Merge branch 'main' into fix/releasing_of_examples

Signed-off-by: Simon Schrottner <[email protected]>
keptn · Mar 23, 2023 · 33a5acf · 33a5acf
2 parents 3dcf13c + 8608f11
commit 33a5acf
Show file tree

Hide file tree

Showing 151 changed files with 3,094 additions and 1,428 deletions.
diff --git a/.github/actions/deploy-klt-on-cluster/action.yml b/.github/actions/deploy-klt-on-cluster/action.yml
@@ -28,7 +28,7 @@ runs:
   using: "composite"
   steps:
     - name: Set up Go 1.x
-      uses: actions/setup-go@v3
+      uses: actions/setup-go@v4
       with:
         go-version: ${{ env.GO_VERSION }}
         cache: true

diff --git a/.github/labeler.yml b/.github/labeler.yml
@@ -0,0 +1,23 @@
+documentation:
+  - docs/**/*
+  - "**/*.md"
+
+operator:
+  - operator/**/*
+
+scheduler:
+  - scheduler/**/*
+
+metrics-operator:
+  - metrics-operator/**/*
+
+cert-manager:
+  - klt-cert-manager/**/*
+
+ops:
+  - .github/**/*
+  - netlify.toml
+  - .markdownlint-cli2.yml
+
+helm:
+  - helm/**/*
diff --git a/.github/stale.yml b/.github/stale.yml
@@ -0,0 +1,26 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 60
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 7
+# Issues with these labels will never be considered stale
+exemptLabels:
+  - "pinned"
+  - "security"
+  - "future"
+  - "help wanted"
+  - "integrations"
+  - "known issue"
+  - "known-limitation"
+  - "Epic"
+  - "area:security"
+# Set to true to ignore issues in a milestone (defaults to false)
+exemptMilestones: true
+# Label to use when marking an issue as stale
+staleLabel: stale
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Thank you
+  for your contributions.
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false
diff --git a/.github/workflows/CI.yaml b/.github/workflows/CI.yaml
@@ -83,7 +83,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Set up Go 1.x
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v4
         with:
           go-version: ${{ env.GO_VERSION }}
           cache: true
@@ -171,7 +171,7 @@ jobs:
         if: matrix.config.name != 'functions-runtime'
         working-directory: ./${{ matrix.config.folder }}
         env:
-          TAG: dev-${{ env.DATETIME }}
+          CHART_APPVERSION: dev-${{ env.DATETIME }}
         run: make release-manifests
 
       - name: Upload release.yaml for tests
@@ -288,7 +288,7 @@ jobs:
         if: matrix.config.name != 'functions-runtime'
         working-directory: ./${{ matrix.config.folder }}
         env:
-          TAG: dev-${{ env.DATETIME }}
+          CHART_APPVERSION: dev-${{ env.DATETIME }}
         run: make release-manifests
 
       - name: Upload release.yaml
@@ -315,21 +315,21 @@ jobs:
         token: ${{ secrets.KEPTN_BOT_TOKEN }}
 
     - name: Generate helm charts
+      env:
+        RELEASE_REGISTRY: ghcr.keptn.sh/keptn
       run: make helm-package
 
     - name: Copy charts from klt to helm repo
-      run: rsync -av --exclude='charts/*.tgz' ./helm/chart/ ./helm-charts-repository/charts/keptn-lifecycle-toolkit/
+      run: rsync -av --delete --exclude='charts/*.tgz' ./helm/chart/ ./helm-charts-repository/charts/keptn-lifecycle-toolkit/
 
     - name: Create Pull Request
       uses: peter-evans/create-pull-request@v4
-      env:
-        GIT_SHA: ${{ needs.prepare_ci_run.outputs.GIT_SHA }}
       with:
         token: ${{ secrets.KEPTN_BOT_TOKEN }}
         path: ./helm-charts-repository
-        commit-message: "Update KLT chart"
+        commit-message: "feat: update KLT chart"
         signoff: true
-        branch: klt-chart-update-${{ env.GIT_SHA }}
+        branch: klt-chart-update-${{ needs.prepare_ci_run.outputs.BRANCH_SLUG }}
         delete-branch: true
         base: main
         title: "Update KLT Helm chart"

diff --git a/.github/workflows/component-test.yml b/.github/workflows/component-test.yml
@@ -15,7 +15,7 @@ jobs:
       uses: actions/checkout@v3
 
     - name: Set up Go 1.x
-      uses: actions/setup-go@v3
+      uses: actions/setup-go@v4
       with:
         go-version: ${{ env.GO_VERSION }}
         cache: true

diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml
@@ -39,7 +39,7 @@ jobs:
       - name: Check out code
         uses: actions/checkout@v3
 
-      - uses: actions/setup-go@v3
+      - uses: actions/setup-go@v4
         with:
           go-version: ${{ env.GO_VERSION }}
 

diff --git a/.github/workflows/helm-checks.yaml b/.github/workflows/helm-checks.yaml
@@ -131,7 +131,7 @@ jobs:
 
       - name: Generate helm charts
         run: |
-          make helm-package RELEASE_REGISTRY=${{ env.RELEASE_REGISTRY }} TAG=dev-${{ env.DATETIME }}
+          make helm-package RELEASE_REGISTRY=${{ env.RELEASE_REGISTRY }} CHART_APPVERSION=dev-${{ env.DATETIME }}
           for file in $(find ./helm/chart/templates -type f -name "*.yaml");
           	do
               sed -i 's/{{ include "chart.fullname" . }}-//g' "$file"

diff --git a/.github/workflows/markdown-checks.yaml b/.github/workflows/markdown-checks.yaml
@@ -7,12 +7,16 @@ on:
       - '[0-9]+.[1-9][0-9]*.x'
     paths:
       - '**.md'
+      - 'operator/apis'
+      - 'metrics-operator/api'
   pull_request:
     branches:
       - 'main'
       - '[0-9]+.[1-9][0-9]*.x'
     paths:
       - '**.md'
+      - 'operator/apis'
+      - 'metrics-operator/api'
 
 env:
   GO_VERSION: "~1.19"
@@ -67,7 +71,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Set up Go 1.x
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v4
         with:
           go-version: ${{ env.GO_VERSION }}
 
@@ -90,3 +94,4 @@ jobs:
             echo ""
             echo "CRD docs are up to date!"
           fi
+
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -59,7 +59,8 @@ jobs:
       packages: write
       id-token: write
     env:
-      IMAGE_TAG: ghcr.io/keptn/${{ matrix.config.name }}:${{ needs.release-please.outputs.tag_name }}
+      IMAGE_NAME: ghcr.io/keptn/${{ matrix.config.name }}
+      IMAGE_TAG: ${{ needs.release-please.outputs.tag_name }}
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -78,16 +79,17 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Set up Cosign
-        uses: sigstore/cosign-installer@v2.8.1
+        uses: sigstore/cosign-installer@v3.0.1
 
       - name: Build Docker Image
+        id: docker_build_image
         uses: docker/build-push-action@v4
         with:
           context: ${{ matrix.config.folder }}
           platforms: linux/amd64,linux/arm64
           target: production
           tags: |
-            ${{ env.IMAGE_TAG }}
+            ${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
           build-args: |
             GIT_HASH=${{ env.GIT_SHA }}
             RELEASE_VERSION=dev-${{ env.DATETIME }}
@@ -99,15 +101,20 @@ jobs:
           cache-from: type=gha,scope=${{ github.ref_name }}-${{ matrix.config.name }}
           cache-to: type=gha,scope=${{ github.ref_name }}-${{ matrix.config.name }}
 
-      - name: Sign container images
+      - name: Sign container image
         env:
-          COSIGN_EXPERIMENTAL: 1
-        run: cosign sign ${{ env.IMAGE_TAG }}
+          IMAGE_DIGEST: ${{ steps.docker_build_image.outputs.digest }}
+        run: |
+          cosign sign --yes ${{ env.IMAGE_NAME }}@${{ env.IMAGE_DIGEST }}
+          cosign verify \
+            --certificate-identity-regexp="https://github.com/keptn/lifecycle-toolkit/.*" \
+            --certificate-oidc-issuer="https://token.actions.githubusercontent.com" \
+            ${{ env.IMAGE_NAME }}@${{ env.IMAGE_DIGEST }}
 
       - name: Generate SBOM
         uses: anchore/[email protected]
         with:
-          image: ${{ env.IMAGE_TAG }}
+          image: ${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
           artifact-name: sbom-${{ matrix.config.name }}
           output-file: ./sbom-${{ matrix.config.name }}.spdx.json
 
@@ -149,14 +156,14 @@ jobs:
           key: build-tools-${{ github.ref_name }}
 
       - name: Set up Go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v4
         with:
           go-version: ${{ env.GO_VERSION }}
 
       - name: Create manifests
         env:
           RELEASE_REGISTRY: ghcr.keptn.sh/keptn
-          TAG: ${{ needs.release-please.outputs.tag_name }}
+          CHART_APPVERSION: ${{ needs.release-please.outputs.tag_name }}
         run: |
           cd scheduler
           make release-manifests
@@ -178,7 +185,7 @@ jobs:
             name: keptn-lifecycle-toolkit-system
           ---
           EOF
-          cat operator/config/rendered/release.yaml scheduler/config/rendered/release.yaml klt-cert-manager/config/rendered/release.yaml metrics-operator/config/rendered/release.yaml > manifest.yaml
+          cat namespace.yaml operator/config/rendered/release.yaml scheduler/config/rendered/release.yaml klt-cert-manager/config/rendered/release.yaml metrics-operator/config/rendered/release.yaml > manifest.yaml
 
       - name: Attach release assets
         uses: softprops/action-gh-release@v1
@@ -194,6 +201,7 @@ jobs:
     with:
       tag_name: ${{ needs.release-please.outputs.tag_name }}
     uses: ./.github/workflows/release-docs.yml
+    secrets: inherit
 
   update-examples:
     name: Update examples
@@ -203,3 +211,4 @@ jobs:
     with:
       tag_name: ${{ needs.release-please.outputs.tag_name }}
     uses: ./.github/workflows/release-examples.yml
+    secrets: inherit
diff --git a/.github/workflows/security-scans.yml b/.github/workflows/security-scans.yml
@@ -104,7 +104,7 @@ jobs:
     steps:
       - name: Set up Go
         if: matrix.tool == 'kubeconform'
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v4
         with:
           go-version: ${{ env.GO_VERSION }}
 
@@ -192,7 +192,7 @@ jobs:
           path: images
 
       - name: Trivy image scan
-        uses: aquasecurity/[email protected].1
+        uses: aquasecurity/[email protected].2
         with:
           input: "images/${{ matrix.image }}-image.tar/${{ matrix.image }}-image.tar"
           severity: 'CRITICAL,HIGH'
@@ -212,7 +212,7 @@ jobs:
 
     steps:
       - name: Set up Go 1.x
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v4
         with:
           go-version: ${{ env.GO_VERSION }}
 

diff --git a/.github/workflows/set-date.yml b/.github/workflows/set-date.yml
@@ -1,8 +1,8 @@
-name: Set the End Date in the project
+name: Set the Date in the project
 
 on:
   issues:
-    types: [closed]
+    types: [assigned, closed]
 jobs:
   set_date:
     runs-on: ubuntu-22.04
@@ -38,8 +38,9 @@ jobs:
               }
             }' -f org=$ORGANIZATION -F number=$PROJECT_NUMBER > project_data.json
           echo 'PROJECT_ID='$(jq '.data.organization.projectV2.id' project_data.json) >> $GITHUB_ENV
-          echo 'DATE_FIELD_ID='$(jq '.data.organization.projectV2.fields.nodes[] | select(.name== "End Date") | .id' project_data.json) >> $GITHUB_ENV
-      
+          echo 'START_DATE_FIELD_ID='$(jq '.data.organization.projectV2.fields.nodes[] | select(.name== "Start Date") | .id' project_data.json) >> $GITHUB_ENV
+          echo 'END_DATE_FIELD_ID='$(jq '.data.organization.projectV2.fields.nodes[] | select(.name== "End Date") | .id' project_data.json) >> $GITHUB_ENV         
+        
       - name: Get date
         run: echo "DATE=$(date +"%Y-%m-%d")" >> $GITHUB_ENV
 
@@ -58,9 +59,36 @@ jobs:
             }' -f project=$PROJECT_ID -f issue=$ISSUE_ID --jq '.data.addProjectV2ItemById.item.id')"
           echo 'ITEM_ID='$item_id >> $GITHUB_ENV
                          
+      - name: Set Start Date
+        env:
+         GITHUB_TOKEN: ${{ secrets.KEPTN_BOT_PROJECT_TOKEN }}
+        if: github.event.action == 'assigned'
+        run: |
+          gh api graphql -f query='
+            mutation (
+              $project: ID!
+              $item: ID!
+              $date_field: ID!
+              $date_value: Date!
+            ) {
+              set_start_date: updateProjectV2ItemFieldValue(input: {
+                projectId: $project
+                itemId: $item
+                fieldId: $date_field
+                value: { 
+                  date: $date_value
+                }
+              }) {
+                projectV2Item {
+                  id
+                }
+              }
+            }' -f project=$PROJECT_ID -f item=$ITEM_ID -f date_field=$START_DATE_FIELD_ID -f date_value=$DATE
+
       - name: Set End Date
         env:
          GITHUB_TOKEN: ${{ secrets.KEPTN_BOT_PROJECT_TOKEN }}
+        if: github.event.action == 'closed' 
         run: |
           gh api graphql -f query='
             mutation (
@@ -81,5 +109,5 @@ jobs:
                   id
                 }
               }
-            }' -f project=$PROJECT_ID -f item=$ITEM_ID -f date_field=$DATE_FIELD_ID -f date_value=$DATE
+            }' -f project=$PROJECT_ID -f item=$ITEM_ID -f date_field=$END_DATE_FIELD_ID -f date_value=$DATE
 
diff --git a/.github/workflows/update-labels.yml b/.github/workflows/update-labels.yml
@@ -0,0 +1,15 @@
+name: Set PR Labels
+
+on:
+  pull_request_target:
+jobs:
+  set-labels:
+    permissions:
+      contents: read
+      pull-requests: write
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Update Labels
+        uses: actions/labeler@v4
+        with:
+          sync-labels: true
diff --git a/.github/workflows/validate-helm-docs.yml b/.github/workflows/validate-helm-docs.yml
@@ -8,8 +8,6 @@ on:
 defaults:
   run:
     shell: bash
-env:
-  CHART_APPVERSION: "0.6.0" # x-release-please-version
 jobs:
   check-helm-docs:
     name: Check helm documentation values
@@ -24,7 +22,9 @@ jobs:
           node-version: 16
 
       - name: Generate helm charts
-        run: make helm-package TAG="${{ env.CHART_APPVERSION }}"
+        env:
+          RELEASE_REGISTRY: ghcr.keptn.sh/keptn
+        run: make helm-package
 
       - name: Install readme generator
         run: |