Merge pull request #9 from jpopelka/mix

Simplify
packit · Nov 23, 2022 · 7389fa7 · 7389fa7
2 parents afceb68 + 2578cc9
commit 7389fa7
Show file tree

Hide file tree

Showing 11 changed files with 89 additions and 159 deletions.
diff --git a/Makefile b/Makefile
@@ -0,0 +1,5 @@
+packit-service-validation-install:
+	make -C ocp-deployments/packit-service-validation install
+
+packit-service-validation-dryrun:
+	make -C ocp-deployments/packit-service-validation dryrun
diff --git a/README.md b/README.md
@@ -1,6 +1,5 @@
-# udp
+# [Unified Openshift Deployment Process](https://docs.google.com/presentation/d/1MlLuuawzxJg6U15zbPby6JAtNNEWZAhfGEWNcpYSWeo)
 
-[Unified Openshift deployment Project](https://docs.google.com/presentation/d/1MlLuuawzxJg6U15zbPby6JAtNNEWZAhfGEWNcpYSWeo)
 for the [Packit Service Validation](https://github.com/packit/deployment/tree/main/cron-jobs/packit-service-validation).
 
 To deploy the *Packit Service Validation* through *Helm* follow this steps:
@@ -10,43 +9,51 @@ To deploy the *Packit Service Validation* through *Helm* follow this steps:
 Helm uses an **image** created through a GitHub action and pushed to Quay.io,
 the **tag** for this image is the first *7 digit for the commit SHA* of the packit/deployment repo.
 
-To use a new image update the referenced tag [here](https://github.com/packit/udp/blob/main/ocp-deployments/packit-service-validation-prod.yaml#L18).
+To use a new image update the referenced tag
+[here](https://github.com/packit/udp/blob/main/ocp-deployments/packit-service-validation-prod.yaml#L18).
 
-Copy your OpenShift *API token* from the [PSI Cluster](https://ocp4.psi.redhat.com/)
+### Install Helm Chart
 
-```
-git clone https://github.com/packit/udp.git
-oc login --token=sha256~....  --server= ....
-oc project cyborg
-export PACKIT_SENTRY=$( echo -n 'token from bitwarden' | base64 )
-export PACKIT_GITHUB_TOKEN=$( echo -n 'token from bitwarden' | base64 )
-```
+Login to OpenShift cluster and switch to proper project. In case of packit-service validation
+it's `cyborg` project @ [PSI Cluster](https://ocp4.psi.redhat.com).
 
-### Install Helm Chart
+    oc login --token=sha256~....  --server= ....
+    oc project cyborg
+
+Get secrets from Bitwarden.
+Sentry from `extra-vars.yml` in `secrets-packit-[prod|stg]` item and
+GitHub token from `Release/usercont bot` item.
+
+    export SENTRY=$( echo -n 'token from bitwarden' | base64 )
+    export GITHUB=$( echo -n 'token from bitwarden' | base64 )
+
+#### Install from this repo
+
+    make packit-service-validation-install DEPLOYMENT=[production|staging]
+
+#### Install from chart repository
+
+If you're going to use the chart from outside (without having this repo cloned),
+you can install the chart from our chart repository. You just need to have a file
+with keys overriding those defined in `values.yaml` with `~` value.
+
+    helm repo add packit https://helm.packit.dev
+    helm repo update
+    helm upgrade --install --cleanup-on-fail packit-service-validation packit/packit-service-validation --set secrets.sentry=${SENTRY} --set secrets.github=${GITHUB} --values your-values-file.yaml
 
-#### From this repo
-```
-helm upgrade --install --cleanup-on-fail packit-service-validation ocp-helm-charts/packit-service-validation/ --set secrets.sentry=${PACKIT_SENTRY} --set secrets.github=${PACKIT_GITHUB_TOKEN} --values ocp-deployments/packit-service-validation-prod.yaml
-```
+### Render templates
 
-#### From chart repository
-```
-helm repo add packit https://helm.packit.dev
-helm repo update
-helm upgrade --install --cleanup-on-fail packit-service-validation packit/packit-service-validation --set secrets.sentry=${PACKIT_SENTRY} --set secrets.github=${PACKIT_GITHUB_TOKEN} --values ocp-deployments/packit-service-validation-prod.yaml
-```
+If you just want to see how the rendered templates would look like:
 
-### Uninstall Helm Chart
-```
-helm uninstall packit-service-validation
-```
+    make packit-service-validation-dryrun DEPLOYMENT=[production|staging]
 
 ### Releases
-There's a [release workflow](.github/workflows/release.yml) to automate releasing the Helm charts.
-It uses [Helm Chart Releaser Action](https://github.com/marketplace/actions/helm-chart-releaser)
+There's a [release workflow](https://github.com/packit/udp/blob/main/.github/workflows/release.yml)
+to automate releasing the Helm charts. It uses
+[Helm Chart Releaser Action](https://github.com/marketplace/actions/helm-chart-releaser)
 which turns this project into a self-hosted Helm chart repository.
 It does this – during every push to `main` – by checking each chart in the project,
 and whenever there's a new chart version, creates a corresponding GitHub release
 named for the chart version, adds Helm chart artifacts to the release,
 and creates or updates an `index.yaml` file with metadata about those releases,
-which is then hosted on GitHub Pages at https://helm.packit.dev.
+which is then hosted on GitHub Pages at [helm.packit.dev](https://helm.packit.dev).
diff --git a/ocp-deployments/packit-service-validation-prod.yaml b/ocp-deployments/packit-service-validation-prod.yaml
diff --git a/ocp-deployments/packit-service-validation/Makefile b/ocp-deployments/packit-service-validation/Makefile
@@ -0,0 +1,7 @@
+DEPLOYMENT ?= production
+
+install:
+	helm upgrade $(EXTRA_OPTIONS) --install --cleanup-on-fail packit-$(DEPLOYMENT)-validation ../../ocp-helm-charts/packit-service-validation/ --set secrets.sentry=${SENTRY} --set secrets.github=${GITHUB} --values $(DEPLOYMENT).yaml
+
+dryrun:
+	make install EXTRA_OPTIONS="--debug --dry-run"
diff --git a/ocp-deployments/packit-service-validation/production.yaml b/ocp-deployments/packit-service-validation/production.yaml
@@ -0,0 +1,4 @@
+deployment: production
+
+image:
+  tag: 2c35a8a
diff --git a/ocp-deployments/packit-service-validation/staging.yaml b/ocp-deployments/packit-service-validation/staging.yaml
@@ -0,0 +1,4 @@
+deployment: staging
+
+image:
+  tag: 2c35a8a
diff --git a/ocp-helm-charts/packit-service-validation/Chart.yaml b/ocp-helm-charts/packit-service-validation/Chart.yaml
@@ -2,14 +2,13 @@ apiVersion  : v2
 name        : packit-service-validation
 description : Helm chart for deploying packit-service-validation app
 type        : application
-version     : 1.0.0
-appVersion  : "1.0.0"
+version     : 1.1.0
 
 keywords:
   - python
   - unified
   - deployment
 
 maintainers:
-  - name : Serhii Turivnyi
-    email: [email protected]
+  - name: The Packit team
+    url: https://packit.dev
diff --git a/ocp-helm-charts/packit-service-validation/templates/job-run-validation.yml b/ocp-helm-charts/packit-service-validation/templates/job-run-validation.yml
@@ -1,48 +1,32 @@
+# https://docs.openshift.com/container-platform/4.11/rest_api/workloads_apis/cronjob-batch-v1.html
 apiVersion: batch/v1
 kind: CronJob
 metadata:
-  name: {{ .Values.cronjob_name }}
+  name: {{ .Release.Name }}
 spec:
-  schedule: "{{ .Values.cron.schedule }}"
-  concurrencyPolicy: {{ .Values.cron.concurrencyPolicy }}
-  startingDeadlineSeconds: {{ .Values.cron.startingDeadlineSeconds }}
-  suspend: {{ .Values.cron.suspend }}
-  successfulJobsHistoryLimit: {{ .Values.cron.successfulJobsHistoryLimit }}
-  failedJobsHistoryLimit: {{ .Values.cron.failedJobsHistoryLimit }}
+  schedule: {{ .Values.cronjob.schedule | quote }}
   jobTemplate:
-    metadata:
-      annotations:
-        timestamp: {{ now | quote }}
-      creationTimestamp: null
-      labels:
-        app: {{ .Values.app_name }}
-        deploymentconfig: {{ .Values.app_name }}
     spec:
+      activeDeadlineSeconds: {{ .Values.cronjob.activeDeadlineSeconds }}
       template:
-        metadata:
-          annotations:
-            timestamp: {{ now | quote }}
-          creationTimestamp: null
-          labels:
-            app: {{ .Values.app_name }}
-            deploymentconfig: {{ .Values.app_name }}
         spec:
           containers:
-          - name: {{ .Values.container.name }}
-            image: {{ .Values.image.repo }}:{{ .Values.image.tag }}
-            command: ["python3", "/usr/bin/packit-service-validation.py"]
+          - name: run-validation
+            image: "{{ .Values.image.repo }}:{{ .Values.image.tag }}"
             imagePullPolicy: IfNotPresent
             env:
             - name: GITHUB_TOKEN
               valueFrom:
                 secretKeyRef:
-                  name: {{ .Values.env_variables.github_token.name }}
-                  key: {{ .Values.env_variables.github_token.key }}
+                  name: {{ .Release.Name }}-github
+                  key: token
             - name: SENTRY_SECRET
               valueFrom:
                 secretKeyRef:
-                  name: {{ .Values.env_variables.sentry_secret.name }}
-                  key: {{ .Values.env_variables.sentry_secret.key }}
+                  name: {{ .Release.Name }}-sentry
+                  key: dsn
             - name: DEPLOYMENT
-              value: {{ .Values.env_variables.deployment.value }}
+              value: {{ .Values.deployment }}
+            resources:
+              {{- toYaml .Values.resources | nindent 14 }}
           restartPolicy: OnFailure
diff --git a/ocp-helm-charts/packit-service-validation/templates/secret-github.yaml b/ocp-helm-charts/packit-service-validation/templates/secret-github.yaml
@@ -1,8 +1,8 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: packit-github-token
-  namespace: {{ .Values.namespace }}
+  name: {{ .Release.Name }}-github
+  namespace: {{ .Release.Namespace }}
 type: Opaque
 data:
   token: "{{ .Values.secrets.github }}"
diff --git a/ocp-helm-charts/packit-service-validation/templates/secret-sentry.yml b/ocp-helm-charts/packit-service-validation/templates/secret-sentry.yml
@@ -1,8 +1,8 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: packit-sentry
-  namespace: {{ .Values.namespace }}
+  name: {{ .Release.Name }}-sentry
+  namespace: {{ .Release.Namespace }}
 type: Opaque
 data:
-  sentry: "{{ .Values.secrets.sentry }}"
+  dsn: "{{ .Values.secrets.sentry }}"
diff --git a/ocp-helm-charts/packit-service-validation/values.yaml b/ocp-helm-charts/packit-service-validation/values.yaml
@@ -1,52 +1,27 @@
-# This name will be displayed as an app name in the OpenShift
-app_name: packit-service-validation
-# The OpenShift project name
-oc_namespace: ~
+deployment: ~
 
-# Cron job name
-cronjob_name: packit-service-validation
-
-# Container name
-container:
-  name: run-validation
+# Cron job parameters
+cronjob:
+  # runs every day at 4 a.m.
+  schedule: "0 4 * * *"
+  # maximum duration is 4 hours
+  activeDeadlineSeconds: 14400
 
-# The image that will be used for deployment
+# Container image
 image:
   # Image repository without a tag
   repo: quay.io/packit/packit-service-validation
   # Image tag
   tag: ~
 
-# The git repository from which code will be built
-git:
-  uri: https://github.com/packit/deployment.git
-
-# App environment variables
-env_variables:
-  github_token:
-    name: packit-github-token
-    key: token
-  sentry_secret:
-    name: packit-sentry
-    key: sentry
-  deployment:
-    value: production
-
-# Cron job parameters
-cron:
-  # Schedule
-  schedule:
-  concurrencyPolicy: "Allow"
-  startingDeadlineSeconds: ~
-  suspend: false
-  successfulJobsHistoryLimit: 5
-  failedJobsHistoryLimit: 5
-
-# Pod resources requested and maximum
+# Pod resources maximum
 resources:
   limits:
     cpu: "100m"
     memory: "80Mi"
+  requests:
+    cpu: "100m"
+    memory: "80Mi"
 
 # Secrets
 secrets: