Merge branch 'release/v0.1.0' into main

.dockerignore

@@ -0,0 +1,10 @@
+# Deny all
+*/**
+
+# Allow only resources
+!go.*
+!cmd/**/*
+!pkg/**/*
+!build/**/*
+!Makefile
+!.git/**/*

.mockery.yaml

@@ -0,0 +1,4 @@
+inpackage: True
+testonly: True
+with-expecter: True
+keeptree: False

CHANGELOG.md

@@ -0,0 +1,13 @@
+# k8s-host-change Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+## [v0.1.0] - 2023-03-27
+
+### Added
+- initial release
+- [#1] support changes in split dns configuration

Dockerfile

@@ -0,0 +1,47 @@
+# Build the manager binary
+FROM golang:1.20.2 as builder
+
+WORKDIR /workspace
+
+# Copy the Go Modules manifests
+COPY go.mod go.mod
+COPY go.sum go.sum
+
+# cache deps before building and copying source so that we don't need to re-download as much
+# and so that source changes don't invalidate our downloaded layer
+RUN go mod download
+
+# Copy the go source
+COPY main.go main.go
+COPY pkg/ pkg/
+
+# Copy .git files as the build process builds the current commit id into the binary via ldflags.
+# We removed this entry as changes in the repository makes all cached layers invalid leading to rebuilding all layers.
+# TODO resolve COMMIT_ID
+#COPY .git .git
+
+# Copy build files
+COPY build build
+COPY Makefile Makefile
+
+# Build
+RUN go mod vendor
+RUN make compile-generic
+
+# Use distroless as minimal base image to package the manager binary
+# Refer to https://github.com/GoogleContainerTools/distroless for more details
+FROM gcr.io/distroless/static:nonroot
+LABEL maintainer="hello@cloudogu.com" \
+      NAME="k8s-host-change" \
+      VERSION="0.1.0"
+
+WORKDIR /
+
+# the linter has a problem with the valid colon-syntax
+# dockerfile_lint - ignore
+USER 15000:15000
+
+
+COPY --chown=15000:15000 --from=builder /workspace/target/k8s-host-change .
+
+ENTRYPOINT ["/k8s-host-change"]

Jenkinsfile

@@ -31,6 +31,10 @@ node('docker') {
             make 'clean'
         }
 
+        stage('Lint') {
+            lintDockerfile()
+        }
+
         stage('Check Markdown Links') {
             Markdown markdown = new Markdown(this)
             markdown.check()
@@ -49,6 +53,10 @@ node('docker') {
                                 make 'unit-test'
                                 junit allowEmptyResults: true, testResults: 'target/unit-tests/*-tests.xml'
                             }
+
+                            stage("Review dog analysis") {
+                                stageStaticAnalysisReviewDog()
+                            }
                         }
 
         stage("Lint k8s Resources") {
@@ -59,55 +67,7 @@ node('docker') {
             stageStaticAnalysisSonarQube()
         }
 
-        K3d k3d = new K3d(this, "${WORKSPACE}", "${WORKSPACE}/k3d", env.PATH)
-
-        try {
-            Makefile makefile = new Makefile(this)
-            String hostChangeVersion = makefile.getVersion()
-
-            stage('Set up k3d cluster') {
-                k3d.startK3d()
-            }
-
-            def imageName
-            stage('Build & Push Image') {
-                imageName = k3d.buildAndPushToLocalRegistry("cloudogu/${repositoryName}", hostChangeVersion)
-            }
-
-            stage('Setup') {
-                k3d.setup("v0.12.0", [
-                        dependencies: ["official/postfix"],
-                        defaultDogu : ""
-                ])
-            }
-
-            GString sourceJobYaml = "k8s/k8s-host-change.yaml"
-            stage('Update development resources') {
-                docker.image('mikefarah/yq:4.22.1')
-                        .mountJenkinsUser()
-                        .inside("--volume ${WORKSPACE}:/workdir -w /workdir") {
-                            sh "yq -i '(select(.kind == \"Job\").spec.template.spec.containers[]|select(.name == \"k8s-host-change\")).image=\"${imageName}\"' ${sourceJobYaml}"
-                        }
-            }
-
-            stage('Deploy host-change Job') {
-                k3d.kubectl("apply -f ${sourceJobYaml}")
-            }
-
-            stage('Wait for Ready Rollout') {
-                k3d.kubectl("--namespace default wait --for=condition=Ready pods --all")
-            }
-
-            stage('Restore development resources') {
-                sh "git restore ${sourceJobYaml}"
-            }
-
-            stageAutomaticRelease()
-        } finally {
-            stage('Remove k3d cluster') {
-                k3d.deleteK3d()
-            }
-        }
+        stageAutomaticRelease()
     }
 }
 
@@ -122,9 +82,6 @@ void gitWithCredentials(String command) {
 
 void stageLintK8SResources() {
     String kubevalImage = "cytopia/kubeval:0.13"
-    Makefile makefile = new Makefile(this)
-    String hostChangeVersion = makefile.getVersion()
-
     docker
             .image(kubevalImage)
             .inside("-v ${WORKSPACE}/k8s:/data -t --entrypoint=")

Makefile

@@ -1,6 +1,6 @@
 # Set these to the desired values
 ARTIFACT_ID=k8s-host-change
-VERSION=0.0.1
+VERSION=0.1.0
 
 GOTAG?=1.20.2
 MAKEFILES_VERSION=7.5.0
@@ -78,6 +78,6 @@ template-log-level:
 ##@ Release
 
 .PHONY: job-release
-setup-release: ## Interactively starts the release workflow.
+job-release: ## Interactively starts the release workflow.
 	@echo "Starting git flow release..."
 	@build/make/release.sh host-change

docs/operations/change_internal_ip_de.md

@@ -0,0 +1,22 @@
+# Konfiguration einer internen IP für eine Split-DNS-Konfiguration
+
+Das `k8s-ecosystem` bietet die Möglichkeit das System in einer Split-DNS-Konfiguration zu betreiben.
+Dabei kann ein externer Reverse-Proxy vor dem `k8s-ecosystem` betrieben werden, der unter der im CES konfigurierten
+FQDN erreichbar ist. Die Verwendung einer internen IP verhindert, dass interne Requests der Dogus nicht über diesen 
+externen Proxy geleitet werden.
+
+Dieser Job bietet die Möglichkeit die interne IP während einer laufenden CES-Instanz zu konfigurieren.
+Dabei werden die Registry-Werte `config/_global/use_internal_ip` und `config/_global/internal_ip` ausgewertet
+und anschließend die Deployments aller Dogus angepasst.
+
+Achtung diese Änderung bewirkt, dass alle Dogus neu gestartet werden.
+
+Download und Anwendung der Job-Ressourcen:
+
+<!-- markdown-link-check-disable -->
+[YAML-Ressourcen](https://dogu.cloudogu.com/api/v1/k8s/k8s/k8s-host-change)
+
+```bash
+kubectl apply -f <fileName>.yaml --namespace ecosystem
+```
+

docs/operations/change_internal_ip_en.md

@@ -0,0 +1,21 @@
+# Configuration of an internal IP for a split DNS configuration.
+
+The `k8s-ecosystem` offers the possibility to operate the system in a split DNS configuration.
+In this case, an external reverse proxy can be operated in front of the `k8s-ecosystem`, which can be accessed under the
+FQDN configured in the CES. The use of an internal IP prevents internal requests from the Dogus being routed via 
+this external proxy.
+
+This job offers the possibility to configure the internal IP while a CES instance is running.
+The registry values `config/_global/use_internal_ip` and `config/_global/internal_ip` will be evaluated
+and then the deployments of all dogus are adjusted.
+
+Attention this change causes all dogus to be restarted.
+
+Download and apply the job resources:
+
+<!-- markdown-link-check-disable -->
+[YAML resources](https://dogu.cloudogu.com/api/v1/k8s/k8s/k8s-host-change)
+
+```bash
+kubectl apply -f <fileName>.yaml --namespace ecosystem
+```

go.mod

@@ -1,3 +1,78 @@
 module github.com/cloudogu/k8s-host-change
 
 go 1.20
+
+require (
+	github.com/bombsimon/logrusr/v2 v2.0.1
+	github.com/cloudogu/cesapp-lib v0.11.0
+	github.com/go-logr/logr v1.2.3
+	github.com/hashicorp/go-multierror v1.1.1
+	github.com/sirupsen/logrus v1.8.1
+	github.com/stretchr/testify v1.8.1
+	k8s.io/api v0.26.3
+	k8s.io/apimachinery v0.26.3
+	k8s.io/client-go v0.26.1
+	k8s.io/utils v0.0.0-20221128185143-99ec85e7a448
+	sigs.k8s.io/controller-runtime v0.14.5
+)
+
+require (
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/coreos/go-semver v0.3.0 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/eapache/go-resiliency v1.2.0 // indirect
+	github.com/emicklei/go-restful/v3 v3.9.0 // indirect
+	github.com/evanphx/json-patch v4.12.0+incompatible // indirect
+	github.com/evanphx/json-patch/v5 v5.6.0 // indirect
+	github.com/fsnotify/fsnotify v1.6.0 // indirect
+	github.com/go-openapi/jsonpointer v0.19.5 // indirect
+	github.com/go-openapi/jsonreference v0.20.0 // indirect
+	github.com/go-openapi/swag v0.19.14 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/google/gnostic v0.5.7-v3refs // indirect
+	github.com/google/go-cmp v0.5.9 // indirect
+	github.com/google/gofuzz v1.1.0 // indirect
+	github.com/google/uuid v1.1.2 // indirect
+	github.com/hashicorp/errwrap v1.0.0 // indirect
+	github.com/imdario/mergo v0.3.6 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/mailru/easyjson v0.7.6 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/prometheus/client_golang v1.14.0 // indirect
+	github.com/prometheus/client_model v0.3.0 // indirect
+	github.com/prometheus/common v0.37.0 // indirect
+	github.com/prometheus/procfs v0.8.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/stretchr/objx v0.5.0 // indirect
+	go.etcd.io/etcd/api/v3 v3.5.5 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.5.5 // indirect
+	go.etcd.io/etcd/client/v2 v2.305.5 // indirect
+	golang.org/x/net v0.7.0 // indirect
+	golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b // indirect
+	golang.org/x/sys v0.5.0 // indirect
+	golang.org/x/term v0.5.0 // indirect
+	golang.org/x/text v0.7.0 // indirect
+	golang.org/x/time v0.3.0 // indirect
+	gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
+	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/protobuf v1.28.1 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/apiextensions-apiserver v0.26.1 // indirect
+	k8s.io/component-base v0.26.1 // indirect
+	k8s.io/klog/v2 v2.80.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect
+	sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
+	sigs.k8s.io/yaml v1.3.0 // indirect
+)