mirror of https://github.com/fluxcd/flux2.git
feat: diff artifact capability added
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>pull/3224/head
Batuhan Apaydın
2 years ago
parent
463f9fbc64
commit
c3d7cad53e
@ -0,0 +1,111 @@
|
||||
/*
|
||||
Copyright 2022 The Flux authors
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"os"
|
||||
|
||||
"github.com/fluxcd/flux2/internal/flags"
|
||||
oci "github.com/fluxcd/pkg/oci/client"
|
||||
sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
|
||||
"github.com/spf13/cobra"
|
||||
)
|
||||
|
||||
var diffArtifactCmd = &cobra.Command{
|
||||
Use: "artifact",
|
||||
Short: "Diff Artifact",
|
||||
Long: `The diff artifact command computes the diff between the remote OCI artifact and a local directory or file`,
|
||||
Example: `# Check if local files differ from remote
|
||||
flux diff artifact oci://ghcr.io/stefanprodan/manifests:podinfo:6.2.0 --path=./kustomize`,
|
||||
RunE: diffArtifactCmdRun,
|
||||
}
|
||||
|
||||
type diffArtifactFlags struct {
|
||||
path string
|
||||
creds string
|
||||
provider flags.SourceOCIProvider
|
||||
ignorePaths []string
|
||||
}
|
||||
|
||||
var diffArtifactArgs = newDiffArtifactArgs()
|
||||
|
||||
func newDiffArtifactArgs() diffArtifactFlags {
|
||||
return diffArtifactFlags{
|
||||
provider: flags.SourceOCIProvider(sourcev1.GenericOCIProvider),
|
||||
}
|
||||
}
|
||||
|
||||
func init() {
|
||||
diffArtifactCmd.Flags().StringVar(&diffArtifactArgs.path, "path", "", "path to the directory where the Kubernetes manifests are located")
|
||||
diffArtifactCmd.Flags().StringVar(&diffArtifactArgs.creds, "creds", "", "credentials for OCI registry in the format <username>[:<password>] if --provider is generic")
|
||||
diffArtifactCmd.Flags().Var(&diffArtifactArgs.provider, "provider", sourceOCIRepositoryArgs.provider.Description())
|
||||
diffArtifactCmd.Flags().StringSliceVar(&diffArtifactArgs.ignorePaths, "ignore-paths", excludeOCI, "set paths to ignore in .gitignore format")
|
||||
diffCmd.AddCommand(diffArtifactCmd)
|
||||
}
|
||||
|
||||
func diffArtifactCmdRun(cmd *cobra.Command, args []string) error {
|
||||
if len(args) < 1 {
|
||||
return fmt.Errorf("artifact URL is required")
|
||||
}
|
||||
ociURL := args[0]
|
||||
|
||||
if diffArtifactArgs.path == "" {
|
||||
return fmt.Errorf("invalid path %q", diffArtifactArgs.path)
|
||||
}
|
||||
|
||||
url, err := oci.ParseArtifactURL(ociURL)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if _, err := os.Stat(diffArtifactArgs.path); err != nil {
|
||||
return fmt.Errorf("invalid path '%s', must point to an existing directory or file", diffArtifactArgs.path)
|
||||
}
|
||||
|
||||
ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
|
||||
defer cancel()
|
||||
|
||||
ociClient := oci.NewLocalClient()
|
||||
|
||||
if diffArtifactArgs.provider.String() == sourcev1.GenericOCIProvider && diffArtifactArgs.creds != "" {
|
||||
logger.Actionf("logging in to registry with credentials")
|
||||
if err := ociClient.LoginWithCredentials(diffArtifactArgs.creds); err != nil {
|
||||
return fmt.Errorf("could not login with credentials: %w", err)
|
||||
}
|
||||
}
|
||||
|
||||
if diffArtifactArgs.provider.String() != sourcev1.GenericOCIProvider {
|
||||
logger.Actionf("logging in to registry with provider credentials")
|
||||
ociProvider, err := diffArtifactArgs.provider.ToOCIProvider()
|
||||
if err != nil {
|
||||
return fmt.Errorf("provider not supported: %w", err)
|
||||
}
|
||||
|
||||
if err := ociClient.LoginWithProvider(ctx, url, ociProvider); err != nil {
|
||||
return fmt.Errorf("error during login with provider: %w", err)
|
||||
}
|
||||
}
|
||||
|
||||
if err := ociClient.Diff(ctx, url, diffArtifactArgs.path, diffArtifactArgs.ignorePaths); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
logger.Successf("no changes detected")
|
||||
return nil
|
||||
}
|
||||
@ -0,0 +1,109 @@
|
||||
//go:build unit
|
||||
// +build unit
|
||||
|
||||
/*
|
||||
Copyright 2021 The Flux authors
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/distribution/distribution/v3/configuration"
|
||||
"github.com/distribution/distribution/v3/registry"
|
||||
_ "github.com/distribution/distribution/v3/registry/auth/htpasswd"
|
||||
_ "github.com/distribution/distribution/v3/registry/storage/driver/inmemory"
|
||||
"github.com/phayes/freeport"
|
||||
ctrl "sigs.k8s.io/controller-runtime"
|
||||
)
|
||||
|
||||
var dockerReg string
|
||||
|
||||
func setupRegistryServer(ctx context.Context) error {
|
||||
// Registry config
|
||||
config := &configuration.Configuration{}
|
||||
port, err := freeport.GetFreePort()
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to get free port: %s", err)
|
||||
}
|
||||
|
||||
dockerReg = fmt.Sprintf("localhost:%d", port)
|
||||
config.HTTP.Addr = fmt.Sprintf("127.0.0.1:%d", port)
|
||||
config.HTTP.DrainTimeout = time.Duration(10) * time.Second
|
||||
config.Storage = map[string]configuration.Parameters{"inmemory": map[string]interface{}{}}
|
||||
dockerRegistry, err := registry.NewRegistry(ctx, config)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to create docker registry: %w", err)
|
||||
}
|
||||
|
||||
// Start Docker registry
|
||||
go dockerRegistry.ListenAndServe()
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func TestDiffArtifact(t *testing.T) {
|
||||
tests := []struct {
|
||||
name string
|
||||
url string
|
||||
argsTpl string
|
||||
pushFile string
|
||||
diffFile string
|
||||
assert assertFunc
|
||||
}{
|
||||
{
|
||||
name: "should not fail if there is no diff",
|
||||
url: "oci://%s/podinfo:1.0.0",
|
||||
argsTpl: "diff artifact %s --path=%s",
|
||||
pushFile: "./testdata/diff-artifact/deployment.yaml",
|
||||
diffFile: "./testdata/diff-artifact/deployment.yaml",
|
||||
assert: assertGoldenFile("testdata/diff-artifact/success.golden"),
|
||||
},
|
||||
{
|
||||
name: "should fail if there is a diff",
|
||||
url: "oci://%s/podinfo:2.0.0",
|
||||
argsTpl: "diff artifact %s --path=%s",
|
||||
pushFile: "./testdata/diff-artifact/deployment.yaml",
|
||||
diffFile: "./testdata/diff-artifact/deployment-diff.yaml",
|
||||
assert: assertError("the remote artifact contents differs from the local one"),
|
||||
},
|
||||
}
|
||||
|
||||
ctx := ctrl.SetupSignalHandler()
|
||||
err := setupRegistryServer(ctx)
|
||||
if err != nil {
|
||||
panic(fmt.Sprintf("failed to start docker registry: %s", err))
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
tt.url = fmt.Sprintf(tt.url, dockerReg)
|
||||
_, err := executeCommand("push artifact " + tt.url + " --path=" + tt.pushFile + " --source=test --revision=test")
|
||||
if err != nil {
|
||||
t.Fatalf(fmt.Errorf("failed to push image: %w", err).Error())
|
||||
}
|
||||
|
||||
cmd := cmdTestCase{
|
||||
args: fmt.Sprintf(tt.argsTpl, tt.url, tt.diffFile),
|
||||
assert: tt.assert,
|
||||
}
|
||||
cmd.runTestCmd(t)
|
||||
})
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,78 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
kustomize.toolkit.fluxcd.io/name: podinfo
|
||||
kustomize.toolkit.fluxcd.io/namespace: {{ .fluxns }}
|
||||
name: podinfo-diff
|
||||
namespace: default
|
||||
spec:
|
||||
minReadySeconds: 3
|
||||
revisionHistoryLimit: 5
|
||||
progressDeadlineSeconds: 60
|
||||
strategy:
|
||||
rollingUpdate:
|
||||
maxUnavailable: 0
|
||||
type: RollingUpdate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: podinfo
|
||||
template:
|
||||
metadata:
|
||||
annotations:
|
||||
prometheus.io/scrape: "true"
|
||||
prometheus.io/port: "9797"
|
||||
labels:
|
||||
app: podinfo
|
||||
spec:
|
||||
containers:
|
||||
- name: podinfod
|
||||
image: ghcr.io/stefanprodan/podinfo:6.0.10
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: 9898
|
||||
protocol: TCP
|
||||
- name: http-metrics
|
||||
containerPort: 9797
|
||||
protocol: TCP
|
||||
- name: grpc
|
||||
containerPort: 9999
|
||||
protocol: TCP
|
||||
command:
|
||||
- ./podinfo
|
||||
- --port=9898
|
||||
- --port-metrics=9797
|
||||
- --grpc-port=9999
|
||||
- --grpc-service-name=podinfo
|
||||
- --level=info
|
||||
- --random-delay=false
|
||||
- --random-error=false
|
||||
env:
|
||||
- name: PODINFO_UI_COLOR
|
||||
value: "#34577c"
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- podcli
|
||||
- check
|
||||
- http
|
||||
- localhost:9898/healthz
|
||||
initialDelaySeconds: 5
|
||||
timeoutSeconds: 5
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- podcli
|
||||
- check
|
||||
- http
|
||||
- localhost:9898/readyz
|
||||
initialDelaySeconds: 5
|
||||
timeoutSeconds: 5
|
||||
resources:
|
||||
limits:
|
||||
cpu: 2000m
|
||||
memory: 512Mi
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
@ -0,0 +1,78 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
kustomize.toolkit.fluxcd.io/name: podinfo
|
||||
kustomize.toolkit.fluxcd.io/namespace: {{ .fluxns }}
|
||||
name: podinfo
|
||||
namespace: default
|
||||
spec:
|
||||
minReadySeconds: 3
|
||||
revisionHistoryLimit: 5
|
||||
progressDeadlineSeconds: 60
|
||||
strategy:
|
||||
rollingUpdate:
|
||||
maxUnavailable: 0
|
||||
type: RollingUpdate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: podinfo
|
||||
template:
|
||||
metadata:
|
||||
annotations:
|
||||
prometheus.io/scrape: "true"
|
||||
prometheus.io/port: "9797"
|
||||
labels:
|
||||
app: podinfo
|
||||
spec:
|
||||
containers:
|
||||
- name: podinfod
|
||||
image: ghcr.io/stefanprodan/podinfo:6.0.10
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: 9898
|
||||
protocol: TCP
|
||||
- name: http-metrics
|
||||
containerPort: 9797
|
||||
protocol: TCP
|
||||
- name: grpc
|
||||
containerPort: 9999
|
||||
protocol: TCP
|
||||
command:
|
||||
- ./podinfo
|
||||
- --port=9898
|
||||
- --port-metrics=9797
|
||||
- --grpc-port=9999
|
||||
- --grpc-service-name=podinfo
|
||||
- --level=info
|
||||
- --random-delay=false
|
||||
- --random-error=false
|
||||
env:
|
||||
- name: PODINFO_UI_COLOR
|
||||
value: "#34577c"
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- podcli
|
||||
- check
|
||||
- http
|
||||
- localhost:9898/healthz
|
||||
initialDelaySeconds: 5
|
||||
timeoutSeconds: 5
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- podcli
|
||||
- check
|
||||
- http
|
||||
- localhost:9898/readyz
|
||||
initialDelaySeconds: 5
|
||||
timeoutSeconds: 5
|
||||
resources:
|
||||
limits:
|
||||
cpu: 2000m
|
||||
memory: 512Mi
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 64Mi
|
||||
@ -0,0 +1 @@
|
||||
✔ no changes detected
|
||||
Loading…
Reference in New Issue