Merge branch 'main' into helm-git-example

Racer159 · web-flow · commit 68825e30e2e7 · 2023-04-21T18:08:45.000-05:00
diff --git a/examples/big-bang/config/disable-all.yaml b/examples/big-bang/config/disable-all.yaml
@@ -2,7 +2,7 @@
 istio:
   enabled: false
 
-istiooperator:
+istioOperator:
   enabled: false
 
 jaeger:
@@ -20,16 +20,16 @@ gatekeeper:
 kyverno:
   enabled: false
 
-kyvernopolicies:
+kyvernoPolicies:
   enabled: false
 
-kyvernoreporter:
+kyvernoReporter:
   enabled: false
 
-logging:
+elasticsearchKibana:
   enabled: false
 
-eckoperator:
+eckOperator:
   enabled: false
 
 fluentbit:
@@ -53,5 +53,6 @@ monitoring:
 twistlock:
   enabled: false
 
-metricsServer:
-  enabled: false
+addons:
+  metricsServer:
+    enabled: false
diff --git a/examples/big-bang/config/kyverno.yaml b/examples/big-bang/config/kyverno.yaml
@@ -5,7 +5,7 @@ clusterAuditor:
   enabled: false
 kyverno:
   enabled: true
-kyvernopolicies:
+kyvernoPolicies:
   enabled: true
   values:
     policies:
diff --git a/examples/big-bang/config/loki.yaml b/examples/big-bang/config/loki.yaml
@@ -1,13 +1,13 @@
 # Use Loki instead of EFK
-logging:
+elasticsearchKibana:
   enabled: false
 
-eckoperator:
+eckOperator:
   enabled: false
 
 fluentbit:
   enabled: false
-  
+
 loki:
   enabled: true
 
diff --git a/examples/big-bang/zarf.yaml b/examples/big-bang/zarf.yaml
@@ -3,7 +3,7 @@ metadata:
   name: big-bang-example
   description: "Deploy Big Bang Core"
   # renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/
-  version: 1.57.1
+  version: 2.0.0
   url: https://p1.dso.mil/products/big-bang
   # Big Bang / Iron Bank are only amd64
   architecture: amd64
@@ -19,7 +19,7 @@ components:
     extensions:
       bigbang:
         # renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/
-        version: 1.57.1
+        version: 2.0.0
         valuesFiles:
           # Istio configs
           - config/ingress.yaml
diff --git a/src/extensions/bigbang/bigbang.go b/src/extensions/bigbang/bigbang.go
@@ -387,7 +387,7 @@ func addBigBangManifests(manifestDir string, cfg *extensions.BigBang) (types.Zar
 	}
 
 	// Create the zarf-credentials secret manifest.
-	if err := addManifest("bb-ext-zarf-credentials.yaml", manifestZarfCredentials()); err != nil {
+	if err := addManifest("bb-ext-zarf-credentials.yaml", manifestZarfCredentials(cfg.Version)); err != nil {
 		return manifest, err
 	}
 
diff --git a/src/extensions/bigbang/manifests.go b/src/extensions/bigbang/manifests.go
@@ -11,6 +11,7 @@ import (
 	"regexp"
 	"strings"
 
+	"github.com/Masterminds/semver/v3"
 	"github.com/defenseunicorns/zarf/src/types/extensions"
 	fluxHelmCtrl "github.com/fluxcd/helm-controller/api/v2beta1"
 	fluxSrcCtrl "github.com/fluxcd/source-controller/api/v1beta2"
@@ -20,18 +21,7 @@ import (
 
 var nonAlphnumeric = regexp.MustCompile("[^a-zA-Z0-9]+")
 
-func manifestZarfCredentials() corev1.Secret {
-	return corev1.Secret{
-		TypeMeta: metav1.TypeMeta{
-			Kind:       "Secret",
-			APIVersion: "v1",
-		},
-		ObjectMeta: metav1.ObjectMeta{
-			Namespace: bb,
-			Name:      "zarf-credentials",
-		},
-		StringData: map[string]string{
-			"values.yaml": `
+const bbV1ZarfCredentialsValues = `
 registryCredentials:
   registry: "###ZARF_REGISTRY###"
   username: "zarf-pull"
@@ -42,14 +32,56 @@ git:
   # -- HTTP git credentials, both username and password must be provided
     username: "###ZARF_GIT_PUSH###"
     password: "###ZARF_GIT_AUTH_PUSH###"
+# -- Big Bang v1 Kyverno Support
 kyvernopolicies:
   values:
     exclude:
       any:
       - resources:
           namespaces:
-          - zarf # don't have kyverno prevent zarf from doing zarf things
-            `,
+          - zarf # don't have Kyverno prevent Zarf from doing zarf things
+          `
+
+const bbV2ZarfCredentialsValues = `
+registryCredentials:
+  registry: "###ZARF_REGISTRY###"
+  username: "zarf-pull"
+  password: "###ZARF_REGISTRY_AUTH_PULL###"
+git:
+  existingSecret: "private-git-server"	# -- Chart created secrets with user defined values
+  credentials:
+  # -- HTTP git credentials, both username and password must be provided
+    username: "###ZARF_GIT_PUSH###"
+    password: "###ZARF_GIT_AUTH_PUSH###"
+# -- Big Bang v2 Kyverno Support
+kyvernoPolicies:
+  values:
+    exclude:
+      any:
+      - resources:
+          namespaces:
+          - zarf # don't have Kyverno prevent Zarf from doing zarf things
+          `
+
+func manifestZarfCredentials(version string) corev1.Secret {
+	values := bbV1ZarfCredentialsValues
+
+	semverVersion, err := semver.NewVersion(version)
+	if err != nil && semverVersion.Major() == 2 {
+		values = bbV2ZarfCredentialsValues
+	}
+
+	return corev1.Secret{
+		TypeMeta: metav1.TypeMeta{
+			Kind:       "Secret",
+			APIVersion: "v1",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Namespace: bb,
+			Name:      "zarf-credentials",
+		},
+		StringData: map[string]string{
+			"values.yaml": values,
 		},
 	}
 }
diff --git a/src/extensions/bigbang/test/bigbang_test.go b/src/extensions/bigbang/test/bigbang_test.go
@@ -49,7 +49,8 @@ func TestReleases(t *testing.T) {
 
 	// Build the previous version
 	bbVersion := fmt.Sprintf("--set=BB_VERSION=%s", previous)
-	zarfExec(t, "package", "create", "../src/extensions/bigbang/test/package", bbVersion, "--confirm")
+	bbMajor := fmt.Sprintf("--set=BB_MAJOR=%s", previous[0:1])
+	zarfExec(t, "package", "create", "../src/extensions/bigbang/test/package", bbVersion, bbMajor, "--confirm")
 
 	// Deploy the previous version
 	pkgPath := fmt.Sprintf("zarf-package-big-bang-test-amd64-%s.tar.zst", previous)
@@ -69,7 +70,8 @@ func TestReleases(t *testing.T) {
 
 	// Build the latest version
 	bbVersion = fmt.Sprintf("--set=BB_VERSION=%s", latest)
-	zarfExec(t, "package", "create", "../src/extensions/bigbang/test/package", bbVersion, "--confirm")
+	bbMajor = fmt.Sprintf("--set=BB_MAJOR=%s", latest[0:1])
+	zarfExec(t, "package", "create", "../src/extensions/bigbang/test/package", bbVersion, bbMajor, "--confirm")
 
 	// Clean up zarf cache now that all packages are built to reduce disk pressure
 	zarfExec(t, "tools", "clear-cache")
diff --git a/src/extensions/bigbang/test/package/disable-all-bb1.yaml b/src/extensions/bigbang/test/package/disable-all-bb1.yaml
@@ -53,5 +53,6 @@ monitoring:
 twistlock:
   enabled: false
 
-metricsServer:
-  enabled: false
+addons:
+  metricsServer:
+    enabled: false
diff --git a/src/extensions/bigbang/test/package/disable-all-bb2.yaml b/src/extensions/bigbang/test/package/disable-all-bb2.yaml
@@ -0,0 +1,58 @@
+# Disable everything
+istio:
+  enabled: false
+
+istioOperator:
+  enabled: false
+
+jaeger:
+  enabled: false
+
+kiali:
+  enabled: false
+
+clusterAuditor:
+  enabled: false
+
+gatekeeper:
+  enabled: false
+
+kyverno:
+  enabled: false
+
+kyvernoPolicies:
+  enabled: false
+
+kyvernoReporter:
+  enabled: false
+
+elasticsearchKibana:
+  enabled: false
+
+eckOperator:
+  enabled: false
+
+fluentbit:
+  enabled: false
+
+promtail:
+  enabled: false
+
+loki:
+  enabled: false
+
+neuvector:
+  enabled: false
+
+tempo:
+  enabled: false
+
+monitoring:
+  enabled: false
+
+twistlock:
+  enabled: false
+
+addons:
+  metricsServer:
+    enabled: false
diff --git a/src/extensions/bigbang/test/package/zarf.yaml b/src/extensions/bigbang/test/package/zarf.yaml
@@ -19,5 +19,5 @@ components:
       bigbang:
         version: "###ZARF_PKG_TMPL_BB_VERSION###"
         valuesFiles:
-          - disable-all.yaml
+          - disable-all-bb###ZARF_PKG_TMPL_BB_MAJOR###.yaml
           - enable-twistlock.yaml

Original file line number	Diff line number	Diff line change
`@@ -387,7 +387,7 @@ func addBigBangManifests(manifestDir string, cfg *extensions.BigBang) (types.Zar`
`387`	`387`	`}`
`388`	`388`
`389`	`389`	`// Create the zarf-credentials secret manifest.`
`390`		`- if err := addManifest("bb-ext-zarf-credentials.yaml", manifestZarfCredentials()); err != nil {`
	`390`	`+ if err := addManifest("bb-ext-zarf-credentials.yaml", manifestZarfCredentials(cfg.Version)); err != nil {`
`391`	`391`	`return manifest, err`
`392`	`392`	`}`
`393`	`393`