Skip to content

Commit c792219

Browse files
committed
Upgrade Makefile modules
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
1 parent 2d13638 commit c792219

File tree

15 files changed

+105
-107
lines changed

15 files changed

+105
-107
lines changed

.github/workflows/govulncheck.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ jobs:
2424
run: |
2525
make print-go-version >> "$GITHUB_OUTPUT"
2626
27-
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
27+
- uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
2828
with:
2929
go-version: ${{ steps.go-version.outputs.result }}
3030

.github/workflows/make-self-upgrade.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ jobs:
3838
run: |
3939
make print-go-version >> "$GITHUB_OUTPUT"
4040
41-
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
41+
- uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
4242
with:
4343
go-version: ${{ steps.go-version.outputs.result }}
4444

.github/workflows/release.yml

Lines changed: 12 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ env:
88
VERSION: ${{ github.ref_name }}
99

1010
jobs:
11-
build_images:
11+
build_and_push:
1212
runs-on: ubuntu-latest
1313

1414
permissions:
@@ -17,8 +17,6 @@ jobs:
1717

1818
steps:
1919
- uses: actions/checkout@v4
20-
with:
21-
fetch-depth: 0
2220

2321
- uses: ./.github/actions/repo_access
2422
with:
@@ -28,40 +26,29 @@ jobs:
2826
run: |
2927
make print-go-version >> "$GITHUB_OUTPUT"
3028
31-
- uses: actions/setup-go@v5
32-
with:
33-
go-version: ${{ steps.go-version.outputs.result }}
34-
3529
- uses: docker/login-action@v3
3630
with:
3731
registry: quay.io
38-
username: ${{ secrets.QUAY_USER }}
32+
username: ${{ secrets.QUAY_USERNAME }}
3933
password: ${{ secrets.QUAY_PASSWORD }}
40-
- uses: docker/login-action@v3
34+
35+
- uses: actions/setup-go@v5
4136
with:
42-
registry: ghcr.io
43-
username: ${{ github.actor }}
44-
password: ${{ secrets.GITHUB_TOKEN }}
37+
go-version: ${{ steps.go-version.outputs.result }}
4538

4639
- id: release
47-
run: make -j release
48-
49-
- uses: actions/upload-artifact@v4
50-
with:
51-
name: ${{ steps.release.outputs.RELEASE_HELM_CHART_NAME }}-${{ steps.release.outputs.RELEASE_HELM_CHART_VERSION }}.tgz
52-
path: ${{ steps.release.outputs.RELEASE_HELM_CHART_TAR }}
53-
if-no-files-found: error
40+
run: make release
5441

5542
outputs:
5643
RELEASE_OCI_PREFLIGHT_IMAGE: ${{ steps.release.outputs.RELEASE_OCI_PREFLIGHT_IMAGE }}
5744
RELEASE_OCI_PREFLIGHT_TAG: ${{ steps.release.outputs.RELEASE_OCI_PREFLIGHT_TAG }}
58-
RELEASE_HELM_CHART_NAME: ${{ steps.release.outputs.RELEASE_HELM_CHART_NAME }}
45+
RELEASE_HELM_CHART_IMAGE: ${{ steps.release.outputs.RELEASE_HELM_CHART_IMAGE }}
5946
RELEASE_HELM_CHART_VERSION: ${{ steps.release.outputs.RELEASE_HELM_CHART_VERSION }}
6047

6148
github_release:
6249
runs-on: ubuntu-latest
6350

64-
needs: build_images
51+
needs: build_and_push
6552

6653
permissions:
6754
contents: write # needed for creating a PR
@@ -70,15 +57,10 @@ jobs:
7057
steps:
7158
- run: |
7259
touch .notes-file
73-
echo "OCI_PREFLIGHT_IMAGE: ${{ needs.build_images.outputs.RELEASE_OCI_PREFLIGHT_IMAGE }}" >> .notes-file
74-
echo "OCI_PREFLIGHT_TAG: ${{ needs.build_images.outputs.RELEASE_OCI_PREFLIGHT_TAG }}" >> .notes-file
75-
echo "HELM_CHART_NAME: ${{ needs.build_images.outputs.RELEASE_HELM_CHART_NAME }}" >> .notes-file
76-
echo "HELM_CHART_VERSION: ${{ needs.build_images.outputs.RELEASE_HELM_CHART_VERSION }}" >> .notes-file
77-
78-
- id: chart_download
79-
uses: actions/download-artifact@v4
80-
with:
81-
name: ${{ needs.build_images.outputs.RELEASE_HELM_CHART_NAME }}-${{ needs.build_images.outputs.RELEASE_HELM_CHART_VERSION }}.tgz
60+
echo "OCI_PREFLIGHT_IMAGE: ${{ needs.build_and_push.outputs.RELEASE_OCI_PREFLIGHT_IMAGE }}" >> .notes-file
61+
echo "OCI_PREFLIGHT_TAG: ${{ needs.build_and_push.outputs.RELEASE_OCI_PREFLIGHT_TAG }}" >> .notes-file
62+
echo "HELM_CHART_IMAGE: ${{ needs.build_and_push.outputs.RELEASE_HELM_CHART_IMAGE }}" >> .notes-file
63+
echo "HELM_CHART_VERSION: ${{ needs.build_and_push.outputs.RELEASE_HELM_CHART_VERSION }}" >> .notes-file
8264
8365
- env:
8466
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -89,7 +71,3 @@ jobs:
8971
--draft \
9072
--verify-tag \
9173
--notes-file .notes-file
92-
93-
gh release upload "$VERSION" \
94-
--repo="$GITHUB_REPOSITORY" \
95-
"${{ steps.chart_download.outputs.download-path }}/${{ needs.build_images.outputs.RELEASE_HELM_CHART_NAME }}-${{ needs.build_images.outputs.RELEASE_HELM_CHART_VERSION }}.tgz"

OWNERS_ALIASES

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ aliases:
88
- wallrj
99
- jakexks
1010
- maelvls
11-
- irbekrm
1211
- sgtcodfish
1312
- inteon
1413
- thatsmrtalbot
14+
- erikgb

hack/e2e/test.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -68,7 +68,7 @@ make release \
6868
OCI_SIGN_ON_PUSH=false \
6969
oci_platforms=linux/amd64 \
7070
oci_preflight_image_name=$OCI_BASE/images/venafi-agent \
71-
helm_chart_repo_base=oci://$OCI_BASE/charts \
71+
helm_chart_image_name=$OCI_BASE/charts/venafi-kubernetes-agent \
7272
GITHUB_OUTPUT=release.env
7373
source release.env
7474
popd

klone.yaml

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -10,50 +10,50 @@ targets:
1010
- folder_name: generate-verify
1111
repo_url: https://github.com/cert-manager/makefile-modules.git
1212
repo_ref: main
13-
repo_hash: c775b91913708e2ea4816373d0b0b4b632b3b524
13+
repo_hash: fbd26411777b12c2574d05f146cee617c6c50b63
1414
repo_path: modules/generate-verify
1515
- folder_name: go
1616
repo_url: https://github.com/cert-manager/makefile-modules.git
1717
repo_ref: main
18-
repo_hash: c775b91913708e2ea4816373d0b0b4b632b3b524
18+
repo_hash: fbd26411777b12c2574d05f146cee617c6c50b63
1919
repo_path: modules/go
2020
- folder_name: helm
2121
repo_url: https://github.com/cert-manager/makefile-modules.git
2222
repo_ref: main
23-
repo_hash: c775b91913708e2ea4816373d0b0b4b632b3b524
23+
repo_hash: fbd26411777b12c2574d05f146cee617c6c50b63
2424
repo_path: modules/helm
2525
- folder_name: help
2626
repo_url: https://github.com/cert-manager/makefile-modules.git
2727
repo_ref: main
28-
repo_hash: c775b91913708e2ea4816373d0b0b4b632b3b524
28+
repo_hash: fbd26411777b12c2574d05f146cee617c6c50b63
2929
repo_path: modules/help
3030
- folder_name: kind
3131
repo_url: https://github.com/cert-manager/makefile-modules.git
3232
repo_ref: main
33-
repo_hash: c775b91913708e2ea4816373d0b0b4b632b3b524
33+
repo_hash: fbd26411777b12c2574d05f146cee617c6c50b63
3434
repo_path: modules/kind
3535
- folder_name: klone
3636
repo_url: https://github.com/cert-manager/makefile-modules.git
3737
repo_ref: main
38-
repo_hash: c775b91913708e2ea4816373d0b0b4b632b3b524
38+
repo_hash: fbd26411777b12c2574d05f146cee617c6c50b63
3939
repo_path: modules/klone
4040
- folder_name: oci-build
4141
repo_url: https://github.com/cert-manager/makefile-modules.git
4242
repo_ref: main
43-
repo_hash: c775b91913708e2ea4816373d0b0b4b632b3b524
43+
repo_hash: fbd26411777b12c2574d05f146cee617c6c50b63
4444
repo_path: modules/oci-build
4545
- folder_name: oci-publish
4646
repo_url: https://github.com/cert-manager/makefile-modules.git
4747
repo_ref: main
48-
repo_hash: c775b91913708e2ea4816373d0b0b4b632b3b524
48+
repo_hash: fbd26411777b12c2574d05f146cee617c6c50b63
4949
repo_path: modules/oci-publish
5050
- folder_name: repository-base
5151
repo_url: https://github.com/cert-manager/makefile-modules.git
5252
repo_ref: main
53-
repo_hash: c775b91913708e2ea4816373d0b0b4b632b3b524
53+
repo_hash: fbd26411777b12c2574d05f146cee617c6c50b63
5454
repo_path: modules/repository-base
5555
- folder_name: tools
5656
repo_url: https://github.com/cert-manager/makefile-modules.git
5757
repo_ref: main
58-
repo_hash: c775b91913708e2ea4816373d0b0b4b632b3b524
58+
repo_hash: fbd26411777b12c2574d05f146cee617c6c50b63
5959
repo_path: modules/tools

make/00_mod.mk

Lines changed: 2 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -5,9 +5,6 @@ kind_cluster_config := $(bin_dir)/scratch/kind_cluster.yaml
55

66
build_names := preflight
77

8-
goos:=
9-
GOARCH:=$(shell go env GOARCH)
10-
118
go_preflight_main_dir := .
129
go_preflight_mod_dir := .
1310
go_preflight_ldflags := \
@@ -26,15 +23,10 @@ oci_preflight_image_name_development := jetstack.local/venafi-agent
2623
deploy_name := venafi-kubernetes-agent
2724
deploy_namespace := venafi
2825

29-
helm_chart_repo_base := oci://quay.io/jetstack/charts
3026
helm_chart_source_dir := deploy/charts/venafi-kubernetes-agent
31-
helm_chart_name := venafi-kubernetes-agent
32-
helm_chart_app_version := $(VERSION)
33-
helm_chart_version := $(VERSION:v%=%)
27+
helm_chart_image_name := quay.io/jetstack/charts/venafi-kubernetes-agent
28+
helm_chart_version := $(VERSION)
3429
helm_labels_template_name := preflight.labels
35-
helm_docs_use_helm_tool := 1
36-
helm_generate_schema := 1
37-
helm_verify_values := 1
3830

3931
# Allows us to replace the Helm values.yaml's image.repository and image.tag
4032
# with the right values.

make/02_mod.mk

Lines changed: 5 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -4,15 +4,14 @@ GITHUB_OUTPUT ?= /dev/stderr
44
.PHONY: release
55
## Publish all release artifacts (image + helm chart)
66
## @category [shared] Release
7-
release: $(helm_chart_archive)
7+
release:
88
$(MAKE) oci-push-preflight
9-
$(HELM) push "$(helm_chart_archive)" "$(helm_chart_repo_base)"
9+
$(MAKE) helm-chart-oci-push
1010

11-
@echo "RELEASE_OCI_preflight_IMAGE=$(oci_preflight_image_name)" >> "$(GITHUB_OUTPUT)"
12-
@echo "RELEASE_OCI_preflight_TAG=$(oci_preflight_image_tag)" >> "$(GITHUB_OUTPUT)"
13-
@echo "RELEASE_HELM_CHART_NAME=$(helm_chart_name)" >> "$(GITHUB_OUTPUT)"
11+
@echo "RELEASE_OCI_PREFLIGHT_IMAGE=$(oci_preflight_image_name)" >> "$(GITHUB_OUTPUT)"
12+
@echo "RELEASE_OCI_PREFLIGHT_TAG=$(oci_preflight_image_tag)" >> "$(GITHUB_OUTPUT)"
13+
@echo "RELEASE_HELM_CHART_IMAGE=$(helm_chart_image_name)" >> "$(GITHUB_OUTPUT)"
1414
@echo "RELEASE_HELM_CHART_VERSION=$(helm_chart_version)" >> "$(GITHUB_OUTPUT)"
15-
@echo "RELEASE_HELM_CHART_TAR=$(helm_chart_archive)" >> "$(GITHUB_OUTPUT)"
1615

1716
@echo "Release complete!"
1817

make/_shared/go/base/.github/workflows/govulncheck.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ jobs:
2424
run: |
2525
make print-go-version >> "$GITHUB_OUTPUT"
2626
27-
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
27+
- uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
2828
with:
2929
go-version: ${{ steps.go-version.outputs.result }}
3030

make/_shared/helm/crds.mk

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,9 @@ ifeq ($(HOST_OS),darwin)
3737
sed_inplace := sed -i ''
3838
endif
3939

40+
crds_dir ?= deploy/crds
41+
crds_dir_readme := $(dir $(lastword $(MAKEFILE_LIST)))/crds_dir.README.md
42+
4043
.PHONY: generate-crds
4144
## Generate CRD manifests.
4245
## @category [shared] Generate/ Verify
@@ -51,7 +54,7 @@ generate-crds: | $(NEEDS_CONTROLLER-GEN) $(NEEDS_YQ)
5154
$(directories:%=paths=./%...) \
5255
output:crd:artifacts:config=$(crds_gen_temp)
5356

54-
echo "Updating CRDs with helm templating, writing to $(helm_chart_source_dir)/templates"
57+
@echo "Updating CRDs with helm templating, writing to $(helm_chart_source_dir)/templates"
5558

5659
@for i in $$(ls $(crds_gen_temp)); do \
5760
crd_name=$$($(YQ) eval '.metadata.name' $(crds_gen_temp)/$$i); \
@@ -63,4 +66,9 @@ generate-crds: | $(NEEDS_CONTROLLER-GEN) $(NEEDS_YQ)
6366
cat $(crd_template_footer) >> $(helm_chart_source_dir)/templates/crd-$$i; \
6467
done
6568

69+
@if [ -n "$$(ls $(crds_gen_temp) 2>/dev/null)" ]; then \
70+
cp -Tr $(crds_gen_temp) $(crds_dir); \
71+
cp $(crds_dir_readme) $(crds_dir)/README.md; \
72+
fi
73+
6674
shared_generate_targets += generate-crds

make/_shared/helm/crds_dir.README.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
# CRDs source directory
2+
3+
> **WARNING**: if you are an end-user, you probably should NOT need to use the
4+
> files in this directory. These files are for **reference, development and testing purposes only**.
5+
6+
This directory contains 'source code' used to build our CustomResourceDefinition
7+
resources consumed by our officially supported deployment methods (e.g. the Helm chart).
8+
The CRDs in this directory might be incomplete, and should **NOT** be used to provision the operator.

make/_shared/helm/helm.mk

Lines changed: 16 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -24,17 +24,15 @@ ifndef helm_chart_source_dir
2424
$(error helm_chart_source_dir is not set)
2525
endif
2626

27-
ifndef helm_chart_name
28-
$(error helm_chart_name is not set)
27+
ifndef helm_chart_image_name
28+
$(error helm_chart_image_name is not set)
2929
endif
3030

3131
ifndef helm_chart_version
3232
$(error helm_chart_version is not set)
3333
endif
34-
35-
ifndef helm_chart_app_version
36-
# Default to the same as the chart version
37-
helm_chart_app_version = $(helm_chart_version)
34+
ifneq ($(helm_chart_version:v%=v),v)
35+
$(error helm_chart_version "$(helm_chart_version)" should start with a "v")
3836
endif
3937

4038
ifndef helm_values_mutation_function
@@ -43,6 +41,9 @@ endif
4341

4442
##########################################
4543

44+
helm_chart_name := $(notdir $(helm_chart_image_name))
45+
helm_chart_image_registry := $(dir $(helm_chart_image_name))
46+
helm_chart_image_tag := $(helm_chart_version)
4647
helm_chart_sources := $(shell find $(helm_chart_source_dir) -maxdepth 1 -type f) $(shell find $(helm_chart_source_dir)/templates -type f)
4748
helm_chart_archive := $(bin_dir)/scratch/image/$(helm_chart_name)-$(helm_chart_version).tgz
4849

@@ -64,17 +65,23 @@ $(helm_chart_archive): $(helm_chart_sources) | $(NEEDS_HELM) $(NEEDS_YQ) $(bin_d
6465

6566
mkdir -p $(dir $@)
6667
$(HELM) package $(helm_chart_source_dir_versioned) \
67-
--app-version $(helm_chart_app_version) \
68+
--app-version $(helm_chart_version) \
6869
--version $(helm_chart_version) \
6970
--destination $(dir $@)
7071

72+
.PHONY: helm-chart-oci-push
73+
## Create and push Helm chart to OCI registry.
74+
## Will also create a non-v-prefixed tag for the OCI image.
75+
## @category [shared] Publish
76+
helm-chart-oci-push: $(helm_chart_archive) | $(NEEDS_HELM) $(NEEDS_CRANE)
77+
$(HELM) push "$(helm_chart_archive)" "oci://$(helm_chart_image_registry)"
78+
$(CRANE) copy "$(helm_chart_image_name):$(helm_chart_image_tag)" "$(helm_chart_image_name):$(helm_chart_image_tag:v%=%)"
79+
7180
.PHONY: helm-chart
7281
## Create a helm chart
7382
## @category [shared] Helm Chart
7483
helm-chart: $(helm_chart_archive)
7584

76-
ifdef helm_docs_use_helm_tool
77-
7885
helm_tool_header_search ?= ^<!-- AUTO-GENERATED -->
7986
helm_tool_footer_search ?= ^<!-- /AUTO-GENERATED -->
8087

@@ -83,35 +90,24 @@ helm_tool_footer_search ?= ^<!-- /AUTO-GENERATED -->
8390
## @category [shared] Generate/ Verify
8491
generate-helm-docs: | $(NEEDS_HELM-TOOL)
8592
$(HELM-TOOL) inject -i $(helm_chart_source_dir)/values.yaml -o $(helm_chart_source_dir)/README.md --header-search "$(helm_tool_header_search)" --footer-search "$(helm_tool_footer_search)"
86-
else
87-
.PHONY: generate-helm-docs
88-
## Generate Helm chart documentation.
89-
## @category [shared] Generate/ Verify
90-
generate-helm-docs: | $(NEEDS_HELM-DOCS)
91-
$(HELM-DOCS) $(helm_chart_source_dir)/
92-
endif
9393

9494
shared_generate_targets += generate-helm-docs
9595

96-
ifdef helm_generate_schema
9796
.PHONY: generate-helm-schema
9897
## Generate Helm chart schema.
9998
## @category [shared] Generate/ Verify
10099
generate-helm-schema: | $(NEEDS_HELM-TOOL) $(NEEDS_GOJQ)
101100
$(HELM-TOOL) schema -i $(helm_chart_source_dir)/values.yaml | $(GOJQ) > $(helm_chart_source_dir)/values.schema.json
102101

103102
shared_generate_targets += generate-helm-schema
104-
endif
105103

106-
ifdef helm_verify_values
107104
.PHONY: verify-helm-values
108105
## Verify Helm chart values using helm-tool.
109106
## @category [shared] Generate/ Verify
110107
verify-helm-values: | $(NEEDS_HELM-TOOL) $(NEEDS_GOJQ)
111108
$(HELM-TOOL) lint -i $(helm_chart_source_dir)/values.yaml -d $(helm_chart_source_dir)/templates -e $(helm_chart_source_dir)/values.linter.exceptions
112109

113110
shared_verify_targets += verify-helm-values
114-
endif
115111

116112
.PHONY: verify-pod-security-standards
117113
## Verify that the Helm chart complies with the pod security standards.

make/_shared/repository-base/base/.github/workflows/make-self-upgrade.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ jobs:
3838
run: |
3939
make print-go-version >> "$GITHUB_OUTPUT"
4040
41-
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
41+
- uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
4242
with:
4343
go-version: ${{ steps.go-version.outputs.result }}
4444

0 commit comments

Comments
 (0)