diff --git a/.github/workflows/auto-update.yaml b/.github/workflows/auto-update.yaml index 4038f8f..a681bbe 100644 --- a/.github/workflows/auto-update.yaml +++ b/.github/workflows/auto-update.yaml @@ -11,6 +11,7 @@ on: permissions: contents: write # Allows writing content to the repository. packages: read # Allows reading the content of the repository's packages. + pull-requests: write # Allows creating or updating pull requests. # Abort prior jobs in the same workflow / PR concurrency: diff --git a/bundle/uds-bundle.yaml b/bundle/uds-bundle.yaml index ec1a3a0..5aaf243 100644 --- a/bundle/uds-bundle.yaml +++ b/bundle/uds-bundle.yaml @@ -8,11 +8,6 @@ metadata: version: dev packages: - # #TEMPLATE_APPLICATION_NAME# has a dependency on some-application - # - name: some-application - # repository: ghcr.io/defenseunicorns/packages/uds/some-application - # ref: 0.1.3-upstream - - name: #TEMPLATE_APPLICATION_NAME# path: ../ ref: dev diff --git a/bundle/uds-config.yaml b/bundle/uds-config.yaml index e4cf9cf..2067cc5 100644 --- a/bundle/uds-config.yaml +++ b/bundle/uds-config.yaml @@ -1,9 +1,2 @@ # Copyright 2024 Defense Unicorns # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial - -# variables: -# some-application: -# EXAMPLE_DEP_PACKAGE_VAR: true -# #TEMPLATE_APPLICATION_NAME#: -# EXAMPLE_DB_USERNAME: my-postgres-user -# EXAMPLE_DB_ENDPOINT: postgres diff --git a/chart/templates/template-sso-secret.yaml b/chart/templates/template-sso-secret.yaml deleted file mode 100644 index bbe493a..0000000 --- a/chart/templates/template-sso-secret.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright 2024 Defense Unicorns -# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial - -# This secret will be used if sso is disabled, instead of the templated one in uds-package.yaml. -# #TEMPLATE_APPLICATION_DISPLAY_NAME# needs to mount the secret and creating it this way avoids creating an unnecessary -# client in the keycloak realm and unnecessary secret data in the cluster. -{{- if not .Values.sso.enabled }} - -apiVersion: v1 -kind: Secret -metadata: - name: {{ .Values.sso.secretName }} - namespace: {{ .Release.Namespace }} -type: "Opaque" -stringData: - #TEMPLATE_APPLICATION_NAME#.sso.config.key: | - example.saml.enabled: {{ .Values.sso.enabled }} -{{- end }} diff --git a/chart/templates/uds-package.yaml b/chart/templates/uds-package.yaml index f476e02..6f07623 100644 --- a/chart/templates/uds-package.yaml +++ b/chart/templates/uds-package.yaml @@ -7,35 +7,6 @@ metadata: name: #TEMPLATE_APPLICATION_NAME# namespace: {{ .Release.Namespace }} spec: - {{- if .Values.sso.enabled }} - sso: - - name: #TEMPLATE_APPLICATION_DISPLAY_NAME# Login - clientId: uds-package-#TEMPLATE_APPLICATION_NAME# - redirectUris: - - "https://#TEMPLATE_APPLICATION_NAME#.{{ .Values.domain }}/oauth2/callback/saml" - protocol: saml - defaultClientScopes: - - "mapper-saml-email-email" - - "mapper-saml-username-login" - - "mapper-saml-username-name" - - attributes: - saml.client.signature: "false" - - secretName: {{ .Values.sso.secretName }} - # This secret template configures sso for the application. Will need updated based on application required configuration - secretTemplate: - #TEMPLATE_APPLICATION_NAME#.sso.config.key: | - example.auth.saml.enabled: {{ .Values.sso.enabled }} - example.auth.saml.applicationId: clientField(clientId) - example.auth.saml.providerName: {{ .Values.sso.saml.providerName }} - example.auth.saml.providerId: https://sso.{{ .Values.domain }}/realms/uds - example.auth.saml.loginUrl: https://sso.{{ .Values.domain }}/realms/uds/protocol/saml - example.auth.saml.user.login: login - example.auth.saml.user.name: name - example.auth.saml.user.email: email - example.auth.saml.certificate.secured: clientField(samlIdpCertificate) - {{- end }} # Customize network policies and expose services via istio network: serviceMesh: diff --git a/chart/values.yaml b/chart/values.yaml index 3bea752..f861e61 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -1,29 +1,7 @@ # Copyright 2024 Defense Unicorns # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial -# Example values from UDS package repo template -domain: "###ZARF_VAR_DOMAIN###" -sso: - enabled: false - protocol: saml - secretName: #TEMPLATE_APPLICATION_NAME#-sso - adminGroups: ["/#TEMPLATE_APPLICATION_DISPLAY_NAME# Admin", "/UDS Core/Admin"] - saml: - providerName: "#TEMPLATE_APPLICATION_DISPLAY_NAME#" -# Support for custom `network.allow` entries on the Package CR + +# Support for custom `network.allow` entries on the Package CR +# https://uds.defenseunicorns.com/reference/configuration/uds-networking-configuration/#additional-network-allowances additionalNetworkAllow: [] -# # Notice no `remoteGenerated` field here on custom internal rule -# - direction: Ingress -# selector: -# app: jenkins -# remoteNamespace: jenkins -# remoteSelector: -# app: jenkins -# port: 8180 -# description: "Ingress from Jenkins" -# # No `remoteNamespace`, `remoteSelector`, or `port` fields on rule to `remoteGenerated` -# - direction: Egress -# selector: -# app: webservice -# remoteGenerated: Anywhere -# description: "Egress from #TEMPLATE_APPLICATION_NAME#" diff --git a/common/zarf.yaml b/common/zarf.yaml index 83443a7..747dae1 100644 --- a/common/zarf.yaml +++ b/common/zarf.yaml @@ -22,8 +22,3 @@ components: version: 1.2.3 valuesFiles: - ../values/common-values.yaml - -# You only need onDeploy.after.wait.cluster actions for non-UDS resources — items Zarf can’t automatically interpret, such as: -# Custom CRDs from third-party operators that don’t use kstatus -# External systems like databases, services, or Helm hooks -# Reference example implementation: https://docs.zarf.dev/ref/actions/#wait-action-configuration diff --git a/tasks/test.yaml b/tasks/test.yaml index a997d32..ab50ad8 100644 --- a/tasks/test.yaml +++ b/tasks/test.yaml @@ -5,7 +5,6 @@ tasks: - name: all actions: - task: health-check - # - task: custom-resource-test - task: ingress - task: ui @@ -20,38 +19,6 @@ tasks: namespace: #TEMPLATE_APPLICATION_NAME# condition: Available - # # If application manages custom resources, then test creating custom resources - # - name: custom-resource-test - # description: Test creating a custom resource - # actions: - # # Create test zarf package - # - cmd: | - # ./uds zarf package create --confirm - # dir: tests/optional-example-zarf-tests - # # Generate some kind of test data. In this example it is a certificate - # - cmd: | - # openssl req -x509 -newkey rsa:4096 -keyout testCA.key \ - # -out testCA.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname" - # dir: tests/optional-example-zarf-tests - # # Deploy package with test data - # - cmd: | - # ./uds zarf package deploy \ - # --set EXAMPLE_SECRET_VALUE="$(cat testCA.pem | base64 -w 0)" \ - # zarf-package-example-zarf-tests-"${UDS_ARCH}"-0.0.1.tar.zst \ - # --confirm - # dir: tests/optional-example-zarf-tests - # # Ensure expected resource is generated in some namespace. In this example it is checking for a configmap - # - description: Ensure configmap is created in target namespace - # wait: - # cluster: - # kind: configmap - # name: example-configmap - # namespace: example-ns - # # Cleanup files used to generate test data - # - cmd: | - # rm testCA.key testCA.pem - # dir: tests/optional-example-zarf-tests - - name: ingress actions: - description: #TEMPLATE_APPLICATION_DISPLAY_NAME# UI Status Check diff --git a/tests/optional-example-zarf-tests/example-custom-resource.yaml b/tests/optional-example-zarf-tests/example-custom-resource.yaml deleted file mode 100644 index 6ca6f92..0000000 --- a/tests/optional-example-zarf-tests/example-custom-resource.yaml +++ /dev/null @@ -1,9 +0,0 @@ -# Copyright 2024 Defense Unicorns -# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial - -apiVersion: example-custom-resource.io/v1alpha1 -kind: example-custom-resource -metadata: - name: example-custom-resource -spec: -# custom resource spec diff --git a/tests/optional-example-zarf-tests/example-secret.yaml b/tests/optional-example-zarf-tests/example-secret.yaml deleted file mode 100644 index fe1ec22..0000000 --- a/tests/optional-example-zarf-tests/example-secret.yaml +++ /dev/null @@ -1,11 +0,0 @@ -# Copyright 2024 Defense Unicorns -# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial - -apiVersion: v1 -kind: Secret -metadata: - name: example-secret - namespace: test-ns -type: kubernetes.io/opaque -data: - chain.crt: "###ZARF_VAR_EXAMPLE_SECRET_VALUE###" diff --git a/tests/optional-example-zarf-tests/zarf.yaml b/tests/optional-example-zarf-tests/zarf.yaml deleted file mode 100644 index 574e94f..0000000 --- a/tests/optional-example-zarf-tests/zarf.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright 2024 Defense Unicorns -# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial - -# yaml-language-server: $schema=https://raw.githubusercontent.com/defenseunicorns/zarf/main/zarf.schema.json -kind: ZarfPackageConfig -metadata: - name: example-zarf-tests - description: "Example zarf package for testing functionality of operators and other services deployed by UDS package" - architecture: "amd64" - version: "0.0.1" - -variables: - - name: EXAMPLE_SECRET_VALUE - description: "Some data needed for testing functionality" - -components: - # Create secret containing example secret value - - name: example-secret - required: true - manifests: - - name: example-secret - namespace: test-ns - files: - - example-secret.yaml - # Create some custom resource used by operator or service - - name: example-custom-resource - required: true - manifests: - - name: example-custom-resource - namespace: test-ns - files: - - example-custom-resource.yaml diff --git a/values/common-values.yaml b/values/common-values.yaml index fd2d601..b251327 100644 --- a/values/common-values.yaml +++ b/values/common-values.yaml @@ -3,16 +3,3 @@ # Values common to all flavors -# Example variables from UDS package repo template. Update to relevant variables after templating -# imagePullSecrets: -# - name: "private-registry" - -# postgresql: -# enabled: false -# postgresqlServer: ###ZARF_VAR_EXAMPLE_DB_ENDPOINT### -# existingSecret: "example-postgres" -# existingSecretPasswordKey: "password" -# postgresqlUsername: ###ZARF_VAR_EXAMPLE_DB_USERNAME### -# postgresqlDatabase: ###ZARF_VAR_EXAMPLE_DB_NAME### -# service: -# port: 5432 diff --git a/values/registry1-values.yaml b/values/registry1-values.yaml index 52d8fe4..9316333 100644 --- a/values/registry1-values.yaml +++ b/values/registry1-values.yaml @@ -2,8 +2,3 @@ # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial # Values for registry1 flavor - -# Example variables from UDS package repo template. Update to relevant variables after templating -# image: -# repository: registry1.dso.mil/image -# tag: 1.2.3 diff --git a/values/unicorn-values.yaml b/values/unicorn-values.yaml index 59cb46f..7079894 100644 --- a/values/unicorn-values.yaml +++ b/values/unicorn-values.yaml @@ -2,8 +2,3 @@ # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial # Values for unicorn flavor - -# Example variables from UDS package repo template. Update to relevant variables after templating -# image: -# repository: quay.io/rfcurated -# tag: 1.2.3 diff --git a/values/upstream-values.yaml b/values/upstream-values.yaml index 03a1e91..b690619 100644 --- a/values/upstream-values.yaml +++ b/values/upstream-values.yaml @@ -2,8 +2,3 @@ # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial # Values for upstream flavor - -# Example variables from UDS package repo template. Update to relevant variables after templating -# image: -# repository: upstream/image -# tag: 1.2.3 diff --git a/zarf.yaml b/zarf.yaml index b20fa0a..b13f5db 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -15,14 +15,8 @@ metadata: dev.uds.icon: "" variables: - - name: EXAMPLE_VARIABLES - default: "examples" - name: DOMAIN default: "uds.dev" - - name: EXAMPLE_DB_USERNAME - default: "example_username" - - name: EXAMPLE_DB_ENDPOINT - default: "example_db_endpoint" components: - name: #TEMPLATE_APPLICATION_NAME#