From 9b281f802774507a337a352693cd7e1b740e9a41 Mon Sep 17 00:00:00 2001 From: "Dr. Christoph \"Schorsch\" Jung" Date: Mon, 21 Aug 2023 12:52:58 +0200 Subject: [PATCH 01/14] https://jira.catena-x.net/browse/KA-328 TRG 1-4 --- .tractusx | 23 +++++++++++++++++++++-- README.md | 6 +++++- charts/README.md | 8 ++++++++ conforming/README.md | 18 ++++++++++++++++++ docs/README.md | 31 ++++++++++++++++++++++++++++--- provisioning/README.md | 18 ++++++++++++++++++ remoting/README.md | 18 ++++++++++++++++++ 7 files changed, 116 insertions(+), 6 deletions(-) diff --git a/.tractusx b/.tractusx index 957c2eb8..9281cd79 100644 --- a/.tractusx +++ b/.tractusx @@ -1,3 +1,22 @@ -product: "Tractus-X Knowledge Agents Reference Implementations" +############################################################### +# Copyright (c) 2022, 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +product: "Tractus-X Knowledge Agents Reference Implementations (KA-RI)" leadingRepository: "https://github.com/eclipse-tractusx/knowledge-agents" -repositories: []‚ +repositories: [] diff --git a/README.md b/README.md index e8193d24..918abe5f 100644 --- a/README.md +++ b/README.md @@ -78,7 +78,7 @@ To publish the binary artifacts (environment variables GITHUB_ACTOR and GITHUB_T Deployment can be done * via [JAR libraries](https://github.com/orgs/eclipse-tractusx/packages?repo_name=knowledge-agents&ecosystem=maven) copied into your Java runtime -* via [Docker images](https://github.com/orgs/eclipse-tractusx/packages?repo_name=knowledge-agents&ecosystem=docker) +* via [Docker images](https://hub.docker.com/r/tractusx) * via [Helm Charts (Stable Versions)](https://eclipse-tractusx.github.io/charts/stable) or [Helm Charts (Dev Versions)](https://eclipse-tractusx.github.io/charts/stable) See the individual agent documentations for more detailed deployment information @@ -86,5 +86,9 @@ See the individual agent documentations for more detailed deployment information * [Remoting Agent](remoting/README.md) * [Conforming Agent](conforming/README.md) +### Notice for Docker Images +* [Notice for Conforming Agent](conforming/README.md#notice-for-docker-images) +* [Notice for Provisioning Agent](provisioning/README.md#notice-for-docker-images) +* [Notice for Remoting Agent](remoting/README.md#notice-for-docker-images) diff --git a/charts/README.md b/charts/README.md index 6f88ca9d..46ace907 100644 --- a/charts/README.md +++ b/charts/README.md @@ -20,6 +20,14 @@ # Helm Charts +## Charts + +This folder contains ready-made charts for the following optional features/reference implementations + +- [Conforming Agent](conforming-agent) +- [Provisioning Agent](provisioning-agent) +- [Remoting Agent](remoting-agent) + ## Chart Linting Chart linting is performed using [helm's CT tool](https://github.com/helm/chart-testing). diff --git a/conforming/README.md b/conforming/README.md index 24e212a7..3539412d 100644 --- a/conforming/README.md +++ b/conforming/README.md @@ -110,6 +110,24 @@ This must be provided by hiding them in an appropriate service network layer. |--- |--- |--- |--- | --- | | JAVA_TOOL_OPTIONS | | -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:8090 | JMV (Debugging option) | X | +### Notice for Docker Image + +DockerHub: https://hub.docker.com/r/tractusx/conforming-agent + +Eclipse Tractus-X product(s) installed within the image: +GitHub: https://github.com/eclipse-tractusx/knowledge-agents/tree/main/conforming +Project home: https://projects.eclipse.org/projects/automotive.tractusx +Dockerfile: https://github.com/eclipse-tractusx/knowledge-agents/blob/main/conforming/src/main/docker/Dockerfile +Project license: Apache License, Version 2.0 + +Used base image + +[eclipse-temurin:17-jre-alpine](https://hub.docker.com/_/eclipse-temurin/tags?page=1&name=17-jre-alpine) + +As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). + +As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within. + ### Helm Chart A helm chart for deploying the remoting agent can be found under [this folder](../charts/remoting-agent). diff --git a/docs/README.md b/docs/README.md index 57f616a2..2e496e70 100644 --- a/docs/README.md +++ b/docs/README.md @@ -18,12 +18,37 @@ --> -# Tractus-X Knowledge Agents Reference Implementation Documentation +# Tractus-X Knowledge Agents Reference Implementation (KA-RI) Documentation -* Provisioning Agent Model in [Drawio](ProvisioningOntop.drawio) [Svg](ProvisioningOntop.drawio.svg) +In the Knowledge Agent Architecture, an Agent is any component which speaks and/or enacts a Semantic Web protocol, such as SPARQL. + +Binding Agents are the intermediate layer between the dataspace (represented by the Matchmaking Agent that is connected to any Agent-Enabled Application and/or the Agent-Enabled Connector) and your business data & functions. + +Hereby, binding (sometimes also called: bridging) means that we do not redundantly extract and transform the underlying business data, but rather we translate between the different protocols. + +In contrast to the Matchmaking Agent which can delegate its work to other Agents in the Network (and it should because by itself it only carries meta-data) the binding agents are restricted to a subset of the full SPARQL protocol called the KA-BIND profile. KA-BIND can be efficiently and safely translated especially because its inference is only polynomially complex and decidable. + +The binding agent layer will not cache any data for security purposes. We hence recommend not exposing your data sources and/or API resources directly. Instead we propose to use data virtualizers, such as Dremio and Databricks, and API virtualizers/gateways to introduce another level of scalability and security. + +For development purposes, the binding agents can host multiple graphs, i.e. data schemas and/or APIs. However for security purposes, we recommend to employ one agent instance per schema/API. + +## Provisioning Agent + +The [Provisioning Agent (KA-PROV)](../provisioning) binds typical SQL-based backend data sources to SPARQL. It translates SPARQL queries into SQL queries. + +* Provisioning Agent in [Drawio](ProvisioningOntop.drawio) [Svg](ProvisioningOntop.drawio.svg) ![Svg](ProvisioningOntop.drawio.svg) -* Remoting Agent Model in [Drawio](RemotingRDF4J.drawio) [Svg](RemotingRDF4J.drawio.svg) +## Remoting Agent + +The [Remoting Agent (KA-RMT)](../remoting) which binds typical REST services to SPARQL. Due to the nature of functional API calls, the graphs and also the SPARQL constructs are a little more restricted. We call this the KA-BIND-F profile. + +* Remoting Agent in [Drawio](RemotingRDF4J.drawio) [Svg](RemotingRDF4J.drawio.svg) ![Svg](RemotingRDF4J.drawio.svg) + +## Conforming Agent + +The [Conforming Agent (KA-CONF)](conforming) is not a real binding agent, but it +can play the role of any other Agent in the Knowledge Agent architecture (Matchmaking Agent, Binding Agent, EDC Transfer) by testing the conformity of surrounding components (and the various KA-SPARQL profiles). The conforming agent contains no real business data (only reference sample data) and needs no connection to any backend service. diff --git a/provisioning/README.md b/provisioning/README.md index 50909169..026c335d 100644 --- a/provisioning/README.md +++ b/provisioning/README.md @@ -265,6 +265,24 @@ WHERE { } ``` +### Notice for Docker Image + +DockerHub: https://hub.docker.com/r/tractusx/provisioning-agent + +Eclipse Tractus-X product(s) installed within the image: +GitHub: https://github.com/eclipse-tractusx/knowledge-agents/tree/main/provisioning +Project home: https://projects.eclipse.org/projects/automotive.tractusx +Dockerfile: https://github.com/eclipse-tractusx/knowledge-agents/blob/main/provisioning/src/main/docker/Dockerfile +Project license: Apache License, Version 2.0 + +Used base image + +[ontop/ontop:5.0.2](https://hub.docker.com/r/ontop/ontop/tags?page=1&name=5.0.2) + +As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). + +As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within. + ### Helm A helm chart for deploying the remoting agent can be found under [this folder](../charts/provisioning-agent). diff --git a/remoting/README.md b/remoting/README.md index 2291a332..49fd91f4 100644 --- a/remoting/README.md +++ b/remoting/README.md @@ -192,6 +192,24 @@ This must be provided by hiding them in an appropriate service network layer. |--- |--- |--- |--- | --- | | JAVA_TOOL_OPTIONS | | -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:8090 | JMV (Debugging option) | X | +### Notice for Docker Image + +DockerHub: https://hub.docker.com/r/tractusx/remoting-agent + +Eclipse Tractus-X product(s) installed within the image: +GitHub: https://github.com/eclipse-tractusx/knowledge-agents/tree/main/remoting +Project home: https://projects.eclipse.org/projects/automotive.tractusx +Dockerfile: https://github.com/eclipse-tractusx/knowledge-agents/blob/main/remoting/src/main/docker/Dockerfile +Project license: Apache License, Version 2.0 + +Used base image + +[tomcat:9-jre11-temurin](https://hub.docker.com/_/tomcat/tags?page=1&name=9-jre11-temurin) + +As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). + +As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within. + ### Helm Chart A helm chart for deploying the remoting agent can be found under [this folder](../charts/remoting-agent). From 96125651c30d847569fcb2e4310949cb3ac8c7aa Mon Sep 17 00:00:00 2001 From: "Dr. Christoph \"Schorsch\" Jung" Date: Tue, 22 Aug 2023 09:18:37 +0200 Subject: [PATCH 02/14] https://jira.catena-x.net/browse/KA-328 TRG 5-7 --- .github/workflows/helm-chart-lint.yml | 62 ++++++++++++++++--- charts/conforming-agent/.helmignore | 5 +- charts/conforming-agent/Chart.yaml | 13 ++-- .../templates/configmap-env.yaml | 2 +- .../conforming-agent/templates/configmap.yaml | 2 +- .../templates/deployment.yaml | 13 +--- charts/conforming-agent/templates/hpa.yaml | 4 +- .../conforming-agent/templates/ingress.yaml | 18 +++--- .../conforming-agent/templates/service.yaml | 2 +- .../templates/serviceaccount.yaml | 3 +- charts/conforming-agent/values.yaml | 48 +++++++------- .../.helmignore} | 42 +++++++++---- charts/provisioning-agent/Chart.yaml | 7 ++- .../templates/configmap-env.yaml | 2 +- .../templates/configmap.yaml | 2 +- .../templates/deployment.yaml | 13 +--- charts/provisioning-agent/templates/hpa.yaml | 4 +- .../templates/imagepullsecret.yaml | 29 --------- .../provisioning-agent/templates/ingress.yaml | 18 +++--- .../provisioning-agent/templates/service.yaml | 2 +- .../templates/serviceaccount.yaml | 3 +- charts/provisioning-agent/values.yaml | 45 ++++++++------ charts/remoting-agent/.helmignore | 5 +- charts/remoting-agent/Chart.yaml | 7 ++- .../templates/configmap-env.yaml | 2 +- .../remoting-agent/templates/configmap.yaml | 2 +- .../remoting-agent/templates/deployment.yaml | 48 ++++++++++---- charts/remoting-agent/templates/hpa.yaml | 4 +- .../templates/imagepullsecret.yaml | 29 --------- charts/remoting-agent/templates/ingress.yaml | 18 +++--- charts/remoting-agent/templates/service.yaml | 2 +- .../templates/serviceaccount.yaml | 3 +- charts/remoting-agent/values.yaml | 51 ++++++++------- remoting/src/main/docker/Dockerfile | 9 +-- 34 files changed, 281 insertions(+), 238 deletions(-) rename charts/{conforming-agent/templates/imagepullsecret.yaml => provisioning-agent/.helmignore} (62%) delete mode 100644 charts/provisioning-agent/templates/imagepullsecret.yaml delete mode 100644 charts/remoting-agent/templates/imagepullsecret.yaml diff --git a/.github/workflows/helm-chart-lint.yml b/.github/workflows/helm-chart-lint.yml index fa7d0a60..99a234ae 100644 --- a/.github/workflows/helm-chart-lint.yml +++ b/.github/workflows/helm-chart-lint.yml @@ -32,6 +32,20 @@ on: paths: - .github/workflows/** - charts/** + workflow_dispatch: + inputs: + node_image: + description: 'kindest/node image for k8s kind cluster' + # k8s version from 3.1 release as default + default: 'kindest/node:v1.24.6' + required: false + type: string + upgrade_from: + description: 'chart version to upgrade from' + # chart version from 3.2 release as default + default: 'x.x.x' + required: false + type: string jobs: lint-test: @@ -50,11 +64,14 @@ jobs: # Setup python as a prerequisite for chart linting - uses: actions/setup-python@v4 with: - python-version: 3.7 + python-version: 3.9 - name: Set up chart-testing uses: helm/chart-testing-action@v2.3.1 + - name: Run chart-testing (lint) + run: ct lint --validate-maintainers=false --target-branch ${{ github.event.repository.default_branch }} --config charts/config/chart-testing-config.yaml + - name: Run chart-testing (list-changed) id: list-changed run: | @@ -63,17 +80,48 @@ jobs: echo "CHART_CHANGED=true" >> $GITHUB_ENV fi - # run chart linting - - name: Run chart-testing (lint) - run: ct lint --target-branch ${{ github.event.repository.default_branch }} --config charts/config/chart-testing-config.yaml - # Preparing a kind cluster to install and test charts on - name: Create kind cluster uses: helm/kind-action@v1.4.0 - if: ${{ env.CHART_CHANGED == 'true' }} + with: + # upgrade version, default (v0.17.0) uses node image v1.21.1 and doesn't work with more recent node image versions + version: v0.19.0 + # default value for event_name != workflow_dispatch + node_image: ${{ github.event.inputs.node_image || 'kindest/node:v1.24.6' }} + if: github.event_name != 'pull_request' || env.CHART_CHANGED == 'true' # install the chart to the kind cluster and run helm test # define charts to test with the --charts parameter - name: Run chart-testing (install) run: ct install --charts charts/conforming-agent,charts/provisioning-agent,charts/remoting-agent --config charts/config/chart-testing-config.yaml - if: ${{ env.CHART_CHANGED == 'true' }} + if: github.event_name != 'pull_request' || env.CHART_CHANGED == 'true' + + # Upgrade the released chart version with the locally available chart + # default value for event_name != workflow_dispatch + - name: Run helm upgrade on conforming agent + run: | + helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev + helm install conforming tractusx-dev/conforming-agent --version ${{ github.event.inputs.upgrade_from || 'x.x.x' }} + helm dependency update charts/conforming-agent + helm upgrade conforming charts/conforming-agent + if: (github.event_name != 'pull_request' || env.CHART_CHANGED == 'true') && github.event.inputs.upgrade_from != 'x.x.x' + + # Upgrade the released chart version with the locally available chart + # default value for event_name != workflow_dispatch + - name: Run helm upgrade on provisioning agent + run: | + helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev + helm install provisioning tractusx-dev/provisioning-agent --version ${{ github.event.inputs.upgrade_from || 'x.x.x' }} + helm dependency update charts/provisioning-agent + helm upgrade provisioning charts/provisioning-agent + if: (github.event_name != 'pull_request' || env.CHART_CHANGED == 'true') && github.event.inputs.upgrade_from != 'x.x.x' + + # Upgrade the released chart version with the locally available chart + # default value for event_name != workflow_dispatch + - name: Run helm upgrade on remoting agent + run: | + helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev + helm install remoting tractusx-dev/provisioning-agent --version ${{ github.event.inputs.upgrade_from || 'x.x.x' }} + helm dependency update charts/remoting-agent + helm upgrade remoting charts/remoting-agent + if: (github.event_name != 'pull_request' || env.CHART_CHANGED == 'true') && github.event.inputs.upgrade_from != 'x.x.x' diff --git a/charts/conforming-agent/.helmignore b/charts/conforming-agent/.helmignore index 481124a8..9a12504f 100644 --- a/charts/conforming-agent/.helmignore +++ b/charts/conforming-agent/.helmignore @@ -38,5 +38,8 @@ .idea/ *.tmproj .vscode/ - +# Doc Templates README.md.gotmpl +# Accept only values.yaml +values?*.yaml +values?*.yml \ No newline at end of file diff --git a/charts/conforming-agent/Chart.yaml b/charts/conforming-agent/Chart.yaml index ce499075..5072f918 100644 --- a/charts/conforming-agent/Chart.yaml +++ b/charts/conforming-agent/Chart.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,14 +15,18 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- +# # Conforming Agent Chart Header # This is a YAML-formatted file. apiVersion: v2 name: conforming-agent -description: >- - Tractus-X Conforming Agent - Knowledge-Agents Testing Module -home: https://github.com/eclipse-tractusx/knowledge-agents/main/charts/conforming-agent +description: | + A Helm chart for the Tractus-X Conforming Agent which is a container to assess the conformity of all other parts of the Agent-Enabled Dataspace. + + This chart has no prerequisites. +home: https://github.com/eclipse-tractusx/knowledge-agents/ +sources: + - https://github.com/eclipse-tractusx/knowledge-agents/tree/main/conforming type: application appVersion: "1.9.5-SNAPSHOT" version: 1.9.5-SNAPSHOT diff --git a/charts/conforming-agent/templates/configmap-env.yaml b/charts/conforming-agent/templates/configmap-env.yaml index 6ccbaa1f..51008dd2 100644 --- a/charts/conforming-agent/templates/configmap-env.yaml +++ b/charts/conforming-agent/templates/configmap-env.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- apiVersion: v1 kind: ConfigMap metadata: diff --git a/charts/conforming-agent/templates/configmap.yaml b/charts/conforming-agent/templates/configmap.yaml index b2dad585..4b7904fe 100644 --- a/charts/conforming-agent/templates/configmap.yaml +++ b/charts/conforming-agent/templates/configmap.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- apiVersion: v1 kind: ConfigMap metadata: diff --git a/charts/conforming-agent/templates/deployment.yaml b/charts/conforming-agent/templates/deployment.yaml index e9bb4843..e74779c3 100644 --- a/charts/conforming-agent/templates/deployment.yaml +++ b/charts/conforming-agent/templates/deployment.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -32,7 +32,6 @@ spec: template: metadata: annotations: - container.apparmor.security.beta.kubernetes.io/{{ .Chart.Name }}: runtime/default checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} checksum/env-config: {{ include (print $.Template.BasePath "/configmap-env.yaml") . | sha256sum }} {{- with .Values.podAnnotations }} @@ -41,15 +40,10 @@ spec: labels: {{- include "agent.selectorLabels" . | nindent 8 }} spec: - {{- if .Values.imagePullSecret.dockerconfigjson }} - imagePullSecrets: - - name: {{ include "agent.fullname" . }}-imagepullsecret - {{- else }} - {{- with .Values.imagePullSecrets }} + {{- with .Values.image.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - {{- end }} serviceAccountName: {{ include "agent.serviceAccountName" . }} automountServiceAccountToken: {{ if .Values.automountServiceAccountToken }}true{{ else }}false{{ end }} securityContext: @@ -71,7 +65,6 @@ spec: port: default failureThreshold: {{ .Values.livenessProbe.failureThreshold }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - successTreshold: {{ .Values.livenessProbe.successTreshold }} timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} {{- end }} {{- if .Values.readinessProbe.enabled }} @@ -81,7 +74,6 @@ spec: port: default failureThreshold: {{ .Values.readinessProbe.failureThreshold }} periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - successTreshold: {{ .Values.readinessProbe.successTreshold }} timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} {{- end }} {{- if .Values.startupProbe.enabled }} @@ -91,7 +83,6 @@ spec: port: default failureThreshold: {{ .Values.startupProbe.failureThreshold }} periodSeconds: {{ .Values.startupProbe.periodSeconds }} - successTreshold: {{ .Values.startupProbe.successTreshold }} timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds }} initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }} {{- end }} diff --git a/charts/conforming-agent/templates/hpa.yaml b/charts/conforming-agent/templates/hpa.yaml index 4a81684b..4e2babfa 100644 --- a/charts/conforming-agent/templates/hpa.yaml +++ b/charts/conforming-agent/templates/hpa.yaml @@ -1,3 +1,5 @@ +{{- if .Values.autoscaling.enabled }} +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,8 +16,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 -{{- if .Values.autoscaling.enabled }} ---- apiVersion: autoscaling/v2beta1 kind: HorizontalPodAutoscaler metadata: diff --git a/charts/conforming-agent/templates/ingress.yaml b/charts/conforming-agent/templates/ingress.yaml index 89ae0ca8..570615dc 100644 --- a/charts/conforming-agent/templates/ingress.yaml +++ b/charts/conforming-agent/templates/ingress.yaml @@ -1,3 +1,12 @@ +{{- $fullName := include "agent.fullname" . }} +{{- $labels := include "agent.labels" . | nindent 4 }} +{{- $gitVersion := .Capabilities.KubeVersion.GitVersion }} +{{- $endpoints := .Values.agent.endpoints }} +{{- $namespace := .Release.Namespace }} +{{- range .Values.ingresses }} +{{- if and .enabled .endpoints }} +{{- $ingressName := printf "%s-%s" $fullName .hostname }} +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,15 +23,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 -{{- $fullName := include "agent.fullname" . }} -{{- $labels := include "agent.labels" . | nindent 4 }} -{{- $gitVersion := .Capabilities.KubeVersion.GitVersion }} -{{- $endpoints := .Values.agent.endpoints }} -{{- $namespace := .Release.Namespace }} -{{- range .Values.ingresses }} -{{- if and .enabled .endpoints }} -{{- $ingressName := printf "%s-%s" $fullName .hostname }} ---- {{- if semverCompare ">=1.19-0" $gitVersion }} apiVersion: networking.k8s.io/v1 {{- else if semverCompare ">=1.14-0" $gitVersion }} diff --git a/charts/conforming-agent/templates/service.yaml b/charts/conforming-agent/templates/service.yaml index 54ce7edd..0f2a6008 100644 --- a/charts/conforming-agent/templates/service.yaml +++ b/charts/conforming-agent/templates/service.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- apiVersion: v1 kind: Service metadata: diff --git a/charts/conforming-agent/templates/serviceaccount.yaml b/charts/conforming-agent/templates/serviceaccount.yaml index ba759e55..fbace363 100644 --- a/charts/conforming-agent/templates/serviceaccount.yaml +++ b/charts/conforming-agent/templates/serviceaccount.yaml @@ -1,3 +1,5 @@ +{{- if .Values.serviceAccount.create -}} +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +16,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 -{{- if .Values.serviceAccount.create -}} apiVersion: v1 kind: ServiceAccount metadata: diff --git a/charts/conforming-agent/values.yaml b/charts/conforming-agent/values.yaml index c91fdb3d..286f2f22 100644 --- a/charts/conforming-agent/values.yaml +++ b/charts/conforming-agent/values.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,7 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- +# # Conforming Agent Deployment Values # This is a YAML-formatted file. # Declare variables to be passed into your templates. @@ -24,22 +25,30 @@ replicaCount: 1 image: - # -- Which derivate of the remoting agent to use + # -- target regirtry + registry: docker.io + # -- Which derivate of agent to use repository: tractusx/conforming-agent - # -- [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use - pullPolicy: IfNotPresent # -- Overrides the image tag whose default is the chart appVersion tag: "" - -imagePullSecret: - # -- Image pull secret to create to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) - # Note: This value needs to adhere to the [(base64 encoded) .dockerconfigjson format](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#registry-secret-existing-credentials). - # Furthermore, if 'imagePullSecret.dockerconfigjson' is defined, it takes precedence over 'imagePullSecrets'. - dockerconfigjson: "" - -# -- Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) -imagePullSecrets: [] - + # -- Overrides the image digest + digest: "" + ## Specify an imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## Example: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [ ] + ## Set to true if you would like to see extra information on logs + ## + # -- Overrides the charts name nameOverride: "" @@ -62,6 +71,9 @@ automountServiceAccountToken: false # -- [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) added to deployed [pods](https://kubernetes.io/docs/concepts/workloads/pods/) podAnnotations: {} +# Uncomment this and remove parenthesis if you want to enable apparmor +# container.apparmor.security.beta.kubernetes.io/conforming-agent: runtime/default + # The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment podSecurityContext: @@ -102,8 +114,6 @@ livenessProbe: failureThreshold: 3 # -- Number of seconds each period lasts. periodSeconds: 60 - # -- number of successful tries which reenables liveness - successThreshold: 1 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -114,8 +124,6 @@ readinessProbe: failureThreshold: 3 # -- Number of seconds each period lasts. periodSeconds: 300 - # -- number of successful tries which reenables liveness - successThreshold: 1 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -128,8 +136,6 @@ startupProbe: initialDelaySeconds: 60 # -- Number of seconds each period lasts. periodSeconds: 30 - # -- number of successful tries which reenables liveness - successThreshold: 1 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -189,7 +195,7 @@ resources: cpu: 200m memory: 256Mi limits: - cpu: 200m + cpu: 400m memory: 256Mi autoscaling: diff --git a/charts/conforming-agent/templates/imagepullsecret.yaml b/charts/provisioning-agent/.helmignore similarity index 62% rename from charts/conforming-agent/templates/imagepullsecret.yaml rename to charts/provisioning-agent/.helmignore index 2ee4ea39..9a12504f 100644 --- a/charts/conforming-agent/templates/imagepullsecret.yaml +++ b/charts/provisioning-agent/.helmignore @@ -14,16 +14,32 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 -{{- if .Values.imagePullSecret.dockerconfigjson }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "agent.fullname" . }}-imagepullsecret - namespace: {{ .Release.Namespace | default "default" | quote }} - labels: - {{- include "agent.labels" . | nindent 4 }} -data: - .dockerconfigjson: {{ .Values.imagePullSecret.dockerconfigjson }} -type: kubernetes.io/dockerconfigjson -{{- end }} + +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +# Doc Templates +README.md.gotmpl +# Accept only values.yaml +values?*.yaml +values?*.yml \ No newline at end of file diff --git a/charts/provisioning-agent/Chart.yaml b/charts/provisioning-agent/Chart.yaml index 90db4b37..616260f0 100644 --- a/charts/provisioning-agent/Chart.yaml +++ b/charts/provisioning-agent/Chart.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,14 +15,16 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- +# # Provisioning Agent Chart Header # This is a YAML-formatted file. apiVersion: v2 name: provisioning-agent description: >- Tractus-X Provisioning Agent - Knowledge-Agents Compatible Data Binding Layer -home: https://github.com/eclipse-tractusx/knowledge-agents/main/charts/provisioning-agent +home: https://github.com/eclipse-tractusx/knowledge-agents/ +sources: + - https://github.com/eclipse-tractusx/knowledge-agents/tree/main/provisioning type: application appVersion: "1.9.5-SNAPSHOT" version: 1.9.5-SNAPSHOT diff --git a/charts/provisioning-agent/templates/configmap-env.yaml b/charts/provisioning-agent/templates/configmap-env.yaml index 6ccbaa1f..51008dd2 100644 --- a/charts/provisioning-agent/templates/configmap-env.yaml +++ b/charts/provisioning-agent/templates/configmap-env.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- apiVersion: v1 kind: ConfigMap metadata: diff --git a/charts/provisioning-agent/templates/configmap.yaml b/charts/provisioning-agent/templates/configmap.yaml index 34e8f8e5..22bbaaf1 100644 --- a/charts/provisioning-agent/templates/configmap.yaml +++ b/charts/provisioning-agent/templates/configmap.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- apiVersion: v1 kind: ConfigMap metadata: diff --git a/charts/provisioning-agent/templates/deployment.yaml b/charts/provisioning-agent/templates/deployment.yaml index 9ed95715..6ae951c7 100644 --- a/charts/provisioning-agent/templates/deployment.yaml +++ b/charts/provisioning-agent/templates/deployment.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -32,7 +32,6 @@ spec: template: metadata: annotations: - container.apparmor.security.beta.kubernetes.io/{{ .Chart.Name }}: runtime/default checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} checksum/env-config: {{ include (print $.Template.BasePath "/configmap-env.yaml") . | sha256sum }} {{- with .Values.podAnnotations }} @@ -41,15 +40,10 @@ spec: labels: {{- include "agent.selectorLabels" . | nindent 8 }} spec: - {{- if .Values.imagePullSecret.dockerconfigjson }} - imagePullSecrets: - - name: {{ include "agent.fullname" . }}-imagepullsecret - {{- else }} - {{- with .Values.imagePullSecrets }} + {{- with .Values.image.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - {{- end }} serviceAccountName: {{ include "agent.serviceAccountName" . }} automountServiceAccountToken: {{ if .Values.automountServiceAccountToken }}true{{ else }}false{{ end }} securityContext: @@ -73,7 +67,6 @@ spec: port: {{ (keys .Values.bindings | last) }} failureThreshold: {{ .Values.livenessProbe.failureThreshold }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - successTreshold: {{ .Values.livenessProbe.successTreshold }} timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} {{- end }} {{- if .Values.readinessProbe.enabled }} @@ -83,7 +76,6 @@ spec: port: {{ (keys .Values.bindings | last) }} failureThreshold: {{ .Values.readinessProbe.failureThreshold }} periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - successTreshold: {{ .Values.readinessProbe.successTreshold }} timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} {{- end }} {{- if .Values.startupProbe.enabled }} @@ -93,7 +85,6 @@ spec: port: {{ (keys .Values.bindings | last) }} failureThreshold: {{ .Values.startupProbe.failureThreshold }} periodSeconds: {{ .Values.startupProbe.periodSeconds }} - successTreshold: {{ .Values.startupProbe.successTreshold }} timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds }} initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }} {{- end }} diff --git a/charts/provisioning-agent/templates/hpa.yaml b/charts/provisioning-agent/templates/hpa.yaml index 4a81684b..4e2babfa 100644 --- a/charts/provisioning-agent/templates/hpa.yaml +++ b/charts/provisioning-agent/templates/hpa.yaml @@ -1,3 +1,5 @@ +{{- if .Values.autoscaling.enabled }} +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,8 +16,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 -{{- if .Values.autoscaling.enabled }} ---- apiVersion: autoscaling/v2beta1 kind: HorizontalPodAutoscaler metadata: diff --git a/charts/provisioning-agent/templates/imagepullsecret.yaml b/charts/provisioning-agent/templates/imagepullsecret.yaml deleted file mode 100644 index 2ee4ea39..00000000 --- a/charts/provisioning-agent/templates/imagepullsecret.yaml +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation -# -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. -# -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0. -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 -{{- if .Values.imagePullSecret.dockerconfigjson }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "agent.fullname" . }}-imagepullsecret - namespace: {{ .Release.Namespace | default "default" | quote }} - labels: - {{- include "agent.labels" . | nindent 4 }} -data: - .dockerconfigjson: {{ .Values.imagePullSecret.dockerconfigjson }} -type: kubernetes.io/dockerconfigjson -{{- end }} diff --git a/charts/provisioning-agent/templates/ingress.yaml b/charts/provisioning-agent/templates/ingress.yaml index 47cf8159..b041e203 100644 --- a/charts/provisioning-agent/templates/ingress.yaml +++ b/charts/provisioning-agent/templates/ingress.yaml @@ -1,3 +1,12 @@ +{{- $fullName := include "agent.fullname" . }} +{{- $labels := include "agent.labels" . | nindent 4 }} +{{- $gitVersion := .Capabilities.KubeVersion.GitVersion }} +{{- $endpoints := .Values.bindings }} +{{- $namespace := .Release.Namespace }} +{{- range .Values.ingresses }} +{{- if and .enabled .endpoints }} +{{- $ingressName := printf "%s-%s" $fullName .hostname }} +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,15 +23,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 -{{- $fullName := include "agent.fullname" . }} -{{- $labels := include "agent.labels" . | nindent 4 }} -{{- $gitVersion := .Capabilities.KubeVersion.GitVersion }} -{{- $endpoints := .Values.bindings }} -{{- $namespace := .Release.Namespace }} -{{- range .Values.ingresses }} -{{- if and .enabled .endpoints }} -{{- $ingressName := printf "%s-%s" $fullName .hostname }} ---- {{- if semverCompare ">=1.19-0" $gitVersion }} apiVersion: networking.k8s.io/v1 {{- else if semverCompare ">=1.14-0" $gitVersion }} diff --git a/charts/provisioning-agent/templates/service.yaml b/charts/provisioning-agent/templates/service.yaml index 58e09f1b..0a0fb78e 100644 --- a/charts/provisioning-agent/templates/service.yaml +++ b/charts/provisioning-agent/templates/service.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- apiVersion: v1 kind: Service metadata: diff --git a/charts/provisioning-agent/templates/serviceaccount.yaml b/charts/provisioning-agent/templates/serviceaccount.yaml index ba759e55..fbace363 100644 --- a/charts/provisioning-agent/templates/serviceaccount.yaml +++ b/charts/provisioning-agent/templates/serviceaccount.yaml @@ -1,3 +1,5 @@ +{{- if .Values.serviceAccount.create -}} +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +16,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 -{{- if .Values.serviceAccount.create -}} apiVersion: v1 kind: ServiceAccount metadata: diff --git a/charts/provisioning-agent/values.yaml b/charts/provisioning-agent/values.yaml index 000b84a8..5d1cb673 100644 --- a/charts/provisioning-agent/values.yaml +++ b/charts/provisioning-agent/values.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,7 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- +# # Provisioning Agent Deployment Values # This is a YAML-formatted file. # Declare variables to be passed into your templates. @@ -24,21 +25,29 @@ replicaCount: 1 image: - # -- Which derivate of the provisioning agent to use + # -- target regirtry + registry: docker.io + # -- Which derivate of agent to use repository: tractusx/provisioning-agent - # -- [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use - pullPolicy: IfNotPresent # -- Overrides the image tag whose default is the chart appVersion tag: "" - -imagePullSecret: - # -- Image pull secret to create to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) - # Note: This value needs to adhere to the [(base64 encoded) .dockerconfigjson format](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#registry-secret-existing-credentials). - # Furthermore, if 'imagePullSecret.dockerconfigjson' is defined, it takes precedence over 'imagePullSecrets'. - dockerconfigjson: "" - -# -- Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) -imagePullSecrets: [] + # -- Overrides the image digest + digest: "" + ## Specify an imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## Example: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [ ] + ## Set to true if you would like to see extra information on logs + ## # -- Overrides the charts name nameOverride: "" @@ -62,6 +71,8 @@ automountServiceAccountToken: false # -- [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) added to deployed [pods](https://kubernetes.io/docs/concepts/workloads/pods/) podAnnotations: {} +# Uncomment this and remove parenthesis if you want to enable apparmor +# container.apparmor.security.beta.kubernetes.io/provisioning-agent: runtime/default # The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment podSecurityContext: @@ -102,8 +113,6 @@ livenessProbe: failureThreshold: 3 # -- Number of seconds each period lasts. periodSeconds: 60 - # -- number of successful tries which reenables liveness - successThreshold: 1 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -114,8 +123,6 @@ readinessProbe: failureThreshold: 3 # -- Number of seconds each period lasts. periodSeconds: 300 - # -- number of successful tries which reenables liveness - successThreshold: 1 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -128,8 +135,6 @@ startupProbe: initialDelaySeconds: 60 # -- Number of seconds each period lasts. periodSeconds: 30 - # -- number of successful tries which reenables liveness - successThreshold: 1 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -231,7 +236,7 @@ resources: cpu: 500m memory: 512Mi limits: - cpu: 500m + cpu: 900m memory: 512Mi autoscaling: diff --git a/charts/remoting-agent/.helmignore b/charts/remoting-agent/.helmignore index 481124a8..9a12504f 100644 --- a/charts/remoting-agent/.helmignore +++ b/charts/remoting-agent/.helmignore @@ -38,5 +38,8 @@ .idea/ *.tmproj .vscode/ - +# Doc Templates README.md.gotmpl +# Accept only values.yaml +values?*.yaml +values?*.yml \ No newline at end of file diff --git a/charts/remoting-agent/Chart.yaml b/charts/remoting-agent/Chart.yaml index dd967a68..abed2d9f 100644 --- a/charts/remoting-agent/Chart.yaml +++ b/charts/remoting-agent/Chart.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,14 +15,16 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- +# # Remoting Agent Chat Header # This is a YAML-formatted file. apiVersion: v2 name: remoting-agent description: >- Tractus-X Remoting Agent - Knowledge-Agents Compatible API Binding Layer -home: https://github.com/eclipse-tractusx/knowledge-agents/main/charts/remoting-agent +home: https://github.com/eclipse-tractusx/knowledge-agents/ +sources: + - https://github.com/eclipse-tractusx/knowledge-agents/tree/main/remoting type: application appVersion: "1.9.5-SNAPSHOT" version: 1.9.5-SNAPSHOT diff --git a/charts/remoting-agent/templates/configmap-env.yaml b/charts/remoting-agent/templates/configmap-env.yaml index 6ccbaa1f..51008dd2 100644 --- a/charts/remoting-agent/templates/configmap-env.yaml +++ b/charts/remoting-agent/templates/configmap-env.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- apiVersion: v1 kind: ConfigMap metadata: diff --git a/charts/remoting-agent/templates/configmap.yaml b/charts/remoting-agent/templates/configmap.yaml index 7e658d9a..72b9110f 100644 --- a/charts/remoting-agent/templates/configmap.yaml +++ b/charts/remoting-agent/templates/configmap.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- apiVersion: v1 kind: ConfigMap metadata: diff --git a/charts/remoting-agent/templates/deployment.yaml b/charts/remoting-agent/templates/deployment.yaml index 80b8ff1b..2265557f 100644 --- a/charts/remoting-agent/templates/deployment.yaml +++ b/charts/remoting-agent/templates/deployment.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -32,7 +32,6 @@ spec: template: metadata: annotations: - container.apparmor.security.beta.kubernetes.io/{{ .Chart.Name }}: runtime/default checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} checksum/env-config: {{ include (print $.Template.BasePath "/configmap-env.yaml") . | sha256sum }} {{- with .Values.podAnnotations }} @@ -41,15 +40,10 @@ spec: labels: {{- include "agent.selectorLabels" . | nindent 8 }} spec: - {{- if .Values.imagePullSecret.dockerconfigjson }} - imagePullSecrets: - - name: {{ include "agent.fullname" . }}-imagepullsecret - {{- else }} - {{- with .Values.imagePullSecrets }} + {{- with .Values.image.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - {{- end }} serviceAccountName: {{ include "agent.serviceAccountName" . }} automountServiceAccountToken: {{ if .Values.automountServiceAccountToken }}true{{ else }}false{{ end }} securityContext: @@ -71,7 +65,6 @@ spec: port: default failureThreshold: {{ .Values.livenessProbe.failureThreshold }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - successTreshold: {{ .Values.livenessProbe.successTreshold }} timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} {{- end }} {{- if .Values.readinessProbe.enabled }} @@ -81,7 +74,6 @@ spec: port: default failureThreshold: {{ .Values.readinessProbe.failureThreshold }} periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - successTreshold: {{ .Values.readinessProbe.successTreshold }} timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} {{- end }} {{- if .Values.startupProbe.enabled }} @@ -91,7 +83,6 @@ spec: port: default failureThreshold: {{ .Values.startupProbe.failureThreshold }} periodSeconds: {{ .Values.startupProbe.periodSeconds }} - successTreshold: {{ .Values.startupProbe.successTreshold }} timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds }} initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }} {{- end }} @@ -109,6 +100,27 @@ spec: mountPath: /var/rdf4j/server/conf/logback.xml subPath: logback.xml readOnly: true + - name: logs + mountPath: /usr/local/tomcat/logs + readOnly: false + - name: work + mountPath: /usr/local/tomcat/work/Catalina/localhost + readOnly: false + - name: conf + mountPath: /usr/local/tomcat/conf/Catalina/localhost + readOnly: false + - name: tmp + mountPath: /usr/local/tomcat/temp + readOnly: false + - name: rdf4jlogs + mountPath: /var/rdf4j/server/logs + readOnly: false + - name: rdf4jconf + mountPath: /var/rdf4j/server/conf + readOnly: false + - name: rdf4jrepositories + mountPath: /var/rdf4j/server/repositories + readOnly: false {{- range $asset, $_ := .Values.repositories }} - name: configuration mountPath: /var/rdf4j/server/repositories/{{ $asset }}/config.ttl @@ -126,6 +138,20 @@ spec: - key: {{ $asset }}.ttl path: {{ $asset }}.ttl {{- end }} + - name: tmp + emptyDir: {} + - name: logs + emptyDir: {} + - name: work + emptyDir: {} + - name: conf + emptyDir: {} + - name: rdf4jconf + emptyDir: {} + - name: rdf4jlogs + emptyDir: {} + - name: rdf4jrepositories + emptyDir: {} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/remoting-agent/templates/hpa.yaml b/charts/remoting-agent/templates/hpa.yaml index 4a81684b..4e2babfa 100644 --- a/charts/remoting-agent/templates/hpa.yaml +++ b/charts/remoting-agent/templates/hpa.yaml @@ -1,3 +1,5 @@ +{{- if .Values.autoscaling.enabled }} +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,8 +16,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 -{{- if .Values.autoscaling.enabled }} ---- apiVersion: autoscaling/v2beta1 kind: HorizontalPodAutoscaler metadata: diff --git a/charts/remoting-agent/templates/imagepullsecret.yaml b/charts/remoting-agent/templates/imagepullsecret.yaml deleted file mode 100644 index 2ee4ea39..00000000 --- a/charts/remoting-agent/templates/imagepullsecret.yaml +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation -# -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. -# -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0. -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 -{{- if .Values.imagePullSecret.dockerconfigjson }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "agent.fullname" . }}-imagepullsecret - namespace: {{ .Release.Namespace | default "default" | quote }} - labels: - {{- include "agent.labels" . | nindent 4 }} -data: - .dockerconfigjson: {{ .Values.imagePullSecret.dockerconfigjson }} -type: kubernetes.io/dockerconfigjson -{{- end }} diff --git a/charts/remoting-agent/templates/ingress.yaml b/charts/remoting-agent/templates/ingress.yaml index 89ae0ca8..570615dc 100644 --- a/charts/remoting-agent/templates/ingress.yaml +++ b/charts/remoting-agent/templates/ingress.yaml @@ -1,3 +1,12 @@ +{{- $fullName := include "agent.fullname" . }} +{{- $labels := include "agent.labels" . | nindent 4 }} +{{- $gitVersion := .Capabilities.KubeVersion.GitVersion }} +{{- $endpoints := .Values.agent.endpoints }} +{{- $namespace := .Release.Namespace }} +{{- range .Values.ingresses }} +{{- if and .enabled .endpoints }} +{{- $ingressName := printf "%s-%s" $fullName .hostname }} +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,15 +23,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 -{{- $fullName := include "agent.fullname" . }} -{{- $labels := include "agent.labels" . | nindent 4 }} -{{- $gitVersion := .Capabilities.KubeVersion.GitVersion }} -{{- $endpoints := .Values.agent.endpoints }} -{{- $namespace := .Release.Namespace }} -{{- range .Values.ingresses }} -{{- if and .enabled .endpoints }} -{{- $ingressName := printf "%s-%s" $fullName .hostname }} ---- {{- if semverCompare ">=1.19-0" $gitVersion }} apiVersion: networking.k8s.io/v1 {{- else if semverCompare ">=1.14-0" $gitVersion }} diff --git a/charts/remoting-agent/templates/service.yaml b/charts/remoting-agent/templates/service.yaml index 54ce7edd..0f2a6008 100644 --- a/charts/remoting-agent/templates/service.yaml +++ b/charts/remoting-agent/templates/service.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- apiVersion: v1 kind: Service metadata: diff --git a/charts/remoting-agent/templates/serviceaccount.yaml b/charts/remoting-agent/templates/serviceaccount.yaml index ba759e55..fbace363 100644 --- a/charts/remoting-agent/templates/serviceaccount.yaml +++ b/charts/remoting-agent/templates/serviceaccount.yaml @@ -1,3 +1,5 @@ +{{- if .Values.serviceAccount.create -}} +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +16,6 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 -{{- if .Values.serviceAccount.create -}} apiVersion: v1 kind: ServiceAccount metadata: diff --git a/charts/remoting-agent/values.yaml b/charts/remoting-agent/values.yaml index 9f80f1f8..617869e4 100644 --- a/charts/remoting-agent/values.yaml +++ b/charts/remoting-agent/values.yaml @@ -1,3 +1,4 @@ +--- # Copyright (c) 2022,2023 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional @@ -14,7 +15,7 @@ # under the License. # # SPDX-License-Identifier: Apache-2.0 ---- +# # Remoting Agent Deployment Values # This is a YAML-formatted file. # Declare variables to be passed into your templates. @@ -24,21 +25,29 @@ replicaCount: 1 image: - # -- Which derivate of the remoting agent to use + # -- target regirtry + registry: docker.io + # -- Which derivate of agent to use repository: tractusx/remoting-agent - # -- [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use - pullPolicy: IfNotPresent # -- Overrides the image tag whose default is the chart appVersion tag: "" - -imagePullSecret: - # -- Image pull secret to create to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) - # Note: This value needs to adhere to the [(base64 encoded) .dockerconfigjson format](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#registry-secret-existing-credentials). - # Furthermore, if 'imagePullSecret.dockerconfigjson' is defined, it takes precedence over 'imagePullSecrets'. - dockerconfigjson: "" - -# -- Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) -imagePullSecrets: [] + # -- Overrides the image digest + digest: "" + ## Specify an imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## Example: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [ ] + ## Set to true if you would like to see extra information on logs + ## # -- Overrides the charts name nameOverride: "" @@ -62,6 +71,8 @@ automountServiceAccountToken: false # -- [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) added to deployed [pods](https://kubernetes.io/docs/concepts/workloads/pods/) podAnnotations: {} +# Uncomment this and remove parenthesis if you want to enable apparmor +# container.apparmor.security.beta.kubernetes.io/remoting-agent: runtime/default # The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment podSecurityContext: @@ -102,8 +113,6 @@ livenessProbe: failureThreshold: 3 # -- Number of seconds each period lasts. periodSeconds: 60 - # -- number of successful tries which reenables liveness - successThreshold: 1 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -114,8 +123,6 @@ readinessProbe: failureThreshold: 3 # -- Number of seconds each period lasts. periodSeconds: 300 - # -- number of successful tries which reenables liveness - successThreshold: 1 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -128,8 +135,6 @@ startupProbe: initialDelaySeconds: 60 # -- Number of seconds each period lasts. periodSeconds: 30 - # -- number of successful tries which reenables liveness - successThreshold: 1 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -183,14 +188,14 @@ ingresses: clusterIssuer: "" # -- [Resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) applied to the deployed pod -# We recommend 25% of a cpu and 256MB per endpoint +# We recommend 25% of a cpu, 512MB per server and 256MB per endpoint resources: requests: cpu: 250m - memory: 256Mi + memory: 768Mi limits: - cpu: 250m - memory: 256Mi + cpu: 500m + memory: 768Mi autoscaling: # -- Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) diff --git a/remoting/src/main/docker/Dockerfile b/remoting/src/main/docker/Dockerfile index c4f5753b..1e79678f 100644 --- a/remoting/src/main/docker/Dockerfile +++ b/remoting/src/main/docker/Dockerfile @@ -74,29 +74,22 @@ RUN if [ "${HTTP_PROXY}" != "" ]; then \ RUN mkdir -p /var/rdf4j/server/conf && \ mkdir -p /var/rdf4j/server/repositories && \ unzip /tmp/eclipse-rdf4j-4.3.2/war/rdf4j-server.war -d /usr/local/tomcat/webapps/rdf4j-server && \ - unzip /tmp/eclipse-rdf4j-4.3.2/war/rdf4j-workbench.war -d /usr/local/tomcat/webapps/rdf4j-workbench && \ - rm -rf /tmp/eclipse-rdf4j-4.3.2 && \ + rm -rf /tmp/eclipse-rdf4j-4.3.2 && \ rm /usr/local/tomcat/webapps/rdf4j-server/WEB-INF/lib/guava-*.jar && \ rm /usr/local/tomcat/webapps/rdf4j-server/WEB-INF/lib/netty-*.jar && \ rm /usr/local/tomcat/webapps/rdf4j-server/WEB-INF/lib/jetty-*.jar && \ rm /usr/local/tomcat/webapps/rdf4j-server/WEB-INF/lib/spring-*.jar && \ rm /usr/local/tomcat/webapps/rdf4j-server/WEB-INF/lib/snappy-*.jar && \ - rm /usr/local/tomcat/webapps/rdf4j-workbench/WEB-INF/lib/guava-*.jar && \ - rm /usr/local/tomcat/webapps/rdf4j-workbench/WEB-INF/lib/netty-*.jar && \ - rm /usr/local/tomcat/webapps/rdf4j-workbench/WEB-INF/lib/jetty-*.jar && \ - rm /usr/local/tomcat/webapps/rdf4j-workbench/WEB-INF/lib/snappy-*.jar && \ rm /usr/local/tomcat/conf/logging.properties && \ rm /usr/local/tomcat/conf/server.xml && \ rm /usr/local/tomcat/conf/tomcat-users.xml && \ rm /usr/local/tomcat/conf/web.xml && \ wget -q "https://repo1.maven.org/maven2/commons-logging/commons-logging/1.2/commons-logging-1.2.jar" -O /usr/local/tomcat/webapps/rdf4j-server/WEB-INF/lib/commons-logging-1.2.jar && \ wget -q "https://repo1.maven.org/maven2/org/xerial/snappy/snappy-java/1.1.10.2/snappy-java-1.1.10.2.jar" -O /usr/local/tomcat/webapps/rdf4j-server/WEB-INF/lib/snappy-java-1.1.10.2.jar && \ - cp /usr/local/tomcat/webapps/rdf4j-server/WEB-INF/lib/snappy-java-1.1.10.2.jar /usr/local/tomcat/webapps/rdf4j-workbench/WEB-INF/lib/. && \ chown -R tomcat:tomcat /var/rdf4j /usr/local/tomcat && \ chmod 775 /usr/local/tomcat /usr/local/tomcat/bin /usr/local/tomcat/bin/catalina.sh /var/rdf4j/server COPY --from=build /opt/lib/*.jar /usr/local/tomcat/webapps/rdf4j-server/WEB-INF/lib/ -COPY --from=build /opt/lib/*.jar /usr/local/tomcat/webapps/rdf4j-workbench/WEB-INF/lib/ COPY --from=build /opt/conf/*.xml /opt/conf/*.properties /usr/local/tomcat/conf/ COPY resources/web/rdf4j.xml /usr/local/tomcat/webapps/rdf4j-server/WEB-INF/web.xml COPY resources/web/callback.xml /usr/local/tomcat/webapps/rdf4j-server/WEB-INF/callback.xml From 6fe1df7bc77861e1315cc581360361c99dc962a6 Mon Sep 17 00:00:00 2001 From: "Dr. Christoph \"Schorsch\" Jung" Date: Tue, 22 Aug 2023 09:21:44 +0200 Subject: [PATCH 03/14] https://jira.catena-x.net/browse/KA-328 wrong folder names in build --- .github/workflows/build.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1fd2de35..224565d9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -128,8 +128,8 @@ jobs: - name: Conforming Agent Container Build and push uses: docker/build-push-action@v3 with: - context: conforming-agent/. - file: conforming-agent/src/main/docker/Dockerfile + context: conforming/. + file: conforming/src/main/docker/Dockerfile # Build image for verification purposes on every trigger event. Only push if event is not a PR push: ${{ (github.repository == 'catenax-ng/product-agents' || github.repository == 'eclipse-tractusx/knowledge-agents') && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} tags: ${{ steps.meta-conf.outputs.tags }} @@ -154,8 +154,8 @@ jobs: - name: Provisioning Agent Container Build and push uses: docker/build-push-action@v3 with: - context: provisioning-agent/. - file: provisioning-agent/src/main/docker/Dockerfile + context: provisioning/. + file: provisioning/src/main/docker/Dockerfile # Build image for verification purposes on every trigger event. Only push if event is not a PR push: ${{ (github.repository == 'catenax-ng/product-agents' || github.repository == 'eclipse-tractusx/knowledge-agents') && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} tags: ${{ steps.meta-prov.outputs.tags }} @@ -180,8 +180,8 @@ jobs: - name: Remoting Agent Container Build and push uses: docker/build-push-action@v3 with: - context: remoting-agent/. - file: remoting-agent/src/main/docker/Dockerfile + context: remoting/. + file: remoting/src/main/docker/Dockerfile # Build image for verification purposes on every trigger event. Only push if event is not a PR push: ${{ (github.repository == 'catenax-ng/product-agents' || github.repository == 'eclipse-tractusx/knowledge-agents') && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} tags: ${{ steps.meta-remote.outputs.tags }} From b6aba7544bbb80c17d891aba876edb9578505536 Mon Sep 17 00:00:00 2001 From: "Dr. Christoph \"Schorsch\" Jung" Date: Tue, 22 Aug 2023 09:35:29 +0200 Subject: [PATCH 04/14] https://jira.catena-x.net/browse/KA-328 update chart version and automize reference in readme --- charts/conforming-agent/Chart.yaml | 2 +- charts/conforming-agent/README.md | 28 ++++++++++++---------- charts/conforming-agent/README.md.gotmpl | 2 +- charts/provisioning-agent/Chart.yaml | 2 +- charts/provisioning-agent/README.md | 24 ++++++++++--------- charts/provisioning-agent/README.md.gotmpl | 2 +- charts/remoting-agent/Chart.yaml | 2 +- charts/remoting-agent/README.md | 24 ++++++++++--------- charts/remoting-agent/README.md.gotmpl | 2 +- 9 files changed, 48 insertions(+), 40 deletions(-) diff --git a/charts/conforming-agent/Chart.yaml b/charts/conforming-agent/Chart.yaml index 5072f918..e0e6e38a 100644 --- a/charts/conforming-agent/Chart.yaml +++ b/charts/conforming-agent/Chart.yaml @@ -29,6 +29,6 @@ sources: - https://github.com/eclipse-tractusx/knowledge-agents/tree/main/conforming type: application appVersion: "1.9.5-SNAPSHOT" -version: 1.9.5-SNAPSHOT +version: 1.9.6-SNAPSHOT maintainers: - name: 'Tractus-X Knowledge Agents Team' diff --git a/charts/conforming-agent/README.md b/charts/conforming-agent/README.md index c1f8a979..32619946 100644 --- a/charts/conforming-agent/README.md +++ b/charts/conforming-agent/README.md @@ -20,16 +20,18 @@ # conforming-agent -![Version: 1.9.5-SNAPSHOT](https://img.shields.io/badge/Version-1.9.5--SNAPSHOT-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.9.5-SNAPSHOT](https://img.shields.io/badge/AppVersion-1.9.5--SNAPSHOT-informational?style=flat-square) +![Version: 1.9.6-SNAPSHOT](https://img.shields.io/badge/Version-1.9.6--SNAPSHOT-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.9.5-SNAPSHOT](https://img.shields.io/badge/AppVersion-1.9.5--SNAPSHOT-informational?style=flat-square) -Tractus-X Conforming Agent - Knowledge-Agents Testing Module +A Helm chart for the Tractus-X Conforming Agent which is a container to assess the conformity of all other parts of the Agent-Enabled Dataspace. -**Homepage:** +This chart has no prerequisites. + +**Homepage:** ## TL;DR ```shell $ helm repo add eclipse-tractusx https://eclipse-tractusx.github.io/charts/dev -$ helm install my-release eclipse-tractusx/conforming-agent --version 1.9.5-SNAPSHOT +$ helm install my-release eclipse-tractusx/conforming-agent --version 1.9.6-SNAPSHOT ``` ## Maintainers @@ -38,6 +40,10 @@ $ helm install my-release eclipse-tractusx/conforming-agent --version 1.9.5-SNAP | ---- | ------ | --- | | Tractus-X Knowledge Agents Team | | | +## Source Code + +* + ## Values | Key | Type | Default | Description | @@ -57,11 +63,12 @@ $ helm install my-release eclipse-tractusx/conforming-agent --version 1.9.5-SNAP | env | object | `{}` | Container environment variables e.g. for configuring [JAVA_TOOL_OPTIONS](https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/envvars002.html) Ex.: JAVA_TOOL_OPTIONS: > -Dhttp.proxyHost=proxy -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts="localhost|127.*|[::1]" -Dhttps.proxyHost=proxy -Dhttps.proxyPort=443 | | envSecretName | string | `nil` | [Kubernetes Secret Resource](https://kubernetes.io/docs/concepts/configuration/secret/) name to load environment variables from | | fullnameOverride | string | `""` | Overrides the releases full name | -| image.pullPolicy | string | `"IfNotPresent"` | [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use | -| image.repository | string | `"tractusx/conforming-agent"` | Which derivate of the remoting agent to use | +| image.digest | string | `""` | Overrides the image digest | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.pullSecrets | list | `[]` | | +| image.registry | string | `"docker.io"` | target regirtry | +| image.repository | string | `"tractusx/conforming-agent"` | Which derivate of agent to use | | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion | -| imagePullSecret.dockerconfigjson | string | `""` | Image pull secret to create to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) Note: This value needs to adhere to the [(base64 encoded) .dockerconfigjson format](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#registry-secret-existing-credentials). Furthermore, if 'imagePullSecret.dockerconfigjson' is defined, it takes precedence over 'imagePullSecrets'. | -| imagePullSecrets | list | `[]` | Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) | | ingresses[0].annotations | string | `nil` | Additional ingress annotations to add, for example when implementing more complex routings you may set { nginx.ingress.kubernetes.io/rewrite-target: /$1, nginx.ingress.kubernetes.io/use-regex: "true" } | | ingresses[0].certManager.clusterIssuer | string | `""` | If preset enables certificate generation via cert-manager cluster-wide issuer | | ingresses[0].certManager.issuer | string | `""` | If preset enables certificate generation via cert-manager namespace scoped issuer | @@ -76,7 +83,6 @@ $ helm install my-release eclipse-tractusx/conforming-agent --version 1.9.5-SNAP | livenessProbe.enabled | bool | `true` | Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | | livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded | | livenessProbe.periodSeconds | int | `60` | Number of seconds each period lasts. | -| livenessProbe.successThreshold | int | `1` | number of successful tries which reenables liveness | | livenessProbe.timeoutSeconds | int | `5` | number of seconds until a timeout is assumed | | nameOverride | string | `""` | Overrides the charts name | | nodeSelector | object | `{}` | [Node-Selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) to constrain the Pod to nodes with specific labels. | @@ -88,10 +94,9 @@ $ helm install my-release eclipse-tractusx/conforming-agent --version 1.9.5-SNAP | readinessProbe.enabled | bool | `true` | Whether to enable kubernetes readiness-probes | | readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded | | readinessProbe.periodSeconds | int | `300` | Number of seconds each period lasts. | -| readinessProbe.successThreshold | int | `1` | number of successful tries which reenables liveness | | readinessProbe.timeoutSeconds | int | `5` | number of seconds until a timeout is assumed | | replicaCount | int | `1` | Specifies how many replicas of a deployed pod shall be created during the deployment Note: If horizontal pod autoscaling is enabled this setting has no effect | -| resources | object | `{"limits":{"cpu":"200m","memory":"256Mi"},"requests":{"cpu":"200m","memory":"256Mi"}}` | [Resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) applied to the deployed pod We recommend 20% of a cpu and 256MB per endpoint | +| resources | object | `{"limits":{"cpu":"400m","memory":"256Mi"},"requests":{"cpu":"200m","memory":"256Mi"}}` | [Resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) applied to the deployed pod We recommend 20% of a cpu and 256MB per endpoint | | securityContext.allowPrivilegeEscalation | bool | `false` | Controls [Privilege Escalation](https://kubernetes.io/docs/concepts/security/pod-security-policy/#privilege-escalation) enabling setuid binaries changing the effective user ID | | securityContext.capabilities.add | list | `["NET_BIND_SERVICE"]` | Specifies which capabilities to add to issue specialized syscalls | | securityContext.capabilities.drop | list | `["ALL"]` | Specifies which capabilities to drop to reduce syscall attack surface | @@ -107,7 +112,6 @@ $ helm install my-release eclipse-tractusx/conforming-agent --version 1.9.5-SNAP | startupProbe.failureThreshold | int | `18` | Minimum consecutive failures for the probe to be considered failed after having succeeded | | startupProbe.initialDelaySeconds | int | `60` | Number of seconds after the container has started before liveness probes are initiated. | | startupProbe.periodSeconds | int | `30` | Number of seconds each period lasts. | -| startupProbe.successThreshold | int | `1` | number of successful tries which reenables liveness | | startupProbe.timeoutSeconds | int | `5` | number of seconds until a timeout is assumed | | tolerations | list | `[]` | [Tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) are applied to Pods to schedule onto nodes with matching taints. | diff --git a/charts/conforming-agent/README.md.gotmpl b/charts/conforming-agent/README.md.gotmpl index c1c17b2f..7d4577ea 100644 --- a/charts/conforming-agent/README.md.gotmpl +++ b/charts/conforming-agent/README.md.gotmpl @@ -31,7 +31,7 @@ ## TL;DR ```shell $ helm repo add eclipse-tractusx https://eclipse-tractusx.github.io/charts/dev -$ helm install my-release eclipse-tractusx/conforming-agent --version 1.9.5-SNAPSHOT +$ helm install my-release eclipse-tractusx/conforming-agent --version {{ .Version }} ``` {{ template "chart.maintainersSection" . }} diff --git a/charts/provisioning-agent/Chart.yaml b/charts/provisioning-agent/Chart.yaml index 616260f0..2bf4296f 100644 --- a/charts/provisioning-agent/Chart.yaml +++ b/charts/provisioning-agent/Chart.yaml @@ -27,6 +27,6 @@ sources: - https://github.com/eclipse-tractusx/knowledge-agents/tree/main/provisioning type: application appVersion: "1.9.5-SNAPSHOT" -version: 1.9.5-SNAPSHOT +version: 1.9.6-SNAPSHOT maintainers: - name: 'Tractus-X Knowledge Agents Team' diff --git a/charts/provisioning-agent/README.md b/charts/provisioning-agent/README.md index 3cf8052e..d2cd6ac2 100644 --- a/charts/provisioning-agent/README.md +++ b/charts/provisioning-agent/README.md @@ -20,16 +20,16 @@ # provisioning-agent -![Version: 1.9.5-SNAPSHOT](https://img.shields.io/badge/Version-1.9.5--SNAPSHOT-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.9.5-SNAPSHOT](https://img.shields.io/badge/AppVersion-1.9.5--SNAPSHOT-informational?style=flat-square) +![Version: 1.9.6-SNAPSHOT](https://img.shields.io/badge/Version-1.9.6--SNAPSHOT-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.9.5-SNAPSHOT](https://img.shields.io/badge/AppVersion-1.9.5--SNAPSHOT-informational?style=flat-square) Tractus-X Provisioning Agent - Knowledge-Agents Compatible Data Binding Layer -**Homepage:** +**Homepage:** ## TL;DR ```shell $ helm repo add eclipse-tractusx https://eclipse-tractusx.github.io/charts/dev -$ helm install my-release eclipse-tractusx/provisioning-agent --version 1.9.5-SNAPSHOT +$ helm install my-release eclipse-tractusx/provisioning-agent --version 1.9.6-SNAPSHOT ``` ## Maintainers @@ -38,6 +38,10 @@ $ helm install my-release eclipse-tractusx/provisioning-agent --version 1.9.5-SN | ---- | ------ | --- | | Tractus-X Knowledge Agents Team | | | +## Source Code + +* + ## Values | Key | Type | Default | Description | @@ -57,11 +61,12 @@ $ helm install my-release eclipse-tractusx/provisioning-agent --version 1.9.5-SN | env | object | `{}` | Container environment variables e.g. for configuring [JAVA_TOOL_OPTIONS](https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/envvars002.html) Ex.: JAVA_TOOL_OPTIONS: > -Dhttp.proxyHost=proxy -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts="localhost|127.*|[::1]" -Dhttps.proxyHost=proxy -Dhttps.proxyPort=443 | | envSecretName | string | `nil` | [Kubernetes Secret Resource](https://kubernetes.io/docs/concepts/configuration/secret/) name to load environment variables from | | fullnameOverride | string | `""` | Overrides the releases full name | -| image.pullPolicy | string | `"IfNotPresent"` | [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use | -| image.repository | string | `"tractusx/provisioning-agent"` | Which derivate of the provisioning agent to use | +| image.digest | string | `""` | Overrides the image digest | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.pullSecrets | list | `[]` | | +| image.registry | string | `"docker.io"` | target regirtry | +| image.repository | string | `"tractusx/provisioning-agent"` | Which derivate of agent to use | | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion | -| imagePullSecret.dockerconfigjson | string | `""` | Image pull secret to create to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) Note: This value needs to adhere to the [(base64 encoded) .dockerconfigjson format](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#registry-secret-existing-credentials). Furthermore, if 'imagePullSecret.dockerconfigjson' is defined, it takes precedence over 'imagePullSecrets'. | -| imagePullSecrets | list | `[]` | Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) | | ingresses[0].annotations | string | `nil` | Additional ingress annotations to add, for example when implementing more complex routings you may set { nginx.ingress.kubernetes.io/rewrite-target: /$2, nginx.ingress.kubernetes.io/use-regex: "true" } | | ingresses[0].certManager.clusterIssuer | string | `""` | If preset enables certificate generation via cert-manager cluster-wide issuer | | ingresses[0].certManager.issuer | string | `""` | If preset enables certificate generation via cert-manager namespace scoped issuer | @@ -76,7 +81,6 @@ $ helm install my-release eclipse-tractusx/provisioning-agent --version 1.9.5-SN | livenessProbe.enabled | bool | `true` | Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | | livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded | | livenessProbe.periodSeconds | int | `60` | Number of seconds each period lasts. | -| livenessProbe.successThreshold | int | `1` | number of successful tries which reenables liveness | | livenessProbe.timeoutSeconds | int | `5` | number of seconds until a timeout is assumed | | nameOverride | string | `""` | Overrides the charts name | | nodeSelector | object | `{}` | [Node-Selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) to constrain the Pod to nodes with specific labels. | @@ -89,10 +93,9 @@ $ helm install my-release eclipse-tractusx/provisioning-agent --version 1.9.5-SN | readinessProbe.enabled | bool | `true` | Whether to enable kubernetes readiness-probes | | readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded | | readinessProbe.periodSeconds | int | `300` | Number of seconds each period lasts. | -| readinessProbe.successThreshold | int | `1` | number of successful tries which reenables liveness | | readinessProbe.timeoutSeconds | int | `5` | number of seconds until a timeout is assumed | | replicaCount | int | `1` | Specifies how many replicas of a deployed pod shall be created during the deployment Note: If horizontal pod autoscaling is enabled this setting has no effect | -| resources | object | `{"limits":{"cpu":"500m","memory":"512Mi"},"requests":{"cpu":"500m","memory":"512Mi"}}` | [Resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) applied to the deployed pod We recommend using 50% of CPU and 0.5Gi of memory per exported endpoint | +| resources | object | `{"limits":{"cpu":"900m","memory":"512Mi"},"requests":{"cpu":"500m","memory":"512Mi"}}` | [Resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) applied to the deployed pod We recommend using 50% of CPU and 0.5Gi of memory per exported endpoint | | securityContext.allowPrivilegeEscalation | bool | `false` | Controls [Privilege Escalation](https://kubernetes.io/docs/concepts/security/pod-security-policy/#privilege-escalation) enabling setuid binaries changing the effective user ID | | securityContext.capabilities.add | list | `["NET_BIND_SERVICE"]` | Specifies which capabilities to add to issue specialized syscalls | | securityContext.capabilities.drop | list | `["ALL"]` | Specifies which capabilities to drop to reduce syscall attack surface | @@ -108,7 +111,6 @@ $ helm install my-release eclipse-tractusx/provisioning-agent --version 1.9.5-SN | startupProbe.failureThreshold | int | `18` | Minimum consecutive failures for the probe to be considered failed after having succeeded | | startupProbe.initialDelaySeconds | int | `60` | Number of seconds after the container has started before liveness probes are initiated. | | startupProbe.periodSeconds | int | `30` | Number of seconds each period lasts. | -| startupProbe.successThreshold | int | `1` | number of successful tries which reenables liveness | | startupProbe.timeoutSeconds | int | `5` | number of seconds until a timeout is assumed | | tolerations | list | `[]` | [Tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) are applied to Pods to schedule onto nodes with matching taints. | diff --git a/charts/provisioning-agent/README.md.gotmpl b/charts/provisioning-agent/README.md.gotmpl index abacc5a0..9b7497aa 100644 --- a/charts/provisioning-agent/README.md.gotmpl +++ b/charts/provisioning-agent/README.md.gotmpl @@ -31,7 +31,7 @@ ## TL;DR ```shell $ helm repo add eclipse-tractusx https://eclipse-tractusx.github.io/charts/dev -$ helm install my-release eclipse-tractusx/provisioning-agent --version 1.9.5-SNAPSHOT +$ helm install my-release eclipse-tractusx/provisioning-agent --version {{ .Version }} ``` {{ template "chart.maintainersSection" . }} diff --git a/charts/remoting-agent/Chart.yaml b/charts/remoting-agent/Chart.yaml index abed2d9f..e150999d 100644 --- a/charts/remoting-agent/Chart.yaml +++ b/charts/remoting-agent/Chart.yaml @@ -27,6 +27,6 @@ sources: - https://github.com/eclipse-tractusx/knowledge-agents/tree/main/remoting type: application appVersion: "1.9.5-SNAPSHOT" -version: 1.9.5-SNAPSHOT +version: 1.9.6-SNAPSHOT maintainers: - name: 'Tractus-X Knowledge Agents Team' diff --git a/charts/remoting-agent/README.md b/charts/remoting-agent/README.md index 5959c0d2..8647d96d 100644 --- a/charts/remoting-agent/README.md +++ b/charts/remoting-agent/README.md @@ -19,16 +19,16 @@ --> # remoting-agent -![Version: 1.9.5-SNAPSHOT](https://img.shields.io/badge/Version-1.9.5--SNAPSHOT-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.9.5-SNAPSHOT](https://img.shields.io/badge/AppVersion-1.9.5--SNAPSHOT-informational?style=flat-square) +![Version: 1.9.6-SNAPSHOT](https://img.shields.io/badge/Version-1.9.6--SNAPSHOT-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.9.5-SNAPSHOT](https://img.shields.io/badge/AppVersion-1.9.5--SNAPSHOT-informational?style=flat-square) Tractus-X Remoting Agent - Knowledge-Agents Compatible API Binding Layer -**Homepage:** +**Homepage:** ## TL;DR ```shell $ helm repo add eclipse-tractusx https://eclipse-tractusx.github.io/charts/dev -$ helm install my-release eclipse-tractusx/remoting-agent --version 1.9.5-SNAPSHOT +$ helm install my-release eclipse-tractusx/remoting-agent --version 1.9.6-SNAPSHOT ``` ## Maintainers @@ -37,6 +37,10 @@ $ helm install my-release eclipse-tractusx/remoting-agent --version 1.9.5-SNAPSH | ---- | ------ | --- | | Tractus-X Knowledge Agents Team | | | +## Source Code + +* + ## Values | Key | Type | Default | Description | @@ -56,11 +60,12 @@ $ helm install my-release eclipse-tractusx/remoting-agent --version 1.9.5-SNAPSH | env | object | `{}` | Container environment variables e.g. for configuring [JAVA_TOOL_OPTIONS](https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/envvars002.html) Ex.: JAVA_TOOL_OPTIONS: > -Dhttp.proxyHost=proxy -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts="localhost|127.*|[::1]" -Dhttps.proxyHost=proxy -Dhttps.proxyPort=443 | | envSecretName | string | `nil` | [Kubernetes Secret Resource](https://kubernetes.io/docs/concepts/configuration/secret/) name to load environment variables from | | fullnameOverride | string | `""` | Overrides the releases full name | -| image.pullPolicy | string | `"IfNotPresent"` | [Kubernetes image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use | -| image.repository | string | `"tractusx/remoting-agent"` | Which derivate of the remoting agent to use | +| image.digest | string | `""` | Overrides the image digest | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.pullSecrets | list | `[]` | | +| image.registry | string | `"docker.io"` | target regirtry | +| image.repository | string | `"tractusx/remoting-agent"` | Which derivate of agent to use | | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion | -| imagePullSecret.dockerconfigjson | string | `""` | Image pull secret to create to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) Note: This value needs to adhere to the [(base64 encoded) .dockerconfigjson format](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#registry-secret-existing-credentials). Furthermore, if 'imagePullSecret.dockerconfigjson' is defined, it takes precedence over 'imagePullSecrets'. | -| imagePullSecrets | list | `[]` | Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) | | ingresses[0].annotations | string | `nil` | Additional ingress annotations to add, for example when implementing more complex routings you may set { nginx.ingress.kubernetes.io/rewrite-target: /$1, nginx.ingress.kubernetes.io/use-regex: "true" } | | ingresses[0].certManager.clusterIssuer | string | `""` | If preset enables certificate generation via cert-manager cluster-wide issuer | | ingresses[0].certManager.issuer | string | `""` | If preset enables certificate generation via cert-manager namespace scoped issuer | @@ -75,7 +80,6 @@ $ helm install my-release eclipse-tractusx/remoting-agent --version 1.9.5-SNAPSH | livenessProbe.enabled | bool | `true` | Whether to enable kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | | livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded | | livenessProbe.periodSeconds | int | `60` | Number of seconds each period lasts. | -| livenessProbe.successThreshold | int | `1` | number of successful tries which reenables liveness | | livenessProbe.timeoutSeconds | int | `5` | number of seconds until a timeout is assumed | | logging.configuration | string | `"\n\n \n \n %d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n\n \n \n \n \n \n \n"` | Logback Xml | | nameOverride | string | `""` | Overrides the charts name | @@ -88,11 +92,10 @@ $ helm install my-release eclipse-tractusx/remoting-agent --version 1.9.5-SNAPSH | readinessProbe.enabled | bool | `true` | Whether to enable kubernetes readiness-probes | | readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded | | readinessProbe.periodSeconds | int | `300` | Number of seconds each period lasts. | -| readinessProbe.successThreshold | int | `1` | number of successful tries which reenables liveness | | readinessProbe.timeoutSeconds | int | `5` | number of seconds until a timeout is assumed | | replicaCount | int | `1` | Specifies how many replicas of a deployed pod shall be created during the deployment Note: If horizontal pod autoscaling is enabled this setting has no effect | | repositories | object | `{}` | A map of repository names to configuration ttl files | -| resources | object | `{"limits":{"cpu":"250m","memory":"256Mi"},"requests":{"cpu":"250m","memory":"256Mi"}}` | [Resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) applied to the deployed pod We recommend 25% of a cpu and 256MB per endpoint | +| resources | object | `{"limits":{"cpu":"500m","memory":"768Mi"},"requests":{"cpu":"250m","memory":"768Mi"}}` | [Resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) applied to the deployed pod We recommend 25% of a cpu, 512MB per server and 256MB per endpoint | | securityContext.allowPrivilegeEscalation | bool | `false` | Controls [Privilege Escalation](https://kubernetes.io/docs/concepts/security/pod-security-policy/#privilege-escalation) enabling setuid binaries changing the effective user ID | | securityContext.capabilities.add | list | `["NET_BIND_SERVICE"]` | Specifies which capabilities to add to issue specialized syscalls | | securityContext.capabilities.drop | list | `["ALL"]` | Specifies which capabilities to drop to reduce syscall attack surface | @@ -108,7 +111,6 @@ $ helm install my-release eclipse-tractusx/remoting-agent --version 1.9.5-SNAPSH | startupProbe.failureThreshold | int | `18` | Minimum consecutive failures for the probe to be considered failed after having succeeded | | startupProbe.initialDelaySeconds | int | `60` | Number of seconds after the container has started before liveness probes are initiated. | | startupProbe.periodSeconds | int | `30` | Number of seconds each period lasts. | -| startupProbe.successThreshold | int | `1` | number of successful tries which reenables liveness | | startupProbe.timeoutSeconds | int | `5` | number of seconds until a timeout is assumed | | tolerations | list | `[]` | [Tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) are applied to Pods to schedule onto nodes with matching taints. | diff --git a/charts/remoting-agent/README.md.gotmpl b/charts/remoting-agent/README.md.gotmpl index b6bef06c..1efb1ac6 100644 --- a/charts/remoting-agent/README.md.gotmpl +++ b/charts/remoting-agent/README.md.gotmpl @@ -30,7 +30,7 @@ ## TL;DR ```shell $ helm repo add eclipse-tractusx https://eclipse-tractusx.github.io/charts/dev -$ helm install my-release eclipse-tractusx/remoting-agent --version 1.9.5-SNAPSHOT +$ helm install my-release eclipse-tractusx/remoting-agent --version {{ .Version }} ``` {{ template "chart.maintainersSection" . }} From 4ee9f7fb4aa6e12e5d300943b0d6a4444487a7ad Mon Sep 17 00:00:00 2001 From: "Dr. Christoph \"Schorsch\" Jung" Date: Tue, 22 Aug 2023 09:57:25 +0200 Subject: [PATCH 05/14] https://jira.catena-x.net/browse/KA-328 remove unit test reporting. debug chart yaml --- .github/workflows/build.yml | 10 +-------- charts/conforming-agent/Chart.yaml | 4 ++-- charts/conforming-agent/values.yaml | 21 +++++++++---------- charts/provisioning-agent/Chart.yaml | 8 ++++--- charts/provisioning-agent/values.yaml | 30 +++++++++++++-------------- charts/remoting-agent/Chart.yaml | 8 ++++--- charts/remoting-agent/values.yaml | 20 +++++++++--------- 7 files changed, 48 insertions(+), 53 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 224565d9..0944d97c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -186,12 +186,4 @@ jobs: push: ${{ (github.repository == 'catenax-ng/product-agents' || github.repository == 'eclipse-tractusx/knowledge-agents') && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} tags: ${{ steps.meta-remote.outputs.tags }} labels: ${{ steps.meta-remote.outputs.labels }} - - # Report unit test output to github job - - if: success() || failure() - name: Java Test Report - uses: dorny/test-reporter@v1 - with: - name: Test Report Java - path: '**/surefire-reports/TEST-*.xml' - reporter: java-junit + diff --git a/charts/conforming-agent/Chart.yaml b/charts/conforming-agent/Chart.yaml index e0e6e38a..a94ff525 100644 --- a/charts/conforming-agent/Chart.yaml +++ b/charts/conforming-agent/Chart.yaml @@ -22,7 +22,7 @@ apiVersion: v2 name: conforming-agent description: | A Helm chart for the Tractus-X Conforming Agent which is a container to assess the conformity of all other parts of the Agent-Enabled Dataspace. - + This chart has no prerequisites. home: https://github.com/eclipse-tractusx/knowledge-agents/ sources: @@ -30,5 +30,5 @@ sources: type: application appVersion: "1.9.5-SNAPSHOT" version: 1.9.6-SNAPSHOT -maintainers: +maintainers: - name: 'Tractus-X Knowledge Agents Team' diff --git a/charts/conforming-agent/values.yaml b/charts/conforming-agent/values.yaml index 286f2f22..f345a888 100644 --- a/charts/conforming-agent/values.yaml +++ b/charts/conforming-agent/values.yaml @@ -31,7 +31,7 @@ image: repository: tractusx/conforming-agent # -- Overrides the image tag whose default is the chart appVersion tag: "" - # -- Overrides the image digest + # -- Overrides the image digest digest: "" ## Specify an imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -45,10 +45,10 @@ image: ## pullSecrets: ## - myRegistryKeySecretName ## - pullSecrets: [ ] + pullSecrets: [] ## Set to true if you would like to see extra information on logs ## - + # -- Overrides the charts name nameOverride: "" @@ -73,7 +73,6 @@ automountServiceAccountToken: false podAnnotations: {} # Uncomment this and remove parenthesis if you want to enable apparmor # container.apparmor.security.beta.kubernetes.io/conforming-agent: runtime/default - # The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment podSecurityContext: @@ -94,7 +93,7 @@ securityContext: drop: - ALL # -- Specifies which capabilities to add to issue specialized syscalls - add: + add: - NET_BIND_SERVICE # -- Whether the root filesystem is mounted in read-only mode readOnlyRootFilesystem: true @@ -112,7 +111,7 @@ livenessProbe: enabled: true # -- Minimum consecutive failures for the probe to be considered failed after having succeeded failureThreshold: 3 - # -- Number of seconds each period lasts. + # -- Number of seconds each period lasts. periodSeconds: 60 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -122,7 +121,7 @@ readinessProbe: enabled: true # -- Minimum consecutive failures for the probe to be considered failed after having succeeded failureThreshold: 3 - # -- Number of seconds each period lasts. + # -- Number of seconds each period lasts. periodSeconds: 300 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -134,7 +133,7 @@ startupProbe: failureThreshold: 18 # -- Number of seconds after the container has started before liveness probes are initiated. initialDelaySeconds: 60 - # -- Number of seconds each period lasts. + # -- Number of seconds each period lasts. periodSeconds: 30 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -165,7 +164,7 @@ ingresses: hostname: "conforming-agent.local" # -- Additional ingress annotations to add, for example when implementing more complex routings you may set { nginx.ingress.kubernetes.io/rewrite-target: /$1, nginx.ingress.kubernetes.io/use-regex: "true" } annotations: - # Example if you want more complex routings in interplay with the endpoints regex property + # Example if you want more complex routings in interplay with the endpoints regex property # nginx.ingress.kubernetes.io/rewrite-target: /$1 # nginx.ingress.kubernetes.io/use-regex: "true" # -- Optional prefix that will be prepended to the paths of the endpoints @@ -189,14 +188,14 @@ ingresses: clusterIssuer: "" # -- [Resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) applied to the deployed pod -# We recommend 20% of a cpu and 256MB per endpoint +# We recommend 20% of a cpu and 256MB per endpoint resources: requests: cpu: 200m memory: 256Mi limits: cpu: 400m - memory: 256Mi + memory: 256Mi autoscaling: # -- Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) diff --git a/charts/provisioning-agent/Chart.yaml b/charts/provisioning-agent/Chart.yaml index 2bf4296f..a5c0de78 100644 --- a/charts/provisioning-agent/Chart.yaml +++ b/charts/provisioning-agent/Chart.yaml @@ -20,13 +20,15 @@ # This is a YAML-formatted file. apiVersion: v2 name: provisioning-agent -description: >- - Tractus-X Provisioning Agent - Knowledge-Agents Compatible Data Binding Layer +description: | + A Helm chart for the Tractus-X Provisioning Agent which is a container to Bridge Agent-Enabled Connector and Relational Data Sources. + + This chart has no prerequisites. home: https://github.com/eclipse-tractusx/knowledge-agents/ sources: - https://github.com/eclipse-tractusx/knowledge-agents/tree/main/provisioning type: application appVersion: "1.9.5-SNAPSHOT" version: 1.9.6-SNAPSHOT -maintainers: +maintainers: - name: 'Tractus-X Knowledge Agents Team' diff --git a/charts/provisioning-agent/values.yaml b/charts/provisioning-agent/values.yaml index 5d1cb673..4326d5ae 100644 --- a/charts/provisioning-agent/values.yaml +++ b/charts/provisioning-agent/values.yaml @@ -31,7 +31,7 @@ image: repository: tractusx/provisioning-agent # -- Overrides the image tag whose default is the chart appVersion tag: "" - # -- Overrides the image digest + # -- Overrides the image digest digest: "" ## Specify an imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -45,7 +45,7 @@ image: ## pullSecrets: ## - myRegistryKeySecretName ## - pullSecrets: [ ] + pullSecrets: [] ## Set to true if you would like to see extra information on logs ## @@ -93,7 +93,7 @@ securityContext: drop: - ALL # -- Specifies which capabilities to add to issue specialized syscalls - add: + add: - NET_BIND_SERVICE # -- Whether the root filesystem is mounted in read-only mode readOnlyRootFilesystem: true @@ -111,7 +111,7 @@ livenessProbe: enabled: true # -- Minimum consecutive failures for the probe to be considered failed after having succeeded failureThreshold: 3 - # -- Number of seconds each period lasts. + # -- Number of seconds each period lasts. periodSeconds: 60 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -121,7 +121,7 @@ readinessProbe: enabled: true # -- Minimum consecutive failures for the probe to be considered failed after having succeeded failureThreshold: 3 - # -- Number of seconds each period lasts. + # -- Number of seconds each period lasts. periodSeconds: 300 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -133,7 +133,7 @@ startupProbe: failureThreshold: 18 # -- Number of seconds after the container has started before liveness probes are initiated. initialDelaySeconds: 60 - # -- Number of seconds each period lasts. + # -- Number of seconds each period lasts. periodSeconds: 30 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -146,13 +146,13 @@ ontologies: ## Endpoints exposed by the provisioning agent bindings: # -- Diagnostic trouble codesample endpoint/binding, for disabling, simply put dtc: {} in your values.yaml - dtc: + dtc: # -- Exposed Service Port for the binding port: 8080 # -- Potential Ingress Path path: (/|$)(.*) # -- Settings for the binding including JDBC backend connections and meta-data directives, you should use secret references when putting passwords here - settings: + settings: jdbc.url: "jdbc:h2:file:/opt/ontop/database/db;INIT=RUNSCRIPT FROM '/opt/ontop/data/dtc.sql'" jdbc.driver: "org.h2.Driver" ontop.cardinalityMode: "LOOSE" @@ -167,18 +167,18 @@ bindings: xsd: http://www.w3.org/2001/XMLSchema# obda: https://w3id.org/obda/vocabulary# rdfs: http://www.w3.org/2000/01/rdf-schema# - + [MappingDeclaration] @collection [[ mappingId dtc-meta - target cx:BusinessPartner/{bpnl} rdf:type cx:BusinessPartner ; cx:BPNL {bpnl}^^xsd:string . + target cx:BusinessPartner/{bpnl} rdf:type cx:BusinessPartner ; cx:BPNL {bpnl}^^xsd:string . source SELECT distinct "bpnl" FROM "dtc"."meta" mappingId dtc-content - target cx-diag:DTC/{id} rdf:type cx-diag:DTC ; cx-diag:Code {code}^^xsd:string ; cx-diag:Description {description}^^xsd:string ; cx-diag:PossibleCauses {possible_causes}^^xsd:string ; cx-diag:Version {lock_version}^^xsd:long . + target cx-diag:DTC/{id} rdf:type cx-diag:DTC ; cx-diag:Code {code}^^xsd:string ; cx-diag:Description {description}^^xsd:string ; cx-diag:PossibleCauses {possible_causes}^^xsd:string ; cx-diag:Version {lock_version}^^xsd:long . source SELECT * FROM "dtc"."content" mappingId dtc-meta-content - target cx-diag:DTC/{id} cx:provisionedBy cx:BusinessPartner/{bpnl}. + target cx-diag:DTC/{id} cx:provisionedBy cx:BusinessPartner/{bpnl} . source SELECT "bpnl","id" FROM "dtc"."content" mappingId dtc-part @@ -186,11 +186,11 @@ bindings: source SELECT * FROM "dtc"."part" mappingId dtc-part-content - target cx-diag:DTC/{dtc_id} cx-diag:affects cx-diag:DiagnosedPart/{part_entityGuid}. + target cx-diag:DTC/{dtc_id} cx-diag:affects cx-diag:DiagnosedPart/{part_entityGuid} . source SELECT "part_entityGuid","dtc_id" FROM "dtc"."content_part" mappingId dtc-meta-part - target cx-diag:DiagnosedPart/{entityGuid} cx:provisionedBy cx:BusinessPartner/{bpnl}. + target cx-diag:DiagnosedPart/{entityGuid} cx:provisionedBy cx:BusinessPartner/{bpnl} . source SELECT "bpnl","entityGuid" FROM "dtc"."part" ]] @@ -206,7 +206,7 @@ ingresses: hostname: "provisioning-agent.local" # -- Additional ingress annotations to add, for example when implementing more complex routings you may set { nginx.ingress.kubernetes.io/rewrite-target: /$2, nginx.ingress.kubernetes.io/use-regex: "true" } annotations: - # Example if you want more complex routings in interplay with the endpoints regex property + # Example if you want more complex routings in interplay with the endpoints regex property # nginx.ingress.kubernetes.io/rewrite-target: /$2 # nginx.ingress.kubernetes.io/use-regex: "true" # -- Optional prefix that will be prepended to the paths of the endpoints diff --git a/charts/remoting-agent/Chart.yaml b/charts/remoting-agent/Chart.yaml index e150999d..596bfef8 100644 --- a/charts/remoting-agent/Chart.yaml +++ b/charts/remoting-agent/Chart.yaml @@ -20,13 +20,15 @@ # This is a YAML-formatted file. apiVersion: v2 name: remoting-agent -description: >- - Tractus-X Remoting Agent - Knowledge-Agents Compatible API Binding Layer +description: | + A Helm chart for the Tractus-X Remoting Agent which is a container to Bridge Agent-Enabled Connector and REST APIs. + + This chart has no prerequisites. home: https://github.com/eclipse-tractusx/knowledge-agents/ sources: - https://github.com/eclipse-tractusx/knowledge-agents/tree/main/remoting type: application appVersion: "1.9.5-SNAPSHOT" version: 1.9.6-SNAPSHOT -maintainers: +maintainers: - name: 'Tractus-X Knowledge Agents Team' diff --git a/charts/remoting-agent/values.yaml b/charts/remoting-agent/values.yaml index 617869e4..aa694468 100644 --- a/charts/remoting-agent/values.yaml +++ b/charts/remoting-agent/values.yaml @@ -31,7 +31,7 @@ image: repository: tractusx/remoting-agent # -- Overrides the image tag whose default is the chart appVersion tag: "" - # -- Overrides the image digest + # -- Overrides the image digest digest: "" ## Specify an imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -45,7 +45,7 @@ image: ## pullSecrets: ## - myRegistryKeySecretName ## - pullSecrets: [ ] + pullSecrets: [] ## Set to true if you would like to see extra information on logs ## @@ -93,7 +93,7 @@ securityContext: drop: - ALL # -- Specifies which capabilities to add to issue specialized syscalls - add: + add: - NET_BIND_SERVICE # -- Whether the root filesystem is mounted in read-only mode readOnlyRootFilesystem: true @@ -111,7 +111,7 @@ livenessProbe: enabled: true # -- Minimum consecutive failures for the probe to be considered failed after having succeeded failureThreshold: 3 - # -- Number of seconds each period lasts. + # -- Number of seconds each period lasts. periodSeconds: 60 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -121,7 +121,7 @@ readinessProbe: enabled: true # -- Minimum consecutive failures for the probe to be considered failed after having succeeded failureThreshold: 3 - # -- Number of seconds each period lasts. + # -- Number of seconds each period lasts. periodSeconds: 300 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -133,7 +133,7 @@ startupProbe: failureThreshold: 18 # -- Number of seconds after the container has started before liveness probes are initiated. initialDelaySeconds: 60 - # -- Number of seconds each period lasts. + # -- Number of seconds each period lasts. periodSeconds: 30 # -- number of seconds until a timeout is assumed timeoutSeconds: 5 @@ -164,7 +164,7 @@ ingresses: hostname: "remoting-agent.local" # -- Additional ingress annotations to add, for example when implementing more complex routings you may set { nginx.ingress.kubernetes.io/rewrite-target: /$1, nginx.ingress.kubernetes.io/use-regex: "true" } annotations: - # Example if you want more complex routings in interplay with the endpoints regex property + # Example if you want more complex routings in interplay with the endpoints regex property # nginx.ingress.kubernetes.io/rewrite-target: /$1 # nginx.ingress.kubernetes.io/use-regex: "true" # -- Optional prefix that will be prepended to the paths of the endpoints @@ -188,14 +188,14 @@ ingresses: clusterIssuer: "" # -- [Resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) applied to the deployed pod -# We recommend 25% of a cpu, 512MB per server and 256MB per endpoint +# We recommend 25% of a cpu, 512MB per server and 256MB per endpoint resources: requests: cpu: 250m memory: 768Mi limits: cpu: 500m - memory: 768Mi + memory: 768Mi autoscaling: # -- Enables [horizontal pod autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) @@ -244,4 +244,4 @@ logging: # -- A map of repository names to configuration ttl files -repositories: {} \ No newline at end of file +repositories: {} From 0c1721e11664a230e3327cd02de9d613ba837f96 Mon Sep 17 00:00:00 2001 From: "Dr. Christoph \"Schorsch\" Jung" Date: Tue, 22 Aug 2023 10:13:57 +0200 Subject: [PATCH 06/14] https://jira.catena-x.net/browse/KA-328 run mvn/docker as part of chart linting --- .github/workflows/helm-chart-lint.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/helm-chart-lint.yml b/.github/workflows/helm-chart-lint.yml index 99a234ae..f4575e44 100644 --- a/.github/workflows/helm-chart-lint.yml +++ b/.github/workflows/helm-chart-lint.yml @@ -61,7 +61,12 @@ jobs: with: version: v3.10.3 - # Setup python as a prerequisite for chart linting + - uses: ./.github/actions/setup-java + + - name: Build Java/Docker via Maven + run: | + ./mvnw -s settings.xml package -Pwith-docker-image -DskipTests + - uses: actions/setup-python@v4 with: python-version: 3.9 From cfef282ec39ce0b810cfeddc0f7773035cd007fe Mon Sep 17 00:00:00 2001 From: "Dr. Christoph \"Schorsch\" Jung" Date: Tue, 22 Aug 2023 10:47:24 +0200 Subject: [PATCH 07/14] https://jira.catena-x.net/browse/KA-328 we need to push to the kind registry --- .github/workflows/helm-chart-lint.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/helm-chart-lint.yml b/.github/workflows/helm-chart-lint.yml index f4575e44..42a51193 100644 --- a/.github/workflows/helm-chart-lint.yml +++ b/.github/workflows/helm-chart-lint.yml @@ -63,10 +63,6 @@ jobs: - uses: ./.github/actions/setup-java - - name: Build Java/Docker via Maven - run: | - ./mvnw -s settings.xml package -Pwith-docker-image -DskipTests - - uses: actions/setup-python@v4 with: python-version: 3.9 @@ -95,6 +91,11 @@ jobs: node_image: ${{ github.event.inputs.node_image || 'kindest/node:v1.24.6' }} if: github.event_name != 'pull_request' || env.CHART_CHANGED == 'true' + - name: Build Java/Docker via Maven + run: | + ./mvnw -s settings.xml deploy -Drepo=kind-registry:5000/tractusx/ -Dmaven.deploy.skip -DskipTests -Pwith-docker-image + if: github.event_name != 'pull_request' || env.CHART_CHANGED == 'true' + # install the chart to the kind cluster and run helm test # define charts to test with the --charts parameter - name: Run chart-testing (install) From 50b1d6f0a716aa6bc92730f449e189f54fca48bb Mon Sep 17 00:00:00 2001 From: "Dr. Christoph \"Schorsch\" Jung" Date: Tue, 22 Aug 2023 12:05:28 +0200 Subject: [PATCH 08/14] https://jira.catena-x.net/browse/KA-328 we need container-tools not helm. Remove KICS warnings (although the CPU limit > CPU requests was suggested by TRG --- .github/workflows/helm-chart-lint.yml | 2 +- charts/conforming-agent/values.yaml | 2 +- charts/provisioning-agent/values.yaml | 2 +- charts/remoting-agent/values.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/helm-chart-lint.yml b/.github/workflows/helm-chart-lint.yml index 42a51193..685071c5 100644 --- a/.github/workflows/helm-chart-lint.yml +++ b/.github/workflows/helm-chart-lint.yml @@ -83,7 +83,7 @@ jobs: # Preparing a kind cluster to install and test charts on - name: Create kind cluster - uses: helm/kind-action@v1.4.0 + uses: container-tools/kind-action@v1 with: # upgrade version, default (v0.17.0) uses node image v1.21.1 and doesn't work with more recent node image versions version: v0.19.0 diff --git a/charts/conforming-agent/values.yaml b/charts/conforming-agent/values.yaml index f345a888..ccfb29db 100644 --- a/charts/conforming-agent/values.yaml +++ b/charts/conforming-agent/values.yaml @@ -194,7 +194,7 @@ resources: cpu: 200m memory: 256Mi limits: - cpu: 400m + cpu: 200m memory: 256Mi autoscaling: diff --git a/charts/provisioning-agent/values.yaml b/charts/provisioning-agent/values.yaml index 4326d5ae..d64d8096 100644 --- a/charts/provisioning-agent/values.yaml +++ b/charts/provisioning-agent/values.yaml @@ -236,7 +236,7 @@ resources: cpu: 500m memory: 512Mi limits: - cpu: 900m + cpu: 500m memory: 512Mi autoscaling: diff --git a/charts/remoting-agent/values.yaml b/charts/remoting-agent/values.yaml index aa694468..d5167898 100644 --- a/charts/remoting-agent/values.yaml +++ b/charts/remoting-agent/values.yaml @@ -194,7 +194,7 @@ resources: cpu: 250m memory: 768Mi limits: - cpu: 500m + cpu: 250m memory: 768Mi autoscaling: From e600f84bd34f005ee4c20c150476744f5f2897b2 Mon Sep 17 00:00:00 2001 From: "Dr. Christoph \"Schorsch\" Jung" Date: Tue, 22 Aug 2023 13:15:37 +0200 Subject: [PATCH 09/14] https://jira.catena-x.net/browse/KA-328 switch chart to local kind registry --- .github/workflows/helm-chart-lint.yml | 2 +- charts/config/chart-testing-config.yaml | 1 + charts/conforming-agent/templates/deployment.yaml | 2 +- charts/conforming-agent/values.yaml | 4 ++-- charts/provisioning-agent/templates/deployment.yaml | 2 +- charts/provisioning-agent/values.yaml | 2 +- charts/remoting-agent/templates/deployment.yaml | 2 +- charts/remoting-agent/values.yaml | 2 +- 8 files changed, 9 insertions(+), 8 deletions(-) diff --git a/.github/workflows/helm-chart-lint.yml b/.github/workflows/helm-chart-lint.yml index 685071c5..41174df6 100644 --- a/.github/workflows/helm-chart-lint.yml +++ b/.github/workflows/helm-chart-lint.yml @@ -71,7 +71,7 @@ jobs: uses: helm/chart-testing-action@v2.3.1 - name: Run chart-testing (lint) - run: ct lint --validate-maintainers=false --target-branch ${{ github.event.repository.default_branch }} --config charts/config/chart-testing-config.yaml + run: ct lint --target-branch ${{ github.event.repository.default_branch }} --config charts/config/chart-testing-config.yaml - name: Run chart-testing (list-changed) id: list-changed diff --git a/charts/config/chart-testing-config.yaml b/charts/config/chart-testing-config.yaml index 8e99b961..ef2ec34d 100644 --- a/charts/config/chart-testing-config.yaml +++ b/charts/config/chart-testing-config.yaml @@ -19,3 +19,4 @@ # Config for testing charts validate-maintainers: false chart-repos: +helm-extra-set-args: "--set=registry=kind-registry:5000/" \ No newline at end of file diff --git a/charts/conforming-agent/templates/deployment.yaml b/charts/conforming-agent/templates/deployment.yaml index e74779c3..7c675c02 100644 --- a/charts/conforming-agent/templates/deployment.yaml +++ b/charts/conforming-agent/templates/deployment.yaml @@ -52,7 +52,7 @@ spec: - name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + image: "{{ .Values.image.registry }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: - name: default diff --git a/charts/conforming-agent/values.yaml b/charts/conforming-agent/values.yaml index ccfb29db..afaa8d2e 100644 --- a/charts/conforming-agent/values.yaml +++ b/charts/conforming-agent/values.yaml @@ -25,8 +25,8 @@ replicaCount: 1 image: - # -- target regirtry - registry: docker.io + # -- target registry + registry: docker.io/ # -- Which derivate of agent to use repository: tractusx/conforming-agent # -- Overrides the image tag whose default is the chart appVersion diff --git a/charts/provisioning-agent/templates/deployment.yaml b/charts/provisioning-agent/templates/deployment.yaml index 6ae951c7..bd712ecd 100644 --- a/charts/provisioning-agent/templates/deployment.yaml +++ b/charts/provisioning-agent/templates/deployment.yaml @@ -52,7 +52,7 @@ spec: - name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + image: "{{ .Values.image.registry }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: {{- range $endpoint, $binding := .Values.bindings }} diff --git a/charts/provisioning-agent/values.yaml b/charts/provisioning-agent/values.yaml index d64d8096..10eb2cf9 100644 --- a/charts/provisioning-agent/values.yaml +++ b/charts/provisioning-agent/values.yaml @@ -26,7 +26,7 @@ replicaCount: 1 image: # -- target regirtry - registry: docker.io + registry: docker.io/ # -- Which derivate of agent to use repository: tractusx/provisioning-agent # -- Overrides the image tag whose default is the chart appVersion diff --git a/charts/remoting-agent/templates/deployment.yaml b/charts/remoting-agent/templates/deployment.yaml index 2265557f..26323483 100644 --- a/charts/remoting-agent/templates/deployment.yaml +++ b/charts/remoting-agent/templates/deployment.yaml @@ -52,7 +52,7 @@ spec: - name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + image: "{{ .Values.image.registry }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: - name: default diff --git a/charts/remoting-agent/values.yaml b/charts/remoting-agent/values.yaml index d5167898..e9624ae5 100644 --- a/charts/remoting-agent/values.yaml +++ b/charts/remoting-agent/values.yaml @@ -26,7 +26,7 @@ replicaCount: 1 image: # -- target regirtry - registry: docker.io + registry: docker.io/ # -- Which derivate of agent to use repository: tractusx/remoting-agent # -- Overrides the image tag whose default is the chart appVersion From 47f4321bb34cfd595ee5a4604259eaf4224c775d Mon Sep 17 00:00:00 2001 From: "Dr. Christoph \"Schorsch\" Jung" Date: Tue, 22 Aug 2023 13:49:59 +0200 Subject: [PATCH 10/14] https://jira.catena-x.net/browse/KA-328 switch chart to local kind registry, using the correct ct command line --- .github/workflows/helm-chart-lint.yml | 8 ++++---- charts/config/chart-testing-config.yaml | 2 +- charts/provisioning-agent/values.yaml | 2 +- charts/remoting-agent/values.yaml | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/helm-chart-lint.yml b/.github/workflows/helm-chart-lint.yml index 41174df6..995353e5 100644 --- a/.github/workflows/helm-chart-lint.yml +++ b/.github/workflows/helm-chart-lint.yml @@ -99,7 +99,7 @@ jobs: # install the chart to the kind cluster and run helm test # define charts to test with the --charts parameter - name: Run chart-testing (install) - run: ct install --charts charts/conforming-agent,charts/provisioning-agent,charts/remoting-agent --config charts/config/chart-testing-config.yaml + run: ct install --charts charts/conforming-agent,charts/provisioning-agent,charts/remoting-agent --config charts/config/chart-testing-config.yaml --helm-extra-set-args="--set=image.registry=kind-registry:5000/" if: github.event_name != 'pull_request' || env.CHART_CHANGED == 'true' # Upgrade the released chart version with the locally available chart @@ -107,7 +107,7 @@ jobs: - name: Run helm upgrade on conforming agent run: | helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev - helm install conforming tractusx-dev/conforming-agent --version ${{ github.event.inputs.upgrade_from || 'x.x.x' }} + helm install conforming tractusx-dev/conforming-agent --version ${{ github.event.inputs.upgrade_from }} --set=image.registry=kind-registry:5000/ helm dependency update charts/conforming-agent helm upgrade conforming charts/conforming-agent if: (github.event_name != 'pull_request' || env.CHART_CHANGED == 'true') && github.event.inputs.upgrade_from != 'x.x.x' @@ -117,7 +117,7 @@ jobs: - name: Run helm upgrade on provisioning agent run: | helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev - helm install provisioning tractusx-dev/provisioning-agent --version ${{ github.event.inputs.upgrade_from || 'x.x.x' }} + helm install provisioning tractusx-dev/provisioning-agent --version ${{ github.event.inputs.upgrade_from }} --set=image.registry=kind-registry:5000/ helm dependency update charts/provisioning-agent helm upgrade provisioning charts/provisioning-agent if: (github.event_name != 'pull_request' || env.CHART_CHANGED == 'true') && github.event.inputs.upgrade_from != 'x.x.x' @@ -127,7 +127,7 @@ jobs: - name: Run helm upgrade on remoting agent run: | helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev - helm install remoting tractusx-dev/provisioning-agent --version ${{ github.event.inputs.upgrade_from || 'x.x.x' }} + helm install remoting tractusx-dev/provisioning-agent --version ${{ github.event.inputs.upgrade_from }} --set=image.registry=kind-registry:5000/ helm dependency update charts/remoting-agent helm upgrade remoting charts/remoting-agent if: (github.event_name != 'pull_request' || env.CHART_CHANGED == 'true') && github.event.inputs.upgrade_from != 'x.x.x' diff --git a/charts/config/chart-testing-config.yaml b/charts/config/chart-testing-config.yaml index ef2ec34d..0bef5732 100644 --- a/charts/config/chart-testing-config.yaml +++ b/charts/config/chart-testing-config.yaml @@ -19,4 +19,4 @@ # Config for testing charts validate-maintainers: false chart-repos: -helm-extra-set-args: "--set=registry=kind-registry:5000/" \ No newline at end of file +helm-extra-set-args: "--set=image.registry=kind-registry:5000/" diff --git a/charts/provisioning-agent/values.yaml b/charts/provisioning-agent/values.yaml index 10eb2cf9..35aac4cf 100644 --- a/charts/provisioning-agent/values.yaml +++ b/charts/provisioning-agent/values.yaml @@ -25,7 +25,7 @@ replicaCount: 1 image: - # -- target regirtry + # -- target registry registry: docker.io/ # -- Which derivate of agent to use repository: tractusx/provisioning-agent diff --git a/charts/remoting-agent/values.yaml b/charts/remoting-agent/values.yaml index e9624ae5..8626bc8e 100644 --- a/charts/remoting-agent/values.yaml +++ b/charts/remoting-agent/values.yaml @@ -25,7 +25,7 @@ replicaCount: 1 image: - # -- target regirtry + # -- target registry registry: docker.io/ # -- Which derivate of agent to use repository: tractusx/remoting-agent From c628269e8a6521778588812260efbc9280092705 Mon Sep 17 00:00:00 2001 From: "Dr. Christoph \"Schorsch\" Jung" Date: Tue, 22 Aug 2023 14:55:30 +0200 Subject: [PATCH 11/14] https://jira.catena-x.net/browse/KA-328 do not try to do a helm upgrade when dispatch is not run --- .github/workflows/helm-chart-lint.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/helm-chart-lint.yml b/.github/workflows/helm-chart-lint.yml index 995353e5..dd15ace7 100644 --- a/.github/workflows/helm-chart-lint.yml +++ b/.github/workflows/helm-chart-lint.yml @@ -110,7 +110,7 @@ jobs: helm install conforming tractusx-dev/conforming-agent --version ${{ github.event.inputs.upgrade_from }} --set=image.registry=kind-registry:5000/ helm dependency update charts/conforming-agent helm upgrade conforming charts/conforming-agent - if: (github.event_name != 'pull_request' || env.CHART_CHANGED == 'true') && github.event.inputs.upgrade_from != 'x.x.x' + if: (github.event_name != 'pull_request' || env.CHART_CHANGED == 'true') && github.event.inputs.upgrade_from != '' && github.event.inputs.upgrade_from != 'x.x.x' # Upgrade the released chart version with the locally available chart # default value for event_name != workflow_dispatch @@ -120,7 +120,7 @@ jobs: helm install provisioning tractusx-dev/provisioning-agent --version ${{ github.event.inputs.upgrade_from }} --set=image.registry=kind-registry:5000/ helm dependency update charts/provisioning-agent helm upgrade provisioning charts/provisioning-agent - if: (github.event_name != 'pull_request' || env.CHART_CHANGED == 'true') && github.event.inputs.upgrade_from != 'x.x.x' + if: (github.event_name != 'pull_request' || env.CHART_CHANGED == 'true') && github.event.inputs.upgrade_from != '' && github.event.inputs.upgrade_from != 'x.x.x' # Upgrade the released chart version with the locally available chart # default value for event_name != workflow_dispatch @@ -130,4 +130,4 @@ jobs: helm install remoting tractusx-dev/provisioning-agent --version ${{ github.event.inputs.upgrade_from }} --set=image.registry=kind-registry:5000/ helm dependency update charts/remoting-agent helm upgrade remoting charts/remoting-agent - if: (github.event_name != 'pull_request' || env.CHART_CHANGED == 'true') && github.event.inputs.upgrade_from != 'x.x.x' + if: (github.event_name != 'pull_request' || env.CHART_CHANGED == 'true') && github.event.inputs.upgrade_from != '' && github.event.inputs.upgrade_from != 'x.x.x' From 8a214303457889583d99367c804b62b643cdd2a1 Mon Sep 17 00:00:00 2001 From: "Dr. Christoph \"Schorsch\" Jung" Date: Wed, 23 Aug 2023 08:44:04 +0200 Subject: [PATCH 12/14] https://jira.catena-x.net/browse/KA-328 release is done for main/snapshot and vx.x.x tags --- .github/workflows/build.yml | 144 ++++++++--------------- .github/workflows/helm-chart-lint.yml | 7 +- .github/workflows/helm-chart-release.yml | 6 + .github/workflows/kics.yml | 10 +- .github/workflows/trivy.yml | 13 +- .github/workflows/veracode.yml | 6 +- 6 files changed, 77 insertions(+), 109 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 0944d97c..af1a1b5c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -18,172 +18,126 @@ # SPDX-License-Identifier: Apache-2.0 # ---- name: "Build" on: + # Runs automatically on main and release branches push: branches: - main - - releases - tags: - - 'v*.*.*' - - 'v*.*.*-*' - release: - types: - - published + - 'releases/**' + # Runs automatically on all code-related PRs to main and release branches pull_request: + branches: + - main + - 'releases/**' paths-ignore: - 'charts/**' - 'docs/**' - '**/*.md' - branches: - - '*' + # Can be scheduled on all branches and version tags workflow_dispatch: + tags: + - 'v*.*.*' + - 'v*.*.*-*' branches: - - 'releases/**' + - '*' +# the docker registry and namespace env: IMAGE_NAMESPACE: "tractusx" +# If build is triggered several times, e.g., through subsequent pushes +# into the same PR, cancel the previous runs, see below concurrency: # cancel only running jobs on pull requests group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} cancel-in-progress: true +# Actual build/deploy logic jobs: - pre_job: - # continue-on-error: true # Uncomment once integration is finished - runs-on: ubuntu-latest - # Map a step output to a job output - outputs: - should_skip: ${{ steps.skip_check.outputs.should_skip }} - steps: - - id: skip_check - uses: fkirc/skip-duplicate-actions@v5 - with: - # All of these options are optional, so you can remove them if you are happy with the defaults - concurrent_skipping: 'same_content' - skip_after_successful_duplicate: 'true' - do_not_skip: '["push", "pull_request", "workflow_dispatch", "schedule"]' - - build_java: - name: Build Java + # Build maven stuff + build_maven: + name: Build/Deploy Maven Artifacts runs-on: ubuntu-latest permissions: write-all - needs: pre_job - if: ${{ needs.pre_job.outputs.should_skip != 'true' }} strategy: fail-fast: false - steps: + # Get the Code - name: Checkout repository uses: actions/checkout@v3 with: submodules: recursive - # We need to manually instruct maven + # Setup build environment - uses: ./.github/actions/setup-java + # Enabled deployment access (if either running on main or a version tag on eclipse-tractusx) - name: Login to GitHub Container Registry - if: ${{ (github.repository == 'catenax-ng/product-agents' || github.repository == 'eclipse-tractusx/knowledge-agents') && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} + if: ${{ github.repository == 'eclipse-tractusx/knowledge-agents' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} uses: docker/login-action@v2 with: # Use existing DockerHub credentials present as secrets username: ${{ secrets.DOCKER_HUB_USER }} password: ${{ secrets.DOCKER_HUB_TOKEN }} + # Run Maven Deploy (if either running on main or a version tag on eclipse-tractusx) - name: Deploy Java via Maven - if: ${{ (github.repository == 'catenax-ng/product-agents' || github.repository == 'eclipse-tractusx/knowledge-agents') && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} + if: ${{ github.repository == 'eclipse-tractusx/knowledge-agents' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} run: | ./mvnw -s settings.xml deploy env: GITHUB_ACTOR: ${{ github.actor }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # Run Maven Install (otherwise) - name: Build Java via Maven - if: ${{ ( github.repository != 'catenax-ng/product-agents' && github.repository != 'eclipse-tractusx/knowledge-agents') || (github.ref != 'refs/heads/main' && !startsWith(github.ref, 'refs/tags/v')) }} + if: ${{ github.repository != 'eclipse-tractusx/knowledge-agents' || (github.ref != 'refs/heads/main' && !startsWith(github.ref, 'refs/tags/v')) }} run: | ./mvnw -s settings.xml install env: GITHUB_ACTOR: ${{ github.actor }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # Actual build/deploy logic + build_docker: + name: Build/Deploy Docker Artifacts + runs-on: ubuntu-latest + permissions: write-all + needs: [ build_maven ] + strategy: + fail-fast: false + matrix: + variant: [ { dir: provisioning, name: provisioning-agent }, + { dir: remoting, name: remoting-agent }, + { dir: conforming, name: conforming-agent } ] + steps: + # Create SemVer or ref tags dependent of trigger event - - name: Docker Meta Conforming Agent + - name: Docker Meta id: meta-conf uses: docker/metadata-action@v4 with: images: | - ${{ env.IMAGE_NAMESPACE }}/conforming-agent + ${{ env.IMAGE_NAMESPACE }}/${{ matrix.variant.name }} # Automatically prepare image tags; See action docs for more examples. # semver patter will generate tags like these for example :1 :1.2 :1.2.3 tags: | - type=ref,event=branch - type=ref,event=pr + type=sha,event=branch + type=sha,event=pr type=semver,pattern={{version}} type=semver,pattern={{major}} type=semver,pattern={{major}}.{{minor}} - - name: Conforming Agent Container Build and push + # build in any case, but push only main and version tag settings + - name: Container Build and Push uses: docker/build-push-action@v3 with: - context: conforming/. - file: conforming/src/main/docker/Dockerfile + context: ${{ matrix.variant.dir }}/. + file: ${{ matrix.variant.dir }}/src/main/docker/Dockerfile # Build image for verification purposes on every trigger event. Only push if event is not a PR - push: ${{ (github.repository == 'catenax-ng/product-agents' || github.repository == 'eclipse-tractusx/knowledge-agents') && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} + push: ${{ github.repository == 'eclipse-tractusx/knowledge-agents' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} tags: ${{ steps.meta-conf.outputs.tags }} labels: ${{ steps.meta-conf.outputs.labels }} - - # Create SemVer or ref tags dependent of trigger event - - name: Docker Meta Provisioning Agent - id: meta-prov - uses: docker/metadata-action@v4 - with: - images: | - ${{ env.IMAGE_NAMESPACE }}/provisioning-agent - # Automatically prepare image tags; See action docs for more examples. - # semver patter will generate tags like these for example :1 :1.2 :1.2.3 - tags: | - type=ref,event=branch - type=ref,event=pr - type=semver,pattern={{version}} - type=semver,pattern={{major}} - type=semver,pattern={{major}}.{{minor}} - - - name: Provisioning Agent Container Build and push - uses: docker/build-push-action@v3 - with: - context: provisioning/. - file: provisioning/src/main/docker/Dockerfile - # Build image for verification purposes on every trigger event. Only push if event is not a PR - push: ${{ (github.repository == 'catenax-ng/product-agents' || github.repository == 'eclipse-tractusx/knowledge-agents') && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} - tags: ${{ steps.meta-prov.outputs.tags }} - labels: ${{ steps.meta-prov.outputs.labels }} - - # Create SemVer or ref tags dependent of trigger event - - name: Docker Meta Remoting Agent - id: meta-remote - uses: docker/metadata-action@v4 - with: - images: | - ${{ env.IMAGE_NAMESPACE }}/remoting-agent - # Automatically prepare image tags; See action docs for more examples. - # semver patter will generate tags like these for example :1 :1.2 :1.2.3 - tags: | - type=ref,event=branch - type=ref,event=pr - type=semver,pattern={{version}} - type=semver,pattern={{major}} - type=semver,pattern={{major}}.{{minor}} - - - name: Remoting Agent Container Build and push - uses: docker/build-push-action@v3 - with: - context: remoting/. - file: remoting/src/main/docker/Dockerfile - # Build image for verification purposes on every trigger event. Only push if event is not a PR - push: ${{ (github.repository == 'catenax-ng/product-agents' || github.repository == 'eclipse-tractusx/knowledge-agents') && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} - tags: ${{ steps.meta-remote.outputs.tags }} - labels: ${{ steps.meta-remote.outputs.labels }} diff --git a/.github/workflows/helm-chart-lint.yml b/.github/workflows/helm-chart-lint.yml index dd15ace7..1bd6346f 100644 --- a/.github/workflows/helm-chart-lint.yml +++ b/.github/workflows/helm-chart-lint.yml @@ -21,17 +21,22 @@ name: Lint and Test Charts # Run chart linting and tests on each pull request on: + # Runs automatically on pushes and PRs into main and release branches, if changes to the chart have been performed push: branches: - main - - releases + - 'releases/**' paths: - .github/workflows/** - charts/** pull_request: + branches: + - main + - 'releases/**' paths: - .github/workflows/** - charts/** + # Can be triggered to investigate upgrades workflow_dispatch: inputs: node_image: diff --git a/.github/workflows/helm-chart-release.yml b/.github/workflows/helm-chart-release.yml index 3b77f1af..807af4da 100644 --- a/.github/workflows/helm-chart-release.yml +++ b/.github/workflows/helm-chart-release.yml @@ -20,13 +20,19 @@ name: Release Charts on: + # May be invoked manually workflow_dispatch: + branches: + - main + - 'releases/**' + # Or by pushing to the chart dir of some dev/ release branch push: # prevent unnecessary GH action runs for files outside of charts folder paths: - 'charts/**' branches: - main + - 'releases/**' jobs: release: diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index 8264c510..421796a0 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -22,11 +22,17 @@ name: "KICS" on: push: - branches: [main, releases] + branches: + - main + - 'releases/**' pull_request: - branches: [main, releases] + branches: + - main + - 'releases/**' + workflow_dispatch: + # Since rules may change should run regularily schedule: - cron: "0 0 * * *" diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 394ffb1f..60398852 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -28,11 +28,9 @@ on: workflows: [ "Build" ] branches: - main - - releases - - release/* - - hotfix/* tags: - - '[0-9]+.[0-9]+.[0-9]+' + - 'v*.*.*' + - 'v*.*.*-*' types: - completed @@ -46,8 +44,7 @@ jobs: - name: Resolve git 7-chars sha id: git-sha7 run: | - echo "SHA7=1.9.5-SNAPSHOT" >> $GITHUB_OUTPUT -# echo "SHA7=${GITHUB_SHA::7}" >> $GITHUB_OUTPUT + echo "SHA7=${GITHUB_SHA::7}" >> $GITHUB_OUTPUT trivy-analyze-config: runs-on: ubuntu-latest @@ -94,7 +91,7 @@ jobs: - name: "Check if image exists" id: imageCheck run: | - docker manifest inspect tractusx/knowledge-agents/${{ matrix.image }}:${{ needs.git-sha7.outputs.value }} + docker manifest inspect tractusx/${{ matrix.image }}:${{ needs.git-sha7.outputs.value }} continue-on-error: true ## the next two steps will only execute if the image exists check was successful @@ -102,7 +99,7 @@ jobs: if: success() && steps.imageCheck.outcome != 'failure' uses: aquasecurity/trivy-action@master with: - image-ref: "tractusx/knowledge-agents/${{ matrix.image }}:${{ needs.git-sha7.outputs.value }}" + image-ref: "tractusx/${{ matrix.image }}:${{ needs.git-sha7.outputs.value }}" format: "sarif" output: "trivy-results-${{ matrix.image }}.sarif" exit-code: "1" diff --git a/.github/workflows/veracode.yml b/.github/workflows/veracode.yml index 12ac31a5..d09fd681 100644 --- a/.github/workflows/veracode.yml +++ b/.github/workflows/veracode.yml @@ -78,12 +78,12 @@ jobs: - name: Veracode Upload And Scan uses: veracode/veracode-uploadandscan-action@v1.0 if: | - needs.secret-presence.outputs.ORG_VERACODE_API_ID && needs.secret-presence.outputs.ORG_VERACODE_API_KEY + needs.secret-presence.outputs.VERACODE_API_ID && needs.secret-presence.outputs.VERACODE_API_KEY continue-on-error: true with: appname: knowledge-agents/${{ matrix.variant.name }} createprofile: true version: ${{ matrix.variant.name }}-${{ github.sha }} filepath: ${{ matrix.variant.dir }}/target/${{ matrix.variant.name }}.tar.gz - vid: ${{ secrets.ORG_VERACODE_API_ID }} - vkey: ${{ secrets.ORG_VERACODE_API_KEY }} + vid: ${{ secrets.VERACODE_API_ID }} + vkey: ${{ secrets.VERACODE_API_KEY }} From cfe3254d3b34ee613c61c1d58f8d0ddb9a095269 Mon Sep 17 00:00:00 2001 From: "Dr. Christoph \"Schorsch\" Jung" Date: Wed, 23 Aug 2023 08:51:57 +0200 Subject: [PATCH 13/14] https://jira.catena-x.net/browse/KA-328 docker is depending on maven residues so we cannot separate the steps --- .github/workflows/build.yml | 82 +++++++++++++++++++++++++++---------- 1 file changed, 61 insertions(+), 21 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index af1a1b5c..eaa51c37 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -57,8 +57,8 @@ concurrency: # Actual build/deploy logic jobs: # Build maven stuff - build_maven: - name: Build/Deploy Maven Artifacts + build: + name: Build/Deploy Maven & Docker Artifacts runs-on: ubuntu-latest permissions: write-all strategy: @@ -100,27 +100,13 @@ jobs: GITHUB_ACTOR: ${{ github.actor }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # Actual build/deploy logic - build_docker: - name: Build/Deploy Docker Artifacts - runs-on: ubuntu-latest - permissions: write-all - needs: [ build_maven ] - strategy: - fail-fast: false - matrix: - variant: [ { dir: provisioning, name: provisioning-agent }, - { dir: remoting, name: remoting-agent }, - { dir: conforming, name: conforming-agent } ] - steps: - # Create SemVer or ref tags dependent of trigger event - - name: Docker Meta + - name: Docker Meta Conforming id: meta-conf uses: docker/metadata-action@v4 with: images: | - ${{ env.IMAGE_NAMESPACE }}/${{ matrix.variant.name }} + ${{ env.IMAGE_NAMESPACE }}/conforming-agent # Automatically prepare image tags; See action docs for more examples. # semver patter will generate tags like these for example :1 :1.2 :1.2.3 tags: | @@ -131,13 +117,67 @@ jobs: type=semver,pattern={{major}}.{{minor}} # build in any case, but push only main and version tag settings - - name: Container Build and Push + - name: Conforming Container Build and Push uses: docker/build-push-action@v3 with: - context: ${{ matrix.variant.dir }}/. - file: ${{ matrix.variant.dir }}/src/main/docker/Dockerfile + context: conforming/. + file: conforming/src/main/docker/Dockerfile # Build image for verification purposes on every trigger event. Only push if event is not a PR push: ${{ github.repository == 'eclipse-tractusx/knowledge-agents' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} tags: ${{ steps.meta-conf.outputs.tags }} labels: ${{ steps.meta-conf.outputs.labels }} + + # Create SemVer or ref tags dependent of trigger event + - name: Docker Meta Remoting + id: meta-remote + uses: docker/metadata-action@v4 + with: + images: | + ${{ env.IMAGE_NAMESPACE }}/remoting-agent + # Automatically prepare image tags; See action docs for more examples. + # semver patter will generate tags like these for example :1 :1.2 :1.2.3 + tags: | + type=sha,event=branch + type=sha,event=pr + type=semver,pattern={{version}} + type=semver,pattern={{major}} + type=semver,pattern={{major}}.{{minor}} + + # build in any case, but push only main and version tag settings + - name: Remoting Container Build and Push + uses: docker/build-push-action@v3 + with: + context: remoting/. + file: remoting/src/main/docker/Dockerfile + # Build image for verification purposes on every trigger event. Only push if event is not a PR + push: ${{ github.repository == 'eclipse-tractusx/knowledge-agents' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} + tags: ${{ steps.meta-remote.outputs.tags }} + labels: ${{ steps.meta-remote.outputs.labels }} + + # Create SemVer or ref tags dependent of trigger event + - name: Docker Meta Provisioning + id: meta-prov + uses: docker/metadata-action@v4 + with: + images: | + ${{ env.IMAGE_NAMESPACE }}/provisioning-agent + # Automatically prepare image tags; See action docs for more examples. + # semver patter will generate tags like these for example :1 :1.2 :1.2.3 + tags: | + type=sha,event=branch + type=sha,event=pr + type=semver,pattern={{version}} + type=semver,pattern={{major}} + type=semver,pattern={{major}}.{{minor}} + + # build in any case, but push only main and version tag settings + - name: Provisioning Container Build and Push + uses: docker/build-push-action@v3 + with: + context: provisioning/. + file: provisioning/src/main/docker/Dockerfile + # Build image for verification purposes on every trigger event. Only push if event is not a PR + push: ${{ github.repository == 'eclipse-tractusx/knowledge-agents' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }} + tags: ${{ steps.meta-prov.outputs.tags }} + labels: ${{ steps.meta-prov.outputs.labels }} From a8bba30ac5baf0df2f0e6a9f8ffa63157ae706a6 Mon Sep 17 00:00:00 2001 From: "Dr. Christoph \"Schorsch\" Jung" Date: Wed, 23 Aug 2023 13:01:35 +0200 Subject: [PATCH 14/14] doc: more detailed base image information --- .github/workflows/build.yml | 2 +- conforming/README.md | 7 +++++-- provisioning/README.md | 7 +++++-- remoting/README.md | 7 +++++-- 4 files changed, 16 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index eaa51c37..95bf736f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -56,7 +56,7 @@ concurrency: # Actual build/deploy logic jobs: - # Build maven stuff + # Build maven and docker stuff build: name: Build/Deploy Maven & Docker Artifacts runs-on: ubuntu-latest diff --git a/conforming/README.md b/conforming/README.md index 3539412d..40fbc6dd 100644 --- a/conforming/README.md +++ b/conforming/README.md @@ -120,9 +120,12 @@ Project home: https://projects.eclipse.org/projects/automotive.tractusx Dockerfile: https://github.com/eclipse-tractusx/knowledge-agents/blob/main/conforming/src/main/docker/Dockerfile Project license: Apache License, Version 2.0 -Used base image +**Used base image** -[eclipse-temurin:17-jre-alpine](https://hub.docker.com/_/eclipse-temurin/tags?page=1&name=17-jre-alpine) +- [eclipse-temurin:17-jre-alpine](https://github.com/adoptium/containers) +- Official Eclipse Temurin DockerHub page: https://hub.docker.com/_/eclipse-temurin +- Eclipse Temurin Project: https://projects.eclipse.org/projects/adoptium.temurin +- Additional information about the Eclipse Temurin images: https://github.com/docker-library/repo-info/tree/master/repos/eclipse-temurin As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). diff --git a/provisioning/README.md b/provisioning/README.md index 026c335d..e3803c7d 100644 --- a/provisioning/README.md +++ b/provisioning/README.md @@ -275,9 +275,12 @@ Project home: https://projects.eclipse.org/projects/automotive.tractusx Dockerfile: https://github.com/eclipse-tractusx/knowledge-agents/blob/main/provisioning/src/main/docker/Dockerfile Project license: Apache License, Version 2.0 -Used base image +**Used base image** -[ontop/ontop:5.0.2](https://hub.docker.com/r/ontop/ontop/tags?page=1&name=5.0.2) +- [ontop/ontop:5.0.2](https://github.com/ontop/ontop/tree/version5/client/docker) +- Official Ontop DockerHub page: https://hub.docker.com/u/ontop +- Ontop Project: https://ontop-vkg.org +- Additional information about the Ontop image: https://hub.docker.com/r/ontop/ontop As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). diff --git a/remoting/README.md b/remoting/README.md index 49fd91f4..0121f515 100644 --- a/remoting/README.md +++ b/remoting/README.md @@ -202,9 +202,12 @@ Project home: https://projects.eclipse.org/projects/automotive.tractusx Dockerfile: https://github.com/eclipse-tractusx/knowledge-agents/blob/main/remoting/src/main/docker/Dockerfile Project license: Apache License, Version 2.0 -Used base image +**Used base image** -[tomcat:9-jre11-temurin](https://hub.docker.com/_/tomcat/tags?page=1&name=9-jre11-temurin) +- [tomcat:9-jre11-temurin](https://github.com/docker-library/tomcat/tree/master/9.0/jre11/temurin-jammy) +- Official Tomcat Dockerhub page: https://hub.docker.com/_/tomcat +- Apache Tomcat Project: https://tomcat.apache.org/ +- Additional information about the Tomcat image: https://github.com/docker-library/repo-info/tree/master/repos/tomcat As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).