Merge pull request #1 from devtron-labs/qa-charts

feat: QA charts
devtron-labs · Jun 19, 2023 · e5ee4b5 · e5ee4b5
2 parents c2ab652 + 3475e53
commit e5ee4b5
Show file tree

Hide file tree

Showing 51 changed files with 2,419 additions and 53 deletions.
diff --git a/.github/workflows/trivy-scan.yaml b/.github/workflows/trivy-scan.yaml
@@ -0,0 +1,27 @@
+name: Trivy Scanning
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu:latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Run Trivy vulnerability scanner in repo mode
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          ignore-unfixed: true
+          format: 'sarif'
+          output: 'trivy-results.sarif'
+          severity: 'CRITICAL'
+
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: 'trivy-results.sarif'
diff --git a/charts/argo-workflow/Chart.yaml b/charts/argo-workflow/Chart.yaml
@@ -1,6 +1,6 @@
 name: argo-workflow
 description: Chart to deploy argo-workflow
-version: 0.1.3
+version: 0.1.4
 apiVersion: v1
 maintainers:
 - email: [email protected]

diff --git a/charts/argo-workflow/templates/deployment.yaml b/charts/argo-workflow/templates/deployment.yaml
@@ -2,14 +2,26 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: workflow-controller
+  {{- if  $.Values.argoWorkflow.annotations }}
+  annotations:
+{{- toYaml $.Values.argoWorkflow.annotations | nindent 4 }}
+  {{- end }}
+  {{- if  $.Values.argoWorkflow.labels }}
+  labels:
+{{- toYaml $.Values.argoWorkflow.labels | nindent 4 }}      
+  {{- end }}
 spec:
+  replicas: {{ $.Values.argoWorkflow.replicas | default 1 }}
   selector:
     matchLabels:
       app: workflow-controller
   template:
     metadata:
       labels:
         app: workflow-controller
+        {{- if  $.Values.argoWorkflow.labels }}
+{{- toYaml $.Values.argoWorkflow.labels | nindent 8 }}      
+        {{- end }}
     spec:
       containers:
       - args:
@@ -20,11 +32,18 @@ spec:
         command:
         - workflow-controller
         env:
-        - name: LEADER_ELECTION_IDENTITY
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.name
+          - name: LEADER_ELECTION_IDENTITY
+            valueFrom:
+              fieldRef:
+                apiVersion: v1
+                fieldPath: metadata.name
+          {{- if  $.Values.argoWorkflow.EnvVariables }}
+{{ toYaml $.Values.argoWorkflow.EnvVariables | indent 10 }}
+          {{- end }}
+        {{- if  $.Values.argoWorkflow.EnvVariablesFrom }}
+        envFrom:
+{{ toYaml $.Values.argoWorkflow.EnvVariablesFrom | indent 10 }}
+        {{- end }}
         resources:
 {{ toYaml .Values.argoWorkflow.workflowController.resources | indent 10 }}
         image: {{ .Values.argoWorkflow.workflowController.image }}

diff --git a/charts/argo-workflow/values.yaml b/charts/argo-workflow/values.yaml
@@ -3,6 +3,11 @@ argoWorkflow:
     bucket: devtron-pro-ci-logs
     keyFormat: demo-v1/{{workflow.name}}
     region: us-east-2
+  replicas: 1
+  labels: {}
+  annotations: {}
+  EnvVariables: []
+  EnvVariablesFrom: []
   workflowController:
     image: quay.io/argoproj/workflow-controller:v3.0.7
     resources:

diff --git a/charts/clair/Chart.yaml b/charts/clair/Chart.yaml
@@ -12,4 +12,4 @@ maintainers:
 name: clair
 sources:
 - https://github.com/coreos/clair
-version: 0.1.9
+version: 0.1.10
diff --git a/charts/clair/templates/deployment.yaml b/charts/clair/templates/deployment.yaml
@@ -21,7 +21,6 @@ spec:
         heritage: {{ .Release.Service | quote }}
         release: {{ .Release.Name | quote }}
         chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
-        app: clair
         integration: security
 {{ toYaml .Values.labels | indent 8 }}
     spec:

diff --git a/charts/devtron-logs-dump/README.md b/charts/devtron-logs-dump/README.md
@@ -0,0 +1,32 @@
+# Devtron Logs Dump Chart
+
+This Helm chart is used to dump the logs of various microservices in the Devtron stack to the Devtron S3 bucket.
+
+## Microservices Logs
+
+The chart is configured to dump the logs of the following microservices:
+
+Dashboard
+Devtron
+Kubewatch
+Kubelink
+Argo Rollouts
+ArgoCD Dex Server
+Devtron NATS
+Git Sensor
+Lens
+
+## Installation
+
+To install the Devtron Logs chart, follow the steps below:
+
+Make sure you have Helm installed and configured.
+Clone the Devtron Logs repository.
+Navigate to the directory containing the chart.
+Run the following Helm command to install the chart:
+
+**helm install devtron-logs -n devtroncd -f <chart-location>**
+
+Make sure to replace <chart-location> with the location of your chart values file.
+
+Note: You can customize the chart by modifying the values in the chart values file before installation.
diff --git a/charts/devtron-logs-dump/values.yaml b/charts/devtron-logs-dump/values.yaml
@@ -2,5 +2,5 @@ serviceAccount:
   name: "devtron-logs-dump"
 job:
   name: "devtron-logs-dump"
-  image: docker.io/rupinsolanki07/test:logs-dump4
-  imagePullPolicy: IfNotPresent
+  image: quay.io/devtron/k8s-utils:807ca3c2-488-14005
+  imagePullPolicy: IfNotPresent
diff --git a/charts/devtron/Chart.yaml b/charts/devtron/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: devtron-operator
-appVersion: 0.6.15
+appVersion: 0.6.17
 description: Chart to configure and install Devtron. Devtron is a Kubernetes Orchestration system.
 keywords:
   - Devtron
@@ -11,7 +11,7 @@ keywords:
   - argocd
   - Hyperion
 engine: gotpl
-version: 0.22.53
+version: 0.22.56
 sources:
   - https://github.com/devtron-labs/charts
 dependencies:

diff --git a/charts/devtron/README.md b/charts/devtron/README.md
@@ -22,9 +22,9 @@ It packages third party components like
 
 ## How to use it
 
-### Install with Helm
+### Install with Helm (Stable)
 
-Run the following command to install the latest version of Devtron along with the CI/CD integration:
+Follow the given steps to install devtron stable release on your kubernetes cluster
 
 ```bash
 helm repo add devtron https://helm.devtron.ai 
@@ -34,9 +34,34 @@ helm install devtron devtron/devtron-operator \
 --set installer.modules={cicd}
 ```
 
+### Install with Helm (Beta)
+
+We also release beta versions of devtron every few days before the stable release for people who would like to explore and test beta features before everyone else. If you want to install a fresh devtron from beta release channel, use the chart in our official devtron repository.
+
+This chart is currently not available on the official helm repository therefore you need to download it to install it.
+
+```bash
+$ git clone [https://github.com/devtron-labs/devtron.git](https://github.com/devtron-labs/devtron.git)
+$ cd devtron/charts/devtron
+$ helm dependency up
+$ #modify values in values.yaml
+$ helm install devtron . --create-namespace --namespace devtroncd -f values.yaml
+```
+
+To upgrade your existing devtron installation to beta, use helm upgrade.
+
+```bash
+$ git clone [https://github.com/devtron-labs/devtron.git](https://github.com/devtron-labs/devtron.git)
+$ cd devtron/charts/devtron
+$ helm dependency up
+$ #modify values in values.yaml
+$ helm upgrade devtron . --reuse-values --namespace devtroncd -f devtron-bom.yaml
+```
+For more details about configuration see the [helm chart configuration](#configuration)
+
 [Link to](https://docs.devtron.ai/install) more installation options for Devtron.
 
-For more details on configuration, see the [Helm chart configuration](#configuration)
+> Note: There is no option to upgrade to beta on stack manager UI as of now and you may always see upgrade available for latest stable version using which you'll be moved to latest stable version available.
 
 ### Access Devtron dashboard
 

diff --git a/charts/devtron/devtron-bom.yaml b/charts/devtron/devtron-bom.yaml
@@ -9,22 +9,36 @@ global:
     runAsNonRoot: true
 
 installer:
-  release: "v0.6.15"
+  release: "v0.6.17"
   image: "quay.io/devtron/inception"
   tag: "44b30917-185-13275"
 
 components:
   dashboard:
-    image: "quay.io/devtron/dashboard:28017af9-325-13418"
+    image: "quay.io/devtron/dashboard:a43e715d-325-13908"
+    config:
+      extraConfigs:
+        USE_V2: "true"
+        ENABLE_BUILD_CONTEXT: "true"
   devtron:
-    image: "quay.io/devtron/hyperion:9f3934ee-280-13407"
-    cicdImage: "quay.io/devtron/devtron:9f3934ee-434-13409"
+    image: "quay.io/devtron/hyperion:f45916a0-280-13927"
+    cicdImage: "quay.io/devtron/devtron:f45916a0-434-13929"
   argocdDexServer:
     image: "ghcr.io/dexidp/dex:v2.30.2"
     initContainer:
       authenticator: "quay.io/devtron/authenticator:e414faff-393-13273"
   kubelink:
-    image: "quay.io/devtron/kubelink:18bf720b-318-13404"
+    image: "quay.io/devtron/kubelink:451a1a1a-318-13790"
+    configs:
+      ENABLE_HELM_RELEASE_CACHE: "true"
+      PG_ADDR: postgresql-postgresql.devtroncd
+      PG_DATABASE: orchestrator
+      PG_LOG_QUERY: "true"
+      PG_PORT: "5432"
+      PG_USER: postgres
+    dbconfig:
+      secretName: postgresql-postgresql
+      keyName: postgresql-password
   postgres:
     image: "quay.io/devtron/postgres:11.9.0-debian-10-r26"
     armImage: "quay.io/devtron/postgres:11.9"
@@ -34,10 +48,10 @@ components:
     envVars:
       devtron:
         GIT_BRANCH: "main"
-        GIT_HASH: "9f3934ee51a1cfa1631f90bc6cc55a240aa98b07"
+        GIT_HASH: "bc35eb7ecb5b604f4fc55cc1fa21f6fbbd59a180"
       casbin:
         GIT_BRANCH: "main"
-        GIT_HASH: "9f3934ee51a1cfa1631f90bc6cc55a240aa98b07"
+        GIT_HASH: "bc35eb7ecb5b604f4fc55cc1fa21f6fbbd59a180"
 
 argo-cd:
   global:
@@ -47,7 +61,8 @@ argo-cd:
       imagePullPolicy: IfNotPresent
 
 security:
-  image: "quay.io/devtron/image-scanner:b7873c95-334-13266"
+  imageScanner:
+    image: "quay.io/devtron/image-scanner:b7873c95-334-13266"
 
 notifier:
   image: "quay.io/devtron/notifier:6c7a356a-372-11107"
diff --git a/charts/devtron/templates/app-sync-job.yaml b/charts/devtron/templates/app-sync-job.yaml
@@ -31,7 +31,7 @@ spec:
       {{- end }}
       containers:
       - name: chart-sync
-        image: quay.io/devtron/chart-sync:6bdaa674-150-13276
+        image: quay.io/devtron/chart-sync:04a03402-373-13820
         {{- if and $.Values.global $.Values.global.containerSecurityContext }}
         securityContext:
 {{- toYaml $.Values.global.containerSecurityContext | nindent 10 }}
@@ -80,7 +80,7 @@ spec:
           {{- end }}
           containers:
           - name: chart-sync
-            image: quay.io/devtron/chart-sync:6bdaa674-150-13276
+            image: quay.io/devtron/chart-sync:04a03402-373-13820
             {{- if and $.Values.global $.Values.global.containerSecurityContext }}
             securityContext:
 {{- toYaml $.Values.global.containerSecurityContext | nindent 14 }}

diff --git a/charts/devtron/templates/dashboard.yaml b/charts/devtron/templates/dashboard.yaml
@@ -25,6 +25,9 @@ data:
   SENTRY_ENV: {{ .config.sentryEnv | default "PRODUCTION" | quote }}
   APPLICATION_METRICS_ENABLED: {{ .config.applicationMetrics | default "true" | quote }}
   HIDE_APPLICATION_GROUPS: {{ .config.hideApplicationGroups | default "false" | quote }}
+  {{- if .config.extraConfigs }}
+{{ toYaml .config.extraConfigs | indent 2 }}
+  {{- end }}
 {{- end }} 
 ---
 apiVersion: v1

diff --git a/charts/devtron/templates/devtron.yaml b/charts/devtron/templates/devtron.yaml
@@ -18,7 +18,7 @@ data:
   PG_DATABASE: orchestrator
   DEX_HOST: http://argocd-dex-server.devtroncd
   DEX_PORT: "5556"
-  APP_SYNC_IMAGE: "quay.io/devtron/chart-sync:07ac8fd7-150-11120"
+  APP_SYNC_IMAGE: "quay.io/devtron/chart-sync:04a03402-373-13820"
 {{- if $.Values.installer.modules }}
 {{- if has "cicd" $.Values.installer.modules }}
 {{- if $.Values.configs }}

diff --git a/charts/devtron/templates/kubelink.yaml b/charts/devtron/templates/kubelink.yaml
@@ -1,4 +1,35 @@
 {{- with .Values.components.kubelink }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kubelink-secret
+  labels:
+    app: kubelink
+    release: devtron
+  annotations:
+    "helm.sh/resource-policy": keep
+type: Opaque
+{{- if .secrets }}
+data:
+{{- range $k, $v := .secrets }}
+  {{ $k }}: {{ $v | b64enc }}
+{{- end }}
+{{- end }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: kubelink-cm
+  labels:
+    app: kubelink
+    release: devtron
+  annotations:
+    "helm.sh/resource-policy": keep
+{{- if .configs }}
+data:
+{{ toYaml .configs | indent 2 }}
+{{- end }}
+---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -45,6 +76,18 @@ spec:
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.name
+            {{- if .dbconfig }}
+            - name: PG_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .dbconfig.secretName }}
+                  key: {{ .dbconfig.keyName }}
+            {{- end }}
+          envFrom:
+          - configMapRef:
+              name: kubelink-cm
+          - secretRef:
+              name: kubelink-secret
           {{- if .resources }}        
           resources:
           {{- toYaml .resources | nindent 12 }}