diff --git a/helmfile.d/snippets/blackbox-targets.gotmpl b/helmfile.d/snippets/blackbox-targets.gotmpl index abec509eae..c7f59f9068 100644 --- a/helmfile.d/snippets/blackbox-targets.gotmpl +++ b/helmfile.d/snippets/blackbox-targets.gotmpl @@ -1,7 +1,6 @@ {{- $registry := list }} {{- range $s := .services }} - {{- $type := $s.type | default "auth" }} - {{- if and (eq $type "public") (not ($s | get "ksvc.scaleToZero" false)) }} + {{- if (not ($s | get "ksvc.scaleToZero" false)) }} {{- $host := (printf "%s-%s" $s.name $.teamId) }} {{- $svcDomain := ($s | get "domain" (printf "%s.%s" $host $.domain)) }} {{- $paths:= $s | get "paths" list }} diff --git a/helmfile.d/snippets/defaults.yaml b/helmfile.d/snippets/defaults.yaml index 00d67353a9..1122a8eed4 100644 --- a/helmfile.d/snippets/defaults.yaml +++ b/helmfile.d/snippets/defaults.yaml @@ -1350,4 +1350,4 @@ environments: version: main # TODO: update this when schema version changes versions: - specVersion: 38 + specVersion: 39 diff --git a/src/cmd/migrate.test.ts b/src/cmd/migrate.test.ts index f1553c60bd..6ae773ab3e 100644 --- a/src/cmd/migrate.test.ts +++ b/src/cmd/migrate.test.ts @@ -16,8 +16,8 @@ describe('Upgrading values', () => { teamConfig: { teamA: { services: [ - { name: 'svc1', prop: 'replaceMe', bla: [{ ok: 'replaceMe' }] }, - { name: 'svc1', prop: 'replaceMe', di: [{ ok: 'replaceMeNot' }] }, + { name: 'svc1', prop: 'replaceMe', bla: [{ ok: 'replaceMe' }], type: 'cluster' }, + { name: 'svc2', prop: 'replaceMe', di: [{ ok: 'replaceMeNot' }], type: 'public' }, ], }, }, @@ -43,11 +43,19 @@ describe('Upgrading values', () => { ], renamings: [{ 'somefile.yaml': 'newloc.yaml' }], }, + { + version: 4, + deletions: [ + // { 'some.k8sVersion': 'printf "v%s" .prev' }, + 'teamConfig.{team}.services[].type', + // { 'teamConfig.{team}.services[].bla[].ok': 'print .prev "ee"' }, + ], + }, ] describe('Filter changes', () => { it('should only select changes whose version >= current version', () => { - expect(filterChanges(oldVersion, mockChanges)).toEqual(mockChanges.slice(1, 3)) + expect(filterChanges(oldVersion, mockChanges)).toEqual(mockChanges.slice(1, 4)) }) }) describe('Apply changes to values', () => { @@ -66,12 +74,12 @@ describe('Upgrading values', () => { teamA: { services: [ { name: 'svc1', prop: 'replaced', bla: [{ ok: 'replaceMe' }] }, - { name: 'svc1', prop: 'replaced', di: [{ ok: 'replaceMeNot' }] }, + { name: 'svc2', prop: 'replaced', di: [{ ok: 'replaceMeNot' }] }, ], }, }, some: { bla: {}, k8sVersion: '1.18' }, - versions: { specVersion: 3 }, + versions: { specVersion: 4 }, }, true, ) diff --git a/src/cmd/migrate.ts b/src/cmd/migrate.ts index 01f9046b79..4734463829 100644 --- a/src/cmd/migrate.ts +++ b/src/cmd/migrate.ts @@ -513,14 +513,40 @@ export const applyChanges = async ( export const unparsePaths = (path: string, values: Record): Array => { if (path.includes('{team}')) { - const paths: Array = [] + let paths: Array = [] const teams: Array = Object.keys(values?.teamConfig as Record) teams.forEach((teamName) => paths.push(path.replace('{team}', teamName))) + paths = transformArrayToPaths(paths, values) return paths.sort() } else { - return [path] + const paths = transformArrayToPaths([path], values) + return paths } } + +function transformArrayToPaths(paths: string[], values: Record): string[] { + const transformedPaths: string[] = [] + + paths.forEach((path) => { + const match = path.match(/^(.*)\.(\w+)\[\](.*)$/) + if (!match) { + transformedPaths.push(path) + return + } + + const [, beforeArrayPath, arrayKey, afterArrayPath] = match + + const objectPath = beforeArrayPath.split('.').reduce((obj, key) => obj?.[key], values) + + if (objectPath && objectPath[arrayKey]) { + objectPath[arrayKey].forEach((_item: any, index: number) => { + transformedPaths.push(`${beforeArrayPath}.${arrayKey}[${index}]${afterArrayPath}`) + }) + } + }) + + return transformedPaths +} export const unsetAtPath = (path: string, values: Record): void => { const paths = unparsePaths(path, values) paths.forEach((p) => unset(values, p)) @@ -674,12 +700,10 @@ export const migrate = async (): Promise => { const versions = await loadYaml(`${env.ENV_DIR}/env/settings/versions.yaml`, { noError: true }) const prevVersion: number = versions?.spec?.specVersion if (!prevVersion) { - d.log('No changes detected, skipping') + d.log('No previous version detected') return false } - const filteredChanges = filterChanges(prevVersion, changes) - if (filteredChanges.length) { d.log( `Changes detected, migrating from ${prevVersion} to ${ diff --git a/src/common/values.ts b/src/common/values.ts index cee3e344de..1aef9c5c3e 100644 --- a/src/common/values.ts +++ b/src/common/values.ts @@ -102,6 +102,10 @@ export const getRepo = (values: Record): Repo => { return { remote, branch, email, username, password } } +function mergeCustomizer(prev, next) { + return next +} + let hasSops = false /** * Writes new values to a file. Will keep the original values if `overwrite` is `false`. @@ -121,9 +125,7 @@ export const writeValuesToFile = async ( const values = cloneDeep(inValues) const originalValues = (await loadYaml(targetPath + suffix, { noError: true })) ?? {} d.debug('originalValues: ', JSON.stringify(originalValues, null, 2)) - const mergeResult = mergeWith(cloneDeep(originalValues), values, (prev, next) => { - return next - }) + const mergeResult = mergeWith(cloneDeep(originalValues), values, mergeCustomizer) const cleanedValues = removeBlankAttributes(values) const cleanedMergeResult = removeBlankAttributes(mergeResult) if (((overwrite && isEmpty(cleanedValues)) || (!overwrite && isEmpty(cleanedMergeResult))) && isSecretsFile) { @@ -147,6 +149,7 @@ export const writeValuesToFile = async ( return } } + if (isEqual(originalValues, useValues)) { d.info(`No changes for ${targetPath}${suffix}, skipping...`) return diff --git a/tests/bootstrap/input-local-dev.yaml b/tests/bootstrap/input-local-dev.yaml index bc93d1fb1e..46122458ec 100644 --- a/tests/bootstrap/input-local-dev.yaml +++ b/tests/bootstrap/input-local-dev.yaml @@ -58,14 +58,12 @@ teamConfig: name: httpbin ownHost: true port: 80 - type: public - id: a106eb22-8c06-41b6-ab15-97aafb0888b5 ingressClassName: platform name: nginx-deployment ownHost: true paths: [] port: 80 - type: public - id: 91f6af98-ad8e-4111-b916-cf1b5bdcafb0 ingressClassName: platform ksvc: @@ -74,7 +72,6 @@ teamConfig: ownHost: true paths: [] port: 80 - type: public workloads: - name: nodejs-helloworld url: https://github.com/linode/apl-nodejs-helloworld.git diff --git a/tests/bootstrap/input.yaml b/tests/bootstrap/input.yaml index 158cb4a872..38d6a2bbde 100644 --- a/tests/bootstrap/input.yaml +++ b/tests/bootstrap/input.yaml @@ -57,14 +57,12 @@ teamConfig: name: httpbin ownHost: true port: 80 - type: public - id: a106eb22-8c06-41b6-ab15-97aafb0888b5 ingressClassName: platform name: nginx-deployment ownHost: true paths: [] port: 80 - type: public - id: 91f6af98-ad8e-4111-b916-cf1b5bdcafb0 ingressClassName: platform ksvc: @@ -73,7 +71,6 @@ teamConfig: ownHost: true paths: [] port: 80 - type: public workloads: - name: nodejs-helloworld url: https://github.com/linode/apl-nodejs-helloworld.git diff --git a/tests/fixtures/env/apps/loki.yaml b/tests/fixtures/env/apps/loki.yaml index 5451d59d0c..805bd6b040 100644 --- a/tests/fixtures/env/apps/loki.yaml +++ b/tests/fixtures/env/apps/loki.yaml @@ -3,6 +3,7 @@ metadata: name: loki labels: {} spec: + _rawValues: {} autoscaling: distributor: enabled: true @@ -94,4 +95,3 @@ spec: duration: 24h period: 24h v11StartDate: 2021-05-13T00:00:00.000Z - _rawValues: {} diff --git a/tests/fixtures/env/settings/versions.yaml b/tests/fixtures/env/settings/versions.yaml index f69b92836b..ddf191ad98 100644 --- a/tests/fixtures/env/settings/versions.yaml +++ b/tests/fixtures/env/settings/versions.yaml @@ -3,4 +3,4 @@ metadata: name: versions labels: {} spec: - specVersion: 35 + specVersion: 39 diff --git a/tests/fixtures/env/teams/admin/services/hello-admin.yaml b/tests/fixtures/env/teams/admin/services/hello-admin.yaml index cd45bcb680..ea3b4d9a17 100644 --- a/tests/fixtures/env/teams/admin/services/hello-admin.yaml +++ b/tests/fixtures/env/teams/admin/services/hello-admin.yaml @@ -8,4 +8,3 @@ spec: domain: hello.team-admin.dev.linode-apl.net ownHost: true port: 80 - type: public diff --git a/tests/fixtures/env/teams/admin/settings.yaml b/tests/fixtures/env/teams/admin/settings.yaml index 1256d34a29..3ce47d3ac7 100644 --- a/tests/fixtures/env/teams/admin/settings.yaml +++ b/tests/fixtures/env/teams/admin/settings.yaml @@ -4,21 +4,14 @@ metadata: labels: apl.io/teamId: admin spec: - managedMonitoring: - alertmanager: true - grafana: true - selfService: - teamMembers: - createServices: false - editSecurityPolicies: true - useCloudShell: true - downloadKubeconfig: false - downloadDockerLogin: false alerts: groupInterval: 5m receivers: - none repeatInterval: 3h + managedMonitoring: + alertmanager: true + grafana: true networkPolicy: egressPublic: true ingressPrivate: true @@ -27,3 +20,15 @@ spec: value: '50' - name: services.loadbalancers value: '0' + selfService: + apps: [] + policies: + - edit policies + service: + - ingress + teamMembers: + createServices: false + downloadDockerLogin: false + downloadKubeconfig: false + editSecurityPolicies: false + useCloudShell: false diff --git a/tests/fixtures/env/teams/demo/builds/demo-java1-v0-0-1.yaml b/tests/fixtures/env/teams/demo/builds/demo-java1-v0-0-1.yaml index 5d5a7dc9c4..0574ea6c30 100644 --- a/tests/fixtures/env/teams/demo/builds/demo-java1-v0-0-1.yaml +++ b/tests/fixtures/env/teams/demo/builds/demo-java1-v0-0-1.yaml @@ -5,14 +5,13 @@ metadata: apl.io/teamId: demo spec: externalRepo: false + imageName: demo-java1 mode: docker: path: ./Dockerfile repoUrl: https://github.com/buildpacks/samples revision: HEAD type: docker - name: demo-java1-v0-0-1 - imageName: demo-java1 scanSource: true tag: v0.0.1 trigger: false diff --git a/tests/fixtures/env/teams/demo/builds/demo-java2-v0-0-1.yaml b/tests/fixtures/env/teams/demo/builds/demo-java2-v0-0-1.yaml index 53e4d33b91..bf39dbfb32 100644 --- a/tests/fixtures/env/teams/demo/builds/demo-java2-v0-0-1.yaml +++ b/tests/fixtures/env/teams/demo/builds/demo-java2-v0-0-1.yaml @@ -5,6 +5,7 @@ metadata: apl.io/teamId: demo spec: externalRepo: false + imageName: demo-java2 mode: buildpacks: envVars: @@ -16,8 +17,6 @@ spec: repoUrl: https://github.com/buildpacks/samples revision: HEAD type: buildpacks - name: demo-java2-v0-0-1 - imageName: demo-java2 scanSource: false tag: v0.0.1 trigger: false diff --git a/tests/fixtures/env/teams/demo/builds/demo-java3-v0-0-1.yaml b/tests/fixtures/env/teams/demo/builds/demo-java3-v0-0-1.yaml index 6f09ce3854..31b520bded 100644 --- a/tests/fixtures/env/teams/demo/builds/demo-java3-v0-0-1.yaml +++ b/tests/fixtures/env/teams/demo/builds/demo-java3-v0-0-1.yaml @@ -5,6 +5,7 @@ metadata: apl.io/teamId: demo spec: externalRepo: true + imageName: demo-java3 mode: docker: envVars: @@ -16,8 +17,6 @@ spec: repoUrl: https://github.com/buildpacks/samples revision: HEAD type: docker - name: demo-java3-v0-0-1 - imageName: demo-java3 scanSource: true secretName: my-secret tag: v0.0.1 diff --git a/tests/fixtures/env/teams/demo/services/has-cert-svc.yaml b/tests/fixtures/env/teams/demo/services/has-cert-svc.yaml index da1b06945b..14e7227133 100644 --- a/tests/fixtures/env/teams/demo/services/has-cert-svc.yaml +++ b/tests/fixtures/env/teams/demo/services/has-cert-svc.yaml @@ -7,4 +7,3 @@ spec: hasCert: true paths: - /jeho - type: public diff --git a/tests/fixtures/env/teams/demo/services/hello-auth.yaml b/tests/fixtures/env/teams/demo/services/hello-auth.yaml index 05b335aa42..c58f79043b 100644 --- a/tests/fixtures/env/teams/demo/services/hello-auth.yaml +++ b/tests/fixtures/env/teams/demo/services/hello-auth.yaml @@ -10,4 +10,3 @@ spec: ownHost: true paths: [] port: 80 - type: public diff --git a/tests/fixtures/env/teams/demo/services/hello-blue-green.yaml b/tests/fixtures/env/teams/demo/services/hello-blue-green.yaml index 9f6435205a..0b8b7085b9 100644 --- a/tests/fixtures/env/teams/demo/services/hello-blue-green.yaml +++ b/tests/fixtures/env/teams/demo/services/hello-blue-green.yaml @@ -14,5 +14,4 @@ spec: enabled: true weightV1: 90 weightV2: 10 - type: public useCname: false diff --git a/tests/fixtures/env/teams/demo/services/hello.yaml b/tests/fixtures/env/teams/demo/services/hello.yaml index 4656ca6663..f6a4212ea8 100644 --- a/tests/fixtures/env/teams/demo/services/hello.yaml +++ b/tests/fixtures/env/teams/demo/services/hello.yaml @@ -25,5 +25,4 @@ spec: enabled: true weightV1: 70 weightV2: 30 - type: public useCname: true diff --git a/tests/fixtures/env/teams/demo/services/service-a.yaml b/tests/fixtures/env/teams/demo/services/service-a.yaml index 8fb3ffc93e..78330b22e1 100644 --- a/tests/fixtures/env/teams/demo/services/service-a.yaml +++ b/tests/fixtures/env/teams/demo/services/service-a.yaml @@ -3,5 +3,4 @@ metadata: name: service-a labels: apl.io/teamId: demo -spec: - type: cluster +spec: {} diff --git a/tests/fixtures/env/teams/demo/services/service-b.yaml b/tests/fixtures/env/teams/demo/services/service-b.yaml deleted file mode 100644 index 898203adcd..0000000000 --- a/tests/fixtures/env/teams/demo/services/service-b.yaml +++ /dev/null @@ -1,7 +0,0 @@ -kind: AplTeamService -metadata: - name: service-b - labels: - apl.io/teamId: demo -spec: - type: cluster diff --git a/tests/fixtures/env/teams/demo/services/service-d.yaml b/tests/fixtures/env/teams/demo/services/service-d.yaml deleted file mode 100644 index 4d8037a580..0000000000 --- a/tests/fixtures/env/teams/demo/services/service-d.yaml +++ /dev/null @@ -1,7 +0,0 @@ -kind: AplTeamService -metadata: - name: service-d - labels: - apl.io/teamId: demo -spec: - type: cluster diff --git a/tests/fixtures/env/teams/demo/services/service-e.yaml b/tests/fixtures/env/teams/demo/services/service-e.yaml index 30c2060704..b188cc9772 100644 --- a/tests/fixtures/env/teams/demo/services/service-e.yaml +++ b/tests/fixtures/env/teams/demo/services/service-e.yaml @@ -23,5 +23,4 @@ spec: enabled: true weightV1: 50 weightV2: 50 - type: public useCname: true diff --git a/tests/fixtures/env/teams/demo/services/some-svc.yaml b/tests/fixtures/env/teams/demo/services/some-svc.yaml deleted file mode 100644 index 8563064875..0000000000 --- a/tests/fixtures/env/teams/demo/services/some-svc.yaml +++ /dev/null @@ -1,8 +0,0 @@ -kind: AplTeamService -metadata: - name: some-svc - labels: - apl.io/teamId: demo -spec: - port: 80 - type: cluster diff --git a/tests/fixtures/env/teams/demo/services/tlspass.yaml b/tests/fixtures/env/teams/demo/services/tlspass.yaml index d0eb63679f..f822ecafef 100644 --- a/tests/fixtures/env/teams/demo/services/tlspass.yaml +++ b/tests/fixtures/env/teams/demo/services/tlspass.yaml @@ -8,4 +8,3 @@ spec: predeployed: true port: 443 tlsPass: true - type: public diff --git a/tests/fixtures/env/teams/demo/settings.yaml b/tests/fixtures/env/teams/demo/settings.yaml index 5305e61083..00dcb873b9 100644 --- a/tests/fixtures/env/teams/demo/settings.yaml +++ b/tests/fixtures/env/teams/demo/settings.yaml @@ -5,14 +5,13 @@ metadata: apl.io/teamId: demo spec: alerts: + groupInterval: 5m receivers: - slack repeatInterval: 3h slack: channel: aaaaa channelCrit: aaaaa - url: https://slack.con - groupInterval: 5m managedMonitoring: alertmanager: true grafana: true @@ -27,9 +26,14 @@ spec: - name: services.loadbalancers value: '0' selfService: + apps: [] + policies: + - edit policies + service: + - ingress teamMembers: - createServices: true - editSecurityPolicies: true - useCloudShell: true - downloadKubeconfig: false + createServices: false downloadDockerLogin: false + downloadKubeconfig: false + editSecurityPolicies: false + useCloudShell: false diff --git a/tests/fixtures/env/teams/dev/settings.yaml b/tests/fixtures/env/teams/dev/settings.yaml index a71eeed4db..522389e73a 100644 --- a/tests/fixtures/env/teams/dev/settings.yaml +++ b/tests/fixtures/env/teams/dev/settings.yaml @@ -4,27 +4,31 @@ metadata: labels: apl.io/teamId: dev spec: + alerts: + groupInterval: 5m + receivers: + - none + repeatInterval: 3h managedMonitoring: alertmanager: true grafana: true networkPolicy: egressPublic: false ingressPrivate: true - selfService: - teamMembers: - createServices: false - editSecurityPolicies: true - useCloudShell: true - downloadKubeconfig: false - downloadDockerLogin: false - password: IkdUsKPcGAdanjas - alerts: - groupInterval: 5m - receivers: - - none - repeatInterval: 3h resourceQuota: - name: pods value: '50' - name: services.loadbalancers value: '0' + selfService: + apps: [] + policies: + - edit policies + service: + - ingress + teamMembers: + createServices: false + downloadDockerLogin: false + downloadKubeconfig: false + editSecurityPolicies: false + useCloudShell: false diff --git a/tests/fixtures/env/users/secrets.23d63558-49ed-48ba-bc28-8037a7236ddf.yaml b/tests/fixtures/env/users/secrets.23d63558-49ed-48ba-bc28-8037a7236ddf.yaml index 9b672ed1fd..6576468c59 100644 --- a/tests/fixtures/env/users/secrets.23d63558-49ed-48ba-bc28-8037a7236ddf.yaml +++ b/tests/fixtures/env/users/secrets.23d63558-49ed-48ba-bc28-8037a7236ddf.yaml @@ -1,7 +1,6 @@ kind: AplUser metadata: name: 23d63558-49ed-48ba-bc28-8037a7236ddf - labels: {} spec: email: team@admin.com firstName: team @@ -11,4 +10,3 @@ spec: lastName: admin teams: - demo - name: 23d63558-49ed-48ba-bc28-8037a7236ddf diff --git a/tests/fixtures/env/users/secrets.9a3a478b-a747-4b4a-be69-a9abf1979df2.yaml b/tests/fixtures/env/users/secrets.9a3a478b-a747-4b4a-be69-a9abf1979df2.yaml index 0217ff6653..839049b33f 100644 --- a/tests/fixtures/env/users/secrets.9a3a478b-a747-4b4a-be69-a9abf1979df2.yaml +++ b/tests/fixtures/env/users/secrets.9a3a478b-a747-4b4a-be69-a9abf1979df2.yaml @@ -1,7 +1,6 @@ kind: AplUser metadata: name: 9a3a478b-a747-4b4a-be69-a9abf1979df2 - labels: {} spec: email: team@member.com firstName: team @@ -11,4 +10,3 @@ spec: lastName: member teams: - demo - name: 9a3a478b-a747-4b4a-be69-a9abf1979df2 diff --git a/tests/fixtures/env/users/secrets.a83e20b7-474a-4262-a3ad-b09813364ece.yaml b/tests/fixtures/env/users/secrets.a83e20b7-474a-4262-a3ad-b09813364ece.yaml index 6d6f077461..a489101d4f 100644 --- a/tests/fixtures/env/users/secrets.a83e20b7-474a-4262-a3ad-b09813364ece.yaml +++ b/tests/fixtures/env/users/secrets.a83e20b7-474a-4262-a3ad-b09813364ece.yaml @@ -8,4 +8,3 @@ spec: isPlatformAdmin: true isTeamAdmin: true lastName: admin - name: a83e20b7-474a-4262-a3ad-b09813364ece diff --git a/tests/fixtures/env/users/secrets.bc2fe5b1-835c-4998-ad64-e15d90062b16.yaml b/tests/fixtures/env/users/secrets.bc2fe5b1-835c-4998-ad64-e15d90062b16.yaml new file mode 100644 index 0000000000..e0fc2601d6 --- /dev/null +++ b/tests/fixtures/env/users/secrets.bc2fe5b1-835c-4998-ad64-e15d90062b16.yaml @@ -0,0 +1,10 @@ +kind: AplUser +metadata: + name: bc2fe5b1-835c-4998-ad64-e15d90062b16 +spec: + email: platform-admin@dev.linode-apl.net + firstName: platform + lastName: admin + isPlatformAdmin: true + isTeamAdmin: false + initialPassword: 02LDWB#qzknkeF8f*m%% diff --git a/tests/integration/full.yaml b/tests/integration/full.yaml index 1f79d99328..1b3243cf29 100644 --- a/tests/integration/full.yaml +++ b/tests/integration/full.yaml @@ -80,7 +80,6 @@ teamConfig: ownHost: true paths: [] port: 80 - type: public secrets: - entries: - HELLO diff --git a/tests/integration/minimal-with-team.yaml b/tests/integration/minimal-with-team.yaml index c30872477d..c98b63d3e8 100644 --- a/tests/integration/minimal-with-team.yaml +++ b/tests/integration/minimal-with-team.yaml @@ -55,14 +55,12 @@ teamConfig: name: httpbin ownHost: true port: 80 - type: public - id: a106eb22-8c06-41b6-ab15-97aafb0888b5 ingressClassName: platform name: nginx-deployment ownHost: true paths: [] port: 80 - type: public - id: 91f6af98-ad8e-4111-b916-cf1b5bdcafb0 ingressClassName: platform ksvc: @@ -71,7 +69,6 @@ teamConfig: ownHost: true paths: [] port: 80 - type: public workloads: - name: nodejs-helloworld url: https://github.com/linode/apl-nodejs-helloworld.git diff --git a/tests/integration/monitoring-with-team.yaml b/tests/integration/monitoring-with-team.yaml index 4c992950d2..bfd3bb68a8 100644 --- a/tests/integration/monitoring-with-team.yaml +++ b/tests/integration/monitoring-with-team.yaml @@ -63,7 +63,6 @@ teamConfig: mode: DenyAll ownHost: true port: 80 - type: public workloads: - name: petclinic path: otomi-deployment diff --git a/tests/integration/upgrade.yaml b/tests/integration/upgrade.yaml index 633e476550..efddef0c4a 100644 --- a/tests/integration/upgrade.yaml +++ b/tests/integration/upgrade.yaml @@ -90,7 +90,6 @@ teamConfig: mode: DenyAll ownHost: true port: 80 - type: public - id: a106eb22-8c06-41b6-ab15-97aafb0888b5 ingressClassName: platform name: nginx-deployment @@ -100,7 +99,6 @@ teamConfig: ownHost: true paths: [] port: 80 - type: public - id: 91f6af98-ad8e-4111-b916-cf1b5bdcafb0 ingressClassName: platform ksvc: @@ -112,7 +110,6 @@ teamConfig: ownHost: true paths: [] port: 80 - type: public workloads: - name: nodejs-helloworld url: https://github.com/linode/apl-nodejs-helloworld.git diff --git a/tests/network-policies/env/teams/services.a1.yaml b/tests/network-policies/env/teams/services.a1.yaml index 59a8d18fbf..6294523a39 100644 --- a/tests/network-policies/env/teams/services.a1.yaml +++ b/tests/network-policies/env/teams/services.a1.yaml @@ -3,76 +3,28 @@ teamConfig: services: - name: ce1 port: 8080 - networkPolicy: - ingressPrivate: - mode: DenyAll - egressPublic: - - domain: 'httpbin.org' - ports: - - protocol: HTTPS - number: 443 - - domain: '116.203.255.68' - ports: - - protocol: TCP - number: 443 id: 2bb00d03-7d9d-4590-961c-425423291a35 - type: cluster - name: ce2 port: 8080 id: 2bb00d03-7d9d-4590-961c-425423291a34 - type: cluster - name: s1 port: 8080 id: 6c901b91-e8a4-4422-8c9e-b12e077692f1 - type: cluster - networkPolicy: - ingressPrivate: - mode: AllowAll - name: s2 port: 8080 id: 6c901b91-e8a4-4422-8c9e-b12e077692f2 - type: cluster - networkPolicy: - ingressPrivate: - mode: AllowOnly - allow: - - team: a1 - name: s3 port: 8080 id: 6c901b91-e8a4-4422-8c9e-b12e077692f3 - type: cluster - networkPolicy: - ingressPrivate: - mode: AllowOnly - allow: - - team: a2 - name: s4 port: 8080 id: 6c901b91-e8a4-4422-8c9e-b12e077692f4 - type: cluster - networkPolicy: - ingressPrivate: - mode: DenyAll - name: s5 port: 8080 id: 6c901b91-e8a4-4422-8c9e-b12e077692f5 - type: cluster - networkPolicy: - ingressPrivate: - mode: AllowOnly - allow: - - team: a1 - - team: a2 - name: s6 port: 8080 id: 6c901b91-e8a4-4422-8c9e-b12e077692f6 - type: cluster - networkPolicy: - ingressPrivate: - mode: AllowOnly - allow: - - team: a1 - service: c6 - name: s7 id: 6d4a4710-f7ac-4586-9940-7969cfe30b67 ksvc: @@ -93,10 +45,3 @@ teamConfig: memory: 64Mi containerPort: 8080 ownHost: true - type: public - networkPolicy: - ingressPrivate: - mode: AllowOnly - allow: - - team: a1 - service: c7 diff --git a/values-changes.yaml b/values-changes.yaml index c9145e6ca0..184d376d50 100644 --- a/values-changes.yaml +++ b/values-changes.yaml @@ -353,3 +353,6 @@ changes: - env/teams/{team}/policies.yaml - version: 38 teamSettingsMigration: true + - version: 39 + deletions: + - 'teamConfig.{team}.services[].type' diff --git a/values-schema.yaml b/values-schema.yaml index da3b923f62..886f73015b 100644 --- a/values-schema.yaml +++ b/values-schema.yaml @@ -1043,14 +1043,6 @@ definitions: tlsSecretName: description: Kubernetes secret name of type TLS (not required if the tlsPass flag is set to true). $ref: '#/definitions/idName' - type: - nullable: true - default: public - description: Will determine the ingress routing. - enum: - - public - - cluster - type: string removeRequestHeaders: description: >- Strip selected headers from HTTP request. @@ -1059,7 +1051,6 @@ definitions: type: string required: - name - - type size: description: Disk size. Valid units are E|P|T|G|Ti|Gi. examples: diff --git a/values/oauth2-proxy/oauth2-proxy.gotmpl b/values/oauth2-proxy/oauth2-proxy.gotmpl index 174ba85883..653c5ee375 100644 --- a/values/oauth2-proxy/oauth2-proxy.gotmpl +++ b/values/oauth2-proxy/oauth2-proxy.gotmpl @@ -23,8 +23,7 @@ resources: {{- $oauth2.resources | toYaml | nindent 2 }} {{- range $teamId, $team := $v.teamConfig }} {{- if hasKey $team "services" }} {{- range $s := $team.services }} - {{- $type := $s.type | default "auth" }} - {{- if and (hasKey $s "domain") (not (eq $type "public")) }} + {{- if (hasKey $s "domain")}} {{- if and (not (has $s.domain $domains)) (not (contains $v.cluster.domainSuffix $s.domain)) }} {{- $domains = append $domains $s.domain }} {{- end }}