{{< /prism >}} +``` First map this custom resource's status value to the plugin configuration. The plugin updates the status if the values from the config match the values from your custom resource. #### Example 2.1: Config per kind -{{< prism lang="yaml" >}} +```yaml spinnaker: extensibility: plugins: @@ -366,13 +366,13 @@ spinnaker: fields: - status.available: False status.collisionCount: 0 -{{< /prism >}} +``` These properties are only for `Foo` kind. Every time you deploy `Foo`, it compares the resource status values against these properties. In this case, the plugin marks the deployment as ready since that matches your custom resource. #### Example 2.2: Config for all Custom Resources -{{< prism lang="yaml" >}} +```yaml spinnaker: extensibility: plugins: @@ -397,7 +397,7 @@ spinnaker: fields: - status.available: False status.collisionCount: 0 -{{< /prism >}} +``` These properties apply to all custom resource kinds you deploy. If you deploy different kinds with different statuses, you should declare per kind like in `Example 2.1`. In this case, the plugin marks the deployment as ready since that matches your custom resource. diff --git a/content/en/plugins/policy-engine/_index.md b/content/en/plugins/policy-engine/_index.md index 9e972d5587..139299e987 100644 --- a/content/en/plugins/policy-engine/_index.md +++ b/content/en/plugins/policy-engine/_index.md @@ -255,7 +255,7 @@ The Policy Engine plugin extends Orca, Gate, Front50, Clouddriver, and Deck. You 1. Add the following to `gate-local.yml`, `orca-local.yml`, `front50-local.yml`, and `clouddriver.yml`: - {{< prism lang="yaml" >}} + ```yaml armory: policyEngine: failOpen: false @@ -271,7 +271,7 @@ The Policy Engine plugin extends Orca, Gate, Front50, Clouddriver, and Deck. You enabled: true policyEngine: url: https://raw.githubusercontent.com/armory-plugins/pluginRepository/master/repositories.json - {{< /prism >}} + ``` 1. Save your files and apply your changes by running `hal deploy apply`. {{% /tab %}} @@ -280,29 +280,29 @@ The Policy Engine plugin extends Orca, Gate, Front50, Clouddriver, and Deck. You 1. Add the plugins repository - {{< prism lang="bash" >}} + ```bash hal plugins repository add policyEngine \ --url=https://raw.githubusercontent.com/armory-plugins/pluginRepository/master/repositories.json - {{< /prism >}} + ``` This creates the following entry in your `.hal/config`: - {{< prism lang="yaml" >}} + ```yaml repositories: policyEngine: enabled: true url: https://raw.githubusercontent.com/armory-plugins/pluginRepository/master/repositories.json - {{< /prism >}} + ``` 1. Add the plugin Be sure to replace `` with the version that's compatible with your Spinnaker instance. - {{< prism lang="bash" >}} + ```bash hal plugins add Armory.PolicyEngine --version= --enabled=true - {{< /prism >}} + ``` If you specified version 0.2.2, Halyard creates the following entry in your `.hal/config` file: - {{< prism lang="yaml" >}} + ```yaml spinnaker: extensibility: plugins: @@ -310,7 +310,7 @@ The Policy Engine plugin extends Orca, Gate, Front50, Clouddriver, and Deck. You id: Armory.PolicyEngine enabled: true version: 0.2.2 - {{< /prism >}} + ``` 1. Apply the changes by executing `hal deploy apply`. {{% /tab %}} diff --git a/content/en/plugins/policy-engine/use/_index.md b/content/en/plugins/policy-engine/use/_index.md index 8f2db41e1f..f3516e02f0 100644 --- a/content/en/plugins/policy-engine/use/_index.md +++ b/content/en/plugins/policy-engine/use/_index.md @@ -235,7 +235,7 @@ If a user attempts to perform an action that they are not allowed to, a window a The following example policy prevents the user `milton` from taking specific actions in the UI. Specifically, the user cannot use the **Edit** or **Delete** buttons on the **Clusters** tab. **Example policy:** -{{< prism lang="rego" line="2-8" >}} +{{< highlight rego "linenos=table,hl_lines=2-8" >}} package spinnaker.http.authz default allow=false allow { @@ -260,7 +260,7 @@ package spinnaker.http.authz input.body.job[_].type="deleteManifest" input.user.username="milton" } -{{< /prism >}} +{{< /highlight >}} Note the highlighted lines. This is where defining and returning a custom message for the `spinnaker.http.authz` package differs from other packages. diff --git a/content/en/plugins/policy-engine/use/packages/common-objects/input.user.md b/content/en/plugins/policy-engine/use/packages/common-objects/input.user.md index 83c2b8a1f0..053cae4299 100644 --- a/content/en/plugins/policy-engine/use/packages/common-objects/input.user.md +++ b/content/en/plugins/policy-engine/use/packages/common-objects/input.user.md @@ -6,11 +6,11 @@ description: "The `input.user` object is present in most packages. This object p The following function can be used in your policies to determine if a user has a particular role assigned to it: -{{< prism lang="rego" line-numbers="true" >}} +```rego hasRole(role){ input.user.roles[_].name=role } -{{< /prism >}} +``` | Key | Type | Description | | -------------------------- | --------- | ------------------------------------------------------------------------------------------------------------------------------------------------ | diff --git a/content/en/plugins/policy-engine/use/packages/opa.pipelines.md b/content/en/plugins/policy-engine/use/packages/opa.pipelines.md index bbb481defa..6c5772cac9 100644 --- a/content/en/plugins/policy-engine/use/packages/opa.pipelines.md +++ b/content/en/plugins/policy-engine/use/packages/opa.pipelines.md @@ -195,7 +195,7 @@ weight: 10 Requires a manual approval by the `qa` role, and a manual approval by the `infosec` role happen earlier in a pipeline than any deployment to a production account. Production accounts must have been loaded into the OPA data document in an array named `production_accounts`: - {{< prism lang="rego" line-numbers="true" >}} + ```rego package opa.pipelines deny["production deploy stage must follow approval by 'qa' and 'infosec'"] { @@ -222,13 +222,13 @@ Requires a manual approval by the `qa` role, and a manual approval by the `infos lacksEarlierApprovalBy(role,idx) { not hasEarlierApprovalBy(role,idx) } - {{< /prism >}} + ``` ## Allow list for target namespaces Only allows applications to deploy to namespaces that are on an allow list. - {{< prism lang="rego" line-numbers="true" >}} + ```rego package opa.pipelines allowedNamespaces:=[{"app":"app1","ns": ["ns1","ns2"]}, @@ -245,13 +245,13 @@ Only allows applications to deploy to namespaces that are on an allow list. allowedNamespaces[i].app==application allowedNamespaces[i].ns[_]==namespace } - {{< /prism >}} + ``` ## Deployment window The policy prevents a user from saving a pipeline that deploys to production accounts unless the first stage of the pipeline specifies a schedule that prevents it from starting executions between 2pm and 7pm Pacific Standard Time (PST). - {{< prism lang="rego" line-numbers="true" >}} + ```rego package opa.pipelines productionAccounts:=["spinnaker"] @@ -291,7 +291,7 @@ The policy prevents a user from saving a pipeline that deploys to production acc { count(window.whitelist)==0 } - {{< /prism >}} + ``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/cleanupArtifacts.md b/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/cleanupArtifacts.md index 2a8c92f5a6..e98d1e6887 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/cleanupArtifacts.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/cleanupArtifacts.md @@ -338,7 +338,8 @@ description: "Used by policies to affect the ‘Cleanup Artifacts’ task." ## Example Policy Prevents cleanupArtifacts tasks from running on any account in a predefined list. -{{< prism lang="rego" line-numbers="true" >}} + +```rego package spinnaker.deployment.tasks.before.cleanupArtifacts productionAccounts :=["prod1","prod2"] @@ -346,8 +347,8 @@ productionAccounts :=["prod1","prod2"] deny["Artifactss may not be cleaned up from production accounts"] { input.deploy.account==productionAccounts[_] } +``` -{{< /prism >}} ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/deleteManifest.md b/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/deleteManifest.md index 080a64d69b..d0f2f39c91 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/deleteManifest.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/deleteManifest.md @@ -46,13 +46,13 @@ If your policy is for controlling manual deletion triggers from within the Armor ## Example Policy This example policy prevents deleteManifest tasks from running unless they provide a grace period of 30 seconds or more. -{{< prism lang="rego" line-numbers="true" >}} +``` package spinnaker.deployment.tasks.before.deleteManifest deny["A minimum 30 second grace period must be given when deleting a kubernetes manifest"] { input.deploy.options.gracePeriodSeconds<30 } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/deployManifest.md b/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/deployManifest.md index d704a7ed23..608420289c 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/deployManifest.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/deployManifest.md @@ -144,7 +144,7 @@ description: "Policy checks that run immediately before a task deploys a Spinnak This example prevents deploying of pods, pod templates (deployments/jobs/replicasets) and services that use the following services: HTTP, FTP, TELNET, POP3, NNTP, IMAP, LDAP, SMTP -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.deployment.tasks.before.deployManifest blockedPorts := [20,21,23,80,110,119,143,389,587,8080,8088,8888] @@ -161,11 +161,11 @@ deny["A port typically used by an unencrypted protocol was detected."] { #Check for pod template input.deploy.manifests[_].spec.template.spec.containers[_].ports[_].containerPort=blockedPorts[_] } -{{< /prism >}} +``` This example requires that the annotations 'owner' and 'app' are applied on all deployed infrastructure. -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.deployment.tasks.before.deployManifest required_annotations:=["app","owner"] @@ -176,7 +176,7 @@ deny["Manifest is missing a required annotation"] { # Use object.get to check if data exists object.get(annotations,required_annotations[_],null)==null } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/scaleManifest.md b/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/scaleManifest.md index 5c9568afc1..2860ad79e4 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/scaleManifest.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/scaleManifest.md @@ -29,7 +29,7 @@ description: "A policy that runs before executing each task in a Scale Manifest This policy prevents scaling a deployment or replicaset in a production account to have <2 replicas. -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.deployment.tasks.before.scaleManifest productionAccounts :=["prod1","prod2"] @@ -38,7 +38,7 @@ deny["production accounts require >1 replicas to avoid a single point of failure input.deploy.location==productionAccounts[_] input.deploy.replicas<2 } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/undoRolloutManifest.md b/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/undoRolloutManifest.md index 0896ebeb53..a1daa03236 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/undoRolloutManifest.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.deployment/tasks.before/undoRolloutManifest.md @@ -27,13 +27,13 @@ description: "Policy checks that run immediately before a task rolls back a spin ## Example Policy -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.deployment.tasks.before.undoRolloutManifest deny ["You may only rollback 1 revision at a time."]{ input.deploy.numRevisionsBack!=1 } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/pipelines.before.md b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/pipelines.before.md index 3c0ebeba94..579d6f8297 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/pipelines.before.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/pipelines.before.md @@ -362,7 +362,7 @@ description: "Policy that is evaluated when a pipeline starts executing, but bef ## Example Policy -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.execution.pipelines.before deny["Kubernetes deployments can only be triggered by webhooks, docker, or manually."] { @@ -374,7 +374,7 @@ deny["Kubernetes deployments can only be triggered by webhooks, docker, or manua trigger.type != "webhook" trigger.type != "manual" } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/bake.md b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/bake.md index 293cc3e22d..6449d95eb2 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/bake.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/bake.md @@ -410,13 +410,13 @@ More information about the bake stage can be found in [Bake Amazon Machine Image Requires that baked images are of type `hvm`. -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.execution.stages.before.bake deny["all baked images must be of type hvm"]{ input.stage.context.vmType!="hvm" } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/cloneServerGroup.md b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/cloneServerGroup.md index c03f2acd3b..443dc7f2d7 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/cloneServerGroup.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/cloneServerGroup.md @@ -382,7 +382,7 @@ More information on the clone server group stage can be found in Spinnaker's [do ## Example Policy -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.execution.stages.before.cloneServerGroup productionAccounts :=["prod1","prod2"] @@ -396,7 +396,7 @@ deny["ASGs running in production must have a minimum of 2 instances to avoid hav input.stage.context.useSourceCapacity==false object.get(input.stage.context,"capacity",null)==null } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/concourse.md b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/concourse.md index 8813ccaa1f..56d41c3f7b 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/concourse.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/concourse.md @@ -285,11 +285,11 @@ weight: 10 This example disables the use of concourse stages. -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.execution.stages.before.concourse deny["Pipelines may not use the 'Concourse' stage."] -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/createServerGroup.md b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/createServerGroup.md index 76eaa645b2..a4f301e19e 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/createServerGroup.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/createServerGroup.md @@ -413,7 +413,7 @@ weight: 10 Prevent server groups from being created in production with fewer than 1 instance. -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.execution.stages.before.createServerGroup productionAccounts :=["prod1","prod2"] @@ -422,7 +422,7 @@ deny["ASGs running in production must have a minimum of 2 instances to avoid hav input.stage.context.account==productionAccounts[_] object.get(input.stage.context.capacity,"min",0)<2 } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/deleteManifest.md b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/deleteManifest.md index b1d2bdcd6a..be7b5bcd63 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/deleteManifest.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/deleteManifest.md @@ -46,7 +46,7 @@ See [Deploy Applications to Kubernetes]({{< ref "kubernetes-v2#available-manifes This example policy requires Delete Manifest stages to provide a minimum 2 minute grace period when run in production. -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.execution.stages.before.deleteManifest productionAccounts :=["prod1","prod2"] @@ -55,7 +55,7 @@ deny["deletions in production accounts must allow a minimum of 2 minutes for gra input.deploy.account==productionAccounts[_] input.deploy.options.gracePeriodSeconds<120 } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/deployManifest.md b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/deployManifest.md index 978db7fa3d..2580377e7e 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/deployManifest.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/deployManifest.md @@ -1555,7 +1555,7 @@ weight: 10 - This policy requires that a set of annotations have been applied to any manifests that are being deployed. Specifically the annotations 'app' and 'owner' must have been applied. - {{< prism lang="rego" line-numbers="true" >}} + ```rego package spinnaker.execution.stages.before.deployManifest required_annotations:=["app","owner"] deny["Manifest is missing a required annotation"] { @@ -1569,13 +1569,13 @@ weight: 10 # Use object.get to check if data exists object.get(annotations,required_annotations[_],null)==null } - {{< /prism >}} + ```
- This policy requires prevents exposing a set of ports that are unencrypted buy have encrypted alternatives. Specifically this policy prevents exposing HTTP, FTP, TELNET, POP3, NNTP, IMAP, LDAP, and SMTP from a pod, deployment, or replicaset. - {{< prism lang="rego" line-numbers="true" >}} + ```rego package spinnaker.execution.stages.before.deployManifest blockedPorts := [20,21,23,80,110,119,143,389,587,8080,8088,8888] @@ -1592,13 +1592,13 @@ weight: 10 #Check for pod template input.stage.context.manifests[_].spec.template.spec.containers[_].ports[_].containerPort=blockedPorts[_] } - {{< /prism >}} + ```
- This policy checks whether or not the image being approved is on a list of imaged that are approved for deployment. The list of what images are approved must seperately be uploaded to the OPA data document - {{< prism lang="rego" line-numbers="true" >}} + ```rego package spinnaker.execution.stages.before.deployManifest deny["Manifest creates a pod from an image that is not approved by the security scanning process."] { @@ -1616,13 +1616,13 @@ weight: 10 isImageUnApproved(image){ not isImageApproved(image) } isImageApproved(image){ image==data.approvedImages[_]} - {{< /prism >}} + ```
- This policy prevents applications from deploying to namespaces that they are not whitelisted for. - {{< prism lang="rego" line-numbers="true" >}} + ```rego package spinnaker.execution.stages.before.deployManifest allowedNamespaces:=[{"app":"app1","ns": ["ns1","ns2"]}, @@ -1639,7 +1639,7 @@ weight: 10 allowedNamespaces[i].app==application allowedNamespaces[i].ns[_]==namespace } - {{< /prism >}} + ``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/manualJudgment.md b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/manualJudgment.md index 1f2a255e40..8916f5e280 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/manualJudgment.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/manualJudgment.md @@ -437,7 +437,7 @@ weight: 10 This example policy prevents execution of any manual judgement stage that can be approved by multiple roles, or for which the approving role is not on a whitelist of approving roles. -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.execution.stages.before.manualJudgment approving_roles=["infosec","qa"] @@ -454,7 +454,7 @@ deny["Manual Judgement stages may only approved by the following roles: qa, info isApprovedRole(role){ approving_roles[_]==role } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/patchManifest.md b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/patchManifest.md index 7089d41a56..59ade7c968 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/patchManifest.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/patchManifest.md @@ -436,7 +436,7 @@ weight: 10 - This example checks the manifest being applied and ensures that it contains a set of required annotations. - {{< prism lang="rego" line-numbers="true" >}} + ```rego package spinnaker.execution.stages.before.patchManifest required_annotations:=["app","owner"] @@ -446,17 +446,17 @@ weight: 10 # Use object.get to check if data exists object.get(annotations,required_annotations[_],null)==null } - {{< /prism >}} + ``` - This example prevents patchManifest stages from running unless they require recording the patch annotation. - {{< prism lang="rego" line-numbers="true" >}} + ```rego package spinnaker.execution.stages.before.patchManifest deny["Patching manifests is not allowed by policy unless recording the patch annotation is enabled."] { input.stage.context.options.record!=true } - {{< /prism >}} + ``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/pipeline.md b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/pipeline.md index 63a98233e0..8b01e793da 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/pipeline.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/pipeline.md @@ -290,13 +290,13 @@ weight: 10 This policy prevents a pipeline from starting execution of other pipelines unless it waits for them to complete before continuing. -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.execution.stages.before.pipeline deny["Parent pipelines must wait for any triggered child pipelines to complete before continuing execution."] { input.stage.context.waitForCompletion!=true } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/scaleManifest.md b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/scaleManifest.md index 00fadab64f..ae8ffb06cd 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/scaleManifest.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/scaleManifest.md @@ -218,7 +218,7 @@ See [Deploy Applications to Kubernetes]({{< ref "kubernetes-v2#available-manifes This policy prevents scaleManifest stages from running in a pipeline unless it is triggered by a webhook with a source of 'prometheus' -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.execution.stages.before.scaleManifest deny ["scaling can only be run in pipelines that are triggered by monitoring, not by manually triggered pipelines"]{ @@ -226,7 +226,7 @@ deny ["scaling can only be run in pipelines that are triggered by monitoring, no }{ object.get(input.pipeline.trigger,"source","")!="prometheus" } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/undoRolloutManifest.md b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/undoRolloutManifest.md index 925bc328db..2cc9011d04 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/undoRolloutManifest.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.execution/stages.before/undoRolloutManifest.md @@ -211,7 +211,7 @@ See [Deploy Applications to Kubernetes]({{< ref "kubernetes-v2#available-manifes Requires a reason to be provided for any rollback. -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.http.authz default message="" allow = message=="" @@ -225,7 +225,7 @@ createsTaskOfType(tasktype){ input.path=["tasks"] input.body.job[_].type=tasktype } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/_index.md b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/_index.md index a0b1e7b57d..1d8b951fbf 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/_index.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/_index.md @@ -49,13 +49,13 @@ Other paths contain additional keys/data that can be used when writing policies. This policy simply grants all users access to all APIs. It is a good policy to enable on `spinnaker.http.authz` if you do not need a more complicated policy. -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.http.authz default allow = true allow { input.user.isAdmin == true } -{{< /prism >}} +``` ## Special considerations diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/pipelines.md b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/pipelines.md index ffdb5298d7..da41220060 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/pipelines.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/pipelines.md @@ -207,7 +207,7 @@ description: "Controls access to the Spinnaker pipelines API. Can be used to pre ## Example Policy -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.http.authz default message="" allow=message=="" @@ -217,7 +217,7 @@ message="Only admins can save pipelines"{ input.method="POST" input.user.isAdmin!=true } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/_index.md b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/_index.md index a097a85756..af8db6f041 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/_index.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/_index.md @@ -10,13 +10,13 @@ description: "Posts to the tasks api create new tasks in Spinnaker." The following rego function can be leveraged in any task to determine what task type is being created: -{{< prism lang="rego" line-numbers="true" >}} +```rego createsTaskOfType(tasktype){ input.method="POST" input.path=["tasks"] input.body.job[_].type=tasktype } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.createApplication.md b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.createApplication.md index b962282c46..9805b19a3c 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.createApplication.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.createApplication.md @@ -58,7 +58,7 @@ description: "A policy call is made for this type anytime a user attmpts to crea - This policy disables the ability to create new applications for non-admin users unless their role is 'applicationCreators'. - {{< prism lang="rego" line-numbers="true" >}} + ```rego package spinnaker.http.authz default message="" allow = message=="" @@ -75,12 +75,12 @@ description: "A policy call is made for this type anytime a user attmpts to crea input.path=["tasks"] input.body.job[_].type=tasktype } - {{< /prism >}} + ``` - This policy disables the ability to create new applications, or update existing applications unless the applications have specified at least 1 role with 'write' permissions. **Note:** The spinnaker UI is not currently able to display an error message when this policy denies the action. - {{< prism lang="rego" line-numbers="true" >}} + ```rego package spinnaker.http.authz allow = message=="" @@ -100,7 +100,7 @@ description: "A policy call is made for this type anytime a user attmpts to crea input.path=["tasks"] input.body.job[_].type=tasktype } - {{< /prism >}} + ``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.deleteManifest.md b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.deleteManifest.md index 7b77e18f51..b0049676ca 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.deleteManifest.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.deleteManifest.md @@ -54,7 +54,7 @@ description: "Policy controls whether or not a deleteManifest that is triggered This example prevents users from deleting deployed manifests from production accounts on the 'Clusters' tab of the spinnaker UI. -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.http.authz default message="" allow = message=="" @@ -72,7 +72,7 @@ createsTaskOfType(tasktype){ input.path=["tasks"] input.body.job[_].type=tasktype } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.deployManifest.md b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.deployManifest.md index 55ea5aa968..86428ddaf1 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.deployManifest.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.deployManifest.md @@ -160,7 +160,7 @@ description: "Policy controls whether or not a deployManifest that is triggered Prevents editing manifests from outside of a pipeline on production accounts. -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.http.authz default message="" allow = message=="" @@ -178,7 +178,7 @@ createsTaskOfType(tasktype){ input.path=["tasks"] input.body.job[_].type=tasktype } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.scaleManifest.md b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.scaleManifest.md index f00e5840c4..e6fcbc1ef6 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.scaleManifest.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.scaleManifest.md @@ -52,7 +52,7 @@ description: "Policy controls whether or not a scaleManifest that is triggered f - This policy prevents requires users to enter a reason when performing a scale from outside or a pipeline. - {{< prism lang="rego" line-numbers="true" >}} + ```rego package spinnaker.http.authz default message="" allow = message=="" @@ -66,11 +66,11 @@ description: "Policy controls whether or not a scaleManifest that is triggered f input.path=["tasks"] input.body.job[_].type=tasktype } - {{< /prism >}} + ``` - This policy prevents non-admin users from initiating a scaleManifest from the 'clusters' tab of an application. - {{< prism lang="rego" line-numbers="true" >}} + ```rego package spinnaker.http.authz default message="" allow = message=="" @@ -84,7 +84,7 @@ description: "Policy controls whether or not a scaleManifest that is triggered f input.path=["tasks"] input.body.job[_].type=tasktype } - {{< /prism >}} + ``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.updateApplication.md b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.updateApplication.md index 4f1e15cf34..eaa5d4e2f8 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.updateApplication.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.updateApplication.md @@ -82,7 +82,7 @@ This policy disables the ability to create new applications, or update existing > **Note:** The UI is not currently able to display an error message when this policy denies the action. -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.http.authz allow = message=="" @@ -102,7 +102,7 @@ createsTaskOfType(tasktype){ input.path=["tasks"] input.body.job[_].type=tasktype } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.upsertProject.md b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.upsertProject.md index 4834400d97..74ae3f2723 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.upsertProject.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.http.authz/tasks/type.upsertProject.md @@ -64,9 +64,9 @@ description: "A policy call is made for this type anytime a user attmpts to crea ## Example Policy -{{< prism lang="rego" line-numbers="true" >}} +```rego -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/policy-engine/use/packages/spinnaker.ui.entitlements.isFeatureEnabled/_index.md b/content/en/plugins/policy-engine/use/packages/spinnaker.ui.entitlements.isFeatureEnabled/_index.md index 17223742bd..ba53bc0288 100644 --- a/content/en/plugins/policy-engine/use/packages/spinnaker.ui.entitlements.isFeatureEnabled/_index.md +++ b/content/en/plugins/policy-engine/use/packages/spinnaker.ui.entitlements.isFeatureEnabled/_index.md @@ -52,7 +52,7 @@ Note: this package only allows hiding functionality entirely. If you instead wan Disables the **Configure Application**, **Create Application**, and **Create Project** buttons in the UI for non-admin users unless they have a particular role. -{{< prism lang="rego" line-numbers="true" >}} +```rego package spinnaker.ui.entitlements.isFeatureEnabled default message="" allow = message=="" @@ -74,7 +74,7 @@ Disables the **Configure Application**, **Create Application**, and **Create Pro input.path=["tasks"] input.body.job[_].type=tasktype } -{{< /prism >}} +``` ## Keys diff --git a/content/en/plugins/scale-agent/install/advanced/config-service.md b/content/en/plugins/scale-agent/install/advanced/config-service.md index 325c6ae264..91da2e1659 100644 --- a/content/en/plugins/scale-agent/install/advanced/config-service.md +++ b/content/en/plugins/scale-agent/install/advanced/config-service.md @@ -38,19 +38,19 @@ Agent may not use all the properties you copy from the original source definitio In Agent mode, your configuration should look similar to this: -{{< prism lang="yaml" >}} +```yaml kubernetes: accounts: - name: account-01 serviceAccount: true ... -{{< /prism >}} +``` #### Spinnaker Service and Infrastructure modes You set up multiple accounts per Agent in these modes. Your configuration should look similar to this: -{{< prism lang="yaml" >}} +```yaml kubernetes: accounts: - name: account-name-01 @@ -58,7 +58,7 @@ kubernetes: - name: account-name-02 kubeconfigFile: /kubeconfigfiles/kubecfg-account02.yaml - ... -{{< /prism >}} +``` ### Automatically migrate accounts from Clouddriver to Agent diff --git a/content/en/plugins/scale-agent/install/advanced/service-deploy/helm/frag-helm-agent-mode.md b/content/en/plugins/scale-agent/install/advanced/service-deploy/helm/frag-helm-agent-mode.md index 9cf99456b7..20587058c8 100644 --- a/content/en/plugins/scale-agent/install/advanced/service-deploy/helm/frag-helm-agent-mode.md +++ b/content/en/plugins/scale-agent/install/advanced/service-deploy/helm/frag-helm-agent-mode.md @@ -8,24 +8,24 @@ Run one of the following commands: You must include your Armory Cloud **clientId** and **clientSecret** credentials. - {{< prism lang="bash" line="4" >}} + ```bash helm install armory-agent armory-charts/agent-k8s-full \ --create-namespace \ --namespace= \ --set hub.auth.armory.clientId=,hub.auth.armory.secret= - {{< /prism >}} + ``` 1. If you don't want to connect to Armory Cloud services: You must include your gPRC endpoint, such as `localhost:9090`. - - {{< prism lang="bash" line="4" >}} + + ```bash helm install armory-agent armory-charts/agent-k8s-full \ --create-namespace \ --namespace= \ --set config.clouddriver.grpc= - {{< /prism >}} + ``` Command options: diff --git a/content/en/plugins/scale-agent/install/advanced/service-deploy/helm/frag-helm-infra-mode.md b/content/en/plugins/scale-agent/install/advanced/service-deploy/helm/frag-helm-infra-mode.md index c08779246e..99c266aefe 100644 --- a/content/en/plugins/scale-agent/install/advanced/service-deploy/helm/frag-helm-infra-mode.md +++ b/content/en/plugins/scale-agent/install/advanced/service-deploy/helm/frag-helm-infra-mode.md @@ -6,15 +6,15 @@ Before you start, make sure: 1. Each account has a **kubeconfig** file that grants access to the deployment target cluster. If you use Amazon EKS, you can run the following command: - {{< prism lang="bash" >}} + ```bash aws eks update-kubeconfig --name - {{< /prism >}} + ``` 1. Each account has a **kubeconfig** file and a secret created from that file. For example: - {{< prism lang="bash" >}} + ```bash kubectl create secret generic kubeconfig --from-file=/.kube/config -n - {{< /prism >}} + ``` See the `kubectl create secret generic` [docs](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#-em-secret-generic-em-) for command details. @@ -27,7 +27,7 @@ Run one of the following commands: You must set your **kubeconfig** file and secret. `` is the name of the file you used when you created the secret. If you used `--from-file=/.kube/config`, the value of `` is `config`. - {{< prism lang="bash" line="4" >}} + ```bash helm install armory-agent armory-charts/agent-k8s-full \ --create-namespace \ --namespace= \ @@ -35,7 +35,7 @@ Run one of the following commands: ,hub.auth.armory.secret= \ ,kubeconfigs..file= \ ,kubeconfigs..secret= - {{< /prism >}} + ``` 1. If you don't want to connect to Armory Cloud services: @@ -44,14 +44,14 @@ Run one of the following commands: You must set your **kubeconfig** file and secret. `` is the name of the file you used when you created the secret. If you used `--from-file=/.kube/config`, the value of `` is `config`. - {{< prism lang="bash" line="4" >}} + ```bash helm install armory-agent armory-charts/agent-k8s-full \ --create-namespace \ --namespace= \ --set config.clouddriver.grpc= \ ,kubeconfigs..file= \ ,kubeconfigs..secret= - {{< /prism >}} + ``` Command options: diff --git a/content/en/plugins/scale-agent/install/advanced/service-deploy/helm/index.md b/content/en/plugins/scale-agent/install/advanced/service-deploy/helm/index.md index 941871bcb7..b9ef6ce89a 100644 --- a/content/en/plugins/scale-agent/install/advanced/service-deploy/helm/index.md +++ b/content/en/plugins/scale-agent/install/advanced/service-deploy/helm/index.md @@ -27,16 +27,16 @@ Ensure you have completed the following steps before you install the Armory Scal To add the Armory chart repo, execute the following command: - {{< prism lang="bash" >}} + ```bash helm repo add armory-charts http://armory.jfrog.io/artifactory/charts - {{< /prism >}} + ``` If you have previously added the chart repo, update it with the following commands: - {{< prism lang="bash" >}} + ```bash helm repo update helm upgrade armory-agent armory-charts/agent-k8s-full - {{< /prism >}} + ``` 1. You are familiar with the various use cases for deploying Scale Agent services to your Kubernetes clusters. @@ -55,18 +55,18 @@ Create a pipeline with a **Deploy manifest** stage. You should see your target c The `env` parameters are optional and only need to be used if Armory CD is behind an HTTP(S) proxy. If you need to set more than one of the `env` parameters, you must increment the index value for the parameters. For example: `env[0].name="HTTP_PROXY`, `env[1].name="HTTPS_PROXY"`, and `env[2].name="NO_PROXY"`. -{{< prism lang="bash" line="4-6">}} +{{< highlight rego "linenos=table,hl_lines=4-6" >}} helm install armory-agent armory-charts/agent-k8s-full \ --create-namespace \ --namespace= \ --set env[0].name=”HTTP_PROXY”,env[0].value=":" \ ,env[1].name=”HTTPS_PROXY”,env[1].value=":" \ ,env[2].name=”NO_PROXY”,env[2].value="localhost,127.0.0.1,*.spinnaker" -{{< /prism >}} +{{< /highlight >}} Alternatively, you can create a `values.yaml` file to include the parameters: -{{< prism lang="yaml" >}} +```yaml env: - name: HTTP_PROXY value: : @@ -74,7 +74,7 @@ env: value: : - name: NO_PROXY value: localhost,127.0.0.1,*.spinnaker -{{< /prism >}} +``` With the file, you can avoid setting individual `env` parameters in the `helm install` command. Instead include the `--values` parameter as part of the Helm install command: @@ -86,25 +86,25 @@ With the file, you can avoid setting individual `env` parameters in the `helm in If you need to download the Armory Scale Agent image from a different registry, you can specify that repository using the following settings: -{{< prism lang="bash">}} +```bash --set image.repository=,image.imagePullPolicy=IfNotPresent, / image.imagePullSecrets= -{{< /prism>}} +``` Alternatively, you can create a `values.yaml` file to include the settings: -{{< prism lang="yaml" >}} +```yaml image: repository: imagePullPolicy: IfNotPresent imagePullSecrets: -{{< /prism >}} +``` Include the `--values` parameter as part of the Helm install command: -{{< prism lang="bash" >}} +```bash --values=/values.yaml -{{< /prism >}} +``` ## Custom configuration @@ -119,33 +119,33 @@ You can update configuration options via the command line by using `--set config You can also override default settings in your own `armory-agent.yml` file. For example, if you want to modify the default logging settings, create an `armory-agent.yml` file with the following content: -{{< prism lang="yaml" >}} +```yaml logging: file: "my-log" format: "json" level: "debug" -{{< /prism >}} +``` Note that you do not use "config" in the `armory-agent` file even though you do when setting config using the command line. Then use the `--set-file` option in the Helm `install` command: -{{< prism lang="bash" line="4">}} +{{< highlight bash "linenos=table,hl_lines=4" >}} helm install armory-agent armory-charts/agent-k8s-full \ --create-namespace \ --namespace= \ --set-file agentyml=/armory-agent.yml -{{< /prism >}} +{{< /highlight >}} You can pass in an `armory-agent.yml` file and also override values on the command line: -{{< prism lang="bash" line="4-5">}} +{{< highlight bash "linenos=table,hl_lines=4-5">}} helm install armory-agent armory-charts/agent-k8s-full \ --create-namespace \ --namespace= \ --set-file agentyml=/armory-agent.yml \ --set config.logging.level=debug -{{< /prism >}} +{{< /highlight >}} ### The difference between `values.yaml` and `armory-agent.yml` @@ -155,13 +155,13 @@ helm install armory-agent armory-charts/agent-k8s-full \ You can use both files. For example: -{{< prism lang="bash" line="4-5">}} +{{< highlight bash "linenos=table,hl_lines=4-5">}} helm install armory-agent armory-charts/agent-k8s-full \ --create-namespace \ --namespace= \ --set-file agentyml=/armory-agent.yml \ --values=/values.yaml -{{< /prism >}} +``` ## Examples @@ -170,23 +170,24 @@ helm install armory-agent armory-charts/agent-k8s-full \
Armory Cloud, custom config This example installs the Armory Scale Agent service into the "dev" namespace with a connection to Armory Cloud services and the following custom configuration: + - `debug` logging level - Increase the Armory Scale Agent request retry attempts to 5 - Increase the time (in milliseconds) to wait between retry attempts to 5000 - Enables Prometheus. -{{< prism lang="bash" >}} +```bash helm install armory-agent armory-charts/agent-k8s-full \ --create-namespace \ --namespace=dev \ --set hub.auth.armory.clientId=clientID123,hub.auth.armory.secret=s3cret \ ,config.logging.level=debug,config.kubernetes.retries.maxRetries=5 \ ,config.kubernetes.retries.backOffMs=5000,config.prometheus.enabled=true -{{< /prism >}} +``` The same custom configuration in an `armory-agent.yml` file: -{{< prism lang="yaml" >}} +```yaml logging: level: "debug" kubernetes: @@ -195,17 +196,17 @@ kubernetes: backOffMs: 5000 prometheus: enabled: true -{{< /prism >}} +``` Install the Armory Scale Agent with configuration in a file: -{{< prism lang="bash" >}} +```bash helm install armory-agent armory-charts/agent-k8s-full \ --create-namespace \ --namespace=dev \ --set hub.auth.armory.clientId=clientID123,hub.auth.armory.secret=s3cret --set-file agentyml=/Users/armory/armory-agent.yml -{{< /prism >}} +```
@@ -213,7 +214,7 @@ helm install armory-agent armory-charts/agent-k8s-full \ This example installs the Armory Scale Agent service into the "dev" namespace with a local gPRC endpoint (no Armory Cloud services connection), pulls the image from a private registry, and configures proxy settings. -{{< prism lang="bash" >}} +```bash helm install armory-agent armory-charts/agent-k8s-full \ --create-namespace \ --namespace=dev \ @@ -225,11 +226,11 @@ helm install armory-agent armory-charts/agent-k8s-full \ ,env[1].name=”HTTPS_PROXY”,env[1].value="corp.proxy.com:443" \ ,env[2].name=”NO_PROXY”,env[2].value="localhost,127.0.0.1,*.spinnaker" -{{< /prism >}} +``` The same custom configuration in a `values.yaml` file: -{{< prism lang="yaml" >}} +```yaml image: repository: private-reg/agent-k8s imagePullPolicy: IfNotPresent @@ -242,17 +243,17 @@ env: value: corp.proxy.com:443 - name: NO_PROXY value: localhost,127.0.0.1,*.spinnaker -{{< /prism >}} +``` Install the Armory Scale Agent with configuration in a file: -{{< prism lang="bash" >}} +```bash helm install armory-agent armory-charts/agent-k8s-full \ --create-namespace \ --namespace=dev \ --values=/Users/armory/values.yaml --set config.clouddriver.grpc=spin-clouddriver-grpc:9091 -{{< /prism >}} +``` @@ -266,7 +267,7 @@ This example installs the Armory Scale Agent service into the "dev" namespace wi Agent configuration in an `armory-agent.yml` file: -{{< prism lang="yaml" >}} +```yaml logging: level: "debug" kubernetes: @@ -275,11 +276,11 @@ kubernetes: backOffMs: 5000 prometheus: enabled: true -{{< /prism >}} +``` Additionally, a `values.yaml` file contains custom repository and proxy settings: -{{< prism lang="yaml" >}} +```yaml image: repository: private-reg/agent-k8s imagePullPolicy: IfNotPresent @@ -292,19 +293,19 @@ env: value: corp.proxy.com:443 - name: NO_PROXY value: localhost,127.0.0.1,*.spinnaker -{{< /prism >}} +``` Install command: -{{< prism lang="bash" >}} +```bash helm install armory-agent armory-charts/agent-k8s-full \ --create-namespace \ --namespace=dev \ --set hub.auth.armory.clientId=clientID123,hub.auth.armory.secret=s3cret --set-file agentyml=/Users/armory/armory-agent.yml --vaues=/Users/amory/values.yaml -{{< /prism >}} +``` @@ -321,19 +322,19 @@ This example installs the Armory Scale Agent service into the "dev" namespace wi Create the namespace: -{{< prism lang="bash" >}} +```bash kubectl create namespace dev -{{< /prism >}} +``` Create the secret: -{{< prism lang="bash" >}} +```bash kubectl create secret generic kubeconfig --from-file=/User/armory/.kube/config -n dev -{{< /prism >}} +``` Install the Armory Scale Agent: -{{< prism lang="bash" >}} +```bash helm install armory-agent armory-charts/agent-k8s-full \ --namespace=dev \ --set hub.auth.armory.clientId=clientID123,hub.auth.armory.secret=s3cret \ @@ -341,11 +342,11 @@ helm install armory-agent armory-charts/agent-k8s-full \ ,kubeconfigs.account1.secret=s3cr3t \ ,config.logging.level=debug,config.kubernetes.retries.maxRetries=5 \ ,config.kubernetes.retries.backOffMs=5000,config.prometheus.enabled=true -{{< /prism >}} +``` The same custom configuration in an `armory-agent.yml` file: -{{< prism lang="yaml" >}} +```yaml logging: level: "debug" kubernetes: @@ -354,18 +355,18 @@ kubernetes: backOffMs: 5000 prometheus: enabled: true -{{< /prism >}} +``` Install the Armory Scale Agent with configuration in a file: -{{< prism lang="bash" >}} +```bash helm install armory-agent armory-charts/agent-k8s-full \ --namespace=dev \ --set hub.auth.armory.clientId=clientID123,hub.auth.armory.secret=s3cret \ ,kubeconfigs.account1.file=config \ ,kubeconfigs.account1.secret=s3cr3t \ --set-file agentyml=/Users/armory/armory-agent.yml -{{< /prism >}} +``` @@ -377,19 +378,19 @@ This example installs the Armory Scale Agent service into the "dev" namespace wi Create the namespace: -{{< prism lang="bash" >}} +```bash kubectl create namespace dev -{{< /prism >}} +``` Create the secret: -{{< prism lang="bash" >}} +```bash kubectl create secret generic kubeconfig --from-file=/User/armory/.kube/config -n dev -{{< /prism >}} +``` Install the Armory Scale Agent: -{{< prism lang="bash" >}} +```bash helm install armory-agent armory-charts/agent-k8s-full \ --namespace=dev \ --set config.clouddriver.grpc=spin-clouddriver-grpc:9091 \ @@ -401,11 +402,11 @@ helm install armory-agent armory-charts/agent-k8s-full \ ,env[0].name=”HTTP_PROXY”,env[0].value="corp.proxy.com:8080" \ ,env[1].name=”HTTPS_PROXY”,env[1].value="corp.proxy.com:443" \ ,env[2].name=”NO_PROXY”,env[2].value="localhost,127.0.0.1,*.spinnaker" -{{< /prism >}} +``` The same custom configuration in a `values.yaml` file: -{{< prism lang="yaml" >}} +```yaml image: repository: private-reg/agent-k8s imagePullPolicy: IfNotPresent @@ -418,26 +419,26 @@ env: value: corp.proxy.com:443 - name: NO_PROXY value: localhost,127.0.0.1,*.spinnaker -{{< /prism >}} +``` Install the Armory Scale Agent with configuration in a file: -{{< prism lang="bash" >}} +```bash helm install armory-agent armory-charts/agent-k8s-full \ --namespace=dev \ --values=/Users/armory/values.yaml --set config.clouddriver.grpc=spin-clouddriver-grpc:9091 \ ,kubeconfigs.account1.file=config \ ,kubeconfigs.account1.secret=s3cr3t -{{< /prism >}} +``` ## Uninstall -{{< prism lang="bash" >}} +```bash helm uninstall --namespace= -{{< /prism >}} +``` - ``: (Reqired) the Armory Scale Agent service release, such as {{}}. - ``: (Required) The namespace where you installed the Armory Scale Agent. diff --git a/content/en/plugins/scale-agent/install/agent-uninstall.md b/content/en/plugins/scale-agent/install/agent-uninstall.md index 6b3079e083..7212781c46 100644 --- a/content/en/plugins/scale-agent/install/agent-uninstall.md +++ b/content/en/plugins/scale-agent/install/agent-uninstall.md @@ -8,18 +8,18 @@ weight: 99 Remove the Scale Agent plugin manifest file entry from your `kustomization` file. -{{< prism lang="yaml" line="4" >}} +```yaml bases: - agent-service patchesStrategicMerge: - armory-agent/clouddriver-plugin-repo.yaml # or clouddriver-plugin-docker.yaml -{{< /prism >}} +``` Then execute: -{{< prism lang="bash" >}} +```bash kustomize build | kubectl delete -f - -{{< /prism >}} +``` ## Uninstall the service diff --git a/content/en/plugins/scale-agent/tasks/configure-mtls.md b/content/en/plugins/scale-agent/tasks/configure-mtls.md index dc1c768174..594f390050 100644 --- a/content/en/plugins/scale-agent/tasks/configure-mtls.md +++ b/content/en/plugins/scale-agent/tasks/configure-mtls.md @@ -43,7 +43,7 @@ In your `agent-plugin/clouddriver-plugin.yaml` file, `spec.kustomize.clouddriver.deployment.patchesStrategicMerge` section, add the following lines to mount the Clouddriver cert from your secret: -{{< prism lang="yaml" line="10-18" >}} +{{< highlight yaml "linenos=table,hl_lines=10-18">}} spec: kustomize: clouddriver: @@ -62,14 +62,14 @@ spec: - name: cert secret: secretName: -{{< /prism >}} +{{< /highlight >}} ### Configure the plugin In the `agent-plugin/config.yaml` file, configure the plugin to use the mounted certs. Note that `trustCertCollection`, `certificateChain`, and `privateKey` values must in `file:///filepath/filename` format. -{{< prism lang="yaml" line="12-18" >}} +{{< highlight yaml "linenos=table,hl_lines=12-18">}} apiVersion: spinnaker.armory.io/{{< param "operator-extended-crd-version" >}} kind: SpinnakerService metadata: @@ -88,7 +88,7 @@ spec: certificateChain: file: privateKey: file: clientAuth: REQUIRE -{{< /prism >}} +{{< /highlight >}} See the {{< linkWithTitle "plugin-options.md" >}} page for additional options. @@ -109,7 +109,7 @@ Modify the Armory Scale Agent's deployment configuration in `deployment.yaml` to >The paths that files are mounted to in the `deployment.yaml` file should always match the corresponding location in the `armory-agent.yaml` configuration file. For example, the `mountPath` of the CA cert in the `deployment.yaml` file must match the `clouddriver.tls.clientCertFile` location in `armory-agent.yaml`. -{{< prism lang="yaml" line="5-19" >}} +{{< highlight yaml "linenos=table,hl_lines=5-19">}} spec: template: spec: @@ -129,7 +129,7 @@ spec: - name: certpem secret: secretName: -{{< /prism >}} +{{< /highlight >}} If you use a custom CA, you can install it on the Armory Scale Agent pod. The default location on that image, which uses the Alpine base, is `/etc/ssl/cert.pem`, so you can either append your CA cert to the trust store, which is `/etc/ssl/cert.pem`, or you can mount the file anywhere and configure the `clouddriver.tls.cacertFile` property in your YAML to point to that location. @@ -140,7 +140,7 @@ See the [Agent Options]({{< ref "plugins/scale-agent/reference/config/service-op Add the certificate information in `armory-agent.yaml`. Note that `clientCertFile` and `clientKeyFile` values must in `file:///filepath/filename` format. -{{< prism lang="yaml" line="7-8">}} +{{< highlight yaml "linenos=table,hl_lines=7-8">}} clouddriver: grpc: <:443 insecure: false @@ -150,7 +150,7 @@ clouddriver: clientCertFile: #client cert for mTLS. clientKeyFile: #clientKeyPassword: -{{< /prism >}} +{{< /highlight >}} See the [Agent Options]({{< ref "plugins/scale-agent/reference/config/service-options#configuration-options" >}}) for configuration details. @@ -164,7 +164,7 @@ You can specify multiple filtering criteria. However, the order in which the cri Add an `grpc.auth.x509` section to your Clouddriver profile: -{{< prism lang="yaml" line="7-12" >}} +{{< highlight yaml "linenos=table,hl_lines=7-12">}} spec: spinnakerConfig: profiles: @@ -177,6 +177,6 @@ spec: enabled: true # must be true for filters to be applied filters: - UID=([a-z]){3}:[1-9]{3}:ksvc -{{< /prism >}} +{{< /highlight >}} See the {{< linkWithTitle "plugin-options.md" >}} page for configuration options. diff --git a/content/en/plugins/scale-agent/tasks/dynamic-accounts/enable.md b/content/en/plugins/scale-agent/tasks/dynamic-accounts/enable.md index a12ff2ac64..e1162479db 100644 --- a/content/en/plugins/scale-agent/tasks/dynamic-accounts/enable.md +++ b/content/en/plugins/scale-agent/tasks/dynamic-accounts/enable.md @@ -21,7 +21,7 @@ description: > If you are using a prior version of the plugin, you should enable Dynamic Accounts by setting `kubesvc.dynamicAccounts.enabled: true` in your plugin configuration. For example: -{{< prism lang="yaml" line="27-28" >}} +{{< highlight bash "linenos=table,hl_lines=27-28">}} spec: spinnakerConfig: profiles: @@ -57,7 +57,7 @@ spec: scanBatchSize: # (Optional) # requires Clouddriver Account Management be enabled in Spinnaker/Armory Continuous Deployment scanFrequencySeconds: # (Optional) # requires Clouddriver Account Management be enabled in Spinnaker/Armory Continuous Deployment namePatterns: ['^account1.*','^.*account2.*'] # (Optional) # requires Clouddriver Account Management be enabled in Spinnaker/Armory Continuous Deployment -{{< /prism >}} +{{< /highlight >}} `dynamicAccounts`: @@ -69,12 +69,12 @@ The remaining optional attributes in the `dynamicAccounts` section are for confi If you want to use the [interceptor]({{< ref "plugins/scale-agent/concepts/dynamic-accounts#intercept-clouddriver-account-management-api-requests" >}}) feature to intercept requests sent to Clouddriver's `/credentials` endpoint, add: -{{< prism lang="yaml" line="3-4" >}} +```yaml dynamicAccounts: enabled: true interceptor: enabled: true -{{< /prism >}} +``` Alternately, you can enable the [autoscan for new Clouddriver accounts]({{< ref "plugins/scale-agent/concepts/dynamic-accounts#migrate-accounts-using-automatic-scanning" >}}) feature by configuring the following: @@ -84,13 +84,13 @@ Alternately, you can enable the [autoscan for new Clouddriver accounts]({{< ref For example: -{{< prism lang="yaml" line="3-5" >}} +{{< highlight bash "linenos=table,hl_lines=3-5">}} dynamicAccounts: enabled: true scanBatchSize: 15 scanFrequencySeconds: 120 namePatterns: ['^account1.*','^.*account2.*'] -{{< /prism >}} +{{< /highlight >}} ### Access the API @@ -100,7 +100,7 @@ dynamicAccounts: The Dynamic Accounts API is enabled by default in the Scale Agent Service: -{{< prism lang="yaml" line=10" line-numbers="true" >}} +{{< highlight bash "linenos=table,hl_lines=10">}} apiVersion: v1 kind: ConfigMap metadata: @@ -111,7 +111,7 @@ data: server: port: 8082 dynamicAccountsEnabled: true # (Optional; default: true) -{{< /prism >}} +{{< /highlight >}} You can disable dynamic accounts features by setting `dynamicAccountsEnabled` to `false`. diff --git a/content/en/plugins/scale-agent/tasks/service-vault.md b/content/en/plugins/scale-agent/tasks/service-vault.md index 4bc251861f..ff8a7204d5 100644 --- a/content/en/plugins/scale-agent/tasks/service-vault.md +++ b/content/en/plugins/scale-agent/tasks/service-vault.md @@ -18,7 +18,7 @@ The Armory Scale Agent is compatible with properties Armory CD uses for [storing This is an example of what the [Kubernetes service account]({{< ref "secrets-vault#1-kubernetes-service-account-recommended" >}}) configuration looks like in Agent, using an `encryptedFile:` reference for `kubeconfigFile`: -{{< prism line="5" lang="yaml" >}} +{{< highlight yaml "linenos=table,hl_lines=5">}} # ./armory-agent.yaml kubernetes: accounts: @@ -32,7 +32,7 @@ secrets: url: https://your.vault.instance role: spinnaker path: kubernetes -{{< /prism >}} +{{< /highlight >}} ## Dynamically load accounts from Vault @@ -53,7 +53,7 @@ vault kv put secret/kubernetes account01=@kubeconfig.yaml Replace the configuration files and `kubeconfig` files with [Vault injector annotations](https://www.vaultproject.io/docs/platform/k8s/injector/annotations) to provide a template. -{{< prism lang="yaml" line="13-23" >}} +{{< highlight yaml "linenos=table,hl_lines=13-23">}} apiVersion: apps/v1 kind: Deployment metadata: @@ -102,7 +102,7 @@ spec: name: volume-armory-agent-kubeconfigs mounthPath: mountPath: /kubeconfigfiles -{{}} +{{}} * Make sure to include the required [Vault injector annotations](https://www.vaultproject.io/docs/platform/k8s/injector/annotations) like [`vault.hashicorp.com/role` or `vault.hashicorp.com/agent-configmap`](https://www.vaultproject.io/docs/platform/k8s/injector/annotations#vault-hashicorp-com-role) that correspond to your environment. * Be aware of the version of Vault's KV engine currently in your environment. This guide assumes you have the secret engine [KV version 2](https://www.vaultproject.io/docs/secrets/kv/kv-v2). For KV version 1, you need to modify the template to use `{{ range $k, $v := .Data }}` instead. See the Templating Language's [Versioned Read](https://github.com/hashicorp/consul-template/blob/master/docs/templating-language.md#versioned-read) section for more information. @@ -112,8 +112,7 @@ spec: After addressing the preceding points, save the template as `armory-agent-vault-patch.yaml` and refer to it in your `kustomization.yaml`: - -{{< prism lang="yaml" line="10-11" >}} +{{< highlight yaml "linenos=table,hl_lines=10-11">}} # ./kustomization.yaml # Pre-existing SpinnakerService resource (may be different) namespace: spinnaker @@ -125,7 +124,7 @@ bases: patchesStrategicMerge: - armory-agent-vault-patch.yaml -{{}} +{{}} ## Troubleshooting diff --git a/go.mod b/go.mod index 9754446899..aeb3ed4a59 100644 --- a/go.mod +++ b/go.mod @@ -3,9 +3,9 @@ module github.com/armory/docs go 1.19 require ( - github.com/FortAwesome/Font-Awesome v0.0.0-20220831210243-d3a7818c253f // indirect - github.com/google/docsy v0.6.0 // indirect - github.com/google/docsy/dependencies v0.6.0 // indirect + github.com/FortAwesome/Font-Awesome v0.0.0-20230327165841-0698449d50f2 // indirect + github.com/google/docsy v0.7.1 // indirect + github.com/google/docsy/dependencies v0.7.1 // indirect github.com/mermaid-js/mermaid v9.3.0+incompatible // indirect - github.com/twbs/bootstrap v4.6.2+incompatible // indirect + github.com/twbs/bootstrap v5.2.3+incompatible // indirect ) diff --git a/go.sum b/go.sum index 7c950dfb1f..5348c7c9fe 100644 --- a/go.sum +++ b/go.sum @@ -1,9 +1,15 @@ github.com/FortAwesome/Font-Awesome v0.0.0-20220831210243-d3a7818c253f h1:bvkUptSRPZBr3Kxuk+bnWCEmQ5MtEJX5fjezyV0bC3g= github.com/FortAwesome/Font-Awesome v0.0.0-20220831210243-d3a7818c253f/go.mod h1:IUgezN/MFpCDIlFezw3L8j83oeiIuYoj28Miwr/KUYo= +github.com/FortAwesome/Font-Awesome v0.0.0-20230327165841-0698449d50f2 h1:Uv1z5EqCfmiK4IHUwT0m3h/u/WCk+kpRfxvAZhpC7Gc= +github.com/FortAwesome/Font-Awesome v0.0.0-20230327165841-0698449d50f2/go.mod h1:IUgezN/MFpCDIlFezw3L8j83oeiIuYoj28Miwr/KUYo= github.com/google/docsy v0.6.0 h1:43bVF18t2JihAamelQjjGzx1vO2ljCilVrBgetCA8oI= github.com/google/docsy v0.6.0/go.mod h1:VKKLqD8PQ7AglJc98yBorATfW7GrNVsn0kGXVYF6G+M= +github.com/google/docsy v0.7.1 h1:DUriA7Nr3lJjNi9Ulev1SfiG1sUYmvyDeU4nTp7uDxY= +github.com/google/docsy v0.7.1/go.mod h1:JCmE+c+izhE0Rvzv3y+AzHhz1KdwlA9Oj5YBMklJcfc= github.com/google/docsy/dependencies v0.6.0 h1:BFXDCINbp8ZuUGl/mrHjMfhCg+b1YX+hVLAA5fGW7Pc= github.com/google/docsy/dependencies v0.6.0/go.mod h1:EDGc2znMbGUw0RW5kWwy2oGgLt0iVXBmoq4UOqstuNE= +github.com/google/docsy/dependencies v0.7.1 h1:NbzYKJYMin2q50xdWSUzR2c9gCp7zR/XHDBcxklEcTQ= +github.com/google/docsy/dependencies v0.7.1/go.mod h1:gihhs5gmgeO+wuoay4FwOzob+jYJVyQbNaQOh788lD4= github.com/mermaid-js/mermaid v9.3.0+incompatible h1:JF+8g1tP03uX/OyHJCaaEjm7gQmT5ipki13wMNGoPMc= github.com/mermaid-js/mermaid v9.3.0+incompatible/go.mod h1:pGJSm9DYANtp59DADJgNzFh1uIpkn5xaH3ZBdv1VNTI= github.com/twbs/bootstrap v4.6.2+incompatible h1:TDa+R51BTiy1wEHSYjmqDb8LxNl/zaEjAOpRE9Hwh/o= diff --git a/layouts/continuous-deployment/baseof.html b/layouts/continuous-deployment/baseof.html index 0b6db0b277..210b6af52a 100644 --- a/layouts/continuous-deployment/baseof.html +++ b/layouts/continuous-deployment/baseof.html @@ -1,9 +1,9 @@ - + {{ partial "head.html" . }} - +
{{ partial "navbar.html" . }}
@@ -16,16 +16,9 @@ -
+
{{ partial "version-banner.html" . }} {{ if not .Site.Params.ui.breadcrumb_disable }}{{ partial "breadcrumb.html" . }}{{ end }} {{ block "main" . }}{{ end }} diff --git a/layouts/continuous-deployment/baseof.print.html b/layouts/continuous-deployment/baseof.print.html index d37e99012b..41e0659b3e 100644 --- a/layouts/continuous-deployment/baseof.print.html +++ b/layouts/continuous-deployment/baseof.print.html @@ -1,20 +1,16 @@ - + {{ partial "head.html" . }} - +
{{ partial "navbar.html" . }}
-
-
-
-
-
+
{{ block "main" . }}{{ end }}
diff --git a/layouts/continuous-deployment/list.html b/layouts/continuous-deployment/list.html index b59b8d0047..376ed81cd4 100644 --- a/layouts/continuous-deployment/list.html +++ b/layouts/continuous-deployment/list.html @@ -3,30 +3,21 @@

{{ .Title }}

{{ with .Params.description }}
{{ . | markdownify }}
{{ end }}
- {{ $context := . }} - {{ if .Site.Params.Taxonomy.taxonomyPageHeader }} - {{ range $index, $taxo := .Site.Params.Taxonomy.taxonomyPageHeader }} - {{ partial "taxonomy_terms_article.html" (dict "context" $context "taxo" $taxo ) }} - {{ end }} - {{ else }} - {{ range $taxo, $taxo_map := .Site.Taxonomies }} - {{ partial "taxonomy_terms_article.html" (dict "context" $context "taxo" $taxo ) }} - {{ end }} - {{ end }} - {{ if (and (not .Params.hide_readingtime) (.Site.Params.ui.readingtime.enable)) }} - {{ partial "reading-time.html" . }} - {{ end }} + {{ partial "taxonomy_terms_article_wrapper.html" . -}} + {{ if (and (not .Params.hide_readingtime) (.Site.Params.ui.readingtime.enable)) -}} + {{ partial "reading-time.html" . -}} + {{ end -}}
{{ .Content }} - {{ partial "section-index.html" . }} - {{ if (and (not .Params.hide_feedback) (.Site.Params.ui.feedback.enable) (.Site.GoogleAnalytics)) }} - {{ partial "feedback.html" .Site.Params.ui.feedback }} + {{ partial "section-index.html" . -}} + {{ if (and (not .Params.hide_feedback) (.Site.Params.ui.feedback.enable) (.Site.GoogleAnalytics)) -}} + {{ partial "feedback.html" .Site.Params.ui.feedback -}}
- {{ end }} - {{ if (.Site.DisqusShortname) }} + {{ end -}} + {{ if (.Site.DisqusShortname) -}}
- {{ partial "disqus-comment.html" . }} - {{ end }} - {{ partial "page-meta-lastmod.html" . }} + {{- partial "disqus-comment.html" . -}} + {{ end -}} + {{ partial "page-meta-lastmod.html" . -}}
-{{ end }} +{{ end -}} diff --git a/layouts/contribute/baseof.html b/layouts/contribute/baseof.html index 0bd12c175c..210b6af52a 100644 --- a/layouts/contribute/baseof.html +++ b/layouts/contribute/baseof.html @@ -1,9 +1,9 @@ - + {{ partial "head.html" . }} - +
{{ partial "navbar.html" . }}
@@ -16,16 +16,10 @@ -
+
+ {{ partial "version-banner.html" . }} {{ if not .Site.Params.ui.breadcrumb_disable }}{{ partial "breadcrumb.html" . }}{{ end }} {{ block "main" . }}{{ end }}
diff --git a/layouts/contribute/baseof.print.html b/layouts/contribute/baseof.print.html index d37e99012b..41e0659b3e 100644 --- a/layouts/contribute/baseof.print.html +++ b/layouts/contribute/baseof.print.html @@ -1,20 +1,16 @@ - + {{ partial "head.html" . }} - +
{{ partial "navbar.html" . }}
-
-
-
-
-
+
{{ block "main" . }}{{ end }}
diff --git a/layouts/contribute/glossary.html b/layouts/contribute/glossary.html deleted file mode 100644 index bd710b0c90..0000000000 --- a/layouts/contribute/glossary.html +++ /dev/null @@ -1,55 +0,0 @@ -{{ define "main" }} -

{{ .Title }}

- - -

{{ T "layouts_docs_glossary_description" }}

-
-

{{ T "layouts_docs_glossary_filter" }}

- - {{ range (index site.Data "canonical-tags") }} -
- {{ .description }} -
- {{ end }} - {{ $sorted_tags := sort (index site.Data "canonical-tags") "name" }} - {{ range $sorted_tags }} - {{ $full_tag_name := printf "tag-%s" .id }} - - {{ .name }} - - {{ end }} - {{ T "layouts_docs_glossary_select_all" }} - {{ T "layouts_docs_glossary_deselect_all" }} -
-

{{ T "layouts_docs_glossary_click_details_before" }} [+] {{ T "layouts_docs_glossary_click_details_after" }}

-{{ partial "cdaas/glossary-terms.html" . }} -{{ $glossary_items := $.Scratch.Get "glossary_items" }} -{{ with $glossary_items }} -{{ $glossary_terms := sort . "Title" "asc" }} -
    - {{ range $glossary_terms }} - {{ $.Scratch.Set "tag_classes" "" }} - {{ range .Params.tags }} - {{ $.Scratch.Add "tag_classes" (printf "tag-%s " .) }} - {{ end }} - {{ $term_identifier := (printf "term-%s" .Params.id) }} - -
  • -
    -
    -
    {{ .Title }}
    - {{ with .Params.aka }} - {{ T "layouts_docs_glossary_aka" }}:{{ delimit . ", " }} -
    - {{ end }} - {{ .Summary }} [+] -
    - {{ .Content | strings.TrimPrefix .Summary | safeHTML }} -
    -
    -
    • - {{ end }} -
-{{ end }} -{{ end }} - diff --git a/layouts/contribute/list.html b/layouts/contribute/list.html index b59b8d0047..376ed81cd4 100644 --- a/layouts/contribute/list.html +++ b/layouts/contribute/list.html @@ -3,30 +3,21 @@

{{ .Title }}

{{ with .Params.description }}
{{ . | markdownify }}
{{ end }}
- {{ $context := . }} - {{ if .Site.Params.Taxonomy.taxonomyPageHeader }} - {{ range $index, $taxo := .Site.Params.Taxonomy.taxonomyPageHeader }} - {{ partial "taxonomy_terms_article.html" (dict "context" $context "taxo" $taxo ) }} - {{ end }} - {{ else }} - {{ range $taxo, $taxo_map := .Site.Taxonomies }} - {{ partial "taxonomy_terms_article.html" (dict "context" $context "taxo" $taxo ) }} - {{ end }} - {{ end }} - {{ if (and (not .Params.hide_readingtime) (.Site.Params.ui.readingtime.enable)) }} - {{ partial "reading-time.html" . }} - {{ end }} + {{ partial "taxonomy_terms_article_wrapper.html" . -}} + {{ if (and (not .Params.hide_readingtime) (.Site.Params.ui.readingtime.enable)) -}} + {{ partial "reading-time.html" . -}} + {{ end -}}
{{ .Content }} - {{ partial "section-index.html" . }} - {{ if (and (not .Params.hide_feedback) (.Site.Params.ui.feedback.enable) (.Site.GoogleAnalytics)) }} - {{ partial "feedback.html" .Site.Params.ui.feedback }} + {{ partial "section-index.html" . -}} + {{ if (and (not .Params.hide_feedback) (.Site.Params.ui.feedback.enable) (.Site.GoogleAnalytics)) -}} + {{ partial "feedback.html" .Site.Params.ui.feedback -}}
- {{ end }} - {{ if (.Site.DisqusShortname) }} + {{ end -}} + {{ if (.Site.DisqusShortname) -}}
- {{ partial "disqus-comment.html" . }} - {{ end }} - {{ partial "page-meta-lastmod.html" . }} + {{- partial "disqus-comment.html" . -}} + {{ end -}} + {{ partial "page-meta-lastmod.html" . -}}
-{{ end }} +{{ end -}} diff --git a/layouts/plugins/baseof.html b/layouts/plugins/baseof.html index a21f8defe6..210b6af52a 100644 --- a/layouts/plugins/baseof.html +++ b/layouts/plugins/baseof.html @@ -1,9 +1,9 @@ - + {{ partial "head.html" . }} - +
{{ partial "navbar.html" . }}
@@ -16,16 +16,9 @@ -
+
{{ partial "version-banner.html" . }} {{ if not .Site.Params.ui.breadcrumb_disable }}{{ partial "breadcrumb.html" . }}{{ end }} {{ block "main" . }}{{ end }} diff --git a/layouts/plugins/baseof.print.html b/layouts/plugins/baseof.print.html index d37e99012b..41e0659b3e 100644 --- a/layouts/plugins/baseof.print.html +++ b/layouts/plugins/baseof.print.html @@ -1,20 +1,16 @@ - + {{ partial "head.html" . }} - +
{{ partial "navbar.html" . }}
-
-
-
-
-
+
{{ block "main" . }}{{ end }}
diff --git a/layouts/plugins/glossary.html b/layouts/plugins/glossary.html deleted file mode 100644 index bd710b0c90..0000000000 --- a/layouts/plugins/glossary.html +++ /dev/null @@ -1,55 +0,0 @@ -{{ define "main" }} -

{{ .Title }}

- - -

{{ T "layouts_docs_glossary_description" }}

-
-

{{ T "layouts_docs_glossary_filter" }}

- - {{ range (index site.Data "canonical-tags") }} -
- {{ .description }} -
- {{ end }} - {{ $sorted_tags := sort (index site.Data "canonical-tags") "name" }} - {{ range $sorted_tags }} - {{ $full_tag_name := printf "tag-%s" .id }} - - {{ .name }} - - {{ end }} - {{ T "layouts_docs_glossary_select_all" }} - {{ T "layouts_docs_glossary_deselect_all" }} -
-

{{ T "layouts_docs_glossary_click_details_before" }} [+] {{ T "layouts_docs_glossary_click_details_after" }}

-{{ partial "cdaas/glossary-terms.html" . }} -{{ $glossary_items := $.Scratch.Get "glossary_items" }} -{{ with $glossary_items }} -{{ $glossary_terms := sort . "Title" "asc" }} -
    - {{ range $glossary_terms }} - {{ $.Scratch.Set "tag_classes" "" }} - {{ range .Params.tags }} - {{ $.Scratch.Add "tag_classes" (printf "tag-%s " .) }} - {{ end }} - {{ $term_identifier := (printf "term-%s" .Params.id) }} - -
  • -
    -
    -
    {{ .Title }}
    - {{ with .Params.aka }} - {{ T "layouts_docs_glossary_aka" }}:{{ delimit . ", " }} -
    - {{ end }} - {{ .Summary }} [+] -
    - {{ .Content | strings.TrimPrefix .Summary | safeHTML }} -
    -
    -
    • - {{ end }} -
-{{ end }} -{{ end }} - diff --git a/layouts/plugins/list.html b/layouts/plugins/list.html index b59b8d0047..376ed81cd4 100644 --- a/layouts/plugins/list.html +++ b/layouts/plugins/list.html @@ -3,30 +3,21 @@

{{ .Title }}

{{ with .Params.description }}
{{ . | markdownify }}
{{ end }}
- {{ $context := . }} - {{ if .Site.Params.Taxonomy.taxonomyPageHeader }} - {{ range $index, $taxo := .Site.Params.Taxonomy.taxonomyPageHeader }} - {{ partial "taxonomy_terms_article.html" (dict "context" $context "taxo" $taxo ) }} - {{ end }} - {{ else }} - {{ range $taxo, $taxo_map := .Site.Taxonomies }} - {{ partial "taxonomy_terms_article.html" (dict "context" $context "taxo" $taxo ) }} - {{ end }} - {{ end }} - {{ if (and (not .Params.hide_readingtime) (.Site.Params.ui.readingtime.enable)) }} - {{ partial "reading-time.html" . }} - {{ end }} + {{ partial "taxonomy_terms_article_wrapper.html" . -}} + {{ if (and (not .Params.hide_readingtime) (.Site.Params.ui.readingtime.enable)) -}} + {{ partial "reading-time.html" . -}} + {{ end -}}
{{ .Content }} - {{ partial "section-index.html" . }} - {{ if (and (not .Params.hide_feedback) (.Site.Params.ui.feedback.enable) (.Site.GoogleAnalytics)) }} - {{ partial "feedback.html" .Site.Params.ui.feedback }} + {{ partial "section-index.html" . -}} + {{ if (and (not .Params.hide_feedback) (.Site.Params.ui.feedback.enable) (.Site.GoogleAnalytics)) -}} + {{ partial "feedback.html" .Site.Params.ui.feedback -}}
- {{ end }} - {{ if (.Site.DisqusShortname) }} + {{ end -}} + {{ if (.Site.DisqusShortname) -}}
- {{ partial "disqus-comment.html" . }} - {{ end }} - {{ partial "page-meta-lastmod.html" . }} + {{- partial "disqus-comment.html" . -}} + {{ end -}} + {{ partial "page-meta-lastmod.html" . -}}
-{{ end }} +{{ end -}} diff --git a/layouts/shortcodes/codenew.html b/layouts/shortcodes/codenew.html deleted file mode 100644 index 021600cf2c..0000000000 --- a/layouts/shortcodes/codenew.html +++ /dev/null @@ -1,33 +0,0 @@ -{{ $p := .Page }} -{{ $file := .Get "file" }} -{{ $codelang := .Get "language" | default (path.Ext $file | strings.TrimPrefix ".") }} -{{ $fileDir := path.Split $file }} -{{ $bundlePath := path.Join .Page.File.Dir $fileDir.Dir }} -{{ $filename := printf "/content/%s/examples/%s" .Page.Lang $file | safeURL }} -{{ $ghlink := printf "https://%s/%s%s" site.Params.githubwebsiteraw (default "master" site.Params.docsbranch) $filename | safeURL }} -{{/* First assume this is a bundle and the file is inside it. */}} -{{ $resource := $p.Resources.GetMatch (printf "%s*" $file ) }} -{{ with $resource }} -{{ $.Scratch.Set "content" .Content }} -{{ else }} -{{/* Read the file relative to the content root. */}} -{{ $resource := readFile $filename}} -{{ with $resource }}{{ $.Scratch.Set "content" . }}{{ end }} -{{ end }} -{{ if not ($.Scratch.Get "content") }} -{{ errorf "[%s] %q not found in %q" site.Language.Lang $fileDir.File $bundlePath }} -{{ end }} -{{ with $.Scratch.Get "content" }} -
-
- {{ with $ghlink }}{{ end }}{{ $file }} - {{ if $ghlink }}{{ end }} - - -
-
- {{ highlight . $codelang "" }} -
-
-{{ end }} -{{/* from kubernetes/website */}} \ No newline at end of file diff --git a/layouts/shortcodes/prism.html b/layouts/shortcodes/prism.html deleted file mode 100644 index 158f86544c..0000000000 --- a/layouts/shortcodes/prism.html +++ /dev/null @@ -1,25 +0,0 @@ -{{ $inner := replaceRE "^\n" "" .Inner }} -{{ if len .Params | eq 0 }} - 
{{ $inner }}
-{{ else }} - {{ if .IsNamedParams }} - 
{{ $inner }}
- {{ else }} - 
-      {{ $inner }}
- {{ end }} -{{ end }} \ No newline at end of file diff --git a/static/css/prism.css b/static/css/prism.css deleted file mode 100644 index b083fd5363..0000000000 --- a/static/css/prism.css +++ /dev/null @@ -1,320 +0,0 @@ -/* PrismJS 1.23.0 -https://prismjs.com/download.html#themes=prism&languages=markup+css+clike+javascript+bash+c+csharp+cpp+go+java+json+json5+jsonp+markdown+python+rego+scss+sql+toml+yaml&plugins=line-highlight+line-numbers+toolbar+copy-to-clipboard */ -/** - * prism.js default theme for JavaScript, CSS and HTML - * Based on dabblet (http://dabblet.com) - * @author Lea Verou - */ - -code[class*="language-"], -pre[class*="language-"] { - color: black; - background: none; - text-shadow: 0 1px white; - font-family: Rubik; - font-size: 1em; - text-align: left; - white-space: pre; - word-spacing: normal; - word-break: normal; - word-wrap: normal; - line-height: 1.5; - - -moz-tab-size: 4; - -o-tab-size: 4; - tab-size: 4; - - -webkit-hyphens: none; - -moz-hyphens: none; - -ms-hyphens: none; - hyphens: none; -} - -pre[class*="language-"]::-moz-selection, pre[class*="language-"] ::-moz-selection, -code[class*="language-"]::-moz-selection, code[class*="language-"] ::-moz-selection { - text-shadow: none; - background: #b3d4fc; -} - -pre[class*="language-"]::selection, pre[class*="language-"] ::selection, -code[class*="language-"]::selection, code[class*="language-"] ::selection { - text-shadow: none; - background: #b3d4fc; -} - -@media print { - code[class*="language-"], - pre[class*="language-"] { - text-shadow: none; - } -} - -/* Code blocks */ -pre[class*="language-"] { - padding: 1em; - margin: .5em 0; - overflow: auto; -} - -:not(pre) > code[class*="language-"], -pre[class*="language-"] { - background: #f5f2f0; -} - -/* Inline code */ -:not(pre) > code[class*="language-"] { - padding: .1em; - border-radius: .3em; - white-space: normal; -} - -.token.comment, -.token.prolog, -.token.doctype, -.token.cdata { - color: slategray; -} - -.token.punctuation { - color: #999; -} - -.token.namespace { - opacity: .7; -} - -.token.property, -.token.tag, -.token.boolean, -.token.number, -.token.constant, -.token.symbol, -.token.deleted { - color: #905; -} - -.token.selector, -.token.attr-name, -.token.string, -.token.char, -.token.builtin, -.token.inserted { - color: #690; -} - -.token.operator, -.token.entity, -.token.url, -.language-css .token.string, -.style .token.string { - color: #9a6e3a; - /* This background color was intended by the author of this theme. */ - background: hsla(0, 0%, 100%, .5); -} - -.token.atrule, -.token.attr-value, -.token.keyword { - color: #07a; -} - -.token.function, -.token.class-name { - color: #DD4A68; -} - -.token.regex, -.token.important, -.token.variable { - color: #e90; -} - -.token.important, -.token.bold { - font-weight: bold; -} -.token.italic { - font-style: italic; -} - -.token.entity { - cursor: help; -} - -pre[data-line] { - position: relative; - padding: 1em 0 1em 3em; -} - -.line-highlight { - position: absolute; - left: 0; - right: 0; - padding: inherit 0; - margin-top: 1em; /* Same as .prism’s padding-top */ - - background: hsla(24, 20%, 50%,.08); - background: linear-gradient(to right, hsla(24, 20%, 50%,.1) 70%, hsla(24, 20%, 50%,0)); - - pointer-events: none; - - line-height: inherit; - white-space: pre; -} - -@media print { - .line-highlight { - /* - * This will prevent browsers from replacing the background color with white. - * It's necessary because the element is layered on top of the displayed code. - */ - -webkit-print-color-adjust: exact; - color-adjust: exact; - } -} - - .line-highlight:before, - .line-highlight[data-end]:after { - content: attr(data-start); - position: absolute; - top: .4em; - left: .6em; - min-width: 1em; - padding: 0 .5em; - background-color: hsla(24, 20%, 50%,.4); - color: hsl(24, 20%, 95%); - font: bold 65%/1.5 sans-serif; - text-align: center; - vertical-align: .3em; - border-radius: 999px; - text-shadow: none; - box-shadow: 0 1px white; - } - - .line-highlight[data-end]:after { - content: attr(data-end); - top: auto; - bottom: .4em; - } - -.line-numbers .line-highlight:before, -.line-numbers .line-highlight:after { - content: none; -} - -pre[id].linkable-line-numbers span.line-numbers-rows { - pointer-events: all; -} -pre[id].linkable-line-numbers span.line-numbers-rows > span:before { - cursor: pointer; -} -pre[id].linkable-line-numbers span.line-numbers-rows > span:hover:before { - background-color: rgba(128, 128, 128, .2); -} - -pre[class*="language-"].line-numbers { - position: relative; - padding-left: 3.8em; - counter-reset: linenumber; -} - -pre[class*="language-"].line-numbers > code { - position: relative; - white-space: inherit; -} - -.line-numbers .line-numbers-rows { - position: absolute; - pointer-events: none; - top: 0; - font-size: 100%; - left: -3.8em; - width: 3em; /* works for line-numbers below 1000 lines */ - letter-spacing: -1px; - border-right: 1px solid #999; - - -webkit-user-select: none; - -moz-user-select: none; - -ms-user-select: none; - user-select: none; - -} - - .line-numbers-rows > span { - display: block; - counter-increment: linenumber; - } - - .line-numbers-rows > span:before { - content: counter(linenumber); - color: #999; - display: block; - padding-right: 0.8em; - text-align: right; - } - -div.code-toolbar { - position: relative; -} - -div.code-toolbar > .toolbar { - position: absolute; - top: .3em; - right: .2em; - transition: opacity 0.3s ease-in-out; - opacity: 0; -} - -div.code-toolbar:hover > .toolbar { - opacity: 1; -} - -/* Separate line b/c rules are thrown out if selector is invalid. - IE11 and old Edge versions don't support :focus-within. */ -div.code-toolbar:focus-within > .toolbar { - opacity: 1; -} - -div.code-toolbar > .toolbar .toolbar-item { - display: inline-block; -} - -div.code-toolbar > .toolbar a { - cursor: pointer; -} - -div.code-toolbar > .toolbar button { - background: none; - border: 0; - color: inherit; - font: inherit; - line-height: normal; - overflow: visible; - padding: 0; - -webkit-user-select: none; /* for button */ - -moz-user-select: none; - -ms-user-select: none; -} - -div.code-toolbar > .toolbar a, -div.code-toolbar > .toolbar button, -div.code-toolbar > .toolbar span { - color: #bbb; - font-size: .8em; - padding: 0 .5em; - background: #f5f2f0; - background: rgba(224, 224, 224, 0.2); - box-shadow: 0 2px 0 0 rgba(0,0,0,0.2); - border-radius: .5em; -} - -div.code-toolbar > .toolbar a:hover, -div.code-toolbar > .toolbar a:focus, -div.code-toolbar > .toolbar button:hover, -div.code-toolbar > .toolbar button:focus, -div.code-toolbar > .toolbar span:hover, -div.code-toolbar > .toolbar span:focus { - color: inherit; - text-decoration: none; -} - diff --git a/static/js/prism.js b/static/js/prism.js deleted file mode 100644 index 53d6446e88..0000000000 --- a/static/js/prism.js +++ /dev/null @@ -1,27 +0,0 @@ -/* PrismJS 1.23.0 -https://prismjs.com/download.html#themes=prism&languages=markup+css+clike+javascript+bash+c+csharp+cpp+go+java+json+json5+jsonp+markdown+python+rego+scss+sql+toml+yaml&plugins=line-highlight+line-numbers+toolbar+copy-to-clipboard */ -var _self="undefined"!=typeof window?window:"undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?self:{},Prism=function(u){var c=/\blang(?:uage)?-([\w-]+)\b/i,n=0,e={},M={manual:u.Prism&&u.Prism.manual,disableWorkerMessageHandler:u.Prism&&u.Prism.disableWorkerMessageHandler,util:{encode:function e(n){return n instanceof W?new W(n.type,e(n.content),n.alias):Array.isArray(n)?n.map(e):n.replace(/&/g,"&").replace(/=l.reach);y+=m.value.length,m=m.next){var b=m.value;if(t.length>n.length)return;if(!(b instanceof W)){var k,x=1;if(h){if(!(k=z(v,y,n,f)))break;var w=k.index,A=k.index+k[0].length,P=y;for(P+=m.value.length;P<=w;)m=m.next,P+=m.value.length;if(P-=m.value.length,y=P,m.value instanceof W)continue;for(var E=m;E!==t.tail&&(Pl.reach&&(l.reach=N);var j=m.prev;O&&(j=I(t,j,O),y+=O.length),q(t,j,x);var C=new W(o,g?M.tokenize(S,g):S,d,S);if(m=I(t,j,C),L&&I(t,m,L),1l.reach&&(l.reach=_.reach)}}}}}}(e,a,n,a.head,0),function(e){var n=[],t=e.head.next;for(;t!==e.tail;)n.push(t.value),t=t.next;return n}(a)},hooks:{all:{},add:function(e,n){var t=M.hooks.all;t[e]=t[e]||[],t[e].push(n)},run:function(e,n){var t=M.hooks.all[e];if(t&&t.length)for(var r,a=0;r=t[a++];)r(n)}},Token:W};function W(e,n,t,r){this.type=e,this.content=n,this.alias=t,this.length=0|(r||"").length}function z(e,n,t,r){e.lastIndex=n;var a=e.exec(t);if(a&&r&&a[1]){var i=a[1].length;a.index+=i,a[0]=a[0].slice(i)}return a}function i(){var e={value:null,prev:null,next:null},n={value:null,prev:e,next:null};e.next=n,this.head=e,this.tail=n,this.length=0}function I(e,n,t){var r=n.next,a={value:t,prev:n,next:r};return n.next=a,r.prev=a,e.length++,a}function q(e,n,t){for(var r=n.next,a=0;a"+a.content+""},!u.document)return u.addEventListener&&(M.disableWorkerMessageHandler||u.addEventListener("message",function(e){var n=JSON.parse(e.data),t=n.language,r=n.code,a=n.immediateClose;u.postMessage(M.highlight(r,M.languages[t],t)),a&&u.close()},!1)),M;var t=M.util.currentScript();function r(){M.manual||M.highlightAll()}if(t&&(M.filename=t.src,t.hasAttribute("data-manual")&&(M.manual=!0)),!M.manual){var a=document.readyState;"loading"===a||"interactive"===a&&t&&t.defer?document.addEventListener("DOMContentLoaded",r):window.requestAnimationFrame?window.requestAnimationFrame(r):window.setTimeout(r,16)}return M}(_self);"undefined"!=typeof module&&module.exports&&(module.exports=Prism),"undefined"!=typeof global&&(global.Prism=Prism); -Prism.languages.markup={comment://,prolog:/<\?[\s\S]+?\?>/,doctype:{pattern:/"'[\]]|"[^"]*"|'[^']*')+(?:\[(?:[^<"'\]]|"[^"]*"|'[^']*'|<(?!!--)|)*\]\s*)?>/i,greedy:!0,inside:{"internal-subset":{pattern:/(\[)[\s\S]+(?=\]>$)/,lookbehind:!0,greedy:!0,inside:null},string:{pattern:/"[^"]*"|'[^']*'/,greedy:!0},punctuation:/^$|[[\]]/,"doctype-tag":/^DOCTYPE/,name:/[^\s<>'"]+/}},cdata://i,tag:{pattern:/<\/?(?!\d)[^\s>\/=$<%]+(?:\s(?:\s*[^\s>\/=]+(?:\s*=\s*(?:"[^"]*"|'[^']*'|[^\s'">=]+(?=[\s>]))|(?=[\s/>])))+)?\s*\/?>/,greedy:!0,inside:{tag:{pattern:/^<\/?[^\s>\/]+/,inside:{punctuation:/^<\/?/,namespace:/^[^\s>\/:]+:/}},"special-attr":[],"attr-value":{pattern:/=\s*(?:"[^"]*"|'[^']*'|[^\s'">=]+)/,inside:{punctuation:[{pattern:/^=/,alias:"attr-equals"},/"|'/]}},punctuation:/\/?>/,"attr-name":{pattern:/[^\s>\/]+/,inside:{namespace:/^[^\s>\/:]+:/}}}},entity:[{pattern:/&[\da-z]{1,8};/i,alias:"named-entity"},/&#x?[\da-f]{1,8};/i]},Prism.languages.markup.tag.inside["attr-value"].inside.entity=Prism.languages.markup.entity,Prism.languages.markup.doctype.inside["internal-subset"].inside=Prism.languages.markup,Prism.hooks.add("wrap",function(a){"entity"===a.type&&(a.attributes.title=a.content.replace(/&/,"&"))}),Object.defineProperty(Prism.languages.markup.tag,"addInlined",{value:function(a,e){var s={};s["language-"+e]={pattern:/(^$)/i,lookbehind:!0,inside:Prism.languages[e]},s.cdata=/^$/i;var t={"included-cdata":{pattern://i,inside:s}};t["language-"+e]={pattern:/[\s\S]+/,inside:Prism.languages[e]};var n={};n[a]={pattern:RegExp("(<__[^>]*>)(?:))*\\]\\]>|(?!)".replace(/__/g,function(){return a}),"i"),lookbehind:!0,greedy:!0,inside:t},Prism.languages.insertBefore("markup","cdata",n)}}),Object.defineProperty(Prism.languages.markup.tag,"addAttribute",{value:function(a,e){Prism.languages.markup.tag.inside["special-attr"].push({pattern:RegExp("(^|[\"'\\s])(?:"+a+")\\s*=\\s*(?:\"[^\"]*\"|'[^']*'|[^\\s'\">=]+(?=[\\s>]))","i"),lookbehind:!0,inside:{"attr-name":/^[^\s=]+/,"attr-value":{pattern:/=[\s\S]+/,inside:{value:{pattern:/(=\s*(["']|(?!["'])))\S[\s\S]*(?=\2$)/,lookbehind:!0,alias:[e,"language-"+e],inside:Prism.languages[e]},punctuation:[{pattern:/^=/,alias:"attr-equals"},/"|'/]}}}})}}),Prism.languages.html=Prism.languages.markup,Prism.languages.mathml=Prism.languages.markup,Prism.languages.svg=Prism.languages.markup,Prism.languages.xml=Prism.languages.extend("markup",{}),Prism.languages.ssml=Prism.languages.xml,Prism.languages.atom=Prism.languages.xml,Prism.languages.rss=Prism.languages.xml; -!function(s){var e=/("|')(?:\\(?:\r\n|[\s\S])|(?!\1)[^\\\r\n])*\1/;s.languages.css={comment:/\/\*[\s\S]*?\*\//,atrule:{pattern:/@[\w-](?:[^;{\s]|\s+(?![\s{]))*(?:;|(?=\s*\{))/,inside:{rule:/^@[\w-]+/,"selector-function-argument":{pattern:/(\bselector\s*\(\s*(?![\s)]))(?:[^()\s]|\s+(?![\s)])|\((?:[^()]|\([^()]*\))*\))+(?=\s*\))/,lookbehind:!0,alias:"selector"},keyword:{pattern:/(^|[^\w-])(?:and|not|only|or)(?![\w-])/,lookbehind:!0}}},url:{pattern:RegExp("\\burl\\((?:"+e.source+"|(?:[^\\\\\r\n()\"']|\\\\[^])*)\\)","i"),greedy:!0,inside:{function:/^url/i,punctuation:/^\(|\)$/,string:{pattern:RegExp("^"+e.source+"$"),alias:"url"}}},selector:RegExp("[^{}\\s](?:[^{};\"'\\s]|\\s+(?![\\s{])|"+e.source+")*(?=\\s*\\{)"),string:{pattern:e,greedy:!0},property:/(?!\s)[-_a-z\xA0-\uFFFF](?:(?!\s)[-\w\xA0-\uFFFF])*(?=\s*:)/i,important:/!important\b/i,function:/[-a-z0-9]+(?=\()/i,punctuation:/[(){};:,]/},s.languages.css.atrule.inside.rest=s.languages.css;var t=s.languages.markup;t&&(t.tag.addInlined("style","css"),t.tag.addAttribute("style","css"))}(Prism); -Prism.languages.clike={comment:[{pattern:/(^|[^\\])\/\*[\s\S]*?(?:\*\/|$)/,lookbehind:!0,greedy:!0},{pattern:/(^|[^\\:])\/\/.*/,lookbehind:!0,greedy:!0}],string:{pattern:/(["'])(?:\\(?:\r\n|[\s\S])|(?!\1)[^\\\r\n])*\1/,greedy:!0},"class-name":{pattern:/(\b(?:class|interface|extends|implements|trait|instanceof|new)\s+|\bcatch\s+\()[\w.\\]+/i,lookbehind:!0,inside:{punctuation:/[.\\]/}},keyword:/\b(?:if|else|while|do|for|return|in|instanceof|function|new|try|throw|catch|finally|null|break|continue)\b/,boolean:/\b(?:true|false)\b/,function:/\w+(?=\()/,number:/\b0x[\da-f]+\b|(?:\b\d+(?:\.\d*)?|\B\.\d+)(?:e[+-]?\d+)?/i,operator:/[<>]=?|[!=]=?=?|--?|\+\+?|&&?|\|\|?|[?*/~^%]/,punctuation:/[{}[\];(),.:]/}; -Prism.languages.javascript=Prism.languages.extend("clike",{"class-name":[Prism.languages.clike["class-name"],{pattern:/(^|[^$\w\xA0-\uFFFF])(?!\s)[_$A-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\.(?:prototype|constructor))/,lookbehind:!0}],keyword:[{pattern:/((?:^|})\s*)catch\b/,lookbehind:!0},{pattern:/(^|[^.]|\.\.\.\s*)\b(?:as|async(?=\s*(?:function\b|\(|[$\w\xA0-\uFFFF]|$))|await|break|case|class|const|continue|debugger|default|delete|do|else|enum|export|extends|finally(?=\s*(?:\{|$))|for|from(?=\s*(?:['"]|$))|function|(?:get|set)(?=\s*(?:[#\[$\w\xA0-\uFFFF]|$))|if|implements|import|in|instanceof|interface|let|new|null|of|package|private|protected|public|return|static|super|switch|this|throw|try|typeof|undefined|var|void|while|with|yield)\b/,lookbehind:!0}],function:/#?(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*(?:\.\s*(?:apply|bind|call)\s*)?\()/,number:/\b(?:(?:0[xX](?:[\dA-Fa-f](?:_[\dA-Fa-f])?)+|0[bB](?:[01](?:_[01])?)+|0[oO](?:[0-7](?:_[0-7])?)+)n?|(?:\d(?:_\d)?)+n|NaN|Infinity)\b|(?:\b(?:\d(?:_\d)?)+\.?(?:\d(?:_\d)?)*|\B\.(?:\d(?:_\d)?)+)(?:[Ee][+-]?(?:\d(?:_\d)?)+)?/,operator:/--|\+\+|\*\*=?|=>|&&=?|\|\|=?|[!=]==|<<=?|>>>?=?|[-+*/%&|^!=<>]=?|\.{3}|\?\?=?|\?\.?|[~:]/}),Prism.languages.javascript["class-name"][0].pattern=/(\b(?:class|interface|extends|implements|instanceof|new)\s+)[\w.\\]+/,Prism.languages.insertBefore("javascript","keyword",{regex:{pattern:/((?:^|[^$\w\xA0-\uFFFF."'\])\s]|\b(?:return|yield))\s*)\/(?:\[(?:[^\]\\\r\n]|\\.)*]|\\.|[^/\\\[\r\n])+\/[dgimyus]{0,7}(?=(?:\s|\/\*(?:[^*]|\*(?!\/))*\*\/)*(?:$|[\r\n,.;:})\]]|\/\/))/,lookbehind:!0,greedy:!0,inside:{"regex-source":{pattern:/^(\/)[\s\S]+(?=\/[a-z]*$)/,lookbehind:!0,alias:"language-regex",inside:Prism.languages.regex},"regex-flags":/[a-z]+$/,"regex-delimiter":/^\/|\/$/}},"function-variable":{pattern:/#?(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*[=:]\s*(?:async\s*)?(?:\bfunction\b|(?:\((?:[^()]|\([^()]*\))*\)|(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*)\s*=>))/,alias:"function"},parameter:[{pattern:/(function(?:\s+(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*)?\s*\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\))/,lookbehind:!0,inside:Prism.languages.javascript},{pattern:/(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*=>)/i,inside:Prism.languages.javascript},{pattern:/(\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\)\s*=>)/,lookbehind:!0,inside:Prism.languages.javascript},{pattern:/((?:\b|\s|^)(?!(?:as|async|await|break|case|catch|class|const|continue|debugger|default|delete|do|else|enum|export|extends|finally|for|from|function|get|if|implements|import|in|instanceof|interface|let|new|null|of|package|private|protected|public|return|set|static|super|switch|this|throw|try|typeof|undefined|var|void|while|with|yield)(?![$\w\xA0-\uFFFF]))(?:(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*\s*)\(\s*|\]\s*\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\)\s*\{)/,lookbehind:!0,inside:Prism.languages.javascript}],constant:/\b[A-Z](?:[A-Z_]|\dx?)*\b/}),Prism.languages.insertBefore("javascript","string",{hashbang:{pattern:/^#!.*/,greedy:!0,alias:"comment"},"template-string":{pattern:/`(?:\\[\s\S]|\${(?:[^{}]|{(?:[^{}]|{[^}]*})*})+}|(?!\${)[^\\`])*`/,greedy:!0,inside:{"template-punctuation":{pattern:/^`|`$/,alias:"string"},interpolation:{pattern:/((?:^|[^\\])(?:\\{2})*)\${(?:[^{}]|{(?:[^{}]|{[^}]*})*})+}/,lookbehind:!0,inside:{"interpolation-punctuation":{pattern:/^\${|}$/,alias:"punctuation"},rest:Prism.languages.javascript}},string:/[\s\S]+/}}}),Prism.languages.markup&&(Prism.languages.markup.tag.addInlined("script","javascript"),Prism.languages.markup.tag.addAttribute("on(?:abort|blur|change|click|composition(?:end|start|update)|dblclick|error|focus(?:in|out)?|key(?:down|up)|load|mouse(?:down|enter|leave|move|out|over|up)|reset|resize|scroll|select|slotchange|submit|unload|wheel)","javascript")),Prism.languages.js=Prism.languages.javascript; -!function(e){var t="\\b(?:BASH|BASHOPTS|BASH_ALIASES|BASH_ARGC|BASH_ARGV|BASH_CMDS|BASH_COMPLETION_COMPAT_DIR|BASH_LINENO|BASH_REMATCH|BASH_SOURCE|BASH_VERSINFO|BASH_VERSION|COLORTERM|COLUMNS|COMP_WORDBREAKS|DBUS_SESSION_BUS_ADDRESS|DEFAULTS_PATH|DESKTOP_SESSION|DIRSTACK|DISPLAY|EUID|GDMSESSION|GDM_LANG|GNOME_KEYRING_CONTROL|GNOME_KEYRING_PID|GPG_AGENT_INFO|GROUPS|HISTCONTROL|HISTFILE|HISTFILESIZE|HISTSIZE|HOME|HOSTNAME|HOSTTYPE|IFS|INSTANCE|JOB|LANG|LANGUAGE|LC_ADDRESS|LC_ALL|LC_IDENTIFICATION|LC_MEASUREMENT|LC_MONETARY|LC_NAME|LC_NUMERIC|LC_PAPER|LC_TELEPHONE|LC_TIME|LESSCLOSE|LESSOPEN|LINES|LOGNAME|LS_COLORS|MACHTYPE|MAILCHECK|MANDATORY_PATH|NO_AT_BRIDGE|OLDPWD|OPTERR|OPTIND|ORBIT_SOCKETDIR|OSTYPE|PAPERSIZE|PATH|PIPESTATUS|PPID|PS1|PS2|PS3|PS4|PWD|RANDOM|REPLY|SECONDS|SELINUX_INIT|SESSION|SESSIONTYPE|SESSION_MANAGER|SHELL|SHELLOPTS|SHLVL|SSH_AUTH_SOCK|TERM|UID|UPSTART_EVENTS|UPSTART_INSTANCE|UPSTART_JOB|UPSTART_SESSION|USER|WINDOWID|XAUTHORITY|XDG_CONFIG_DIRS|XDG_CURRENT_DESKTOP|XDG_DATA_DIRS|XDG_GREETER_DATA_DIR|XDG_MENU_PREFIX|XDG_RUNTIME_DIR|XDG_SEAT|XDG_SEAT_PATH|XDG_SESSION_DESKTOP|XDG_SESSION_ID|XDG_SESSION_PATH|XDG_SESSION_TYPE|XDG_VTNR|XMODIFIERS)\\b",n={pattern:/(^(["']?)\w+\2)[ \t]+\S.*/,lookbehind:!0,alias:"punctuation",inside:null},a={bash:n,environment:{pattern:RegExp("\\$"+t),alias:"constant"},variable:[{pattern:/\$?\(\([\s\S]+?\)\)/,greedy:!0,inside:{variable:[{pattern:/(^\$\(\([\s\S]+)\)\)/,lookbehind:!0},/^\$\(\(/],number:/\b0x[\dA-Fa-f]+\b|(?:\b\d+(?:\.\d*)?|\B\.\d+)(?:[Ee]-?\d+)?/,operator:/--?|-=|\+\+?|\+=|!=?|~|\*\*?|\*=|\/=?|%=?|<<=?|>>=?|<=?|>=?|==?|&&?|&=|\^=?|\|\|?|\|=|\?|:/,punctuation:/\(\(?|\)\)?|,|;/}},{pattern:/\$\((?:\([^)]+\)|[^()])+\)|`[^`]+`/,greedy:!0,inside:{variable:/^\$\(|^`|\)$|`$/}},{pattern:/\$\{[^}]+\}/,greedy:!0,inside:{operator:/:[-=?+]?|[!\/]|##?|%%?|\^\^?|,,?/,punctuation:/[\[\]]/,environment:{pattern:RegExp("(\\{)"+t),lookbehind:!0,alias:"constant"}}},/\$(?:\w+|[#?*!@$])/],entity:/\\(?:[abceEfnrtv\\"]|O?[0-7]{1,3}|x[0-9a-fA-F]{1,2}|u[0-9a-fA-F]{4}|U[0-9a-fA-F]{8})/};e.languages.bash={shebang:{pattern:/^#!\s*\/.*/,alias:"important"},comment:{pattern:/(^|[^"{\\$])#.*/,lookbehind:!0},"function-name":[{pattern:/(\bfunction\s+)[\w-]+(?=(?:\s*\(?:\s*\))?\s*\{)/,lookbehind:!0,alias:"function"},{pattern:/\b[\w-]+(?=\s*\(\s*\)\s*\{)/,alias:"function"}],"for-or-select":{pattern:/(\b(?:for|select)\s+)\w+(?=\s+in\s)/,alias:"variable",lookbehind:!0},"assign-left":{pattern:/(^|[\s;|&]|[<>]\()\w+(?=\+?=)/,inside:{environment:{pattern:RegExp("(^|[\\s;|&]|[<>]\\()"+t),lookbehind:!0,alias:"constant"}},alias:"variable",lookbehind:!0},string:[{pattern:/((?:^|[^<])<<-?\s*)(\w+?)\s[\s\S]*?(?:\r?\n|\r)\2/,lookbehind:!0,greedy:!0,inside:a},{pattern:/((?:^|[^<])<<-?\s*)(["'])(\w+)\2\s[\s\S]*?(?:\r?\n|\r)\3/,lookbehind:!0,greedy:!0,inside:{bash:n}},{pattern:/(^|[^\\](?:\\\\)*)"(?:\\[\s\S]|\$\([^)]+\)|\$(?!\()|`[^`]+`|[^"\\`$])*"/,lookbehind:!0,greedy:!0,inside:a},{pattern:/(^|[^$\\])'[^']*'/,lookbehind:!0,greedy:!0},{pattern:/\$'(?:[^'\\]|\\[\s\S])*'/,greedy:!0,inside:{entity:a.entity}}],environment:{pattern:RegExp("\\$?"+t),alias:"constant"},variable:a.variable,function:{pattern:/(^|[\s;|&]|[<>]\()(?:add|apropos|apt|aptitude|apt-cache|apt-get|aspell|automysqlbackup|awk|basename|bash|bc|bconsole|bg|bzip2|cal|cat|cfdisk|chgrp|chkconfig|chmod|chown|chroot|cksum|clear|cmp|column|comm|composer|cp|cron|crontab|csplit|curl|cut|date|dc|dd|ddrescue|debootstrap|df|diff|diff3|dig|dir|dircolors|dirname|dirs|dmesg|du|egrep|eject|env|ethtool|expand|expect|expr|fdformat|fdisk|fg|fgrep|file|find|fmt|fold|format|free|fsck|ftp|fuser|gawk|git|gparted|grep|groupadd|groupdel|groupmod|groups|grub-mkconfig|gzip|halt|head|hg|history|host|hostname|htop|iconv|id|ifconfig|ifdown|ifup|import|install|ip|jobs|join|kill|killall|less|link|ln|locate|logname|logrotate|look|lpc|lpr|lprint|lprintd|lprintq|lprm|ls|lsof|lynx|make|man|mc|mdadm|mkconfig|mkdir|mke2fs|mkfifo|mkfs|mkisofs|mknod|mkswap|mmv|more|most|mount|mtools|mtr|mutt|mv|nano|nc|netstat|nice|nl|nohup|notify-send|npm|nslookup|op|open|parted|passwd|paste|pathchk|ping|pkill|pnpm|popd|pr|printcap|printenv|ps|pushd|pv|quota|quotacheck|quotactl|ram|rar|rcp|reboot|remsync|rename|renice|rev|rm|rmdir|rpm|rsync|scp|screen|sdiff|sed|sendmail|seq|service|sftp|sh|shellcheck|shuf|shutdown|sleep|slocate|sort|split|ssh|stat|strace|su|sudo|sum|suspend|swapon|sync|tac|tail|tar|tee|time|timeout|top|touch|tr|traceroute|tsort|tty|umount|uname|unexpand|uniq|units|unrar|unshar|unzip|update-grub|uptime|useradd|userdel|usermod|users|uudecode|uuencode|v|vdir|vi|vim|virsh|vmstat|wait|watch|wc|wget|whereis|which|who|whoami|write|xargs|xdg-open|yarn|yes|zenity|zip|zsh|zypper)(?=$|[)\s;|&])/,lookbehind:!0},keyword:{pattern:/(^|[\s;|&]|[<>]\()(?:if|then|else|elif|fi|for|while|in|case|esac|function|select|do|done|until)(?=$|[)\s;|&])/,lookbehind:!0},builtin:{pattern:/(^|[\s;|&]|[<>]\()(?:\.|:|break|cd|continue|eval|exec|exit|export|getopts|hash|pwd|readonly|return|shift|test|times|trap|umask|unset|alias|bind|builtin|caller|command|declare|echo|enable|help|let|local|logout|mapfile|printf|read|readarray|source|type|typeset|ulimit|unalias|set|shopt)(?=$|[)\s;|&])/,lookbehind:!0,alias:"class-name"},boolean:{pattern:/(^|[\s;|&]|[<>]\()(?:true|false)(?=$|[)\s;|&])/,lookbehind:!0},"file-descriptor":{pattern:/\B&\d\b/,alias:"important"},operator:{pattern:/\d?<>|>\||\+=|==?|!=?|=~|<<[<-]?|[&\d]?>>|\d?[<>]&?|&[>&]?|\|[&|]?|<=?|>=?/,inside:{"file-descriptor":{pattern:/^\d/,alias:"important"}}},punctuation:/\$?\(\(?|\)\)?|\.\.|[{}[\];\\]/,number:{pattern:/(^|\s)(?:[1-9]\d*|0)(?:[.,]\d+)?\b/,lookbehind:!0}},n.inside=e.languages.bash;for(var s=["comment","function-name","for-or-select","assign-left","string","environment","function","keyword","builtin","boolean","file-descriptor","operator","punctuation","number"],i=a.variable[1].inside,o=0;o>=?|<<=?|->|([-+&|:])\1|[?:~]|[-+*/%&|^!=<>]=?/}),Prism.languages.insertBefore("c","string",{macro:{pattern:/(^\s*)#\s*[a-z](?:[^\r\n\\/]|\/(?!\*)|\/\*(?:[^*]|\*(?!\/))*\*\/|\\(?:\r\n|[\s\S]))*/im,lookbehind:!0,greedy:!0,alias:"property",inside:{string:[{pattern:/^(#\s*include\s*)<[^>]+>/,lookbehind:!0},Prism.languages.c.string],comment:Prism.languages.c.comment,"macro-name":[{pattern:/(^#\s*define\s+)\w+\b(?!\()/i,lookbehind:!0},{pattern:/(^#\s*define\s+)\w+\b(?=\()/i,lookbehind:!0,alias:"function"}],directive:{pattern:/^(#\s*)[a-z]+/,lookbehind:!0,alias:"keyword"},"directive-hash":/^#/,punctuation:/##|\\(?=[\r\n])/,expression:{pattern:/\S[\s\S]*/,inside:Prism.languages.c}}},constant:/\b(?:__FILE__|__LINE__|__DATE__|__TIME__|__TIMESTAMP__|__func__|EOF|NULL|SEEK_CUR|SEEK_END|SEEK_SET|stdin|stdout|stderr)\b/}),delete Prism.languages.c.boolean; -!function(s){function a(e,s){return e.replace(/<<(\d+)>>/g,function(e,n){return"(?:"+s[+n]+")"})}function t(e,n,s){return RegExp(a(e,n),s||"")}function e(e,n){for(var s=0;s>/g,function(){return"(?:"+e+")"});return e.replace(/<>/g,"[^\\s\\S]")}var n="bool byte char decimal double dynamic float int long object sbyte short string uint ulong ushort var void",i="class enum interface struct",r="add alias and ascending async await by descending from get global group into join let nameof not notnull on or orderby partial remove select set unmanaged value when where",o="abstract as base break case catch checked const continue default delegate do else event explicit extern finally fixed for foreach goto if implicit in internal is lock namespace new null operator out override params private protected public readonly ref return sealed sizeof stackalloc static switch this throw try typeof unchecked unsafe using virtual volatile while yield";function l(e){return"\\b(?:"+e.trim().replace(/ /g,"|")+")\\b"}var d=l(i),p=RegExp(l(n+" "+i+" "+r+" "+o)),c=l(i+" "+r+" "+o),u=l(n+" "+i+" "+o),g=e("<(?:[^<>;=+\\-*/%&|^]|<>)*>",2),b=e("\\((?:[^()]|<>)*\\)",2),h="@?\\b[A-Za-z_]\\w*\\b",f=a("<<0>>(?:\\s*<<1>>)?",[h,g]),m=a("(?!<<0>>)<<1>>(?:\\s*\\.\\s*<<1>>)*",[c,f]),k="\\[\\s*(?:,\\s*)*\\]",y=a("<<0>>(?:\\s*(?:\\?\\s*)?<<1>>)*(?:\\s*\\?)?",[m,k]),w=a("(?:<<0>>|<<1>>)(?:\\s*(?:\\?\\s*)?<<2>>)*(?:\\s*\\?)?",[a("\\(<<0>>+(?:,<<0>>+)+\\)",[a("[^,()<>[\\];=+\\-*/%&|^]|<<0>>|<<1>>|<<2>>",[g,b,k])]),m,k]),v={keyword:p,punctuation:/[<>()?,.:[\]]/},x="'(?:[^\r\n'\\\\]|\\\\.|\\\\[Uux][\\da-fA-F]{1,8})'",$='"(?:\\\\.|[^\\\\"\r\n])*"';s.languages.csharp=s.languages.extend("clike",{string:[{pattern:t("(^|[^$\\\\])<<0>>",['@"(?:""|\\\\[^]|[^\\\\"])*"(?!")']),lookbehind:!0,greedy:!0},{pattern:t("(^|[^@$\\\\])<<0>>",[$]),lookbehind:!0,greedy:!0},{pattern:RegExp(x),greedy:!0,alias:"character"}],"class-name":[{pattern:t("(\\busing\\s+static\\s+)<<0>>(?=\\s*;)",[m]),lookbehind:!0,inside:v},{pattern:t("(\\busing\\s+<<0>>\\s*=\\s*)<<1>>(?=\\s*;)",[h,w]),lookbehind:!0,inside:v},{pattern:t("(\\busing\\s+)<<0>>(?=\\s*=)",[h]),lookbehind:!0},{pattern:t("(\\b<<0>>\\s+)<<1>>",[d,f]),lookbehind:!0,inside:v},{pattern:t("(\\bcatch\\s*\\(\\s*)<<0>>",[m]),lookbehind:!0,inside:v},{pattern:t("(\\bwhere\\s+)<<0>>",[h]),lookbehind:!0},{pattern:t("(\\b(?:is(?:\\s+not)?|as)\\s+)<<0>>",[y]),lookbehind:!0,inside:v},{pattern:t("\\b<<0>>(?=\\s+(?!<<1>>)<<2>>(?:\\s*[=,;:{)\\]]|\\s+(?:in|when)\\b))",[w,u,h]),inside:v}],keyword:p,number:/(?:\b0(?:x[\da-f_]*[\da-f]|b[01_]*[01])|(?:\B\.\d+(?:_+\d+)*|\b\d+(?:_+\d+)*(?:\.\d+(?:_+\d+)*)?)(?:e[-+]?\d+(?:_+\d+)*)?)(?:ul|lu|[dflmu])?\b/i,operator:/>>=?|<<=?|[-=]>|([-+&|])\1|~|\?\?=?|[-+*/%&|^!=<>]=?/,punctuation:/\?\.?|::|[{}[\];(),.:]/}),s.languages.insertBefore("csharp","number",{range:{pattern:/\.\./,alias:"operator"}}),s.languages.insertBefore("csharp","punctuation",{"named-parameter":{pattern:t("([(,]\\s*)<<0>>(?=\\s*:)",[h]),lookbehind:!0,alias:"punctuation"}}),s.languages.insertBefore("csharp","class-name",{namespace:{pattern:t("(\\b(?:namespace|using)\\s+)<<0>>(?:\\s*\\.\\s*<<0>>)*(?=\\s*[;{])",[h]),lookbehind:!0,inside:{punctuation:/\./}},"type-expression":{pattern:t("(\\b(?:default|typeof|sizeof)\\s*\\(\\s*(?!\\s))(?:[^()\\s]|\\s(?!\\s)|<<0>>)*(?=\\s*\\))",[b]),lookbehind:!0,alias:"class-name",inside:v},"return-type":{pattern:t("<<0>>(?=\\s+(?:<<1>>\\s*(?:=>|[({]|\\.\\s*this\\s*\\[)|this\\s*\\[))",[w,m]),inside:v,alias:"class-name"},"constructor-invocation":{pattern:t("(\\bnew\\s+)<<0>>(?=\\s*[[({])",[w]),lookbehind:!0,inside:v,alias:"class-name"},"generic-method":{pattern:t("<<0>>\\s*<<1>>(?=\\s*\\()",[h,g]),inside:{function:t("^<<0>>",[h]),generic:{pattern:RegExp(g),alias:"class-name",inside:v}}},"type-list":{pattern:t("\\b((?:<<0>>\\s+<<1>>|where\\s+<<2>>)\\s*:\\s*)(?:<<3>>|<<4>>)(?:\\s*,\\s*(?:<<3>>|<<4>>))*(?=\\s*(?:where|[{;]|=>|$))",[d,f,h,w,p.source]),lookbehind:!0,inside:{keyword:p,"class-name":{pattern:RegExp(w),greedy:!0,inside:v},punctuation:/,/}},preprocessor:{pattern:/(^\s*)#.*/m,lookbehind:!0,alias:"property",inside:{directive:{pattern:/(\s*#)\b(?:define|elif|else|endif|endregion|error|if|line|pragma|region|undef|warning)\b/,lookbehind:!0,alias:"keyword"}}}});var _=$+"|"+x,B=a("/(?![*/])|//[^\r\n]*[\r\n]|/\\*(?:[^*]|\\*(?!/))*\\*/|<<0>>",[_]),E=e(a("[^\"'/()]|<<0>>|\\(<>*\\)",[B]),2),R="\\b(?:assembly|event|field|method|module|param|property|return|type)\\b",P=a("<<0>>(?:\\s*\\(<<1>>*\\))?",[m,E]);s.languages.insertBefore("csharp","class-name",{attribute:{pattern:t("((?:^|[^\\s\\w>)?])\\s*\\[\\s*)(?:<<0>>\\s*:\\s*)?<<1>>(?:\\s*,\\s*<<1>>)*(?=\\s*\\])",[R,P]),lookbehind:!0,greedy:!0,inside:{target:{pattern:t("^<<0>>(?=\\s*:)",[R]),alias:"keyword"},"attribute-arguments":{pattern:t("\\(<<0>>*\\)",[E]),inside:s.languages.csharp},"class-name":{pattern:RegExp(m),inside:{punctuation:/\./}},punctuation:/[:,]/}}});var z=":[^}\r\n]+",S=e(a("[^\"'/()]|<<0>>|\\(<>*\\)",[B]),2),j=a("\\{(?!\\{)(?:(?![}:])<<0>>)*<<1>>?\\}",[S,z]),A=e(a("[^\"'/()]|/(?!\\*)|/\\*(?:[^*]|\\*(?!/))*\\*/|<<0>>|\\(<>*\\)",[_]),2),F=a("\\{(?!\\{)(?:(?![}:])<<0>>)*<<1>>?\\}",[A,z]);function U(e,n){return{interpolation:{pattern:t("((?:^|[^{])(?:\\{\\{)*)<<0>>",[e]),lookbehind:!0,inside:{"format-string":{pattern:t("(^\\{(?:(?![}:])<<0>>)*)<<1>>(?=\\}$)",[n,z]),lookbehind:!0,inside:{punctuation:/^:/}},punctuation:/^\{|\}$/,expression:{pattern:/[\s\S]+/,alias:"language-csharp",inside:s.languages.csharp}}},string:/[\s\S]+/}}s.languages.insertBefore("csharp","string",{"interpolation-string":[{pattern:t('(^|[^\\\\])(?:\\$@|@\\$)"(?:""|\\\\[^]|\\{\\{|<<0>>|[^\\\\{"])*"',[j]),lookbehind:!0,greedy:!0,inside:U(j,S)},{pattern:t('(^|[^@\\\\])\\$"(?:\\\\.|\\{\\{|<<0>>|[^\\\\"{])*"',[F]),lookbehind:!0,greedy:!0,inside:U(F,A)}]})}(Prism),Prism.languages.dotnet=Prism.languages.cs=Prism.languages.csharp; -!function(e){var t=/\b(?:alignas|alignof|asm|auto|bool|break|case|catch|char|char8_t|char16_t|char32_t|class|compl|concept|const|consteval|constexpr|constinit|const_cast|continue|co_await|co_return|co_yield|decltype|default|delete|do|double|dynamic_cast|else|enum|explicit|export|extern|final|float|for|friend|goto|if|import|inline|int|int8_t|int16_t|int32_t|int64_t|uint8_t|uint16_t|uint32_t|uint64_t|long|module|mutable|namespace|new|noexcept|nullptr|operator|override|private|protected|public|register|reinterpret_cast|requires|return|short|signed|sizeof|static|static_assert|static_cast|struct|switch|template|this|thread_local|throw|try|typedef|typeid|typename|union|unsigned|using|virtual|void|volatile|wchar_t|while)\b/,n="\\b(?!)\\w+(?:\\s*\\.\\s*\\w+)*\\b".replace(//g,function(){return t.source});e.languages.cpp=e.languages.extend("c",{"class-name":[{pattern:RegExp("(\\b(?:class|concept|enum|struct|typename)\\s+)(?!)\\w+".replace(//g,function(){return t.source})),lookbehind:!0},/\b[A-Z]\w*(?=\s*::\s*\w+\s*\()/,/\b[A-Z_]\w*(?=\s*::\s*~\w+\s*\()/i,/\w+(?=\s*<(?:[^<>]|<(?:[^<>]|<[^<>]*>)*>)*>\s*::\s*\w+\s*\()/],keyword:t,number:{pattern:/(?:\b0b[01']+|\b0x(?:[\da-f']+(?:\.[\da-f']*)?|\.[\da-f']+)(?:p[+-]?[\d']+)?|(?:\b[\d']+(?:\.[\d']*)?|\B\.[\d']+)(?:e[+-]?[\d']+)?)[ful]{0,4}/i,greedy:!0},operator:/>>=?|<<=?|->|--|\+\+|&&|\|\||[?:~]|<=>|[-+*/%&|^!=<>]=?|\b(?:and|and_eq|bitand|bitor|not|not_eq|or|or_eq|xor|xor_eq)\b/,boolean:/\b(?:true|false)\b/}),e.languages.insertBefore("cpp","string",{module:{pattern:RegExp('(\\b(?:module|import)\\s+)(?:"(?:\\\\(?:\r\n|[^])|[^"\\\\\r\n])*"|<[^<>\r\n]*>|'+"(?:\\s*:\\s*)?|:\\s*".replace(//g,function(){return n})+")"),lookbehind:!0,greedy:!0,inside:{string:/^[<"][\s\S]+/,operator:/:/,punctuation:/\./}},"raw-string":{pattern:/R"([^()\\ ]{0,16})\([\s\S]*?\)\1"/,alias:"string",greedy:!0}}),e.languages.insertBefore("cpp","keyword",{"generic-function":{pattern:/\b[a-z_]\w*\s*<(?:[^<>]|<(?:[^<>])*>)*>(?=\s*\()/i,inside:{function:/^\w+/,generic:{pattern:/<[\s\S]+/,alias:"class-name",inside:e.languages.cpp}}}}),e.languages.insertBefore("cpp","operator",{"double-colon":{pattern:/::/,alias:"punctuation"}}),e.languages.insertBefore("cpp","class-name",{"base-clause":{pattern:/(\b(?:class|struct)\s+\w+\s*:\s*)[^;{}"'\s]+(?:\s+[^;{}"'\s]+)*(?=\s*[;{])/,lookbehind:!0,greedy:!0,inside:e.languages.extend("cpp",{})}}),e.languages.insertBefore("inside","double-colon",{"class-name":/\b[a-z_]\w*\b(?!\s*::)/i},e.languages.cpp["base-clause"])}(Prism); -Prism.languages.go=Prism.languages.extend("clike",{string:{pattern:/(["'`])(?:\\[\s\S]|(?!\1)[^\\])*\1/,greedy:!0},keyword:/\b(?:break|case|chan|const|continue|default|defer|else|fallthrough|for|func|go(?:to)?|if|import|interface|map|package|range|return|select|struct|switch|type|var)\b/,boolean:/\b(?:_|iota|nil|true|false)\b/,number:/(?:\b0x[a-f\d]+|(?:\b\d+(?:\.\d*)?|\B\.\d+)(?:e[-+]?\d+)?)i?/i,operator:/[*\/%^!=]=?|\+[=+]?|-[=-]?|\|[=|]?|&(?:=|&|\^=?)?|>(?:>=?|=)?|<(?:<=?|=|-)?|:=|\.\.\./,builtin:/\b(?:bool|byte|complex(?:64|128)|error|float(?:32|64)|rune|string|u?int(?:8|16|32|64)?|uintptr|append|cap|close|complex|copy|delete|imag|len|make|new|panic|print(?:ln)?|real|recover)\b/}),delete Prism.languages.go["class-name"]; -!function(e){var t=/\b(?:abstract|assert|boolean|break|byte|case|catch|char|class|const|continue|default|do|double|else|enum|exports|extends|final|finally|float|for|goto|if|implements|import|instanceof|int|interface|long|module|native|new|non-sealed|null|open|opens|package|permits|private|protected|provides|public|record|requires|return|sealed|short|static|strictfp|super|switch|synchronized|this|throw|throws|to|transient|transitive|try|uses|var|void|volatile|while|with|yield)\b/,n="(^|[^\\w.])(?:[a-z]\\w*\\s*\\.\\s*)*(?:[A-Z]\\w*\\s*\\.\\s*)*",a={pattern:RegExp(n+"[A-Z](?:[\\d_A-Z]*[a-z]\\w*)?\\b"),lookbehind:!0,inside:{namespace:{pattern:/^[a-z]\w*(?:\s*\.\s*[a-z]\w*)*(?:\s*\.)?/,inside:{punctuation:/\./}},punctuation:/\./}};e.languages.java=e.languages.extend("clike",{"class-name":[a,{pattern:RegExp(n+"[A-Z]\\w*(?=\\s+\\w+\\s*[;,=())])"),lookbehind:!0,inside:a.inside}],keyword:t,function:[e.languages.clike.function,{pattern:/(\:\:\s*)[a-z_]\w*/,lookbehind:!0}],number:/\b0b[01][01_]*L?\b|\b0x(?:\.[\da-f_p+-]+|[\da-f_]+(?:\.[\da-f_p+-]+)?)\b|(?:\b\d[\d_]*(?:\.[\d_]*)?|\B\.\d[\d_]*)(?:e[+-]?\d[\d_]*)?[dfl]?/i,operator:{pattern:/(^|[^.])(?:<<=?|>>>?=?|->|--|\+\+|&&|\|\||::|[?:~]|[-+*/%&|^!=<>]=?)/m,lookbehind:!0}}),e.languages.insertBefore("java","string",{"triple-quoted-string":{pattern:/"""[ \t]*[\r\n](?:(?:"|"")?(?:\\.|[^"\\]))*"""/,greedy:!0,alias:"string"}}),e.languages.insertBefore("java","class-name",{annotation:{pattern:/(^|[^.])@\w+(?:\s*\.\s*\w+)*/,lookbehind:!0,alias:"punctuation"},generics:{pattern:/<(?:[\w\s,.?]|&(?!&)|<(?:[\w\s,.?]|&(?!&)|<(?:[\w\s,.?]|&(?!&)|<(?:[\w\s,.?]|&(?!&))*>)*>)*>)*>/,inside:{"class-name":a,keyword:t,punctuation:/[<>(),.:]/,operator:/[?&|]/}},namespace:{pattern:RegExp("(\\b(?:exports|import(?:\\s+static)?|module|open|opens|package|provides|requires|to|transitive|uses|with)\\s+)(?!)[a-z]\\w*(?:\\.[a-z]\\w*)*\\.?".replace(//g,function(){return t.source})),lookbehind:!0,inside:{punctuation:/\./}}})}(Prism); -Prism.languages.json={property:{pattern:/(^|[^\\])"(?:\\.|[^\\"\r\n])*"(?=\s*:)/,lookbehind:!0,greedy:!0},string:{pattern:/(^|[^\\])"(?:\\.|[^\\"\r\n])*"(?!\s*:)/,lookbehind:!0,greedy:!0},comment:{pattern:/\/\/.*|\/\*[\s\S]*?(?:\*\/|$)/,greedy:!0},number:/-?\b\d+(?:\.\d+)?(?:e[+-]?\d+)?\b/i,punctuation:/[{}[\],]/,operator:/:/,boolean:/\b(?:true|false)\b/,null:{pattern:/\bnull\b/,alias:"keyword"}},Prism.languages.webmanifest=Prism.languages.json; -!function(n){var e=/("|')(?:\\(?:\r\n?|\n|.)|(?!\1)[^\\\r\n])*\1/;n.languages.json5=n.languages.extend("json",{property:[{pattern:RegExp(e.source+"(?=\\s*:)"),greedy:!0},{pattern:/(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*:)/,alias:"unquoted"}],string:{pattern:e,greedy:!0},number:/[+-]?\b(?:NaN|Infinity|0x[a-fA-F\d]+)\b|[+-]?(?:\b\d+(?:\.\d*)?|\B\.\d+)(?:[eE][+-]?\d+\b)?/})}(Prism); -Prism.languages.jsonp=Prism.languages.extend("json",{punctuation:/[{}[\]();,.]/}),Prism.languages.insertBefore("jsonp","punctuation",{function:/(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*\()/}); -!function(u){function n(n){return n=n.replace(//g,function(){return"(?:\\\\.|[^\\\\\n\r]|(?:\n|\r\n?)(?!\n|\r\n?))"}),RegExp("((?:^|[^\\\\])(?:\\\\{2})*)(?:"+n+")")}var e="(?:\\\\.|``(?:[^`\r\n]|`(?!`))+``|`[^`\r\n]+`|[^\\\\|\r\n`])+",t="\\|?__(?:\\|__)+\\|?(?:(?:\n|\r\n?)|(?![^]))".replace(/__/g,function(){return e}),a="\\|?[ \t]*:?-{3,}:?[ \t]*(?:\\|[ \t]*:?-{3,}:?[ \t]*)+\\|?(?:\n|\r\n?)";u.languages.markdown=u.languages.extend("markup",{}),u.languages.insertBefore("markdown","prolog",{"front-matter-block":{pattern:/(^(?:\s*[\r\n])?)---(?!.)[\s\S]*?[\r\n]---(?!.)/,lookbehind:!0,greedy:!0,inside:{punctuation:/^---|---$/,"font-matter":{pattern:/\S+(?:\s+\S+)*/,alias:["yaml","language-yaml"],inside:u.languages.yaml}}},blockquote:{pattern:/^>(?:[\t ]*>)*/m,alias:"punctuation"},table:{pattern:RegExp("^"+t+a+"(?:"+t+")*","m"),inside:{"table-data-rows":{pattern:RegExp("^("+t+a+")(?:"+t+")*$"),lookbehind:!0,inside:{"table-data":{pattern:RegExp(e),inside:u.languages.markdown},punctuation:/\|/}},"table-line":{pattern:RegExp("^("+t+")"+a+"$"),lookbehind:!0,inside:{punctuation:/\||:?-{3,}:?/}},"table-header-row":{pattern:RegExp("^"+t+"$"),inside:{"table-header":{pattern:RegExp(e),alias:"important",inside:u.languages.markdown},punctuation:/\|/}}}},code:[{pattern:/((?:^|\n)[ \t]*\n|(?:^|\r\n?)[ \t]*\r\n?)(?: {4}|\t).+(?:(?:\n|\r\n?)(?: {4}|\t).+)*/,lookbehind:!0,alias:"keyword"},{pattern:/``.+?``|`[^`\r\n]+`/,alias:"keyword"},{pattern:/^```[\s\S]*?^```$/m,greedy:!0,inside:{"code-block":{pattern:/^(```.*(?:\n|\r\n?))[\s\S]+?(?=(?:\n|\r\n?)^```$)/m,lookbehind:!0},"code-language":{pattern:/^(```).+/,lookbehind:!0},punctuation:/```/}}],title:[{pattern:/\S.*(?:\n|\r\n?)(?:==+|--+)(?=[ \t]*$)/m,alias:"important",inside:{punctuation:/==+$|--+$/}},{pattern:/(^\s*)#.+/m,lookbehind:!0,alias:"important",inside:{punctuation:/^#+|#+$/}}],hr:{pattern:/(^\s*)([*-])(?:[\t ]*\2){2,}(?=\s*$)/m,lookbehind:!0,alias:"punctuation"},list:{pattern:/(^\s*)(?:[*+-]|\d+\.)(?=[\t ].)/m,lookbehind:!0,alias:"punctuation"},"url-reference":{pattern:/!?\[[^\]]+\]:[\t ]+(?:\S+|<(?:\\.|[^>\\])+>)(?:[\t ]+(?:"(?:\\.|[^"\\])*"|'(?:\\.|[^'\\])*'|\((?:\\.|[^)\\])*\)))?/,inside:{variable:{pattern:/^(!?\[)[^\]]+/,lookbehind:!0},string:/(?:"(?:\\.|[^"\\])*"|'(?:\\.|[^'\\])*'|\((?:\\.|[^)\\])*\))$/,punctuation:/^[\[\]!:]|[<>]/},alias:"url"},bold:{pattern:n("\\b__(?:(?!_)|_(?:(?!_))+_)+__\\b|\\*\\*(?:(?!\\*)|\\*(?:(?!\\*))+\\*)+\\*\\*"),lookbehind:!0,greedy:!0,inside:{content:{pattern:/(^..)[\s\S]+(?=..$)/,lookbehind:!0,inside:{}},punctuation:/\*\*|__/}},italic:{pattern:n("\\b_(?:(?!_)|__(?:(?!_))+__)+_\\b|\\*(?:(?!\\*)|\\*\\*(?:(?!\\*))+\\*\\*)+\\*"),lookbehind:!0,greedy:!0,inside:{content:{pattern:/(^.)[\s\S]+(?=.$)/,lookbehind:!0,inside:{}},punctuation:/[*_]/}},strike:{pattern:n("(~~?)(?:(?!~))+?\\2"),lookbehind:!0,greedy:!0,inside:{content:{pattern:/(^~~?)[\s\S]+(?=\1$)/,lookbehind:!0,inside:{}},punctuation:/~~?/}},url:{pattern:n('!?\\[(?:(?!\\]))+\\](?:\\([^\\s)]+(?:[\t ]+"(?:\\\\.|[^"\\\\])*")?\\)|[ \t]?\\[(?:(?!\\]))+\\])'),lookbehind:!0,greedy:!0,inside:{operator:/^!/,content:{pattern:/(^\[)[^\]]+(?=\])/,lookbehind:!0,inside:{}},variable:{pattern:/(^\][ \t]?\[)[^\]]+(?=\]$)/,lookbehind:!0},url:{pattern:/(^\]\()[^\s)]+/,lookbehind:!0},string:{pattern:/(^[ \t]+)"(?:\\.|[^"\\])*"(?=\)$)/,lookbehind:!0}}}}),["url","bold","italic","strike"].forEach(function(e){["url","bold","italic","strike"].forEach(function(n){e!==n&&(u.languages.markdown[e].inside.content.inside[n]=u.languages.markdown[n])})}),u.hooks.add("after-tokenize",function(n){"markdown"!==n.language&&"md"!==n.language||!function n(e){if(e&&"string"!=typeof e)for(var t=0,a=e.length;t]?|>[=>]?|[&|^~]/,punctuation:/[{}[\];(),.:]/},Prism.languages.python["string-interpolation"].inside.interpolation.inside.rest=Prism.languages.python,Prism.languages.py=Prism.languages.python; -Prism.languages.rego={comment:/#.*/,property:{pattern:/(^|[^\\.])(?:"(?:\\.|[^\\"\r\n])*"|`[^`]*`|\b[a-z_]\w*\b)(?=\s*:(?!=))/i,lookbehind:!0,greedy:!0},string:{pattern:/(^|[^\\])"(?:\\.|[^\\"\r\n])*"|`[^`]*`/,lookbehind:!0,greedy:!0},keyword:/\b(?:as|default|else|import|package|not|null|some|with|set(?=\s*\())\b/,boolean:/\b(?:true|false)\b/,function:{pattern:/\b[a-z_]\w*\b(?:\s*\.\s*\b[a-z_]\w*\b)*(?=\s*\()/i,inside:{namespace:/\b\w+\b(?=\s*\.)/,punctuation:/\./}},number:/-?\b\d+(?:\.\d+)?(?:e[+-]?\d+)?\b/i,operator:/[-+*/%|&]|[<>:=]=?|!=|\b_\b/,punctuation:/[,;.\[\]{}()]/}; -Prism.languages.scss=Prism.languages.extend("css",{comment:{pattern:/(^|[^\\])(?:\/\*[\s\S]*?\*\/|\/\/.*)/,lookbehind:!0},atrule:{pattern:/@[\w-](?:\([^()]+\)|[^()\s]|\s+(?!\s))*?(?=\s+[{;])/,inside:{rule:/@[\w-]+/}},url:/(?:[-a-z]+-)?url(?=\()/i,selector:{pattern:/(?=\S)[^@;{}()]?(?:[^@;{}()\s]|\s+(?!\s)|#\{\$[-\w]+\})+(?=\s*\{(?:\}|\s|[^}][^:{}]*[:{][^}]+))/m,inside:{parent:{pattern:/&/,alias:"important"},placeholder:/%[-\w]+/,variable:/\$[-\w]+|#\{\$[-\w]+\}/}},property:{pattern:/(?:[-\w]|\$[-\w]|#\{\$[-\w]+\})+(?=\s*:)/,inside:{variable:/\$[-\w]+|#\{\$[-\w]+\}/}}}),Prism.languages.insertBefore("scss","atrule",{keyword:[/@(?:if|else(?: if)?|forward|for|each|while|import|use|extend|debug|warn|mixin|include|function|return|content)\b/i,{pattern:/( +)(?:from|through)(?= )/,lookbehind:!0}]}),Prism.languages.insertBefore("scss","important",{variable:/\$[-\w]+|#\{\$[-\w]+\}/}),Prism.languages.insertBefore("scss","function",{"module-modifier":{pattern:/\b(?:as|with|show|hide)\b/i,alias:"keyword"},placeholder:{pattern:/%[-\w]+/,alias:"selector"},statement:{pattern:/\B!(?:default|optional)\b/i,alias:"keyword"},boolean:/\b(?:true|false)\b/,null:{pattern:/\bnull\b/,alias:"keyword"},operator:{pattern:/(\s)(?:[-+*\/%]|[=!]=|<=?|>=?|and|or|not)(?=\s)/,lookbehind:!0}}),Prism.languages.scss.atrule.inside.rest=Prism.languages.scss; -Prism.languages.sql={comment:{pattern:/(^|[^\\])(?:\/\*[\s\S]*?\*\/|(?:--|\/\/|#).*)/,lookbehind:!0},variable:[{pattern:/@(["'`])(?:\\[\s\S]|(?!\1)[^\\])+\1/,greedy:!0},/@[\w.$]+/],string:{pattern:/(^|[^@\\])("|')(?:\\[\s\S]|(?!\2)[^\\]|\2\2)*\2/,greedy:!0,lookbehind:!0},function:/\b(?:AVG|COUNT|FIRST|FORMAT|LAST|LCASE|LEN|MAX|MID|MIN|MOD|NOW|ROUND|SUM|UCASE)(?=\s*\()/i,keyword:/\b(?:ACTION|ADD|AFTER|ALGORITHM|ALL|ALTER|ANALYZE|ANY|APPLY|AS|ASC|AUTHORIZATION|AUTO_INCREMENT|BACKUP|BDB|BEGIN|BERKELEYDB|BIGINT|BINARY|BIT|BLOB|BOOL|BOOLEAN|BREAK|BROWSE|BTREE|BULK|BY|CALL|CASCADED?|CASE|CHAIN|CHAR(?:ACTER|SET)?|CHECK(?:POINT)?|CLOSE|CLUSTERED|COALESCE|COLLATE|COLUMNS?|COMMENT|COMMIT(?:TED)?|COMPUTE|CONNECT|CONSISTENT|CONSTRAINT|CONTAINS(?:TABLE)?|CONTINUE|CONVERT|CREATE|CROSS|CURRENT(?:_DATE|_TIME|_TIMESTAMP|_USER)?|CURSOR|CYCLE|DATA(?:BASES?)?|DATE(?:TIME)?|DAY|DBCC|DEALLOCATE|DEC|DECIMAL|DECLARE|DEFAULT|DEFINER|DELAYED|DELETE|DELIMITERS?|DENY|DESC|DESCRIBE|DETERMINISTIC|DISABLE|DISCARD|DISK|DISTINCT|DISTINCTROW|DISTRIBUTED|DO|DOUBLE|DROP|DUMMY|DUMP(?:FILE)?|DUPLICATE|ELSE(?:IF)?|ENABLE|ENCLOSED|END|ENGINE|ENUM|ERRLVL|ERRORS|ESCAPED?|EXCEPT|EXEC(?:UTE)?|EXISTS|EXIT|EXPLAIN|EXTENDED|FETCH|FIELDS|FILE|FILLFACTOR|FIRST|FIXED|FLOAT|FOLLOWING|FOR(?: EACH ROW)?|FORCE|FOREIGN|FREETEXT(?:TABLE)?|FROM|FULL|FUNCTION|GEOMETRY(?:COLLECTION)?|GLOBAL|GOTO|GRANT|GROUP|HANDLER|HASH|HAVING|HOLDLOCK|HOUR|IDENTITY(?:_INSERT|COL)?|IF|IGNORE|IMPORT|INDEX|INFILE|INNER|INNODB|INOUT|INSERT|INT|INTEGER|INTERSECT|INTERVAL|INTO|INVOKER|ISOLATION|ITERATE|JOIN|KEYS?|KILL|LANGUAGE|LAST|LEAVE|LEFT|LEVEL|LIMIT|LINENO|LINES|LINESTRING|LOAD|LOCAL|LOCK|LONG(?:BLOB|TEXT)|LOOP|MATCH(?:ED)?|MEDIUM(?:BLOB|INT|TEXT)|MERGE|MIDDLEINT|MINUTE|MODE|MODIFIES|MODIFY|MONTH|MULTI(?:LINESTRING|POINT|POLYGON)|NATIONAL|NATURAL|NCHAR|NEXT|NO|NONCLUSTERED|NULLIF|NUMERIC|OFF?|OFFSETS?|ON|OPEN(?:DATASOURCE|QUERY|ROWSET)?|OPTIMIZE|OPTION(?:ALLY)?|ORDER|OUT(?:ER|FILE)?|OVER|PARTIAL|PARTITION|PERCENT|PIVOT|PLAN|POINT|POLYGON|PRECEDING|PRECISION|PREPARE|PREV|PRIMARY|PRINT|PRIVILEGES|PROC(?:EDURE)?|PUBLIC|PURGE|QUICK|RAISERROR|READS?|REAL|RECONFIGURE|REFERENCES|RELEASE|RENAME|REPEAT(?:ABLE)?|REPLACE|REPLICATION|REQUIRE|RESIGNAL|RESTORE|RESTRICT|RETURN(?:S|ING)?|REVOKE|RIGHT|ROLLBACK|ROUTINE|ROW(?:COUNT|GUIDCOL|S)?|RTREE|RULE|SAVE(?:POINT)?|SCHEMA|SECOND|SELECT|SERIAL(?:IZABLE)?|SESSION(?:_USER)?|SET(?:USER)?|SHARE|SHOW|SHUTDOWN|SIMPLE|SMALLINT|SNAPSHOT|SOME|SONAME|SQL|START(?:ING)?|STATISTICS|STATUS|STRIPED|SYSTEM_USER|TABLES?|TABLESPACE|TEMP(?:ORARY|TABLE)?|TERMINATED|TEXT(?:SIZE)?|THEN|TIME(?:STAMP)?|TINY(?:BLOB|INT|TEXT)|TOP?|TRAN(?:SACTIONS?)?|TRIGGER|TRUNCATE|TSEQUAL|TYPES?|UNBOUNDED|UNCOMMITTED|UNDEFINED|UNION|UNIQUE|UNLOCK|UNPIVOT|UNSIGNED|UPDATE(?:TEXT)?|USAGE|USE|USER|USING|VALUES?|VAR(?:BINARY|CHAR|CHARACTER|YING)|VIEW|WAITFOR|WARNINGS|WHEN|WHERE|WHILE|WITH(?: ROLLUP|IN)?|WORK|WRITE(?:TEXT)?|YEAR)\b/i,boolean:/\b(?:TRUE|FALSE|NULL)\b/i,number:/\b0x[\da-f]+\b|\b\d+(?:\.\d*)?|\B\.\d+\b/i,operator:/[-+*\/=%^~]|&&?|\|\|?|!=?|<(?:=>?|<|>)?|>[>=]?|\b(?:AND|BETWEEN|DIV|IN|ILIKE|IS|LIKE|NOT|OR|REGEXP|RLIKE|SOUNDS LIKE|XOR)\b/i,punctuation:/[;[\]()`,.]/}; -!function(e){function n(e){return e.replace(/__/g,function(){return"(?:[\\w-]+|'[^'\n\r]*'|\"(?:\\\\.|[^\\\\\"\r\n])*\")"})}e.languages.toml={comment:{pattern:/#.*/,greedy:!0},table:{pattern:RegExp(n("(^\\s*\\[\\s*(?:\\[\\s*)?)__(?:\\s*\\.\\s*__)*(?=\\s*\\])"),"m"),lookbehind:!0,greedy:!0,alias:"class-name"},key:{pattern:RegExp(n("(^\\s*|[{,]\\s*)__(?:\\s*\\.\\s*__)*(?=\\s*=)"),"m"),lookbehind:!0,greedy:!0,alias:"property"},string:{pattern:/"""(?:\\[\s\S]|[^\\])*?"""|'''[\s\S]*?'''|'[^'\n\r]*'|"(?:\\.|[^\\"\r\n])*"/,greedy:!0},date:[{pattern:/\b\d{4}-\d{2}-\d{2}(?:[T\s]\d{2}:\d{2}:\d{2}(?:\.\d+)?(?:Z|[+-]\d{2}:\d{2})?)?\b/i,alias:"number"},{pattern:/\b\d{2}:\d{2}:\d{2}(?:\.\d+)?\b/,alias:"number"}],number:/(?:\b0(?:x[\da-zA-Z]+(?:_[\da-zA-Z]+)*|o[0-7]+(?:_[0-7]+)*|b[10]+(?:_[10]+)*))\b|[-+]?\b\d+(?:_\d+)*(?:\.\d+(?:_\d+)*)?(?:[eE][+-]?\d+(?:_\d+)*)?\b|[-+]?\b(?:inf|nan)\b/,boolean:/\b(?:true|false)\b/,punctuation:/[.,=[\]{}]/}}(Prism); -!function(e){var n=/[*&][^\s[\]{},]+/,r=/!(?:<[\w\-%#;/?:@&=+$,.!~*'()[\]]+>|(?:[a-zA-Z\d-]*!)?[\w\-%#;/?:@&=+$.~*'()]+)?/,t="(?:"+r.source+"(?:[ \t]+"+n.source+")?|"+n.source+"(?:[ \t]+"+r.source+")?)",a="(?:[^\\s\\x00-\\x08\\x0e-\\x1f!\"#%&'*,\\-:>?@[\\]`{|}\\x7f-\\x84\\x86-\\x9f\\ud800-\\udfff\\ufffe\\uffff]|[?:-])(?:[ \t]*(?:(?![#:])|:))*".replace(//g,function(){return"[^\\s\\x00-\\x08\\x0e-\\x1f,[\\]{}\\x7f-\\x84\\x86-\\x9f\\ud800-\\udfff\\ufffe\\uffff]"}),d="\"(?:[^\"\\\\\r\n]|\\\\.)*\"|'(?:[^'\\\\\r\n]|\\\\.)*'";function o(e,n){n=(n||"").replace(/m/g,"")+"m";var r="([:\\-,[{]\\s*(?:\\s<>[ \t]+)?)(?:<>)(?=[ \t]*(?:$|,|]|}|(?:[\r\n]\\s*)?#))".replace(/<>/g,function(){return t}).replace(/<>/g,function(){return e});return RegExp(r,n)}e.languages.yaml={scalar:{pattern:RegExp("([\\-:]\\s*(?:\\s<>[ \t]+)?[|>])[ \t]*(?:((?:\r?\n|\r)[ \t]+)\\S[^\r\n]*(?:\\2[^\r\n]+)*)".replace(/<>/g,function(){return t})),lookbehind:!0,alias:"string"},comment:/#.*/,key:{pattern:RegExp("((?:^|[:\\-,[{\r\n?])[ \t]*(?:<>[ \t]+)?)<>(?=\\s*:\\s)".replace(/<>/g,function(){return t}).replace(/<>/g,function(){return"(?:"+a+"|"+d+")"})),lookbehind:!0,greedy:!0,alias:"atrule"},directive:{pattern:/(^[ \t]*)%.+/m,lookbehind:!0,alias:"important"},datetime:{pattern:o("\\d{4}-\\d\\d?-\\d\\d?(?:[tT]|[ \t]+)\\d\\d?:\\d{2}:\\d{2}(?:\\.\\d*)?(?:[ \t]*(?:Z|[-+]\\d\\d?(?::\\d{2})?))?|\\d{4}-\\d{2}-\\d{2}|\\d\\d?:\\d{2}(?::\\d{2}(?:\\.\\d*)?)?"),lookbehind:!0,alias:"number"},boolean:{pattern:o("true|false","i"),lookbehind:!0,alias:"important"},null:{pattern:o("null|~","i"),lookbehind:!0,alias:"important"},string:{pattern:o(d),lookbehind:!0,greedy:!0},number:{pattern:o("[+-]?(?:0x[\\da-f]+|0o[0-7]+|(?:\\d+(?:\\.\\d*)?|\\.?\\d+)(?:e[+-]?\\d+)?|\\.inf|\\.nan)","i"),lookbehind:!0},tag:r,important:n,punctuation:/---|[:[\]{}\-,|>?]|\.\.\./},e.languages.yml=e.languages.yaml}(Prism); -!function(){if("undefined"!=typeof Prism&&"undefined"!=typeof document&&document.querySelector){var t,o="line-numbers",s="linkable-line-numbers",a=function(){if(void 0===t){var e=document.createElement("div");e.style.fontSize="13px",e.style.lineHeight="1.5",e.style.padding="0",e.style.border="0",e.innerHTML=" 
 ",document.body.appendChild(e),t=38===e.offsetHeight,document.body.removeChild(e)}return t},l=!0,u=0;Prism.hooks.add("before-sanity-check",function(e){var t=e.element.parentElement;if(c(t)){var n=0;v(".line-highlight",t).forEach(function(e){n+=e.textContent.length,e.parentNode.removeChild(e)}),n&&/^( \n)+$/.test(e.code.slice(-n))&&(e.code=e.code.slice(0,-n))}}),Prism.hooks.add("complete",function e(t){var n=t.element.parentElement;if(c(n)){clearTimeout(u);var i=Prism.plugins.lineNumbers,r=t.plugins&&t.plugins.lineNumbers;if(b(n,o)&&i&&!r)Prism.hooks.add("line-numbers",e);else d(n)(),u=setTimeout(f,1)}}),window.addEventListener("hashchange",f),window.addEventListener("resize",function(){v("pre").filter(c).map(function(e){return d(e)}).forEach(y)})}function v(e,t){return Array.prototype.slice.call((t||document).querySelectorAll(e))}function b(e,t){return e.classList.contains(t)}function y(e){e()}function c(e){return!(!e||!/pre/i.test(e.nodeName))&&(!!e.hasAttribute("data-line")||!(!e.id||!Prism.util.isActive(e,s)))}function d(u,e,c){var t=(e="string"==typeof e?e:u.getAttribute("data-line")||"").replace(/\s+/g,"").split(",").filter(Boolean),d=+u.getAttribute("data-line-offset")||0,f=(a()?parseInt:parseFloat)(getComputedStyle(u).lineHeight),p=Prism.util.isActive(u,o),n=u.querySelector("code"),h=p?u:n||u,m=[],g=n&&h!=n?function(e,t){var n=getComputedStyle(e),i=getComputedStyle(t);function r(e){return+e.substr(0,e.length-2)}return t.offsetTop+r(i.borderTopWidth)+r(i.paddingTop)-r(n.paddingTop)}(u,n):0;t.forEach(function(e){var t=e.split("-"),n=+t[0],i=+t[1]||n,r=u.querySelector('.line-highlight[data-range="'+e+'"]')||document.createElement("div");if(m.push(function(){r.setAttribute("aria-hidden","true"),r.setAttribute("data-range",e),r.className=(c||"")+" line-highlight"}),p&&Prism.plugins.lineNumbers){var o=Prism.plugins.lineNumbers.getLine(u,n),s=Prism.plugins.lineNumbers.getLine(u,i);if(o){var a=o.offsetTop+g+"px";m.push(function(){r.style.top=a})}if(s){var l=s.offsetTop-o.offsetTop+s.offsetHeight+"px";m.push(function(){r.style.height=l})}}else m.push(function(){r.setAttribute("data-start",String(n)),n span",u).forEach(function(e,t){var n=t+r;e.onclick=function(){var e=i+"."+n;l=!1,location.hash=e,setTimeout(function(){l=!0},1)}})}return function(){m.forEach(y)}}function f(){var e=location.hash.slice(1);v(".temporary.line-highlight").forEach(function(e){e.parentNode.removeChild(e)});var t=(e.match(/\.([\d,-]+)$/)||[,""])[1];if(t&&!document.getElementById(e)){var n=e.slice(0,e.lastIndexOf(".")),i=document.getElementById(n);if(i)i.hasAttribute("data-line")||i.setAttribute("data-line",""),d(i,t,"temporary ")(),l&&document.querySelector(".temporary.line-highlight").scrollIntoView()}}}(); -!function(){if("undefined"!=typeof Prism&&"undefined"!=typeof document){var o="line-numbers",a=/\n(?!$)/g,e=Prism.plugins.lineNumbers={getLine:function(e,n){if("PRE"===e.tagName&&e.classList.contains(o)){var t=e.querySelector(".line-numbers-rows");if(t){var i=parseInt(e.getAttribute("data-start"),10)||1,r=i+(t.children.length-1);n");(i=document.createElement("span")).setAttribute("aria-hidden","true"),i.className="line-numbers-rows",i.innerHTML=l,t.hasAttribute("data-start")&&(t.style.counterReset="linenumber "+(parseInt(t.getAttribute("data-start"),10)-1)),e.element.appendChild(i),u([t]),Prism.hooks.run("line-numbers",e)}}}),Prism.hooks.add("line-numbers",function(e){e.plugins=e.plugins||{},e.plugins.lineNumbers=!0})}function u(e){if(0!=(e=e.filter(function(e){var n=function(e){return e?window.getComputedStyle?getComputedStyle(e):e.currentStyle||null:null}(e)["white-space"];return"pre-wrap"===n||"pre-line"===n})).length){var n=e.map(function(e){var n=e.querySelector("code"),t=e.querySelector(".line-numbers-rows");if(n&&t){var i=e.querySelector(".line-numbers-sizer"),r=n.textContent.split(a);i||((i=document.createElement("span")).className="line-numbers-sizer",n.appendChild(i)),i.innerHTML="0",i.style.display="block";var s=i.getBoundingClientRect().height;return i.innerHTML="",{element:e,lines:r,lineHeights:[],oneLinerHeight:s,sizer:i}}}).filter(Boolean);n.forEach(function(e){var i=e.sizer,n=e.lines,r=e.lineHeights,s=e.oneLinerHeight;r[n.length-1]=void 0,n.forEach(function(e,n){if(e&&1
',e.titleMarkup='\n
\n',e.textMarkup='\n
',e.footerMarkup='\n
\n'},function(t,e,n){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var o=n(1);e.CONFIRM_KEY="confirm",e.CANCEL_KEY="cancel";var r={visible:!0,text:null,value:null,className:"",closeModal:!0},i=Object.assign({},r,{visible:!1,text:"Cancel",value:null}),a=Object.assign({},r,{text:"OK",value:!0});e.defaultButtonList={cancel:i,confirm:a};var s=function(t){switch(t){case e.CONFIRM_KEY:return a;case e.CANCEL_KEY:return i;default:var n=t.charAt(0).toUpperCase()+t.slice(1);return Object.assign({},r,{text:n,value:t})}},c=function(t,e){var n=s(t);return!0===e?Object.assign({},n,{visible:!0}):"string"==typeof e?Object.assign({},n,{visible:!0,text:e}):o.isPlainObject(e)?Object.assign({visible:!0},n,e):Object.assign({},n,{visible:!1})},l=function(t){for(var e={},n=0,o=Object.keys(t);n=0&&w.splice(e,1)}function s(t){var e=document.createElement("style");return t.attrs.type="text/css",l(e,t.attrs),i(t,e),e}function c(t){var e=document.createElement("link");return t.attrs.type="text/css",t.attrs.rel="stylesheet",l(e,t.attrs),i(t,e),e}function l(t,e){Object.keys(e).forEach(function(n){t.setAttribute(n,e[n])})}function u(t,e){var n,o,r,i;if(e.transform&&t.css){if(!(i=e.transform(t.css)))return function(){};t.css=i}if(e.singleton){var l=h++;n=g||(g=s(e)),o=f.bind(null,n,l,!1),r=f.bind(null,n,l,!0)}else t.sourceMap&&"function"==typeof URL&&"function"==typeof URL.createObjectURL&&"function"==typeof URL.revokeObjectURL&&"function"==typeof Blob&&"function"==typeof btoa?(n=c(e),o=p.bind(null,n,e),r=function(){a(n),n.href&&URL.revokeObjectURL(n.href)}):(n=s(e),o=d.bind(null,n),r=function(){a(n)});return o(t),function(e){if(e){if(e.css===t.css&&e.media===t.media&&e.sourceMap===t.sourceMap)return;o(t=e)}else r()}}function f(t,e,n,o){var r=n?"":o.css;if(t.styleSheet)t.styleSheet.cssText=x(e,r);else{var i=document.createTextNode(r),a=t.childNodes;a[e]&&t.removeChild(a[e]),a.length?t.insertBefore(i,a[e]):t.appendChild(i)}}function d(t,e){var n=e.css,o=e.media;if(o&&t.setAttribute("media",o),t.styleSheet)t.styleSheet.cssText=n;else{for(;t.firstChild;)t.removeChild(t.firstChild);t.appendChild(document.createTextNode(n))}}function p(t,e,n){var o=n.css,r=n.sourceMap,i=void 0===e.convertToAbsoluteUrls&&r;(e.convertToAbsoluteUrls||i)&&(o=y(o)),r&&(o+="\n/*# sourceMappingURL=data:application/json;base64,"+btoa(unescape(encodeURIComponent(JSON.stringify(r))))+" */");var a=new Blob([o],{type:"text/css"}),s=t.href;t.href=URL.createObjectURL(a),s&&URL.revokeObjectURL(s)}var m={},b=function(t){var e;return function(){return void 0===e&&(e=t.apply(this,arguments)),e}}(function(){return window&&document&&document.all&&!window.atob}),v=function(t){var e={};return function(n){return void 0===e[n]&&(e[n]=t.call(this,n)),e[n]}}(function(t){return document.querySelector(t)}),g=null,h=0,w=[],y=n(15);t.exports=function(t,e){if("undefined"!=typeof DEBUG&&DEBUG&&"object"!=typeof document)throw new Error("The style-loader cannot be used in a non-browser environment");e=e||{},e.attrs="object"==typeof e.attrs?e.attrs:{},e.singleton||(e.singleton=b()),e.insertInto||(e.insertInto="head"),e.insertAt||(e.insertAt="bottom");var n=r(t,e);return o(n,e),function(t){for(var i=[],a=0;athis.length)&&-1!==this.indexOf(t,e)}),Array.prototype.includes||Object.defineProperty(Array.prototype,"includes",{value:function(t,e){if(null==this)throw new TypeError('"this" is null or not defined');var n=Object(this),o=n.length>>>0;if(0===o)return!1;for(var r=0|e,i=Math.max(r>=0?r:o-Math.abs(r),0);i=0&&(t._idleTimeoutId=setTimeout(function(){t._onTimeout&&t._onTimeout()},e))},n(19),e.setImmediate=setImmediate,e.clearImmediate=clearImmediate},function(t,e,n){(function(t,e){!function(t,n){"use strict";function o(t){"function"!=typeof t&&(t=new Function(""+t));for(var e=new Array(arguments.length-1),n=0;n1)for(var n=1;n
',e.default=e.modalMarkup},function(t,e,n){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var o=n(0),r=o.default.OVERLAY,i='
\n
';e.default=i},function(t,e,n){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var o=n(0),r=o.default.ICON;e.errorIconMarkup=function(){var t=r+"--error",e=t+"__line";return'\n
\n \n \n
\n '},e.warningIconMarkup=function(){var t=r+"--warning";return'\n \n \n \n '},e.successIconMarkup=function(){var t=r+"--success";return'\n \n \n\n
\n
\n '}},function(t,e,n){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var o=n(0),r=o.default.CONTENT;e.contentMarkup='\n
\n\n
\n'},function(t,e,n){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var o=n(0),r=o.default.BUTTON_CONTAINER,i=o.default.BUTTON,a=o.default.BUTTON_LOADER;e.buttonMarkup='\n
\n\n \n\n
\n
\n
\n
\n
\n\n
\n'},function(t,e,n){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var o=n(4),r=n(2),i=n(0),a=i.default.ICON,s=i.default.ICON_CUSTOM,c=["error","warning","success","info"],l={error:r.errorIconMarkup(),warning:r.warningIconMarkup(),success:r.successIconMarkup()},u=function(t,e){var n=a+"--"+t;e.classList.add(n);var o=l[t];o&&(e.innerHTML=o)},f=function(t,e){e.classList.add(s);var n=document.createElement("img");n.src=t,e.appendChild(n)},d=function(t){if(t){var e=o.injectElIntoModal(r.iconMarkup);c.includes(t)?u(t,e):f(t,e)}};e.default=d},function(t,e,n){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var o=n(2),r=n(4),i=function(t){navigator.userAgent.includes("AppleWebKit")&&(t.style.display="none",t.offsetHeight,t.style.display="")};e.initTitle=function(t){if(t){var e=r.injectElIntoModal(o.titleMarkup);e.textContent=t,i(e)}},e.initText=function(t){if(t){var e=document.createDocumentFragment();t.split("\n").forEach(function(t,n,o){e.appendChild(document.createTextNode(t)),n0}).forEach(function(t){b.classList.add(t)})}n&&t===c.CONFIRM_KEY&&b.classList.add(s),b.textContent=r;var g={};return g[t]=i,f.setActionValue(g),f.setActionOptionsFor(t,{closeModal:p}),b.addEventListener("click",function(){return u.onAction(t)}),m},p=function(t,e){var n=r.injectElIntoModal(l.footerMarkup);for(var o in t){var i=t[o],a=d(o,i,e);i.visible&&n.appendChild(a)}0===n.children.length&&n.remove()};e.default=p},function(t,e,n){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var o=n(3),r=n(4),i=n(2),a=n(5),s=n(6),c=n(0),l=c.default.CONTENT,u=function(t){t.addEventListener("input",function(t){var e=t.target,n=e.value;a.setActionValue(n)}),t.addEventListener("keyup",function(t){if("Enter"===t.key)return s.onAction(o.CONFIRM_KEY)}),setTimeout(function(){t.focus(),a.setActionValue("")},0)},f=function(t,e,n){var o=document.createElement(e),r=l+"__"+e;o.classList.add(r);for(var i in n){var a=n[i];o[i]=a}"input"===e&&u(o),t.appendChild(o)},d=function(t){if(t){var e=r.injectElIntoModal(i.contentMarkup),n=t.element,o=t.attributes;"string"==typeof n?f(e,n,o):e.appendChild(n)}};e.default=d},function(t,e,n){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var o=n(1),r=n(2),i=function(){var t=o.stringToNode(r.overlayMarkup);document.body.appendChild(t)};e.default=i},function(t,e,n){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var o=n(5),r=n(6),i=n(1),a=n(3),s=n(0),c=s.default.MODAL,l=s.default.BUTTON,u=s.default.OVERLAY,f=function(t){t.preventDefault(),v()},d=function(t){t.preventDefault(),g()},p=function(t){if(o.default.isOpen)switch(t.key){case"Escape":return r.onAction(a.CANCEL_KEY)}},m=function(t){if(o.default.isOpen)switch(t.key){case"Tab":return f(t)}},b=function(t){if(o.default.isOpen)return"Tab"===t.key&&t.shiftKey?d(t):void 0},v=function(){var t=i.getNode(l);t&&(t.tabIndex=0,t.focus())},g=function(){var t=i.getNode(c),e=t.querySelectorAll("."+l),n=e.length-1,o=e[n];o&&o.focus()},h=function(t){t[t.length-1].addEventListener("keydown",m)},w=function(t){t[0].addEventListener("keydown",b)},y=function(){var t=i.getNode(c),e=t.querySelectorAll("."+l);e.length&&(h(e),w(e))},x=function(t){if(i.getNode(u)===t.target)return r.onAction(a.CANCEL_KEY)},_=function(t){var e=i.getNode(u);e.removeEventListener("click",x),t&&e.addEventListener("click",x)},k=function(t){o.default.timer&&clearTimeout(o.default.timer),t&&(o.default.timer=window.setTimeout(function(){return r.onAction(a.CANCEL_KEY)},t))},O=function(t){t.closeOnEsc?document.addEventListener("keyup",p):document.removeEventListener("keyup",p),t.dangerMode?v():g(),y(),_(t.closeOnClickOutside),k(t.timer)};e.default=O},function(t,e,n){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var o=n(1),r=n(3),i=n(37),a=n(38),s={title:null,text:null,icon:null,buttons:r.defaultButtonList,content:null,className:null,closeOnClickOutside:!0,closeOnEsc:!0,dangerMode:!1,timer:null},c=Object.assign({},s);e.setDefaults=function(t){c=Object.assign({},s,t)};var l=function(t){var e=t&&t.button,n=t&&t.buttons;return void 0!==e&&void 0!==n&&o.throwErr("Cannot set both 'button' and 'buttons' options!"),void 0!==e?{confirm:e}:n},u=function(t){return o.ordinalSuffixOf(t+1)},f=function(t,e){o.throwErr(u(e)+" argument ('"+t+"') is invalid")},d=function(t,e){var n=t+1,r=e[n];o.isPlainObject(r)||void 0===r||o.throwErr("Expected "+u(n)+" argument ('"+r+"') to be a plain object")},p=function(t,e){var n=t+1,r=e[n];void 0!==r&&o.throwErr("Unexpected "+u(n)+" argument ("+r+")")},m=function(t,e,n,r){var i=typeof e,a="string"===i,s=e instanceof Element;if(a){if(0===n)return{text:e};if(1===n)return{text:e,title:r[0]};if(2===n)return d(n,r),{icon:e};f(e,n)}else{if(s&&0===n)return d(n,r),{content:e};if(o.isPlainObject(e))return p(n,r),e;f(e,n)}};e.getOpts=function(){for(var t=[],e=0;e Date: Tue, 22 Aug 2023 17:14:07 -0500 Subject: [PATCH 05/15] chore(release): add release notes for 2.30.1-rc1 (#2107) Co-authored-by: armory-astrolabe --- .../armoryspinnaker_v2-30-1-rc1.md | 267 ++++++++++++++++ payload.json | 300 +++++++++++------- 2 files changed, 456 insertions(+), 111 deletions(-) create mode 100644 content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc1.md diff --git a/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc1.md b/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc1.md new file mode 100644 index 0000000000..0ed5f8dbcc --- /dev/null +++ b/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc1.md @@ -0,0 +1,267 @@ +--- +title: v2.30.1-rc1 Armory Release (OSS Spinnaker™ v1.30.3) +toc_hide: true +date: 2023-08-22 +version: +description: > + Release notes for Armory Continuous Deployment v2.30.1-rc1. A beta release is not meant for installation in production environments. + +--- + +## 2023/08/22 Release Notes + +## Disclaimer + +This pre-release software is to allow limited access to test or beta versions of the Armory services (“Services”) and to provide feedback and comments to Armory regarding the use of such Services. By using Services, you agree to be bound by the terms and conditions set forth herein. + +Your Feedback is important and we welcome any feedback, analysis, suggestions and comments (including, but not limited to, bug reports and test results) (collectively, “Feedback”) regarding the Services. Any Feedback you provide will become the property of Armory and you agree that Armory may use or otherwise exploit all or part of your feedback or any derivative thereof in any manner without any further remuneration, compensation or credit to you. You represent and warrant that any Feedback which is provided by you hereunder is original work made solely by you and does not infringe any third party intellectual property rights. + +Any Feedback provided to Armory shall be considered Armory Confidential Information and shall be covered by any confidentiality agreements between you and Armory. + +You acknowledge that you are using the Services on a purely voluntary basis, as a means of assisting, and in consideration of the opportunity to assist Armory to use, implement, and understand various facets of the Services. You acknowledge and agree that nothing herein or in your voluntary submission of Feedback creates any employment relationship between you and Armory. + +Armory may, in its sole discretion, at any time, terminate or discontinue all or your access to the Services. You acknowledge and agree that all such decisions by Armory are final and Armory will have no liability with respect to such decisions. + +YOUR USE OF THE SERVICES IS AT YOUR OWN RISK. THE SERVICES, THE ARMORY TOOLS AND THE CONTENT ARE PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. ARMORY AND ITS LICENSORS MAKE NO REPRESENTATION, WARRANTY, OR GUARANTY AS TO THE RELIABILITY, TIMELINESS, QUALITY, SUITABILITY, TRUTH, AVAILABILITY, ACCURACY OR COMPLETENESS OF THE SERVICES, THE ARMORY TOOLS OR ANY CONTENT. ARMORY EXPRESSLY DISCLAIMS ON ITS OWN BEHALF AND ON BEHALF OF ITS EMPLOYEES, AGENTS, ATTORNEYS, CONSULTANTS, OR CONTRACTORS ANY AND ALL WARRANTIES INCLUDING, WITHOUT LIMITATION (A) THE USE OF THE SERVICES OR THE ARMORY TOOLS WILL BE TIMELY, UNINTERRUPTED OR ERROR-FREE OR OPERATE IN COMBINATION WITH ANY OTHER HARDWARE, SOFTWARE, SYSTEM OR DATA, (B) THE SERVICES AND THE ARMORY TOOLS AND/OR THEIR QUALITY WILL MEET CUSTOMER”S REQUIREMENTS OR EXPECTATIONS, (C) ANY CONTENT WILL BE ACCURATE OR RELIABLE, (D) ERRORS OR DEFECTS WILL BE CORRECTED, OR (E) THE SERVICES, THE ARMORY TOOLS OR THE SERVER(S) THAT MAKE THE SERVICES AVAILABLE ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS. CUSTOMER AGREES THAT ARMORY SHALL NOT BE RESPONSIBLE FOR THE AVAILABILITY OR ACTS OR OMISSIONS OF ANY THIRD PARTY, INCLUDING ANY THIRD-PARTY APPLICATION OR PRODUCT, AND ARMORY HEREBY DISCLAIMS ANY AND ALL LIABILITY IN CONNECTION WITH SUCH THIRD PARTIES. + +IN NO EVENT SHALL ARMORY, ITS EMPLOYEES, AGENTS, ATTORNEYS, CONSULTANTS, OR CONTRACTORS BE LIABLE UNDER THIS AGREEMENT FOR ANY CONSEQUENTIAL, SPECIAL, LOST PROFITS, INDIRECT OR OTHER DAMAGES, INCLUDING BUT NOT LIMITED TO LOST PROFITS, LOSS OF BUSINESS, COST OF COVER WHETHER BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, EVEN IF ARMORY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY. IN ANY EVENT, ARMORY, ITS EMPLOYEES’, AGENTS’, ATTORNEYS’, CONSULTANTS’ OR CONTRACTORS’ AGGREGATE LIABILITY UNDER THIS AGREEMENT FOR ANY CLAIM SHALL BE STRICTLY LIMITED TO $100.00. SOME STATES DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU. + +You acknowledge that Armory has provided the Services in reliance upon the limitations of liability set forth herein and that the same is an essential basis of the bargain between the parties. + + +## Required Armory Operator version + +To install, upgrade, or configure Armory 2.30.1-rc1, use Armory Operator 1.70 or later. + +## Security + +Armory scans the codebase as we develop and release software. Contact your Armory account representative for information about CVE scans for this release. + +## Breaking changes + + +> Breaking changes are kept in this list for 3 minor versions from when the change is introduced. For example, a breaking change introduced in 2.21.0 appears in the list up to and including the 2.24.x releases. It would not appear on 2.25.x release notes. + +## Known issues + + +## Highlighted updates + + + + + + +### Spinnaker Community Contributions + +There have also been numerous enhancements, fixes, and features across all of Spinnaker's other services. See the +[Spinnaker v1.30.3](https://www.spinnaker.io/changelogs/1.30.3-changelog/) changelog for details. + +## Detailed updates + +### Bill Of Materials (BOM) + +Here's the BOM for this version. +
Expand +
+artifactSources:
+  dockerRegistry: docker.io/armory
+dependencies:
+  redis:
+    commit: null
+    version: 2:2.8.4-2
+services:
+  clouddriver:
+    commit: e83f27627c37921732db249ca823b2e6485a6f97
+    version: 2.30.1-rc1
+  deck:
+    commit: 7737669d9a68843f448cc4c93ac2a6ea3485f95e
+    version: 2.30.1-rc1
+  dinghy:
+    commit: 5250de80948732c8caac6ffc5293a8af80a63a0f
+    version: 2.30.1-rc1
+  echo:
+    commit: 56844c654cd1b3981686933a9d5bc68011ee2bae
+    version: 2.30.1-rc1
+  fiat:
+    commit: 12e4ccd27d90b556a65ffc76231ae84623e38e84
+    version: 2.30.1-rc1
+  front50:
+    commit: ec0919166ced870668d787708c249945e9291a01
+    version: 2.30.1-rc1
+  gate:
+    commit: 2dc9b4b767ab502faaa1b99c131eb7263cf519da
+    version: 2.30.1-rc1
+  igor:
+    commit: 67b4c66f33b8b97b89e6b052654bebfea460a41f
+    version: 2.30.1-rc1
+  kayenta:
+    commit: aafaf170d12818396f867b7370fdd2fd10048bfe
+    version: 2.30.1-rc1
+  monitoring-daemon:
+    commit: null
+    version: 2.26.0
+  monitoring-third-party:
+    commit: null
+    version: 2.26.0
+  orca:
+    commit: 638d81c8d3186b6deb8829574c6ac5b65c88c94a
+    version: 2.30.1-rc1
+  rosco:
+    commit: e74de6eaccbed6301505d9f3d2f6745b410211a7
+    version: 2.30.1-rc1
+  terraformer:
+    commit: 650746ae3f596f9c6458987487c81840c85dd2a0
+    version: 2.30.1-rc1
+timestamp: "2023-08-22 21:26:19"
+version: 2.30.1-rc1
+
+
+
+ +### Armory + + +#### Armory Clouddriver - 2.30.0...2.30.1-rc1 + + - chore(cd): update base service version to clouddriver:2023.07.19.19.07.34.release-1.30.x (#902) + - chore(cd): update base service version to clouddriver:2023.07.21.18.23.46.release-1.30.x (#905) + - chore(kubectl): upgrade kubectl version from 1.20.6 to 1.22.17 (backport #878) (#917) + - chore(cd): update base service version to clouddriver:2023.08.17.03.37.47.release-1.30.x (#920) + - chore(cd): update base service version to clouddriver:2023.08.17.06.57.33.release-1.30.x (#922) + - chore(cd): update base service version to clouddriver:2023.08.18.20.50.29.release-1.30.x (#923) + - fix: AWS CLI pip installation (#918) (#925) + - chore(cd): update base service version to clouddriver:2023.08.18.23.44.54.release-1.30.x (#926) + +#### Terraformer™ - 2.30.0...2.30.1-rc1 + + - Session duration support on AWS roles (#500) (#503) + - fix: One more session timeout place (#501) (#505) + +#### Armory Igor - 2.30.0...2.30.1-rc1 + + - chore(cd): update base service version to igor:2023.08.17.02.51.58.release-1.30.x (#480) + - chore(cd): update base service version to igor:2023.08.17.04.46.32.release-1.30.x (#481) + - chore(cd): update base service version to igor:2023.08.18.20.06.35.release-1.30.x (#483) + - chore(cd): update base service version to igor:2023.08.18.23.01.56.release-1.30.x (#484) + +#### Armory Rosco - 2.30.0...2.30.1-rc1 + + - chore(cd): update base service version to rosco:2023.08.17.02.48.33.release-1.30.x (#558) + - chore(cd): update base service version to rosco:2023.08.18.20.06.48.release-1.30.x (#559) + +#### Armory Front50 - 2.30.0...2.30.1-rc1 + + - chore(cd): update base service version to front50:2023.08.18.20.06.26.release-1.30.x (#576) + - chore(cd): update base service version to front50:2023.08.18.23.02.05.release-1.30.x (#577) + +#### Armory Fiat - 2.30.0...2.30.1-rc1 + + - chore(cd): update base service version to fiat:2023.08.17.02.48.22.release-1.30.x (#511) + - chore(cd): update base service version to fiat:2023.08.18.20.06.20.release-1.30.x (#512) + +#### Armory Deck - 2.30.0...2.30.1-rc1 + + +#### Dinghy™ - 2.30.0...2.30.1-rc1 + + +#### Armory Orca - 2.30.0...2.30.1-rc1 + + - chore(cd): update base orca version to 2023.08.15.19.18.48.release-1.30.x (#677) + - chore(cd): update base orca version to 2023.08.17.02.56.00.release-1.30.x (#679) + - chore(cd): update base orca version to 2023.08.17.04.55.06.release-1.30.x (#681) + - chore(cd): update base orca version to 2023.08.18.20.16.18.release-1.30.x (#683) + - chore(cd): update base orca version to 2023.08.18.23.14.04.release-1.30.x (#684) + +#### Armory Echo - 2.30.0...2.30.1-rc1 + + - chore(cd): update base service version to echo:2023.08.17.02.52.47.release-1.30.x (#604) + - chore(cd): update base service version to echo:2023.08.17.04.48.12.release-1.30.x (#606) + - chore(cd): update base service version to echo:2023.08.18.20.06.15.release-1.30.x (#607) + - chore(cd): update base service version to echo:2023.08.18.23.04.19.release-1.30.x (#608) + +#### Armory Gate - 2.30.0...2.30.1-rc1 + + - chore(cd): update base service version to gate:2023.08.17.02.52.18.release-1.30.x (#592) + - chore(cd): update base service version to gate:2023.08.17.04.50.02.release-1.30.x (#593) + - chore(cd): update base service version to gate:2023.08.18.20.06.31.release-1.30.x (#595) + - chore(cd): update base service version to gate:2023.08.18.23.02.38.release-1.30.x (#596) + +#### Armory Kayenta - 2.30.0...2.30.1-rc1 + + - chore(cd): update base service version to kayenta:2023.08.17.05.53.17.release-1.30.x (#458) + - chore(cd): update base service version to kayenta:2023.08.19.00.43.42.release-1.30.x (#461) + + +### Spinnaker + + +#### Spinnaker Clouddriver - 1.30.3 + + - feat: Add the possibility to update the default handler for the Global Resource Property Registry. (#5963) (#5973) + - fix(gce): remove the duplicate cache attribute "subnet" and update the test (#5977) (#5986) + - chore(dependencies): Autobump korkVersion (#5998) + - chore(dependencies): Autobump fiatVersion (#5999) + - chore(dependencies): Autobump korkVersion (#6001) + - chore(dependencies): Autobump fiatVersion (#6002) + +#### Spinnaker Igor - 1.30.3 + + - chore(dependencies): Autobump korkVersion (#1155) + - chore(dependencies): Autobump fiatVersion (#1156) + - chore(dependencies): Autobump korkVersion (#1158) + - chore(dependencies): Autobump fiatVersion (#1159) + +#### Spinnaker Rosco - 1.30.3 + + - chore(dependencies): Autobump korkVersion (#1010) + - chore(dependencies): Autobump korkVersion (#1011) + +#### Spinnaker Front50 - 1.30.3 + + - chore(dependencies): Autobump korkVersion (#1292) + - chore(dependencies): Autobump fiatVersion (#1293) + - chore(dependencies): Autobump korkVersion (#1295) + - chore(dependencies): Autobump fiatVersion (#1296) + +#### Spinnaker Fiat - 1.30.3 + + - chore(dependencies): Autobump korkVersion (#1088) + - chore(dependencies): Autobump korkVersion (#1089) + +#### Spinnaker Deck - 1.30.3 + + +#### Spinnaker Orca - 1.30.3 + + - fix(waiting-executions) : concurrent waiting executions doesn't follow FIFO (backport #4415) (#4503) + - chore(dependencies): Autobump korkVersion (#4505) + - chore(dependencies): Autobump fiatVersion (#4506) + - chore(dependencies): Autobump korkVersion (#4509) + - chore(dependencies): Autobump fiatVersion (#4510) + +#### Spinnaker Echo - 1.30.3 + + - fix(gha): Fix github status log and add tests (#1316) (#1317) + - chore(dependencies): Autobump korkVersion (#1326) + - chore(dependencies): Autobump fiatVersion (#1327) + - chore(dependencies): Autobump korkVersion (#1329) + - chore(dependencies): Autobump fiatVersion (#1330) + +#### Spinnaker Gate - 1.30.3 + + - chore(dependencies): Autobump korkVersion (#1687) + - chore(dependencies): Autobump fiatVersion (#1688) + - chore(dependencies): Autobump korkVersion (#1690) + - chore(dependencies): Autobump fiatVersion (#1691) + +#### Spinnaker Kayenta - 1.30.3 + + - chore(dependencies): Autobump orcaVersion (#978) + - chore(dependencies): Autobump orcaVersion (#982) + diff --git a/payload.json b/payload.json index ac8f02b3be..195330d0fb 100644 --- a/payload.json +++ b/payload.json @@ -1,152 +1,230 @@ { "armoryServices": [ { - "commitMessages": [], - "currentVersion": "2.30.0-rc9", - "name": "Armory Kayenta", - "previousVersion": "2.30.0-rc8" + "commitMessages": [ + "chore(cd): update base service version to clouddriver:2023.07.19.19.07.34.release-1.30.x (#902)", + "chore(cd): update base service version to clouddriver:2023.07.21.18.23.46.release-1.30.x (#905)", + "chore(kubectl): upgrade kubectl version from 1.20.6 to 1.22.17 (backport #878) (#917)", + "chore(cd): update base service version to clouddriver:2023.08.17.03.37.47.release-1.30.x (#920)", + "chore(cd): update base service version to clouddriver:2023.08.17.06.57.33.release-1.30.x (#922)", + "chore(cd): update base service version to clouddriver:2023.08.18.20.50.29.release-1.30.x (#923)", + "fix: AWS CLI pip installation (#918) (#925)", + "chore(cd): update base service version to clouddriver:2023.08.18.23.44.54.release-1.30.x (#926)" + ], + "currentVersion": "2.30.1-rc1", + "name": "Armory Clouddriver", + "previousVersion": "2.30.0" }, { - "commitMessages": [], - "currentVersion": "2.30.0-rc9", - "name": "Armory Front50", - "previousVersion": "2.30.0-rc8" + "commitMessages": [ + "Session duration support on AWS roles (#500) (#503)", + "fix: One more session timeout place (#501) (#505)" + ], + "currentVersion": "2.30.1-rc1", + "name": "Terraformer™", + "previousVersion": "2.30.0" }, { - "commitMessages": [], - "currentVersion": "2.30.0-rc9", - "name": "Armory Clouddriver", - "previousVersion": "2.30.0-rc8" + "commitMessages": [ + "chore(cd): update base service version to igor:2023.08.17.02.51.58.release-1.30.x (#480)", + "chore(cd): update base service version to igor:2023.08.17.04.46.32.release-1.30.x (#481)", + "chore(cd): update base service version to igor:2023.08.18.20.06.35.release-1.30.x (#483)", + "chore(cd): update base service version to igor:2023.08.18.23.01.56.release-1.30.x (#484)" + ], + "currentVersion": "2.30.1-rc1", + "name": "Armory Igor", + "previousVersion": "2.30.0" }, { - "commitMessages": [], - "currentVersion": "2.30.0-rc9", + "commitMessages": [ + "chore(cd): update base service version to rosco:2023.08.17.02.48.33.release-1.30.x (#558)", + "chore(cd): update base service version to rosco:2023.08.18.20.06.48.release-1.30.x (#559)" + ], + "currentVersion": "2.30.1-rc1", "name": "Armory Rosco", - "previousVersion": "2.30.0-rc8" + "previousVersion": "2.30.0" }, { - "commitMessages": [], - "currentVersion": "2.30.0-rc9", - "name": "Armory Gate", - "previousVersion": "2.30.0-rc8" + "commitMessages": [ + "chore(cd): update base service version to front50:2023.08.18.20.06.26.release-1.30.x (#576)", + "chore(cd): update base service version to front50:2023.08.18.23.02.05.release-1.30.x (#577)" + ], + "currentVersion": "2.30.1-rc1", + "name": "Armory Front50", + "previousVersion": "2.30.0" }, { - "commitMessages": [], - "currentVersion": "2.30.0-rc9", - "name": "Armory Igor", - "previousVersion": "2.30.0-rc8" + "commitMessages": [ + "chore(cd): update base service version to fiat:2023.08.17.02.48.22.release-1.30.x (#511)", + "chore(cd): update base service version to fiat:2023.08.18.20.06.20.release-1.30.x (#512)" + ], + "currentVersion": "2.30.1-rc1", + "name": "Armory Fiat", + "previousVersion": "2.30.0" }, { "commitMessages": [], - "currentVersion": "2.30.0-rc9", - "name": "Terraformer™", - "previousVersion": "2.30.0-rc8" + "currentVersion": "2.30.1-rc1", + "name": "Armory Deck", + "previousVersion": "2.30.0" }, { "commitMessages": [], - "currentVersion": "2.30.0-rc9", - "name": "Armory Echo", - "previousVersion": "2.30.0-rc8" + "currentVersion": "2.30.1-rc1", + "name": "Dinghy™", + "previousVersion": "2.30.0" }, { "commitMessages": [ - "chore(cd): update base orca version to 2023.07.21.15.42.20.release-1.30.x (#667)" + "chore(cd): update base orca version to 2023.08.15.19.18.48.release-1.30.x (#677)", + "chore(cd): update base orca version to 2023.08.17.02.56.00.release-1.30.x (#679)", + "chore(cd): update base orca version to 2023.08.17.04.55.06.release-1.30.x (#681)", + "chore(cd): update base orca version to 2023.08.18.20.16.18.release-1.30.x (#683)", + "chore(cd): update base orca version to 2023.08.18.23.14.04.release-1.30.x (#684)" ], - "currentVersion": "2.30.0-rc9", + "currentVersion": "2.30.1-rc1", "name": "Armory Orca", - "previousVersion": "2.30.0-rc8" + "previousVersion": "2.30.0" }, { "commitMessages": [ - "chore(cd): update base service version to fiat:2023.07.21.15.45.35.release-1.30.x (#496)", - "fix(okhttp): Decrypt properties before creating client. (#501)", - "chore(okhttp): Add proper logging class." + "chore(cd): update base service version to echo:2023.08.17.02.52.47.release-1.30.x (#604)", + "chore(cd): update base service version to echo:2023.08.17.04.48.12.release-1.30.x (#606)", + "chore(cd): update base service version to echo:2023.08.18.20.06.15.release-1.30.x (#607)", + "chore(cd): update base service version to echo:2023.08.18.23.04.19.release-1.30.x (#608)" ], - "currentVersion": "2.30.0-rc9", - "name": "Armory Fiat", - "previousVersion": "2.30.0-rc8" + "currentVersion": "2.30.1-rc1", + "name": "Armory Echo", + "previousVersion": "2.30.0" }, { - "commitMessages": [], - "currentVersion": "2.30.0-rc9", - "name": "Armory Deck", - "previousVersion": "2.30.0-rc8" + "commitMessages": [ + "chore(cd): update base service version to gate:2023.08.17.02.52.18.release-1.30.x (#592)", + "chore(cd): update base service version to gate:2023.08.17.04.50.02.release-1.30.x (#593)", + "chore(cd): update base service version to gate:2023.08.18.20.06.31.release-1.30.x (#595)", + "chore(cd): update base service version to gate:2023.08.18.23.02.38.release-1.30.x (#596)" + ], + "currentVersion": "2.30.1-rc1", + "name": "Armory Gate", + "previousVersion": "2.30.0" }, { - "commitMessages": [], - "currentVersion": "2.30.0-rc9", - "name": "Dinghy™", - "previousVersion": "2.30.0-rc8" + "commitMessages": [ + "chore(cd): update base service version to kayenta:2023.08.17.05.53.17.release-1.30.x (#458)", + "chore(cd): update base service version to kayenta:2023.08.19.00.43.42.release-1.30.x (#461)" + ], + "currentVersion": "2.30.1-rc1", + "name": "Armory Kayenta", + "previousVersion": "2.30.0" } ], - "armoryVersion": "2.30.0-rc9", + "armoryVersion": "2.30.1-rc1", "ossServices": [ { - "commitMessages": [], - "currentVersion": "1.30.2", - "name": "Spinnaker Kayenta", - "previousVersion": "1.30.2" - }, - { - "commitMessages": [], - "currentVersion": "1.30.2", - "name": "Spinnaker Front50", - "previousVersion": "1.30.2" + "commitMessages": [ + "feat: Add the possibility to update the default handler for the Global Resource Property Registry. (#5963) (#5973)", + "fix(gce): remove the duplicate cache attribute \"subnet\" and update the test (#5977) (#5986)", + "chore(dependencies): Autobump korkVersion (#5998)", + "chore(dependencies): Autobump fiatVersion (#5999)", + "chore(dependencies): Autobump korkVersion (#6001)", + "chore(dependencies): Autobump fiatVersion (#6002)" + ], + "currentVersion": "1.30.3", + "name": "Spinnaker Clouddriver", + "previousVersion": "1.30.0" }, { - "commitMessages": [], - "currentVersion": "1.30.2", - "name": "Spinnaker Clouddriver", - "previousVersion": "1.30.2" + "commitMessages": [ + "chore(dependencies): Autobump korkVersion (#1155)", + "chore(dependencies): Autobump fiatVersion (#1156)", + "chore(dependencies): Autobump korkVersion (#1158)", + "chore(dependencies): Autobump fiatVersion (#1159)" + ], + "currentVersion": "1.30.3", + "name": "Spinnaker Igor", + "previousVersion": "1.30.0" }, { - "commitMessages": [], - "currentVersion": "1.30.2", + "commitMessages": [ + "chore(dependencies): Autobump korkVersion (#1010)", + "chore(dependencies): Autobump korkVersion (#1011)" + ], + "currentVersion": "1.30.3", "name": "Spinnaker Rosco", - "previousVersion": "1.30.2" + "previousVersion": "1.30.0" }, { - "commitMessages": [], - "currentVersion": "1.30.2", - "name": "Spinnaker Gate", - "previousVersion": "1.30.2" + "commitMessages": [ + "chore(dependencies): Autobump korkVersion (#1292)", + "chore(dependencies): Autobump fiatVersion (#1293)", + "chore(dependencies): Autobump korkVersion (#1295)", + "chore(dependencies): Autobump fiatVersion (#1296)" + ], + "currentVersion": "1.30.3", + "name": "Spinnaker Front50", + "previousVersion": "1.30.0" }, { - "commitMessages": [], - "currentVersion": "1.30.2", - "name": "Spinnaker Igor", - "previousVersion": "1.30.2" + "commitMessages": [ + "chore(dependencies): Autobump korkVersion (#1088)", + "chore(dependencies): Autobump korkVersion (#1089)" + ], + "currentVersion": "1.30.3", + "name": "Spinnaker Fiat", + "previousVersion": "1.30.0" }, { "commitMessages": [], - "currentVersion": "1.30.2", - "name": "Spinnaker Echo", - "previousVersion": "1.30.2" + "currentVersion": "1.30.3", + "name": "Spinnaker Deck", + "previousVersion": "1.30.0" }, { "commitMessages": [ - "fix(artifacts): consider requiredArtifactIds in expected artifacts when trigger is pipeline type (#4489) (#4490)" + "fix(waiting-executions) : concurrent waiting executions doesn't follow FIFO (backport #4415) (#4503)", + "chore(dependencies): Autobump korkVersion (#4505)", + "chore(dependencies): Autobump fiatVersion (#4506)", + "chore(dependencies): Autobump korkVersion (#4509)", + "chore(dependencies): Autobump fiatVersion (#4510)" ], - "currentVersion": "1.30.2", + "currentVersion": "1.30.3", "name": "Spinnaker Orca", - "previousVersion": "1.30.2" + "previousVersion": "1.30.0" }, { "commitMessages": [ - "fix(roles-sync): fix CallableCache's NPE exception for caching synchronization strategy (#1077) (#1080)" + "fix(gha): Fix github status log and add tests (#1316) (#1317)", + "chore(dependencies): Autobump korkVersion (#1326)", + "chore(dependencies): Autobump fiatVersion (#1327)", + "chore(dependencies): Autobump korkVersion (#1329)", + "chore(dependencies): Autobump fiatVersion (#1330)" ], - "currentVersion": "1.30.2", - "name": "Spinnaker Fiat", - "previousVersion": "1.30.2" + "currentVersion": "1.30.3", + "name": "Spinnaker Echo", + "previousVersion": "1.30.0" }, { - "commitMessages": [], - "currentVersion": "1.30.2", - "name": "Spinnaker Deck", - "previousVersion": "1.30.2" + "commitMessages": [ + "chore(dependencies): Autobump korkVersion (#1687)", + "chore(dependencies): Autobump fiatVersion (#1688)", + "chore(dependencies): Autobump korkVersion (#1690)", + "chore(dependencies): Autobump fiatVersion (#1691)" + ], + "currentVersion": "1.30.3", + "name": "Spinnaker Gate", + "previousVersion": "1.30.0" + }, + { + "commitMessages": [ + "chore(dependencies): Autobump orcaVersion (#978)", + "chore(dependencies): Autobump orcaVersion (#982)" + ], + "currentVersion": "1.30.3", + "name": "Spinnaker Kayenta", + "previousVersion": "1.30.0" } ], - "ossVersion": "1.30.2", + "ossVersion": "1.30.3", "prerelease": true, "stack": { "artifactSources": { @@ -160,40 +238,40 @@ }, "services": { "clouddriver": { - "commit": "4512ba1b391b06d49a017b29113010631ddabb14", - "version": "2.30.0-rc9" + "commit": "e83f27627c37921732db249ca823b2e6485a6f97", + "version": "2.30.1-rc1" }, "deck": { "commit": "7737669d9a68843f448cc4c93ac2a6ea3485f95e", - "version": "2.30.0-rc9" + "version": "2.30.1-rc1" }, "dinghy": { "commit": "5250de80948732c8caac6ffc5293a8af80a63a0f", - "version": "2.30.0-rc9" + "version": "2.30.1-rc1" }, "echo": { - "commit": "f7ae187ab1df1e0bc34596e24539c4032749f8d7", - "version": "2.30.0-rc9" + "commit": "56844c654cd1b3981686933a9d5bc68011ee2bae", + "version": "2.30.1-rc1" }, "fiat": { - "commit": "3c85477be0d6e29e0865959e56644752eec0b690", - "version": "2.30.0-rc9" + "commit": "12e4ccd27d90b556a65ffc76231ae84623e38e84", + "version": "2.30.1-rc1" }, "front50": { - "commit": "bdbf36960c30b3599bdf0fa31620dfaf08927074", - "version": "2.30.0-rc9" + "commit": "ec0919166ced870668d787708c249945e9291a01", + "version": "2.30.1-rc1" }, "gate": { - "commit": "679225a36b20fe39ecb175813929972c497d1a92", - "version": "2.30.0-rc9" + "commit": "2dc9b4b767ab502faaa1b99c131eb7263cf519da", + "version": "2.30.1-rc1" }, "igor": { - "commit": "020e01bbeaadf3d5eb745b33180bd1011c4b068f", - "version": "2.30.0-rc9" + "commit": "67b4c66f33b8b97b89e6b052654bebfea460a41f", + "version": "2.30.1-rc1" }, "kayenta": { - "commit": "81c3f853d5a604b4d03815d95f8ea4b63acb4429", - "version": "2.30.0-rc9" + "commit": "aafaf170d12818396f867b7370fdd2fd10048bfe", + "version": "2.30.1-rc1" }, "monitoring-daemon": { "commit": null, @@ -204,19 +282,19 @@ "version": "2.26.0" }, "orca": { - "commit": "f735df6128f1f8e81ea98f6fbdadf9b810b4e7db", - "version": "2.30.0-rc9" + "commit": "638d81c8d3186b6deb8829574c6ac5b65c88c94a", + "version": "2.30.1-rc1" }, "rosco": { - "commit": "c72a24d8c560ea7b27fd8ecf45c9c11ca63682f4", - "version": "2.30.0-rc9" + "commit": "e74de6eaccbed6301505d9f3d2f6745b410211a7", + "version": "2.30.1-rc1" }, "terraformer": { - "commit": "418546f57129380e383e62b6178ed582e6d64a93", - "version": "2.30.0-rc9" + "commit": "650746ae3f596f9c6458987487c81840c85dd2a0", + "version": "2.30.1-rc1" } }, - "timestamp": "2023-08-08 15:50:30", - "version": "2.30.0-rc9" + "timestamp": "2023-08-22 21:26:19", + "version": "2.30.1-rc1" } } \ No newline at end of file From bf207a914b6bfcd93118830f1737e912135e4365 Mon Sep 17 00:00:00 2001 From: Marcia Knous <81816978+mknous@users.noreply.github.com> Date: Wed, 23 Aug 2023 12:46:59 -0400 Subject: [PATCH 06/15] Update armoryspinnaker_v2-30-0.md Added a known issue that was filed in https://armory.atlassian.net/browse/CDSH-192 --- .../rn-armory-spinnaker/armoryspinnaker_v2-30-0.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-0.md b/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-0.md index 89d0bbe2e3..d12f33578b 100644 --- a/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-0.md +++ b/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-0.md @@ -40,6 +40,11 @@ Please consult the [Armory Compatibility Matrix](https://docs.armory.io/continuo ## Known issues +### Kayenta errors on startup +In some instances Kayenta will error because the *DiscoveryCompositeHealthContributor* does not implement *HealthIndicator.* There is a fix for this that should land in the next dot release. + +**Affected versions**: Armory CD 2.30.0 + ### 1.30+ “required artifacts to bind” breaks pipelines Expected artifacts can be used in automated triggers and stages, and OSS [1.30](https://spinnaker.io/changelogs/1.30.0-changelog/#changes-to-the-way-artifact-constraints-on-triggers-work) changed the way artifact constraints work on triggers. Unfortunately those changes broke the previous behavior when triggering a pipeline from a stage, and this fix restores the previous behavior. From ff349c198ce203fe2f3c131cff4590f801b43edf Mon Sep 17 00:00:00 2001 From: Marcia Knous <81816978+mknous@users.noreply.github.com> Date: Wed, 23 Aug 2023 16:22:19 -0400 Subject: [PATCH 07/15] Update armoryspinnaker_v2-30-1-rc1.md Updated release notes for RC1 to include breaking changes, known issues and a few highlighted updates. --- .../armoryspinnaker_v2-30-1-rc1.md | 98 +++++++++++++++++++ 1 file changed, 98 insertions(+) diff --git a/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc1.md b/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc1.md index 0ed5f8dbcc..712510b6a1 100644 --- a/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc1.md +++ b/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc1.md @@ -42,9 +42,98 @@ Armory scans the codebase as we develop and release software. Contact your Armor > Breaking changes are kept in this list for 3 minor versions from when the change is introduced. For example, a breaking change introduced in 2.21.0 appears in the list up to and including the 2.24.x releases. It would not appear on 2.25.x release notes. +### Orca requires RDBMS configured for UTF-8 encoding +**Impact** + +- 2.28.6 migrates to the AWS MySQL driver from the OSS MySQL drivers. This change is mostly seamless, but we’ve identified one breaking change. If your database was created without utf8mb4 you will see failures after this upgrade. utf8mb4 is the recommended DB format for any Spinnaker database, and we don’t anticipate most users who’ve followed setup instructions to encounter this failure. However, we’re calling out this change as a safeguard. + +{{< include "breaking-changes/bc-kubectl-120.md" >}} +{{< include "breaking-changes/bc-plugin-compatibility-2-28-0.md" >}} + +**Introduced in**: Armory CD 2.28.6 + + ## Known issues +### Kayenta errors on startup +In some instances Kayenta will error because the *DiscoveryCompositeHealthContributor* does not implement *HealthIndicator.* There is a fix for this that should land in the next dot release. + +**Affected versions**: Armory CD 2.30.0 + +### 1.30+ “required artifacts to bind” breaks pipelines +Expected artifacts can be used in automated triggers and stages, and OSS [1.30](https://spinnaker.io/changelogs/1.30.0-changelog/#changes-to-the-way-artifact-constraints-on-triggers-work) changed the way artifact constraints work on triggers. Unfortunately those changes broke the previous behavior when triggering a pipeline from a stage, and this fix restores the previous behavior. + +**Affected versions**: Armory CD 2.30.0 + +### Clouddriver and Spring Cloud +The Spring Boot version has been upgraded, introducing a backwards incompatible change to the way configuration is loaded in Spinnaker. Users will need to set the ***spring.cloud.config.enabled*** property to ***true*** in the service settings of Clouddriver to preserve existing behavior. All of the other configuration blocks remain the same. + +**Affected versions**: Armory CD 2.30.0 + +### Application attributes section displays “This Application has not been configured” +There is a known issue that relates to the **Application Attributes** section under the **Config** menu. An application that was already created and configured in Spinnaker displays the message, “This application has not been configured.” While the information is missing, there is no functional impact. + +**Affected versions**: Armory CD 2.28.0 and later + +### SpEL expressions and artifact binding +There is an issue where it appears that SpEL expressions are not being evaluated properly in artifact declarations (such as container images) for events such as the Deploy Manifest stage. What is actually happening is that an artifact binding is overriding the image value. + +**Workaround**: +2.27.x or later: Disable artifact binding by adding the following parameter to the stage JSON: `enableArtifactBinding: false`. +This setting only binds the version when the tag is missing, such as `image: nginx` without a version number. + +**Affected versions**: Armory CD 2.27.x and later + +## Deprecations +Reference [Feature Deprecations and end of support](https://docs.armory.io/continuous-deployment/feature-status/deprecations/) + +## Early access enabled by default + +### **Automatically Cancel Jenkins Jobs** + +You now have the ability to cancel triggered Jenkins jobs when a Spinnaker pipeline is canceled, giving you more control over your full Jenkins workflow. Learn more about Jenkins + Spinnaker in this [Spinnaker changelog.](https://spinnaker.io/changelogs/1.29.0-changelog/#orca). + +### **Enhanced BitBucket Server pull request handling** + +Trigger Spinnaker pipelines natively when pull requests are opened in BitBucket with newly added events including PR opened, deleted, and declined. See [Triggering pipelines with Bitbucket Server](https://spinnaker.io/docs/guides/user/pipeline/triggers/bitbucket-events/) in the Spinnaker docs for details + +## Early Access + +### **Dynamic Rollback Timeout** + +To make the dynamic timeout available, you need to enable the feature flag in Orca and Deck. You need to add this block to `orca.yml` file if you want to enable the dynamic rollback timeout feature: + +``` + +rollback: + timeout: + enabled: true + +``` + +On the Orca side, the feature flag overrides the default value rollback timeout - 5 min - with a UI input from the user. + +On the Deck side, the feature flag enhances the Rollback Cluster stage UI with timeout input. + +`window.spinnakerSettings.feature.dynamicRollbackTimeout = true;` + +The default is used if there is no value set in the UI. + +### Dinghy PR Checks + +This feature, when enabled, verifies if the author of a commit that changed app parameters has sufficient WRITE permission for that app. You can specify a list of authors whose permissions are not valid. This option’s purpose is to skip permissions checks for bots and tools. + +See [Permissions check for a commit]({{< ref "plugins/pipelines-as-code/install/configure#permissions-check-for-a-commit" >}}) for details. + +### **Terraform template fix** + +Armory fixed an issue with SpEL expression failures appearing while using Terraformer to serialize data from a Terraform Plan execution. With this feature flag fix enabled, you will be able to use the Terraform template file provider. Please open a support ticket if you need this fix. + +### **Pipelines as Code multi-branch enhancement** + +Now you can configure Pipelines as Code to pull Dinghy files from multiple branches on the same repo. Cut out the tedious task of managing multiple repos; have a single repo for Spinnaker application pipelines. See [Multiple branches]({{< ref "plugins/pipelines-as-code/install/configure#multiple-branches" >}}) for how to enable and configure this feature. + ## Highlighted updates +### Clouddriver +* Fixed AWS CLI pip installation +* Due to the fact it is not possible to override the default handler behavior from a Spinnaker plugin code, we introduced a new setter function specifically designed to update the default handler for the Global Resource. + +### Orca +* fix(waiting-executions) : Waiting executions doesn't follow FIFO. The fix makes Changes to push *StartWaitingExecutions* to the queue only when execution status is not running and disabled concurrent executions, in all other cases no need to push *StartWaitingExecutions* to the queue. + + + From ec5dd026597d2bdff97f65c2134099f373edbc1b Mon Sep 17 00:00:00 2001 From: Marcia Knous <81816978+mknous@users.noreply.github.com> Date: Wed, 23 Aug 2023 16:36:19 -0400 Subject: [PATCH 08/15] Update armoryspinnaker_v2-30-1-rc1.md More tweaks to the highlighted updates. --- .../armoryspinnaker_v2-30-1-rc1.md | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc1.md b/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc1.md index 712510b6a1..40b6dc6c64 100644 --- a/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc1.md +++ b/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc1.md @@ -57,7 +57,7 @@ Armory scans the codebase as we develop and release software. Contact your Armor ### Kayenta errors on startup -In some instances Kayenta will error because the *DiscoveryCompositeHealthContributor* does not implement *HealthIndicator.* There is a fix for this that should land in the next dot release. +In some instances Kayenta will error because the *DiscoveryCompositeHealthContributor* does not implement *HealthIndicator.* There is a fix for this issue that should land in the next dot release. **Affected versions**: Armory CD 2.30.0 @@ -144,15 +144,14 @@ Each item category (such as UI) under here should be an h3 (###). List the follo ### Clouddriver * Fixed AWS CLI pip installation -* Due to the fact it is not possible to override the default handler behavior from a Spinnaker plugin code, we introduced a new setter function specifically designed to update the default handler for the Global Resource. +* feat: Add the possibility to update the default handler for the Global Resource Property Registry. Due to the fact it is not possible to override the default handler behavior from a Spinnaker plugin code, we introduced a new setter function specifically designed to update the default handler for the Global Resource. +* fix(gce): remove the duplicate cache attribute "subnet" ### Orca * fix(waiting-executions) : Waiting executions doesn't follow FIFO. The fix makes Changes to push *StartWaitingExecutions* to the queue only when execution status is not running and disabled concurrent executions, in all other cases no need to push *StartWaitingExecutions* to the queue. - - - - +### Terraformer +* Session duration support on AWS roles ### Spinnaker Community Contributions From f693aba2aae976936fe7c152b7bc3c78c1033a2d Mon Sep 17 00:00:00 2001 From: armory-astrolabe <76064959+armory-astrolabe@users.noreply.github.com> Date: Thu, 24 Aug 2023 12:34:07 -0500 Subject: [PATCH 09/15] chore(release): add release notes for 2.30.1-rc2 (#2108) Co-authored-by: armory-astrolabe --- .../armoryspinnaker_v2-30-1-rc2.md | 202 ++++++++++++++ payload.json | 256 ++++++------------ 2 files changed, 290 insertions(+), 168 deletions(-) create mode 100644 content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc2.md diff --git a/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc2.md b/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc2.md new file mode 100644 index 0000000000..51acd36cdb --- /dev/null +++ b/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc2.md @@ -0,0 +1,202 @@ +--- +title: v2.30.1-rc2 Armory Release (OSS Spinnaker™ v1.30.3) +toc_hide: true +date: 2023-08-24 +version: +description: > + Release notes for Armory Continuous Deployment v2.30.1-rc2. A beta release is not meant for installation in production environments. + +--- + +## 2023/08/24 Release Notes + +## Disclaimer + +This pre-release software is to allow limited access to test or beta versions of the Armory services (“Services”) and to provide feedback and comments to Armory regarding the use of such Services. By using Services, you agree to be bound by the terms and conditions set forth herein. + +Your Feedback is important and we welcome any feedback, analysis, suggestions and comments (including, but not limited to, bug reports and test results) (collectively, “Feedback”) regarding the Services. Any Feedback you provide will become the property of Armory and you agree that Armory may use or otherwise exploit all or part of your feedback or any derivative thereof in any manner without any further remuneration, compensation or credit to you. You represent and warrant that any Feedback which is provided by you hereunder is original work made solely by you and does not infringe any third party intellectual property rights. + +Any Feedback provided to Armory shall be considered Armory Confidential Information and shall be covered by any confidentiality agreements between you and Armory. + +You acknowledge that you are using the Services on a purely voluntary basis, as a means of assisting, and in consideration of the opportunity to assist Armory to use, implement, and understand various facets of the Services. You acknowledge and agree that nothing herein or in your voluntary submission of Feedback creates any employment relationship between you and Armory. + +Armory may, in its sole discretion, at any time, terminate or discontinue all or your access to the Services. You acknowledge and agree that all such decisions by Armory are final and Armory will have no liability with respect to such decisions. + +YOUR USE OF THE SERVICES IS AT YOUR OWN RISK. THE SERVICES, THE ARMORY TOOLS AND THE CONTENT ARE PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. ARMORY AND ITS LICENSORS MAKE NO REPRESENTATION, WARRANTY, OR GUARANTY AS TO THE RELIABILITY, TIMELINESS, QUALITY, SUITABILITY, TRUTH, AVAILABILITY, ACCURACY OR COMPLETENESS OF THE SERVICES, THE ARMORY TOOLS OR ANY CONTENT. ARMORY EXPRESSLY DISCLAIMS ON ITS OWN BEHALF AND ON BEHALF OF ITS EMPLOYEES, AGENTS, ATTORNEYS, CONSULTANTS, OR CONTRACTORS ANY AND ALL WARRANTIES INCLUDING, WITHOUT LIMITATION (A) THE USE OF THE SERVICES OR THE ARMORY TOOLS WILL BE TIMELY, UNINTERRUPTED OR ERROR-FREE OR OPERATE IN COMBINATION WITH ANY OTHER HARDWARE, SOFTWARE, SYSTEM OR DATA, (B) THE SERVICES AND THE ARMORY TOOLS AND/OR THEIR QUALITY WILL MEET CUSTOMER”S REQUIREMENTS OR EXPECTATIONS, (C) ANY CONTENT WILL BE ACCURATE OR RELIABLE, (D) ERRORS OR DEFECTS WILL BE CORRECTED, OR (E) THE SERVICES, THE ARMORY TOOLS OR THE SERVER(S) THAT MAKE THE SERVICES AVAILABLE ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS. CUSTOMER AGREES THAT ARMORY SHALL NOT BE RESPONSIBLE FOR THE AVAILABILITY OR ACTS OR OMISSIONS OF ANY THIRD PARTY, INCLUDING ANY THIRD-PARTY APPLICATION OR PRODUCT, AND ARMORY HEREBY DISCLAIMS ANY AND ALL LIABILITY IN CONNECTION WITH SUCH THIRD PARTIES. + +IN NO EVENT SHALL ARMORY, ITS EMPLOYEES, AGENTS, ATTORNEYS, CONSULTANTS, OR CONTRACTORS BE LIABLE UNDER THIS AGREEMENT FOR ANY CONSEQUENTIAL, SPECIAL, LOST PROFITS, INDIRECT OR OTHER DAMAGES, INCLUDING BUT NOT LIMITED TO LOST PROFITS, LOSS OF BUSINESS, COST OF COVER WHETHER BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, EVEN IF ARMORY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY. IN ANY EVENT, ARMORY, ITS EMPLOYEES’, AGENTS’, ATTORNEYS’, CONSULTANTS’ OR CONTRACTORS’ AGGREGATE LIABILITY UNDER THIS AGREEMENT FOR ANY CLAIM SHALL BE STRICTLY LIMITED TO $100.00. SOME STATES DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU. + +You acknowledge that Armory has provided the Services in reliance upon the limitations of liability set forth herein and that the same is an essential basis of the bargain between the parties. + + +## Required Armory Operator version + +To install, upgrade, or configure Armory 2.30.1-rc2, use Armory Operator 1.70 or later. + +## Security + +Armory scans the codebase as we develop and release software. Contact your Armory account representative for information about CVE scans for this release. + +## Breaking changes + + +> Breaking changes are kept in this list for 3 minor versions from when the change is introduced. For example, a breaking change introduced in 2.21.0 appears in the list up to and including the 2.24.x releases. It would not appear on 2.25.x release notes. + +## Known issues + + +## Highlighted updates + + + + + + +### Spinnaker Community Contributions + +There have also been numerous enhancements, fixes, and features across all of Spinnaker's other services. See the +[Spinnaker v1.30.3](https://www.spinnaker.io/changelogs/1.30.3-changelog/) changelog for details. + +## Detailed updates + +### Bill Of Materials (BOM) + +Here's the BOM for this version. +
Expand +
+artifactSources:
+  dockerRegistry: docker.io/armory
+dependencies:
+  redis:
+    commit: null
+    version: 2:2.8.4-2
+services:
+  clouddriver:
+    commit: e83f27627c37921732db249ca823b2e6485a6f97
+    version: 2.30.1-rc2
+  deck:
+    commit: 7737669d9a68843f448cc4c93ac2a6ea3485f95e
+    version: 2.30.1-rc2
+  dinghy:
+    commit: 5250de80948732c8caac6ffc5293a8af80a63a0f
+    version: 2.30.1-rc2
+  echo:
+    commit: 56844c654cd1b3981686933a9d5bc68011ee2bae
+    version: 2.30.1-rc2
+  fiat:
+    commit: 30319b57d40a7e9fd61067b7e0d9fb73bf9a6c46
+    version: 2.30.1-rc2
+  front50:
+    commit: ec0919166ced870668d787708c249945e9291a01
+    version: 2.30.1-rc2
+  gate:
+    commit: 2dc9b4b767ab502faaa1b99c131eb7263cf519da
+    version: 2.30.1-rc2
+  igor:
+    commit: 67b4c66f33b8b97b89e6b052654bebfea460a41f
+    version: 2.30.1-rc2
+  kayenta:
+    commit: 4d82ef4a72129a715749005235ce0d6ba4778603
+    version: 2.30.1-rc2
+  monitoring-daemon:
+    commit: null
+    version: 2.26.0
+  monitoring-third-party:
+    commit: null
+    version: 2.26.0
+  orca:
+    commit: 638d81c8d3186b6deb8829574c6ac5b65c88c94a
+    version: 2.30.1-rc2
+  rosco:
+    commit: e74de6eaccbed6301505d9f3d2f6745b410211a7
+    version: 2.30.1-rc2
+  terraformer:
+    commit: 650746ae3f596f9c6458987487c81840c85dd2a0
+    version: 2.30.1-rc2
+timestamp: "2023-08-23 17:49:50"
+version: 2.30.1-rc2
+
+
+
+ +### Armory + + +#### Armory Clouddriver - 2.30.1-rc1...2.30.1-rc2 + + +#### Armory Igor - 2.30.1-rc1...2.30.1-rc2 + + +#### Terraformer™ - 2.30.1-rc1...2.30.1-rc2 + + +#### Armory Rosco - 2.30.1-rc1...2.30.1-rc2 + + +#### Armory Front50 - 2.30.1-rc1...2.30.1-rc2 + + +#### Armory Deck - 2.30.1-rc1...2.30.1-rc2 + + +#### Armory Kayenta - 2.30.1-rc1...2.30.1-rc2 + + - chore(cd): update base service version to kayenta:2023.08.22.17.00.47.release-1.30.x (#463) + +#### Dinghy™ - 2.30.1-rc1...2.30.1-rc2 + + +#### Armory Fiat - 2.30.1-rc1...2.30.1-rc2 + + - chore(cd): update base service version to fiat:2023.08.22.18.06.01.release-1.30.x (#515) + +#### Armory Orca - 2.30.1-rc1...2.30.1-rc2 + + +#### Armory Echo - 2.30.1-rc1...2.30.1-rc2 + + +#### Armory Gate - 2.30.1-rc1...2.30.1-rc2 + + + +### Spinnaker + + +#### Spinnaker Clouddriver - 1.30.3 + + +#### Spinnaker Igor - 1.30.3 + + +#### Spinnaker Rosco - 1.30.3 + + +#### Spinnaker Front50 - 1.30.3 + + +#### Spinnaker Deck - 1.30.3 + + +#### Spinnaker Kayenta - 1.30.3 + + - fix(orca): Fix orca contributors status. (backport #977) (#981) + +#### Spinnaker Fiat - 1.30.3 + + - fix(ssl): Removed unused deprecated okHttpClientConfig from retrofitConfig. (#1082) (#1091) + +#### Spinnaker Orca - 1.30.3 + + +#### Spinnaker Echo - 1.30.3 + + +#### Spinnaker Gate - 1.30.3 + + diff --git a/payload.json b/payload.json index 195330d0fb..f9debad2d6 100644 --- a/payload.json +++ b/payload.json @@ -1,227 +1,147 @@ { "armoryServices": [ { - "commitMessages": [ - "chore(cd): update base service version to clouddriver:2023.07.19.19.07.34.release-1.30.x (#902)", - "chore(cd): update base service version to clouddriver:2023.07.21.18.23.46.release-1.30.x (#905)", - "chore(kubectl): upgrade kubectl version from 1.20.6 to 1.22.17 (backport #878) (#917)", - "chore(cd): update base service version to clouddriver:2023.08.17.03.37.47.release-1.30.x (#920)", - "chore(cd): update base service version to clouddriver:2023.08.17.06.57.33.release-1.30.x (#922)", - "chore(cd): update base service version to clouddriver:2023.08.18.20.50.29.release-1.30.x (#923)", - "fix: AWS CLI pip installation (#918) (#925)", - "chore(cd): update base service version to clouddriver:2023.08.18.23.44.54.release-1.30.x (#926)" - ], - "currentVersion": "2.30.1-rc1", + "commitMessages": [], + "currentVersion": "2.30.1-rc2", "name": "Armory Clouddriver", - "previousVersion": "2.30.0" + "previousVersion": "2.30.1-rc1" }, { - "commitMessages": [ - "Session duration support on AWS roles (#500) (#503)", - "fix: One more session timeout place (#501) (#505)" - ], - "currentVersion": "2.30.1-rc1", - "name": "Terraformer™", - "previousVersion": "2.30.0" + "commitMessages": [], + "currentVersion": "2.30.1-rc2", + "name": "Armory Igor", + "previousVersion": "2.30.1-rc1" }, { - "commitMessages": [ - "chore(cd): update base service version to igor:2023.08.17.02.51.58.release-1.30.x (#480)", - "chore(cd): update base service version to igor:2023.08.17.04.46.32.release-1.30.x (#481)", - "chore(cd): update base service version to igor:2023.08.18.20.06.35.release-1.30.x (#483)", - "chore(cd): update base service version to igor:2023.08.18.23.01.56.release-1.30.x (#484)" - ], - "currentVersion": "2.30.1-rc1", - "name": "Armory Igor", - "previousVersion": "2.30.0" + "commitMessages": [], + "currentVersion": "2.30.1-rc2", + "name": "Terraformer™", + "previousVersion": "2.30.1-rc1" }, { - "commitMessages": [ - "chore(cd): update base service version to rosco:2023.08.17.02.48.33.release-1.30.x (#558)", - "chore(cd): update base service version to rosco:2023.08.18.20.06.48.release-1.30.x (#559)" - ], - "currentVersion": "2.30.1-rc1", + "commitMessages": [], + "currentVersion": "2.30.1-rc2", "name": "Armory Rosco", - "previousVersion": "2.30.0" + "previousVersion": "2.30.1-rc1" }, { - "commitMessages": [ - "chore(cd): update base service version to front50:2023.08.18.20.06.26.release-1.30.x (#576)", - "chore(cd): update base service version to front50:2023.08.18.23.02.05.release-1.30.x (#577)" - ], - "currentVersion": "2.30.1-rc1", + "commitMessages": [], + "currentVersion": "2.30.1-rc2", "name": "Armory Front50", - "previousVersion": "2.30.0" - }, - { - "commitMessages": [ - "chore(cd): update base service version to fiat:2023.08.17.02.48.22.release-1.30.x (#511)", - "chore(cd): update base service version to fiat:2023.08.18.20.06.20.release-1.30.x (#512)" - ], - "currentVersion": "2.30.1-rc1", - "name": "Armory Fiat", - "previousVersion": "2.30.0" + "previousVersion": "2.30.1-rc1" }, { "commitMessages": [], - "currentVersion": "2.30.1-rc1", + "currentVersion": "2.30.1-rc2", "name": "Armory Deck", - "previousVersion": "2.30.0" + "previousVersion": "2.30.1-rc1" + }, + { + "commitMessages": [ + "chore(cd): update base service version to kayenta:2023.08.22.17.00.47.release-1.30.x (#463)" + ], + "currentVersion": "2.30.1-rc2", + "name": "Armory Kayenta", + "previousVersion": "2.30.1-rc1" }, { "commitMessages": [], - "currentVersion": "2.30.1-rc1", + "currentVersion": "2.30.1-rc2", "name": "Dinghy™", - "previousVersion": "2.30.0" + "previousVersion": "2.30.1-rc1" }, { "commitMessages": [ - "chore(cd): update base orca version to 2023.08.15.19.18.48.release-1.30.x (#677)", - "chore(cd): update base orca version to 2023.08.17.02.56.00.release-1.30.x (#679)", - "chore(cd): update base orca version to 2023.08.17.04.55.06.release-1.30.x (#681)", - "chore(cd): update base orca version to 2023.08.18.20.16.18.release-1.30.x (#683)", - "chore(cd): update base orca version to 2023.08.18.23.14.04.release-1.30.x (#684)" + "chore(cd): update base service version to fiat:2023.08.22.18.06.01.release-1.30.x (#515)" ], - "currentVersion": "2.30.1-rc1", + "currentVersion": "2.30.1-rc2", + "name": "Armory Fiat", + "previousVersion": "2.30.1-rc1" + }, + { + "commitMessages": [], + "currentVersion": "2.30.1-rc2", "name": "Armory Orca", - "previousVersion": "2.30.0" + "previousVersion": "2.30.1-rc1" }, { - "commitMessages": [ - "chore(cd): update base service version to echo:2023.08.17.02.52.47.release-1.30.x (#604)", - "chore(cd): update base service version to echo:2023.08.17.04.48.12.release-1.30.x (#606)", - "chore(cd): update base service version to echo:2023.08.18.20.06.15.release-1.30.x (#607)", - "chore(cd): update base service version to echo:2023.08.18.23.04.19.release-1.30.x (#608)" - ], - "currentVersion": "2.30.1-rc1", + "commitMessages": [], + "currentVersion": "2.30.1-rc2", "name": "Armory Echo", - "previousVersion": "2.30.0" + "previousVersion": "2.30.1-rc1" }, { - "commitMessages": [ - "chore(cd): update base service version to gate:2023.08.17.02.52.18.release-1.30.x (#592)", - "chore(cd): update base service version to gate:2023.08.17.04.50.02.release-1.30.x (#593)", - "chore(cd): update base service version to gate:2023.08.18.20.06.31.release-1.30.x (#595)", - "chore(cd): update base service version to gate:2023.08.18.23.02.38.release-1.30.x (#596)" - ], - "currentVersion": "2.30.1-rc1", + "commitMessages": [], + "currentVersion": "2.30.1-rc2", "name": "Armory Gate", - "previousVersion": "2.30.0" - }, - { - "commitMessages": [ - "chore(cd): update base service version to kayenta:2023.08.17.05.53.17.release-1.30.x (#458)", - "chore(cd): update base service version to kayenta:2023.08.19.00.43.42.release-1.30.x (#461)" - ], - "currentVersion": "2.30.1-rc1", - "name": "Armory Kayenta", - "previousVersion": "2.30.0" + "previousVersion": "2.30.1-rc1" } ], - "armoryVersion": "2.30.1-rc1", + "armoryVersion": "2.30.1-rc2", "ossServices": [ { - "commitMessages": [ - "feat: Add the possibility to update the default handler for the Global Resource Property Registry. (#5963) (#5973)", - "fix(gce): remove the duplicate cache attribute \"subnet\" and update the test (#5977) (#5986)", - "chore(dependencies): Autobump korkVersion (#5998)", - "chore(dependencies): Autobump fiatVersion (#5999)", - "chore(dependencies): Autobump korkVersion (#6001)", - "chore(dependencies): Autobump fiatVersion (#6002)" - ], + "commitMessages": [], "currentVersion": "1.30.3", "name": "Spinnaker Clouddriver", - "previousVersion": "1.30.0" + "previousVersion": "1.30.3" }, { - "commitMessages": [ - "chore(dependencies): Autobump korkVersion (#1155)", - "chore(dependencies): Autobump fiatVersion (#1156)", - "chore(dependencies): Autobump korkVersion (#1158)", - "chore(dependencies): Autobump fiatVersion (#1159)" - ], + "commitMessages": [], "currentVersion": "1.30.3", "name": "Spinnaker Igor", - "previousVersion": "1.30.0" + "previousVersion": "1.30.3" }, { - "commitMessages": [ - "chore(dependencies): Autobump korkVersion (#1010)", - "chore(dependencies): Autobump korkVersion (#1011)" - ], + "commitMessages": [], "currentVersion": "1.30.3", "name": "Spinnaker Rosco", - "previousVersion": "1.30.0" + "previousVersion": "1.30.3" }, { - "commitMessages": [ - "chore(dependencies): Autobump korkVersion (#1292)", - "chore(dependencies): Autobump fiatVersion (#1293)", - "chore(dependencies): Autobump korkVersion (#1295)", - "chore(dependencies): Autobump fiatVersion (#1296)" - ], + "commitMessages": [], "currentVersion": "1.30.3", "name": "Spinnaker Front50", - "previousVersion": "1.30.0" - }, - { - "commitMessages": [ - "chore(dependencies): Autobump korkVersion (#1088)", - "chore(dependencies): Autobump korkVersion (#1089)" - ], - "currentVersion": "1.30.3", - "name": "Spinnaker Fiat", - "previousVersion": "1.30.0" + "previousVersion": "1.30.3" }, { "commitMessages": [], "currentVersion": "1.30.3", "name": "Spinnaker Deck", - "previousVersion": "1.30.0" + "previousVersion": "1.30.3" }, { "commitMessages": [ - "fix(waiting-executions) : concurrent waiting executions doesn't follow FIFO (backport #4415) (#4503)", - "chore(dependencies): Autobump korkVersion (#4505)", - "chore(dependencies): Autobump fiatVersion (#4506)", - "chore(dependencies): Autobump korkVersion (#4509)", - "chore(dependencies): Autobump fiatVersion (#4510)" + "fix(orca): Fix orca contributors status. (backport #977) (#981)" ], "currentVersion": "1.30.3", - "name": "Spinnaker Orca", - "previousVersion": "1.30.0" + "name": "Spinnaker Kayenta", + "previousVersion": "1.30.3" }, { "commitMessages": [ - "fix(gha): Fix github status log and add tests (#1316) (#1317)", - "chore(dependencies): Autobump korkVersion (#1326)", - "chore(dependencies): Autobump fiatVersion (#1327)", - "chore(dependencies): Autobump korkVersion (#1329)", - "chore(dependencies): Autobump fiatVersion (#1330)" + "fix(ssl): Removed unused deprecated okHttpClientConfig from retrofitConfig. (#1082) (#1091)" ], "currentVersion": "1.30.3", - "name": "Spinnaker Echo", - "previousVersion": "1.30.0" + "name": "Spinnaker Fiat", + "previousVersion": "1.30.3" }, { - "commitMessages": [ - "chore(dependencies): Autobump korkVersion (#1687)", - "chore(dependencies): Autobump fiatVersion (#1688)", - "chore(dependencies): Autobump korkVersion (#1690)", - "chore(dependencies): Autobump fiatVersion (#1691)" - ], + "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Gate", - "previousVersion": "1.30.0" + "name": "Spinnaker Orca", + "previousVersion": "1.30.3" }, { - "commitMessages": [ - "chore(dependencies): Autobump orcaVersion (#978)", - "chore(dependencies): Autobump orcaVersion (#982)" - ], + "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Kayenta", - "previousVersion": "1.30.0" + "name": "Spinnaker Echo", + "previousVersion": "1.30.3" + }, + { + "commitMessages": [], + "currentVersion": "1.30.3", + "name": "Spinnaker Gate", + "previousVersion": "1.30.3" } ], "ossVersion": "1.30.3", @@ -239,39 +159,39 @@ "services": { "clouddriver": { "commit": "e83f27627c37921732db249ca823b2e6485a6f97", - "version": "2.30.1-rc1" + "version": "2.30.1-rc2" }, "deck": { "commit": "7737669d9a68843f448cc4c93ac2a6ea3485f95e", - "version": "2.30.1-rc1" + "version": "2.30.1-rc2" }, "dinghy": { "commit": "5250de80948732c8caac6ffc5293a8af80a63a0f", - "version": "2.30.1-rc1" + "version": "2.30.1-rc2" }, "echo": { "commit": "56844c654cd1b3981686933a9d5bc68011ee2bae", - "version": "2.30.1-rc1" + "version": "2.30.1-rc2" }, "fiat": { - "commit": "12e4ccd27d90b556a65ffc76231ae84623e38e84", - "version": "2.30.1-rc1" + "commit": "30319b57d40a7e9fd61067b7e0d9fb73bf9a6c46", + "version": "2.30.1-rc2" }, "front50": { "commit": "ec0919166ced870668d787708c249945e9291a01", - "version": "2.30.1-rc1" + "version": "2.30.1-rc2" }, "gate": { "commit": "2dc9b4b767ab502faaa1b99c131eb7263cf519da", - "version": "2.30.1-rc1" + "version": "2.30.1-rc2" }, "igor": { "commit": "67b4c66f33b8b97b89e6b052654bebfea460a41f", - "version": "2.30.1-rc1" + "version": "2.30.1-rc2" }, "kayenta": { - "commit": "aafaf170d12818396f867b7370fdd2fd10048bfe", - "version": "2.30.1-rc1" + "commit": "4d82ef4a72129a715749005235ce0d6ba4778603", + "version": "2.30.1-rc2" }, "monitoring-daemon": { "commit": null, @@ -283,18 +203,18 @@ }, "orca": { "commit": "638d81c8d3186b6deb8829574c6ac5b65c88c94a", - "version": "2.30.1-rc1" + "version": "2.30.1-rc2" }, "rosco": { "commit": "e74de6eaccbed6301505d9f3d2f6745b410211a7", - "version": "2.30.1-rc1" + "version": "2.30.1-rc2" }, "terraformer": { "commit": "650746ae3f596f9c6458987487c81840c85dd2a0", - "version": "2.30.1-rc1" + "version": "2.30.1-rc2" } }, - "timestamp": "2023-08-22 21:26:19", - "version": "2.30.1-rc1" + "timestamp": "2023-08-23 17:49:50", + "version": "2.30.1-rc2" } } \ No newline at end of file From 4eaabe5d865d9af33eeff6afc06e5c73c050f6de Mon Sep 17 00:00:00 2001 From: Marcia Knous <81816978+mknous@users.noreply.github.com> Date: Thu, 24 Aug 2023 14:13:41 -0400 Subject: [PATCH 10/15] Update armoryspinnaker_v2-30-1-rc2.md Tweaked the notes as follows (1) Removed the Kayenta known issue as it is now fixed, and called out the fix in the highlighted updates. --- .../armoryspinnaker_v2-30-1-rc2.md | 94 +++++++++++++++++++ 1 file changed, 94 insertions(+) diff --git a/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc2.md b/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc2.md index 51acd36cdb..5f8dddf309 100644 --- a/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc2.md +++ b/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-1-rc2.md @@ -42,9 +42,92 @@ Armory scans the codebase as we develop and release software. Contact your Armor > Breaking changes are kept in this list for 3 minor versions from when the change is introduced. For example, a breaking change introduced in 2.21.0 appears in the list up to and including the 2.24.x releases. It would not appear on 2.25.x release notes. +### Orca requires RDBMS configured for UTF-8 encoding +**Impact** + +- 2.28.6 migrates to the AWS MySQL driver from the OSS MySQL drivers. This change is mostly seamless, but we’ve identified one breaking change. If your database was created without utf8mb4 you will see failures after this upgrade. utf8mb4 is the recommended DB format for any Spinnaker database, and we don’t anticipate most users who’ve followed setup instructions to encounter this failure. However, we’re calling out this change as a safeguard. + +{{< include "breaking-changes/bc-kubectl-120.md" >}} +{{< include "breaking-changes/bc-plugin-compatibility-2-28-0.md" >}} + +**Introduced in**: Armory CD 2.28.6 + ## Known issues +### 1.30+ “required artifacts to bind” breaks pipelines +Expected artifacts can be used in automated triggers and stages, and OSS [1.30](https://spinnaker.io/changelogs/1.30.0-changelog/#changes-to-the-way-artifact-constraints-on-triggers-work) changed the way artifact constraints work on triggers. Unfortunately those changes broke the previous behavior when triggering a pipeline from a stage, and this fix restores the previous behavior. + +**Affected versions**: Armory CD 2.30.0 + +### Clouddriver and Spring Cloud +The Spring Boot version has been upgraded, introducing a backwards incompatible change to the way configuration is loaded in Spinnaker. Users will need to set the ***spring.cloud.config.enabled*** property to ***true*** in the service settings of Clouddriver to preserve existing behavior. All of the other configuration blocks remain the same. + +**Affected versions**: Armory CD 2.30.0 + +### Application attributes section displays “This Application has not been configured” +There is a known issue that relates to the **Application Attributes** section under the **Config** menu. An application that was already created and configured in Spinnaker displays the message, “This application has not been configured.” While the information is missing, there is no functional impact. + +**Affected versions**: Armory CD 2.28.0 and later + +### SpEL expressions and artifact binding +There is an issue where it appears that SpEL expressions are not being evaluated properly in artifact declarations (such as container images) for events such as the Deploy Manifest stage. What is actually happening is that an artifact binding is overriding the image value. + +**Workaround**: +2.27.x or later: Disable artifact binding by adding the following parameter to the stage JSON: `enableArtifactBinding: false`. +This setting only binds the version when the tag is missing, such as `image: nginx` without a version number. + +**Affected versions**: Armory CD 2.27.x and later + +## Deprecations +Reference [Feature Deprecations and end of support](https://docs.armory.io/continuous-deployment/feature-status/deprecations/) + +## Early access enabled by default + +### **Automatically Cancel Jenkins Jobs** + +You now have the ability to cancel triggered Jenkins jobs when a Spinnaker pipeline is canceled, giving you more control over your full Jenkins workflow. Learn more about Jenkins + Spinnaker in this [Spinnaker changelog.](https://spinnaker.io/changelogs/1.29.0-changelog/#orca). + +### **Enhanced BitBucket Server pull request handling** + +Trigger Spinnaker pipelines natively when pull requests are opened in BitBucket with newly added events including PR opened, deleted, and declined. See [Triggering pipelines with Bitbucket Server](https://spinnaker.io/docs/guides/user/pipeline/triggers/bitbucket-events/) in the Spinnaker docs for details + +## Early Access + +### **Dynamic Rollback Timeout** + +To make the dynamic timeout available, you need to enable the feature flag in Orca and Deck. You need to add this block to `orca.yml` file if you want to enable the dynamic rollback timeout feature: + +``` + +rollback: + timeout: + enabled: true + +``` + +On the Orca side, the feature flag overrides the default value rollback timeout - 5 min - with a UI input from the user. + +On the Deck side, the feature flag enhances the Rollback Cluster stage UI with timeout input. + +`window.spinnakerSettings.feature.dynamicRollbackTimeout = true;` + +The default is used if there is no value set in the UI. + +### Dinghy PR Checks + +This feature, when enabled, verifies if the author of a commit that changed app parameters has sufficient WRITE permission for that app. You can specify a list of authors whose permissions are not valid. This option’s purpose is to skip permissions checks for bots and tools. + +See [Permissions check for a commit]({{< ref "plugins/pipelines-as-code/install/configure#permissions-check-for-a-commit" >}}) for details. + +### **Terraform template fix** + +Armory fixed an issue with SpEL expression failures appearing while using Terraformer to serialize data from a Terraform Plan execution. With this feature flag fix enabled, you will be able to use the Terraform template file provider. Please open a support ticket if you need this fix. + +### **Pipelines as Code multi-branch enhancement** + +Now you can configure Pipelines as Code to pull Dinghy files from multiple branches on the same repo. Cut out the tedious task of managing multiple repos; have a single repo for Spinnaker application pipelines. See [Multiple branches]({{< ref "plugins/pipelines-as-code/install/configure#multiple-branches" >}}) for how to enable and configure this feature. + ## Highlighted updates +### Clouddriver +* Fixed AWS CLI pip installation +* feat: Add the possibility to update the default handler for the Global Resource Property Registry. Due to the fact it is not possible to override the default handler behavior from a Spinnaker plugin code, we introduced a new setter function specifically designed to update the default handler for the Global Resource. +* fix(gce): remove the duplicate cache attribute "subnet" + +### Orca +* fix(waiting-executions) : Waiting executions doesn't follow FIFO. The fix makes Changes to push *StartWaitingExecutions* to the queue only when execution status is not running and disabled concurrent executions, in all other cases no need to push *StartWaitingExecutions* to the queue. +### Terraformer +* Session duration support on AWS roles +### Kayenta +* Addressed an issue related to verbose error messages in Kayenta logs ### Spinnaker Community Contributions From d4b42479417c52db136765350d5f3805d2ed0487 Mon Sep 17 00:00:00 2001 From: armory-astrolabe <76064959+armory-astrolabe@users.noreply.github.com> Date: Thu, 24 Aug 2023 14:31:30 -0500 Subject: [PATCH 11/15] chore(release): add release notes for 2.30.1 (#2109) * chore(release): add release notes for 2.30.1 * Update armoryspinnaker_v2-30-1.md Release notes for final release. This content is a the same as what was in RC2. I tweaked one of the highlighted updates, otherwise everything else is the same as what appeared in RC2. * Update content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-1.md * Update content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-1.md --------- Co-authored-by: armory-astrolabe Co-authored-by: Marcia Knous <81816978+mknous@users.noreply.github.com> Co-authored-by: Fernando Freire --- .../armoryspinnaker_v2-30-1.md | 347 ++++++++++++++++++ payload.json | 212 +++++++---- 2 files changed, 495 insertions(+), 64 deletions(-) create mode 100644 content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-1.md diff --git a/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-1.md b/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-1.md new file mode 100644 index 0000000000..1e3a128ccd --- /dev/null +++ b/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-1.md @@ -0,0 +1,347 @@ +--- +title: v2.30.1 Armory Release (OSS Spinnaker™ v1.30.3) +toc_hide: true +version: 2.30.1 +date: 2023-08-24 +description: > + Release notes for Armory Continuous Deployment v2.30.1 +--- + +## 2023/08/24 Release Notes + +> Note: If you're experiencing production issues after upgrading Spinnaker, rollback to a previous working version and please report issues to [http://go.armory.io/support](http://go.armory.io/support). + +## Required Armory Operator version + +To install, upgrade, or configure Armory 2.30.1, use Armory Operator 1.70 or later. + +## Security + +Armory scans the codebase as we develop and release software. Contact your Armory account representative for information about CVE scans for this release. + +## Breaking changes + + +> Breaking changes are kept in this list for 3 minor versions from when the change is introduced. For example, a breaking change introduced in 2.21.0 appears in the list up to and including the 2.24.x releases. It would not appear on 2.25.x release notes. + +### Orca requires RDBMS configured for UTF-8 encoding +**Impact** + +- 2.28.6 migrates to the AWS MySQL driver from the OSS MySQL drivers. This change is mostly seamless, but we’ve identified one breaking change. If your database was created without utf8mb4 you will see failures after this upgrade. utf8mb4 is the recommended DB format for any Spinnaker database, and we don’t anticipate most users who’ve followed setup instructions to encounter this failure. However, we’re calling out this change as a safeguard. + +{{< include "breaking-changes/bc-kubectl-120.md" >}} +{{< include "breaking-changes/bc-plugin-compatibility-2-28-0.md" >}} + +**Introduced in**: Armory CD 2.28.6 + +## Known issues + + +### 1.30+ “required artifacts to bind” breaks pipelines +Expected artifacts can be used in automated triggers and stages, and OSS [1.30](https://spinnaker.io/changelogs/1.30.0-changelog/#changes-to-the-way-artifact-constraints-on-triggers-work) changed the way artifact constraints work on triggers. Unfortunately those changes broke the previous behavior when triggering a pipeline from a stage, and this fix restores the previous behavior. + +**Affected versions**: Armory CD 2.30.0 + +### Clouddriver and Spring Cloud +The Spring Boot version has been upgraded, introducing a backwards incompatible change to the way configuration is loaded in Spinnaker. Users will need to set the ***spring.cloud.config.enabled*** property to ***true*** in the service settings of Clouddriver to preserve existing behavior. All of the other configuration blocks remain the same. + +**Affected versions**: Armory CD 2.30.0 + +### Application attributes section displays “This Application has not been configured” +There is a known issue that relates to the **Application Attributes** section under the **Config** menu. An application that was already created and configured in Spinnaker displays the message, “This application has not been configured.” While the information is missing, there is no functional impact. + +**Affected versions**: Armory CD 2.28.0 and later + +### SpEL expressions and artifact binding +There is an issue where it appears that SpEL expressions are not being evaluated properly in artifact declarations (such as container images) for events such as the Deploy Manifest stage. What is actually happening is that an artifact binding is overriding the image value. + +**Workaround**: +2.27.x or later: Disable artifact binding by adding the following parameter to the stage JSON: `enableArtifactBinding: false`. +This setting only binds the version when the tag is missing, such as `image: nginx` without a version number. + +**Affected versions**: Armory CD 2.27.x and later + +## Deprecations +Reference [Feature Deprecations and end of support](https://docs.armory.io/continuous-deployment/feature-status/deprecations/) + +## Early access enabled by default + +### **Automatically Cancel Jenkins Jobs** + +You now have the ability to cancel triggered Jenkins jobs when a Spinnaker pipeline is canceled, giving you more control over your full Jenkins workflow. Learn more about Jenkins + Spinnaker in this [Spinnaker changelog.](https://spinnaker.io/changelogs/1.29.0-changelog/#orca). + +### **Enhanced BitBucket Server pull request handling** + +Trigger Spinnaker pipelines natively when pull requests are opened in BitBucket with newly added events including PR opened, deleted, and declined. See [Triggering pipelines with Bitbucket Server](https://spinnaker.io/docs/guides/user/pipeline/triggers/bitbucket-events/) in the Spinnaker docs for details + +## Early Access + +### **Dynamic Rollback Timeout** + +To make the dynamic timeout available, you need to enable the feature flag in Orca and Deck. You need to add this block to `orca.yml` file if you want to enable the dynamic rollback timeout feature: + +``` + +rollback: + timeout: + enabled: true + +``` + +On the Orca side, the feature flag overrides the default value rollback timeout - 5 min - with a UI input from the user. + +On the Deck side, the feature flag enhances the Rollback Cluster stage UI with timeout input. + +`window.spinnakerSettings.feature.dynamicRollbackTimeout = true;` + +The default is used if there is no value set in the UI. + +### **Dinghy PR Checks** + +This feature, when enabled, verifies if the author of a commit that changed app parameters has sufficient WRITE permission for that app. You can specify a list of authors whose permissions are not valid. This option’s purpose is to skip permissions checks for bots and tools. + +See [Permissions check for a commit]({{< ref "plugins/pipelines-as-code/install/configure#permissions-check-for-a-commit" >}}) for details. + +### **Terraform template fix** + +Armory fixed an issue with SpEL expression failures appearing while using Terraformer to serialize data from a Terraform Plan execution. With this feature flag fix enabled, you will be able to use the Terraform template file provider. Please open a support ticket if you need this fix. + +### **Pipelines as Code multi-branch enhancement** + +Now you can configure Pipelines as Code to pull Dinghy files from multiple branches on the same repo. Cut out the tedious task of managing multiple repos; have a single repo for Spinnaker application pipelines. See [Multiple branches]({{< ref "plugins/pipelines-as-code/install/configure#multiple-branches" >}}) for how to enable and configure this feature. + +## Highlighted updates + + + +### Clouddriver +* Addressed an issue related to AWS CLI pip installation where users were unable to install aws-cli via pip because a package dependency broke +* Add the possibility to update the default handler for the Global Resource Property Registry. Due to the fact it is not possible to override the default handler behavior from a Spinnaker plugin code, we introduced a new setter function specifically designed to update the default handler for the Global Resource. + +### Orca +* Waiting executions didn't follow FIFO. The fix makes changes to push *StartWaitingExecutions* to the queue only when execution status is not running and disabled concurrent executions, in all other cases no need to push *StartWaitingExecutions* to the queue. + +### Terraformer +* Session duration support on AWS roles + +### Kayenta +* Addressed an issue related to verbose error messages in Kayenta logs + + +### Spinnaker Community Contributions + +There have also been numerous enhancements, fixes, and features across all of Spinnaker's other services. See the +[Spinnaker v1.30.3](https://www.spinnaker.io/changelogs/1.30.3-changelog/) changelog for details. + +## Detailed updates + +### Bill Of Materials (BOM) + +Here's the BOM for this version. +
Expand +
+artifactSources:
+  dockerRegistry: docker.io/armory
+dependencies:
+  redis:
+    commit: null
+    version: 2:2.8.4-2
+services:
+  clouddriver:
+    commit: e83f27627c37921732db249ca823b2e6485a6f97
+    version: 2.30.1
+  deck:
+    commit: 7737669d9a68843f448cc4c93ac2a6ea3485f95e
+    version: 2.30.1
+  dinghy:
+    commit: 5250de80948732c8caac6ffc5293a8af80a63a0f
+    version: 2.30.1
+  echo:
+    commit: 56844c654cd1b3981686933a9d5bc68011ee2bae
+    version: 2.30.1
+  fiat:
+    commit: 30319b57d40a7e9fd61067b7e0d9fb73bf9a6c46
+    version: 2.30.1
+  front50:
+    commit: ec0919166ced870668d787708c249945e9291a01
+    version: 2.30.1
+  gate:
+    commit: 2dc9b4b767ab502faaa1b99c131eb7263cf519da
+    version: 2.30.1
+  igor:
+    commit: 67b4c66f33b8b97b89e6b052654bebfea460a41f
+    version: 2.30.1
+  kayenta:
+    commit: 4d82ef4a72129a715749005235ce0d6ba4778603
+    version: 2.30.1
+  monitoring-daemon:
+    commit: null
+    version: 2.26.0
+  monitoring-third-party:
+    commit: null
+    version: 2.26.0
+  orca:
+    commit: 638d81c8d3186b6deb8829574c6ac5b65c88c94a
+    version: 2.30.1
+  rosco:
+    commit: e74de6eaccbed6301505d9f3d2f6745b410211a7
+    version: 2.30.1
+  terraformer:
+    commit: 650746ae3f596f9c6458987487c81840c85dd2a0
+    version: 2.30.1
+timestamp: "2023-08-23 17:49:50"
+version: 2.30.1
+
+
+
+ +### Armory + + +#### Armory Clouddriver - 2.30.0...2.30.1 + + - chore(cd): update base service version to clouddriver:2023.07.19.19.07.34.release-1.30.x (#902) + - chore(cd): update base service version to clouddriver:2023.07.21.18.23.46.release-1.30.x (#905) + - chore(kubectl): upgrade kubectl version from 1.20.6 to 1.22.17 (backport #878) (#917) + - chore(cd): update base service version to clouddriver:2023.08.17.03.37.47.release-1.30.x (#920) + - chore(cd): update base service version to clouddriver:2023.08.17.06.57.33.release-1.30.x (#922) + - chore(cd): update base service version to clouddriver:2023.08.18.20.50.29.release-1.30.x (#923) + - fix: AWS CLI pip installation (#918) (#925) + - chore(cd): update base service version to clouddriver:2023.08.18.23.44.54.release-1.30.x (#926) + +#### Armory Igor - 2.30.0...2.30.1 + + - chore(cd): update base service version to igor:2023.08.17.02.51.58.release-1.30.x (#480) + - chore(cd): update base service version to igor:2023.08.17.04.46.32.release-1.30.x (#481) + - chore(cd): update base service version to igor:2023.08.18.20.06.35.release-1.30.x (#483) + - chore(cd): update base service version to igor:2023.08.18.23.01.56.release-1.30.x (#484) + +#### Terraformer™ - 2.30.0...2.30.1 + + - Session duration support on AWS roles (#500) (#503) + - fix: One more session timeout place (#501) (#505) + +#### Armory Rosco - 2.30.0...2.30.1 + + - chore(cd): update base service version to rosco:2023.08.17.02.48.33.release-1.30.x (#558) + - chore(cd): update base service version to rosco:2023.08.18.20.06.48.release-1.30.x (#559) + +#### Armory Front50 - 2.30.0...2.30.1 + + - chore(cd): update base service version to front50:2023.08.18.20.06.26.release-1.30.x (#576) + - chore(cd): update base service version to front50:2023.08.18.23.02.05.release-1.30.x (#577) + +#### Armory Deck - 2.30.0...2.30.1 + + +#### Armory Kayenta - 2.30.0...2.30.1 + + - chore(cd): update base service version to kayenta:2023.08.17.05.53.17.release-1.30.x (#458) + - chore(cd): update base service version to kayenta:2023.08.19.00.43.42.release-1.30.x (#461) + - chore(cd): update base service version to kayenta:2023.08.22.17.00.47.release-1.30.x (#463) + +#### Dinghy™ - 2.30.0...2.30.1 + + +#### Armory Fiat - 2.30.0...2.30.1 + + - chore(cd): update base service version to fiat:2023.08.17.02.48.22.release-1.30.x (#511) + - chore(cd): update base service version to fiat:2023.08.18.20.06.20.release-1.30.x (#512) + - chore(cd): update base service version to fiat:2023.08.22.18.06.01.release-1.30.x (#515) + +#### Armory Orca - 2.30.0...2.30.1 + + - chore(cd): update base orca version to 2023.08.15.19.18.48.release-1.30.x (#677) + - chore(cd): update base orca version to 2023.08.17.02.56.00.release-1.30.x (#679) + - chore(cd): update base orca version to 2023.08.17.04.55.06.release-1.30.x (#681) + - chore(cd): update base orca version to 2023.08.18.20.16.18.release-1.30.x (#683) + - chore(cd): update base orca version to 2023.08.18.23.14.04.release-1.30.x (#684) + +#### Armory Echo - 2.30.0...2.30.1 + + - chore(cd): update base service version to echo:2023.08.17.02.52.47.release-1.30.x (#604) + - chore(cd): update base service version to echo:2023.08.17.04.48.12.release-1.30.x (#606) + - chore(cd): update base service version to echo:2023.08.18.20.06.15.release-1.30.x (#607) + - chore(cd): update base service version to echo:2023.08.18.23.04.19.release-1.30.x (#608) + +#### Armory Gate - 2.30.0...2.30.1 + + - chore(cd): update base service version to gate:2023.08.17.02.52.18.release-1.30.x (#592) + - chore(cd): update base service version to gate:2023.08.17.04.50.02.release-1.30.x (#593) + - chore(cd): update base service version to gate:2023.08.18.20.06.31.release-1.30.x (#595) + - chore(cd): update base service version to gate:2023.08.18.23.02.38.release-1.30.x (#596) + + +### Spinnaker + + +#### Spinnaker Clouddriver - 1.30.3 + + - feat: Add the possibility to update the default handler for the Global Resource Property Registry. (#5963) (#5973) + - fix(gce): remove the duplicate cache attribute "subnet" and update the test (#5977) (#5986) + - chore(dependencies): Autobump korkVersion (#5998) + - chore(dependencies): Autobump fiatVersion (#5999) + - chore(dependencies): Autobump korkVersion (#6001) + - chore(dependencies): Autobump fiatVersion (#6002) + +#### Spinnaker Igor - 1.30.3 + + - chore(dependencies): Autobump korkVersion (#1155) + - chore(dependencies): Autobump fiatVersion (#1156) + - chore(dependencies): Autobump korkVersion (#1158) + - chore(dependencies): Autobump fiatVersion (#1159) + +#### Spinnaker Rosco - 1.30.3 + + - chore(dependencies): Autobump korkVersion (#1010) + - chore(dependencies): Autobump korkVersion (#1011) + +#### Spinnaker Front50 - 1.30.3 + + - chore(dependencies): Autobump korkVersion (#1292) + - chore(dependencies): Autobump fiatVersion (#1293) + - chore(dependencies): Autobump korkVersion (#1295) + - chore(dependencies): Autobump fiatVersion (#1296) + +#### Spinnaker Deck - 1.30.3 + + +#### Spinnaker Kayenta - 1.30.3 + + - chore(dependencies): Autobump orcaVersion (#978) + - chore(dependencies): Autobump orcaVersion (#982) + - fix(orca): Fix orca contributors status. (backport #977) (#981) + +#### Spinnaker Fiat - 1.30.3 + + - chore(dependencies): Autobump korkVersion (#1088) + - chore(dependencies): Autobump korkVersion (#1089) + - fix(ssl): Removed unused deprecated okHttpClientConfig from retrofitConfig. (#1082) (#1091) + +#### Spinnaker Orca - 1.30.3 + + - fix(waiting-executions) : concurrent waiting executions doesn't follow FIFO (backport #4415) (#4503) + - chore(dependencies): Autobump korkVersion (#4505) + - chore(dependencies): Autobump fiatVersion (#4506) + - chore(dependencies): Autobump korkVersion (#4509) + - chore(dependencies): Autobump fiatVersion (#4510) + +#### Spinnaker Echo - 1.30.3 + + - fix(gha): Fix github status log and add tests (#1316) (#1317) + - chore(dependencies): Autobump korkVersion (#1326) + - chore(dependencies): Autobump fiatVersion (#1327) + - chore(dependencies): Autobump korkVersion (#1329) + - chore(dependencies): Autobump fiatVersion (#1330) + +#### Spinnaker Gate - 1.30.3 + + - chore(dependencies): Autobump korkVersion (#1687) + - chore(dependencies): Autobump fiatVersion (#1688) + - chore(dependencies): Autobump korkVersion (#1690) + - chore(dependencies): Autobump fiatVersion (#1691) + diff --git a/payload.json b/payload.json index f9debad2d6..7ddc07024d 100644 --- a/payload.json +++ b/payload.json @@ -1,151 +1,235 @@ { "armoryServices": [ { - "commitMessages": [], - "currentVersion": "2.30.1-rc2", + "commitMessages": [ + "chore(cd): update base service version to clouddriver:2023.07.19.19.07.34.release-1.30.x (#902)", + "chore(cd): update base service version to clouddriver:2023.07.21.18.23.46.release-1.30.x (#905)", + "chore(kubectl): upgrade kubectl version from 1.20.6 to 1.22.17 (backport #878) (#917)", + "chore(cd): update base service version to clouddriver:2023.08.17.03.37.47.release-1.30.x (#920)", + "chore(cd): update base service version to clouddriver:2023.08.17.06.57.33.release-1.30.x (#922)", + "chore(cd): update base service version to clouddriver:2023.08.18.20.50.29.release-1.30.x (#923)", + "fix: AWS CLI pip installation (#918) (#925)", + "chore(cd): update base service version to clouddriver:2023.08.18.23.44.54.release-1.30.x (#926)" + ], + "currentVersion": "2.30.1", "name": "Armory Clouddriver", - "previousVersion": "2.30.1-rc1" + "previousVersion": "2.30.0" }, { - "commitMessages": [], - "currentVersion": "2.30.1-rc2", + "commitMessages": [ + "chore(cd): update base service version to igor:2023.08.17.02.51.58.release-1.30.x (#480)", + "chore(cd): update base service version to igor:2023.08.17.04.46.32.release-1.30.x (#481)", + "chore(cd): update base service version to igor:2023.08.18.20.06.35.release-1.30.x (#483)", + "chore(cd): update base service version to igor:2023.08.18.23.01.56.release-1.30.x (#484)" + ], + "currentVersion": "2.30.1", "name": "Armory Igor", - "previousVersion": "2.30.1-rc1" + "previousVersion": "2.30.0" }, { - "commitMessages": [], - "currentVersion": "2.30.1-rc2", + "commitMessages": [ + "Session duration support on AWS roles (#500) (#503)", + "fix: One more session timeout place (#501) (#505)" + ], + "currentVersion": "2.30.1", "name": "Terraformer™", - "previousVersion": "2.30.1-rc1" + "previousVersion": "2.30.0" }, { - "commitMessages": [], - "currentVersion": "2.30.1-rc2", + "commitMessages": [ + "chore(cd): update base service version to rosco:2023.08.17.02.48.33.release-1.30.x (#558)", + "chore(cd): update base service version to rosco:2023.08.18.20.06.48.release-1.30.x (#559)" + ], + "currentVersion": "2.30.1", "name": "Armory Rosco", - "previousVersion": "2.30.1-rc1" + "previousVersion": "2.30.0" }, { - "commitMessages": [], - "currentVersion": "2.30.1-rc2", + "commitMessages": [ + "chore(cd): update base service version to front50:2023.08.18.20.06.26.release-1.30.x (#576)", + "chore(cd): update base service version to front50:2023.08.18.23.02.05.release-1.30.x (#577)" + ], + "currentVersion": "2.30.1", "name": "Armory Front50", - "previousVersion": "2.30.1-rc1" + "previousVersion": "2.30.0" }, { "commitMessages": [], - "currentVersion": "2.30.1-rc2", + "currentVersion": "2.30.1", "name": "Armory Deck", - "previousVersion": "2.30.1-rc1" + "previousVersion": "2.30.0" }, { "commitMessages": [ + "chore(cd): update base service version to kayenta:2023.08.17.05.53.17.release-1.30.x (#458)", + "chore(cd): update base service version to kayenta:2023.08.19.00.43.42.release-1.30.x (#461)", "chore(cd): update base service version to kayenta:2023.08.22.17.00.47.release-1.30.x (#463)" ], - "currentVersion": "2.30.1-rc2", + "currentVersion": "2.30.1", "name": "Armory Kayenta", - "previousVersion": "2.30.1-rc1" + "previousVersion": "2.30.0" }, { "commitMessages": [], - "currentVersion": "2.30.1-rc2", + "currentVersion": "2.30.1", "name": "Dinghy™", - "previousVersion": "2.30.1-rc1" + "previousVersion": "2.30.0" }, { "commitMessages": [ + "chore(cd): update base service version to fiat:2023.08.17.02.48.22.release-1.30.x (#511)", + "chore(cd): update base service version to fiat:2023.08.18.20.06.20.release-1.30.x (#512)", "chore(cd): update base service version to fiat:2023.08.22.18.06.01.release-1.30.x (#515)" ], - "currentVersion": "2.30.1-rc2", + "currentVersion": "2.30.1", "name": "Armory Fiat", - "previousVersion": "2.30.1-rc1" + "previousVersion": "2.30.0" }, { - "commitMessages": [], - "currentVersion": "2.30.1-rc2", + "commitMessages": [ + "chore(cd): update base orca version to 2023.08.15.19.18.48.release-1.30.x (#677)", + "chore(cd): update base orca version to 2023.08.17.02.56.00.release-1.30.x (#679)", + "chore(cd): update base orca version to 2023.08.17.04.55.06.release-1.30.x (#681)", + "chore(cd): update base orca version to 2023.08.18.20.16.18.release-1.30.x (#683)", + "chore(cd): update base orca version to 2023.08.18.23.14.04.release-1.30.x (#684)" + ], + "currentVersion": "2.30.1", "name": "Armory Orca", - "previousVersion": "2.30.1-rc1" + "previousVersion": "2.30.0" }, { - "commitMessages": [], - "currentVersion": "2.30.1-rc2", + "commitMessages": [ + "chore(cd): update base service version to echo:2023.08.17.02.52.47.release-1.30.x (#604)", + "chore(cd): update base service version to echo:2023.08.17.04.48.12.release-1.30.x (#606)", + "chore(cd): update base service version to echo:2023.08.18.20.06.15.release-1.30.x (#607)", + "chore(cd): update base service version to echo:2023.08.18.23.04.19.release-1.30.x (#608)" + ], + "currentVersion": "2.30.1", "name": "Armory Echo", - "previousVersion": "2.30.1-rc1" + "previousVersion": "2.30.0" }, { - "commitMessages": [], - "currentVersion": "2.30.1-rc2", + "commitMessages": [ + "chore(cd): update base service version to gate:2023.08.17.02.52.18.release-1.30.x (#592)", + "chore(cd): update base service version to gate:2023.08.17.04.50.02.release-1.30.x (#593)", + "chore(cd): update base service version to gate:2023.08.18.20.06.31.release-1.30.x (#595)", + "chore(cd): update base service version to gate:2023.08.18.23.02.38.release-1.30.x (#596)" + ], + "currentVersion": "2.30.1", "name": "Armory Gate", - "previousVersion": "2.30.1-rc1" + "previousVersion": "2.30.0" } ], - "armoryVersion": "2.30.1-rc2", + "armoryVersion": "2.30.1", "ossServices": [ { - "commitMessages": [], + "commitMessages": [ + "feat: Add the possibility to update the default handler for the Global Resource Property Registry. (#5963) (#5973)", + "fix(gce): remove the duplicate cache attribute \"subnet\" and update the test (#5977) (#5986)", + "chore(dependencies): Autobump korkVersion (#5998)", + "chore(dependencies): Autobump fiatVersion (#5999)", + "chore(dependencies): Autobump korkVersion (#6001)", + "chore(dependencies): Autobump fiatVersion (#6002)" + ], "currentVersion": "1.30.3", "name": "Spinnaker Clouddriver", - "previousVersion": "1.30.3" + "previousVersion": "1.30.0" }, { - "commitMessages": [], + "commitMessages": [ + "chore(dependencies): Autobump korkVersion (#1155)", + "chore(dependencies): Autobump fiatVersion (#1156)", + "chore(dependencies): Autobump korkVersion (#1158)", + "chore(dependencies): Autobump fiatVersion (#1159)" + ], "currentVersion": "1.30.3", "name": "Spinnaker Igor", - "previousVersion": "1.30.3" + "previousVersion": "1.30.0" }, { - "commitMessages": [], + "commitMessages": [ + "chore(dependencies): Autobump korkVersion (#1010)", + "chore(dependencies): Autobump korkVersion (#1011)" + ], "currentVersion": "1.30.3", "name": "Spinnaker Rosco", - "previousVersion": "1.30.3" + "previousVersion": "1.30.0" }, { - "commitMessages": [], + "commitMessages": [ + "chore(dependencies): Autobump korkVersion (#1292)", + "chore(dependencies): Autobump fiatVersion (#1293)", + "chore(dependencies): Autobump korkVersion (#1295)", + "chore(dependencies): Autobump fiatVersion (#1296)" + ], "currentVersion": "1.30.3", "name": "Spinnaker Front50", - "previousVersion": "1.30.3" + "previousVersion": "1.30.0" }, { "commitMessages": [], "currentVersion": "1.30.3", "name": "Spinnaker Deck", - "previousVersion": "1.30.3" + "previousVersion": "1.30.0" }, { "commitMessages": [ + "chore(dependencies): Autobump orcaVersion (#978)", + "chore(dependencies): Autobump orcaVersion (#982)", "fix(orca): Fix orca contributors status. (backport #977) (#981)" ], "currentVersion": "1.30.3", "name": "Spinnaker Kayenta", - "previousVersion": "1.30.3" + "previousVersion": "1.30.0" }, { "commitMessages": [ + "chore(dependencies): Autobump korkVersion (#1088)", + "chore(dependencies): Autobump korkVersion (#1089)", "fix(ssl): Removed unused deprecated okHttpClientConfig from retrofitConfig. (#1082) (#1091)" ], "currentVersion": "1.30.3", "name": "Spinnaker Fiat", - "previousVersion": "1.30.3" + "previousVersion": "1.30.0" }, { - "commitMessages": [], + "commitMessages": [ + "fix(waiting-executions) : concurrent waiting executions doesn't follow FIFO (backport #4415) (#4503)", + "chore(dependencies): Autobump korkVersion (#4505)", + "chore(dependencies): Autobump fiatVersion (#4506)", + "chore(dependencies): Autobump korkVersion (#4509)", + "chore(dependencies): Autobump fiatVersion (#4510)" + ], "currentVersion": "1.30.3", "name": "Spinnaker Orca", - "previousVersion": "1.30.3" + "previousVersion": "1.30.0" }, { - "commitMessages": [], + "commitMessages": [ + "fix(gha): Fix github status log and add tests (#1316) (#1317)", + "chore(dependencies): Autobump korkVersion (#1326)", + "chore(dependencies): Autobump fiatVersion (#1327)", + "chore(dependencies): Autobump korkVersion (#1329)", + "chore(dependencies): Autobump fiatVersion (#1330)" + ], "currentVersion": "1.30.3", "name": "Spinnaker Echo", - "previousVersion": "1.30.3" + "previousVersion": "1.30.0" }, { - "commitMessages": [], + "commitMessages": [ + "chore(dependencies): Autobump korkVersion (#1687)", + "chore(dependencies): Autobump fiatVersion (#1688)", + "chore(dependencies): Autobump korkVersion (#1690)", + "chore(dependencies): Autobump fiatVersion (#1691)" + ], "currentVersion": "1.30.3", "name": "Spinnaker Gate", - "previousVersion": "1.30.3" + "previousVersion": "1.30.0" } ], "ossVersion": "1.30.3", - "prerelease": true, + "prerelease": false, "stack": { "artifactSources": { "dockerRegistry": "docker.io/armory" @@ -159,39 +243,39 @@ "services": { "clouddriver": { "commit": "e83f27627c37921732db249ca823b2e6485a6f97", - "version": "2.30.1-rc2" + "version": "2.30.1" }, "deck": { "commit": "7737669d9a68843f448cc4c93ac2a6ea3485f95e", - "version": "2.30.1-rc2" + "version": "2.30.1" }, "dinghy": { "commit": "5250de80948732c8caac6ffc5293a8af80a63a0f", - "version": "2.30.1-rc2" + "version": "2.30.1" }, "echo": { "commit": "56844c654cd1b3981686933a9d5bc68011ee2bae", - "version": "2.30.1-rc2" + "version": "2.30.1" }, "fiat": { "commit": "30319b57d40a7e9fd61067b7e0d9fb73bf9a6c46", - "version": "2.30.1-rc2" + "version": "2.30.1" }, "front50": { "commit": "ec0919166ced870668d787708c249945e9291a01", - "version": "2.30.1-rc2" + "version": "2.30.1" }, "gate": { "commit": "2dc9b4b767ab502faaa1b99c131eb7263cf519da", - "version": "2.30.1-rc2" + "version": "2.30.1" }, "igor": { "commit": "67b4c66f33b8b97b89e6b052654bebfea460a41f", - "version": "2.30.1-rc2" + "version": "2.30.1" }, "kayenta": { "commit": "4d82ef4a72129a715749005235ce0d6ba4778603", - "version": "2.30.1-rc2" + "version": "2.30.1" }, "monitoring-daemon": { "commit": null, @@ -203,18 +287,18 @@ }, "orca": { "commit": "638d81c8d3186b6deb8829574c6ac5b65c88c94a", - "version": "2.30.1-rc2" + "version": "2.30.1" }, "rosco": { "commit": "e74de6eaccbed6301505d9f3d2f6745b410211a7", - "version": "2.30.1-rc2" + "version": "2.30.1" }, "terraformer": { "commit": "650746ae3f596f9c6458987487c81840c85dd2a0", - "version": "2.30.1-rc2" + "version": "2.30.1" } }, "timestamp": "2023-08-23 17:49:50", - "version": "2.30.1-rc2" + "version": "2.30.1" } } \ No newline at end of file From d87a604215814dc0fe53617bce3f01a4dc42d07f Mon Sep 17 00:00:00 2001 From: Krzysztof Kotula Date: Fri, 25 Aug 2023 18:37:18 +0200 Subject: [PATCH 12/15] docs(dinghy): Fixed inaccurate information about multiple branches support in Dinghy (#2106) * Update configure.md Removed incorrect information about selecting the branches from the UI. This is inaccurate. Enhanced the example yaml with one more item in the list to clarify how to configure multiple branches per single repository. * Update content/en/plugins/pipelines-as-code/install/configure.md Co-authored-by: Fernando Freire --------- Co-authored-by: Fernando Freire --- .../pipelines-as-code/install/configure.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/content/en/plugins/pipelines-as-code/install/configure.md b/content/en/plugins/pipelines-as-code/install/configure.md index 0b12b31ba5..ed05b29660 100644 --- a/content/en/plugins/pipelines-as-code/install/configure.md +++ b/content/en/plugins/pipelines-as-code/install/configure.md @@ -93,21 +93,22 @@ spec: {{< include "early-access-feature.html" >}} -This feature enables you to select multiple branches in the UI. You must enable the feature and configure your branches. - {{< tabpane text=true right=true >}} {{% tab header="Spinnaker" %}} -Add the following to your `dinghy.yml` config: +Each branch in a repository must be explicitly configured in a separate `repoConfig` item. In the example below, Dinghy properly handles changes from two branches, `branch_a` and `branch_b` in `repository-GitHub-repository`. Add the following to your `dinghy.yml` profile config: ```yaml multipleBranchesEnabled: true repoConfig: +- branch: branch_a + provider: github + repo: my-github-repository +- branch: branch_b + provider: github + repo: my-github-repository - branch: some_branch provider: bitbucket-server repo: my-bitbucket-repository -- branch: some_branch - provider: github - repo: my-github-repository ``` {{% /tab %}} {{% tab header="Armory CD" %}} @@ -478,4 +479,4 @@ Replace `}} \ No newline at end of file +* {{< linkWithTitle "plugins/pipelines-as-code/use.md" >}} From 916520924a90729caaa54502537049e916bb7fe3 Mon Sep 17 00:00:00 2001 From: armory-astrolabe <76064959+armory-astrolabe@users.noreply.github.com> Date: Mon, 28 Aug 2023 20:46:43 -0500 Subject: [PATCH 13/15] chore(release): add release notes for 2.30.2-rc1 (#2112) Co-authored-by: armory-astrolabe Co-authored-by: Fernando Freire --- .../armoryspinnaker_v2-30-2-rc1.md | 200 +++++++++++++ payload.json | 267 ++++++------------ 2 files changed, 291 insertions(+), 176 deletions(-) create mode 100644 content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-2-rc1.md diff --git a/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-2-rc1.md b/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-2-rc1.md new file mode 100644 index 0000000000..beae8f6a7f --- /dev/null +++ b/content/en/continuous-deployment/release-notes/rn-prerelease-armory-spinnaker/armoryspinnaker_v2-30-2-rc1.md @@ -0,0 +1,200 @@ +--- +title: v2.30.2-rc1 Armory Release (OSS Spinnaker™ v1.30.3) +toc_hide: true +date: 2023-08-29 +version: +description: > + Release notes for Armory Continuous Deployment v2.30.2-rc1. A beta release is not meant for installation in production environments. + +--- + +## 2023/08/29 Release Notes + +## Disclaimer + +This pre-release software is to allow limited access to test or beta versions of the Armory services (“Services”) and to provide feedback and comments to Armory regarding the use of such Services. By using Services, you agree to be bound by the terms and conditions set forth herein. + +Your Feedback is important and we welcome any feedback, analysis, suggestions and comments (including, but not limited to, bug reports and test results) (collectively, “Feedback”) regarding the Services. Any Feedback you provide will become the property of Armory and you agree that Armory may use or otherwise exploit all or part of your feedback or any derivative thereof in any manner without any further remuneration, compensation or credit to you. You represent and warrant that any Feedback which is provided by you hereunder is original work made solely by you and does not infringe any third party intellectual property rights. + +Any Feedback provided to Armory shall be considered Armory Confidential Information and shall be covered by any confidentiality agreements between you and Armory. + +You acknowledge that you are using the Services on a purely voluntary basis, as a means of assisting, and in consideration of the opportunity to assist Armory to use, implement, and understand various facets of the Services. You acknowledge and agree that nothing herein or in your voluntary submission of Feedback creates any employment relationship between you and Armory. + +Armory may, in its sole discretion, at any time, terminate or discontinue all or your access to the Services. You acknowledge and agree that all such decisions by Armory are final and Armory will have no liability with respect to such decisions. + +YOUR USE OF THE SERVICES IS AT YOUR OWN RISK. THE SERVICES, THE ARMORY TOOLS AND THE CONTENT ARE PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. ARMORY AND ITS LICENSORS MAKE NO REPRESENTATION, WARRANTY, OR GUARANTY AS TO THE RELIABILITY, TIMELINESS, QUALITY, SUITABILITY, TRUTH, AVAILABILITY, ACCURACY OR COMPLETENESS OF THE SERVICES, THE ARMORY TOOLS OR ANY CONTENT. ARMORY EXPRESSLY DISCLAIMS ON ITS OWN BEHALF AND ON BEHALF OF ITS EMPLOYEES, AGENTS, ATTORNEYS, CONSULTANTS, OR CONTRACTORS ANY AND ALL WARRANTIES INCLUDING, WITHOUT LIMITATION (A) THE USE OF THE SERVICES OR THE ARMORY TOOLS WILL BE TIMELY, UNINTERRUPTED OR ERROR-FREE OR OPERATE IN COMBINATION WITH ANY OTHER HARDWARE, SOFTWARE, SYSTEM OR DATA, (B) THE SERVICES AND THE ARMORY TOOLS AND/OR THEIR QUALITY WILL MEET CUSTOMER”S REQUIREMENTS OR EXPECTATIONS, (C) ANY CONTENT WILL BE ACCURATE OR RELIABLE, (D) ERRORS OR DEFECTS WILL BE CORRECTED, OR (E) THE SERVICES, THE ARMORY TOOLS OR THE SERVER(S) THAT MAKE THE SERVICES AVAILABLE ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS. CUSTOMER AGREES THAT ARMORY SHALL NOT BE RESPONSIBLE FOR THE AVAILABILITY OR ACTS OR OMISSIONS OF ANY THIRD PARTY, INCLUDING ANY THIRD-PARTY APPLICATION OR PRODUCT, AND ARMORY HEREBY DISCLAIMS ANY AND ALL LIABILITY IN CONNECTION WITH SUCH THIRD PARTIES. + +IN NO EVENT SHALL ARMORY, ITS EMPLOYEES, AGENTS, ATTORNEYS, CONSULTANTS, OR CONTRACTORS BE LIABLE UNDER THIS AGREEMENT FOR ANY CONSEQUENTIAL, SPECIAL, LOST PROFITS, INDIRECT OR OTHER DAMAGES, INCLUDING BUT NOT LIMITED TO LOST PROFITS, LOSS OF BUSINESS, COST OF COVER WHETHER BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, EVEN IF ARMORY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY. IN ANY EVENT, ARMORY, ITS EMPLOYEES’, AGENTS’, ATTORNEYS’, CONSULTANTS’ OR CONTRACTORS’ AGGREGATE LIABILITY UNDER THIS AGREEMENT FOR ANY CLAIM SHALL BE STRICTLY LIMITED TO $100.00. SOME STATES DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU. + +You acknowledge that Armory has provided the Services in reliance upon the limitations of liability set forth herein and that the same is an essential basis of the bargain between the parties. + + +## Required Armory Operator version + +To install, upgrade, or configure Armory 2.30.2-rc1, use Armory Operator 1.70 or later. + +## Security + +Armory scans the codebase as we develop and release software. Contact your Armory account representative for information about CVE scans for this release. + +## Breaking changes + + +> Breaking changes are kept in this list for 3 minor versions from when the change is introduced. For example, a breaking change introduced in 2.21.0 appears in the list up to and including the 2.24.x releases. It would not appear on 2.25.x release notes. + +## Known issues + + +## Highlighted updates + + + + + + +### Spinnaker Community Contributions + +There have also been numerous enhancements, fixes, and features across all of Spinnaker's other services. See the +[Spinnaker v1.30.3](https://www.spinnaker.io/changelogs/1.30.3-changelog/) changelog for details. + +## Detailed updates + +### Bill Of Materials (BOM) + +Here's the BOM for this version. +
Expand +
+artifactSources:
+  dockerRegistry: docker.io/armory
+dependencies:
+  redis:
+    commit: null
+    version: 2:2.8.4-2
+services:
+  clouddriver:
+    commit: 9e69fcd6cd17f31e35eeb7d443cdbf9c2d9ac187
+    version: 2.30.2-rc1
+  deck:
+    commit: 7737669d9a68843f448cc4c93ac2a6ea3485f95e
+    version: 2.30.2-rc1
+  dinghy:
+    commit: 5250de80948732c8caac6ffc5293a8af80a63a0f
+    version: 2.30.2-rc1
+  echo:
+    commit: 56844c654cd1b3981686933a9d5bc68011ee2bae
+    version: 2.30.2-rc1
+  fiat:
+    commit: 30319b57d40a7e9fd61067b7e0d9fb73bf9a6c46
+    version: 2.30.2-rc1
+  front50:
+    commit: ec0919166ced870668d787708c249945e9291a01
+    version: 2.30.2-rc1
+  gate:
+    commit: df941ff5c34d14e794c8784c28a1b30b28754971
+    version: 2.30.2-rc1
+  igor:
+    commit: 67b4c66f33b8b97b89e6b052654bebfea460a41f
+    version: 2.30.2-rc1
+  kayenta:
+    commit: 4d82ef4a72129a715749005235ce0d6ba4778603
+    version: 2.30.2-rc1
+  monitoring-daemon:
+    commit: null
+    version: 2.26.0
+  monitoring-third-party:
+    commit: null
+    version: 2.26.0
+  orca:
+    commit: 638d81c8d3186b6deb8829574c6ac5b65c88c94a
+    version: 2.30.2-rc1
+  rosco:
+    commit: e74de6eaccbed6301505d9f3d2f6745b410211a7
+    version: 2.30.2-rc1
+  terraformer:
+    commit: 650746ae3f596f9c6458987487c81840c85dd2a0
+    version: 2.30.2-rc1
+timestamp: "2023-08-29 01:03:06"
+version: 2.30.2-rc1
+
+
+
+ +### Armory + + +#### Armory Clouddriver - 2.30.1...2.30.2-rc1 + + - chore(cd): update base service version to clouddriver:2023.08.25.16.41.50.release-1.30.x (#933) + - chore(cd): update base service version to clouddriver:2023.08.28.14.14.14.release-1.30.x (#937) + +#### Armory Deck - 2.30.1...2.30.2-rc1 + + +#### Dinghy™ - 2.30.1...2.30.2-rc1 + + +#### Armory Echo - 2.30.1...2.30.2-rc1 + + +#### Armory Fiat - 2.30.1...2.30.2-rc1 + + +#### Armory Front50 - 2.30.1...2.30.2-rc1 + + +#### Armory Gate - 2.30.1...2.30.2-rc1 + + - fix: esapi CVE scan report (#602) (#603) + +#### Armory Igor - 2.30.1...2.30.2-rc1 + + +#### Armory Kayenta - 2.30.1...2.30.2-rc1 + + +#### Armory Orca - 2.30.1...2.30.2-rc1 + + +#### Armory Rosco - 2.30.1...2.30.2-rc1 + + +#### Terraformer™ - 2.30.1...2.30.2-rc1 + + + +### Spinnaker + + +#### Spinnaker Clouddriver - 1.30.3 + +#### Spinnaker Deck - 1.30.3 + + +#### Spinnaker Echo - 1.30.3 + + +#### Spinnaker Fiat - 1.30.3 + + +#### Spinnaker Front50 - 1.30.3 + + +#### Spinnaker Gate - 1.30.3 + + +#### Spinnaker Igor - 1.30.3 + + +#### Spinnaker Kayenta - 1.30.3 + + +#### Spinnaker Orca - 1.30.3 + + +#### Spinnaker Rosco - 1.30.3 + + diff --git a/payload.json b/payload.json index 7ddc07024d..48b63a9433 100644 --- a/payload.json +++ b/payload.json @@ -2,234 +2,149 @@ "armoryServices": [ { "commitMessages": [ - "chore(cd): update base service version to clouddriver:2023.07.19.19.07.34.release-1.30.x (#902)", - "chore(cd): update base service version to clouddriver:2023.07.21.18.23.46.release-1.30.x (#905)", - "chore(kubectl): upgrade kubectl version from 1.20.6 to 1.22.17 (backport #878) (#917)", - "chore(cd): update base service version to clouddriver:2023.08.17.03.37.47.release-1.30.x (#920)", - "chore(cd): update base service version to clouddriver:2023.08.17.06.57.33.release-1.30.x (#922)", - "chore(cd): update base service version to clouddriver:2023.08.18.20.50.29.release-1.30.x (#923)", - "fix: AWS CLI pip installation (#918) (#925)", - "chore(cd): update base service version to clouddriver:2023.08.18.23.44.54.release-1.30.x (#926)" + "chore(cd): update base service version to clouddriver:2023.08.25.16.41.50.release-1.30.x (#933)", + "chore(cd): update base service version to clouddriver:2023.08.28.14.14.14.release-1.30.x (#937)" ], - "currentVersion": "2.30.1", + "currentVersion": "2.30.2-rc1", "name": "Armory Clouddriver", - "previousVersion": "2.30.0" + "previousVersion": "2.30.1" }, { - "commitMessages": [ - "chore(cd): update base service version to igor:2023.08.17.02.51.58.release-1.30.x (#480)", - "chore(cd): update base service version to igor:2023.08.17.04.46.32.release-1.30.x (#481)", - "chore(cd): update base service version to igor:2023.08.18.20.06.35.release-1.30.x (#483)", - "chore(cd): update base service version to igor:2023.08.18.23.01.56.release-1.30.x (#484)" - ], - "currentVersion": "2.30.1", - "name": "Armory Igor", - "previousVersion": "2.30.0" + "commitMessages": [], + "currentVersion": "2.30.2-rc1", + "name": "Armory Deck", + "previousVersion": "2.30.1" }, { - "commitMessages": [ - "Session duration support on AWS roles (#500) (#503)", - "fix: One more session timeout place (#501) (#505)" - ], - "currentVersion": "2.30.1", - "name": "Terraformer™", - "previousVersion": "2.30.0" + "commitMessages": [], + "currentVersion": "2.30.2-rc1", + "name": "Dinghy™", + "previousVersion": "2.30.1" }, { - "commitMessages": [ - "chore(cd): update base service version to rosco:2023.08.17.02.48.33.release-1.30.x (#558)", - "chore(cd): update base service version to rosco:2023.08.18.20.06.48.release-1.30.x (#559)" - ], - "currentVersion": "2.30.1", - "name": "Armory Rosco", - "previousVersion": "2.30.0" + "commitMessages": [], + "currentVersion": "2.30.2-rc1", + "name": "Armory Echo", + "previousVersion": "2.30.1" }, { - "commitMessages": [ - "chore(cd): update base service version to front50:2023.08.18.20.06.26.release-1.30.x (#576)", - "chore(cd): update base service version to front50:2023.08.18.23.02.05.release-1.30.x (#577)" - ], - "currentVersion": "2.30.1", - "name": "Armory Front50", - "previousVersion": "2.30.0" + "commitMessages": [], + "currentVersion": "2.30.2-rc1", + "name": "Armory Fiat", + "previousVersion": "2.30.1" }, { "commitMessages": [], - "currentVersion": "2.30.1", - "name": "Armory Deck", - "previousVersion": "2.30.0" + "currentVersion": "2.30.2-rc1", + "name": "Armory Front50", + "previousVersion": "2.30.1" }, { "commitMessages": [ - "chore(cd): update base service version to kayenta:2023.08.17.05.53.17.release-1.30.x (#458)", - "chore(cd): update base service version to kayenta:2023.08.19.00.43.42.release-1.30.x (#461)", - "chore(cd): update base service version to kayenta:2023.08.22.17.00.47.release-1.30.x (#463)" + "fix: esapi CVE scan report (#602) (#603)" ], - "currentVersion": "2.30.1", - "name": "Armory Kayenta", - "previousVersion": "2.30.0" + "currentVersion": "2.30.2-rc1", + "name": "Armory Gate", + "previousVersion": "2.30.1" }, { "commitMessages": [], - "currentVersion": "2.30.1", - "name": "Dinghy™", - "previousVersion": "2.30.0" + "currentVersion": "2.30.2-rc1", + "name": "Armory Igor", + "previousVersion": "2.30.1" }, { - "commitMessages": [ - "chore(cd): update base service version to fiat:2023.08.17.02.48.22.release-1.30.x (#511)", - "chore(cd): update base service version to fiat:2023.08.18.20.06.20.release-1.30.x (#512)", - "chore(cd): update base service version to fiat:2023.08.22.18.06.01.release-1.30.x (#515)" - ], - "currentVersion": "2.30.1", - "name": "Armory Fiat", - "previousVersion": "2.30.0" + "commitMessages": [], + "currentVersion": "2.30.2-rc1", + "name": "Armory Kayenta", + "previousVersion": "2.30.1" }, { - "commitMessages": [ - "chore(cd): update base orca version to 2023.08.15.19.18.48.release-1.30.x (#677)", - "chore(cd): update base orca version to 2023.08.17.02.56.00.release-1.30.x (#679)", - "chore(cd): update base orca version to 2023.08.17.04.55.06.release-1.30.x (#681)", - "chore(cd): update base orca version to 2023.08.18.20.16.18.release-1.30.x (#683)", - "chore(cd): update base orca version to 2023.08.18.23.14.04.release-1.30.x (#684)" - ], - "currentVersion": "2.30.1", + "commitMessages": [], + "currentVersion": "2.30.2-rc1", "name": "Armory Orca", - "previousVersion": "2.30.0" + "previousVersion": "2.30.1" }, { - "commitMessages": [ - "chore(cd): update base service version to echo:2023.08.17.02.52.47.release-1.30.x (#604)", - "chore(cd): update base service version to echo:2023.08.17.04.48.12.release-1.30.x (#606)", - "chore(cd): update base service version to echo:2023.08.18.20.06.15.release-1.30.x (#607)", - "chore(cd): update base service version to echo:2023.08.18.23.04.19.release-1.30.x (#608)" - ], - "currentVersion": "2.30.1", - "name": "Armory Echo", - "previousVersion": "2.30.0" + "commitMessages": [], + "currentVersion": "2.30.2-rc1", + "name": "Armory Rosco", + "previousVersion": "2.30.1" }, { - "commitMessages": [ - "chore(cd): update base service version to gate:2023.08.17.02.52.18.release-1.30.x (#592)", - "chore(cd): update base service version to gate:2023.08.17.04.50.02.release-1.30.x (#593)", - "chore(cd): update base service version to gate:2023.08.18.20.06.31.release-1.30.x (#595)", - "chore(cd): update base service version to gate:2023.08.18.23.02.38.release-1.30.x (#596)" - ], - "currentVersion": "2.30.1", - "name": "Armory Gate", - "previousVersion": "2.30.0" + "commitMessages": [], + "currentVersion": "2.30.2-rc1", + "name": "Terraformer™", + "previousVersion": "2.30.1" } ], - "armoryVersion": "2.30.1", + "armoryVersion": "2.30.2-rc1", "ossServices": [ { "commitMessages": [ - "feat: Add the possibility to update the default handler for the Global Resource Property Registry. (#5963) (#5973)", - "fix(gce): remove the duplicate cache attribute \"subnet\" and update the test (#5977) (#5986)", - "chore(dependencies): Autobump korkVersion (#5998)", - "chore(dependencies): Autobump fiatVersion (#5999)", - "chore(dependencies): Autobump korkVersion (#6001)", - "chore(dependencies): Autobump fiatVersion (#6002)" + "fix(builds): Backport flag for installing aws cli (#6006)" ], "currentVersion": "1.30.3", "name": "Spinnaker Clouddriver", - "previousVersion": "1.30.0" + "previousVersion": "1.30.3" }, { - "commitMessages": [ - "chore(dependencies): Autobump korkVersion (#1155)", - "chore(dependencies): Autobump fiatVersion (#1156)", - "chore(dependencies): Autobump korkVersion (#1158)", - "chore(dependencies): Autobump fiatVersion (#1159)" - ], + "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Igor", - "previousVersion": "1.30.0" + "name": "Spinnaker Deck", + "previousVersion": "1.30.3" }, { - "commitMessages": [ - "chore(dependencies): Autobump korkVersion (#1010)", - "chore(dependencies): Autobump korkVersion (#1011)" - ], + "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Rosco", - "previousVersion": "1.30.0" + "name": "Spinnaker Echo", + "previousVersion": "1.30.3" }, { - "commitMessages": [ - "chore(dependencies): Autobump korkVersion (#1292)", - "chore(dependencies): Autobump fiatVersion (#1293)", - "chore(dependencies): Autobump korkVersion (#1295)", - "chore(dependencies): Autobump fiatVersion (#1296)" - ], + "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Front50", - "previousVersion": "1.30.0" + "name": "Spinnaker Fiat", + "previousVersion": "1.30.3" }, { "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Deck", - "previousVersion": "1.30.0" + "name": "Spinnaker Front50", + "previousVersion": "1.30.3" }, { - "commitMessages": [ - "chore(dependencies): Autobump orcaVersion (#978)", - "chore(dependencies): Autobump orcaVersion (#982)", - "fix(orca): Fix orca contributors status. (backport #977) (#981)" - ], + "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Kayenta", - "previousVersion": "1.30.0" + "name": "Spinnaker Gate", + "previousVersion": "1.30.3" }, { - "commitMessages": [ - "chore(dependencies): Autobump korkVersion (#1088)", - "chore(dependencies): Autobump korkVersion (#1089)", - "fix(ssl): Removed unused deprecated okHttpClientConfig from retrofitConfig. (#1082) (#1091)" - ], + "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Fiat", - "previousVersion": "1.30.0" + "name": "Spinnaker Igor", + "previousVersion": "1.30.3" }, { - "commitMessages": [ - "fix(waiting-executions) : concurrent waiting executions doesn't follow FIFO (backport #4415) (#4503)", - "chore(dependencies): Autobump korkVersion (#4505)", - "chore(dependencies): Autobump fiatVersion (#4506)", - "chore(dependencies): Autobump korkVersion (#4509)", - "chore(dependencies): Autobump fiatVersion (#4510)" - ], + "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Orca", - "previousVersion": "1.30.0" + "name": "Spinnaker Kayenta", + "previousVersion": "1.30.3" }, { - "commitMessages": [ - "fix(gha): Fix github status log and add tests (#1316) (#1317)", - "chore(dependencies): Autobump korkVersion (#1326)", - "chore(dependencies): Autobump fiatVersion (#1327)", - "chore(dependencies): Autobump korkVersion (#1329)", - "chore(dependencies): Autobump fiatVersion (#1330)" - ], + "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Echo", - "previousVersion": "1.30.0" + "name": "Spinnaker Orca", + "previousVersion": "1.30.3" }, { - "commitMessages": [ - "chore(dependencies): Autobump korkVersion (#1687)", - "chore(dependencies): Autobump fiatVersion (#1688)", - "chore(dependencies): Autobump korkVersion (#1690)", - "chore(dependencies): Autobump fiatVersion (#1691)" - ], + "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Gate", - "previousVersion": "1.30.0" + "name": "Spinnaker Rosco", + "previousVersion": "1.30.3" } ], "ossVersion": "1.30.3", - "prerelease": false, + "prerelease": true, "stack": { "artifactSources": { "dockerRegistry": "docker.io/armory" @@ -242,40 +157,40 @@ }, "services": { "clouddriver": { - "commit": "e83f27627c37921732db249ca823b2e6485a6f97", - "version": "2.30.1" + "commit": "9e69fcd6cd17f31e35eeb7d443cdbf9c2d9ac187", + "version": "2.30.2-rc1" }, "deck": { "commit": "7737669d9a68843f448cc4c93ac2a6ea3485f95e", - "version": "2.30.1" + "version": "2.30.2-rc1" }, "dinghy": { "commit": "5250de80948732c8caac6ffc5293a8af80a63a0f", - "version": "2.30.1" + "version": "2.30.2-rc1" }, "echo": { "commit": "56844c654cd1b3981686933a9d5bc68011ee2bae", - "version": "2.30.1" + "version": "2.30.2-rc1" }, "fiat": { "commit": "30319b57d40a7e9fd61067b7e0d9fb73bf9a6c46", - "version": "2.30.1" + "version": "2.30.2-rc1" }, "front50": { "commit": "ec0919166ced870668d787708c249945e9291a01", - "version": "2.30.1" + "version": "2.30.2-rc1" }, "gate": { - "commit": "2dc9b4b767ab502faaa1b99c131eb7263cf519da", - "version": "2.30.1" + "commit": "df941ff5c34d14e794c8784c28a1b30b28754971", + "version": "2.30.2-rc1" }, "igor": { "commit": "67b4c66f33b8b97b89e6b052654bebfea460a41f", - "version": "2.30.1" + "version": "2.30.2-rc1" }, "kayenta": { "commit": "4d82ef4a72129a715749005235ce0d6ba4778603", - "version": "2.30.1" + "version": "2.30.2-rc1" }, "monitoring-daemon": { "commit": null, @@ -287,18 +202,18 @@ }, "orca": { "commit": "638d81c8d3186b6deb8829574c6ac5b65c88c94a", - "version": "2.30.1" + "version": "2.30.2-rc1" }, "rosco": { "commit": "e74de6eaccbed6301505d9f3d2f6745b410211a7", - "version": "2.30.1" + "version": "2.30.2-rc1" }, "terraformer": { "commit": "650746ae3f596f9c6458987487c81840c85dd2a0", - "version": "2.30.1" + "version": "2.30.2-rc1" } }, - "timestamp": "2023-08-23 17:49:50", - "version": "2.30.1" + "timestamp": "2023-08-29 01:03:06", + "version": "2.30.2-rc1" } } \ No newline at end of file From f6072dacd1b60de9309e181462af453e0ce97a60 Mon Sep 17 00:00:00 2001 From: armory-astrolabe <76064959+armory-astrolabe@users.noreply.github.com> Date: Tue, 29 Aug 2023 15:37:25 -0500 Subject: [PATCH 14/15] chore(release): add release notes for 2.30.2 (#2114) * chore(release): add release notes for 2.30.2 * Update armoryspinnaker_v2-30-2.md First pass at the release notes for the 2.30.2 release. I need a suggestion of how to phrase the fix in the release notes. * Update content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-2.md --------- Co-authored-by: armory-astrolabe Co-authored-by: Marcia Knous <81816978+mknous@users.noreply.github.com> Co-authored-by: Fernando Freire --- .../armoryspinnaker_v2-30-2.md | 268 ++++++++++++++++++ payload.json | 118 ++++---- 2 files changed, 327 insertions(+), 59 deletions(-) create mode 100644 content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-2.md diff --git a/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-2.md b/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-2.md new file mode 100644 index 0000000000..4f7be2d2a4 --- /dev/null +++ b/content/en/continuous-deployment/release-notes/rn-armory-spinnaker/armoryspinnaker_v2-30-2.md @@ -0,0 +1,268 @@ +--- +title: v2.30.2 Armory Release (OSS Spinnaker™ v1.30.3) +toc_hide: true +version: 2.30.2 +date: 2023-08-29 +description: > + Release notes for Armory Continuous Deployment v2.30.2 +--- + +## 2023/08/29 Release Notes + +> Note: If you're experiencing production issues after upgrading Spinnaker, rollback to a previous working version and please report issues to [http://go.armory.io/support](http://go.armory.io/support). + +## Required Armory Operator version + +To install, upgrade, or configure Armory 2.30.2, use Armory Operator 1.70 or later. + +## Security + +Armory scans the codebase as we develop and release software. Contact your Armory account representative for information about CVE scans for this release. + +## Breaking changes + + +> Breaking changes are kept in this list for 3 minor versions from when the change is introduced. For example, a breaking change introduced in 2.21.0 appears in the list up to and including the 2.24.x releases. It would not appear on 2.25.x release notes. + +### Orca requires RDBMS configured for UTF-8 encoding +**Impact** + +- 2.28.6 migrates to the AWS MySQL driver from the OSS MySQL drivers. This change is mostly seamless, but we’ve identified one breaking change. If your database was created without utf8mb4 you will see failures after this upgrade. utf8mb4 is the recommended DB format for any Spinnaker database, and we don’t anticipate most users who’ve followed setup instructions to encounter this failure. However, we’re calling out this change as a safeguard. + +**Introduced in**: Armory CD 2.28.6 + +{{< include "breaking-changes/bc-kubectl-120.md" >}} +{{< include "breaking-changes/bc-plugin-compatibility-2-28-0.md" >}} + +## Known issues + + +### 1.30+ “required artifacts to bind” breaks pipelines +Expected artifacts can be used in automated triggers and stages, and OSS [1.30](https://spinnaker.io/changelogs/1.30.0-changelog/#changes-to-the-way-artifact-constraints-on-triggers-work) changed the way artifact constraints work on triggers. Unfortunately those changes broke the previous behavior when triggering a pipeline from a stage, and this fix restores the previous behavior. + +**Affected versions**: Armory CD 2.30.0 + +### Clouddriver and Spring Cloud +The Spring Boot version has been upgraded, introducing a backwards incompatible change to the way configuration is loaded in Spinnaker. Users will need to set the ***spring.cloud.config.enabled*** property to ***true*** in the service settings of Clouddriver to preserve existing behavior. All of the other configuration blocks remain the same. + +**Affected versions**: Armory CD 2.30.0 + +### Application attributes section displays “This Application has not been configured” +There is a known issue that relates to the **Application Attributes** section under the **Config** menu. An application that was already created and configured in Spinnaker displays the message, “This application has not been configured.” While the information is missing, there is no functional impact. + +**Affected versions**: Armory CD 2.28.0 and later + +### SpEL expressions and artifact binding +There is an issue where it appears that SpEL expressions are not being evaluated properly in artifact declarations (such as container images) for events such as the Deploy Manifest stage. What is actually happening is that an artifact binding is overriding the image value. + +**Workaround**: +2.27.x or later: Disable artifact binding by adding the following parameter to the stage JSON: `enableArtifactBinding: false`. +This setting only binds the version when the tag is missing, such as `image: nginx` without a version number. + +**Affected versions**: Armory CD 2.27.x and later + +## Deprecations +Reference [Feature Deprecations and end of support](https://docs.armory.io/continuous-deployment/feature-status/deprecations/) + +## Early access enabled by default + +### **Automatically Cancel Jenkins Jobs** + +You now have the ability to cancel triggered Jenkins jobs when a Spinnaker pipeline is canceled, giving you more control over your full Jenkins workflow. Learn more about Jenkins + Spinnaker in this [Spinnaker changelog.](https://spinnaker.io/changelogs/1.29.0-changelog/#orca). + +### **Enhanced BitBucket Server pull request handling** + +Trigger Spinnaker pipelines natively when pull requests are opened in BitBucket with newly added events including PR opened, deleted, and declined. See [Triggering pipelines with Bitbucket Server](https://spinnaker.io/docs/guides/user/pipeline/triggers/bitbucket-events/) in the Spinnaker docs for details + +## Early Access + +### **Dynamic Rollback Timeout** + +To make the dynamic timeout available, you need to enable the feature flag in Orca and Deck. You need to add this block to `orca.yml` file if you want to enable the dynamic rollback timeout feature: + +``` + +rollback: + timeout: + enabled: true + +``` + +On the Orca side, the feature flag overrides the default value rollback timeout - 5 min - with a UI input from the user. + +On the Deck side, the feature flag enhances the Rollback Cluster stage UI with timeout input. + +`window.spinnakerSettings.feature.dynamicRollbackTimeout = true;` + +The default is used if there is no value set in the UI. + +### **Dinghy PR Checks** + +This feature, when enabled, verifies if the author of a commit that changed app parameters has sufficient WRITE permission for that app. You can specify a list of authors whose permissions are not valid. This option’s purpose is to skip permissions checks for bots and tools. + +See [Permissions check for a commit]({{< ref "plugins/pipelines-as-code/install/configure#permissions-check-for-a-commit" >}}) for details. + +### **Terraform template fix** + +Armory fixed an issue with SpEL expression failures appearing while using Terraformer to serialize data from a Terraform Plan execution. With this feature flag fix enabled, you will be able to use the Terraform template file provider. Please open a support ticket if you need this fix. + +### **Pipelines as Code multi-branch enhancement** + +Now you can configure Pipelines as Code to pull Dinghy files from multiple branches on the same repo. Cut out the tedious task of managing multiple repos; have a single repo for Spinnaker application pipelines. See [Multiple branches]({{< ref "plugins/pipelines-as-code/install/configure#multiple-branches" >}}) for how to enable and configure this feature. + + +## Highlighted updates + + + +### Gate +* fix: regression in saml configuration that prevented successful configuration of authn/z + +### Spinnaker Community Contributions + +There have also been numerous enhancements, fixes, and features across all of Spinnaker's other services. See the +[Spinnaker v1.30.3](https://www.spinnaker.io/changelogs/1.30.3-changelog/) changelog for details. + +## Detailed updates + +### Bill Of Materials (BOM) + +Here's the BOM for this version. +
Expand +
+artifactSources:
+  dockerRegistry: docker.io/armory
+dependencies:
+  redis:
+    commit: null
+    version: 2:2.8.4-2
+services:
+  clouddriver:
+    commit: 9e69fcd6cd17f31e35eeb7d443cdbf9c2d9ac187
+    version: 2.30.2
+  deck:
+    commit: 7737669d9a68843f448cc4c93ac2a6ea3485f95e
+    version: 2.30.2
+  dinghy:
+    commit: 5250de80948732c8caac6ffc5293a8af80a63a0f
+    version: 2.30.2
+  echo:
+    commit: 56844c654cd1b3981686933a9d5bc68011ee2bae
+    version: 2.30.2
+  fiat:
+    commit: 30319b57d40a7e9fd61067b7e0d9fb73bf9a6c46
+    version: 2.30.2
+  front50:
+    commit: ec0919166ced870668d787708c249945e9291a01
+    version: 2.30.2
+  gate:
+    commit: df941ff5c34d14e794c8784c28a1b30b28754971
+    version: 2.30.2
+  igor:
+    commit: 67b4c66f33b8b97b89e6b052654bebfea460a41f
+    version: 2.30.2
+  kayenta:
+    commit: 4d82ef4a72129a715749005235ce0d6ba4778603
+    version: 2.30.2
+  monitoring-daemon:
+    commit: null
+    version: 2.26.0
+  monitoring-third-party:
+    commit: null
+    version: 2.26.0
+  orca:
+    commit: 638d81c8d3186b6deb8829574c6ac5b65c88c94a
+    version: 2.30.2
+  rosco:
+    commit: e74de6eaccbed6301505d9f3d2f6745b410211a7
+    version: 2.30.2
+  terraformer:
+    commit: 650746ae3f596f9c6458987487c81840c85dd2a0
+    version: 2.30.2
+timestamp: "2023-08-29 01:03:06"
+version: 2.30.2
+
+
+
+ +### Armory + + +#### Terraformer™ - 2.30.1...2.30.2 + + +#### Armory Igor - 2.30.1...2.30.2 + + +#### Armory Clouddriver - 2.30.1...2.30.2 + + - chore(cd): update base service version to clouddriver:2023.08.25.16.41.50.release-1.30.x (#933) + - chore(cd): update base service version to clouddriver:2023.08.28.14.14.14.release-1.30.x (#937) + +#### Armory Rosco - 2.30.1...2.30.2 + + +#### Armory Gate - 2.30.1...2.30.2 + + - fix: esapi CVE scan report (#602) (#603) + +#### Armory Front50 - 2.30.1...2.30.2 + + +#### Armory Deck - 2.30.1...2.30.2 + + +#### Armory Kayenta - 2.30.1...2.30.2 + + +#### Dinghy™ - 2.30.1...2.30.2 + + +#### Armory Fiat - 2.30.1...2.30.2 + + +#### Armory Orca - 2.30.1...2.30.2 + + +#### Armory Echo - 2.30.1...2.30.2 + + + +### Spinnaker + + +#### Spinnaker Igor - 1.30.3 + + +#### Spinnaker Clouddriver - 1.30.3 + + - fix(builds): Backport flag for installing aws cli (#6006) + +#### Spinnaker Rosco - 1.30.3 + + +#### Spinnaker Gate - 1.30.3 + + +#### Spinnaker Front50 - 1.30.3 + + +#### Spinnaker Deck - 1.30.3 + + +#### Spinnaker Kayenta - 1.30.3 + + +#### Spinnaker Fiat - 1.30.3 + + +#### Spinnaker Orca - 1.30.3 + + +#### Spinnaker Echo - 1.30.3 + + diff --git a/payload.json b/payload.json index 48b63a9433..fbfd5eb169 100644 --- a/payload.json +++ b/payload.json @@ -1,109 +1,109 @@ { "armoryServices": [ { - "commitMessages": [ - "chore(cd): update base service version to clouddriver:2023.08.25.16.41.50.release-1.30.x (#933)", - "chore(cd): update base service version to clouddriver:2023.08.28.14.14.14.release-1.30.x (#937)" - ], - "currentVersion": "2.30.2-rc1", - "name": "Armory Clouddriver", + "commitMessages": [], + "currentVersion": "2.30.2", + "name": "Terraformer™", "previousVersion": "2.30.1" }, { "commitMessages": [], - "currentVersion": "2.30.2-rc1", - "name": "Armory Deck", + "currentVersion": "2.30.2", + "name": "Armory Igor", "previousVersion": "2.30.1" }, { - "commitMessages": [], - "currentVersion": "2.30.2-rc1", - "name": "Dinghy™", + "commitMessages": [ + "chore(cd): update base service version to clouddriver:2023.08.25.16.41.50.release-1.30.x (#933)", + "chore(cd): update base service version to clouddriver:2023.08.28.14.14.14.release-1.30.x (#937)" + ], + "currentVersion": "2.30.2", + "name": "Armory Clouddriver", "previousVersion": "2.30.1" }, { "commitMessages": [], - "currentVersion": "2.30.2-rc1", - "name": "Armory Echo", + "currentVersion": "2.30.2", + "name": "Armory Rosco", "previousVersion": "2.30.1" }, { - "commitMessages": [], - "currentVersion": "2.30.2-rc1", - "name": "Armory Fiat", + "commitMessages": [ + "fix: esapi CVE scan report (#602) (#603)" + ], + "currentVersion": "2.30.2", + "name": "Armory Gate", "previousVersion": "2.30.1" }, { "commitMessages": [], - "currentVersion": "2.30.2-rc1", + "currentVersion": "2.30.2", "name": "Armory Front50", "previousVersion": "2.30.1" }, { - "commitMessages": [ - "fix: esapi CVE scan report (#602) (#603)" - ], - "currentVersion": "2.30.2-rc1", - "name": "Armory Gate", + "commitMessages": [], + "currentVersion": "2.30.2", + "name": "Armory Deck", "previousVersion": "2.30.1" }, { "commitMessages": [], - "currentVersion": "2.30.2-rc1", - "name": "Armory Igor", + "currentVersion": "2.30.2", + "name": "Armory Kayenta", "previousVersion": "2.30.1" }, { "commitMessages": [], - "currentVersion": "2.30.2-rc1", - "name": "Armory Kayenta", + "currentVersion": "2.30.2", + "name": "Dinghy™", "previousVersion": "2.30.1" }, { "commitMessages": [], - "currentVersion": "2.30.2-rc1", - "name": "Armory Orca", + "currentVersion": "2.30.2", + "name": "Armory Fiat", "previousVersion": "2.30.1" }, { "commitMessages": [], - "currentVersion": "2.30.2-rc1", - "name": "Armory Rosco", + "currentVersion": "2.30.2", + "name": "Armory Orca", "previousVersion": "2.30.1" }, { "commitMessages": [], - "currentVersion": "2.30.2-rc1", - "name": "Terraformer™", + "currentVersion": "2.30.2", + "name": "Armory Echo", "previousVersion": "2.30.1" } ], - "armoryVersion": "2.30.2-rc1", + "armoryVersion": "2.30.2", "ossServices": [ { - "commitMessages": [ - "fix(builds): Backport flag for installing aws cli (#6006)" - ], + "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Clouddriver", + "name": "Spinnaker Igor", "previousVersion": "1.30.3" }, { - "commitMessages": [], + "commitMessages": [ + "fix(builds): Backport flag for installing aws cli (#6006)" + ], "currentVersion": "1.30.3", - "name": "Spinnaker Deck", + "name": "Spinnaker Clouddriver", "previousVersion": "1.30.3" }, { "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Echo", + "name": "Spinnaker Rosco", "previousVersion": "1.30.3" }, { "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Fiat", + "name": "Spinnaker Gate", "previousVersion": "1.30.3" }, { @@ -115,19 +115,19 @@ { "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Gate", + "name": "Spinnaker Deck", "previousVersion": "1.30.3" }, { "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Igor", + "name": "Spinnaker Kayenta", "previousVersion": "1.30.3" }, { "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Kayenta", + "name": "Spinnaker Fiat", "previousVersion": "1.30.3" }, { @@ -139,12 +139,12 @@ { "commitMessages": [], "currentVersion": "1.30.3", - "name": "Spinnaker Rosco", + "name": "Spinnaker Echo", "previousVersion": "1.30.3" } ], "ossVersion": "1.30.3", - "prerelease": true, + "prerelease": false, "stack": { "artifactSources": { "dockerRegistry": "docker.io/armory" @@ -158,39 +158,39 @@ "services": { "clouddriver": { "commit": "9e69fcd6cd17f31e35eeb7d443cdbf9c2d9ac187", - "version": "2.30.2-rc1" + "version": "2.30.2" }, "deck": { "commit": "7737669d9a68843f448cc4c93ac2a6ea3485f95e", - "version": "2.30.2-rc1" + "version": "2.30.2" }, "dinghy": { "commit": "5250de80948732c8caac6ffc5293a8af80a63a0f", - "version": "2.30.2-rc1" + "version": "2.30.2" }, "echo": { "commit": "56844c654cd1b3981686933a9d5bc68011ee2bae", - "version": "2.30.2-rc1" + "version": "2.30.2" }, "fiat": { "commit": "30319b57d40a7e9fd61067b7e0d9fb73bf9a6c46", - "version": "2.30.2-rc1" + "version": "2.30.2" }, "front50": { "commit": "ec0919166ced870668d787708c249945e9291a01", - "version": "2.30.2-rc1" + "version": "2.30.2" }, "gate": { "commit": "df941ff5c34d14e794c8784c28a1b30b28754971", - "version": "2.30.2-rc1" + "version": "2.30.2" }, "igor": { "commit": "67b4c66f33b8b97b89e6b052654bebfea460a41f", - "version": "2.30.2-rc1" + "version": "2.30.2" }, "kayenta": { "commit": "4d82ef4a72129a715749005235ce0d6ba4778603", - "version": "2.30.2-rc1" + "version": "2.30.2" }, "monitoring-daemon": { "commit": null, @@ -202,18 +202,18 @@ }, "orca": { "commit": "638d81c8d3186b6deb8829574c6ac5b65c88c94a", - "version": "2.30.2-rc1" + "version": "2.30.2" }, "rosco": { "commit": "e74de6eaccbed6301505d9f3d2f6745b410211a7", - "version": "2.30.2-rc1" + "version": "2.30.2" }, "terraformer": { "commit": "650746ae3f596f9c6458987487c81840c85dd2a0", - "version": "2.30.2-rc1" + "version": "2.30.2" } }, "timestamp": "2023-08-29 01:03:06", - "version": "2.30.2-rc1" + "version": "2.30.2" } } \ No newline at end of file From fb62413715b49e313fd14cd63c91d2dab2fe35d4 Mon Sep 17 00:00:00 2001 From: armory-astrolabe <76064959+armory-astrolabe@users.noreply.github.com> Date: Tue, 29 Aug 2023 15:55:54 -0500 Subject: [PATCH 15/15] chore(release): Automated agent release notes (v1.0.62) (#2115) * chore(release): Automated agent release notes * chore(release): Autobump agent version (#2113) Co-authored-by: Github Actions * added option description --------- Co-authored-by: Github Actions Co-authored-by: Daniel Gonzalez --- config.toml | 2 +- .../agent-service/agent-service-v-1-0-62.md | 14 ++++++++++++++ static/csv/agent/agent-config-options.csv | 2 ++ 3 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 content/en/plugins/scale-agent/release-notes/agent-service/agent-service-v-1-0-62.md diff --git a/config.toml b/config.toml index 38c0fd45ae..b045d25883 100644 --- a/config.toml +++ b/config.toml @@ -186,7 +186,7 @@ postgresql-version="10+" #used in the Operator docs armory-version-exact = "2.30.0" halyard-armory-version = "1.12.1" -kubesvc-version="1.0.59" +kubesvc-version="1.0.62" operator-extended-crd-version = "v1alpha2" operator-oss-crd-version = "v1alpha2" opa-server-version = "0.28.0" diff --git a/content/en/plugins/scale-agent/release-notes/agent-service/agent-service-v-1-0-62.md b/content/en/plugins/scale-agent/release-notes/agent-service/agent-service-v-1-0-62.md new file mode 100644 index 0000000000..56764b29d3 --- /dev/null +++ b/content/en/plugins/scale-agent/release-notes/agent-service/agent-service-v-1-0-62.md @@ -0,0 +1,14 @@ +--- +title: v1.0.62 Armory Agent Service (2023-08-29) +toc_hide: true +version: 01.00.62 +date: 2023-08-29 +--- + +### Updates: +- Introduces an optional rate-limiting feature to minimize CPU strain during the initialization or expiration of watchers. This feature is off by default and can be activated by configuring both `kubernetes.cacheGroupSize` and `kubernetes.cacheGroupDelayMs`. + + +> **Note:** This feature is particularly useful for setups with a large number of accounts, where CPU resources may become a bottleneck in the DB and the service itself. +> +> Adjust settings based on the number of accounts, for example `kubernetes.cacheGroupSize: 5` and `kubernetes.cacheGroupDelayMs: 5000` waits 5 seconds between initializing the kubernetes watchers every 5 accounts. diff --git a/static/csv/agent/agent-config-options.csv b/static/csv/agent/agent-config-options.csv index 0a9b0b9090..f02cd13620 100644 --- a/static/csv/agent/agent-config-options.csv +++ b/static/csv/agent/agent-config-options.csv @@ -16,6 +16,8 @@ Settings|Type|Default|Description dynamicAccountsEnabled|boolean|true|1.0.39+ Enable or disable access to the Dynamic Accounts API. kubernetes.noProxy|boolean|false|0.3.1+ Ignore the HTTP_PROXY, HTTPS_PROXY, and NO_PROXY environment variables when connecting to any Kubernetes cluster. kubernetes.reconnectTimeoutMs|integer|5000|How long to wait before reconnecting to Armory Continuous Deployment. +kubernetes.cacheGroupSize|integer|0|Number of accounts per group when delaying watcher initialization. +kubernetes.cacheGroupDelayMs|integer|0|How long to wait between each group of accounts when initializing watchers. kubernetes.accounts[].context|string|empty|If provided, use the given context of the configured kubeconfig. kubernetes.accounts[].customResourceDefinitions|[]{kind: }|empty|0.4.0+ List of CustomResourceDefinition to expose to Armory Continuous Deployment. This is not needed if onlyNamespacedResources is left off. The format of kind is Kind.group. kubernetes.accounts[].customResourceDefinitions.scope|string|Namespaced|1.0.9+ Possible values are 'Cluster' and 'Namespaced'. The default value if left unconfigured is 'Namespaced'.