diff --git a/.github/workflows/package_and_push_helm_chart.yaml b/.github/workflows/package_and_push_helm_chart.yaml index ba9a210..b4e8949 100644 --- a/.github/workflows/package_and_push_helm_chart.yaml +++ b/.github/workflows/package_and_push_helm_chart.yaml @@ -7,15 +7,9 @@ on: - release workflow_dispatch: inputs: - name: - description: "Manual trigger for Helm chart packaging and pushing" - release_type: - description: "Release or snapshot version?" - required: true - default: "SNAPSHOT" - options: - - "SNAPSHOT" - - "RELEASE" + version: + description: "Version of the Helm chart to push" + required: false jobs: deploy: @@ -25,6 +19,21 @@ jobs: - name: Checkout code uses: actions/checkout@v4 + - name: Prepare version + run: | + VERSION=$(cat ./VERSION) + BRANCH=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}} + echo "Building images from the branch: $BRANCH" + if [ $BRANCH != "release" ]; then + VERSION=$VERSION-SNAPSHOT + fi + # override version of custom input is provided + if [[ -n "${{ github.event.inputs.version }}" ]]; then + VERSION=${{ github.event.inputs.version }} + fi + echo "Helm charts version to be deployed: $VERSION" + echo "VERSION=$VERSION" >> $GITHUB_ENV + - name: Setup Helm uses: azure/setup-helm@v4.1.0 with: @@ -39,20 +48,14 @@ jobs: helm repo add codecentric https://codecentric.github.io/helm-charts helm dependency update "charts/fairspace-keycloak" - - name: Prepare version + - name: Lint Helm chart run: | - VERSION=$(cat ./VERSION) - if [[ ${{ github.event.inputs.release_type }} = "SNAPSHOT" ]] || [[ $BRANCH = "dev" ]]; then - VERSION=$VERSION-SNAPSHOT - fi - echo "VERSION=$VERSION" >> $GITHUB_ENV + helm lint "charts/fairspace-keycloak" - - name: Package and Push Helm chart to repository + - name: Package Helm chart run: | helm package "charts/fairspace-keycloak" --version ${{ env.VERSION }} - helm push "fairspace-keycloak-${{ env.VERSION }}.tgz" "oci://${{ vars.HELM_REGISTRY }}" - echo "Pushed package to repository" - - name: Clean up + - name: Push Helm chart to repository run: | - rm -rf "fairspace-keycloak*.tgz" + helm push "fairspace-keycloak-${{ env.VERSION }}.tgz" "oci://${{ vars.HELM_REGISTRY }}" diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 304f861..0000000 --- a/.travis.yml +++ /dev/null @@ -1,84 +0,0 @@ -dist: jammy - -language: java - -env: - global: - - NODE_VERSION="18.16.0" - - APPNAME="fairspace-keycloak" - - ORG="thehyve" - - ARTIFACT_BUILD_FILE="" - - BUILD_SCRIPTS_REPO="thehyve/fairspace-build-scripts" - - DEPLOYMENT_CONFIG_REPO="thehyve/fairspace-config-private" - - ACCOUNT_CONFIG_DIR="./.travis" - - RELEASE_BRANCH="release" - - SNAPSHOT_BRANCH="dev" - - DOCKER_USERNAME="fairspace" - - GCP_PROJECT="fairspace-207108" - - GITHUB_USERNAME="fairspace-ci" - - SHOULD_DEPLOY=false - # DEPLOYMENT RELATED VARIABLES - REQUIRED IF SHOULD_DEPLOY=true - # - SNAPSHOT_CONTEXT="gke_fairspace-207108_europe-west1-b_fairspacecicluster" - # - SNAPSHOT_CLUSTER_NAME="fairspacecicluster" - # - SNAPSHOT_CLUSTER_ZONE="europe-west1-b" - # - RELEASE_CONTEXT="gke_fairspace-207108_europe-west1-b_fairspacecicluster" - # - RELEASE_CLUSTER_NAME="fairspacecicluster" - # - RELEASE_CLUSTER_ZONE="europe-west1-b" - - # DOCKER_PASSWORD=... - - secure: "vXd6WTtZ5wO5hXi2Tm9lgSDWXkf8MyZ+zkSKr0DNXRqBFPPGpifzhB8qN1qRYVLD8UsdrFwU4q53kxqlmWd6/P9dQkFuFpkouZkax4LRoP7QhRbxcLUcbcqEui4pA579uAIynu61q+furr+4Yl6RcTTG6nE9T43eofgGQqf0haVRM9hYeeMXjHGBNPooHJepGxFqpMBSN/+nb3MoB9dOzqc+dvj99Z5BLiAnl5t9ZCHcqTaLlZpwhWY+vR5WyEj7D2mkAiswXmRCOB7n0z2dN/mxDvMLtXAM7pfmmpQUoZYI8bGUc2zBnzKb5slSvvVG4vgZKx0Tv8RDQnpj7geLmIoiWYfz4wGolp1kn4tvjIA5pSx/xXxpOAX/dVAM9hvtOYt48Unr76UzpQm1e3+2DYIZdf0jz5n9V3H2ZqYY81UWFI8nSTmvaO/dw3GtLiPts/+FAHPsXVAkUFmDf0AGrIXIQ7P31pLgtXwXMslr7HkDUDmdN3PMHn30QhJWsaFe+MWXKnqNjCgIfflHpmAVBkbjsKWG1wpsNUHB66rq3U9UPCXpxu1XVpJLxT5QfVXR8p10s4YBvhwHHqhBDbMETTCYz4Q5T7YwgWIU0JTwCut+OMmW4rR3IAwmgIF0Pnr64y+fZL+qNXSJp/W/wrN84ZoGFGBflSnaCIhK7dm+paA=" - - # GITHUB_PASSWORD=.... - - secure: "HGHpt9j5qHkz6lsXYiEB+sxorhOw5g1r+Ys3S8cuPoxsAkLp3xfopAZ/+4ICX2gSSkyWh1tymTkAjFyt+C97Ejv9Jy03PQRRVbv5YxtD515y3ZP9qbN5OjZnfJjAJMATP2yYQczfH05XBHTEgF/RsGEpV+dxyEdD2ZSyeMfxGnjng3EHh34sMv4Vppf56V7al30i+g5gCO4gQrAAJ+UXtfePKcvp9/WuLDJRtyTO6vt1xkF9W5FrMOLNntnOy4rRV7TzgkhkUzDcxyEoA7uFWlV55Wf7SHiqtF4dtlYs3euZZ8ocbkqYL6y7wmPIOke/Ib7SmQYmulEP7lkJDH+v0RUHHMeKcMjUZdA/ADmopxuW1uQ2+V8arIFKM5Tb4GPCr6PEvOMDm5Nrauo9LuXPVmSJ5jcR6w1PAMdLjONGWJLNTKeP72T7DmikMNhjWtJl2IeevBXiDAtPW3AU++BibnkrOk3q0ENhrF/oK6e2c0PWtkDaqgQMJi2uSu9Tni8LWiwZQLmUkA/vAkllz6dwZZ9ooA26qtVAUnPeMepNLU/9+HBQio6hbtHN5hL+3Sekv/16ZgfI72Bhb8Eo3ElnXoeybAmhM5fGGSvgYtp+VEHCmXSIvW5XDgcv3f2sA60bldSuu+T5yw76EIlM7eCke+x84g7HxAPBLffGJxZqS8g=" - -cache: - directories: - - $HOME/downloads - - $HOME/.gradle - -before_install: - - nvm install $NODE_VERSION - - export KUBE_CONFIG_ENC_KEY=$encrypted_6c9f30024cb1_key - - export KUBE_CONFIG_ENC_IV=$encrypted_6c9f30024cb1_iv - - git clone https://$GITHUB_USERNAME:$GITHUB_PASSWORD@github.com/$BUILD_SCRIPTS_REPO ci - - export BUILD_SCRIPTS_DIR=$(pwd)/ci - - 'if [[ "$SHOULD_DEPLOY" = "true" ]]; then git clone https://$GITHUB_USERNAME:$GITHUB_PASSWORD@github.com/$DEPLOYMENT_CONFIG_REPO ci-config ; fi' - - 'if [[ "$SHOULD_DEPLOY" = "true" ]]; then export DEPLOYMENT_CONFIG_DIR="$(pwd)/ci-config/fairspace-keycloak" ; fi' - - 'if [[ "$SHOULD_DEPLOY" = "true" ]] && [[ "$TRAVIS_BRANCH" = "$SNAPSHOT_BRANCH" ]]; then export ALLOW_SNAPSHOTS=1 DEPLOY_TARGET=ci KUBERNETES_CONTEXT="$SNAPSHOT_CONTEXT" DEPLOY_PLATFORM="GCP" KUBERNETES_CONTEXT="$SNAPSHOT_CONTEXT" CLUSTER_NAME="$SNAPSHOT_CLUSTER_NAME" CLUSTER_ZONE="$SNAPSHOT_CLUSTER_ZONE"; fi' - - 'if [[ "$SHOULD_DEPLOY" = "true" ]] && [[ "$TRAVIS_BRANCH" = "$RELEASE_BRANCH" ]]; then export DEPLOY_TARGET=test KUBERNETES_CONTEXT="$RELEASE_CONTEXT" CLUSTER_NAME="$RELEASE_CLUSTER_NAME" DEPLOY_PLATFORM="GCP" CLUSTER_ZONE="$RELEASE_CLUSTER_ZONE"; fi' - - source ./ci/setup_env.sh - - 'if [[ "$SHOULD_RELEASE" ]] ; then export NEED_INTERNAL_HELM=1 RELEASE_PLATFORM="GCP" ; fi' - -jobs: - include: - - stage: build - cache: false - name: Build helm charts - install: - - source charts/.travis/install.sh - script: - - charts/.travis/build.sh - - if: branch = release AND type != pull_request - cache: false - stage: Versioning - name: Set tag and update version - script: - - "./ci/helm/tag.sh" - - "ci/versioning/add_tag_to_git.sh" - - "ci/versioning/set_next_version.sh" - - stage: deploy - cache: false - if: env(SHOULD_DEPLOY) = true and branch = dev and type != pull_request - install: - - source charts/.travis/install.sh - script: - - travis_wait ci/helm/deploy.sh $DEPLOY_TARGET - -notifications: - slack: - rooms: - - secure: "dpJL60bCwWHBbY23/6gTUWjLFo5FXp2+56k6EoxtFFwH7a8I9RAnuxHgbNknVypY115GgSpueSSbePaSlbGeHqZ/AQ1e6q2r80RQPBe+lFSc3+0DTkq00p97xqqFjpSSTE4+wYSGldP9GVpN89LLc9wZbSeI+GH3nr/vgMjTA8OPsUFPr49n/VNnqUm4I5SA2YKxYlVZuUoWGqWqj107LBiFFgOCUSeGgeM9wafFA86rxmkNU3h77g6N4rJrx8SUZrjFg158KHsN+nfnc6kFTHx+CJg+WSPx3T7Stf0XPPQe7pDgMpOucNH7n6duqa9V6ldhG9jati9BmSa74EzxzLGuhwVUiZgWQ0dZaND6hfTQnWk3/XKI9lNyUQ5uuCYuHaT33CiEiIt/HkigFoMgX6QkCPqk9eYAfVsOLz2nnqfmtT7AMM6xcCXrHRjJ7O/ZIo1UZaR5GwUD7j3JVA6UgNzztIBr+h/CyjvRSWQklOpVAYhCmuHJ1bEfKXfUx4Qkc0k5IaoefZ5uW5Ny64VBZoQMNt5MRxysKS9/ITqY4CALSxf0oBkQbxms5Oz967zFOWhD3+QL6sHAkLkVaUro1Y89Epm1YMqAaawC0DAFvrmeDXCITuPcDpsFHWVfpPLphxLA6d+TLZ5BNrdCpCj9GpDnFD0UkQ+wodZdfI6YaVo=" - template: - - "Build <%{build_url}|#%{build_number}> (<%{compare_url}|%{commit}>) of %{repository_slug}@%{branch}" - - "Latest commit: %{commit_message} - by %{author}" - - "Result: %{result} in %{duration}" diff --git a/.travis/add_pod_annotations.sh b/.travis/add_pod_annotations.sh deleted file mode 100755 index 53577c7..0000000 --- a/.travis/add_pod_annotations.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash -# -# This script will add a pod annotations for each project that has -# been built to ensure -# that the pod will be recreated for new SNAPSHOT images -# -# Required env variables: -# $APPNAME -# $COMMIT_ID -# -DIR=$(dirname $0) - -# If we have no changes at all in any of the projects, we can skip -# pod annotations -if $DIR/build-condition.sh $TRAVIS_COMMIT_RANGE projects/; then - echo "Adding pod annotations" - - # Remove empty pod annotations - sed -i -e "s/podAnnotations: { }//" charts/fairspace-keycloak/values.yaml - - # Add a pod annotation in the values.yaml file - echo -e "\npodAnnotations:" >> charts/fairspace-keycloak/values.yaml - echo -e " fairspace-keycloak:\n commit: \"$COMMIT_ID\"\n" >> charts/fairspace-keycloak/values.yaml -fi diff --git a/.travis/ci-service-account.json.enc b/.travis/ci-service-account.json.enc deleted file mode 100644 index ff0f6bf..0000000 Binary files a/.travis/ci-service-account.json.enc and /dev/null differ diff --git a/README.md b/README.md index 1e2faf6..f15d7ae 100644 --- a/README.md +++ b/README.md @@ -4,9 +4,10 @@ This repository contains the helm chart to install and setup Keycloak. See [charts/fairspace-keycloak](charts/fairspace-keycloak/README.md) for more information. -# Deployment scripts -Deployment scripts can be found in the [fairspace-build-scripts](https://github.com/fairspace/fairspace-build-scripts) repository. They are -run by travis-ci, as setup in the `.travis.yml` file. +# Helm chart +Helm charts are packaged and published to the GitHub package registry (Packages) with GitHub Actions workflow, can be found in `.github/workflows/package_and_push_helm_chart.yaml ` + +```yaml # License diff --git a/charts/.travis/build.sh b/charts/.travis/build.sh deleted file mode 100755 index c04d69e..0000000 --- a/charts/.travis/build.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -$BUILD_SCRIPTS_DIR/helm/tag.sh -.travis/add_pod_annotations.sh -source $BUILD_SCRIPTS_DIR/helm/add_repos.sh -$BUILD_SCRIPTS_DIR/helm/build.sh - -if [[ $SHOULD_RELEASE ]]; then - $BUILD_SCRIPTS_DIR/helm/release.sh -fi diff --git a/charts/.travis/install.sh b/charts/.travis/install.sh deleted file mode 100755 index 04de0b2..0000000 --- a/charts/.travis/install.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -# shellcheck disable=SC1090 -source "$BUILD_SCRIPTS_DIR/helm/install_helm.sh" - -if [[ $SHOULD_RELEASE ]]; then - source "$BUILD_SCRIPTS_DIR/login-provider.sh" - - echo "Adding helm repositories ..." - source "$BUILD_SCRIPTS_DIR/helm/add_repos.sh" - - if [[ $SHOULD_DEPLOY = "true" ]]; then - source "$BUILD_SCRIPTS_DIR/k8s/ics_kubectl.sh" - fi - -fi diff --git a/charts/fairspace-keycloak/values.yaml b/charts/fairspace-keycloak/values.yaml index a5dcadf..447425e 100644 --- a/charts/fairspace-keycloak/values.yaml +++ b/charts/fairspace-keycloak/values.yaml @@ -20,6 +20,7 @@ fairspaceKeycloak: cpu: "500m" memory: "2048Mi" postgresql: + password: "" keycloakx: dbchecker: