diff --git a/.github/workflows/deploy_staging.yml b/.github/workflows/deploy_staging.yml index e2cd94f..df4ab58 100644 --- a/.github/workflows/deploy_staging.yml +++ b/.github/workflows/deploy_staging.yml @@ -3,6 +3,12 @@ name: Deploy Staging on: release: types: [prereleased] + pull_request: + branches: [main] + +permissions: + id-token: write + contents: read jobs: deploy-staging: @@ -22,8 +28,10 @@ jobs: - name: Call Dagger Deploy Function uses: dagger/dagger-for-github@v5 + env: + GH_TOKEN: ${{secrets.TAP_TOKEN}} with: version: "latest" verb: call - args: deploy-helm-charts --username=${{github.actor}} --password=${{secrets.GITHUB_TOKEN}} --helm-values=ssm:tapservice-values-staging --version=24.9.0 + args: deploy-helm-charts --username=alercebroker --password=env:GH_TOKEN --helm-values=ssm:tapservice-values-staging --version=24.9.0 --dry-run=true workdir: ./ci diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 66dc9e7..5e77c33 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -28,7 +28,8 @@ jobs: name: Call Dagger Publish Helm Charts Function uses: dagger/dagger-for-github@v5 env: - GH_TOKEN: ${{ secrets.TAP_TOKEN }} + GH_TOKEN: ${{ secrets.TAP_TOKEN }} + with: version: "latest" verb: call diff --git a/.gitignore b/.gitignore index e173818..2b49f10 100644 --- a/.gitignore +++ b/.gitignore @@ -27,4 +27,7 @@ ataps values-override.yaml # Local environment variables file -.env +*.env + +# Others +dagger.json \ No newline at end of file diff --git a/ci/dagger.json b/ci/dagger.json index 3dad7dc..2cd6fd6 100644 --- a/ci/dagger.json +++ b/ci/dagger.json @@ -1,12 +1,13 @@ { "name": "ci", + "engineVersion": "v0.11.9", "sdk": "go", "dependencies": [ { "name": "tapservicego", - "source": "../tapservicego" + "source": "../tapservicego", + "pin": "" } ], - "source": "dagger", - "engineVersion": "v0.11.9" + "source": "dagger" } diff --git a/ci/dagger/go.mod b/ci/dagger/go.mod index db2a3d5..4aa8d65 100644 --- a/ci/dagger/go.mod +++ b/ci/dagger/go.mod @@ -3,9 +3,9 @@ module dagger/ci go 1.23.0 require ( - github.com/99designs/gqlgen v0.17.49 + github.com/99designs/gqlgen v0.17.55 github.com/Khan/genqlient v0.7.0 - github.com/vektah/gqlparser/v2 v2.5.16 + github.com/vektah/gqlparser/v2 v2.5.17 go.opentelemetry.io/otel v1.27.0 go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.0.0-20240518090000-14441aefdf88 go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.3.0 @@ -17,26 +17,29 @@ require ( go.opentelemetry.io/otel/trace v1.27.0 go.opentelemetry.io/proto/otlp v1.3.1 golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa - golang.org/x/sync v0.7.0 - google.golang.org/grpc v1.64.0 + golang.org/x/sync v0.8.0 + google.golang.org/grpc v1.65.0 ) require ( github.com/cenkalti/backoff/v4 v4.3.0 // indirect - github.com/go-logr/logr v1.4.1 // indirect + github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/google/uuid v1.6.0 // indirect - github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.22.0 // indirect github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect github.com/sosodev/duration v1.3.1 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.27.0 + go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0 go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.27.0 // indirect - go.opentelemetry.io/otel/metric v1.27.0 // indirect - golang.org/x/net v0.26.0 // indirect - golang.org/x/sys v0.21.0 // indirect - golang.org/x/text v0.16.0 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20240520151616-dc85e6b867a5 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291 // indirect - google.golang.org/protobuf v1.34.1 // indirect + go.opentelemetry.io/otel/metric v1.27.0 + go.opentelemetry.io/otel/sdk/metric v1.27.0 + golang.org/x/net v0.29.0 // indirect + golang.org/x/sys v0.26.0 // indirect + golang.org/x/text v0.18.0 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142 // indirect + google.golang.org/protobuf v1.34.2 // indirect ) replace go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc => go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.0.0-20240518090000-14441aefdf88 diff --git a/ci/dagger/go.sum b/ci/dagger/go.sum index 6fea81b..cb0bbbf 100644 --- a/ci/dagger/go.sum +++ b/ci/dagger/go.sum @@ -1,5 +1,5 @@ -github.com/99designs/gqlgen v0.17.49 h1:b3hNGexHd33fBSAd4NDT/c3NCcQzcAVkknhN9ym36YQ= -github.com/99designs/gqlgen v0.17.49/go.mod h1:tC8YFVZMed81x7UJ7ORUwXF4Kn6SXuucFqQBhN8+BU0= +github.com/99designs/gqlgen v0.17.55 h1:3vzrNWYyzSZjGDFo68e5j9sSauLxfKvLp+6ioRokVtM= +github.com/99designs/gqlgen v0.17.55/go.mod h1:3Bq768f8hgVPGZxL8aY9MaYmbxa6llPM/qu1IGH1EJo= github.com/Khan/genqlient v0.7.0 h1:GZ1meyRnzcDTK48EjqB8t3bcfYvHArCUUvgOwpz1D4w= github.com/Khan/genqlient v0.7.0/go.mod h1:HNyy3wZvuYwmW3Y7mkoQLZsa/R5n5yIRajS1kPBvSFM= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883 h1:bvNMNQO63//z+xNgfBlViaCIJKLlCJ6/fmUseuG0wVQ= @@ -10,16 +10,16 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= -github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 h1:bkypFPDjIYGfCYD5mRBvpqxfYX1YCS1PXdKYWi8FsN0= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0/go.mod h1:P+Lt/0by1T8bfcF3z737NnSbmxQAppXMRziHUxPOC8k= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.22.0 h1:asbCHRVmodnJTuQ3qamDwqVOIjwqUPTYmYuemVOx+Ys= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.22.0/go.mod h1:ggCgvZ2r7uOoQjOyu2Y1NhHmEPPzzuhWgcza5M1Ji1I= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= @@ -33,14 +33,18 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= -github.com/vektah/gqlparser/v2 v2.5.16 h1:1gcmLTvs3JLKXckwCwlUagVn/IlV2bwqle0vJ0vy5p8= -github.com/vektah/gqlparser/v2 v2.5.16/go.mod h1:1lz1OeCqgQbQepsGxPVywrjdBHW2T08PUS3pJqepRww= +github.com/vektah/gqlparser/v2 v2.5.17 h1:9At7WblLV7/36nulgekUgIaqHZWn5hxqluxrxGUhOmI= +github.com/vektah/gqlparser/v2 v2.5.17/go.mod h1:1lz1OeCqgQbQepsGxPVywrjdBHW2T08PUS3pJqepRww= go.opentelemetry.io/otel v1.27.0 h1:9BZoF3yMK/O1AafMiQTVu0YDj5Ea4hPhxCs7sGva+cg= go.opentelemetry.io/otel v1.27.0/go.mod h1:DMpAK8fzYRzs+bi3rS5REupisuqTheUlSZJ1WnZaPAQ= go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.0.0-20240518090000-14441aefdf88 h1:oM0GTNKGlc5qHctWeIGTVyda4iFFalOzMZ3Ehj5rwB4= go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.0.0-20240518090000-14441aefdf88/go.mod h1:JGG8ebaMO5nXOPnvKEl+DiA4MGwFjCbjsxT1WHIEBPY= go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.3.0 h1:ccBrA8nCY5mM0y5uO7FT0ze4S0TuFcWdDB2FxGMTjkI= go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.3.0/go.mod h1:/9pb6634zi2Lk8LYg9Q0X8Ar6jka4dkFOylBLbVQPCE= +go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.27.0 h1:bFgvUr3/O4PHj3VQcFEuYKvRZJX1SJDQ+11JXuSB3/w= +go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.27.0/go.mod h1:xJntEd2KL6Qdg5lwp97HMLQDVeAhrYxmzFseAMDPQ8I= +go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0 h1:CIHWikMsN3wO+wq1Tp5VGdVRTcON+DmOJSfDjXypKOc= +go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0/go.mod h1:TNupZ6cxqyFEpLXAZW7On+mLFL0/g0TE3unIYL91xWc= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.27.0 h1:R9DE4kQ4k+YtfLI2ULwX82VtNQ2J8yZmA7ZIF/D+7Mc= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.27.0/go.mod h1:OQFyQVrDlbe+R7xrEyDr/2Wr67Ol0hRUgsfA+V5A95s= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0 h1:qFffATk0X+HD+f1Z8lswGiOQYKHRlzfmdJm0wEaVrFA= @@ -55,6 +59,8 @@ go.opentelemetry.io/otel/sdk v1.27.0 h1:mlk+/Y1gLPLn84U4tI8d3GNJmGT/eXe3ZuOXN9kT go.opentelemetry.io/otel/sdk v1.27.0/go.mod h1:Ha9vbLwJE6W86YstIywK2xFfPjbWlCuwPtMkKdz/Y4A= go.opentelemetry.io/otel/sdk/log v0.3.0 h1:GEjJ8iftz2l+XO1GF2856r7yYVh74URiF9JMcAacr5U= go.opentelemetry.io/otel/sdk/log v0.3.0/go.mod h1:BwCxtmux6ACLuys1wlbc0+vGBd+xytjmjajwqqIul2g= +go.opentelemetry.io/otel/sdk/metric v1.27.0 h1:5uGNOlpXi+Hbo/DRoI31BSb1v+OGcpv2NemcCrOL8gI= +go.opentelemetry.io/otel/sdk/metric v1.27.0/go.mod h1:we7jJVrYN2kh3mVBlswtPU22K0SA+769l93J6bsyvqw= go.opentelemetry.io/otel/trace v1.27.0 h1:IqYb813p7cmbHk0a5y6pD5JPakbVfftRXABGt5/Rscw= go.opentelemetry.io/otel/trace v1.27.0/go.mod h1:6RiD1hkAprV4/q+yd2ln1HG9GoPx39SuvvstaLBl+l4= go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0= @@ -63,22 +69,22 @@ go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ= golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE= -golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ= -golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE= -golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= -golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws= -golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= -golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= -google.golang.org/genproto/googleapis/api v0.0.0-20240520151616-dc85e6b867a5 h1:P8OJ/WCl/Xo4E4zoe4/bifHpSmmKwARqyqE4nW6J2GQ= -google.golang.org/genproto/googleapis/api v0.0.0-20240520151616-dc85e6b867a5/go.mod h1:RGnPtTG7r4i8sPlNyDeikXF99hMM+hN6QMm4ooG9g2g= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291 h1:AgADTJarZTBqgjiUzRgfaBchgYB3/WFTC80GPwsMcRI= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291/go.mod h1:EfXuqaE1J41VCDicxHzUDm+8rk+7ZdXzHV0IhO/I6s0= -google.golang.org/grpc v1.64.0 h1:KH3VH9y/MgNQg1dE7b3XfVK0GsPSIzJwdF617gUSbvY= -google.golang.org/grpc v1.64.0/go.mod h1:oxjF8E3FBnjp+/gVFYdWacaLDx9na1aqy9oovLpxQYg= -google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg= -google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo= +golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0= +golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= +golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= +golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224= +golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142 h1:wKguEg1hsxI2/L3hUYrpo1RVi48K+uTyzKqprwLXsb8= +google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142/go.mod h1:d6be+8HhtEtucleCbxpPW9PA9XwISACu8nvpPqF0BVo= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142 h1:e7S5W7MGGLaSu8j3YjdezkZ+m1/Nm0uRVRMEMGk26Xs= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU= +google.golang.org/grpc v1.65.0 h1:bs/cUb4lp1G5iImFFd3u5ixQzweKizoZJAwBNLR42lc= +google.golang.org/grpc v1.65.0/go.mod h1:WgYC2ypjlB0EiQi6wdKixMqukr6lBc0Vo+oOgjrM5ZQ= +google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= +google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/ci/dagger/main.go b/ci/dagger/main.go index 0d0e25e..de75482 100644 --- a/ci/dagger/main.go +++ b/ci/dagger/main.go @@ -38,10 +38,13 @@ func (m *Ci) PublishHelmCharts( rootDir *Directory, username string, password *Secret, + awsAccessKeyID *Secret, + awsSecretAccessKey *Secret, + awsSessionToken *Secret, ghOrg *string, ) (string, error) { var result string - output, err := m.publishTapserviceHelmChart(ctx, rootDir, username, password, ghOrg) + output, err := m.publishTapserviceHelmChart(ctx, rootDir, username, password, awsAccessKeyID, awsSecretAccessKey, awsSessionToken, ghOrg) if err != nil { return "", err } @@ -54,12 +57,15 @@ func (m *Ci) DeployHelmCharts( ctx context.Context, username string, password *Secret, + awsAccessKeyID *Secret, + awsSecretAccessKey *Secret, + awsSessionToken *Secret, helmValues *string, version string, dryRun bool, ) (string, error) { var result string - container := m.deployTapService(username, password, helmValues, version, dryRun) + container := m.deployTapService(username, password, awsAccessKeyID, awsSecretAccessKey, awsSessionToken, helmValues, version, dryRun) output, err := container.Stdout(ctx) if err != nil { return "", err @@ -68,13 +74,14 @@ func (m *Ci) DeployHelmCharts( return result, nil } -func (m *Ci) deployTapService(username string, password *Secret, helmValues *string, version string, dryRun bool) *Container { +func (m *Ci) deployTapService(username string, password *Secret, awsAccessKeyID *Secret, awsSecretAccessKey *Secret, awsSessionToken *Secret, helmValues *string, version string, dryRun bool) *Container { opts := TapservicegoDeployOpts{ HelmValues: *helmValues, } url := "ghcr.io/%s/tapservice-chart/tapservice:%s" url = fmt.Sprintf(url, username, version) - return dag.Tapservicego().Deploy(username, password, url, dryRun, opts) + return dag.Tapservicego().Deploy(username, password, awsAccessKeyID, awsSecretAccessKey, awsSessionToken, url, dryRun, opts) + } func (m *Ci) publishTapservice( @@ -105,6 +112,9 @@ func (m *Ci) publishTapserviceHelmChart( rootDir *Directory, username string, password *Secret, + awsAccessKeyID *Secret, + awsSecretAccessKey *Secret, + awsSessionToken *Secret, ghOrg *string, ) (string, error) { chartDir := rootDir.Directory("tapservicego").Directory("deployments/tapservice") @@ -115,5 +125,5 @@ func (m *Ci) publishTapserviceHelmChart( opts := TapservicegoPublishHelmChartOpts{ GhOrg: org, } - return dag.Tapservicego().PublishHelmChart(ctx, chartDir, username, password, opts) + return dag.Tapservicego().PublishHelmChart(ctx, chartDir, username, password, awsAccessKeyID, awsSecretAccessKey, awsSessionToken, opts) } diff --git a/tapservicego/dagger/.gitignore b/tapservicego/dagger/.gitignore index 7ebabcc..a25b56d 100644 --- a/tapservicego/dagger/.gitignore +++ b/tapservicego/dagger/.gitignore @@ -2,3 +2,5 @@ /internal/dagger /internal/querybuilder /internal/telemetry + +*.env \ No newline at end of file diff --git a/tapservicego/dagger/aws.go b/tapservicego/dagger/aws.go index a7fe5e9..33af354 100644 --- a/tapservicego/dagger/aws.go +++ b/tapservicego/dagger/aws.go @@ -3,21 +3,28 @@ package main import ( "context" "dagger/tapservicego/internal/dagger" - "os" + "fmt" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/service/ssm" ) -func withAWSCredentials(container *dagger.Container) *dagger.Container { - return container. - WithEnvVariable("AWS_ACCESS_KEY_ID", os.Getenv("AWS_ACCESS_KEY_ID")). - WithEnvVariable("AWS_SECRET_ACCESS_KEY", os.Getenv("AWS_SECRET_ACCESS_KEY")). - WithEnvVariable("AWS_SESSION_TOKEN", os.Getenv("AWS_SESSION_TOKEN")) +func withAWSCredentials(awsAccessKeyID, awsSecretAccessKey, awsSessionToken *dagger.Secret, ctx context.Context) func(*dagger.Container) *dagger.Container { + return func(container *dagger.Container) *dagger.Container { + key, _ := awsAccessKeyID.Plaintext(ctx) + secret, _ := awsSecretAccessKey.Plaintext(ctx) + session, _ := awsSessionToken.Plaintext(ctx) + + return container. + WithEnvVariable("AWS_ACCESS_KEY_ID", key). + WithEnvVariable("AWS_SECRET_ACCESS_KEY", secret). + WithEnvVariable("AWS_SESSION_TOKEN", session) + } } func getSsmValue(parameterName string) (string, error) { - cfg, err := config.LoadDefaultConfig(context.TODO()) + cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithRegion("us-east-1")) + fmt.Print(cfg) if err != nil { return "", err } @@ -26,6 +33,7 @@ func getSsmValue(parameterName string) (string, error) { parameter, err := client.GetParameter(context.TODO(), &ssm.GetParameterInput{ Name: ¶meterName, }) + //fmt.Print(err) if err != nil { return "", err } diff --git a/tapservicego/dagger/deploy.go b/tapservicego/dagger/deploy.go index b1305c6..0c17d28 100644 --- a/tapservicego/dagger/deploy.go +++ b/tapservicego/dagger/deploy.go @@ -14,6 +14,9 @@ func (m *Tapservicego) PublishHelmChart( chartDir *dagger.Directory, username string, password *dagger.Secret, + awsAccessKeyID *dagger.Secret, + awsSecretAccessKey *dagger.Secret, + awsSessionToken *dagger.Secret, ghOrg *string, ) (string, error) { container := dag.Container(). @@ -36,6 +39,7 @@ func (m *Tapservicego) PublishHelmChart( } registry := fmt.Sprintf("oci://ghcr.io/%s/tapservice-chart", *ghOrg) return container. + With(withAWSCredentials(awsAccessKeyID, awsSecretAccessKey, awsSessionToken, ctx)). WithExec([]string{"helm", "registry", "login", "-u", username, "-p", pwd, "ghcr.io"}). WithExec([]string{"helm", "push", fmt.Sprintf("/usr/src/tapservice-%s.tgz", version), registry}). Stdout(ctx) @@ -46,6 +50,9 @@ func (m *Tapservicego) Deploy( ctx context.Context, username string, password *dagger.Secret, + awsAccessKeyID *dagger.Secret, + awsSecretAccessKey *dagger.Secret, + awsSessionToken *dagger.Secret, chartUrl string, helmValues *string, dryRun bool, @@ -62,7 +69,7 @@ func (m *Tapservicego) Deploy( m.DryRun = dryRun return dag.Container(). From("alpine/k8s:1.31.0"). - With(withAWSCredentials). + With(withAWSCredentials(awsAccessKeyID, awsSecretAccessKey, awsSessionToken, ctx)). With(m.helmValuesFile). WithWorkdir("/usr/src/app"). WithExec([]string{"helm", "registry", "login", "-u", username, "-p", pwd, "ghcr.io"}). diff --git a/tapservicego/deployments/tapservice/values.yaml b/tapservicego/deployments/tapservice/values.yaml index c1df603..3f3310f 100644 --- a/tapservicego/deployments/tapservice/values.yaml +++ b/tapservicego/deployments/tapservice/values.yaml @@ -5,34 +5,20 @@ replicaCount: 1 image: - repository: "" + repository: ghcr.io/alercebroker/tapservice-chart/tapservice pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - tag: "" + tag: rc imagePullSecrets: - name: image-pull-access nameOverride: "" -fullnameOverride: "" +namespace: "" imageCredentials: - password: ${ghcr_password} + password: "" registry: ghcr.io - username: ${ghcr_username} - -podAnnotations: {} -podLabels: {} - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 + username: "" service: type: ClusterIP @@ -42,21 +28,17 @@ ingress: enabled: true className: "alb" annotations: - alb.ingress.kubernetes.io/target-type: ip + alb.ingress.kubernetes.io/target-type: "" alb.ingress.kubernetes.io/tags: "" - alb.ingress.kubernetes.io/scheme: internet-facing + alb.ingress.kubernetes.io/scheme: "" alb.ingress.kubernetes.io/certificate-arn: "" alb.ingress.kubernetes.io/group.name: "" hosts: # Host should be the CNAME in Route53 that points to the ALB - host: api.staging.alerce.online paths: - - path: "" + - path: /v2/ATAPS pathType: Prefix - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local resources: limits: @@ -68,11 +50,11 @@ resources: livenessProbe: httpGet: - path: / + path: "" port: 8080 readinessProbe: httpGet: - path: / + path: "" port: 8080 autoscaling: @@ -80,26 +62,6 @@ autoscaling: minReplicas: 1 maxReplicas: 8 targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 - -# Additional volumes on the output Deployment definition. -volumes: [] -# - name: foo -# secret: -# secretName: mysecret -# optional: false - -# Additional volumeMounts on the output Deployment definition. -volumeMounts: [] -# - name: foo -# mountPath: "/etc/foo" -# readOnly: true - -nodeSelector: {} - -tolerations: [] - -affinity: {} secret: name: "container-secrets"