Merge remote-tracking branch 'origin/develop' into chart-service-refactoring

Author: iamayushm

CHANGELOG/release-notes-v1.7.0.md

@@ -0,0 +1,33 @@
+## v1.7.0
+
+## Enhancements
+- feat: Added Cronjob chart 1-6-0 (#6650)
+- feat: wf logs (#6606)
+- feat: Enable selection of all CI pipelines at once when the Environment filter is applied in Notifications (#6526)
+## Bugs
+- fix: app workflow cd pipleine check (#6658)
+- fix: panic fixes on concurrent delete request (#6657)
+- fix: panic fix on concurrent deletion request (#6644)
+- fix: duplicate entries in deployment history without override (#6637)
+- fix: overriden pipeline ids filtering in case of material deletion (#6636)
+- fix: prevent deletion of git material used in overridden CI templates (#6633)
+- fix: ea mode fixes (#6624)
+- fix: stack Manager issues (#6619)
+- fix: Change ci to webhook fix (#6626)
+- fix: oci chart deployment values.yaml and requirement.yaml not compatible (#6620)
+- fix: panic fix installedApp type timeline update (#6614)
+- fix: workflow getting incorrectly deleted in case of webhook and unreachable cluster's cd pipeline (#6602)
+- fix: add safety checks to prevent index-out-of-range panics in CdHandler (#6597)
+- fix: reverted telemetry connection error (#6587)
+- fix: anomalies in deployment status timeline (#6569)
+- fix: scoped var complex type resolution not working in patch type overrides (#6572)
+## Others
+- chore: when a cluster event occurs, create config map instead of secret (#6607)
+- chore: Gpu workload chart (#6608)
+- misc: update sample dockerfiles use non-root user (UID 2002) and base images (#6512)
+- misc: wire in EA (#6616)
+- chore: removed multi-arch section from readme (#6613)
+- chore: git sensor grpc lb policy change (#6610)
+- misc: go routines wrapped into panic safe function (#6589)
+- chore: http transport service refactoring (#6592)
+- misc: GetConfigDBObj in tx (#6584)

Makefile

@@ -2,7 +2,7 @@
 
 all: fetch-all-env build
 
-TARGET_BRANCH?=main
+TARGET_BRANCH?=develop
 TAG?=$(shell bash -c 'git log --pretty=format:'%h' -n 1')
 FLAGS=
 ENVVAR=

Wire.go

@@ -93,6 +93,7 @@ import (
 	"github.com/devtron-labs/devtron/client/cron"
 	"github.com/devtron-labs/devtron/client/dashboard"
 	eClient "github.com/devtron-labs/devtron/client/events"
+	"github.com/devtron-labs/devtron/client/fluxcd"
 	"github.com/devtron-labs/devtron/client/gitSensor"
 	"github.com/devtron-labs/devtron/client/grafana"
 	"github.com/devtron-labs/devtron/client/lens"
@@ -223,6 +224,7 @@ func InitializeApp() (*App, error) {
 		policyGovernance.PolicyGovernanceWireSet,
 		resourceScan.ScanningResultWireSet,
 		executor.ExecutorWireSet,
+		fluxcd.DeploymentWireSet,
 		// -------wireset end ----------
 		// -------
 		gitSensor.GetConfig,
@@ -754,6 +756,10 @@ func InitializeApp() (*App, error) {
 
 		deployment3.NewFullModeDeploymentServiceImpl,
 		wire.Bind(new(deployment3.FullModeDeploymentService), new(*deployment3.FullModeDeploymentServiceImpl)),
+
+		deployment3.NewFullModeFluxDeploymentServiceImpl,
+		wire.Bind(new(deployment3.FullModeFluxDeploymentService), new(*deployment3.FullModeFluxDeploymentServiceImpl)),
+
 		//	util2.NewGoJsonSchemaCustomFormatChecker,
 
 		//history starts

api/fluxApplication/FluxApplicationRestHandler.go

@@ -45,6 +45,8 @@ func (handler *FluxApplicationRestHandlerImpl) ListFluxApplications(w http.Respo
 	var clusterIds []int
 	var err error
 
+	noStream := v.Get("noStream") == "true"
+
 	//handling when the clusterIds string is empty ,it will not support the
 	if len(clusterIdString) == 0 {
 		handler.logger.Errorw("error in getting cluster ids", "error", err, "clusterIds", clusterIds)
@@ -57,7 +59,7 @@ func (handler *FluxApplicationRestHandlerImpl) ListFluxApplications(w http.Respo
 		return
 	}
 	handler.logger.Debugw("extracted ClusterIds successfully ", "clusterIds", clusterIds)
-	handler.fluxApplicationService.ListFluxApplications(r.Context(), clusterIds, w)
+	handler.fluxApplicationService.ListFluxApplications(r.Context(), clusterIds, noStream, w)
 }
 
 func (handler *FluxApplicationRestHandlerImpl) GetApplicationDetail(w http.ResponseWriter, r *http.Request) {

api/helm-app/gRPC/applist.pb.go

@@ -86,6 +86,8 @@ message FluxAppDetail{
   FluxApplication fluxApplication=1;
   FluxAppStatusDetail FluxAppStatusDetail = 2;
   ResourceTreeResponse resourceTreeResponse =3;
+  string applicationStatus = 4;
+  string lastObservedGeneration = 5;
 }
 
 message FluxAppStatusDetail{

api/helm-app/gRPC/applist.proto

@@ -23,6 +23,7 @@ import (
 	"github.com/devtron-labs/devtron/pkg/policyGovernance/security/imageScanning"
 	securityBean "github.com/devtron-labs/devtron/pkg/policyGovernance/security/imageScanning/bean"
 	security2 "github.com/devtron-labs/devtron/pkg/policyGovernance/security/imageScanning/repository"
+	"github.com/devtron-labs/devtron/util/sliceUtil"
 	"net/http"
 	"strconv"
 
@@ -104,6 +105,45 @@ func (impl ImageScanRestHandlerImpl) ScanExecutionList(w http.ResponseWriter, r
 		return
 	}
 	token := r.Header.Get("token")
+	isSuperAdmin := false
+	if ok := impl.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionGet, "*"); ok {
+		isSuperAdmin = true
+	}
+	var ids []int
+	if isSuperAdmin {
+		ids = sliceUtil.NewSliceFromFuncExec(filteredDeployInfoList, func(item *security2.ImageScanDeployInfo) int {
+			return item.Id
+		})
+	} else {
+		ids, err = impl.getAuthorisedImageScanDeployInfoIds(token, filteredDeployInfoList)
+		if err != nil {
+			impl.logger.Errorw("error in getting authorised image scan deploy info ids", "err", err)
+			common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
+			return
+		}
+	}
+
+	if len(ids) == 0 {
+		responseList := make([]*securityBean.ImageScanHistoryResponse, 0)
+		common.WriteJsonResp(w, nil, &securityBean.ImageScanHistoryListingResponse{ImageScanHistoryResponse: responseList}, http.StatusOK)
+		return
+	}
+
+	results, err := impl.imageScanService.FetchScanExecutionListing(request, ids)
+	if err != nil {
+		impl.logger.Errorw("service err, ScanExecutionList", "err", err, "payload", request)
+		if util.IsErrNoRows(err) {
+			responseList := make([]*securityBean.ImageScanHistoryResponse, 0)
+			common.WriteJsonResp(w, nil, &securityBean.ImageScanHistoryListingResponse{ImageScanHistoryResponse: responseList}, http.StatusOK)
+		} else {
+			common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
+		}
+		return
+	}
+	common.WriteJsonResp(w, err, results, http.StatusOK)
+}
+
+func (impl ImageScanRestHandlerImpl) getAuthorisedImageScanDeployInfoIds(token string, filteredDeployInfoList []*security2.ImageScanDeployInfo) ([]int, error) {
 	var ids []int
 	var appRBACObjects []string
 	var envRBACObjects []string
@@ -119,8 +159,8 @@ func (impl ImageScanRestHandlerImpl) ScanExecutionList(w http.ResponseWriter, r
 
 	appObjects, envObjects, appIdtoApp, envIdToEnv, err := impl.enforcerUtil.GetAppAndEnvRBACNamesByAppAndEnvIds(IdToAppEnvPairs)
 	if err != nil {
-		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
-		return
+		impl.logger.Errorw("error in getting app and env rbac objects", "err", err)
+		return nil, err
 	}
 
 	for _, item := range filteredDeployInfoList {
@@ -136,8 +176,8 @@ func (impl ImageScanRestHandlerImpl) ScanExecutionList(w http.ResponseWriter, r
 		} else if item.ScanObjectMetaId > 0 && (item.ObjectType == ObjectTypePod) {
 			environments, err := impl.environmentService.GetByClusterId(item.ClusterId)
 			if err != nil {
-				common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
-				return
+				impl.logger.Errorw("error in getting environments for cluster", "clusterId", item.ClusterId, "err", err)
+				return nil, err
 			}
 			for _, environment := range environments {
 				podObject := environment.EnvironmentIdentifier
@@ -163,25 +203,7 @@ func (impl ImageScanRestHandlerImpl) ScanExecutionList(w http.ResponseWriter, r
 			}
 		}
 	}
-
-	if ids == nil || len(ids) == 0 {
-		responseList := make([]*securityBean.ImageScanHistoryResponse, 0)
-		common.WriteJsonResp(w, nil, &securityBean.ImageScanHistoryListingResponse{ImageScanHistoryResponse: responseList}, http.StatusOK)
-		return
-	}
-
-	results, err := impl.imageScanService.FetchScanExecutionListing(request, ids)
-	if err != nil {
-		impl.logger.Errorw("service err, ScanExecutionList", "err", err, "payload", request)
-		if util.IsErrNoRows(err) {
-			responseList := make([]*securityBean.ImageScanHistoryResponse, 0)
-			common.WriteJsonResp(w, nil, &securityBean.ImageScanHistoryListingResponse{ImageScanHistoryResponse: responseList}, http.StatusOK)
-		} else {
-			common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
-		}
-		return
-	}
-	common.WriteJsonResp(w, err, results, http.StatusOK)
+	return ids, nil
 }
 
 func (impl ImageScanRestHandlerImpl) FetchExecutionDetail(w http.ResponseWriter, r *http.Request) {

api/restHandler/ImageScanRestHandler.go

@@ -87,9 +87,23 @@ func (handler AppInfoRestHandlerImpl) GetAllLabels(w http.ResponseWriter, r *htt
 		common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized)
 		return
 	}
+	propagatedLabelsOnlyStr := r.URL.Query().Get("showPropagatedOnly")
+
+	var propagatedLabelsOnlyBool *bool
+	if propagatedLabelsOnlyStr != "" {
+		if val, err := strconv.ParseBool(propagatedLabelsOnlyStr); err == nil {
+			propagatedLabelsOnlyBool = &val
+		} else {
+			// Invalid boolean value provided, treat as null (nil)
+			propagatedLabelsOnlyBool = nil
+			handler.logger.Infow("Invalid 'showPropagatedOnly' value from quey params — defaulting to nil", propagatedLabelsOnlyStr)
+		}
+	}
+
 	token := r.Header.Get("token")
 	results := make([]*bean.AppLabelDto, 0)
-	labels, err := handler.appService.FindAll()
+
+	labels, err := handler.appService.FindAll(propagatedLabelsOnlyBool)
 	if err != nil {
 		handler.logger.Errorw("service err, GetAllLabels", "err", err)
 		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)

api/restHandler/app/appInfo/AppInfoRestHandler.go

@@ -2472,6 +2472,11 @@ func (handler *PipelineConfigRestHandlerImpl) ValidateExternalAppLinkRequest(w h
 		common.WriteJsonResp(w, err, response, http.StatusOK)
 		return
 		// handle helm deployment types
+	} else if request.DeploymentAppType == util.PIPELINE_DEPLOYMENT_TYPE_FLUX {
+		response := handler.pipelineBuilder.ValidateLinkFluxAppRequest(ctx, &request)
+		common.WriteJsonResp(w, err, response, http.StatusOK)
+		return
+		// handle helm deployment types
 	}
 	common.WriteJsonResp(w, errors.New("invalid deployment app type in request"), nil, http.StatusBadRequest)
 	return

api/restHandler/app/pipeline/configure/DeploymentPipelineRestHandler.go

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: devtron-operator
-appVersion: 1.6.0
+appVersion: 1.7.0
 description: Chart to configure and install Devtron. Devtron is a Kubernetes Orchestration system.
 keywords:
   - Devtron
@@ -11,7 +11,7 @@ keywords:
   - argocd
   - Hyperion
 engine: gotpl
-version: 0.22.94
+version: 0.22.95
 sources:
   - https://github.com/devtron-labs/charts
 dependencies: