diff --git a/.circleci/config.yml b/.circleci/config.yml index a214adf47..1a98ba5e9 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,7 +1,7 @@ version: 2.1 orbs: - architect: giantswarm/architect@4.24.0 + architect: giantswarm/architect@4.26.0 workflows: build: diff --git a/.github/workflows/zz_generated.add-team-labels.yaml b/.github/workflows/zz_generated.add-team-labels.yaml new file mode 100644 index 000000000..9e96e1d5d --- /dev/null +++ b/.github/workflows/zz_generated.add-team-labels.yaml @@ -0,0 +1,53 @@ +name: Add appropriate labels to issue + +on: + issues: + types: [assigned] + +jobs: + build_user_list: + name: Get yaml config of GS users + runs-on: ubuntu-latest + steps: + - name: Get user-mapping + run: | + mkdir -p artifacts + wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \ + -O artifacts/users.yaml \ + https://raw.githubusercontent.com/giantswarm/github/master/tools/issue-automation/user-mapping.yaml + - name: Upload Artifact + uses: actions/upload-artifact@v3 + with: + name: users + path: artifacts/users.yaml + retention-days: 1 + + add_label: + name: Add team label when assigned + runs-on: ubuntu-latest + needs: build_user_list + steps: + - uses: actions/download-artifact@v3 + id: download-users + with: + name: users + - name: Find team label based on user names + run: | + event_assignee=$(cat $GITHUB_EVENT_PATH | jq -r .assignee.login | tr '[:upper:]' '[:lower:]') + echo "Issue assigned to: ${event_assignee}" + + TEAMS=$(cat ${{steps.download-users.outputs.download-path}}/users.yaml | tr '[:upper:]' '[:lower:]' | yq ".${event_assignee}.teams" -o csv | tr ',' ' ') + + echo "LABEL<> $GITHUB_ENV + for team in ${TEAMS}; do + echo "Team: ${team} | Label: team/${team}" + echo "team/${team}" >> $GITHUB_ENV + done + echo "EOF" >> $GITHUB_ENV + - name: Apply label to issue + if: ${{ env.LABEL != '' }} + uses: actions-ecosystem/action-add-labels@v1 + with: + github_token: ${{ secrets.ISSUE_AUTOMATION }} + labels: | + ${{ env.LABEL }} diff --git a/.github/workflows/zz_generated.add-to-project-board.yaml b/.github/workflows/zz_generated.add-to-project-board.yaml new file mode 100644 index 000000000..ff63913b9 --- /dev/null +++ b/.github/workflows/zz_generated.add-to-project-board.yaml @@ -0,0 +1,89 @@ +name: Add Issue to Project when assigned + +on: + issues: + types: + - assigned + - labeled + +jobs: + build_user_list: + name: Get yaml config of GS users + runs-on: ubuntu-latest + steps: + - name: Get user-mapping + run: | + mkdir -p artifacts + wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \ + -O artifacts/users.yaml \ + https://raw.githubusercontent.com/giantswarm/github/master/tools/issue-automation/user-mapping.yaml + - name: Upload Artifact + uses: actions/upload-artifact@v3 + with: + name: users + path: artifacts/users.yaml + retention-days: 1 + - name: Get label-mapping + run: | + mkdir -p artifacts + wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \ + -O artifacts/labels.yaml \ + https://raw.githubusercontent.com/giantswarm/github/master/tools/issue-automation/label-mapping.yaml + - name: Upload Artifact + uses: actions/upload-artifact@v3 + with: + name: labels + path: artifacts/labels.yaml + retention-days: 1 + + add_to_personal_board: + name: Add issue to personal board + runs-on: ubuntu-latest + needs: build_user_list + if: github.event.action == 'assigned' + steps: + - uses: actions/download-artifact@v3 + id: download-users + with: + name: users + - name: Find personal board based on user names + run: | + event_assignee=$(cat $GITHUB_EVENT_PATH | jq -r .assignee.login | tr '[:upper:]' '[:lower:]') + echo "Issue assigned to: ${event_assignee}" + + BOARD=($(cat ${{steps.download-users.outputs.download-path}}/users.yaml | tr '[:upper:]' '[:lower:]' | yq ".${event_assignee}.personalboard")) + echo "Personal board URL: ${BOARD}" + + echo "BOARD=${BOARD}" >> $GITHUB_ENV + - name: Add issue to personal board + if: ${{ env.BOARD != 'null' && env.BOARD != '' }} + uses: actions/add-to-project@main + with: + project-url: ${{ env.BOARD }} + github-token: ${{ secrets.ISSUE_AUTOMATION }} + + add_to_team_board: + name: Add issue to team board + runs-on: ubuntu-latest + needs: build_user_list + if: github.event.action == 'labeled' + steps: + - uses: actions/download-artifact@v3 + id: download-labels + with: + name: labels + - name: Find team board based on label + run: | + event_label=$(cat $GITHUB_EVENT_PATH | jq -r .label.name | tr '[:upper:]' '[:lower:]') + echo "Issue labelled with: ${event_label}" + + BOARD=($(cat ${{steps.download-labels.outputs.download-path}}/labels.yaml | tr '[:upper:]' '[:lower:]' | yq ".${event_label}.projectboard")) + echo "Team board URL: ${BOARD}" + + echo "BOARD=${BOARD}" >> $GITHUB_ENV + - name: Add issue to team board + if: ${{ env.BOARD != 'null' && env.BOARD != '' }} + uses: actions/add-to-project@main + with: + project-url: ${{ env.BOARD }} + github-token: ${{ secrets.ISSUE_AUTOMATION }} diff --git a/.github/workflows/zz_generated.check_values_schema.yaml b/.github/workflows/zz_generated.check_values_schema.yaml index fa01fef04..2d8de3452 100644 --- a/.github/workflows/zz_generated.check_values_schema.yaml +++ b/.github/workflows/zz_generated.check_values_schema.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@5.9.0 +# devctl@5.12.0 # name: 'Check if values schema file has been updated' on: pull_request diff --git a/.github/workflows/zz_generated.create_release.yaml b/.github/workflows/zz_generated.create_release.yaml index e9c6c4d6e..b5904ec65 100644 --- a/.github/workflows/zz_generated.create_release.yaml +++ b/.github/workflows/zz_generated.create_release.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@5.9.0 +# devctl@5.12.0 # name: Create Release on: @@ -50,7 +50,7 @@ jobs: fi version="${version#v}" # Strip "v" prefix. echo "version=\"${version}\"" - echo "::set-output name=version::${version}" + echo "version=${version}" >> $GITHUB_OUTPUT - name: Checkout code if: ${{ steps.get_version.outputs.version != '' }} uses: actions/checkout@v3 @@ -63,7 +63,7 @@ jobs: path='' fi echo "path=\"$path\"" - echo "::set-output name=path::${path}" + echo "path=${path}" >> $GITHUB_OUTPUT - name: Check if reference version id: ref_version run: | @@ -81,7 +81,7 @@ jobs: refversion=true fi echo "refversion =\"${refversion}\"" - echo "::set-output name=refversion::${refversion}" + echo "refversion=${refversion}" >> $GITHUB_OUTPUT update_project_go: name: Update project.go runs-on: ubuntu-20.04 @@ -114,7 +114,7 @@ jobs: version="${{ needs.gather_facts.outputs.version }}" new_version="$(semver bump patch $version)-dev" echo "version=\"$version\" new_version=\"$new_version\"" - echo "::set-output name=new_version::${new_version}" + echo "new_version=${new_version}" >> $GITHUB_OUTPUT sed -Ei "s/(version[[:space:]]*=[[:space:]]*)\"${version}\"/\1\"${new_version}\"/" $file if git diff --exit-code $file ; then echo "error: no changes in \"$file\"" >&2 diff --git a/.github/workflows/zz_generated.create_release_pr.yaml b/.github/workflows/zz_generated.create_release_pr.yaml index d5cec937b..9081df8bc 100644 --- a/.github/workflows/zz_generated.create_release_pr.yaml +++ b/.github/workflows/zz_generated.create_release_pr.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@5.9.0 +# devctl@5.12.0 # name: Create Release PR on: @@ -52,7 +52,7 @@ jobs: id: gather_facts run: | head="${{ inputs.branch || github.event.ref }}" - echo "::set-output name=branch::${head}" + echo "branch=${head}" >> $GITHUB_OUTPUT head="${head#refs/heads/}" # Strip "refs/heads/" prefix. if [[ $(echo "$head" | grep -o '#' | wc -l) -gt 1 ]]; then @@ -82,7 +82,7 @@ jobs: version_major=$((version_major+1)) version_minor=0 version_patch=0 - echo "::set-output name=is_major::true" + echo "is_major=true" >> $GITHUB_OUTPUT ;; *) echo "Unknown Semver level provided" @@ -95,16 +95,18 @@ jobs: version_major=$(echo "${version}" | cut -d "." -f 1) version_minor=$(echo "${version}" | cut -d "." -f 2) version_patch=$(echo "${version}" | cut -d "." -f 3) - if [[ $version_minor = 0 && $version_patch = 0 ]]; then - echo "::set-output name=is_major::true" + # This will help us detect versions with suffixes as majors, i.e 3.0.0-alpha1. + # Even though it's a pre-release, it's still a major. + if [[ $version_minor = 0 && $version_patch =~ ^0.* ]]; then + echo "is_major=true" >> $GITHUB_OUTPUT fi fi repo_name="$(echo '${{ github.repository }}' | awk -F '/' '{print $2}')" echo "repo_name=\"$repo_name\" base=\"$base\" head=\"$head\" version=\"$version\"" - echo "::set-output name=repo_name::${repo_name}" - echo "::set-output name=base::${base}" - echo "::set-output name=head::${head}" - echo "::set-output name=version::${version}" + echo "repo_name=${repo_name}" >> $GITHUB_OUTPUT + echo "base=${base}" >> $GITHUB_OUTPUT + echo "head=${head}" >> $GITHUB_OUTPUT + echo "version=${version}" >> $GITHUB_OUTPUT - name: Check if PR exists id: pr_exists env: @@ -112,9 +114,9 @@ jobs: run: | if gh pr view --repo ${{ github.repository }} ${{ steps.gather_facts.outputs.branch }} | grep -i 'state:[[:space:]]*open' >/dev/null; then gh pr view --repo ${{ github.repository }} ${{ steps.gather_facts.outputs.branch }} - echo "::set-output name=skip::true" + echo "skip=true" >> $GITHUB_OUTPUT else - echo "::set-output name=skip::false" + echo "skip=false" >> $GITHUB_OUTPUT fi create_release_pr: name: Create release PR diff --git a/.github/workflows/zz_generated.gitleaks.yaml b/.github/workflows/zz_generated.gitleaks.yaml index e0f6786c0..479579240 100644 --- a/.github/workflows/zz_generated.gitleaks.yaml +++ b/.github/workflows/zz_generated.gitleaks.yaml @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@5.9.0 +# devctl@5.12.0 # name: gitleaks diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 875a8fd89..ed3ba69f1 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -20,7 +20,7 @@ repos: - id: trailing-whitespace - repo: https://github.com/dnephin/pre-commit-golang - rev: v0.5.0 + rev: v0.5.1 hooks: - id: go-fmt - id: go-mod-tidy diff --git a/Makefile b/Makefile index b916857e9..8825a0430 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@5.9.0 +# devctl@5.12.0 # include Makefile.*.mk diff --git a/Makefile.gen.app.mk b/Makefile.gen.app.mk index ab9f6f5d7..150168923 100644 --- a/Makefile.gen.app.mk +++ b/Makefile.gen.app.mk @@ -1,13 +1,21 @@ # DO NOT EDIT. Generated with: # -# devctl@5.9.0 +# devctl@5.12.0 # ##@ App -.PHONY: lint-chart +YQ=docker run --rm -u $$(id -u) -v $${PWD}:/workdir mikefarah/yq:4.29.2 +HELM_DOCS=docker run --rm -u $$(id -u) -v $${PWD}:/helm-docs jnorwood/helm-docs:v1.11.0 + +ifdef APPLICATION +DEPS := $(shell ls $(APPLICATION)/charts) +endif + +.PHONY: lint-chart check-env update-chart helm-docs update-deps $(DEPS) + lint-chart: IMAGE := giantswarm/helm-chart-testing:v3.0.0-rc.1 -lint-chart: ## Runs ct against the default chart. +lint-chart: check-env ## Runs ct against the default chart. @echo "====> $@" rm -rf /tmp/$(APPLICATION)-test mkdir -p /tmp/$(APPLICATION)-test/helm @@ -15,3 +23,23 @@ lint-chart: ## Runs ct against the default chart. architect helm template --dir /tmp/$(APPLICATION)-test/helm/$(APPLICATION) docker run -it --rm -v /tmp/$(APPLICATION)-test:/wd --workdir=/wd --name ct $(IMAGE) ct lint --validate-maintainers=false --charts="helm/$(APPLICATION)" rm -rf /tmp/$(APPLICATION)-test + +update-chart: check-env ## Sync chat with upstream repo. + @echo "====> $@" + vendir sync + $(MAKE) update-deps + +update-deps: check-env $(DEPS) ## Update Helm dependencies. + cd $(APPLICATION) && helm dependency update + +$(DEPS): check-env ## Update main Chart.yaml with new local dep versions. + new_version=`$(YQ) .version $(APPLICATION)/charts/$@/Chart.yaml` && \ + $(YQ) -i e "with(.dependencies[]; select(.name == \"$@\") | .version = \"$$new_version\")" $(APPLICATION)/Chart.yaml + +helm-docs: check-env ## Update $(APPLICATION) README. + $(HELM_DOCS) -c $(APPLICATION) -g $(APPLICATION) + +check-env: +ifndef APPLICATION + $(error APPLICATION is not defined) +endif diff --git a/Makefile.gen.go.mk b/Makefile.gen.go.mk index 164beb63b..f850e319b 100644 --- a/Makefile.gen.go.mk +++ b/Makefile.gen.go.mk @@ -1,6 +1,6 @@ # DO NOT EDIT. Generated with: # -# devctl@5.9.0 +# devctl@5.12.0 # APPLICATION := $(shell go list -m | cut -d '/' -f 3) diff --git a/renovate.json b/renovate.json index 1cbba3c3b..291663283 100644 --- a/renovate.json +++ b/renovate.json @@ -1,9 +1,9 @@ { "extends": [ "config:base", - ":reviewer(team:area-kaas)" + ":reviewer(team:team-phoenix)" ], - "labels": ["dependencies"], + "labels": ["dependencies", "renovate"], "packageRules": [ { "matchPackagePatterns": [".*giantswarm.*"], @@ -20,7 +20,7 @@ }, { "excludePackagePatterns": [".*giantswarm.*" ,"^k8s.io", "^sigs.k8s.io"], - "groupName": "etc modules" + "groupName": "misc modules" }, { "matchPackagePatterns": ["^sigs.k8s.io/cluster*"], diff --git a/service/collector/error.go b/service/collector/error.go index 159c937cd..5c028d3b2 100644 --- a/service/collector/error.go +++ b/service/collector/error.go @@ -12,8 +12,7 @@ import ( // This error should never be matched against and therefore there is no matcher // implement. For further information see: // -// https://github.com/giantswarm/fmt/blob/master/go/errors.md#matching-errors -// +// https://github.com/giantswarm/fmt/blob/master/go/errors.md#matching-errors var executionFailedError = µerror.Error{ Kind: "executionFailedError", } @@ -36,8 +35,7 @@ var vaultAccessError = µerror.Error{ // temporarily replies with HTTP responses. In such cases we intend to cancel // collection and wait until Vault is fully operational again. // -// Get https://vault.g8s.foo.bar:8200/v1/sys/mounts: http: server gave HTTP response to HTTPS client -// +// Get https://vault.g8s.foo.bar:8200/v1/sys/mounts: http: server gave HTTP response to HTTPS client func IsVaultAccess(err error) bool { if err == nil { return false diff --git a/service/controller/resources/vaultaccess/error.go b/service/controller/resources/vaultaccess/error.go index 15a1b8697..3d0a186c3 100644 --- a/service/controller/resources/vaultaccess/error.go +++ b/service/controller/resources/vaultaccess/error.go @@ -24,8 +24,7 @@ var vaultAccessError = µerror.Error{ // temporarily replies with HTTP responses. In such cases we intend to cancel // reconciliation and wait until Vault is fully operational again. // -// Get https://vault.g8s.amag.ch:8200/v1/sys/mounts: http: server gave HTTP response to HTTPS client -// +// Get https://vault.g8s.amag.ch:8200/v1/sys/mounts: http: server gave HTTP response to HTTPS client func IsVaultAccess(err error) bool { if err == nil { return false