Skip to content
This repository has been archived by the owner on Nov 8, 2024. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: ergon/airlock-helm-charts
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: microgateway-0.6.0
Choose a base ref
...
head repository: ergon/airlock-helm-charts
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
Loading
Showing with 3,079 additions and 1,250 deletions.
  1. +4 −3 .github/ct.yaml
  2. +14 −16 .github/helm-docs-generate.sh
  3. +0 −6 .github/helm-docs-install.sh
  4. +0 −6 .github/helm-docs-verify.sh
  5. +6 −5 .github/kubeval.sh
  6. +2 −3 .github/pull_request_template.md
  7. +8 −0 .github/unit-test.sh
  8. +43 −50 .github/workflows/ci.yaml
  9. +15 −2 .github/workflows/release.yaml
  10. +1 −0 .gitignore
  11. +3 −0 Makefile
  12. +8 −0 README.md
  13. +6 −0 charts/microgateway/.helmignore
  14. +9 −0 charts/microgateway/Chart.lock
  15. +39 −6 charts/microgateway/Chart.yaml
  16. +55 −0 charts/microgateway/DEVELOPER_NOTES.md
  17. +408 −430 charts/microgateway/README.md
  18. +331 −367 charts/microgateway/README.md.gotmpl
  19. BIN charts/microgateway/charts/echo-server-0.3.0.tgz
  20. BIN charts/microgateway/charts/echo-server-0.5.0.tgz
  21. BIN charts/microgateway/charts/redis-10.6.12.tgz
  22. BIN charts/microgateway/charts/redis-17.4.3.tgz
  23. +27 −0 charts/microgateway/ci/dsl-values.yaml
  24. +0 −11 charts/microgateway/ci/testing-values.yaml
  25. +15 −0 charts/microgateway/icon.svg
  26. +0 −9 charts/microgateway/requirements.lock
  27. +0 −9 charts/microgateway/requirements.yaml
  28. +7 −9 charts/microgateway/templates/NOTES.txt
  29. +65 −21 charts/microgateway/templates/_helpers.tpl
  30. +3 −104 charts/microgateway/templates/configmap.yaml
  31. +118 −25 charts/microgateway/templates/deployment.yaml
  32. +11 −0 charts/microgateway/templates/dockersecret.yaml
  33. +28 −3 charts/microgateway/templates/hpa.yaml
  34. +47 −2 charts/microgateway/templates/ingress.yaml
  35. +13 −0 charts/microgateway/templates/licensesecret.yaml
  36. +15 −0 charts/microgateway/templates/passphrasesecret.yaml
  37. +3 −3 charts/microgateway/templates/route.yaml
  38. +0 −18 charts/microgateway/templates/secret.yaml
  39. +6 −0 charts/microgateway/templates/service.yaml
  40. +16 −0 charts/microgateway/templates/serviceaccount.yaml
  41. +17 −0 charts/microgateway/templates/test-call.yaml
  42. +14 −0 charts/microgateway/tests/__snapshot__/configmap_test.yaml.snap
  43. +26 −0 charts/microgateway/tests/configmap_test.yaml
  44. +122 −0 charts/microgateway/tests/deployment_container_test.yaml
  45. +157 −0 charts/microgateway/tests/deployment_initcontainer_test.yaml
  46. +302 −0 charts/microgateway/tests/deployment_test.yaml
  47. +79 −0 charts/microgateway/tests/dockersecret_test.yaml
  48. +128 −0 charts/microgateway/tests/hpa_test.yaml
  49. +262 −0 charts/microgateway/tests/ingress_test.yaml
  50. +50 −0 charts/microgateway/tests/labels_test.yaml
  51. +87 −0 charts/microgateway/tests/licensesecret_test.yaml
  52. +72 −0 charts/microgateway/tests/passphrasesecret_test.yaml
  53. +62 −0 charts/microgateway/tests/route_test.yaml
  54. +73 −0 charts/microgateway/tests/service_test.yaml
  55. +82 −0 charts/microgateway/tests/serviceaccount_test.yaml
  56. +13 −0 charts/microgateway/tests/values/dsl.yaml
  57. +207 −142 charts/microgateway/values.yaml
7 changes: 4 additions & 3 deletions .github/ct.yaml
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
helm-extra-args: --timeout 300s
check-version-increment: false
charts: charts/microgateway
debug: true
namespace: validation-namespace
release-label: release
chart-repos:
namespace: default
release-label: app.kubernetes.io/instance
chart-repos:
- bitnami=https://charts.bitnami.com/bitnami
- ealenn=https://ealenn.github.io/charts
30 changes: 14 additions & 16 deletions .github/helm-docs-generate.sh
Original file line number Diff line number Diff line change
@@ -1,27 +1,25 @@
#!/bin/bash
set -euox pipefail

# Write Error Message
echo -e "\033[0;31m ######## The helm-docs validation failed. ######## \033[0m" >&2
echo -e "\033[0;31m Make sure that the documentation has been updated. \033[0m" >&2

git config user.name "$TECHNICAL_USER"
git config user.email "$TECHNICAL_USER@users.noreply.github.com"
git fetch
git checkout ${BRANCH_NAME}

git checkout ${BRANCH_NAME}

./helm-docs
# create readme
make

# push readme updates
READMES_CHANGED=$(git diff --name-only HEAD -- 'charts/**/README.md')

change_count=0
for README_CHANGED in ${READMES_CHANGED}; do
git add ${README_CHANGED}
done

git commit -m "Automated README generation"
echo "Push to ${BRANCH_NAME}"
git push "https://$TECHNICAL_USER:$TECHNICAL_USER_TOKEN@github.com/${GITHUB_REPOSITORY}.git" ${BRANCH_NAME}

git checkout master

rm helm-docs
((++change_count))
done

if [ $change_count -gt 0 ]; then
echo "Push ${change_count} readmes to ${BRANCH_NAME}"
git commit -m "Automated README generation"
git push "https://$TECHNICAL_USER:$TECHNICAL_USER_TOKEN@github.com/${GITHUB_REPOSITORY}.git" ${BRANCH_NAME}
fi
6 changes: 0 additions & 6 deletions .github/helm-docs-install.sh

This file was deleted.

6 changes: 0 additions & 6 deletions .github/helm-docs-verify.sh

This file was deleted.

11 changes: 6 additions & 5 deletions .github/kubeval.sh
Original file line number Diff line number Diff line change
@@ -1,15 +1,16 @@
#!/bin/bash
#!/bin/bash
set -euox pipefail

CHART_DIRS="$(git diff --find-renames --name-only "$(git rev-parse --abbrev-ref HEAD)" remotes/origin/master -- charts | cut -f1-2 -d '/' | uniq)"
KUBEVAL_VERSION="0.15.0"
SCHEMA_LOCATION="https://raw.githubusercontent.com/instrumenta/kubernetes-json-schema/master/"
CHART_DIRS="$(ls -d charts/*)"
KUBEVAL_VERSION="v0.16.1"
SCHEMA_LOCATION="https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/"

# install kubeval
curl --silent --show-error --fail --location --output /tmp/kubeval.tar.gz https://github.com/instrumenta/kubeval/releases/download/"${KUBEVAL_VERSION}"/kubeval-linux-amd64.tar.gz
tar -xf /tmp/kubeval.tar.gz kubeval

# validate charts
for CHART_DIR in ${CHART_DIRS}; do
helm template "${CHART_DIR}" | ./kubeval --strict --ignore-missing-schemas --kubernetes-version "${KUBERNETES_VERSION#v}" --schema-location "${SCHEMA_LOCATION}"
helm template "${CHART_DIR}" | ./kubeval --strict --kubernetes-version "${KUBERNETES_VERSION#v}" --schema-location "${SCHEMA_LOCATION}"
helm template -f "${CHART_DIR}/ci/dsl-values.yaml" "${CHART_DIR}" | ./kubeval --strict --kubernetes-version "${KUBERNETES_VERSION#v}" --schema-location "${SCHEMA_LOCATION}"
done
5 changes: 2 additions & 3 deletions .github/pull_request_template.md
Original file line number Diff line number Diff line change
@@ -20,10 +20,8 @@ Please delete options that are irrelevant.
- [ ] Documentation

## How has this been tested?
Please describe the tests you ran to verify the changes. Provide instructions that we can re-run the tests. Please list any relevant details for tests setup.
Please describe the tests you ran in addition to the unit tests. Provide instructions to re-run the tests. Please list any relevant details for test setup.

- Test A
- Test B

**Versions**
* Microgateway:
@@ -33,6 +31,7 @@ Please describe the tests you ran to verify the changes. Provide instructions th

## Checklist:
- [ ] The code has been reviewed (self-review, ...).
- [ ] Unit tests have been implemented.
- [ ] The parts of the code which are hard to understand are commented.
- [ ] The corresponding documentation has been updated.
- [ ] The changes do not cause warnings.
8 changes: 8 additions & 0 deletions .github/unit-test.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
#!/bin/bash
set -euox pipefail

# install unittest helm plugin
helm plugin install --version v0.2.11 https://github.com/quintush/helm-unittest

#run unittest
helm unittest -3 charts/microgateway
93 changes: 43 additions & 50 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
@@ -2,94 +2,87 @@ name: Lint and Test Charts

on:
pull_request:
paths:
paths:
- 'charts/**'
- '.github/**'
- '!charts/microgateway/README.md'
workflow_dispatch:

jobs:
lint-chart:
generate-docs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v1
- name: Run chart-testing (lint)
uses: helm/chart-testing-action@master
uses: actions/checkout@v3
with:
command: lint
config: .github/ct.yaml
lint-docs:
runs-on: ubuntu-latest
needs: lint-chart
steps:
- name: Checkout
uses: actions/checkout@v1
- name: Install helm-docs
run: .github/helm-docs-install.sh
env:
HELM_DOCS_VERSION: "0.12.0"
- name: Run helm-docs
id: validatedocs
run: .github/helm-docs-verify.sh
- name: Generate helm-docs (on failure)
if: failure()
persist-credentials: false
fetch-depth: 0
- name: Generate helm-docs
run: .github/helm-docs-generate.sh
env:
BRANCH_NAME: ${{ github.head_ref }}
TECHNICAL_USER_TOKEN: ${{ secrets.TECHNICAL_USER_TOKEN }}
TECHNICAL_USER: ${{ secrets.TECHNICAL_USER }}
unit-test:
runs-on: ubuntu-latest
needs:
- generate-docs
steps:
- name: Checkout
uses: actions/checkout@v3
- name: install and run helm unit tests
run: .github/unit-test.sh
kubeval-chart:
runs-on: ubuntu-latest
needs:
- lint-chart
- lint-docs
- unit-test
strategy:
matrix:
k8s:
- v1.16.4
- v1.17.2
- v1.18.2
- v1.24.9
- v1.25.5
- v1.26.0
steps:
- name: Checkout
uses: actions/checkout@v1
uses: actions/checkout@v3
- name: Run kubeval
env:
KUBERNETES_VERSION: ${{ matrix.k8s }}
run: .github/kubeval.sh
install-chart:
name: install-chart
runs-on: ubuntu-latest
env:
_v_namespace: validation-namespace
needs:
- lint-chart
- lint-docs
- kubeval-chart
strategy:
matrix:
k8s:
- v1.16.4
- v1.17.2
- v1.18.2
- v1.24.7
- v1.25.3
- v1.26.0
steps:
- name: Checkout
uses: actions/checkout@v1
uses: actions/checkout@v3
- name: Set up Helm
uses: azure/setup-helm@v3
with:
version: v3.4.0
- uses: actions/setup-python@v4
with:
python-version: 3.7
- name: Set up chart-testing
uses: helm/chart-testing-action@v2.0.1
- name: Run chart-testing (lint)
run: ct lint --config .github/ct.yaml
- name: Create kind ${{ matrix.k8s }} cluster
uses: helm/kind-action@master
uses: helm/kind-action@v1.5.0
with:
node_image: kindest/node:${{ matrix.k8s }}
wait: 120s
#log_level: debug
- name: Create Secrets
run: |
kubectl cluster-info
kubectl get pods -n kube-system
echo "current-context:" $(kubectl config current-context)
kubectl create namespace $_v_namespace
kubectl create secret docker-registry dockersecret --docker-username=${{ secrets.DOCKER_USER }} --docker-password=${{ secrets.DOCKER_USER_TOKEN }} --namespace $_v_namespace
echo "${{ secrets.WAF_LICENSE }}" >> tmplicense.txt
echo "${{ secrets.WAF_PASSPHRASE }}" >> tmppassphrase.txt
kubectl create secret generic microgatewaysecrets --from-file=license=tmplicense.txt --from-file=passphrase=tmppassphrase.txt --namespace $_v_namespace
kubectl describe secret dockersecret --namespace $_v_namespace
kubectl describe secret microgatewaysecrets --namespace $_v_namespace
kubectl create secret docker-registry dockersecret --docker-username=${{ secrets.DOCKER_USER }} --docker-password=${{ secrets.DOCKER_USER_TOKEN }}
- name: Run chart-testing (install)
uses: helm/chart-testing-action@master
with:
command: install
config: .github/ct.yaml
run: ct install --config .github/ct.yaml
17 changes: 15 additions & 2 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
@@ -6,18 +6,31 @@ on:
- master
paths:
- 'charts/**/Chart.yaml'
workflow_dispatch:

jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v1
uses: actions/checkout@v3
with:
fetch-depth: 0
token: '${{ secrets.TECHNICAL_USER_TOKEN }}'
- name: Configure Git
run: |
git config user.name "'${{ secrets.TECHNICAL_USER }}'"
git config user.email "'${{ secrets.TECHNICAL_USER }}'@users.noreply.github.com"
- name: Install Helm
uses: azure/setup-helm@v3
with:
version: v3.4.0
- name: Add Helm Repo
run: |
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo add ealenn https://ealenn.github.io/charts
- name: Run chart-releaser
uses: helm/chart-releaser-action@master
uses: helm/chart-releaser-action@v1.4.0
env:
CR_TOKEN: '${{ secrets.TECHNICAL_USER_TOKEN }}'
CR_SKIP_EXISTING: true
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -2,3 +2,4 @@

# IDE
.idea/
charts/test-values.yaml
3 changes: 3 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
helm-docs:
@echo --- Generating Chart READMEs
@docker run --rm -v $$(pwd):/helm-docs -u $$(id -u) jnorwood/helm-docs:v1.5.0
8 changes: 8 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,11 @@
# DEPRECATED

This repository was deprecated on 2024-11-08. It is no longer maintained. As a replacement we offer [Airlock Microgateway](https://docs.airlock.com/microgateway/latest/)
in version 4.4 and higher which is a Kubernetes native WAAP solution.

Refer to our Helm Charts [Airlock Microgateway](https://quay.io/repository/airlockcharts/microgateway) and [Airlock Microgateway CNI](https://quay.io/repository/airlockcharts/microgateway-cni) or visit us at [GitHub](https://github.com/airlock/microgateway).


# Airlock Secure Access Hub
This repository contains Helm Charts for the [Airlock Secure Access Hub](https://www.airlock.com/). These charts are used to perform the container-based deployment.

6 changes: 6 additions & 0 deletions charts/microgateway/.helmignore
Original file line number Diff line number Diff line change
@@ -21,3 +21,9 @@
.idea/
*.tmproj
.vscode/

# helm chart folders and files
ci/
tests/
README.md.gotmpl
.helmignore
9 changes: 9 additions & 0 deletions charts/microgateway/Chart.lock
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
dependencies:
- name: redis
repository: https://charts.bitnami.com/bitnami
version: 17.4.3
- name: echo-server
repository: https://ealenn.github.io/charts
version: 0.5.0
digest: sha256:a8913e797ed214855eae34ac27f664092e0e800ec152ab2622dbda684e787352
generated: "2023-01-18T17:10:14.156498+01:00"
45 changes: 39 additions & 6 deletions charts/microgateway/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,18 +1,51 @@
apiVersion: v1
apiVersion: v2
description: |
The *Airlock Microgateway* is a component of the [Airlock Secure Access Hub](https://www.airlock.com/).
It is the lightweight, container-based deployment form of the *Airlock Gateway*, a software appliance with reverse-proxy, Web Application Firewall (WAF) and API security functionality.
home: https://www.airlock.com
Airlock Microgateway helps you to protect your services and APIs from unauthorized or malicious access with little effort. It is a lightweight Web Application Firewall (WAF) and API security gateway designed specifically for use in container environments.
home: https://www.airlock.com/microgateway
sources:
- https://github.com/ergon/airlock-helm-charts
icon: https://raw.githubusercontent.com/ergon/airlock-helm-charts/master/charts/microgateway/icon.svg
keywords:
- WAF
- Web Application Firewall
- OWASP
- Airlock
- MicroGateway
- Security
- Filtering
- DevSecOps
- shift left
- ingress
- nginx
maintainers:
- email: support@airlock.com
name: Airlock
name: microgateway
version: 0.6.0
appVersion: 1.0
version: 3.1.13
appVersion: "3.4.13"
annotations:
artifacthub.io/changes: |
- kind: changed
description: Upgrade to Airlock Microgateway 3.4.13
links:
- name: Airlock Microgateway Release Notes
url: https://docs.airlock.com/microgateway/3.4/#data/1697129073210.html
- name: Airlock Microgateway Change Log
url: https://docs.airlock.com/microgateway/3.4/#data/1697129073212.html
artifacthub.io/links: |
- name: Airlock Microgateway Manual
url: https://docs.airlock.com/microgateway/3.4/
- name: Airlock Community Forum
url: https://forum.airlock.com
- name: Airlock Minikube Example
url: https://github.com/ergon/airlock-minikube-example
artifacthub.io/license: MIT
dependencies:
- name: redis
version: 17.4.3
repository: https://charts.bitnami.com/bitnami
condition: redis.enabled
- name: echo-server
version: 0.5.0
repository: https://ealenn.github.io/charts
condition: echo-server.enabled
Loading