Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release 1.1.0 #29

Merged
merged 181 commits into from
Oct 27, 2023
Merged

Release 1.1.0 #29

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
181 commits
Select commit Hold shift + click to select a range
012d95b
Update README.md
LissaGreense May 5, 2022
825d333
Changed module name to github package
LissaGreense May 23, 2022
ec7edb1
unittests github action added
LissaGreense May 23, 2022
e654d45
Fixed status badge (#2)
LissaGreense May 23, 2022
0aa2e8e
Update README
LissaGreense May 23, 2022
8114260
Update of Helm values.yaml
misiektoja May 23, 2022
f5e6106
Update of README.md
misiektoja May 23, 2022
7c09ed7
Update README.md
misiektoja May 23, 2022
497163b
markdown linting and linkchecks
grindsa May 26, 2022
440b6b2
Linting of README.md
grindsa May 26, 2022
5c7e788
Copy & paste error of grindsa
misiektoja May 26, 2022
01bc428
Updates in the README.md
misiektoja May 30, 2022
8153348
Update Dockerfile
LissaGreense Jun 1, 2022
d4cef60
build workflow
grindsa Jun 1, 2022
eaeda1b
enrollment tests
grindsa Jun 6, 2022
8a701d0
Update certmanager-application-test.yml
misiektoja Jun 9, 2022
ef6be45
Rename cert-ressource.yml to cert-resource.yml
misiektoja Jun 9, 2022
c23754d
workflow to test key algorithms and length
grindsa Jun 12, 2022
24b54f4
enhanced workflow to test clusterissuer
grindsa Jun 16, 2022
0da9522
Update certmanager-application-test.yml
misiektoja Jun 16, 2022
b68bf75
Worflow to test SubAltName configuration
grindsa Jun 17, 2022
d0c35b2
verify certificates via openssl
grindsa Jun 18, 2022
dd15818
Worflow to test CAHREF parameter
grindsa Jun 18, 2022
d31eea9
exclude nokia.com from link checks
grindsa Jul 14, 2022
cff9f76
wf headline in lower cases
grindsa Jul 14, 2022
d8cec64
clientauth workflow
grindsa Jul 14, 2022
463cbab
rename workflow
grindsa Jul 14, 2022
3390a58
removed exit command
grindsa Jul 14, 2022
15f3500
Updated go version to 1.17
LissaGreense Aug 10, 2022
93f471f
Updated go version in unitest workflow
LissaGreense Aug 10, 2022
b3d1235
disable pr trigger for wf accessing secrets
grindsa Aug 16, 2022
c2472ac
version update
grindsa Aug 28, 2022
67b384d
version update in clusterissuer test
grindsa Aug 28, 2022
6b5f6ce
remove cert-mgr 1.7 from test
grindsa Aug 28, 2022
fad582a
renewal tests in pkey-test workflow
grindsa Aug 28, 2022
678b7a8
renamed workflow
grindsa Aug 28, 2022
e93dda5
renewal in certmanager wf
grindsa Aug 28, 2022
3ae436d
timer adjustments
grindsa Aug 28, 2022
37f6ff6
renewal in clientauth workflow
grindsa Aug 28, 2022
6996fef
version updates
grindsa Aug 28, 2022
e622e62
Added basic structure for NCM API Client
raczu Jan 5, 2023
a7c6b00
Finished NCM API Client
raczu Jan 6, 2023
78bf62e
Fixed converting error messages in ClientError
raczu Jan 6, 2023
b7c8dda
Moved NCM config to ncmapi pkg
raczu Jan 8, 2023
f0f2957
Rewritten certificate request controller to make it work with NCM API…
raczu Jan 8, 2023
df19409
Added field for 2nd NCM API URL
raczu Jan 11, 2023
56efe58
Fixed not working logging & added new pkg to Dockerfile
raczu Jan 11, 2023
1337a88
Fixed infinite issuing certificate
raczu Jan 12, 2023
3db650c
Changed method responsible for checking if main NCM EXTERNAL API serv…
raczu Jan 12, 2023
cfac548
Changed logging messages in NCM API client
raczu Jan 20, 2023
1c49da0
Fixed misinterpretation in case of manually triggering rotation of a …
raczu Jan 23, 2023
6898cff
Limited size of certificate name to 52 characters
raczu Feb 8, 2023
9bc76b6
Added posibility to include crt chain in ca.crt & did some code refactor
raczu Feb 9, 2023
8e8f9bf
Changed method of checking CA to exact match
raczu Feb 13, 2023
2cc89c2
Updated README
raczu Feb 13, 2023
64bb09c
Added posibility to include only end-entity certificate in tls.crt
raczu Feb 16, 2023
2eab746
Updated README
raczu Feb 16, 2023
c6d145c
Bumped go from 1.17 to 1.19.6
raczu Feb 21, 2023
523299d
Added provisioner for better handling CSR returned by NCM
raczu Mar 3, 2023
a615116
Moved NCM config to its individual pkg
raczu Mar 3, 2023
cacd92f
Refactored code in issuer controller & fixed data races
raczu Mar 3, 2023
03c0a26
Refactored code in certificate request controller to match new funcio…
raczu Mar 3, 2023
803992c
Organised utils in plugin
raczu Mar 3, 2023
3069301
Fixed nil pointer dereference during renewal
raczu Mar 3, 2023
b0c3743
Updated Dockerfile
raczu Mar 3, 2023
0aa39ac
Added unit tests for provisioner
raczu Mar 15, 2023
064f28a
Added more unit tests for provisioner & ncmapi
raczu Mar 16, 2023
e206844
Added unit tests for issuer controller
raczu Mar 21, 2023
e6103e4
Updated unit tests workflow
raczu Mar 21, 2023
39454ba
Fixed broken sytnax
raczu Mar 21, 2023
34114cf
Made few changes in previous tests & added tests for CR reconcile
raczu Mar 25, 2023
9fa63ea
Resolved conflicts
raczu Mar 26, 2023
1f0a766
New way of handling CSR returned by NCM, split funcility modules & i…
raczu Mar 26, 2023
6525b97
Bumped controller-runtime & cert-manager version
raczu Mar 29, 2023
1214289
Fixed not working requeuing CR
raczu Mar 29, 2023
73f234c
Added prometheus metrics for CR & prometheus configuration yaml file
raczu Mar 31, 2023
734b4e6
Made few changes in prometheus metrics & fixed not working units due …
raczu Apr 1, 2023
8f0e335
Added workflows for ncm-issuer tests
raczu Apr 1, 2023
bdc3c6f
Fixed wrong path in tests workflow
raczu Apr 1, 2023
3be0177
Added configuraton file for golangci-lint
raczu Apr 1, 2023
d6934a4
Bumped golangci-lint version in workflow
raczu Apr 1, 2023
4d177cc
Fixed wrong error-wrapping directive
raczu Apr 1, 2023
f032c2c
Removed unused things in Makefile & added few new
raczu Apr 2, 2023
0d1641e
Added uploading image to local registry
raczu Apr 5, 2023
f224823
Fixed error related to missing vendor
raczu Apr 5, 2023
c4b2e40
Removed go tidy from Makefile
raczu Apr 5, 2023
c548764
Changed localhost to numerical value
raczu Apr 5, 2023
aedf531
Added insecure-registiers to docker
raczu Apr 5, 2023
726cec3
Added sudo for writing to docker file
raczu Apr 5, 2023
5dc0f74
Added sleep to allow docker to restart
raczu Apr 5, 2023
d2ebf6e
Added more outputs for debugging
raczu Apr 5, 2023
3d2d709
Moved outputs to different stage
raczu Apr 5, 2023
a94253e
Removed invalid command
raczu Apr 5, 2023
946144e
Added saving registry address to env variable
raczu Apr 5, 2023
c7e743a
Fixed saving registry to env variable
raczu Apr 5, 2023
d7a8f38
Added saving variables to gh env
raczu Apr 5, 2023
0f90241
Changed way of inserting variables
raczu Apr 5, 2023
0e00c07
Fixed syntax error
raczu Apr 5, 2023
09c3520
Changed way of inserting variables
raczu Apr 5, 2023
8a81003
Changed registry addr to localhost
raczu Apr 5, 2023
35d1d52
Added additional printing
raczu Apr 5, 2023
2c17b65
Added saving registry address to bash variables
raczu Apr 5, 2023
d85fd6b
Fixed wrong saving variable to gh env
raczu Apr 5, 2023
00fc739
Changed registry addr to localhost
raczu Apr 5, 2023
34d4c82
Added debug output
raczu Apr 5, 2023
5477526
Removed ipv6 loopback
raczu Apr 5, 2023
d999973
Created local docker registry for tests
raczu Apr 6, 2023
acd9949
Fixed ports in cahref-test
raczu Apr 6, 2023
9e2cb9d
Changed workflows names and added e2e tests
raczu Apr 6, 2023
c0ddae8
Fixed invalid workflow file
raczu Apr 6, 2023
2428283
Added checkout to fix inavlid workflow file
raczu Apr 6, 2023
52fcd72
Changed behaviour of e2e workflow to run independent on push or pull …
raczu Apr 6, 2023
a95e7eb
Added missing 'runs-on'
raczu Apr 6, 2023
25fab1d
Added ls for debugging
raczu Apr 6, 2023
aca5485
Added additional flag for ls
raczu Apr 6, 2023
a26090b
Removed checkout step
raczu Apr 6, 2023
02ded4a
Fixed invalid syntax
raczu Apr 6, 2023
ef64995
Moved e2e tests to main workflow directory
raczu Apr 6, 2023
d10c367
Fixed invalid directory in reusable workflows
raczu Apr 6, 2023
e71ce7d
Fixed wrong usage of Makefile in san test
raczu Apr 6, 2023
18ad4b8
Added inheritance of secrets
raczu Apr 6, 2023
b67b3bd
Added deugging outputs
raczu Apr 7, 2023
723fa87
Added injecting insecure-registry to dockerd
raczu Apr 7, 2023
e4e975c
Changed registry port in injection
raczu Apr 7, 2023
675ab72
Removed few version of k8s for debugging reasons
raczu Apr 7, 2023
03bc045
ci: add sonarcloud scanning workflow
raczu Apr 13, 2023
b32e29c
feat: add logging replicas count in manager
raczu Apr 13, 2023
bdccbfe
ci: refactor old workflows to fit new pipelines
raczu Apr 13, 2023
a8f49a6
ci: add missing sonarcloud properties file
raczu Apr 14, 2023
a892773
refactor: improve api selection algorithm
raczu Apr 21, 2023
c142cbc
feat: add possibility to configure http client timeout and health che…
raczu Apr 23, 2023
f4338ca
docs: update README
raczu Apr 25, 2023
9bc67df
docs: fix logo positioning
raczu Apr 25, 2023
209de49
docs: fix kubernetes link
raczu Apr 25, 2023
0944aa6
fix: make possible to use reenrollmentOnRenew
raczu Apr 26, 2023
fe891e9
docs: add gifs to README
raczu May 6, 2023
29a7131
docs: fix linter errors
raczu May 6, 2023
a029288
Few updates here and there
misiektoja May 10, 2023
dd94372
k8s 1.27 added to matrix
misiektoja May 10, 2023
1ee84d7
k8s 1.27 added to matrix
misiektoja May 10, 2023
3914d20
Few updates here and there #2
misiektoja May 10, 2023
a61da73
fix: behaviour for checking pending CSR status in NCM is working
raczu Sep 28, 2023
9b22b43
Merge branch 'release-1.0.4' of github.com:nokia/ncm-issuer into rele…
raczu Sep 28, 2023
5527d16
helm: add sidecar for debugging purposes and pretiffy yamls
raczu Sep 29, 2023
598332a
ci: configure sonarcloud pipeline and change build pipeline
raczu Sep 29, 2023
57c85ed
chore: add license information to all project files
raczu Sep 29, 2023
6d0f7e1
feat: add possibility to configure verbosity of logging
raczu Oct 7, 2023
6296b5a
helm: add compatible k8s versions to chart
raczu Oct 7, 2023
82d3614
docs: update readme
raczu Oct 7, 2023
a57198f
chore: add information about sidecar to release notes
raczu Oct 7, 2023
7d894db
docs: fix typos
raczu Oct 7, 2023
f1483e0
docs: remove redundant spaces in readme
raczu Oct 8, 2023
b65076b
ci: add e2e tests workflow
raczu Oct 10, 2023
68036fc
ci: fix pointing to not existing workflow
raczu Oct 10, 2023
8a44480
ci: fix wrong paths in e2e workflows
raczu Oct 10, 2023
29f47c0
ci: add 1.27 as default k8s version for e2e tests
raczu Oct 10, 2023
8e8d2b2
ci: change way of triggering e2e tests
raczu Oct 10, 2023
526c892
ci: add all branches to PR action
raczu Oct 10, 2023
56ee3dc
ci: add release workflow
raczu Oct 12, 2023
5fbbbc2
chore: resolve merge conflicts
raczu Oct 12, 2023
7648a71
helm: change kubeVersion ranges
raczu Oct 12, 2023
fe6a961
ci: fix env variable in clientauth
raczu Oct 12, 2023
c1c26dd
ci: change way of pulling image in workflows
raczu Oct 12, 2023
c872a5a
ci: fix pulling image from cache
raczu Oct 12, 2023
be3258c
helm: fix issues with chart
raczu Oct 13, 2023
b9c771f
ci: meet new helm charts requirements in workflows
raczu Oct 13, 2023
4e8cca7
fix: metrics label after successful issuing crt
raczu Oct 18, 2023
bb594c2
docs: add gha badges and more release notes
raczu Oct 18, 2023
2065406
Few changes here and there
misiektoja Oct 23, 2023
b7e2204
refactor: metrics monitor different action
raczu Oct 26, 2023
b08dd10
Merge branch 'release-1.0.4' of github.com:nokia/ncm-issuer into rele…
raczu Oct 26, 2023
3c3be4a
fix: metrics names to satisfy golangci-lint
raczu Oct 26, 2023
07ea1f3
Add github release actions - mkdocs and helm on gh-pages
BbqGamer Oct 23, 2023
36ddbfc
feat: add basic docs configuration and some files
raczu Oct 27, 2023
45861ba
Modify workflow to generate release notes markdown files
BbqGamer Oct 27, 2023
73c1386
docs: add more sections to documentation
raczu Oct 27, 2023
45c4389
docs: remove unused metadata
raczu Oct 27, 2023
cc51e28
Fix mkdocs actions
BbqGamer Oct 27, 2023
f589003
Hot fix actions
BbqGamer Oct 27, 2023
2194396
Delete Markdown link check action
BbqGamer Oct 27, 2023
e23beba
Merge pull request #30 from BbqGamer/release-1.0.4
BbqGamer Oct 27, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 0 additions & 7 deletions .github/.mlc_config.json
View file
Open in desktop

This file was deleted.

29 changes: 19 additions & 10 deletions .github/ncm-issuer.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,20 +1,29 @@
apiVersion: v1
kind: Namespace
metadata:
name: ncm-issuer
---
#apiVersion: v1
#kind: Namespace
#metadata:
# name: ncm-issuer
#---
apiVersion: certmanager.ncm.nokia.com/v1
kind: Issuer
metadata:
name: ncm
namespace: ncm-issuer
spec:
secretName: ncm-issuer
tlsSecretName: ncm-issuer-bundle
CASNAME: SubCA
# CASHREF: HREF_FROM_NCM
ncmSERVER: NCM_SRV
caName: SubCA
# caID: HREF_FROM_NCM
provisioner:
mainAPI: NCM_SRV
httpClientTimeout: 15s
healthCheckerInterval: 3m
authRef:
name: ncm-issuer
namespace: ncm-issuer
tlsRef:
name: ncm-issuer-bundle
namespace: ncm-issuer
# profileId: PROFILE_ID
reenrollmentOnRenew: false
useProfileIDForRenew: false
noRoot: false
chainInSigner: false
onlyEECert: false
72 changes: 72 additions & 0 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
name: build
on: push

jobs:
go-versions:
name: "lookup go versions"
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.versions.outputs.matrix }}
go-mod-version: ${{ steps.versions.outputs.go-mod-version }}
steps:
- uses: actions/checkout@v4
- uses: arnested/go-version-action@v1
id: versions

golangci:
name: "lint"
needs: go-versions
permissions:
contents: read
pull-requests: read
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: "setup go"
uses: actions/setup-go@v4
with:
go-version: ${{ fromJSON(needs.go-versions.outputs.go-mod-version) }}

- name: "golangci-lint"
uses: golangci/golangci-lint-action@v3
with:
version: v1.54
only-new-issues: true
args: --config=.golangci.yml

unit:
name: "unit tests"
needs: go-versions
runs-on: ubuntu-latest
strategy:
matrix:
go-version: ${{ fromJSON(needs.go-versions.outputs.matrix) }}
steps:
- uses: actions/checkout@v4
- name: "setup go"
uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}

- name: "install dependencies"
run: go get .

- name: "test with go"
run: make test

build-ncm-issuer:
name: "build ncm-issuer"
needs: go-versions
runs-on: ubuntu-latest
strategy:
matrix:
go-version: ${{ fromJSON(needs.go-versions.outputs.matrix) }}
steps:
- uses: actions/checkout@v4
- name: "setup go"
uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}

- name: "build ncm-issuer"
run: make build
50 changes: 0 additions & 50 deletions .github/workflows/build_test.yml
View file
Open in desktop

This file was deleted.

104 changes: 55 additions & 49 deletions .github/workflows/cahref-test.yml → .github/workflows/caname-id-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,39 +1,36 @@
name: caname-href tests

name: caname-id tests
on:
push:
schedule:
# * is a special character in YAML so you have to quote this string
- cron: '0 2 * * 6'
workflow_call:
inputs:
go-version:
type: string
description: "Version of Go used to build ncm-issuer image"
required: true

jobs:
cahref_test:
name: "CAHREF Tests"
ca-id-test:
name: "ca id"
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:

- name: "checkout GIT"
uses: actions/checkout@v2
- uses: actions/setup-go@v3
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
- run: go version

- name: "build plugin"
run: |
go mod vendor
make docker_build_img
make save

- name: "install microk8s"
run: |
sudo snap install microk8s --classic
sudo snap install microk8s --classic --channel=1.27/stable
sudo microk8s status --wait-ready
sudo microk8s enable helm3
sudo microk8s enable dns
echo K8S_VERSION=$(sudo microk8s.kubectl version --short=true|grep -Po 'Server Version: \K.*' -m 1) >> $GITHUB_ENV
- run: echo "k8s ${{ env.K8S_VERSION }}"

- name: "build ncm-issuer image"
run: |
make docker-build
docker save ncm-issuer > ncm-issuer.tar
sudo microk8s ctr image import ncm-issuer.tar

- name: "install cert-manager charts"
run: |
sudo microk8s.kubectl create namespace cert-manager
Expand All @@ -53,14 +50,21 @@ jobs:
sudo microk8s.helm3 list -A
sudo microk8s.kubectl get pods -A
sudo microk8s.kubectl -n cert-manager logs `sudo microk8s.kubectl get pods -n cert-manager -l app=cert-manager -o jsonpath='{.items[0].metadata.name}'`|tail -25


- name: "install yq"
run: sudo snap install yq

- name: "prepare environment / create namespace and secret"
run: |
REG_ADDR=${{ env.REG_ADDR }}
mkdir -p data/logs
echo "$NCM_CA_BUNDLE" > data/ca_bundle.pem
cp .github/*.yml data/
sed -i "s|CASNAME: SubCA|CASHREF: $NCM_CAHREF|g" data/ncm-issuer.yml
sed -i "s|ncmSERVER: NCM_SRV|ncmSERVER: $NCM_HOST|g" data/ncm-issuer.yml
NCM_HOST=$NCM_HOST yq -i '.spec.provisioner.mainAPI = env(NCM_HOST)' data/ncm-issuer.yml
sed -i "s|caName: SubCA|caID: $NCM_CAHREF|g" data/ncm-issuer.yml
yq -i '.image.repository = "ncm-issuer"' helm/values.yaml
yq -i '.image.pullPolicy = "Never"' helm/values.yaml
TAG=$(grep -m1 imageVersion main.go | cut -d '"' -f2) yq -i '.image.tag = env(TAG)' helm/values.yaml
sudo microk8s.kubectl create namespace ncm-issuer
sudo microk8s.kubectl create secret generic ncm-issuer -n ncm-issuer --from-literal=username=$NCM_USER --from-literal=usrPassword=$NCM_PASSWORD
sudo microk8s.kubectl create secret generic ncm-issuer-bundle -n ncm-issuer --from-file=cacert=data/ca_bundle.pem
Expand All @@ -85,7 +89,7 @@ jobs:
sudo microk8s.helm3 list -A
sudo microk8s.kubectl get pods -A
sudo microk8s.kubectl -n ncm-issuer logs `sudo microk8s.kubectl get pods -A -l app=ncm-issuer -o jsonpath='{.items[0].metadata.name}'`|tail -25

- name: "create issuer"
run: |
sudo microk8s.kubectl apply -f data/ncm-issuer.yml
Expand Down Expand Up @@ -129,7 +133,7 @@ jobs:
continue-on-error: true
if: ${{ failure() }}
run: |
sudo microk8s.kubectl get namespaces > data/logs/get_namespaces.log
sudo microk8s.kubectl get namespaces > data/logs/get_namespaces.log
sudo microk8s.kubectl get po -A > data/logs/get_pods.log
sudo microk8s.kubectl describe pods ncm-issuer -n ncm-issuer > data/logs/describe_ncm-issuer.log
sudo microk8s.kubectl get secrets -n ncm-issuer > data/logs/get_secrets.log
Expand All @@ -138,47 +142,43 @@ jobs:
sudo microk8s.kubectl -n ncm-issuer logs `sudo microk8s.kubectl get pods -A -l app=ncm-issuer -o jsonpath='{.items[0].metadata.name}'` > data/logs/ncm-issuer.log
sudo microk8s.kubectl -n cert-manager logs `sudo microk8s.kubectl get pods -n cert-manager -l app=cert-manager -o jsonpath='{.items[0].metadata.name}'` > data/logs/cert-manager.log
sudo microk8s.kubectl get certificaterequest -n ncm-issuer > data/logs/get_csr.log
sudo microk8s.kubectl describe certificaterequest ncm-cert -n ncm-issuer > data/logs/describe_csr.log
sudo microk8s.kubectl describe certificaterequest ncm-cert -n ncm-issuer > data/logs/describe_csr.log
sudo microk8s.kubectl get certificate -n ncm-issuer > data/logs/get_certificate.log
sudo microk8s.kubectl describe certificate ncm-cert -n ncm-issuer > data/logs/describe_certificate.log
mkdir -p ${{ github.workspace }}/artifact/upload
sudo cp -rp data/ ${{ github.workspace }}/artifact/data/
sudo tar -C ${{ github.workspace }}/artifact/ -cvzf ${{ github.workspace }}/artifact/upload/artifact.tar.gz data

- name: "[ * ] uploading artificates"
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v3
if: ${{ failure() }}
with:
name: logs-cahref.tar.gz
path: ${{ github.workspace }}/artifact/upload/

caname_test:
name: "CANAME Test"
ca-name-test:
name: "ca name"
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:

- name: "checkout GIT"
uses: actions/checkout@v2
- uses: actions/setup-go@v3
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
- run: go version

- name: "build plugin"
run: |
go mod vendor
make docker_build_img
make save

- name: "install microk8s"
run: |
sudo snap install microk8s --classic
sudo snap install microk8s --classic --channel=1.27/stable
sudo microk8s status --wait-ready
sudo microk8s enable helm3
sudo microk8s enable dns
echo K8S_VERSION=$(sudo microk8s.kubectl version --short=true|grep -Po 'Server Version: \K.*' -m 1) >> $GITHUB_ENV
- run: echo "k8s ${{ env.K8S_VERSION }}"

- name: "build ncm-issuer image"
run: |
make docker-build
docker save ncm-issuer > ncm-issuer.tar
sudo microk8s ctr image import ncm-issuer.tar

- name: "install cert-manager charts"
run: |
sudo microk8s.kubectl create namespace cert-manager
Expand All @@ -198,13 +198,19 @@ jobs:
sudo microk8s.helm3 list -A
sudo microk8s.kubectl get pods -A
sudo microk8s.kubectl -n cert-manager logs `sudo microk8s.kubectl get pods -n cert-manager -l app=cert-manager -o jsonpath='{.items[0].metadata.name}'`|tail -25


- name: "install yq"
run: sudo snap install yq

- name: "prepare environment / create namespace and secret"
run: |
mkdir -p data/logs
echo "$NCM_CA_BUNDLE" > data/ca_bundle.pem
cp .github/*.yml data/
sed -i "s|ncmSERVER: NCM_SRV|ncmSERVER: $NCM_HOST|g" data/ncm-issuer.yml
NCM_HOST=$NCM_HOST yq -i '.spec.provisioner.mainAPI = env(NCM_HOST)' data/ncm-issuer.yml
yq -i '.image.repository = "ncm-issuer"' helm/values.yaml
yq -i '.image.pullPolicy = "Never"' helm/values.yaml
TAG=$(grep -m1 imageVersion main.go | cut -d '"' -f2) yq -i '.image.tag = env(TAG)' helm/values.yaml
sudo microk8s.kubectl create namespace ncm-issuer
sudo microk8s.kubectl create secret generic ncm-issuer -n ncm-issuer --from-literal=username=$NCM_USER --from-literal=usrPassword=$NCM_PASSWORD
sudo microk8s.kubectl create secret generic ncm-issuer-bundle -n ncm-issuer --from-file=cacert=data/ca_bundle.pem
Expand All @@ -228,7 +234,7 @@ jobs:
sudo microk8s.helm3 list -A
sudo microk8s.kubectl get pods -A
sudo microk8s.kubectl -n ncm-issuer logs `sudo microk8s.kubectl get pods -A -l app=ncm-issuer -o jsonpath='{.items[0].metadata.name}'`|tail -25

- name: "create issuer"
run: |
sudo microk8s.kubectl apply -f data/ncm-issuer.yml
Expand Down Expand Up @@ -272,7 +278,7 @@ jobs:
continue-on-error: true
if: ${{ failure() }}
run: |
sudo microk8s.kubectl get namespaces > data/logs/get_namespaces.log
sudo microk8s.kubectl get namespaces > data/logs/get_namespaces.log
sudo microk8s.kubectl get po -A > data/logs/get_pods.log
sudo microk8s.kubectl describe pods ncm-issuer -n ncm-issuer > data/logs/describe_ncm-issuer.log
sudo microk8s.kubectl get secrets -n ncm-issuer > data/logs/get_secrets.log
Expand All @@ -281,15 +287,15 @@ jobs:
sudo microk8s.kubectl -n ncm-issuer logs `sudo microk8s.kubectl get pods -A -l app=ncm-issuer -o jsonpath='{.items[0].metadata.name}'` > data/logs/ncm-issuer.log
sudo microk8s.kubectl -n cert-manager logs `sudo microk8s.kubectl get pods -n cert-manager -l app=cert-manager -o jsonpath='{.items[0].metadata.name}'` > data/logs/cert-manager.log
sudo microk8s.kubectl get certificaterequest -n ncm-issuer > data/logs/get_csr.log
sudo microk8s.kubectl describe certificaterequest ncm-cert -n ncm-issuer > data/logs/describe_csr.log
sudo microk8s.kubectl describe certificaterequest ncm-cert -n ncm-issuer > data/logs/describe_csr.log
sudo microk8s.kubectl get certificate -n ncm-issuer > data/logs/get_certificate.log
sudo microk8s.kubectl describe certificate ncm-cert -n ncm-issuer > data/logs/describe_certificate.log
mkdir -p ${{ github.workspace }}/artifact/upload
sudo cp -rp data/ ${{ github.workspace }}/artifact/data/
sudo tar -C ${{ github.workspace }}/artifact/ -cvzf ${{ github.workspace }}/artifact/upload/artifact.tar.gz data

- name: "[ * ] uploading artificates"
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v3
if: ${{ failure() }}
with:
name: logs-caname.tar.gz
Expand Down
Loading
Loading