diff --git a/.github/commitsar.yaml b/.github/commitsar.yaml new file mode 100644 index 0000000..cb2a0f1 --- /dev/null +++ b/.github/commitsar.yaml @@ -0,0 +1,6 @@ +verbose: true +commits: + strict: false + limit: 100 + all: true + upstreamBranch: origin/main \ No newline at end of file diff --git a/.github/release-please-config.json b/.github/release-please-config.json index c78d433..f319cf1 100644 --- a/.github/release-please-config.json +++ b/.github/release-please-config.json @@ -8,9 +8,6 @@ "draft": false, "prerelease": false, "release-type": "simple", - "extra-files": [ - "variables.tf" - ], "changelog-sections": [ { "type": "feat", diff --git a/.github/workflows/add-to-project.yaml b/.github/workflows/add-to-project.yaml deleted file mode 100644 index 31626aa..0000000 --- a/.github/workflows/add-to-project.yaml +++ /dev/null @@ -1,18 +0,0 @@ -name: "add-to-project" - -on: - issues: - types: - - opened - - reopened - - pull_request_target: - types: - - opened - - reopened - -jobs: - add-to-project: - uses: GersonRS/modern-gitops-stack/.github/workflows/modules-add-to-project.yaml@main - secrets: - PAT: ${{ secrets.PAT }} diff --git a/.github/workflows/commits-checks.yaml b/.github/workflows/commits-checks.yaml deleted file mode 100644 index 9f320fc..0000000 --- a/.github/workflows/commits-checks.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -name: "linters" - -on: - pull_request: - -jobs: - linters: - uses: GersonRS/modern-gitops-stack/.github/workflows/modules-linters.yaml@main diff --git a/.github/workflows/deploy-applications.yaml b/.github/workflows/deploy-applications.yaml new file mode 100644 index 0000000..d4ab061 --- /dev/null +++ b/.github/workflows/deploy-applications.yaml @@ -0,0 +1,74 @@ +name: 'deploy-applications' + +on: + pull_request: + # Executa em PRs para validação + push: + tags: + - 'v*' # Trigger a build when a version tag is pushed + +permissions: + contents: read + +jobs: + terraform: + name: 'Terraform' + runs-on: ubuntu-latest + if: ${{ !startsWith(github.head_ref, 'release-please--') }} + + # Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest + defaults: + run: + shell: bash + + steps: + # Checkout the repository to the GitHub Actions runner + - name: Checkout + uses: actions/checkout@v6 + + # Load all Terraform variables from a single JSON secret + # The secret TF_VARS_JSON should contain: {"host":"...","client_certificate":"...","client_key":"...",...} + - name: Load Terraform Variables + run: | + echo '${{ secrets.TF_VARS_JSON }}' | jq -r 'to_entries | .[] | "TF_VAR_\(.key)=\(.value)"' >> $GITHUB_ENV + + - name: Gerar token de autenticação do GitHub App + id: generate_token + uses: tibdex/github-app-token@v2 + with: + app_id: 882683 + private_key: ${{ secrets.PROJECT_APP_PRIVATE_KEY }} + + # Configure Git to access private repositories using GitHub App token + - name: Configure Git for Private Repositories + run: | + # Configure Git credential helper for GitHub + git config --global credential.helper store + echo "https://x-access-token:${{ steps.generate_token.outputs.token }}@github.com" > ~/.git-credentials + + # Alternative: configure URL rewriting + git config --global url."https://x-access-token:${{ steps.generate_token.outputs.token }}@github.com/GersonRS".insteadOf "https://github.com/GersonRS" + + echo "✅ Git configured to access private repositories using GitHub App" + + # Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token + - name: Setup Terraform + uses: hashicorp/setup-terraform@v3 + + # Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc. + - name: Terraform Init + run: terraform init -backend-config="access_key=${{ secrets.ACCESS_KEY_ID }}" -backend-config="secret_key=${{ secrets.SECRET_ACCESS_KEY }}" -migrate-state + + # Checks that all Terraform configuration files adhere to a canonical format + - name: Terraform Format + run: terraform fmt -check + + # Generates an execution plan for Terraform + - name: Terraform Plan + run: terraform plan -input=false + + # Deploy da infraestrutura quando uma tag de versão é criada + # Nota: Executa apenas quando tags v* são pushed (ex: v1.0.0, v2.1.3) + - name: Terraform Apply + if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') + run: terraform apply -auto-approve -input=false \ No newline at end of file diff --git a/.github/workflows/modules-add-to-project.yaml b/.github/workflows/modules-add-to-project.yaml index 4456761..314c407 100644 --- a/.github/workflows/modules-add-to-project.yaml +++ b/.github/workflows/modules-add-to-project.yaml @@ -1,37 +1,48 @@ --- -# GitHub Actions workflow to automatically push PRs and issues to the Modern Gitops Stack project board. +# GitHub Actions workflow para automaticamente adicionar PRs e issues ao project board do Modern Gitops Stack. # -# IMPORTANT: This workflow is called by other workflows in our Modern Gitops Stack repositories and it is centralized here in -# order to be easily maintained across modules. Because of this, please make sure you're not introducing any breaking -# changes when modifying this workflow. - -name: "add-to-project" - +# Este workflow gerencia issues e pull requests no projeto Modern Gitops Stack, +# organizando-os no board para melhor acompanhamento e gestão. + +name: "modern-gitops-stack-add-to-project" on: workflow_call: secrets: - PAT: - description: "GitHub token for the Modern Gitops Stack Project" + PROJECT_APP_PRIVATE_KEY: + description: "GitHub App private key para o projeto Modern Gitops Stack" required: true -permissions: - issues: write - pull-requests: write - contents: write + issues: + types: + - opened + - reopened + + pull_request: + types: + - opened + - reopened jobs: add-to-project: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 - - name: Add PR or issue to Modern GitOps Stack project board + - name: Checkout repository + uses: actions/checkout@v6 + - name: Gerar token de autenticação do GitHub App + id: generate_token + uses: tibdex/github-app-token@v2 + with: + app_id: 882683 + private_key: ${{ secrets.PROJECT_APP_PRIVATE_KEY }} + + - name: Adicionar PR ou issue ao project board do Modern Gitops Stack + id: add-to-project uses: actions/add-to-project@v1.0.2 with: project-url: https://github.com/users/GersonRS/projects/2 - github-token: ${{ secrets.PAT }} - labeled: bug, needs-triage - label-operator: NOT - - name: Auto Author Assign + github-token: ${{ steps.generate_token.outputs.token }} + + - name: Auto-atribuição ao autor uses: toshimaru/auto-author-assign@v2.1.1 with: - repo-token: ${{ secrets.PAT }} + repo-token: ${{ steps.generate_token.outputs.token }} \ No newline at end of file diff --git a/.github/workflows/modules-chart-update.yaml b/.github/workflows/modules-chart-update.yaml index 9dda2ce..4043c1d 100644 --- a/.github/workflows/modules-chart-update.yaml +++ b/.github/workflows/modules-chart-update.yaml @@ -1,50 +1,51 @@ --- -# GitHub Actions workflow to update the Helm chart dependencies on our modules. +# GitHub Actions workflow para atualizar dependências dos Helm charts da Modern Gitops Stack. # -# IMPORTANT: This workflow is called by other workflows in our Modern Gitops Stack repositories and it is centralized here in -# order to be easily maintained across modules. Because of this, please make sure you're not introducing any breaking -# changes when modifying this workflow. +# Este workflow automatiza a atualização das dependências dos charts utilizados na infraestrutura +# Modern Gitops Stack, criando PRs para facilitar a revisão e deploy das atualizações. name: "modules-chart-update" on: workflow_call: secrets: - PAT: - description: "GitHub token for the Modern Gitops Stack Project" + PROJECT_APP_PRIVATE_KEY: + description: "GitHub token para o projeto Modern Gitops Stack" required: true inputs: update-strategy: - description: "Upgrade strategy to use. Valid values are 'major', 'minor' or 'patch'" + description: "Estratégia de atualização. Valores válidos: 'major', 'minor' ou 'patch'" type: string required: true excluded-dependencies: - description: "Comma-separated list of dependencies to exclude from the update (i.e. 'dependency1,dependency2,dependency3')" + description: "Lista separada por vírgulas de dependências a excluir (ex: 'dependency1,dependency2')" type: string required: false default: "" dry-run: - description: "Whether to run the update in dry-run mode or not" + description: "Se deve executar em modo dry-run ou não" type: boolean required: false default: false jobs: list-charts: + name: "Listar charts Modern Gitops Stack" runs-on: ubuntu-latest outputs: charts: ${{ steps.find-charts.outputs.charts }} steps: - - name: "Check out the repository" - uses: actions/checkout@v5 + - name: "Fazer checkout do repositório Modern Gitops Stack" + uses: actions/checkout@v6 - - name: "List charts in the ./charts folder" + - name: "Listar charts na pasta ./charts" id: find-charts run: cd charts && echo "charts=$(find . -maxdepth 2 -name 'Chart.yaml' -exec dirname {} \; | sed 's|^\./||' | sort -u | jq -R -s -c 'split("\n")[:-1]')" >> $GITHUB_OUTPUT chart-update: + name: "Atualizar chart: ${{ matrix.chart-name }}" runs-on: ubuntu-latest needs: list-charts @@ -58,10 +59,10 @@ jobs: author: "github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>" steps: - - name: "Check out the repository" - uses: actions/checkout@v5 + - name: "Fazer checkout do repositório Modern Gitops Stack" + uses: actions/checkout@v6 - - name: "Upgrade Helm chart dependencies" + - name: "Atualizar dependências do Helm chart" id: deps-update uses: camptocamp/helm-dependency-update-action@v0.5.0 with: @@ -71,16 +72,16 @@ jobs: update-strategy: "${{ inputs.update-strategy }}" dry-run: "${{ inputs.dry-run }}" - - name: "Create Pull Request for a minor/patch update" + - name: "Criar Pull Request para atualização minor/patch" if: ${{ !inputs.dry-run && steps.deps-update.outputs.update-type != 'none' && steps.deps-update.outputs.update-type != 'major' }} id: minor-pr - uses: peter-evans/create-pull-request@v7 + uses: peter-evans/create-pull-request@v8 env: - pr-title: "feat(chart): ${{ steps.deps-update.outputs.update-type }} update of dependencies on ${{ matrix.chart-name }} chart" + pr-title: "feat(chart): atualização ${{ steps.deps-update.outputs.update-type }} de dependências no chart ${{ matrix.chart-name }}" branch: "chart-autoupdate-${{ steps.deps-update.outputs.update-type }}-${{ matrix.chart-name }}" labels: "chart-autoupdate-${{ steps.deps-update.outputs.update-type }}" with: - token: ${{ secrets.PAT }} + token: ${{ secrets.PROJECT_APP_PRIVATE_KEY }} base: ${{ github.head_ref }} commit-message: ${{ env.pr-title }} author: ${{ env.author }} @@ -93,25 +94,38 @@ jobs: reviewers: GersonRS delete-branch: true body: | - :robot: I have updated the chart *beep* *boop* + 🤖 Atualizei o chart automaticamente do Modern Gitops Stack *beep* *boop* --- - ## Description of the changes + ## 📋 Descrição - This PR updates the dependencies of the **${{ matrix.chart-name }}** Helm chart. + ### O que mudou? + Este PR atualiza as dependências do Helm chart **${{ matrix.chart-name }}** do Modern Gitops Stack. - The maximum version bump was a **${{ steps.deps-update.outputs.update-type }}** step. + ### Por que foi necessário? + Atualização automática para manter os charts seguros e atualizados. - - name: "Create Pull Request for a major update" + ## 🔧 Tipo de Mudança + - [x] 🔧 Configuração/Charts + + ## 📊 Detalhes da Atualização + - **Chart**: ${{ matrix.chart-name }} + - **Tipo de atualização**: ${{ steps.deps-update.outputs.update-type }} + - **Estratégia**: Atualização automática segura + + ## ✅ Checklist + - [x] Dependências atualizadas automaticamente + - [x] Seguindo conventional commits + - [x] Labels apropriadas aplicadas + + - name: "Criar Pull Request para atualização major" if: ${{ !inputs.dry-run && steps.deps-update.outputs.update-type != 'none' && steps.deps-update.outputs.update-type == 'major' }} id: major-pr - uses: peter-evans/create-pull-request@v7 + uses: peter-evans/create-pull-request@v8 env: - # This step does not have a branch and labels environment variable, because it is forcefully a major update, - # unlike the previous step, which can either be a patch, minor or major update. - pr-title: "feat(chart)!: major update of dependencies on ${{ matrix.chart-name }} chart" + pr-title: "feat(chart)!: atualização major de dependências no chart ${{ matrix.chart-name }}" with: - token: ${{ secrets.PAT }} + token: ${{ secrets.PROJECT_APP_PRIVATE_KEY }} base: ${{ github.head_ref }} commit-message: ${{ env.pr-title }} author: ${{ env.author }} @@ -124,11 +138,37 @@ jobs: reviewers: GersonRS delete-branch: true body: | - :robot: I have updated the chart *beep* *boop* + 🤖 Atualizei o chart automaticamente do Modern Gitops Stack *beep* *boop* --- - ## Description of the changes + ## 📋 Descrição + + ### O que mudou? + Este PR atualiza as dependências do Helm chart **${{ matrix.chart-name }}** do Modern Gitops Stack. + + ### Por que foi necessário? + Atualização automática para manter os charts seguros e atualizados. + + ## 🔧 Tipo de Mudança + - [x] 💥 Breaking change + - [x] 🔧 Configuração/Charts + + ## ⚠️ Atenção - Atualização Major! + + Esta foi uma **atualização major**! Por favor: + 1. 📖 Verifique o changelog das dependências atualizadas + 2. 🔍 Revise cuidadosamente as breaking changes + 3. 🧪 Teste em ambiente de desenvolvimento antes do merge + 4. 📚 Atualize a documentação se necessário - This PR updates the dependencies of the **${{ matrix.chart-name }}** Helm chart. + ## 📊 Detalhes da Atualização + - **Chart**: ${{ matrix.chart-name }} + - **Tipo**: Major update (pode conter breaking changes) + - **Componentes afetados**: Modern Gitops Stack - :warning: This was a **major** update! Please check the changelog of the updated dependencies and **take notice of any breaking changes before merging**. :warning: + ## ✅ Checklist de Revisão + - [ ] Verificar changelog das dependências + - [ ] Revisar breaking changes + - [ ] Testar em ambiente de desenvolvimento + - [ ] Validar impacto no Modern Gitops Stack + - [ ] Atualizar documentação se necessário \ No newline at end of file diff --git a/.github/workflows/modules-linters.yaml b/.github/workflows/modules-linters.yaml index d60acfb..e3084d6 100644 --- a/.github/workflows/modules-linters.yaml +++ b/.github/workflows/modules-linters.yaml @@ -1,38 +1,41 @@ --- -# GitHub Actions workflow to check that the Terraform code is well formatted and if the commits have the conventional -# commit message structure (the latter is needed to properly create automatic releases with Release Please). +# Workflow do GitHub Actions para verificar se o código Terraform está bem formatado e se os commits seguem +# a estrutura de mensagens de commit convencionais (necessário para criar releases automáticas com Release Please). # -# IMPORTANT: This workflow is called by other workflows in our Modern Gitops Stack repositories and it is centralized here in -# order to be easily maintained across modules. Because of this, please make sure you're not introducing any breaking -# changes when modifying this workflow. +# IMPORTANTE: Este workflow é chamado por outros workflows nos repositórios da Modern Gitops Stack e está +# centralizado aqui para facilitar a manutenção entre módulos. Por isso, certifique-se de não introduzir +# mudanças que quebrem a compatibilidade ao modificar este workflow. name: "modules-linters" on: workflow_call: + pull_request: jobs: terraform-format: runs-on: ubuntu-latest steps: - - name: "Check out the repository" - uses: actions/checkout@v5 + - name: "Fazer checkout do repositório" + uses: actions/checkout@v6 - - name: Setup Terraform + - name: "Configurar Terraform" uses: hashicorp/setup-terraform@v3 - - name: "Run terraform fmt -check" + - name: "Executar terraform fmt -check" run: "terraform fmt -check" commits-checks: runs-on: ubuntu-latest steps: - - name: "Check out the repository" - uses: actions/checkout@v5 + - name: "Fazer checkout do repositório" + uses: actions/checkout@v6 with: - fetch-depth: 0 # Fetch all history for all tags and branches + fetch-depth: 0 # Buscar todo o histórico para todas as tags e branches - - name: "Check commit messages" - uses: docker://aevea/commitsar + - name: "Verificar mensagens de commit" + uses: docker://aevea/commitsar:0.20.2 + env: + COMMITSAR_CONFIG_PATH : ./.github \ No newline at end of file diff --git a/.github/workflows/modules-release-please.yaml b/.github/workflows/modules-release-please.yaml index 4a15f7b..a277e86 100644 --- a/.github/workflows/modules-release-please.yaml +++ b/.github/workflows/modules-release-please.yaml @@ -1,18 +1,21 @@ --- -# GitHub Actions workflow to automatically create releases and changelogs in our Modern GitOps Stack repositories. +# Fluxo de trabalho do GitHub Actions para criar automaticamente releases e changelogs para o Modern GitOps Stack. # -# IMPORTANT: This workflow is called by other workflows in our Modern GitOps Stack repositories and it is centralized here in -# order to be easily maintained across modules. Because of this, please make sure you're not introducing any breaking -# changes when modifying this workflow. +# Este fluxo de trabalho cria releases, atualiza números de versão em módulos e arquivos de configuração, +# e gera changelogs baseados em commits convencionais. name: "modules-release-please" on: workflow_call: secrets: - PAT: - description: "GitHub token for the Modern Gitops Stack Project" + PROJECT_APP_PRIVATE_KEY: + description: "Chave privada do GitHub App para o projeto Modern GitOps Stack" required: true + + push: + branches: + - main permissions: contents: write @@ -24,10 +27,18 @@ jobs: outputs: releases_created: ${{ steps.release-please.outputs.releases_created }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 + + - name: Gerar token de autenticação do GitHub App + id: generate_token + uses: tibdex/github-app-token@v2 + with: + app_id: 882683 + private_key: ${{ secrets.PROJECT_APP_PRIVATE_KEY }} + - uses: googleapis/release-please-action@v4 id: release-please with: - token: ${{ secrets.PAT }} + token: ${{ steps.generate_token.outputs.token }} config-file: .github/release-please-config.json - manifest-file: .github/.release-please-manifest.json + manifest-file: .github/.release-please-manifest.json \ No newline at end of file diff --git a/.github/workflows/modules-terraform-docs.yaml b/.github/workflows/modules-terraform-docs.yaml index 706a3b1..1e8b6f4 100644 --- a/.github/workflows/modules-terraform-docs.yaml +++ b/.github/workflows/modules-terraform-docs.yaml @@ -1,10 +1,10 @@ --- -# GitHub Actions workflow to automatically generate documentation from the .tf files of the module. -# The generated documentation will be injected between AsciiDoc comments on the README.adoc. +# Workflow do GitHub Actions para gerar automaticamente documentação dos arquivos .tf do módulo. +# A documentação gerada será injetada entre comentários AsciiDoc no README.adoc. # -# IMPORTANT: This workflow is called by other workflows in our Modern Gitops Stack repositories and it is centralized here in -# order to be easily maintained across modules. Because of this, please make sure you're not introducing any breaking -# changes when modifying this workflow. +# IMPORTANTE: Este workflow é chamado por outros workflows nos repositórios do Modern Gitops Stack e está +# centralizado aqui para facilitar a manutenção entre módulos. Por isso, certifique-se de não introduzir +# mudanças que quebrem a compatibilidade ao modificar este workflow. name: "modules-terraform-docs" @@ -12,27 +12,27 @@ on: workflow_call: inputs: variants: - description: "List of the variants folders as a comma-separated list inside a string (i.e. 'eks,aks')." + description: "Lista das pastas de variantes como uma lista separada por vírgulas dentro de uma string (ex: 'eks,aks')." type: string required: false default: "" env: - ARGS: "--hide-empty=true --sort=false" # Do not show empty sections and do not sort items - DOCS_TPL: "// BEGIN_TF_DOCS\n{{ .Content }}\n// END_TF_DOCS" # Define template compatible with AsciiDoc - TABLES_TPL: "// BEGIN_TF_TABLES\n{{ .Content }}\n// END_TF_TABLES" # Define template compatible with AsciiDoc + ARGS: "--hide-empty=true --sort=false" # Não mostrar seções vazias e não ordenar itens + DOCS_TPL: "// BEGIN_TF_DOCS\n{{ .Content }}\n// END_TF_DOCS" # Definir template compatível com AsciiDoc + TABLES_TPL: "// BEGIN_TF_TABLES\n{{ .Content }}\n// END_TF_TABLES" # Definir template compatível com AsciiDoc jobs: terraform-docs: runs-on: ubuntu-latest steps: - - name: "Check out the repository" - uses: actions/checkout@v5 + - name: "Fazer checkout do repositório" + uses: actions/checkout@v6 with: ref: ${{ github.event.pull_request.head.ref }} - - name: "Generate Terraform docs" + - name: "Gerar documentação Terraform" uses: terraform-docs/gh-actions@v1.4.1 with: working-dir: . @@ -44,11 +44,11 @@ jobs: args: ${{ env.ARGS }} git-push: false - - name: "Generate Terraform tables" + - name: "Gerar tabelas Terraform" uses: terraform-docs/gh-actions@v1.4.1 with: working-dir: . - indention: 1 # Since the headings are not read inside the collapsible block we can indent as 1 + indention: 1 # Como os cabeçalhos não são lidos dentro do bloco recolhível, podemos indentar como 1 output-format: asciidoc table output-file: README.adoc output-method: inject @@ -56,7 +56,7 @@ jobs: args: ${{ env.ARGS }} git-push: false - - name: "Generate Terraform docs for the variants" + - name: "Gerar documentação Terraform para as variantes" if: ${{ inputs.variants != '' }} uses: terraform-docs/gh-actions@v1.4.1 with: @@ -69,12 +69,12 @@ jobs: args: ${{ env.ARGS }} git-push: false - - name: "Generate Terraform tables for the variants" + - name: "Gerar tabelas Terraform para as variantes" if: ${{ inputs.variants != '' }} uses: terraform-docs/gh-actions@v1.4.1 with: working-dir: ${{ inputs.variants }} - indention: 1 # Since the headings are not read inside the collapsible block we can indent as 1 + indention: 1 # Como os cabeçalhos não são lidos dentro do bloco recolhível, podemos indentar como 1 output-format: asciidoc table output-file: README.adoc output-method: inject @@ -82,13 +82,13 @@ jobs: args: ${{ env.ARGS }} git-push: false - # This step comes after long hours of debugging permission errors on the workflow when trying to do a commit after - # executing the terraform-docs actions. See https://github.com/terraform-docs/gh-actions/issues/90 - - name: "Correct ownership of files in preparation for the next step" + # Este passo vem após longas horas de depuração de erros de permissão no workflow ao tentar fazer commit + # após executar as ações do terraform-docs. Veja https://github.com/terraform-docs/gh-actions/issues/90 + - name: "Corrigir propriedade dos arquivos em preparação para o próximo passo" run: sudo chown runner:docker -Rv .git - # This step avoids a commit for each previous step and instead commits everything on a single commit - - name: "Commit changes done in the previous steps" - uses: stefanzweifel/git-auto-commit-action@v6 + # Este passo evita um commit para cada passo anterior e em vez disso faz commit de tudo em um único commit + - name: "Fazer commit das mudanças feitas nos passos anteriores" + uses: stefanzweifel/git-auto-commit-action@v7 with: - commit_message: "docs(terraform-docs): generate docs and write to README.adoc" + commit_message: "docs(terraform-docs): gerar docs e escrever no README.adoc" \ No newline at end of file diff --git a/.github/workflows/publish-antora-docs.yaml b/.github/workflows/publish-antora-docs.yaml index c29af77..2baa43c 100644 --- a/.github/workflows/publish-antora-docs.yaml +++ b/.github/workflows/publish-antora-docs.yaml @@ -2,10 +2,8 @@ name: Publish to GitHub Pages with Lunr Search Extension on: push: - branches: - - main - paths: - - "version.txt" # Trigger a build when the version changes in order to take the version tag into account + tags: + - 'v*' # Trigger a build when a version tag is pushed # Allows you to run this workflow manually from the Actions tab workflow_dispatch: concurrency: diff --git a/.github/workflows/release-please.yaml b/.github/workflows/release-please.yaml deleted file mode 100644 index 626fa9d..0000000 --- a/.github/workflows/release-please.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -name: "release-please" - -on: - push: - branches: - - main - -jobs: - release: - uses: GersonRS/modern-gitops-stack/.github/workflows/modules-release-please.yaml@main - secrets: - PAT: ${{ secrets.PAT }} diff --git a/examples/kind/main.tf b/examples/kind/main.tf index 965457f..10c3158 100644 --- a/examples/kind/main.tf +++ b/examples/kind/main.tf @@ -94,7 +94,7 @@ module "oidc" { } module "postgresql" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-postgresql.git?ref=v2.10.0" + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-postgresql.git?ref=v2.11.0" cluster_name = local.cluster_name base_domain = local.base_domain subdomain = local.subdomain @@ -347,6 +347,19 @@ module "thanos" { oidc = module.oidc.oidc } + helm_values = [{ + redis = { + image = { + repository = "bitnamilegacy/redis" + } + } + thanos = { + image = { + repository = "bitnamilegacy/thanos" + } + } + }] + dependency_ids = { argocd = module.argocd_bootstrap.id traefik = module.traefik.id @@ -393,81 +406,33 @@ module "kube-prometheus-stack" { } } -module "spark" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-spark.git?ref=v1.5.1" - - cluster_name = local.cluster_name - base_domain = local.base_domain - subdomain = local.subdomain - cluster_issuer = local.cluster_issuer - argocd_project = local.cluster_name - app_autosync = local.app_autosync - enable_service_monitor = local.enable_service_monitor - - storage = { - access_key = module.minio.minio_root_user_credentials.username - secret_access_key = module.minio.minio_root_user_credentials.password - } - - dependency_ids = { - argocd = module.argocd_bootstrap.id - traefik = module.traefik.id - cert-manager = module.cert-manager.id - minio = module.minio.id - } -} - -module "postgresql" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-postgresql.git?ref=v2.10.0" - cluster_name = local.cluster_name - base_domain = local.base_domain - subdomain = local.subdomain - cluster_issuer = local.cluster_issuer - argocd_project = local.cluster_name - app_autosync = local.app_autosync - enable_service_monitor = local.enable_service_monitor +# module "spark" { +# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-spark.git?ref=v1.5.1" - dependency_ids = { - argocd = module.argocd_bootstrap.id - } -} - -module "hive-metastore" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-hive-metastore.git?ref=v1.2.0" +# cluster_name = local.cluster_name +# base_domain = local.base_domain +# subdomain = local.subdomain +# cluster_issuer = local.cluster_issuer +# argocd_project = local.cluster_name +# app_autosync = local.app_autosync +# enable_service_monitor = local.enable_service_monitor - cluster_name = local.cluster_name - base_domain = local.base_domain - subdomain = local.subdomain - cluster_issuer = local.cluster_issuer - argocd_project = local.cluster_name - app_autosync = local.app_autosync - enable_service_monitor = local.enable_service_monitor +# storage = { +# access_key = module.minio.minio_root_user_credentials.username +# secret_access_key = module.minio.minio_root_user_credentials.password +# } - storage = { - bucket_name = "warehouse" - endpoint = module.minio.endpoint - access_key = module.minio.minio_root_user_credentials.username - secret_access_key = module.minio.minio_root_user_credentials.password - } - database = { - user = module.postgresql.credentials.user - password = module.postgresql.credentials.password - database = "metastore" - service = module.postgresql.cluster_dns - } +# dependency_ids = { +# argocd = module.argocd_bootstrap.id +# traefik = module.traefik.id +# cert-manager = module.cert-manager.id +# minio = module.minio.id +# } +# } - dependency_ids = { - argocd = module.argocd_bootstrap.id - traefik = module.traefik.id - cert-manager = module.cert-manager.id - minio = module.minio.id - postgresql = module.postgresql.id - spark = module.spark.id - } -} +# module "hive-metastore" { +# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-hive-metastore.git?ref=v1.2.0" -# module "airflow" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-airflow.git?ref=v1.6.2" # cluster_name = local.cluster_name # base_domain = local.base_domain # subdomain = local.subdomain @@ -475,59 +440,56 @@ module "hive-metastore" { # argocd_project = local.cluster_name # app_autosync = local.app_autosync # enable_service_monitor = local.enable_service_monitor -# oidc = module.oidc.oidc -# fernetKey = base64encode(resource.random_password.airflow_fernetKey.result) + # storage = { -# bucket_name = "airflow" +# bucket_name = "warehouse" # endpoint = module.minio.endpoint # access_key = module.minio.minio_root_user_credentials.username # secret_access_key = module.minio.minio_root_user_credentials.password # } # database = { -# database = "airflow" # user = module.postgresql.credentials.user # password = module.postgresql.credentials.password -# endpoint = module.postgresql.cluster_dns +# database = "metastore" +# service = module.postgresql.cluster_dns # } -# # mlflow = { -# # endpoint = module.mlflow.cluster_dns -# # } -# # ray = { -# # endpoint = module.ray.cluster_dns -# # } + # dependency_ids = { -# argocd = module.argocd_bootstrap.id -# traefik = module.traefik.id -# oidc = module.oidc.id -# minio = module.minio.id -# postgresql = module.postgresql.id +# argocd = module.argocd_bootstrap.id +# traefik = module.traefik.id +# cert-manager = module.cert-manager.id +# minio = module.minio.id +# postgresql = module.postgresql.id +# spark = module.spark.id # } # } -# module "jupyterhub" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-jupyterhub.git?ref=v1.1.2" -# cluster_name = local.cluster_name -# base_domain = local.base_domain -# subdomain = local.subdomain -# cluster_issuer = local.cluster_issuer -# argocd_project = local.cluster_name -# app_autosync = local.app_autosync -# oidc = module.oidc.oidc +# module "airflow" { +# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-airflow.git?ref=v1.6.2" +# cluster_name = local.cluster_name +# base_domain = local.base_domain +# subdomain = local.subdomain +# cluster_issuer = local.cluster_issuer +# argocd_project = local.cluster_name +# app_autosync = local.app_autosync +# enable_service_monitor = local.enable_service_monitor +# oidc = module.oidc.oidc +# fernetKey = base64encode(resource.random_password.airflow_fernetKey.result) # storage = { -# bucket_name = "mlflow" +# bucket_name = "airflow" # endpoint = module.minio.endpoint # access_key = module.minio.minio_root_user_credentials.username # secret_access_key = module.minio.minio_root_user_credentials.password # } # database = { -# database = "jupyterhub" +# database = "airflow" # user = module.postgresql.credentials.user # password = module.postgresql.credentials.password # endpoint = module.postgresql.cluster_dns # } -# mlflow = { -# endpoint = module.mlflow.cluster_dns -# } +# # mlflow = { +# # endpoint = module.mlflow.cluster_dns +# # } # # ray = { # # endpoint = module.ray.cluster_dns # # } @@ -537,10 +499,46 @@ module "hive-metastore" { # oidc = module.oidc.id # minio = module.minio.id # postgresql = module.postgresql.id -# mlflow = module.mlflow.id # } # } +module "jupyterhub" { + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-jupyterhub.git?ref=v1.1.2" + cluster_name = local.cluster_name + base_domain = local.base_domain + subdomain = local.subdomain + cluster_issuer = local.cluster_issuer + argocd_project = local.cluster_name + app_autosync = local.app_autosync + oidc = module.oidc.oidc + storage = { + bucket_name = "mlflow" + endpoint = module.minio.endpoint + access_key = module.minio.minio_root_user_credentials.username + secret_access_key = module.minio.minio_root_user_credentials.password + } + database = { + database = "jupyterhub" + user = module.postgresql.credentials.username + password = module.postgresql.credentials.password + endpoint = module.postgresql.cluster_dns + } + # mlflow = { + # endpoint = module.mlflow.cluster_dns + # } + # ray = { + # endpoint = module.ray.cluster_dns + # } + dependency_ids = { + argocd = module.argocd_bootstrap.id + traefik = module.traefik.id + oidc = module.oidc.id + minio = module.minio.id + postgresql = module.postgresql.id + # mlflow = module.mlflow.id + } +} + # module "qdrant" { # source = "git::https://github.com/GersonRS/modern-gitops-stack-module-qdrant.git?ref=v1.2.0" diff --git a/examples/kind/terraform.tf b/examples/kind/terraform.tf index 56dc593..d0ffa60 100644 --- a/examples/kind/terraform.tf +++ b/examples/kind/terraform.tf @@ -30,7 +30,7 @@ provider "kubernetes" { } provider "helm" { - kubernetes { + kubernetes = { host = module.kind.parsed_kubeconfig.host client_certificate = module.kind.parsed_kubeconfig.client_certificate client_key = module.kind.parsed_kubeconfig.client_key