Merge pull request #173 from fluxcd/include-author-changelog

Include PR author in changelog

.github/actions/kustomize/Dockerfile

@@ -1,6 +0,0 @@
-FROM giantswarm/tiny-tools
-
-COPY entrypoint.sh /entrypoint.sh
-RUN chmod +x /entrypoint.sh
-
-ENTRYPOINT ["/entrypoint.sh"]

.github/actions/kustomize/action.yml

@@ -1,9 +0,0 @@
-name: 'kustomize'
-description: 'A GitHub Action to run kustomize commands'
-author: 'Stefan Prodan'
-branding:
-  icon: 'command'
-  color: 'blue'
-runs:
-  using: 'docker'
-  image: 'Dockerfile'

.github/actions/kustomize/entrypoint.sh

@@ -1,12 +0,0 @@
-#!/bin/sh -l
-
-VERSION=3.5.4
-curl -sL https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv${VERSION}/kustomize_v${VERSION}_linux_amd64.tar.gz | tar xz
-
-mkdir -p $GITHUB_WORKSPACE/bin
-cp ./kustomize $GITHUB_WORKSPACE/bin
-chmod +x $GITHUB_WORKSPACE/bin/kustomize
-ls -lh $GITHUB_WORKSPACE/bin
-
-echo "::add-path::$GITHUB_WORKSPACE/bin"
-echo "::add-path::$RUNNER_WORKSPACE/$(basename $GITHUB_REPOSITORY)/bin"

.github/workflows/release.yaml

@@ -24,9 +24,9 @@ jobs:
       - name: Generate release notes
         run: |
           echo 'CHANGELOG' > /tmp/release.txt
-          github-release-notes -org fluxcd -repo toolkit -since-latest-release >> /tmp/release.txt
+          github-release-notes -org fluxcd -repo toolkit -since-latest-release -include-author >> /tmp/release.txt
       - name: Setup Kustomize
-        uses: ./.github/actions/kustomize
+        uses: fluxcd/pkg//actions/kustomize@master
       - name: Generate manifests tarball
         run: |
           mkdir -p ./output

cmd/tk/bootstrap_gitlab.go

@@ -57,13 +57,14 @@ the bootstrap command will perform an upgrade if needed.`,
 }
 
 var (
-	glOwner      string
-	glRepository string
-	glInterval   time.Duration
-	glPersonal   bool
-	glPrivate    bool
-	glHostname   string
-	glPath       string
+	glOwner       string
+	glRepository  string
+	glInterval    time.Duration
+	glPersonal    bool
+	glPrivate     bool
+	glHostname    string
+	glSSHHostname string
+	glPath        string
 )
 
 func init() {
@@ -73,6 +74,7 @@ func init() {
 	bootstrapGitLabCmd.Flags().BoolVar(&glPrivate, "private", true, "is private repository")
 	bootstrapGitLabCmd.Flags().DurationVar(&glInterval, "interval", time.Minute, "sync interval")
 	bootstrapGitLabCmd.Flags().StringVar(&glHostname, "hostname", git.GitLabDefaultHostname, "GitLab hostname")
+	bootstrapGitLabCmd.Flags().StringVar(&glSSHHostname, "ssh-hostname", "", "GitLab SSH hostname, defaults to hostname if not specified")
 	bootstrapGitLabCmd.Flags().StringVar(&glPath, "path", "", "repository path, when specified the cluster sync will be scoped to this path")
 
 	bootstrapCmd.AddCommand(bootstrapGitLabCmd)
@@ -89,6 +91,10 @@ func bootstrapGitLabCmdRun(cmd *cobra.Command, args []string) error {
 		return err
 	}
 
+	if glSSHHostname != "" {
+		repository.SSHHost = glSSHHostname
+	}
+
 	provider := &git.GitLabProvider{
 		IsPrivate:  glPrivate,
 		IsPersonal: glPersonal,

docs/cmd/tk_bootstrap_gitlab.md

@@ -37,14 +37,15 @@ tk bootstrap gitlab [flags]
 ### Options
 
 ```
-  -h, --help                help for gitlab
-      --hostname string     GitLab hostname (default "gitlab.com")
-      --interval duration   sync interval (default 1m0s)
-      --owner string        GitLab user or group name
-      --path string         repository path, when specified the cluster sync will be scoped to this path
-      --personal            is personal repository
-      --private             is private repository (default true)
-      --repository string   GitLab repository name
+  -h, --help                  help for gitlab
+      --hostname string       GitLab hostname (default "gitlab.com")
+      --interval duration     sync interval (default 1m0s)
+      --owner string          GitLab user or group name
+      --path string           repository path, when specified the cluster sync will be scoped to this path
+      --personal              is personal repository
+      --private               is private repository (default true)
+      --repository string     GitLab repository name
+      --ssh-hostname string   GitLab SSH hostname, defaults to hostname if not specified
 ```
 
 ### Options inherited from parent commands

docs/components/notification/controller.md

@@ -4,7 +4,7 @@ The Notification Controller is a Kubernetes operator, specialized in handling in
 
 ![](../../_files/notification-controller.png)
 
-The controller handles events coming from external systems (GitHub, GitLab, Bitbucket, Harbour, Jenkins, etc)
+The controller handles events coming from external systems (GitHub, GitLab, Bitbucket, Harbor, Jenkins, etc)
 and notifies the GitOps toolkit controllers about source changes.
 
 The controller handles events emitted by the GitOps toolkit controllers (source, kustomize, helm)

docs/guides/webhook-receivers.md

@@ -15,7 +15,7 @@ or the [installation guide](installation.md).
 
 The [notification controller](../components/notification/controller.md)
 can handle events coming from external systems
-(GitHub, GitLab, Bitbucket, Harbour, Jenkins, etc)
+(GitHub, GitLab, Bitbucket, Harbor, Jenkins, etc)
 and notify the GitOps toolkit controllers about source changes.
 The notification controller is part of the default toolkit installation.
 
@@ -107,7 +107,7 @@ spec:
 ```
 
 !!! hint "Note"
-    Besides GitHub, you can define receivers for **GitLab**, **Bitbucket**, **Harbour**
+    Besides GitHub, you can define receivers for **GitLab**, **Bitbucket**, **Harbor**
     and any other system that supports webhooks e.g. Jenkins, CircleCI, etc.
     See the [Receiver CRD docs](../components/notification/receiver.md) for more details.
 

go.mod

@@ -6,7 +6,7 @@ require (
 	github.com/blang/semver v3.5.1+incompatible
 	github.com/fluxcd/helm-controller/api v0.0.4
 	github.com/fluxcd/kustomize-controller/api v0.0.8
-	github.com/fluxcd/pkg/git v0.0.5
+	github.com/fluxcd/pkg/git v0.0.6
 	github.com/fluxcd/pkg/ssh v0.0.5
 	github.com/fluxcd/pkg/untar v0.0.5
 	github.com/fluxcd/source-controller/api v0.0.10

go.sum

@@ -114,8 +114,8 @@ github.com/fluxcd/helm-controller/api v0.0.4 h1:ZV+VGQg8ch3icvIl/BJZDfGwV61a2jRl
 github.com/fluxcd/helm-controller/api v0.0.4/go.mod h1:YCQhNz7LkYyBGxDdMGSRK78nvhuHV2x/lrn2vuRlBNE=
 github.com/fluxcd/kustomize-controller/api v0.0.8 h1:Yi5/MZuS2jXiRV73fuUkBCyRTuG0yx2HJTpWZaM+WHA=
 github.com/fluxcd/kustomize-controller/api v0.0.8/go.mod h1:c4035rZrt2p3RExpLe64ASVEvePm7FjiY4PzHKpRJXI=
-github.com/fluxcd/pkg/git v0.0.5 h1:6ahtjxZid8r94jmfOf1JUO42jX98FgdzBHrOaTGMCqY=
-github.com/fluxcd/pkg/git v0.0.5/go.mod h1:9AI9yPkb2ruIcE70moVG3WhunA2/RAMJPc3rtoH8QFE=
+github.com/fluxcd/pkg/git v0.0.6 h1:4qktw8M3zj98MAs4ny6qSi36sYvTiI1czif5FqlQl4o=
+github.com/fluxcd/pkg/git v0.0.6/go.mod h1:9AI9yPkb2ruIcE70moVG3WhunA2/RAMJPc3rtoH8QFE=
 github.com/fluxcd/pkg/ssh v0.0.5 h1:rnbFZ7voy2JBlUfMbfyqArX2FYaLNpDhccGFC3qW83A=
 github.com/fluxcd/pkg/ssh v0.0.5/go.mod h1:7jXPdXZpc0ttMNz2kD9QuMi3RNn/e0DOFbj0Tij/+Hs=
 github.com/fluxcd/pkg/untar v0.0.5 h1:UGI3Ch1UIEIaqQvMicmImL1s9npQa64DJ/ozqHKB7gk=

install/tk.sh

@@ -1,51 +1,183 @@
 #!/usr/bin/env bash
-
 set -e
 
 DEFAULT_BIN_DIR="/usr/local/bin"
-BIN_DIR=${1:-"$DEFAULT_BIN_DIR"}
+BIN_DIR=${1:-"${DEFAULT_BIN_DIR}"}
+GITHUB_REPO="fluxcd/toolkit"
 
-opsys=""
-if [[ "$OSTYPE" == linux* ]]; then
-  opsys=linux
-elif [[ "$OSTYPE" == darwin* ]]; then
-  opsys=darwin
-fi
-
-if [[ "$opsys" == "" ]]; then
-  echo "OS $OSTYPE not supported"
-  exit 1
-fi
-
-if [[ ! -x "$(command -v curl)" ]]; then
-    echo "curl not found"
-    exit 1
-fi
-
-tmpDir=`mktemp -d`
-if [[ ! "$tmpDir" || ! -d "$tmpDir" ]]; then
-  echo "could not create temp dir"
-  exit 1
-fi
-
-function cleanup {
-  rm -rf "$tmpDir"
+# Helper functions for logs
+info() {
+    echo '[INFO] ' "$@"
 }
 
-trap cleanup EXIT
+warn() {
+    echo '[WARN] ' "$@" >&2
+}
 
-pushd $tmpDir >& /dev/null
+fatal() {
+    echo '[ERROR] ' "$@" >&2
+    exit 1
+}
 
-curl -s https://api.github.com/repos/fluxcd/toolkit/releases/latest |\
-  grep browser_download |\
-  grep $opsys |\
-  cut -d '"' -f 4 |\
-  xargs curl -sL -o tk.tar.gz
+# Set os, fatal if operating system not supported
+setup_verify_os() {
+    if [[ -z "${OS}" ]]; then
+        OS=$(uname)
+    fi
+    case ${OS} in
+        Darwin)
+            OS=darwin
+            ;;
+        Linux)
+            OS=linux
+            ;;
+        *)
+            fatal "Unsupported operating system ${OS}"
+    esac
+}
 
-tar xzf ./tk.tar.gz
+# Set arch, fatal if architecture not supported
+setup_verify_arch() {
+    if [[ -z "${ARCH}" ]]; then
+        ARCH=$(uname -m)
+    fi
+    case ${ARCH} in
+        amd64)
+            ARCH=amd64
+            ;;
+        x86_64)
+            ARCH=amd64
+            ;;
+        *)
+            fatal "Unsupported architecture ${ARCH}"
+    esac
+}
 
-mv ./tk $BIN_DIR
+# Verify existence of downloader executable
+verify_downloader() {
+    # Return failure if it doesn't exist or is no executable
+    [[ -x "$(which "$1")" ]] || return 1
 
-popd >& /dev/null
+    # Set verified executable as our downloader program and return success
+    DOWNLOADER=$1
+    return 0
+}
 
-echo "$(tk --version) installed"
+# Create tempory directory and cleanup when done
+setup_tmp() {
+    TMP_DIR=$(mktemp -d -t tk-install.XXXXXXXXXX)
+    TMP_METADATA="${TMP_DIR}/tk.json"
+    TMP_HASH="${TMP_DIR}/tk.hash"
+    TMP_BIN="${TMP_DIR}/tk.tar.gz"
+    cleanup() {
+        code=$?
+        set +e
+        trap - EXIT
+        rm -rf "${TMP_DIR}"
+        exit ${code}
+    }
+    trap cleanup INT EXIT
+}
+
+# Find version from Github metadata
+get_release_version() {
+    METADATA_URL="https://api.github.com/repos/${GITHUB_REPO}/releases/latest"
+
+    info "Downloading metadata ${METADATA_URL}"
+    download "${TMP_METADATA}" "${METADATA_URL}"
+
+    VERSION_TK=$(grep '"tag_name":' "${TMP_METADATA}" | sed -E 's/.*"([^"]+)".*/\1/' | cut -c 2-)
+    if [[ -n "${VERSION_TK}" ]]; then
+        info "Using ${VERSION_TK} as release"
+    else
+        fatal "Unable to determine release version"
+    fi
+}
+
+# Download from file from URL
+download() {
+    [[ $# -eq 2 ]] || fatal 'download needs exactly 2 arguments'
+
+    case $DOWNLOADER in
+        curl)
+            curl -o "$1" -sfL "$2"
+            ;;
+        wget)
+            wget -qO "$1" "$2"
+            ;;
+        *)
+            fatal "Incorrect executable '${DOWNLOADER}'"
+            ;;
+    esac
+
+    # Abort if download command failed
+    [[ $? -eq 0 ]] || fatal 'Download failed'
+}
+
+# Download hash from Github URL
+download_hash() {
+    HASH_URL="https://github.com/${GITHUB_REPO}/releases/download/v${VERSION_TK}/toolkit_${VERSION_TK}_checksums.txt"
+    info "Downloading hash ${HASH_URL}"
+    download "${TMP_HASH}" "${HASH_URL}"
+    HASH_EXPECTED=$(grep " tk_${VERSION_TK}_${OS}_${ARCH}.tar.gz$" "${TMP_HASH}")
+    HASH_EXPECTED=${HASH_EXPECTED%%[[:blank:]]*}
+}
+
+# Download binary from Github URL
+download_binary() {
+    BIN_URL="https://github.com/${GITHUB_REPO}/releases/download/v${VERSION_TK}/tk_${VERSION_TK}_${OS}_${ARCH}.tar.gz"
+    info "Downloading binary ${BIN_URL}"
+    download "${TMP_BIN}" "${BIN_URL}"
+}
+
+compute_sha256sum() {
+  cmd=$(which sha256sum shasum | head -n 1)
+  case $(basename "$cmd") in
+    sha256sum)
+      sha256sum "$1" | cut -f 1 -d ' '
+      ;;
+    shasum)
+      shasum -a 256 "$1" | cut -f 1 -d ' '
+      ;;
+    *)
+      fatal "Can not find sha256sum or shasum to compute checksum"
+      ;;
+  esac
+}
+
+# Verify downloaded binary hash
+verify_binary() {
+    info "Verifying binary download"
+    HASH_BIN=$(compute_sha256sum "${TMP_BIN}")
+    HASH_BIN=${HASH_BIN%%[[:blank:]]*}
+    if [[ "${HASH_EXPECTED}" != "${HASH_BIN}" ]]; then
+        fatal "Download sha256 does not match ${HASH_EXPECTED}, got ${HASH_BIN}"
+    fi
+}
+
+# Setup permissions and move binary
+setup_binary() {
+    chmod 755 "${TMP_BIN}"
+    info "Installing tk to ${BIN_DIR}/tk"
+    tar -xzf "${TMP_BIN}" -C "${TMP_DIR}"
+
+    local CMD_MOVE="mv -f \"${TMP_DIR}/tk\" \"${BIN_DIR}\""
+    if [[ -w "${BIN_DIR}" ]]; then
+        eval "${CMD_MOVE}"
+    else
+        eval "sudo ${CMD_MOVE}"
+    fi
+}
+
+# Run the install process
+{
+    setup_verify_os
+    setup_verify_arch
+    verify_downloader curl || verify_downloader wget || fatal 'Can not find curl or wget for downloading files'
+    setup_tmp
+    get_release_version
+    download_hash
+    download_binary
+    verify_binary
+    setup_binary
+}