Auto-increment chart versions for auditd app

To guarantee the helm chart version is incremented when a helm chart
change is submitted, a top level hierarchy for helm charts to
differentiate between upstream and custom charts:
helm-charts/{custom,upstream}, has been created.
For auditd app, only the "helm-charts/custom" directory fits this app
where the tarball is platform owned.

Test Plan:
PASS - Successfully built packages generating the helm chart and the
       application tarball.
PASS - Verified that the app tarball version was incremented by 1.
PASS - Verified basic application lifecycle operations:
       upload/apply/remove/delete.
PASS - Verified the auditd container is running and the audit logs
       are updated with new events that can be viewed on the host.

Story: 2010929
Task: 50330

Change-Id: If72f6c765139a60117a56b898c5c11d71c735597
Signed-off-by: Carmen Rata <carmen.rata@windriver.com>

debian_pkg_dirs

@@ -1,2 +1,3 @@
+helm-charts/custom/audit-helm
 python3-k8sapp-auditd
 stx-audit-helm

helm-charts/custom/audit-helm/audit-helm/Makefile

@@ -1,7 +1,7 @@
 #
 # Copyright 2017 The Openstack-Helm Authors.
 #
-# Copyright (c) 2021 Wind River Systems, Inc.
+# Copyright (c) 2024 Wind River Systems, Inc.
 #
 # SPDX-License-Identifier: Apache-2.0
 #
@@ -31,12 +31,11 @@ lint-%: init-%
 	if [ -d $* ]; then helm lint $*; fi
 
 build-%:
-	if [ -d $* ]; then helm package $*; fi
+	if [ -d $* ]; then helm package --version $(CHART_VERSION) $*; fi
 
 clean:
 	@echo "Clean all build artifacts"
 	rm -f */templates/_partials.tpl */templates/_globals.tpl
-	rm -f *tgz */charts/*tgz */requirements.lock
 	rm -rf */charts */tmpcharts
 
 %:

helm-charts/custom/audit-helm/debian/deb_folder/audit-helm.install

@@ -0,0 +1 @@
+usr/lib/helm/*

helm-charts/custom/audit-helm/debian/deb_folder/changelog

@@ -0,0 +1,5 @@
+audit-helm (1.0-0) unstable; urgency=medium
+
+  * Initial release.
+
+ --  Carmen Rata <carmen.rata@windriver.com>  Thu, 13 Jun 2024 13:47:47 +0000

helm-charts/custom/audit-helm/debian/deb_folder/control

@@ -0,0 +1,15 @@
+Source: audit-helm
+Section: libs
+Priority: optional
+Maintainer: StarlingX Developers <starlingx-discuss@lists.starlingx.io>
+Build-Depends: debhelper-compat (= 13),
+ helm,
+Standards-Version: 4.5.1
+Homepage: https://www.starlingx.io
+
+Package: audit-helm
+Section: libs
+Architecture: any
+Depends: ${misc:Depends}
+Description: StarlingX Audit FluxCD Helm Charts
+ This package contains FluxCD Helm charts for the audit application.

helm-charts/custom/audit-helm/debian/deb_folder/copyright

@@ -0,0 +1,41 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: audit-helm
+Source: https://opendev.org/starlingx/audit-armada-app/
+
+Files: *
+Copyright: (c) 2013-2024 Wind River Systems, Inc
+License: Apache-2
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ .
+    https://www.apache.org/licenses/LICENSE-2.0
+ .
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ .
+ On Debian-based systems the full text of the Apache version 2.0 license
+ can be found in `/usr/share/common-licenses/Apache-2.0'.
+
+# If you want to use GPL v2 or later for the /debian/* files use
+# the following clauses, or change it to suit. Delete these two lines
+Files: debian/*
+Copyright: 2021 Wind River Systems, Inc
+License: Apache-2
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ .
+    https://www.apache.org/licenses/LICENSE-2.0
+ .
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ .
+ On Debian-based systems the full text of the Apache version 2.0 license
+ can be found in `/usr/share/common-licenses/Apache-2.0'.

helm-charts/custom/audit-helm/debian/deb_folder/rules

@@ -0,0 +1,28 @@
+#!/usr/bin/make -f
+# export DH_VERBOSE = 1
+
+export ROOT = debian/tmp
+export APP_FOLDER = $(ROOT)/usr/lib/helm
+
+export DEB_VERSION = $(shell dpkg-parsechangelog | egrep '^Version:' | cut -f 2 -d ' ')
+export RELEASE = $(shell echo $(DEB_VERSION) | cut -f 1 -d '-')
+export REVISION = $(shell echo $(DEB_VERSION) | cut -f 4 -d '.')
+export CHART_VERSION = $(RELEASE).$(REVISION)
+
+%:
+	dh $@
+
+override_dh_auto_build:
+	# Create the TGZ file.
+	mkdir -p build
+	mv Makefile audit build
+
+	# Build the chart
+	cd build && make CHART_VERSION=$(CHART_VERSION) audit
+
+override_dh_auto_install:
+	install -d -m 755 $(APP_FOLDER)
+	install -p -D -m 755 build/audit*.tgz $(APP_FOLDER)
+
+override_dh_auto_test:
+

helm-charts/custom/audit-helm/debian/deb_folder/source/format

@@ -0,0 +1 @@
+3.0 (quilt)

helm-charts/custom/audit-helm/debian/meta_data.yaml

@@ -0,0 +1,10 @@
+---
+debname: audit-helm
+debver: 1.0-0
+src_path: audit-helm
+revision:
+  dist: $STX_DIST
+  GITREVCOUNT:
+    stx_patch: 1
+    SRC_DIR: ${MY_REPO}/stx/audit-armada-app/helm-charts/custom/audit-helm/audit-helm/audit
+    BASE_SRCREV: f5d03fac8a81d2443559fc4dea4f0ffea9f15969

stx-audit-helm/debian/deb_folder/changelog

@@ -1,3 +1,10 @@
+stx-audit-helm (1.0-2) unstable; urgency=medium
+
+  * Split helm chart into separate package and apply auto versioning.
+
+ --  Carmen Rata <carmen.rata@windriver.com>  Thu, 13 Jun 2024 13:47:47 +0000
+
+
 stx-audit-helm (1.0-1) unstable; urgency=medium
 
   * Initial release.

stx-audit-helm/debian/deb_folder/control

@@ -4,6 +4,7 @@ Priority: optional
 Maintainer: StarlingX Developers <starlingx-discuss@lists.starlingx.io>
 Build-Depends: debhelper-compat (= 13),
  helm,
+ audit-helm,
  python3-k8sapp-auditd,
  python3-k8sapp-auditd-wheels,
  build-info
@@ -14,5 +15,5 @@ Package: stx-audit-helm
 Section: libs
 Architecture: any
 Depends: ${misc:Depends}
-Description: StarlingX Audit FluxCD Helm Charts
- This package contains FluxCD Helm charts for the audit application.
+Description: StarlingX Audit FluxCD application
+ This package contains FluxCD manifests for the audit application.

stx-audit-helm/debian/deb_folder/copyright

@@ -3,7 +3,7 @@ Upstream-Name: stx-audit-helm
 Source: https://opendev.org/starlingx/audit-armada-app/
 
 Files: *
-Copyright: (c) 2013-2021 Wind River Systems, Inc
+Copyright: (c) 2013-2024 Wind River Systems, Inc
 License: Apache-2
  Licensed under the Apache License, Version 2.0 (the "License");
  you may not use this file except in compliance with the License.
@@ -23,7 +23,7 @@ License: Apache-2
 # If you want to use GPL v2 or later for the /debian/* files use
 # the following clauses, or change it to suit. Delete these two lines
 Files: debian/*
-Copyright: 2021 Wind River Systems, Inc
+Copyright: 2024 Wind River Systems, Inc
 License: Apache-2
  Licensed under the Apache License, Version 2.0 (the "License");
  you may not use this file except in compliance with the License.

stx-audit-helm/debian/deb_folder/rules

@@ -11,7 +11,8 @@ export REVISION = $(shell echo $(DEB_VERSION) | cut -f 4 -d '.')
 
 export APP_NAME = auditd
 export APP_VERSION = $(RELEASE)-$(REVISION)
-export APP_TARBALL_FLUXCD = $(APP_NAME)-$(APP_VERSION).tgz
+export APP_TARBALL = $(APP_NAME)-$(APP_VERSION).tgz
+export HELM_FOLDER = /usr/lib/helm
 export HELM_REPO = stx-platform
 export STAGING = staging
 
@@ -19,13 +20,24 @@ export STAGING = staging
 	dh $@
 
 override_dh_auto_build:
-	# Create the TGZ file.
-	cd helm-charts && make
 	# Setup the staging directory.
 	mkdir -p $(STAGING)
 	cp files/metadata.yaml $(STAGING)
+	cp -Rv fluxcd-manifests $(STAGING)
 	mkdir -p $(STAGING)/charts
-	cp helm-charts/*.tgz $(STAGING)/charts
+	cp /usr/lib/helm/*.tgz $(STAGING)/charts
+
+	# Adjust the helmrelease yamls based on the chart versions
+	for c in $(STAGING)/charts/*; do \
+		chart=$$(basename $$c .tgz); \
+		chart_name=$${chart%-*}; \
+		chart_version=$${chart##*-}; \
+		echo "Found $$chart; name: $$chart_name, version: $$chart_version"; \
+		chart_manifest=$$(find $(STAGING)/fluxcd-manifests -name helmrelease.yaml -exec grep -q "chart:.*$$chart_name" {} \; -print); \
+		echo "Updating manifest: $$chart_manifest"; \
+		sed -i "s/REPLACE_HELM_CHART_VERSION/$$chart_version/g" $$chart_manifest; \
+		grep version $$chart_manifest; \
+	done
 
 	# Populate metadata.
 	sed -i 's/APP_REPLACE_NAME/$(APP_NAME)/g' $(STAGING)/metadata.yaml
@@ -36,12 +48,9 @@ override_dh_auto_build:
 	mkdir -p $(STAGING)/plugins
 	cp /plugins/*.whl $(STAGING)/plugins
 
-	# package fluxcd
-	cp -R fluxcd-manifests $(STAGING)/
-
-	# calculate checksum of all files in app_staging
+	# Create the app package.
 	cd $(STAGING) && find . -type f ! -name '*.md5' -print0 | xargs -0 md5sum > checksum.md5
-	tar cfz $(APP_TARBALL_FLUXCD) -C $(STAGING)/ .
+	tar cfz $(APP_TARBALL) -C $(STAGING)/ .
 
 	# Cleanup staging.
 	rm -rf $(STAGING)
@@ -49,7 +58,7 @@ override_dh_auto_build:
 override_dh_auto_install:
 	# Install the app tar file.
 	install -d -m 755 $(APP_FOLDER)
-	install -p -D -m 755 $(APP_TARBALL_FLUXCD) $(APP_FOLDER)
+	install -p -D -m 755 $(APP_TARBALL) $(APP_FOLDER)
 	install -d -m 755 $(LOGROTATE_FOLDER)
 	install -m 644 -p -D files/auditd.logrotate $(LOGROTATE_FOLDER)
 

stx-audit-helm/debian/meta_data.yaml

@@ -1,6 +1,6 @@
 ---
 debname: stx-audit-helm
-debver: 1.0-1
+debver: 1.0-2
 src_path: stx-audit-helm
 revision:
   dist: $STX_DIST

stx-audit-helm/stx-audit-helm/fluxcd-manifests/auditd/helmrelease.yaml

@@ -14,7 +14,7 @@ spec:
   chart:
     spec:
       chart: auditd
-      version: 1.0.0
+      version: REPLACE_HELM_CHART_VERSION
       sourceRef:
         kind: HelmRepository
         name: stx-platform