Merge pull request #173 from fluxcd/include-author-changelog

Include PR author in changelog

.github/actions/kustomize/Dockerfile

@@ -1,6 +0,0 @@
-FROM giantswarm/tiny-tools
-
-COPY entrypoint.sh /entrypoint.sh
-RUN chmod +x /entrypoint.sh
-
-ENTRYPOINT ["/entrypoint.sh"]

.github/actions/kustomize/action.yml

@@ -1,9 +0,0 @@
-name: 'kustomize'
-description: 'A GitHub Action to run kustomize commands'
-author: 'Stefan Prodan'
-branding:
-  icon: 'command'
-  color: 'blue'
-runs:
-  using: 'docker'
-  image: 'Dockerfile'

.github/actions/kustomize/entrypoint.sh

@@ -1,12 +0,0 @@
-#!/bin/sh -l
-
-VERSION=3.5.4
-curl -sL https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv${VERSION}/kustomize_v${VERSION}_linux_amd64.tar.gz | tar xz
-
-mkdir -p $GITHUB_WORKSPACE/bin
-cp ./kustomize $GITHUB_WORKSPACE/bin
-chmod +x $GITHUB_WORKSPACE/bin/kustomize
-ls -lh $GITHUB_WORKSPACE/bin
-
-echo "::add-path::$GITHUB_WORKSPACE/bin"
-echo "::add-path::$RUNNER_WORKSPACE/$(basename $GITHUB_REPOSITORY)/bin"

.github/workflows/release.yaml

@@ -24,9 +24,9 @@ jobs:
       - name: Generate release notes
         run: |
           echo 'CHANGELOG' > /tmp/release.txt
-          github-release-notes -org fluxcd -repo toolkit -since-latest-release >> /tmp/release.txt
+          github-release-notes -org fluxcd -repo toolkit -since-latest-release -include-author >> /tmp/release.txt
       - name: Setup Kustomize
-        uses: ./.github/actions/kustomize
+        uses: fluxcd/pkg//actions/kustomize@master
       - name: Generate manifests tarball
         run: |
           mkdir -p ./output

cmd/tk/bootstrap_gitlab.go

@@ -57,13 +57,14 @@ the bootstrap command will perform an upgrade if needed.`,
 }
 
 var (
-	glOwner      string
+	glOwner       string
-	glRepository string
+	glRepository  string
-	glInterval   time.Duration
+	glInterval    time.Duration
-	glPersonal   bool
+	glPersonal    bool
-	glPrivate    bool
+	glPrivate     bool
-	glHostname   string
+	glHostname    string
-	glPath       string
+	glSSHHostname string
+	glPath        string
 )
 
 func init() {
@@ -73,6 +74,7 @@ func init() {
 	bootstrapGitLabCmd.Flags().BoolVar(&glPrivate, "private", true, "is private repository")
 	bootstrapGitLabCmd.Flags().DurationVar(&glInterval, "interval", time.Minute, "sync interval")
 	bootstrapGitLabCmd.Flags().StringVar(&glHostname, "hostname", git.GitLabDefaultHostname, "GitLab hostname")
+	bootstrapGitLabCmd.Flags().StringVar(&glSSHHostname, "ssh-hostname", "", "GitLab SSH hostname, defaults to hostname if not specified")
 	bootstrapGitLabCmd.Flags().StringVar(&glPath, "path", "", "repository path, when specified the cluster sync will be scoped to this path")
 
 	bootstrapCmd.AddCommand(bootstrapGitLabCmd)
@@ -89,6 +91,10 @@ func bootstrapGitLabCmdRun(cmd *cobra.Command, args []string) error {
 		return err
 	}
 
+	if glSSHHostname != "" {
+		repository.SSHHost = glSSHHostname
+	}
+
 	provider := &git.GitLabProvider{
 		IsPrivate:  glPrivate,
 		IsPersonal: glPersonal,

docs/cmd/tk_bootstrap_gitlab.md

@@ -37,14 +37,15 @@ tk bootstrap gitlab [flags]
 ### Options
 
 ```
-  -h, --help                help for gitlab
+  -h, --help                  help for gitlab
-      --hostname string     GitLab hostname (default "gitlab.com")
+      --hostname string       GitLab hostname (default "gitlab.com")
-      --interval duration   sync interval (default 1m0s)
+      --interval duration     sync interval (default 1m0s)
-      --owner string        GitLab user or group name
+      --owner string          GitLab user or group name
-      --path string         repository path, when specified the cluster sync will be scoped to this path
+      --path string           repository path, when specified the cluster sync will be scoped to this path
-      --personal            is personal repository
+      --personal              is personal repository
-      --private             is private repository (default true)
+      --private               is private repository (default true)
-      --repository string   GitLab repository name
+      --repository string     GitLab repository name
+      --ssh-hostname string   GitLab SSH hostname, defaults to hostname if not specified
 ```
 
 ### Options inherited from parent commands

docs/components/notification/controller.md

@@ -4,7 +4,7 @@ The Notification Controller is a Kubernetes operator, specialized in handling in
 
 ![](../../_files/notification-controller.png)
 
-The controller handles events coming from external systems (GitHub, GitLab, Bitbucket, Harbour, Jenkins, etc)
+The controller handles events coming from external systems (GitHub, GitLab, Bitbucket, Harbor, Jenkins, etc)
 and notifies the GitOps toolkit controllers about source changes.
 
 The controller handles events emitted by the GitOps toolkit controllers (source, kustomize, helm)

docs/guides/webhook-receivers.md

@@ -15,7 +15,7 @@ or the [installation guide](installation.md).
 
 The [notification controller](../components/notification/controller.md)
 can handle events coming from external systems
-(GitHub, GitLab, Bitbucket, Harbour, Jenkins, etc)
+(GitHub, GitLab, Bitbucket, Harbor, Jenkins, etc)
 and notify the GitOps toolkit controllers about source changes.
 The notification controller is part of the default toolkit installation.
 
@@ -107,7 +107,7 @@ spec:
 ```
 
 !!! hint "Note"
-    Besides GitHub, you can define receivers for **GitLab**, **Bitbucket**, **Harbour**
+    Besides GitHub, you can define receivers for **GitLab**, **Bitbucket**, **Harbor**
     and any other system that supports webhooks e.g. Jenkins, CircleCI, etc.
     See the [Receiver CRD docs](../components/notification/receiver.md) for more details.
 

go.mod

@@ -6,7 +6,7 @@ require (
 	github.com/blang/semver v3.5.1+incompatible
 	github.com/fluxcd/helm-controller/api v0.0.4
 	github.com/fluxcd/kustomize-controller/api v0.0.8
-	github.com/fluxcd/pkg/git v0.0.5
+	github.com/fluxcd/pkg/git v0.0.6
 	github.com/fluxcd/pkg/ssh v0.0.5
 	github.com/fluxcd/pkg/untar v0.0.5
 	github.com/fluxcd/source-controller/api v0.0.10

go.sum

@@ -114,8 +114,8 @@ github.com/fluxcd/helm-controller/api v0.0.4 h1:ZV+VGQg8ch3icvIl/BJZDfGwV61a2jRl
 github.com/fluxcd/helm-controller/api v0.0.4/go.mod h1:YCQhNz7LkYyBGxDdMGSRK78nvhuHV2x/lrn2vuRlBNE=
 github.com/fluxcd/kustomize-controller/api v0.0.8 h1:Yi5/MZuS2jXiRV73fuUkBCyRTuG0yx2HJTpWZaM+WHA=
 github.com/fluxcd/kustomize-controller/api v0.0.8/go.mod h1:c4035rZrt2p3RExpLe64ASVEvePm7FjiY4PzHKpRJXI=
-github.com/fluxcd/pkg/git v0.0.5 h1:6ahtjxZid8r94jmfOf1JUO42jX98FgdzBHrOaTGMCqY=
+github.com/fluxcd/pkg/git v0.0.6 h1:4qktw8M3zj98MAs4ny6qSi36sYvTiI1czif5FqlQl4o=
-github.com/fluxcd/pkg/git v0.0.5/go.mod h1:9AI9yPkb2ruIcE70moVG3WhunA2/RAMJPc3rtoH8QFE=
+github.com/fluxcd/pkg/git v0.0.6/go.mod h1:9AI9yPkb2ruIcE70moVG3WhunA2/RAMJPc3rtoH8QFE=
 github.com/fluxcd/pkg/ssh v0.0.5 h1:rnbFZ7voy2JBlUfMbfyqArX2FYaLNpDhccGFC3qW83A=
 github.com/fluxcd/pkg/ssh v0.0.5/go.mod h1:7jXPdXZpc0ttMNz2kD9QuMi3RNn/e0DOFbj0Tij/+Hs=
 github.com/fluxcd/pkg/untar v0.0.5 h1:UGI3Ch1UIEIaqQvMicmImL1s9npQa64DJ/ozqHKB7gk=

install/tk.sh

@@ -1,51 +1,183 @@
 #!/usr/bin/env bash
-
 set -e
 
 DEFAULT_BIN_DIR="/usr/local/bin"
-BIN_DIR=${1:-"$DEFAULT_BIN_DIR"}
+BIN_DIR=${1:-"${DEFAULT_BIN_DIR}"}
+GITHUB_REPO="fluxcd/toolkit"
 
-opsys=""
+# Helper functions for logs
-if [[ "$OSTYPE" == linux* ]]; then
+info() {
-  opsys=linux
+    echo '[INFO] ' "$@"
-elif [[ "$OSTYPE" == darwin* ]]; then
-  opsys=darwin
-fi
-
-if [[ "$opsys" == "" ]]; then
-  echo "OS $OSTYPE not supported"
-  exit 1
-fi
-
-if [[ ! -x "$(command -v curl)" ]]; then
-    echo "curl not found"
-    exit 1
-fi
-
-tmpDir=`mktemp -d`
-if [[ ! "$tmpDir" || ! -d "$tmpDir" ]]; then
-  echo "could not create temp dir"
-  exit 1
-fi
-
-function cleanup {
-  rm -rf "$tmpDir"
 }
 
-trap cleanup EXIT
+warn() {
+    echo '[WARN] ' "$@" >&2
+}
 
-pushd $tmpDir >& /dev/null
+fatal() {
+    echo '[ERROR] ' "$@" >&2
+    exit 1
+}
 
-curl -s https://api.github.com/repos/fluxcd/toolkit/releases/latest |\
+# Set os, fatal if operating system not supported
-  grep browser_download |\
+setup_verify_os() {
-  grep $opsys |\
+    if [[ -z "${OS}" ]]; then
-  cut -d '"' -f 4 |\
+        OS=$(uname)
-  xargs curl -sL -o tk.tar.gz
+    fi
+    case ${OS} in
+        Darwin)
+            OS=darwin
+            ;;
+        Linux)
+            OS=linux
+            ;;
+        *)
+            fatal "Unsupported operating system ${OS}"
+    esac
+}
 
-tar xzf ./tk.tar.gz
+# Set arch, fatal if architecture not supported
+setup_verify_arch() {
+    if [[ -z "${ARCH}" ]]; then
+        ARCH=$(uname -m)
+    fi
+    case ${ARCH} in
+        amd64)
+            ARCH=amd64
+            ;;
+        x86_64)
+            ARCH=amd64
+            ;;
+        *)
+            fatal "Unsupported architecture ${ARCH}"
+    esac
+}
 
-mv ./tk $BIN_DIR
+# Verify existence of downloader executable
+verify_downloader() {
+    # Return failure if it doesn't exist or is no executable
+    [[ -x "$(which "$1")" ]] || return 1
 
-popd >& /dev/null
+    # Set verified executable as our downloader program and return success
+    DOWNLOADER=$1
+    return 0
+}
 
-echo "$(tk --version) installed"
+# Create tempory directory and cleanup when done
+setup_tmp() {
+    TMP_DIR=$(mktemp -d -t tk-install.XXXXXXXXXX)
+    TMP_METADATA="${TMP_DIR}/tk.json"
+    TMP_HASH="${TMP_DIR}/tk.hash"
+    TMP_BIN="${TMP_DIR}/tk.tar.gz"
+    cleanup() {
+        code=$?
+        set +e
+        trap - EXIT
+        rm -rf "${TMP_DIR}"
+        exit ${code}
+    }
+    trap cleanup INT EXIT
+}
+
+# Find version from Github metadata
+get_release_version() {
+    METADATA_URL="https://api.github.com/repos/${GITHUB_REPO}/releases/latest"
+
+    info "Downloading metadata ${METADATA_URL}"
+    download "${TMP_METADATA}" "${METADATA_URL}"
+
+    VERSION_TK=$(grep '"tag_name":' "${TMP_METADATA}" | sed -E 's/.*"([^"]+)".*/\1/' | cut -c 2-)
+    if [[ -n "${VERSION_TK}" ]]; then
+        info "Using ${VERSION_TK} as release"
+    else
+        fatal "Unable to determine release version"
+    fi
+}
+
+# Download from file from URL
+download() {
+    [[ $# -eq 2 ]] || fatal 'download needs exactly 2 arguments'
+
+    case $DOWNLOADER in
+        curl)
+            curl -o "$1" -sfL "$2"
+            ;;
+        wget)
+            wget -qO "$1" "$2"
+            ;;
+        *)
+            fatal "Incorrect executable '${DOWNLOADER}'"
+            ;;
+    esac
+
+    # Abort if download command failed
+    [[ $? -eq 0 ]] || fatal 'Download failed'
+}
+
+# Download hash from Github URL
+download_hash() {
+    HASH_URL="https://github.com/${GITHUB_REPO}/releases/download/v${VERSION_TK}/toolkit_${VERSION_TK}_checksums.txt"
+    info "Downloading hash ${HASH_URL}"
+    download "${TMP_HASH}" "${HASH_URL}"
+    HASH_EXPECTED=$(grep " tk_${VERSION_TK}_${OS}_${ARCH}.tar.gz$" "${TMP_HASH}")
+    HASH_EXPECTED=${HASH_EXPECTED%%[[:blank:]]*}
+}
+
+# Download binary from Github URL
+download_binary() {
+    BIN_URL="https://github.com/${GITHUB_REPO}/releases/download/v${VERSION_TK}/tk_${VERSION_TK}_${OS}_${ARCH}.tar.gz"
+    info "Downloading binary ${BIN_URL}"
+    download "${TMP_BIN}" "${BIN_URL}"
+}
+
+compute_sha256sum() {
+  cmd=$(which sha256sum shasum | head -n 1)
+  case $(basename "$cmd") in
+    sha256sum)
+      sha256sum "$1" | cut -f 1 -d ' '
+      ;;
+    shasum)
+      shasum -a 256 "$1" | cut -f 1 -d ' '
+      ;;
+    *)
+      fatal "Can not find sha256sum or shasum to compute checksum"
+      ;;
+  esac
+}
+
+# Verify downloaded binary hash
+verify_binary() {
+    info "Verifying binary download"
+    HASH_BIN=$(compute_sha256sum "${TMP_BIN}")
+    HASH_BIN=${HASH_BIN%%[[:blank:]]*}
+    if [[ "${HASH_EXPECTED}" != "${HASH_BIN}" ]]; then
+        fatal "Download sha256 does not match ${HASH_EXPECTED}, got ${HASH_BIN}"
+    fi
+}
+
+# Setup permissions and move binary
+setup_binary() {
+    chmod 755 "${TMP_BIN}"
+    info "Installing tk to ${BIN_DIR}/tk"
+    tar -xzf "${TMP_BIN}" -C "${TMP_DIR}"
+
+    local CMD_MOVE="mv -f \"${TMP_DIR}/tk\" \"${BIN_DIR}\""
+    if [[ -w "${BIN_DIR}" ]]; then
+        eval "${CMD_MOVE}"
+    else
+        eval "sudo ${CMD_MOVE}"
+    fi
+}
+
+# Run the install process
+{
+    setup_verify_os
+    setup_verify_arch
+    verify_downloader curl || verify_downloader wget || fatal 'Can not find curl or wget for downloading files'
+    setup_tmp
+    get_release_version
+    download_hash
+    download_binary
+    verify_binary
+    setup_binary
+}