Auto-increment chart versions for auditd app
To guarantee the helm chart version is incremented when a helm chart change is submitted, a top level hierarchy for helm charts to differentiate between upstream and custom charts: helm-charts/{custom,upstream}, has been created. For auditd app, only the "helm-charts/custom" directory fits this app where the tarball is platform owned. Test Plan: PASS - Successfully built packages generating the helm chart and the application tarball. PASS - Verified that the app tarball version was incremented by 1. PASS - Verified basic application lifecycle operations: upload/apply/remove/delete. PASS - Verified the auditd container is running and the audit logs are updated with new events that can be viewed on the host. Story: 2010929 Task: 50330 Change-Id: If72f6c765139a60117a56b898c5c11d71c735597 Signed-off-by: Carmen Rata <carmen.rata@windriver.com>
This commit is contained in:
parent
f5d03fac8a
commit
a478913e5e
@ -1,2 +1,3 @@
|
|||||||
|
helm-charts/custom/audit-helm
|
||||||
python3-k8sapp-auditd
|
python3-k8sapp-auditd
|
||||||
stx-audit-helm
|
stx-audit-helm
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# Copyright 2017 The Openstack-Helm Authors.
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
#
|
#
|
||||||
# Copyright (c) 2021 Wind River Systems, Inc.
|
# Copyright (c) 2024 Wind River Systems, Inc.
|
||||||
#
|
#
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
#
|
#
|
||||||
@ -31,12 +31,11 @@ lint-%: init-%
|
|||||||
if [ -d $* ]; then helm lint $*; fi
|
if [ -d $* ]; then helm lint $*; fi
|
||||||
|
|
||||||
build-%:
|
build-%:
|
||||||
if [ -d $* ]; then helm package $*; fi
|
if [ -d $* ]; then helm package --version $(CHART_VERSION) $*; fi
|
||||||
|
|
||||||
clean:
|
clean:
|
||||||
@echo "Clean all build artifacts"
|
@echo "Clean all build artifacts"
|
||||||
rm -f */templates/_partials.tpl */templates/_globals.tpl
|
rm -f */templates/_partials.tpl */templates/_globals.tpl
|
||||||
rm -f *tgz */charts/*tgz */requirements.lock
|
|
||||||
rm -rf */charts */tmpcharts
|
rm -rf */charts */tmpcharts
|
||||||
|
|
||||||
%:
|
%:
|
@ -0,0 +1 @@
|
|||||||
|
usr/lib/helm/*
|
@ -0,0 +1,5 @@
|
|||||||
|
audit-helm (1.0-0) unstable; urgency=medium
|
||||||
|
|
||||||
|
* Initial release.
|
||||||
|
|
||||||
|
-- Carmen Rata <carmen.rata@windriver.com> Thu, 13 Jun 2024 13:47:47 +0000
|
15
helm-charts/custom/audit-helm/debian/deb_folder/control
Normal file
15
helm-charts/custom/audit-helm/debian/deb_folder/control
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
Source: audit-helm
|
||||||
|
Section: libs
|
||||||
|
Priority: optional
|
||||||
|
Maintainer: StarlingX Developers <starlingx-discuss@lists.starlingx.io>
|
||||||
|
Build-Depends: debhelper-compat (= 13),
|
||||||
|
helm,
|
||||||
|
Standards-Version: 4.5.1
|
||||||
|
Homepage: https://www.starlingx.io
|
||||||
|
|
||||||
|
Package: audit-helm
|
||||||
|
Section: libs
|
||||||
|
Architecture: any
|
||||||
|
Depends: ${misc:Depends}
|
||||||
|
Description: StarlingX Audit FluxCD Helm Charts
|
||||||
|
This package contains FluxCD Helm charts for the audit application.
|
41
helm-charts/custom/audit-helm/debian/deb_folder/copyright
Normal file
41
helm-charts/custom/audit-helm/debian/deb_folder/copyright
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
||||||
|
Upstream-Name: audit-helm
|
||||||
|
Source: https://opendev.org/starlingx/audit-armada-app/
|
||||||
|
|
||||||
|
Files: *
|
||||||
|
Copyright: (c) 2013-2024 Wind River Systems, Inc
|
||||||
|
License: Apache-2
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
.
|
||||||
|
https://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
.
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
.
|
||||||
|
On Debian-based systems the full text of the Apache version 2.0 license
|
||||||
|
can be found in `/usr/share/common-licenses/Apache-2.0'.
|
||||||
|
|
||||||
|
# If you want to use GPL v2 or later for the /debian/* files use
|
||||||
|
# the following clauses, or change it to suit. Delete these two lines
|
||||||
|
Files: debian/*
|
||||||
|
Copyright: 2021 Wind River Systems, Inc
|
||||||
|
License: Apache-2
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
.
|
||||||
|
https://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
.
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
.
|
||||||
|
On Debian-based systems the full text of the Apache version 2.0 license
|
||||||
|
can be found in `/usr/share/common-licenses/Apache-2.0'.
|
28
helm-charts/custom/audit-helm/debian/deb_folder/rules
Executable file
28
helm-charts/custom/audit-helm/debian/deb_folder/rules
Executable file
@ -0,0 +1,28 @@
|
|||||||
|
#!/usr/bin/make -f
|
||||||
|
# export DH_VERBOSE = 1
|
||||||
|
|
||||||
|
export ROOT = debian/tmp
|
||||||
|
export APP_FOLDER = $(ROOT)/usr/lib/helm
|
||||||
|
|
||||||
|
export DEB_VERSION = $(shell dpkg-parsechangelog | egrep '^Version:' | cut -f 2 -d ' ')
|
||||||
|
export RELEASE = $(shell echo $(DEB_VERSION) | cut -f 1 -d '-')
|
||||||
|
export REVISION = $(shell echo $(DEB_VERSION) | cut -f 4 -d '.')
|
||||||
|
export CHART_VERSION = $(RELEASE).$(REVISION)
|
||||||
|
|
||||||
|
%:
|
||||||
|
dh $@
|
||||||
|
|
||||||
|
override_dh_auto_build:
|
||||||
|
# Create the TGZ file.
|
||||||
|
mkdir -p build
|
||||||
|
mv Makefile audit build
|
||||||
|
|
||||||
|
# Build the chart
|
||||||
|
cd build && make CHART_VERSION=$(CHART_VERSION) audit
|
||||||
|
|
||||||
|
override_dh_auto_install:
|
||||||
|
install -d -m 755 $(APP_FOLDER)
|
||||||
|
install -p -D -m 755 build/audit*.tgz $(APP_FOLDER)
|
||||||
|
|
||||||
|
override_dh_auto_test:
|
||||||
|
|
@ -0,0 +1 @@
|
|||||||
|
3.0 (quilt)
|
10
helm-charts/custom/audit-helm/debian/meta_data.yaml
Normal file
10
helm-charts/custom/audit-helm/debian/meta_data.yaml
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
---
|
||||||
|
debname: audit-helm
|
||||||
|
debver: 1.0-0
|
||||||
|
src_path: audit-helm
|
||||||
|
revision:
|
||||||
|
dist: $STX_DIST
|
||||||
|
GITREVCOUNT:
|
||||||
|
stx_patch: 1
|
||||||
|
SRC_DIR: ${MY_REPO}/stx/audit-armada-app/helm-charts/custom/audit-helm/audit-helm/audit
|
||||||
|
BASE_SRCREV: f5d03fac8a81d2443559fc4dea4f0ffea9f15969
|
@ -1,3 +1,10 @@
|
|||||||
|
stx-audit-helm (1.0-2) unstable; urgency=medium
|
||||||
|
|
||||||
|
* Split helm chart into separate package and apply auto versioning.
|
||||||
|
|
||||||
|
-- Carmen Rata <carmen.rata@windriver.com> Thu, 13 Jun 2024 13:47:47 +0000
|
||||||
|
|
||||||
|
|
||||||
stx-audit-helm (1.0-1) unstable; urgency=medium
|
stx-audit-helm (1.0-1) unstable; urgency=medium
|
||||||
|
|
||||||
* Initial release.
|
* Initial release.
|
||||||
|
@ -4,6 +4,7 @@ Priority: optional
|
|||||||
Maintainer: StarlingX Developers <starlingx-discuss@lists.starlingx.io>
|
Maintainer: StarlingX Developers <starlingx-discuss@lists.starlingx.io>
|
||||||
Build-Depends: debhelper-compat (= 13),
|
Build-Depends: debhelper-compat (= 13),
|
||||||
helm,
|
helm,
|
||||||
|
audit-helm,
|
||||||
python3-k8sapp-auditd,
|
python3-k8sapp-auditd,
|
||||||
python3-k8sapp-auditd-wheels,
|
python3-k8sapp-auditd-wheels,
|
||||||
build-info
|
build-info
|
||||||
@ -14,5 +15,5 @@ Package: stx-audit-helm
|
|||||||
Section: libs
|
Section: libs
|
||||||
Architecture: any
|
Architecture: any
|
||||||
Depends: ${misc:Depends}
|
Depends: ${misc:Depends}
|
||||||
Description: StarlingX Audit FluxCD Helm Charts
|
Description: StarlingX Audit FluxCD application
|
||||||
This package contains FluxCD Helm charts for the audit application.
|
This package contains FluxCD manifests for the audit application.
|
||||||
|
@ -3,7 +3,7 @@ Upstream-Name: stx-audit-helm
|
|||||||
Source: https://opendev.org/starlingx/audit-armada-app/
|
Source: https://opendev.org/starlingx/audit-armada-app/
|
||||||
|
|
||||||
Files: *
|
Files: *
|
||||||
Copyright: (c) 2013-2021 Wind River Systems, Inc
|
Copyright: (c) 2013-2024 Wind River Systems, Inc
|
||||||
License: Apache-2
|
License: Apache-2
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
you may not use this file except in compliance with the License.
|
you may not use this file except in compliance with the License.
|
||||||
@ -23,7 +23,7 @@ License: Apache-2
|
|||||||
# If you want to use GPL v2 or later for the /debian/* files use
|
# If you want to use GPL v2 or later for the /debian/* files use
|
||||||
# the following clauses, or change it to suit. Delete these two lines
|
# the following clauses, or change it to suit. Delete these two lines
|
||||||
Files: debian/*
|
Files: debian/*
|
||||||
Copyright: 2021 Wind River Systems, Inc
|
Copyright: 2024 Wind River Systems, Inc
|
||||||
License: Apache-2
|
License: Apache-2
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
you may not use this file except in compliance with the License.
|
you may not use this file except in compliance with the License.
|
||||||
|
@ -11,7 +11,8 @@ export REVISION = $(shell echo $(DEB_VERSION) | cut -f 4 -d '.')
|
|||||||
|
|
||||||
export APP_NAME = auditd
|
export APP_NAME = auditd
|
||||||
export APP_VERSION = $(RELEASE)-$(REVISION)
|
export APP_VERSION = $(RELEASE)-$(REVISION)
|
||||||
export APP_TARBALL_FLUXCD = $(APP_NAME)-$(APP_VERSION).tgz
|
export APP_TARBALL = $(APP_NAME)-$(APP_VERSION).tgz
|
||||||
|
export HELM_FOLDER = /usr/lib/helm
|
||||||
export HELM_REPO = stx-platform
|
export HELM_REPO = stx-platform
|
||||||
export STAGING = staging
|
export STAGING = staging
|
||||||
|
|
||||||
@ -19,13 +20,24 @@ export STAGING = staging
|
|||||||
dh $@
|
dh $@
|
||||||
|
|
||||||
override_dh_auto_build:
|
override_dh_auto_build:
|
||||||
# Create the TGZ file.
|
|
||||||
cd helm-charts && make
|
|
||||||
# Setup the staging directory.
|
# Setup the staging directory.
|
||||||
mkdir -p $(STAGING)
|
mkdir -p $(STAGING)
|
||||||
cp files/metadata.yaml $(STAGING)
|
cp files/metadata.yaml $(STAGING)
|
||||||
|
cp -Rv fluxcd-manifests $(STAGING)
|
||||||
mkdir -p $(STAGING)/charts
|
mkdir -p $(STAGING)/charts
|
||||||
cp helm-charts/*.tgz $(STAGING)/charts
|
cp /usr/lib/helm/*.tgz $(STAGING)/charts
|
||||||
|
|
||||||
|
# Adjust the helmrelease yamls based on the chart versions
|
||||||
|
for c in $(STAGING)/charts/*; do \
|
||||||
|
chart=$$(basename $$c .tgz); \
|
||||||
|
chart_name=$${chart%-*}; \
|
||||||
|
chart_version=$${chart##*-}; \
|
||||||
|
echo "Found $$chart; name: $$chart_name, version: $$chart_version"; \
|
||||||
|
chart_manifest=$$(find $(STAGING)/fluxcd-manifests -name helmrelease.yaml -exec grep -q "chart:.*$$chart_name" {} \; -print); \
|
||||||
|
echo "Updating manifest: $$chart_manifest"; \
|
||||||
|
sed -i "s/REPLACE_HELM_CHART_VERSION/$$chart_version/g" $$chart_manifest; \
|
||||||
|
grep version $$chart_manifest; \
|
||||||
|
done
|
||||||
|
|
||||||
# Populate metadata.
|
# Populate metadata.
|
||||||
sed -i 's/APP_REPLACE_NAME/$(APP_NAME)/g' $(STAGING)/metadata.yaml
|
sed -i 's/APP_REPLACE_NAME/$(APP_NAME)/g' $(STAGING)/metadata.yaml
|
||||||
@ -36,12 +48,9 @@ override_dh_auto_build:
|
|||||||
mkdir -p $(STAGING)/plugins
|
mkdir -p $(STAGING)/plugins
|
||||||
cp /plugins/*.whl $(STAGING)/plugins
|
cp /plugins/*.whl $(STAGING)/plugins
|
||||||
|
|
||||||
# package fluxcd
|
# Create the app package.
|
||||||
cp -R fluxcd-manifests $(STAGING)/
|
|
||||||
|
|
||||||
# calculate checksum of all files in app_staging
|
|
||||||
cd $(STAGING) && find . -type f ! -name '*.md5' -print0 | xargs -0 md5sum > checksum.md5
|
cd $(STAGING) && find . -type f ! -name '*.md5' -print0 | xargs -0 md5sum > checksum.md5
|
||||||
tar cfz $(APP_TARBALL_FLUXCD) -C $(STAGING)/ .
|
tar cfz $(APP_TARBALL) -C $(STAGING)/ .
|
||||||
|
|
||||||
# Cleanup staging.
|
# Cleanup staging.
|
||||||
rm -rf $(STAGING)
|
rm -rf $(STAGING)
|
||||||
@ -49,7 +58,7 @@ override_dh_auto_build:
|
|||||||
override_dh_auto_install:
|
override_dh_auto_install:
|
||||||
# Install the app tar file.
|
# Install the app tar file.
|
||||||
install -d -m 755 $(APP_FOLDER)
|
install -d -m 755 $(APP_FOLDER)
|
||||||
install -p -D -m 755 $(APP_TARBALL_FLUXCD) $(APP_FOLDER)
|
install -p -D -m 755 $(APP_TARBALL) $(APP_FOLDER)
|
||||||
install -d -m 755 $(LOGROTATE_FOLDER)
|
install -d -m 755 $(LOGROTATE_FOLDER)
|
||||||
install -m 644 -p -D files/auditd.logrotate $(LOGROTATE_FOLDER)
|
install -m 644 -p -D files/auditd.logrotate $(LOGROTATE_FOLDER)
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
---
|
---
|
||||||
debname: stx-audit-helm
|
debname: stx-audit-helm
|
||||||
debver: 1.0-1
|
debver: 1.0-2
|
||||||
src_path: stx-audit-helm
|
src_path: stx-audit-helm
|
||||||
revision:
|
revision:
|
||||||
dist: $STX_DIST
|
dist: $STX_DIST
|
||||||
|
@ -14,7 +14,7 @@ spec:
|
|||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: auditd
|
chart: auditd
|
||||||
version: 1.0.0
|
version: REPLACE_HELM_CHART_VERSION
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: stx-platform
|
name: stx-platform
|
||||||
|
Loading…
Reference in New Issue
Block a user