From 9182c4f9b59544c5194b2be4b606888c6e8acef0 Mon Sep 17 00:00:00 2001 From: Carmen Rata Date: Thu, 27 May 2021 17:30:14 -0400 Subject: [PATCH] Audit armada app and helm charts configuration This commit adds an armada app and helm charts configuration for a containerized auditd solution for StarlingX. Story: 2008849 Task: 42534 Signed-off-by: Carmen Rata Change-Id: I884e92d57a99d7e814196458a852da8198b60d2d --- .gitignore | 2 + .zuul.yaml | 8 ++ CONTRIBUTING.rst | 16 ++++ HACKING.rst | 17 +++++ centos_build_layer.cfg | 1 + centos_iso_image.inc | 1 + centos_pkg_dirs | 1 + centos_pkg_dirs_containers | 1 + centos_stable_docker_images.inc | 1 + config | 12 +++ github_sync.trigger | 2 + requirements.txt | 1 + stx-audit-helm/centos/build_srpm.data | 4 + .../centos/docker/stx-audit/Dockerfile | 7 ++ stx-audit-helm/centos/stx-audit-helm.spec | 75 +++++++++++++++++++ .../stx-snmp-helm-audit.stable_docker_image | 3 + stx-audit-helm/stx-audit-helm/README | 5 ++ .../stx-audit-helm/files/index.yaml | 3 + .../stx-audit-helm/files/metadata.yaml | 5 ++ .../stx-audit-helm/files/repositories.yaml | 11 +++ .../stx-audit-helm/helm-charts/Makefile | 43 +++++++++++ .../helm-charts/audit/.helmignore | 22 ++++++ .../helm-charts/audit/Chart.yaml | 5 ++ .../helm-charts/audit/auditd/auditd.conf | 36 +++++++++ .../helm-charts/audit/templates/NOTES.txt | 4 + .../helm-charts/audit/templates/_helpers.tpl | 33 ++++++++ .../audit/templates/configmap.yaml | 7 ++ .../audit/templates/daemonset.yaml | 37 +++++++++ .../helm-charts/audit/values.yaml | 55 ++++++++++++++ .../manifests/audit_manifest.yaml | 45 +++++++++++ test-requirements.txt | 3 + tox.ini | 35 +++++++++ 32 files changed, 501 insertions(+) create mode 100644 .gitignore create mode 100644 .zuul.yaml create mode 100644 CONTRIBUTING.rst create mode 100644 HACKING.rst create mode 100644 centos_build_layer.cfg create mode 100644 centos_iso_image.inc create mode 100644 centos_pkg_dirs create mode 100644 centos_pkg_dirs_containers create mode 100644 centos_stable_docker_images.inc create mode 100644 config create mode 100644 github_sync.trigger create mode 100644 requirements.txt create mode 100644 stx-audit-helm/centos/build_srpm.data create mode 100644 stx-audit-helm/centos/docker/stx-audit/Dockerfile create mode 100644 stx-audit-helm/centos/stx-audit-helm.spec create mode 100755 stx-audit-helm/centos/stx-snmp-helm-audit.stable_docker_image create mode 100644 stx-audit-helm/stx-audit-helm/README create mode 100644 stx-audit-helm/stx-audit-helm/files/index.yaml create mode 100644 stx-audit-helm/stx-audit-helm/files/metadata.yaml create mode 100644 stx-audit-helm/stx-audit-helm/files/repositories.yaml create mode 100644 stx-audit-helm/stx-audit-helm/helm-charts/Makefile create mode 100755 stx-audit-helm/stx-audit-helm/helm-charts/audit/.helmignore create mode 100755 stx-audit-helm/stx-audit-helm/helm-charts/audit/Chart.yaml create mode 100755 stx-audit-helm/stx-audit-helm/helm-charts/audit/auditd/auditd.conf create mode 100755 stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/NOTES.txt create mode 100755 stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/_helpers.tpl create mode 100755 stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/configmap.yaml create mode 100644 stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/daemonset.yaml create mode 100755 stx-audit-helm/stx-audit-helm/helm-charts/audit/values.yaml create mode 100644 stx-audit-helm/stx-audit-helm/manifests/audit_manifest.yaml create mode 100644 test-requirements.txt create mode 100644 tox.ini diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..7cb8162 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +.idea +.tox diff --git a/.zuul.yaml b/.zuul.yaml new file mode 100644 index 0000000..7ccbd0a --- /dev/null +++ b/.zuul.yaml @@ -0,0 +1,8 @@ +--- +- project: + check: + jobs: + - openstack-tox-linters + gate: + jobs: + - openstack-tox-linters diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst new file mode 100644 index 0000000..f2f8e6d --- /dev/null +++ b/CONTRIBUTING.rst @@ -0,0 +1,16 @@ +If you would like to contribute to the development of OpenStack, +you must follow the steps in this page: + + https://docs.openstack.org/infra/manual/developers.html + +Once those steps have been completed, changes to OpenStack +should be submitted for review via the Gerrit tool, following +the workflow documented at: + + https://docs.openstack.org/infra/manual/developers.html#development-workflow + +Pull requests submitted through GitHub will be ignored. + +Bugs should be filed in Launchpad: + + https://bugs.launchpad.net/starlingx diff --git a/HACKING.rst b/HACKING.rst new file mode 100644 index 0000000..b971000 --- /dev/null +++ b/HACKING.rst @@ -0,0 +1,17 @@ +StarlingX AUDIT-Armada-App Style Commandments +================================================================ + +- Step 1: Read the OpenStack style commandments + https://docs.openstack.org/hacking/latest/ +- Step 2: Read on + +Audit-Armada-App Specific Commandments +--------------------------------------------------------- + +None so far + +Running tests +------------- +The approach to running tests is to simply run the command ``tox``. This will +create virtual environments, populate them with dependencies and run all of +the tests that OpenStack CI systems run. diff --git a/centos_build_layer.cfg b/centos_build_layer.cfg new file mode 100644 index 0000000..c581999 --- /dev/null +++ b/centos_build_layer.cfg @@ -0,0 +1 @@ +flock diff --git a/centos_iso_image.inc b/centos_iso_image.inc new file mode 100644 index 0000000..cc62b53 --- /dev/null +++ b/centos_iso_image.inc @@ -0,0 +1 @@ +stx-audit-helm diff --git a/centos_pkg_dirs b/centos_pkg_dirs new file mode 100644 index 0000000..cc62b53 --- /dev/null +++ b/centos_pkg_dirs @@ -0,0 +1 @@ +stx-audit-helm diff --git a/centos_pkg_dirs_containers b/centos_pkg_dirs_containers new file mode 100644 index 0000000..cc62b53 --- /dev/null +++ b/centos_pkg_dirs_containers @@ -0,0 +1 @@ +stx-audit-helm diff --git a/centos_stable_docker_images.inc b/centos_stable_docker_images.inc new file mode 100644 index 0000000..cc62b53 --- /dev/null +++ b/centos_stable_docker_images.inc @@ -0,0 +1 @@ +stx-audit-helm diff --git a/config b/config new file mode 100644 index 0000000..0c49466 --- /dev/null +++ b/config @@ -0,0 +1,12 @@ +[core] + repositoryformatversion = 0 + filemode = true + bare = false + logallrefupdates = true +[remote "origin"] + url = https://opendev.org/starlingx/audit-armada-app.git + fetch = +refs/heads/*:refs/remotes/origin/* +[branch "master"] + remote = origin + merge = refs/heads/master + rebase = true diff --git a/github_sync.trigger b/github_sync.trigger new file mode 100644 index 0000000..974c134 --- /dev/null +++ b/github_sync.trigger @@ -0,0 +1,2 @@ +# to trigger the upload job to sync to GitHub +0 diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..c01ade2 --- /dev/null +++ b/requirements.txt @@ -0,0 +1 @@ +# Nothing diff --git a/stx-audit-helm/centos/build_srpm.data b/stx-audit-helm/centos/build_srpm.data new file mode 100644 index 0000000..2d78bc1 --- /dev/null +++ b/stx-audit-helm/centos/build_srpm.data @@ -0,0 +1,4 @@ +SRC_DIR="stx-audit-helm" + +TIS_PATCH_VER=PKG_GITREVCOUNT + diff --git a/stx-audit-helm/centos/docker/stx-audit/Dockerfile b/stx-audit-helm/centos/docker/stx-audit/Dockerfile new file mode 100644 index 0000000..2300cc9 --- /dev/null +++ b/stx-audit-helm/centos/docker/stx-audit/Dockerfile @@ -0,0 +1,7 @@ +ARG BASE +FROM ${BASE} AS stx +RUN yum -y update +RUN yum -y install\ + audit + +ENTRYPOINT ["/sbin/auditd", "-l"] diff --git a/stx-audit-helm/centos/stx-audit-helm.spec b/stx-audit-helm/centos/stx-audit-helm.spec new file mode 100644 index 0000000..03f3d90 --- /dev/null +++ b/stx-audit-helm/centos/stx-audit-helm.spec @@ -0,0 +1,75 @@ +# Application tunables (maps to metadata) +%global app_name audit +%global helm_repo stx-platform + +%global armada_folder /usr/lib/armada + +# Install location +%global app_folder /usr/local/share/applications/helm + +# Build variables +%global helm_folder /usr/lib/helm +%global toolkit_version 0.1.0 + +Summary: StarlingX AUDIT Armada Helm Charts +Name: stx-audit-helm +Version: 1.0 +Release: %{tis_patch_ver}%{?_tis_dist} +License: Apache-2.0 +Group: base +Packager: Wind River +URL: unknown + +Source0: %{name}-%{version}.tar.gz + +BuildArch: noarch + +BuildRequires: helm + +%description +StarlingX AUDIT Helm Charts + +%prep +%setup -n %{name}-%{version} + +%build + +cd helm-charts +make +cd - + +# Create a chart tarball compliant with sysinv kube-app.py +%define app_staging %{_builddir}/staging +%define app_tarball %{app_name}-%{version}-%{tis_patch_ver}.tgz + +# Setup staging +mkdir -p %{app_staging} +cp files/metadata.yaml %{app_staging} +cp manifests/*.yaml %{app_staging} +mkdir -p %{app_staging}/charts +cp helm-charts/*.tgz %{app_staging}/charts +cd %{app_staging} + +# Populate metadata +sed -i 's/@APP_NAME@/%{app_name}/g' %{app_staging}/metadata.yaml +sed -i 's/@APP_VERSION@/%{version}-%{tis_patch_ver}/g' %{app_staging}/metadata.yaml +sed -i 's/@HELM_REPO@/%{helm_repo}/g' %{app_staging}/metadata.yaml + +# Copy the plugins: installed in the buildroot +# mkdir -p %{app_staging}/plugins +# cp /plugins/%{app_name}/*.whl %{app_staging}/plugins + +# package it up +find . -type f ! -name '*.md5' -print0 | xargs -0 md5sum > checksum.md5 +tar -zcf %{_builddir}/%{app_tarball} -C %{app_staging}/ . + +# Cleanup staging +rm -fr %{app_staging} + +%install +install -d -m 755 %{buildroot}/%{app_folder} +install -p -D -m 755 %{_builddir}/%{app_tarball} %{buildroot}/%{app_folder} + +%files +%defattr(-,root,root,-) +%{app_folder}/* diff --git a/stx-audit-helm/centos/stx-snmp-helm-audit.stable_docker_image b/stx-audit-helm/centos/stx-snmp-helm-audit.stable_docker_image new file mode 100755 index 0000000..8501dcb --- /dev/null +++ b/stx-audit-helm/centos/stx-snmp-helm-audit.stable_docker_image @@ -0,0 +1,3 @@ +BUILDER=docker +LABEL=stx-audit +DOCKER_CONTEXT=docker/stx-audit diff --git a/stx-audit-helm/stx-audit-helm/README b/stx-audit-helm/stx-audit-helm/README new file mode 100644 index 0000000..b773ef4 --- /dev/null +++ b/stx-audit-helm/stx-audit-helm/README @@ -0,0 +1,5 @@ +This directory contains all StarlingX charts that need to be built for this +application. Some charts are common across applications. These common charts +reside in the stx-config/kubernetes/helm-charts directory. To include these in +this application update the build_srpm.data file and use the COPY_LIST_TO_TAR +mechanism to populate these common charts. diff --git a/stx-audit-helm/stx-audit-helm/files/index.yaml b/stx-audit-helm/stx-audit-helm/files/index.yaml new file mode 100644 index 0000000..36db709 --- /dev/null +++ b/stx-audit-helm/stx-audit-helm/files/index.yaml @@ -0,0 +1,3 @@ +apiVersion: v1 +entries: {} +generated: 2019-01-07T12:33:46.098166523-06:00 diff --git a/stx-audit-helm/stx-audit-helm/files/metadata.yaml b/stx-audit-helm/stx-audit-helm/files/metadata.yaml new file mode 100644 index 0000000..d2c6295 --- /dev/null +++ b/stx-audit-helm/stx-audit-helm/files/metadata.yaml @@ -0,0 +1,5 @@ +maintain_user_overrides: true + +app_name: @APP_NAME@ +app_version: @APP_VERSION@ +helm_repo: @HELM_REPO@ diff --git a/stx-audit-helm/stx-audit-helm/files/repositories.yaml b/stx-audit-helm/stx-audit-helm/files/repositories.yaml new file mode 100644 index 0000000..fe1299f --- /dev/null +++ b/stx-audit-helm/stx-audit-helm/files/repositories.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +generated: 2019-01-02T15:19:36.215111369-06:00 +repositories: +- caFile: "" + cache: /builddir/.helm/repository/cache/local-index.yaml + certFile: "" + keyFile: "" + name: local + password: "" + url: http://127.0.0.1:8879/charts + username: "" diff --git a/stx-audit-helm/stx-audit-helm/helm-charts/Makefile b/stx-audit-helm/stx-audit-helm/helm-charts/Makefile new file mode 100644 index 0000000..dc98968 --- /dev/null +++ b/stx-audit-helm/stx-audit-helm/helm-charts/Makefile @@ -0,0 +1,43 @@ +# +# Copyright 2017 The Openstack-Helm Authors. +# +# Copyright (c) 2021 Wind River Systems, Inc. +# +# SPDX-License-Identifier: Apache-2.0 +# +# It's necessary to set this because some environments don't link sh -> bash. +SHELL := /bin/bash +TASK := build + +EXCLUDES := helm-toolkit doc tests tools logs tmp +CHARTS := helm-toolkit $(filter-out $(EXCLUDES), $(patsubst %/.,%,$(wildcard */.))) + +.PHONY: $(EXCLUDES) $(CHARTS) + +all: $(CHARTS) + +$(CHARTS): + @if [ -d $@ ]; then \ + echo; \ + echo "===== Processing [$@] chart ====="; \ + make $(TASK)-$@; \ + fi + +init-%: + if [ -f $*/Makefile ]; then make -C $*; fi + if [ -f $*/requirements.yaml ]; then helm dep up $*; fi + +lint-%: init-% + if [ -d $* ]; then helm lint $*; fi + +build-%: + if [ -d $* ]; then helm package $*; fi + +clean: + @echo "Clean all build artifacts" + rm -f */templates/_partials.tpl */templates/_globals.tpl + rm -f *tgz */charts/*tgz */requirements.lock + rm -rf */charts */tmpcharts + +%: + @: diff --git a/stx-audit-helm/stx-audit-helm/helm-charts/audit/.helmignore b/stx-audit-helm/stx-audit-helm/helm-charts/audit/.helmignore new file mode 100755 index 0000000..50af031 --- /dev/null +++ b/stx-audit-helm/stx-audit-helm/helm-charts/audit/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/stx-audit-helm/stx-audit-helm/helm-charts/audit/Chart.yaml b/stx-audit-helm/stx-audit-helm/helm-charts/audit/Chart.yaml new file mode 100755 index 0000000..5cb568b --- /dev/null +++ b/stx-audit-helm/stx-audit-helm/helm-charts/audit/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v2 +appVersion: "1.0" +description: A Helm chart for AUDIT service +name: audit-helm +version: 1.0.0 diff --git a/stx-audit-helm/stx-audit-helm/helm-charts/audit/auditd/auditd.conf b/stx-audit-helm/stx-audit-helm/helm-charts/audit/auditd/auditd.conf new file mode 100755 index 0000000..9065c8f --- /dev/null +++ b/stx-audit-helm/stx-audit-helm/helm-charts/audit/auditd/auditd.conf @@ -0,0 +1,36 @@ +# +# This file controls the configuration of the audit daemon +# +local_events = yes +write_logs = yes +log_file = /var/log/audit/audit.log +log_group = root +log_format = RAW +flush = INCREMENTAL_ASYNC +freq = 50 +max_log_file = 8 +num_logs = 5 +priority_boost = 4 +disp_qos = lossy +dispatcher = /sbin/audispd +name_format = NONE +##name = mydomain +max_log_file_action = ROTATE +space_left = 75 +space_left_action = SYSLOG +##verify_email = yes +##action_mail_acct = root +admin_space_left = 50 +admin_space_left_action = SYSLOG +disk_full_action = SYSLOG +disk_error_action = SYSLOG +use_libwrap = yes +##tcp_listen_port = 60 +##tcp_listen_queue = 5 +##tcp_max_per_addr = 1 +##tcp_client_ports = 1024-65535 +##tcp_client_max_idle = 0 +enable_krb5 = no +krb5_principal = auditd +##krb5_key_file = /etc/audit/audit.key +distribute_network = no diff --git a/stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/NOTES.txt b/stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/NOTES.txt new file mode 100755 index 0000000..640a07c --- /dev/null +++ b/stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/NOTES.txt @@ -0,0 +1,4 @@ +1. AUDIT containerized deployment + This helm charts configuration creates: + - Config map for /etc/audit/auditd.conf + - Deploys auditd in a container diff --git a/stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/_helpers.tpl b/stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/_helpers.tpl new file mode 100755 index 0000000..c8fca8b --- /dev/null +++ b/stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/_helpers.tpl @@ -0,0 +1,33 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "audit.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this +(by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "audit.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "audit.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/configmap.yaml b/stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/configmap.yaml new file mode 100755 index 0000000..98f002a --- /dev/null +++ b/stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/configmap.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.configmap.name_auditd }} +data: + auditd.conf: {{ toYaml .Values.auditdconf | indent 2 }} + diff --git a/stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/daemonset.yaml b/stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/daemonset.yaml new file mode 100644 index 0000000..983841e --- /dev/null +++ b/stx-audit-helm/stx-audit-helm/helm-charts/audit/templates/daemonset.yaml @@ -0,0 +1,37 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ include "audit.fullname" . }} + namespace: kube-system + labels: + k8s-app: auditd-logging +spec: + selector: + matchLabels: + name: {{ include "audit.name" . }} + template: + metadata: + labels: + name: {{ include "audit.name" . }} + spec: + hostNetwork: true + hostPID: true + containers: + - name: {{ include "audit.name" . }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + securityContext: + privileged: true + runAsGroup: 0 + runAsUser: 0 + volumeMounts: + - name: varlog + mountPath: /var/log/audit + stdin: true + tty: true + volumes: + - name: varlog + hostPath: + path: /var/log/audit + imagePullSecrets: + - name: default-registry-key diff --git a/stx-audit-helm/stx-audit-helm/helm-charts/audit/values.yaml b/stx-audit-helm/stx-audit-helm/helm-charts/audit/values.yaml new file mode 100755 index 0000000..0d4f214 --- /dev/null +++ b/stx-audit-helm/stx-audit-helm/helm-charts/audit/values.yaml @@ -0,0 +1,55 @@ +# Default values for audit. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +image: + repository: docker.io/starlingx/stx-audit + tag: dev-centos-stable-2021.05.22.21.26.0 + pullPolicy: IfNotPresent + debug: '' + +nameOverride: "" +fullnameOverride: "" + +configmap: + name_auditd: auditd-etc-config + +auditdconf: |- + ########################################################################## + # + # auditd.conf + # + ########################################################################### + local_events = yes + write_logs = yes + log_file = /var/log/audit/audit.log + log_group = root + log_format = RAW + flush = INCREMENTAL_ASYNC + freq = 50 + max_log_file = 8 + num_logs = 5 + priority_boost = 4 + disp_qos = lossy + dispatcher = /sbin/audispd + name_format = NONE + ##name = mydomain + max_log_file_action = ROTATE + space_left = 75 + space_left_action = SYSLOG + ##verify_email = yes + ##action_mail_acct = root + admin_space_left = 50 + admin_space_left_action = SYSLOG + disk_full_action = SYSLOG + disk_error_action = SYSLOG + use_libwrap = yes + ##tcp_listen_port = 60 + ##tcp_listen_queue = 5 + ##tcp_max_per_addr = 1 + ##tcp_client_ports = 1024-65535 + ##tcp_client_max_idle = 0 + enable_krb5 = no + krb5_principal = auditd + ##krb5_key_file = /etc/audit/audit.key + distribute_network = no diff --git a/stx-audit-helm/stx-audit-helm/manifests/audit_manifest.yaml b/stx-audit-helm/stx-audit-helm/manifests/audit_manifest.yaml new file mode 100644 index 0000000..73c3445 --- /dev/null +++ b/stx-audit-helm/stx-audit-helm/manifests/audit_manifest.yaml @@ -0,0 +1,45 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: audit +data: + chart_name: audit + release: audit + namespace: kube-system + source: + location: http://172.17.0.1:8080/helm_charts/stx-platform/audit-helm-1.0.0.tgz + subpath: audit + type: tar + reference: master + wait: + timeout: 1800 + install: + no_hooks: false + upgrade: + no_hooks: false + pre: + delete: + - type: job + labels: + app: audit + dependencies: [] +--- +schema: armada/ChartGroup/v1 +metadata: + schema: metadata/Document/v1 + name: audit +data: + description: "StarlingX AUDIT" + sequenced: false + chart_group: + - audit +--- +schema: armada/Manifest/v1 +metadata: + schema: metadata/Document/v1 + name: audit-manifest +data: + release_prefix: ns + chart_groups: + - audit diff --git a/test-requirements.txt b/test-requirements.txt new file mode 100644 index 0000000..8ae3e22 --- /dev/null +++ b/test-requirements.txt @@ -0,0 +1,3 @@ +# hacking pulls in flake8 +hacking!=0.13.0,<0.14,>=0.12.0 # Apache-2.0 +bashate >= 0.2 diff --git a/tox.ini b/tox.ini new file mode 100644 index 0000000..cede375 --- /dev/null +++ b/tox.ini @@ -0,0 +1,35 @@ +[tox] +envlist = linters +minversion = 2.3 +skipsdist = True +sitepackages=False + +[testenv] +install_command = pip install -U {opts} {packages} +setenv = + VIRTUAL_ENV={envdir} + OS_STDOUT_CAPTURE=1 + OS_STDERR_CAPTURE=1 + OS_DEBUG=1 + OS_LOG_CAPTURE=1 +deps = + -r{toxinidir}/requirements.txt + -r{toxinidir}/test-requirements.txt +whitelist_externals = + bash + +[testenv:bashate] +# Treat all E* codes as Errors rather than warnings using: -e 'E*' +commands = + bash -c "find {toxinidir} \ + -not \( -type d -name .?\* -prune \) \ + -type f \ + -not -name \*~ \ + -not -name \*.md \ + -name \*.sh \ + -print0 | xargs -r -n 1 -0 bashate -v \ + -e 'E*'" + +[testenv:linters] +commands = + {[testenv:bashate]commands}