search

allenporter / flux-local

flux-local is a set of tools and libraries for managing a local flux gitops repository focused on validation steps to help improve quality of commits, PRs, and general local testing.
https://allenporter.github.io/flux-local/
Apache License 2.0
156 stars 22 forks source link

Set unique placeholder values for each substitution #801

Closed allenporter closed 3 weeks ago

allenporter commented 3 weeks ago

Fix an issue where substitution values (that are from secrets or can't be found) were not unique which may result in resource names that are set with the same value. This may mask bugs if users do not set resource values to the same thing when using secrets.

Fixes #754

github-actions[bot] commented 3 weeks ago 
--- tests/testdata/cluster/clusters/prod Kustomization: flux-system/flux-system Kustomization: flux-system/apps

+++ tests/testdata/cluster/clusters/prod Kustomization: flux-system/flux-system Kustomization: flux-system/apps

@@ -15,12 +15,14 @@

   postBuild:
     substitute:
       cluster_env: production
     substituteFrom:
     - kind: ConfigMap
       name: cluster-config
+    - kind: Secret
+      name: cluster-secrets
   prune: true
   sourceRef:
     kind: GitRepository
     name: flux-system
   timeout: 5m0s
   wait: true
--- tests/testdata/cluster/apps/prod Kustomization: flux-system/apps Certificate: flux-system/-.PLACEHOLDER_SECRET_DOMAIN3..-staging

+++ tests/testdata/cluster/apps/prod Kustomization: flux-system/apps Certificate: flux-system/-.PLACEHOLDER_SECRET_DOMAIN3..-staging

@@ -0,0 +1,18 @@

+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  labels:
+    kustomize.toolkit.fluxcd.io/name: apps
+    kustomize.toolkit.fluxcd.io/namespace: flux-system
+  name: -.PLACEHOLDER_SECRET_DOMAIN3..-staging
+spec:
+  commonName: ..PLACEHOLDER_SECRET_DOMAIN3..
+  dnsNames:
+  - ..PLACEHOLDER_SECRET_DOMAIN3..
+  - '*...PLACEHOLDER_SECRET_DOMAIN3..'
+  issuerRef:
+    kind: ClusterIssuer
+    name: letsencrypt-staging
+  secretName: -.PLACEHOLDER_SECRET_DOMAIN3..-staging-tls
+
--- tests/testdata/cluster/apps/prod Kustomization: flux-system/apps Certificate: flux-system/-.PLACEHOLDER_SECRET_DOMAIN4..-staging

+++ tests/testdata/cluster/apps/prod Kustomization: flux-system/apps Certificate: flux-system/-.PLACEHOLDER_SECRET_DOMAIN4..-staging

@@ -0,0 +1,18 @@

+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  labels:
+    kustomize.toolkit.fluxcd.io/name: apps
+    kustomize.toolkit.fluxcd.io/namespace: flux-system
+  name: -.PLACEHOLDER_SECRET_DOMAIN4..-staging
+spec:
+  commonName: ..PLACEHOLDER_SECRET_DOMAIN4..
+  dnsNames:
+  - ..PLACEHOLDER_SECRET_DOMAIN4..
+  - '*...PLACEHOLDER_SECRET_DOMAIN4..'
+  issuerRef:
+    kind: ClusterIssuer
+    name: letsencrypt-staging
+  secretName: -.PLACEHOLDER_SECRET_DOMAIN4..-staging-tls
+
github-actions[bot] commented 3 weeks ago 
--- tests/testdata/cluster/clusters/prod Kustomization: flux-system/flux-system Kustomization: flux-system/apps

+++ tests/testdata/cluster/clusters/prod Kustomization: flux-system/flux-system Kustomization: flux-system/apps

@@ -15,12 +15,14 @@

   postBuild:
     substitute:
       cluster_env: production
     substituteFrom:
     - kind: ConfigMap
       name: cluster-config
+    - kind: Secret
+      name: cluster-secrets
   prune: true
   sourceRef:
     kind: GitRepository
     name: flux-system
   timeout: 5m0s
   wait: true
--- tests/testdata/cluster/apps/prod Kustomization: flux-system/apps Certificate: flux-system/-.PLACEHOLDER_SECRET_DOMAIN3..-staging

+++ tests/testdata/cluster/apps/prod Kustomization: flux-system/apps Certificate: flux-system/-.PLACEHOLDER_SECRET_DOMAIN3..-staging

@@ -0,0 +1,18 @@

+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  labels:
+    kustomize.toolkit.fluxcd.io/name: apps
+    kustomize.toolkit.fluxcd.io/namespace: flux-system
+  name: -.PLACEHOLDER_SECRET_DOMAIN3..-staging
+spec:
+  commonName: ..PLACEHOLDER_SECRET_DOMAIN3..
+  dnsNames:
+  - ..PLACEHOLDER_SECRET_DOMAIN3..
+  - '*...PLACEHOLDER_SECRET_DOMAIN3..'
+  issuerRef:
+    kind: ClusterIssuer
+    name: letsencrypt-staging
+  secretName: -.PLACEHOLDER_SECRET_DOMAIN3..-staging-tls
+
--- tests/testdata/cluster/apps/prod Kustomization: flux-system/apps Certificate: flux-system/-.PLACEHOLDER_SECRET_DOMAIN4..-staging

+++ tests/testdata/cluster/apps/prod Kustomization: flux-system/apps Certificate: flux-system/-.PLACEHOLDER_SECRET_DOMAIN4..-staging

@@ -0,0 +1,18 @@

+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  labels:
+    kustomize.toolkit.fluxcd.io/name: apps
+    kustomize.toolkit.fluxcd.io/namespace: flux-system
+  name: -.PLACEHOLDER_SECRET_DOMAIN4..-staging
+spec:
+  commonName: ..PLACEHOLDER_SECRET_DOMAIN4..
+  dnsNames:
+  - ..PLACEHOLDER_SECRET_DOMAIN4..
+  - '*...PLACEHOLDER_SECRET_DOMAIN4..'
+  issuerRef:
+    kind: ClusterIssuer
+    name: letsencrypt-staging
+  secretName: -.PLACEHOLDER_SECRET_DOMAIN4..-staging-tls
+
codecov-commenter commented 3 weeks ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 93.39%. Comparing base (0544971) to head (49ab913).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #801 +/- ## ========================================== - Coverage 93.40% 93.39% -0.01% ========================================== Files 20 20 Lines 2288 2287 -1 ========================================== - Hits 2137 2136 -1 Misses 151 151 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.