Merge branch 'main' into add-sonar

redhat-appstudio · Nov 29, 2023 · 0e21b0f · 0e21b0f
2 parents 065ac80 + 26b3168
commit 0e21b0f
Show file tree

Hide file tree

Showing 38 changed files with 409 additions and 229 deletions.
diff --git a/.codecov.yml b/.codecov.yml
@@ -1,12 +1,11 @@
-comment: off
 coverage:
   status:
     project:
       default:
         target: auto
         threshold: 1%
         removed_code_behavior: adjust_base
-      patch:
+    patch:
       default:
         informational: true
         target: auto

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
diff --git a/.github/workflows/codecov-main.yaml b/.github/workflows/codecov-main.yaml
diff --git a/.github/workflows/go-ci.yaml b/.github/workflows/go-ci.yaml
@@ -1,11 +1,14 @@
-name: Validate PR - golang CI
+name: GoLang CI
 on:
+  push:
+    branches: [ main ]
   pull_request:
     branches: [ main ]
 jobs:
   lint:
     name: Lint
     runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v4
@@ -18,13 +21,14 @@ jobs:
   go:
     name: Check sources
     runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
     steps:
+      - name: Check out code
+        uses: actions/checkout@v4
       - name: Install Go
         uses: actions/setup-go@v4
         with:
-          go-version: 1.19.x
-      - name: Check out code
-        uses: actions/checkout@v4
+          go-version-file: './go.mod'
       - name: Check go mod status
         run: |
           go mod tidy
@@ -56,12 +60,12 @@ jobs:
     name: Golang Unit tests
     runs-on: ubuntu-latest
     steps:
+      - name: Check out code
+        uses: actions/checkout@v4
       - name: Install Go
         uses: actions/setup-go@v4
         with:
-          go-version: 1.19.x
-      - name: Check out code
-        uses: actions/checkout@v4
+          go-version-file: './go.mod'
       - name: Build
         run: make build
       - name: Test
@@ -71,6 +75,7 @@ jobs:
   security_scan:
     name: Security scan
     runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v4

diff --git a/.github/workflows/java-ci.yml b/.github/workflows/java-ci.yml
@@ -0,0 +1,29 @@
+name: Java CI
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Cache local Maven repository
+        uses: actions/cache@v3
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: 17
+      - name: Build with Maven
+        working-directory: java-components
+        run: mvn -V -B package -Dvalidate-format
+      - name: Codecov
+        uses: codecov/codecov-action@v3
diff --git a/.github/workflows/kube-linter.yaml b/.github/workflows/kube-linter.yaml
@@ -1,4 +1,4 @@
-name: Check Kubernetes YAMLs with kube-linter
+name: Validate Kubernetes YAMLs
 
 on:
   pull_request:
@@ -7,7 +7,6 @@ on:
       - 'deploy/crds/base/**.ya?ml'
       - 'deploy/operator/base/**.ya?ml'
       - 'deploy/operator/config/**.ya?ml'
-
 jobs:
   kube-linter:
     name: Kube linter

diff --git a/.github/workflows/minikube.yaml b/.github/workflows/minikube.yaml
@@ -1,4 +1,4 @@
-name: Validate PR - Minikube Tests
+name: Minikube Tests
 on:
   pull_request:
     branches: [ main ]

diff --git a/deploy/base-development.sh b/deploy/base-development.sh
@@ -18,11 +18,6 @@ DIR=`dirname $0`
 kubectl apply -f $DIR/namespace.yaml
 kubectl config set-context --current --namespace=test-jvm-namespace
 
-if [ -n "$QUAY_ORG" ] && [ -n "$QUAY_TOKEN" ]; then
-    kubectl delete --ignore-not-found secret  -n image-controller quaytoken
-    kubectl create secret generic -n image-controller quaytoken --from-literal "quaytoken=$QUAY_TOKEN" --from-literal "organization=$QUAY_ORG"
-fi
-
 echo -e "\033[0;32mSecrets...\033[0m"
 kubectl create --dry-run=client -o=yaml secret generic jvm-build-image-secrets --from-file=.dockerconfigjson=$HOME/.docker/config.json --type=kubernetes.io/dockerconfigjson | kubectl apply -f -
 kubectl create --dry-run=client -o=yaml secret generic jvm-build-git-secrets --from-literal .git-credentials="

diff --git a/deploy/crds/base/jvmbuildservice.io_dependencybuilds.yaml b/deploy/crds/base/jvmbuildservice.io_dependencybuilds.yaml
@@ -86,6 +86,16 @@ spec:
                               items:
                                 type: string
                               type: array
+                            gitArchive:
+                              description: The git archive source information
+                              properties:
+                                sha:
+                                  type: string
+                                tag:
+                                  type: string
+                                url:
+                                  type: string
+                              type: object
                             hermeticBuildImage:
                               description: The hermetic build image produced by the
                                 build
@@ -262,12 +272,20 @@ spec:
               contaminates:
                 items:
                   properties:
+                    allowed:
+                      type: boolean
+                    buildId:
+                      type: string
                     contaminatedArtifacts:
                       items:
                         type: string
                       type: array
                     gav:
                       type: string
+                    rebuildAvailable:
+                      type: boolean
+                    source:
+                      type: string
                   type: object
                 type: array
               deployedArtifacts:

diff --git a/deploy/crds/base/jvmbuildservice.io_jbsconfigs.yaml b/deploy/crds/base/jvmbuildservice.io_jbsconfigs.yaml
@@ -89,6 +89,8 @@ spec:
                 type: boolean
               gitSourceArchive:
                 properties:
+                  disableSSLVerification:
+                    type: boolean
                   identity:
                     type: string
                   url:

diff --git a/deploy/operator/base/deployment.yaml b/deploy/operator/base/deployment.yaml
@@ -13,11 +13,6 @@ spec:
       labels:
         app: hacbs-jvm-operator
     spec:
-      volumes:
-        - name: quaytoken
-          secret:
-            optional: false
-            secretName: quaytoken
       securityContext:
         runAsNonRoot: true
       containers:
@@ -37,10 +32,6 @@ spec:
             limits:
               memory: "1024Mi"
               cpu: "500m"
-          volumeMounts:
-            - mountPath: "/workspace"
-              name: quaytoken
-              readOnly: true
           securityContext:
             readOnlyRootFilesystem: true
       serviceAccountName: hacbs-jvm-operator
diff --git a/deploy/operator/overlays/ci-template/kustomization.yaml b/deploy/operator/overlays/ci-template/kustomization.yaml
@@ -6,11 +6,3 @@ resources:
   # and I'm bypassing that gross env var munging we had to do in infra-deps; also, the deployment yaml should be pretty static at this point
   - base-deployment.yaml
 
-patches:
-  - patch: |-
-      - op: replace
-        path: /spec/template/spec/volumes/0/secret/optional
-        value: true
-    target:
-      kind: Deployment
-      name: hacbs-jvm-operator
diff --git a/deploy/operator/overlays/dev-template/kustomization.yaml b/deploy/operator/overlays/dev-template/kustomization.yaml
@@ -21,11 +21,4 @@ patches:
   target:
     kind: Deployment
     name: hacbs-jvm-operator
-- patch: |-
-    - op: replace
-      path: /spec/template/spec/volumes/0/secret/optional
-      value: true
-  target:
-    kind: Deployment
-    name: hacbs-jvm-operator
 - path: namespace.yaml
diff --git a/deploy/overlays/dev-template/config.yaml b/deploy/overlays/dev-template/config.yaml
@@ -16,6 +16,7 @@ spec:
   gitSourceArchive:
     identity: GIT_DEPLOY_IDENTITY
     url: GIT_DEPLOY_URL
+    disableSSLVerification: GIT_DISABLE_SSL_VERIFICATION
   relocationPatterns:
     - relocationPattern:
         buildPolicy: "default"

diff --git a/deploy/patch-yaml.sh b/deploy/patch-yaml.sh
@@ -53,5 +53,9 @@ fi
 if [ -z "${GIT_DEPLOY_IDENTITY}" ]; then
     GIT_DEPLOY_IDENTITY=""
 fi
-find $DIR -path \*development\*.yaml -exec $SED -i s/GIT_DEPLOY_URL/${GIT_DEPLOY_URL}/ {} \;
+if [ -z "${GIT_DISABLE_SSL_VERIFICATION}" ]; then
+    GIT_DISABLE_SSL_VERIFICATION="false"
+fi
+find $DIR -path \*development\*.yaml -exec $SED -i s%GIT_DEPLOY_URL%${GIT_DEPLOY_URL}% {} \;
 find $DIR -path \*development\*.yaml -exec $SED -i s%GIT_DEPLOY_IDENTITY%${GIT_DEPLOY_IDENTITY}% {} \;
+find $DIR -path \*development\*.yaml -exec $SED -i s%GIT_DISABLE_SSL_VERIFICATION%${GIT_DISABLE_SSL_VERIFICATION}% {} \;