feat/PL 2554/support chart refs

.github/workflows/build-publish.yaml

@@ -22,6 +22,7 @@ jobs:
         with:
           work-dir: chart
           args: --namespace my-namespace --release my-release --app-version 1.0.0 --chart-version 1.0.0
+
   test-app:
     runs-on: ubuntu-latest
     steps:
@@ -35,6 +36,10 @@ jobs:
       - name: Setup dependencies
         run: go mod download
       - name: Run tests
+        env:
+          GH_USER: nestobot
+          GH_TOKEN: ${{ secrets.TESTING_TOKEN }}
+          CATALOG_URL: https://github.com/nestoca/catalog
         run: go test ./...
   build:
     runs-on: ubuntu-latest
@@ -104,7 +109,7 @@ jobs:
         if: ${{ steps.changelog.outputs.skipped == 'false' }}
         run: |
           yq -i '.appVersion = "${{ steps.changelog.outputs.version }}"' 'chart/Chart.yaml'
-          yq -i '.version = "${{ steps.changelog.outputs.version }}"' 'chart/Chart.yaml'         
+          yq -i '.version = "${{ steps.changelog.outputs.version }}"' 'chart/Chart.yaml'
 
       - name: Commit release
         if: ${{ steps.changelog.outputs.skipped == 'false' }}
@@ -141,20 +146,20 @@ jobs:
         run: |
           ORG_NAME=${GITHUB_REPOSITORY%%/*}
           REPO_NAME=${GITHUB_REPOSITORY#*/}
-          
+
           CHART_NAME=$(yq .name ${{ github.workspace }}/chart/Chart.yaml)
-          
+
           mkdir -p ${{ runner.temp }}/helm-release
-          
+
           cd ${{ runner.temp }}/helm-release
-          
+
           # Try to get the current index.yaml of the helm repo from https://${ORG_NAME}.github.io/${REPO_NAME}/index.yaml
           # If it fails, create a new index.yaml
           curl -f -L https://${ORG_NAME}.github.io/${REPO_NAME}/index.yaml -o index.yaml || echo -e "apiVersion: v1\nentries: {}" > index.yaml
-          
+
           helm package ${{ github.workspace }}/chart
           helm repo index --url https://github.com/${{ github.repository }}/releases/download/${{ steps.changelog.outputs.tag }} --merge index.yaml .
-          
+
           echo "artifact-path=${{ runner.temp }}/helm-release/${CHART_NAME}-${{ steps.changelog.outputs.version }}.tgz" >> $GITHUB_OUTPUT
 
       - name: Upload pages artifact

.gitignore

@@ -27,3 +27,7 @@ tmp
 go.work
 
 *.pem
+
+*.env
+
+test_output

Dockerfile

@@ -7,19 +7,23 @@ ENV CGO_ENABLED=0 \
 RUN openssh-client ca-certificates && update-ca-certificates 2>/dev/null || true
 
 ENV HOME=/home/golang
+
 WORKDIR /app
+
 RUN adduser -h $HOME -D -u 1000 -G root golang && \
   chown golang:root /app && \
   chmod g=u /app $HOME
+
 USER golang:root
 
 COPY --chown=golang:root go.mod go.sum ./
 
 RUN go mod download
 
-COPY --chown=golang:root main.go ./
+COPY --chown=golang:root cmd ./cmd
 COPY --chown=golang:root internal ./internal
-RUN go build -v -o joy-generator main.go
+
+RUN go build -v -o joy-generator ./cmd/server
 
 FROM scratch AS prod
 
@@ -31,4 +35,5 @@ USER golang:root
 EXPOSE 8080
 
 WORKDIR /app
+
 ENTRYPOINT ["./joy-generator"]

Makefile

@@ -2,3 +2,6 @@
 kind-build:
 	docker build -t localhost:5001/joy-generator:latest .
 	docker push localhost:5001/joy-generator:latest
+
+fmt:
+	goimports --local github.com/nestoca/joy-generator -w .

chart/Makefile

@@ -0,0 +1,5 @@
+test:
+	testchart run --namespace my-namespace --release my-release --app-version 1.0.0 --chart-version 1.0.0
+
+update:
+	testchart update --namespace my-namespace --release my-release --app-version 1.0.0 --chart-version 1.0.0

chart/templates/argocd-config.yaml

@@ -3,5 +3,5 @@ kind: ConfigMap
 metadata:
   name: {{ include "joy-generator.fullname" . }}-config
 data:
-  token: "${{ include "joy-generator.fullname" . }}-config:JOY_PLUGIN_TOKEN"
+  token: "${{ include "joy-generator.fullname" . }}-config:PLUGIN_TOKEN"
   baseUrl: "http://{{ include "joy-generator.fullname" . }}"

chart/templates/deployment.yaml

@@ -29,7 +29,7 @@ spec:
       volumes:
         - name: catalog-dir
           emptyDir: {}
-        {{- if .Values.applicationConfig.githubApp }}
+        {{- if .Values.env.GH_APP_ID }}
         - name: github-app-private-key
           secret:
             secretName: {{ include "joy-generator.fullname" . }}-github-app-key
@@ -43,19 +43,15 @@ spec:
           volumeMounts:
             - mountPath: /tmp/catalog
               name: catalog-dir
-            {{- if .Values.applicationConfig.githubApp }}
+            {{- if .Values.env.GH_APP_ID }}
             - mountPath: /etc/joy/config
               name: github-app-private-key
             {{- end }}
+          {{- if .Values.env.GH_APP_ID }}
           env:
-            - name: JOY_CATALOG_DIR
-              value: /tmp/catalog
-            - name: GIN_MODE
-              value: release
-            {{- if .Values.applicationConfig.githubApp }}
             - name: JOY_GITHUB_APP_PRIVATE_KEY_PATH
               value: /etc/joy/config/githubApp.pem
-            {{- end }}
+          {{- end }}
           envFrom:
             - secretRef:
                 name: {{ include "joy-generator.fullname" . }}-config

chart/templates/secret.yaml

@@ -1,3 +1,4 @@
+{{- and (required ".Values.env.PLUGIN_TOKEN is required" .Values.env.PLUGIN_TOKEN) "" -}}
 {{- if eq .Values.secretType "secret" }}
 apiVersion: v1
 kind: Secret
@@ -15,15 +16,16 @@ metadata:
 {{- end }}
 {{- if eq .Values.secretType "secret" }}
 stringData:
-{{- include "joy-generator.config" . | indent 2 }}
+{{ toYaml .Values.env | indent 2 }}
 {{- else if eq .Values.secretType "sealedSecret" }}
 spec:
   encryptedData:
-{{- include "joy-generator.config" . | indent 4 }}
+{{ toYaml .Values.env | indent 4 }}
 {{- end }}
 
 ---
-{{- if .Values.applicationConfig.githubApp }}
+{{- if .Values.env.GH_APP_ID }}
+{{- and (required ".Values.env.GH_APP_INSTALLATION_ID is required" .Values.env.GH_APP_INSTALLATION_ID) "" |  -}}
 {{- if eq .Values.secretType "secret" }}
 apiVersion: v1
 kind: Secret
@@ -42,11 +44,11 @@ metadata:
 {{- if eq .Values.secretType "secret" }}
 stringData:
   githubApp.pem: |
-{{ .Values.applicationConfig.githubApp.privateKey | indent 4 }}
+{{ required ".Values.githubApp.privateKey key is required" .Values.githubApp.privateKey | indent 4 }}
 {{- else if eq .Values.secretType "sealedSecret" }}
 spec:
   encryptedData:
     githubApp.pem: |
-{{ .Values.applicationConfig.githubApp.privateKey | indent 6 }}
+{{ required " .Values.githubApp.privateKey key is required" .Values.githubApp.privateKey | indent 6 }}
 {{- end }}
 {{- end }}

chart/tests/with-github-app-and-sealed-secrets/expected.yaml

@@ -5,7 +5,7 @@ kind: ConfigMap
 metadata:
   name: my-release-joy-generator-config
 data:
-  token: "$my-release-joy-generator-config:JOY_PLUGIN_TOKEN"
+  token: "$my-release-joy-generator-config:PLUGIN_TOKEN"
   baseUrl: "http://my-release-joy-generator"
 ---
 # Source: joy-generator/templates/service.yaml
@@ -73,10 +73,6 @@ spec:
             - mountPath: /etc/joy/config
               name: github-app-private-key
           env:
-            - name: JOY_CATALOG_DIR
-              value: /tmp/catalog
-            - name: GIN_MODE
-              value: release
             - name: JOY_GITHUB_APP_PRIVATE_KEY_PATH
               value: /etc/joy/config/githubApp.pem
           envFrom:
@@ -105,11 +101,17 @@ metadata:
   annotations:
     sealedsecrets.bitnami.com/cluster-wide: "true"
 spec:
-  encryptedData:    
-    JOY_PLUGIN_TOKEN: "@very!l0ngands3curet0ken"
-    JOY_REPO_URL: "https://github.com/example/foobar.git"
-    JOY_GITHUB_APP_ID: "123456"
-    JOY_GITHUB_APP_INSTALLATION_ID: "789101112"
+  encryptedData:
+    CATALOG_DIR: /tmp/catalog
+    CATALOG_REVISION: ""
+    CATALOG_URL: https://github.com/example/foobar.git
+    GH_APP_ID: "123456"
+    GH_APP_INSTALLATION_ID: "789101112"
+    GH_TOKEN: ""
+    GH_USER: ""
+    GRACE_PERIOD: 10s
+    PLUGIN_TOKEN: '@very!l0ngands3curet0ken'
+    PORT: :8080
 ---
 # Source: joy-generator/templates/secret.yaml
 apiVersion: bitnami.com/v1alpha1

chart/tests/with-github-app-and-sealed-secrets/values.yaml

@@ -1,19 +1,14 @@
-applicationConfig:
-  pluginToken: "@very!l0ngands3curet0ken"
-  # The HTTPS Git URL of your joy catalog
-  repoUrl: "https://github.com/example/foobar.git"
-  # The GitHub app configuration.
-  # Required if githubToken is not set.
-  githubApp:
-    # The GitHub application ID
-    appId: 123456
-    # The GitHub application installation ID
-    installationId: 789101112
-    # The GitHub application private key (PEM format)
-    privateKey: |
-      FOOBARLOREMISPUM
+env:
+  CATALOG_URL: https://github.com/example/foobar.git
+  PLUGIN_TOKEN: "@very!l0ngands3curet0ken"
+  GH_APP_ID: "123456"
+  GH_APP_INSTALLATION_ID: "789101112"
 
-secretType: 'sealedSecret'
+githubApp:
+  privateKey: |
+    FOOBARLOREMISPUM
+
+secretType: "sealedSecret"
 
 sealedSecretAnnotations:
   sealedsecrets.bitnami.com/cluster-wide: "true"

chart/tests/with-github-app/expected.yaml

@@ -4,11 +4,17 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: my-release-joy-generator-config
-stringData:  
-  JOY_PLUGIN_TOKEN: "@very!l0ngands3curet0ken"
-  JOY_REPO_URL: "https://github.com/example/foobar.git"
-  JOY_GITHUB_APP_ID: "123456"
-  JOY_GITHUB_APP_INSTALLATION_ID: "789101112"
+stringData:
+  CATALOG_DIR: /tmp/catalog
+  CATALOG_REVISION: ""
+  CATALOG_URL: https://github.com/example/foobar.git
+  GH_APP_ID: "123"
+  GH_APP_INSTALLATION_ID: "666"
+  GH_TOKEN: ""
+  GH_USER: ""
+  GRACE_PERIOD: 10s
+  PLUGIN_TOKEN: '@very!l0ngands3curet0ken'
+  PORT: :8080
 ---
 # Source: joy-generator/templates/secret.yaml
 apiVersion: v1
@@ -25,7 +31,7 @@ kind: ConfigMap
 metadata:
   name: my-release-joy-generator-config
 data:
-  token: "$my-release-joy-generator-config:JOY_PLUGIN_TOKEN"
+  token: "$my-release-joy-generator-config:PLUGIN_TOKEN"
   baseUrl: "http://my-release-joy-generator"
 ---
 # Source: joy-generator/templates/service.yaml
@@ -93,10 +99,6 @@ spec:
             - mountPath: /etc/joy/config
               name: github-app-private-key
           env:
-            - name: JOY_CATALOG_DIR
-              value: /tmp/catalog
-            - name: GIN_MODE
-              value: release
             - name: JOY_GITHUB_APP_PRIVATE_KEY_PATH
               value: /etc/joy/config/githubApp.pem
           envFrom:

chart/tests/with-github-app/values.yaml

@@ -1,18 +1,19 @@
 # Configuration settings for the joy-generator instance
-applicationConfig:
-  pluginToken: "@very!l0ngands3curet0ken"
+env:
+  PLUGIN_TOKEN: "@very!l0ngands3curet0ken"
+
+  GH_APP_ID: "123"
+  GH_APP_INSTALLATION_ID: "666"
+
   # The HTTPS Git URL of your joy catalog
-  repoUrl: "https://github.com/example/foobar.git"
-  # The GitHub app configuration.
-  # Required if githubToken is not set.
-  githubApp:
-    # The GitHub application ID
-    appId: 123456
-    # The GitHub application installation ID
-    installationId: 789101112
-    # The GitHub application private key (PEM format)
-    privateKey: |
-      FOOBARLOREMISPUM
+  CATALOG_URL: "https://github.com/example/foobar.git"
+
+# The GitHub app configuration.
+# Required if githubToken is not set.
+githubApp:
+  # The GitHub application private key (PEM format)
+  privateKey: |
+    FOOBARLOREMISPUM
 
 image:
   tag: 0.1.2

chart/tests/with-github-token/expected.yaml

@@ -4,19 +4,25 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: my-release-joy-generator-config
-stringData:  
-  JOY_PLUGIN_TOKEN: "@very!l0ngands3curet0ken"
-  JOY_REPO_URL: "https://github.com/example/foobar.git"
-  JOY_GITHUB_USER: "username"
-  JOY_GITHUB_TOKEN: "12312312312312"
+stringData:
+  CATALOG_DIR: /tmp/catalog
+  CATALOG_REVISION: ""
+  CATALOG_URL: https://github.com/example/foobar.git
+  GH_APP_ID: ""
+  GH_APP_INSTALLATION_ID: ""
+  GH_TOKEN: "12312312312312"
+  GH_USER: username
+  GRACE_PERIOD: 10s
+  PLUGIN_TOKEN: '@very!l0ngands3curet0ken'
+  PORT: :8080
 ---
 # Source: joy-generator/templates/argocd-config.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
   name: my-release-joy-generator-config
 data:
-  token: "$my-release-joy-generator-config:JOY_PLUGIN_TOKEN"
+  token: "$my-release-joy-generator-config:PLUGIN_TOKEN"
   baseUrl: "http://my-release-joy-generator"
 ---
 # Source: joy-generator/templates/service.yaml
@@ -78,11 +84,6 @@ spec:
           volumeMounts:
             - mountPath: /tmp/catalog
               name: catalog-dir
-          env:
-            - name: JOY_CATALOG_DIR
-              value: /tmp/catalog
-            - name: GIN_MODE
-              value: release
           envFrom:
             - secretRef:
                 name: my-release-joy-generator-config