From 0fe8b14e78fa63bc10a07ee10c4336ba762ef956 Mon Sep 17 00:00:00 2001 From: Tom Chauveau Date: Thu, 9 Sep 2021 15:14:49 +0200 Subject: [PATCH] Improve ArgoCD and fix CI Signed-off-by: Tom Chauveau --- .github/workflows/ci.yml | 11 --------- stdlib/.dagger/env/argocd/values.yaml | 6 ++--- stdlib/argocd/app.cue | 4 +-- stdlib/argocd/argocd.cue | 35 +++++++++++---------------- stdlib/argocd/status.cue | 4 +-- stdlib/argocd/sync.cue | 2 +- stdlib/argocd/tests/argocd.cue | 25 ++++++++++++------- stdlib/universe.bats | 25 +++++++++---------- 8 files changed, 48 insertions(+), 64 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ae8a54d3..632769f4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -151,17 +151,6 @@ jobs: aws --endpoint-url=http://localhost:4566 s3 mb s3://dagger-ci aws --endpoint-url=http://localhost:4566 ecr create-repository --repository-name dagger-ci - - name: Setup ArgoCD infra - run: | - make install - dagger -w universe -e argocd-infra input text TestKubeconfig -f "$HOME"/.kube/config - dagger -w universe -e dagger-infra up - - # Expose Argo API - kubectl port-forward svc/argocd-server -n argocd 8080:443 & - curl localhost:8080 - continue-on-error: true - - name: Universe Test run: | make universe-test diff --git a/stdlib/.dagger/env/argocd/values.yaml b/stdlib/.dagger/env/argocd/values.yaml index 2fa22e0d..90edff9b 100644 --- a/stdlib/.dagger/env/argocd/values.yaml +++ b/stdlib/.dagger/env/argocd/values.yaml @@ -4,8 +4,6 @@ name: argocd inputs: TestConfig.argocdConfig.server: text: localhost:8080 - TestConfig.argocdConfig.token: - secret: ENC[AES256_GCM,data:TC8wCWyJ+yTkAQXBLLioVDUm4YfkMMgHEzcxyRBr/uwOErEYAWDE539dahcPclQYW/Ds7UVQIv+PMS+43zXSqIv5lde842IhOEIZwemCGnWrGy2yBC566WCYPxU16k76MzslwhJrYGDi4GF4zlIyvtVO6AbviumZqGT+wAq4/Z6KZ2CQTDWNf42ise2orGNsBTj7jqpazLO34A+Wt9USW/cJrSqU+BtAjGkoLZW65iGJ8ui8RdADxw5/A0rkdJaoN4mnSUi7yARpcmTdQBdo33385csTxxqy8oWw7OR4itUfzzWKbOprQph/EeEtxMtPAuHOB/9As/6dvIGcynwxPjw=,iv:xAb0eF1lCmNoaE9Tzfnq2uLB647DK2Cat2BZTPn272s=,tag:D2mfkvEAzVi34y7WYSg7JQ==,type:str] sops: kms: [] gcp_kms: [] @@ -21,8 +19,8 @@ sops: WG5JdHlKYUlnZnZlMVNIRjczSld5ek0KF0z0UqtoGcYFFeOyMwIDAY1pyKosaOii IVqsMSYfj4+vz7mRd8HoXoSiSnuc7mLJek/izsdZtYUTfD/QnTC71Q== -----END AGE ENCRYPTED FILE----- - lastmodified: "2021-09-09T09:31:30Z" - mac: ENC[AES256_GCM,data:khUMYQdGj8qwNd7TZa2TPJIeOD9WjOn6LpNhqnZ2VZPOHWzre56MSytBS65h2bqgB5ljaYOM8qR8qc6UzSFhcNOBaAKofOYfuD1Zy6BcjNzNbJ9wvQE9qvT5o25VHsLk+fNhJt04wNdGdWjPuJNJrTTGLj82CXKCUPGyxvV72Pg=,iv:ut+MuwUELE+xu+I1G6NmqFrxu39++2pr96SHShQ5scI=,tag:5Fa6WPRo7R9UN5L7ankYzA==,type:str] + lastmodified: "2021-09-09T12:42:58Z" + mac: ENC[AES256_GCM,data:CMNfY3kBAbDOkyh1s3csD7uGToV/5TubN/0z3NaG0rVOeHzgPx//PUw7jfhBe3iTCe5m7z5jpGwbI9h6+GoANrsPX887/XYvC22JLQ7vqfOqJYOrYY9YbEJnYK+GXthQB7bqn5Yh2+yiNRVk9vHJkXyhqea9/ud32kiKhG2tE3o=,iv:eT3sjgmh4NF1sS+MSsOEZbgvAiWOwep72aM2fDenG0s=,tag:HcKVlnDpn6kQxFdlKSCALg==,type:str] pgp: [] encrypted_suffix: secret version: 3.7.1 diff --git a/stdlib/argocd/app.cue b/stdlib/argocd/app.cue index 42e2e09c..94f60290 100644 --- a/stdlib/argocd/app.cue +++ b/stdlib/argocd/app.cue @@ -25,8 +25,8 @@ import ( // Destination namespace namespace: dagger.#Input & {*"default" | string} - _ctr: os.Container & { - from: #CLI & { + ctr: os.#Container & { + image: #CLI & { "config": config } command: #""" diff --git a/stdlib/argocd/argocd.cue b/stdlib/argocd/argocd.cue index f119929c..75648379 100644 --- a/stdlib/argocd/argocd.cue +++ b/stdlib/argocd/argocd.cue @@ -18,8 +18,11 @@ import ( // ArgoCD project project: *"default" | dagger.#Input & {string} - // ArgoCD authentication token - token: dagger.#Secret & dagger.#Input + // Username + username: dagger.#Input & {string} + + // Password + password: dagger.#Input & {dagger.#Secret} } // Re-usable CLI component @@ -46,27 +49,17 @@ import ( env: VERSION: config.version }, - // Write config file + // Login to ArgoCD server op.#Exec & { - args: ["sh", "-c", - #""" - mkdir ~/.argocd && cat > ~/.argocd/config << EOF - contexts: - - name: "$SERVER" - server: "$SERVER" - user: "$SERVER" - current-context: "$SERVER" - servers: - - grpc-web-root-path: "" - server: "$SERVER" - users: - - auth-token: $(cat /run/secrets/token) - name: "$SERVER" - EOF - """#, + args: ["sh", "-c", #""" + argocd login "$ARGO_SERVER" --username "$ARGO_USERNAME" --password $(cat /run/secrets/password) --insecure + """#, ] - mount: "/run/secrets/token": secret: config.token - env: SERVER: config.server + env: { + ARGO_SERVER: config.server + ARGO_USERNAME: config.username + } + mount: "/run/secrets/password": secret: config.password }, ] } diff --git a/stdlib/argocd/status.cue b/stdlib/argocd/status.cue index 9900b6d7..017f7b4d 100644 --- a/stdlib/argocd/status.cue +++ b/stdlib/argocd/status.cue @@ -44,14 +44,12 @@ import ( op.#Exec & { args: ["sh", "-c", #""" - ls ~/.argocd - cat ~/.argocd/config + // FIXME JQ failed argocd app get "$APPLICATION" --output json | jq '{health:.status.health.status,sync:.status.sync.status,namespace:.spec.destination.namespace,server:.spec.destination.server,urls:.status.summary.externalURLs|join(","),state:.status.operationState.message}' > /output.json """#, ] env: { APPLICATION: name - ARGOCD_OPTS: "--port-forward-namespace argocd" } }, diff --git a/stdlib/argocd/sync.cue b/stdlib/argocd/sync.cue index d6d3d2df..72186aff 100644 --- a/stdlib/argocd/sync.cue +++ b/stdlib/argocd/sync.cue @@ -16,7 +16,7 @@ import ( // Wait the application to sync correctly wait: dagger.#Input & {*false | bool} - _ctr: os.#Container & { + ctr: os.#Container & { image: #CLI & { "config": config } diff --git a/stdlib/argocd/tests/argocd.cue b/stdlib/argocd/tests/argocd.cue index 2d45be68..dde89457 100644 --- a/stdlib/argocd/tests/argocd.cue +++ b/stdlib/argocd/tests/argocd.cue @@ -6,23 +6,30 @@ import ( ) TestConfig: argocdConfig: #Config & { - version: dagger.#Input & {*"v2.0.5" | string} - server: dagger.#Input & {*"dagger-example-argocd-server.tld" | string} - token: dagger.#Input & {dagger.#Secret} + version: dagger.#Input & {*"v2.0.5" | string} + server: dagger.#Input & {*"dagger-example-argocd-server.tld" | string} + username: dagger.#Input & {*"admin" | string} + password: dagger.#Input & {dagger.#Secret} } -TestArgoCD: os.#Container & { +TestClient: os.#Container & { image: #CLI & { config: TestConfig.argocdConfig } - always: true command: #""" - argocd version --output json | jq -e 'all(.client.Version; startswith("$VERSION"))' + argocd account list | grep "$ARGOCD_USERNAME" """# - env: VERSION: TestConfig.argocdConfig.version + env: ARGOCD_USERNAME: TestConfig.argocdConfig.username } -TestArgoCDStatus: #Status & { +TestApp: #App & { config: TestConfig.argocdConfig - name: "test" + name: "daggerci-test" + repo: "https://github.com/argoproj/argocd-example-apps.git" + path: "guestbook" +} + +TestArgoCDStatus: #Sync & { + config: TestApp.config + application: TestApp.name } diff --git a/stdlib/universe.bats b/stdlib/universe.bats index e741ec79..b0d7d4e6 100644 --- a/stdlib/universe.bats +++ b/stdlib/universe.bats @@ -219,21 +219,20 @@ setup() { skip_unless_local_kube # Deploy argoCD infra - # dagger -e argocd-infra input text TestKubeconfig -f "$HOME"/.kube/config - #dagger -e argocd-infra up - # pid=$! + dagger -e argocd-infra input text TestKubeconfig -f "$HOME"/.kube/config + dagger -e argocd-infra up - curl localhost:8080 + # Forward port + kubectl port-forward svc/argocd-server -n argocd 8080:443 >/dev/null 2>/dev/null & + pid=$! + sleep 3 + + # Run test + dagger -e argocd input secret TestConfig.argocdConfig.password "$(kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d)" + dagger -e up + dagger -e argocd input unset TestConfig.argocdConfig.password # Kill Pid - #check_pid=$(pgrep "$pid") - #if [ "$pid" -eq "$check_pid" ]; then - # kill "$pid" - #fi - # skip "ArgoCD CI secrets not yet generated - Infra not implemented yet" - # dagger -e argocd input secret TestConfig.argocdConfig.token "$(kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d && echo)" - # dagger -e argocd up + pkill kubectl - # Kill forward - # >&2 echo "kill pid" }