cdupuis
commented
5 years ago Pull request auto merged by Atomist.
- 1 approved review by @cdupuis
- 2 successful checks
[atomist:generated] [auto-merge:on-approve]
Closed ddgenome closed 5 years ago
cdupuis
commented
5 years ago Pull request auto merged by Atomist.
[atomist:generated] [auto-merge:on-approve]
Provide configuration options to specify a repo to sync changes to Kubernetes cluster. Support encrypting and decrypting secret values in sync repo. How the initialization vector is generated may not be ideal, cryptographically speaking. Move config to its own file to avoid circular imports.
Add startup listener that queries cortex for sync repo and credentials. Query for sync repo in both master and workers but still only run the initial sync in the master. Capture errors during initial sync so one bad spec does not cause everything to fail, although sometimes that comes in handy. Do not override a provided RemoteRepoRef or credentials with those from graph. Use configured repo ref resolver to convert repo information returned from cortex into RemoteRepoRef. If the sync repo is not found, delete the property from the configuration.
Implement generic apply and delete functions for Kubernetes resources for syncing repo changes. These functions use a Kubernetes object API that dynamically generates the request URI from the resource spec. This generic API client tries to be smart about names and namespaces, which required hard coding information about resources and operations that require namespaces, which may not be a good idea but it is the only way I see to provide good feedback instead of the error "the server does not allow this method on the requested resource" back from the API. Send proper header for patch operations. Use appropriate API URI prefix for v1 paths. With some polish, this might be worth contributing to the upstream client.
Implement git diff parser to determine changes for a commit. Sort changes by commit, change, and path.
Add push test for sync repo commit and goal for sync repo pushes. Implement goal executor that applies changes from the commits in a push in order. Any failures are collected and reported on at the end, so bad specs do not prevent other changes. The SHA of the change is added to the resource spec as an annotation.
Persist resources upserted when deploying an application and deleted by command to sync repo. Have Kubernetes upsert and delete methods return specs used to create/patch resources, or
undefinedif no resource was upserted, so the spec used, not the spec returned from the operation which will have extra default and status information, can be persisted. Use standard k8s objects, the most specific that makes sense, wrapped with DeepPartial where appropriate. Make sure specs have namespace set so when they are persisted to the sync repo that information is captured. Sort keys when writing specs to sync repo.Patch namespace if already it already exists, adding patchNamespace method to our modified client that sends the appropriate header.
Refactor RBAC resource management into separate files for each resource kind.
Throw an error if listing secrets fails.
Provider helper script to encrypt and decrypt values.
Move conditional loading logic into startup listeners because some configuration may not be available or altered after the SDM is created.
Use errMsg helper more consistently.
Fix handling of goal sets without version.
Run npm audit and increment minor version.
Improve TypeDoc.
Remove unused @types/fs-extra dependency.
Closes #45
-*-
Create ingress only if service is also created
Fixes #46
-*-
Ensure spec apiVersion and kind are correct
Closes #36