Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ParadeDB UID GID #393

Closed
wants to merge 10 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# Order is important. The last matching pattern has the most precedence. In each subsection folders are ordered first by depth, then alphabetically

/.github/ @philippemnoel
/charts/ @philippemnoel
12 changes: 12 additions & 0 deletions .github/FUNDING.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# These are supported funding model platforms

github: [paradedb] # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
patreon: # Replace with a single Patreon username
open_collective: # Replace with a single Open Collective username
ko_fi: # Replace with a single Ko-fi username
tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
liberapay: # Replace with a single Liberapay username
issuehunt: # Replace with a single IssueHunt username
otechie: # Replace with a single Otechie username
custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
16 changes: 16 additions & 0 deletions .github/ISSUE_TEMPLATE/bug_report.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
---
name: Bug report
about: Create a report to help us improve
title: ""
labels: ""
assignees: ""
---

**Bug Description**
Please describe the bug.

**How To Reproduce**
Please describe how to reproduce the bug.

**Proposed Fix**
Please describe how you think this bug could be fixed.
1 change: 1 addition & 0 deletions .github/ISSUE_TEMPLATE/config.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
blank_issues_enabled: false
16 changes: 16 additions & 0 deletions .github/ISSUE_TEMPLATE/feature_request.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
---
name: Feature request
about: Suggest an idea for this project
title: ""
labels: ""
assignees: ""
---

**What**
Please describe the feature.

**Why**
Please describe why this feature is important.

**How**
Please describe how you'd implement this feature.
11 changes: 11 additions & 0 deletions .github/PULL_REQUEST_TEMPLATE.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
# Ticket(s) Closed

- Closes #

## What

## Why

## How

## Tests
4 changes: 2 additions & 2 deletions .github/actions/deploy-operator/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,11 @@ runs:
- name: Deploy the operator
shell: bash
run:
helm dependency update charts/cloudnative-pg
helm repo add cnpg https://cloudnative-pg.github.io/charts

helm upgrade
--install
--namespace cnpg-system
--create-namespace
--wait
cnpg charts/cloudnative-pg
cnpg cnpg/cloudnative-pg
32 changes: 0 additions & 32 deletions .github/actions/verify-cluster-ready/action.yml

This file was deleted.

12 changes: 12 additions & 0 deletions .github/config/cr.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
## Reference: https://github.com/helm/chart-releaser
index-path: "./index.yaml"

# PGP signing
sign: true
key: ParadeDB
# keyring: # Set via env variable CR_KEYRING
# passphrase-file: # Set via env variable CR_PASSPHRASE_FILE

# Enable automatic generation of release notes using GitHub's release notes generator.
# see: https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes
generate-release-notes: true
14 changes: 14 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
version: 2

updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "monthly"
ignore:
- dependency-name: "*"
update-types: ["version-update:semver-patch"]
groups:
github-actions-dependencies:
patterns:
- "*"
27 changes: 0 additions & 27 deletions .github/renovate.json5

This file was deleted.

109 changes: 109 additions & 0 deletions .github/workflows/paradedb-publish-chart.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,109 @@
# workflows/paradedb-publish-chart.yml
#
# ParadeDB Publish Chart
# Publish the ParadeDB Helm chart to paradedb.github.io via GitHub Pages. This workflow also
# triggers the creation of a GitHub Release. It only runs on pushes to `main` or when we trigger
# a workflow_dispatch event, either manually or via creating a release in `paradedb/paradedb`.

name: ParadeDB Publish Chart

on:
push:
branches:
- main
workflow_dispatch:
inputs:
appVersion:
description: "The ParadeDB version to publish in the Helm Chart (e.g. 0.1.0)"
required: true
default: ""

concurrency:
group: paradedb-publish-chart-${{ github.head_ref || github.ref }}
cancel-in-progress: true

jobs:
paradedb-publish-chart:
name: Publish ParadeDB Helm Charts to GitHub Pages
runs-on: ubuntu-latest
permissions:
contents: write

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"

- name: Set Helm Chart Release Versions
id: set_versions
working-directory: charts/cluster/
env:
GH_TOKEN: ${{ secrets.GHA_CREATE_RELEASE_PAT }}
run: |
# If no appVersion is provided, we use the latest ParadeDB version
if [ -z "${{ github.event.inputs.appVersion }}" ]; then
LATEST_TAG=$(curl -s https://api.github.com/repos/paradedb/paradedb/tags | jq -r '.[0].name')
APP_VERSION=${LATEST_TAG#v}
else
APP_VERSION=${{ github.event.inputs.appVersion }}
fi
# Update appVersion to the GitHub Release version and version to the Helm Chart version
sed -i "s/^[[:space:]]*paradedb: .*/ paradedb: \"$APP_VERSION\"/" values.yaml
sed -i "s/^version: .*/version: ${{ vars.CHART_VERSION_MAJOR }}.${{ vars.CHART_VERSION_MINOR }}.${{ vars.CHART_VERSION_PATCH }}/" Chart.yaml
echo "values.yaml:"
cat values.yaml
echo "----------------------------------------"
echo "Chart.yaml:"
cat Chart.yaml

# Set output to update post-release, increasing the Helm Chart version patch number by one to update in GitHub Actions Variables
echo "new_chart_version_patch=$(( ${{ vars.CHART_VERSION_PATCH }} + 1 ))" >> $GITHUB_OUTPUT

# The GitHub repository secret `PARADEDB_PGP_PRIVATE_KEY` contains the private key
# in ASCII-armored format. To export a (new) key, run this command:
# `gpg --armor --export-secret-key <my key>`
- name: Prepare ParadeDB PGP Key
env:
PGP_PRIVATE_KEY: "${{ secrets.PARADEDB_PGP_PRIVATE_KEY }}"
PGP_PASSPHRASE: "${{ secrets.PARADEDB_PGP_PASSPHRASE }}"
run: |
IFS=""
echo "$PGP_PRIVATE_KEY" | gpg --dearmor --verbose > /tmp/secring.gpg
echo "$PGP_PASSPHRASE" > /tmp/passphrase.txt

# Tell chart-releaser-action where to find the key and its passphrase
echo "CR_KEYRING=/tmp/secring.gpg" >> "$GITHUB_ENV"
echo "CR_PASSPHRASE_FILE=/tmp/passphrase.txt" >> "$GITHUB_ENV"

- name: Add Grafana Chart Dependencies
run: helm repo add cnpg-grafana-dashboard https://cloudnative-pg.github.io/grafana-dashboards

- name: Run chart-releaser
uses: helm/[email protected]
with:
config: "./.github/config/cr.yaml"
env:
CR_TOKEN: "${{ secrets.GHA_CREATE_RELEASE_PAT }}"

# We have a separate version for our Helm Chart, since it needs to always increment by
# one for every production release, independently of the ParadeDB version. Any non-patch
# version increment should be done manually in GitHub Actions Variables.
- name: Increment Helm Chart Version Number in GitHub Actions Variables
env:
GH_TOKEN: ${{ secrets.GHA_CREATE_RELEASE_PAT }}
run: |
gh api \
--method PATCH \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
/repos/paradedb/charts/actions/variables/CHART_VERSION_PATCH \
-f name='CHART_VERSION_PATCH' \
-f value='${{ steps.set_versions.outputs.new_chart_version_patch }}'

- name: Securely Delete the PGP Key and Passphrase
if: always()
run: shred --remove=wipesync /tmp/secring.gpg /tmp/passphrase.txt
119 changes: 119 additions & 0 deletions .github/workflows/paradedb-test-eks.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,119 @@
# workflows/paradedb-test-eks.yml
#
# ParadeDB Test EKS
# Test the ParadeDB Helm chart against a local AWS EKS cluster via LocalStack. This test workflow is
# specific to the ParadeDB cloudnative-pg/charts fork.

name: ParadeDB Test EKS

on:
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
paths:
- "charts/cluster/*"
- ".github/workflows/paradedb-test-eks.yml"
repository_dispatch:
workflow_dispatch:

concurrency:
group: paradedb-test-eks-${{ github.head_ref || github.ref }}
cancel-in-progress: true

jobs:
paradedb-test-eks:
name: Test ParadeDB Helm Chart on AWS EKS via LocalStack
runs-on: ubuntu-latest
if: github.event.pull_request.draft == false

steps:
- name: Checkout Git Repository
uses: actions/checkout@v4

- name: Set up Kubectl
uses: azure/setup-kubectl@v4

- name: Set up Helm
uses: azure/setup-helm@v4

- name: Start LocalStack
uses: LocalStack/[email protected]
with:
image-tag: "latest"
install-awslocal: "true"
configuration: DEBUG=1
use-pro: "true"
env:
LOCALSTACK_AUTH_TOKEN: ${{ secrets.LOCALSTACK_AUTH_TOKEN }}

- name: Configure AWS CLI for LocalStack
run: |
awslocal configure set aws_secret_access_key test
awslocal configure set aws_access_key_id test
awslocal configure set region us-east-1

# As of writing, the latest Kubernetes version available on LocalStack EKS
# is 1.29. CloudNativePG requires version 1.25+
- name: Create the LocalStack AWS EKS Cluster
run: |
awslocal --endpoint-url=http://localhost:4566 eks create-cluster \
--name paradedb-eks \
--role-arn arn:aws:iam::000000000000:role/eks-service-role \
--resources-vpc-config subnetIds=subnet-12345 \
--kubernetes-version 1.29

- name: Wait for LocalStack AWS EKS Cluster to be Active
run: |
for i in {1..10}; do
STATUS=$(awslocal --endpoint-url=http://localhost:4566 --region us-east-1 eks describe-cluster --name paradedb-eks --query 'cluster.status' --output text)
if [ "$STATUS" == "ACTIVE" ]; then
echo "Cluster is ACTIVE"
break
else
echo "Cluster status is $STATUS. Waiting..."
sleep 10
fi
done

- name: Update Kubeconfig to Use the LocalStack AWS EKS Cluster
run: awslocal --endpoint-url=http://localhost:4566 eks update-kubeconfig --name paradedb-eks

- name: Wait for the LocalStack AWS EKS Cluster to be Ready
run: |
nodes=$(kubectl get nodes --no-headers -o custom-columns=NAME:.metadata.name)
for node in $nodes; do
kubectl wait --for=condition=ready node/$node --timeout=120s
done

- name: Install the CloudNativePG Operator
run: |
helm repo add cnpg https://cloudnative-pg.github.io/charts
helm upgrade --install cnpg --namespace cnpg-system --create-namespace cnpg/cloudnative-pg

- name: Wait for CNPG Webhook Service to be Ready
run: |
kubectl wait --namespace cnpg-system --for=condition=available --timeout=120s deployment/cnpg-cloudnative-pg
kubectl get svc -n cnpg-system cnpg-webhook-service

- name: Test Helm Dependency Update
working-directory: charts/cluster/
run: helm dependency update . --debug

- name: Fetch the latest ParadeDB release tag
id: paradedb-version
run: |
# Fetch the latest release tag and strip the 'v' prefix
LATEST_TAG=$(curl -s https://api.github.com/repos/paradedb/paradedb/releases/latest | jq -r '.tag_name')
CLEANED_TAG=${LATEST_TAG#v}
echo $CLEANED_TAG
echo "version=$CLEANED_TAG" >> $GITHUB_OUTPUT

- name: Test Helm Install
working-directory: charts/cluster/
run: helm install paradedb . --namespace paradedb --create-namespace --set version.paradedb=${{ steps.paradedb-version.outputs.version }} --debug

- name: Test Helm Upgrade
working-directory: charts/cluster/
run: helm upgrade paradedb . --namespace paradedb --reuse-values --wait --debug

- name: Test PostgreSQL Connection
run: helm test paradedb --namespace paradedb
Loading
Loading