squash

Author: nvanthao

applications/wg-easy/README.md

@@ -55,22 +55,21 @@ Use tools to automate repetitive tasks, reducing human error and increasing deve
 
 ```
 applications/wg-easy/
-├── charts/templates/           # Common templates shared across charts
-├── cert-manager/               # Wrapped cert-manager chart
-├── cert-manager-issuers/       # Chart for cert-manager issuers
+├── charts
+│   ├── cert-manager            # Wrapped cert-manager chart
+│   ├── cert-manager-issuers    # Chart for cert-manager issuers
+│   ├── replicated-sdk          # Replicated SDK chart
+│   ├── templates               # Common templates shared across charts
+│   ├── traefik                 # Wrapped Traefik chart
+│   └── wg-easy                 # Main application chart
 ├── replicated/                 # Root Replicated configuration
-├── replicated-sdk/             # Replicated SDK chart
 ├── taskfiles/                  # Task utility functions
-├── traefik/                    # Wrapped Traefik chart
-├── wg-easy/                    # Main application chart
 ├── helmfile.yaml               # Defines chart installation order
 └── Taskfile.yaml               # Main task definitions
 ```
 
 ## Architecture Overview
 
-![Architecture Diagram](docs/architecture.png)
-
 Key components:
 - **Taskfile**: Orchestrates the workflow with automated tasks
 - **Helmfile**: Manages chart dependencies and installation order

applications/wg-easy/Taskfile.yaml

@@ -7,6 +7,12 @@ includes:
 vars:
   # Application configuration
   APP_NAME: '{{.REPLICATED_APP | default "wg-easy"}}'
+  APP_SLUG: '{{.REPLICATED_APP_SLUG | default "wg-easy-cre"}}'
+
+  # Release configuration
+  RELEASE_CHANNELd: '{{.RELEASE_CHANNEL | default "Unstable"}}'
+  RELEASE_VERSION: '{{.RELEASE_VERSION | default "0.0.1"}}'
+  RELEASE_NOTES: '{{.RELEASE_NOTES | default "Release created via task release-create"}}'
 
   # Cluster configuration
   CLUSTER_NAME: '{{.CLUSTER_NAME | default "test-cluster"}}'
@@ -38,8 +44,9 @@ vars:
 tasks:
   default:
     desc: Show available tasks
+    silent: true
     cmds:
-      - task -s --list
+      - task --list
 
   cluster-create:
     desc: Create a test cluster using Replicated Compatibility Matrix (use EMBEDDED=true for embedded clusters)
@@ -49,24 +56,24 @@ tasks:
       EMBEDDED: '{{.EMBEDDED | default "false"}}'
       LICENSE_ID: '{{if eq .EMBEDDED "true"}}{{.LICENSE_ID | default "2cmqT1dBVHZ3aSH21kPxWtgoYGr"}}{{end}}'
       TIMEOUT: '{{if eq .EMBEDDED "true"}}420{{else}}300{{end}}'
+      TTL: '{{.TTL | default "4h"}}'
     status:
       - replicated cluster ls --output json | jq -e '.[] | select(.name == "{{.CLUSTER_NAME}}")' > /dev/null
     cmds:
       - |
         if [ "{{.EMBEDDED}}" = "true" ]; then
           echo "Creating embedded cluster {{.CLUSTER_NAME}} with license ID {{.LICENSE_ID}}..."
-          replicated cluster create --distribution embedded-cluster --name {{.CLUSTER_NAME}} --license-id {{.LICENSE_ID}}
+          replicated cluster create --distribution embedded-cluster --name {{.CLUSTER_NAME}} --license-id {{.LICENSE_ID}} --ttl {{.TTL}}
         else
           echo "Creating cluster {{.CLUSTER_NAME}} with distribution {{.DISTRIBUTION}}..."
-          replicated cluster create --name {{.CLUSTER_NAME}} --distribution {{.DISTRIBUTION}} --version {{.K8S_VERSION}} --disk {{.DISK_SIZE}} --instance-type {{.INSTANCE_TYPE}}
+          replicated cluster create --name {{.CLUSTER_NAME}} --distribution {{.DISTRIBUTION}} --version {{.K8S_VERSION}} --disk {{.DISK_SIZE}} --instance-type {{.INSTANCE_TYPE}} --ttl {{.TTL}}
         fi
       - task: utils:wait-for-cluster
         vars:
           TIMEOUT: "{{.TIMEOUT}}"
 
-  list-cluster:
+  cluster-list:
     desc: List the cluster
-    silent: false
     cmds:
       - |
         CLUSTER_ID=$(replicated cluster ls --output json | jq -r '.[] | select(.name == "{{.CLUSTER_NAME}}") | .id')
@@ -82,7 +89,6 @@ tasks:
       - sleep 5
       - echo "Tests completed!"
 
-
   verify-kubeconfig:
     desc: Verify kubeconfig
     silent: false
@@ -126,18 +132,19 @@ tasks:
   dependencies-update:
     desc: Update Helm dependencies for all charts
     silent: false
+    run: once
     cmds:
       - echo "Updating Helm dependencies for all charts..."
       - |
         # Find all charts and update their dependencies
-        for chart_dir in $(find . -maxdepth 2 -name "Chart.yaml" | xargs dirname); do
+        for chart_dir in $(find charts/ -maxdepth 2 -name "Chart.yaml" | xargs dirname); do
           echo "Updating dependency $chart_dir"
-          helm dependency update "$chart_dir"
+          helm dependency update --skip-refresh "$chart_dir"
         done
       - echo "All dependencies updated!"
 
-  ports-expose:
-    desc: Expose configured ports and capture exposed URLs
+  cluster-ports-expose:
+    desc: Expose configured ports for a cluster and capture exposed URLs
     silent: false
     run: once
     status:
@@ -165,8 +172,8 @@ tasks:
     deps:
       - cluster-create
 
-  helm-deploy:
-    desc: Deploy all charts using helmfile
+  helm-install:
+    desc: Install all charts using helmfile
     silent: false
     cmds:
       - echo "Installing all charts via helmfile"
@@ -184,11 +191,10 @@ tasks:
         # Deploy with helmfile
         echo "Using $ENV_VARS"
         eval "KUBECONFIG={{.KUBECONFIG_FILE}} $ENV_VARS helmfile sync --wait"
-      - echo "All charts deployed!"
+      - echo "All charts installed!"
     deps:
       - setup-kubeconfig
-      - ports-expose
-
+      - cluster-ports-expose
 
   cluster-delete:
     desc: Delete all test clusters with matching name and clean up kubeconfig
@@ -270,33 +276,83 @@ tasks:
       - echo "Packaging Helm charts..."
       - |
         # Find top-level directories containing Chart.yaml files
-        for chart_dir in $(find . -maxdepth 2 -name "Chart.yaml" | xargs dirname); do
+        for chart_dir in $(find charts/ -maxdepth 2 -name "Chart.yaml" | xargs dirname); do
           echo "Packaging chart: $chart_dir"
           # Navigate to chart directory, package it, and move the resulting .tgz to release folder
-          (cd "$chart_dir" && helm package . && mv *.tgz ../release/)
+          (cd "$chart_dir" && helm package . && mv *.tgz ../../release/)
         done
 
       - echo "Release files prepared in ./release/ directory"
     deps:
-      - update-version
-
+      - dependencies-update
 
   release-create:
     desc: Create and promote a release using the Replicated CLI
     silent: false
+    run: once
     vars:
       CHANNEL: '{{.CHANNEL | default "Unstable"}}'
+      VERSION: '{{.VERSION | default "0.0.1"}}'
       RELEASE_NOTES: '{{.RELEASE_NOTES | default "Release created via task release-create"}}'
+    requires:
+      vars: [APP_SLUG, VERSION]
     cmds:
-      - echo "Creating and promoting release for $APP_NAME to channel $CHANNEL..."
+      - echo "Creating and promoting release for {{.APP_SLUG}} to channel {{.CHANNEL}}..."
       - |
         # Create and promote the release in one step
         echo "Creating release from files in ./release directory..."
-        replicated release create --app $APP_NAME --yaml-dir ./release --release-notes "$RELEASE_NOTES" --promote $CHANNEL --version $VERSION
-        echo "Release version $VERSION created and promoted to channel $CHANNEL"
+        replicated release create --app {{.APP_SLUG}} --yaml-dir ./release --release-notes "{{.RELEASE_NOTES}}" --promote {{.CHANNEL}} --version {{.VERSION}}
+        echo "Release version {{.VERSION}} created and promoted to channel {{.CHANNEL}}"
     deps:
       - release-prepare
 
+  customer-create:
+    desc: Create a new customer or get existing customer with matching name and return their ID
+    silent: false
+    run: once
+    vars:
+      CUSTOMER_NAME: '{{.CUSTOMER_NAME | default "test-customer"}}'
+      CUSTOMER_EMAIL: '{{.CUSTOMER_EMAIL | default "[email protected]"}}'
+      CHANNEL: '{{.CHANNEL | default "Unstable"}}'
+      LICENSE_TYPE: '{{.LICENSE_TYPE | default "dev"}}'
+      EXPIRES_IN: '{{.EXPIRES_IN | default ""}}'
+    requires:
+      vars: [APP_SLUG]
+    cmds:
+      - |
+        # First check if customer already exists
+        echo "Looking for existing customer {{.CUSTOMER_NAME}} for app {{.APP_SLUG}}..."
+        EXISTING_CUSTOMER=$(replicated customer ls --app {{.APP_SLUG}} --output json | jq -r '.[] | select(.name=="{{.CUSTOMER_NAME}}") | .id' | head -1)
+
+        if [ -n "$EXISTING_CUSTOMER" ]; then
+          echo "Found existing customer {{.CUSTOMER_NAME}} with ID: $EXISTING_CUSTOMER"
+          echo "$EXISTING_CUSTOMER"
+          exit 0
+        fi
+
+        # No existing customer found, create a new one
+        echo "Creating new customer {{.CUSTOMER_NAME}} for app {{.APP_SLUG}}..."
+
+        # Build the command with optional expiration
+        CMD="replicated customer create \
+          --app {{.APP_SLUG}} \
+          --name {{.CUSTOMER_NAME}} \
+          --email {{.CUSTOMER_EMAIL}} \
+          --channel {{.CHANNEL}} \
+          --type {{.LICENSE_TYPE}} \
+          --output json"
+
+        # Add expiration if specified
+        if [ -n "{{.EXPIRES_IN}}" ]; then
+          CMD="$CMD --expires-in {{.EXPIRES_IN}}"
+        fi
+
+        # Create the customer and capture the output
+        CUSTOMER_JSON=$($CMD)
+
+        # Extract and output just the customer ID
+        echo "$CUSTOMER_JSON" | jq -r '.id'
+
   gcp-vm-create:
     desc: Create a simple GCP VM instance
     silent: false
@@ -342,26 +398,91 @@ tasks:
     status:
       - |
         # Check if the application tarball has already been downloaded and extracted
-        gcloud compute ssh {{.VM_NAME}} --project={{.GCP_PROJECT}} --zone={{.GCP_ZONE}} --command="test -d ./{{.APP_NAME}}" &>/dev/null
+        gcloud compute ssh {{.VM_NAME}} --project={{.GCP_PROJECT}} --zone={{.GCP_ZONE}} --command="test -d ./{{.APP_SLUG}}" &>/dev/null
     cmds:
       - task: utils:gcp-operations
         vars:
           OPERATION: "setup-embedded"
-          APP_NAME: '{{.APP_NAME}}'
+          APP_SLUG: '{{.APP_SLUG}}'
           CHANNEL: '{{.CHANNEL}}'
           AUTH_TOKEN: '{{.AUTH_TOKEN}}'
           GCP_PROJECT: '{{.GCP_PROJECT}}'
           GCP_ZONE: '{{.GCP_ZONE}}'
           VM_NAME: '{{.VM_NAME}}'
 
+  customer-ls:
+    desc: List customers for the application
+    silent: false
+    vars:
+      OUTPUT_FORMAT: '{{.OUTPUT_FORMAT | default "table"}}'
+    requires:
+      vars: [APP_SLUG]
+    cmds:
+      - echo "Listing customers for app {{.APP_SLUG}}..."
+      - replicated customer ls --app {{.APP_SLUG}} --output {{.OUTPUT_FORMAT}}
+
+  customer-delete:
+    desc: Archive a customer by ID
+    silent: false
+    vars:
+      CUSTOMER_ID: '{{.CUSTOMER_ID}}'
+    requires:
+      vars: [APP_SLUG, CUSTOMER_ID]
+    cmds:
+      - echo "Archiving customer with ID {{.CUSTOMER_ID}} from app {{.APP_SLUG}}..."
+      - |
+        # Verify customer exists before attempting to archive
+        CUSTOMER_EXISTS=$(replicated customer ls --app {{.APP_SLUG}} --output json | jq -r '.[] | select(.id=="{{.CUSTOMER_ID}}") | .id')
+        if [ -z "$CUSTOMER_EXISTS" ]; then
+          echo "Error: Customer with ID {{.CUSTOMER_ID}} not found for app {{.APP_SLUG}}"
+          exit 1
+        fi
+
+        # Get customer name for confirmation message
+        CUSTOMER_NAME=$(replicated customer ls --app {{.APP_SLUG}} --output json | jq -r '.[] | select(.id=="{{.CUSTOMER_ID}}") | .name')
+
+        # Archive the customer
+        replicated customer archive {{.CUSTOMER_ID}} --app {{.APP_SLUG}}
+
+        # Confirm archiving
+        echo "Customer '$CUSTOMER_NAME' (ID: {{.CUSTOMER_ID}}) successfully archived"
+
+  clean:
+    desc: Remove temporary Helm directories, chart dependencies, and release folder
+    silent: false
+    cmds:
+      - echo "Cleaning temporary directories and dependencies..."
+      - |
+        # Remove the release directory
+        if [ -d "./release" ]; then
+          echo "Removing release directory..."
+          rm -rf ./release
+        fi
+
+        # Find and remove tmpcharts-* directories in charts/
+        echo "Removing temporary chart directories..."
+        find charts/ -type d -name "tmpcharts-*" -print
+        find charts/ -type d -name "tmpcharts-*" -exec rm -rf {} \; 2>/dev/null || true
+
+        # Clean up chart dependencies (.tgz files) in charts/*/charts/
+        echo "Removing chart dependencies..."
+        find charts/ -path "*/charts/*.tgz" -type f -print
+        find charts/ -path "*/charts/*.tgz" -type f -delete
+
+        # Clean up any tmpcharts directories in subdirectories
+        echo "Cleaning up any remaining tmpcharts directories..."
+        find . -type d -name "tmpcharts-*" -print
+        find . -type d -name "tmpcharts-*" -exec rm -rf {} \; 2>/dev/null || true
+      - echo "Cleaning complete!"
+
   full-test-cycle:
     desc: Create cluster, get kubeconfig, expose ports, update dependencies, deploy charts, test, and delete
     silent: false
     cmds:
       - task: cluster-create
       - task: setup-kubeconfig
-      - task: ports-expose
+      - task: cluster-ports-expose
       - task: dependencies-update
-      - task: helm-deploy
+      - task: helm-install
       - task: test
       - task: cluster-delete

applications/wg-easy/cert-manager/templates/secret-preflights.yaml

@@ -0,0 +1,28 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: cert-manager-preflights
+  labels:
+    troubleshoot.sh/kind: preflight
+type: Opaque
+stringData:
+  preflight.yaml: |
+    apiVersion: troubleshoot.sh/v1beta2
+    kind: Preflight
+    metadata:
+      name: cert-manager-preflights
+    spec:
+      analyzers:
+        # https://github.com/cert-manager/cert-manager/blob/master/deploy/charts/cert-manager/README.template.md#prerequisites
+        - clusterVersion:
+            outcomes:
+              - fail:
+                  when: "< 1.22.0"
+                  message: The application requires at least Kubernetes 1.22.0, and recommends 1.25.0.
+                  uri: https://kubernetes.io
+              - warn:
+                  when: "< 1.25.0"
+                  message: Your cluster meets the minimum version of Kubernetes, but we recommend you update to 1.25.0 or later.
+                  uri: https://kubernetes.io
+              - pass:
+                  message: Your cluster meets the recommended and required versions of Kubernetes.

applications/wg-easy/container/Containerfile

@@ -17,7 +17,6 @@ RUN apt-get update && apt-get install -y \
     curl \
     jq \
     less \
-    yq \
     gnupg \
     bash-completion \
 
@@ -56,7 +55,19 @@ RUN curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | b
     | cut -d : -f 2,3 \
     | tr -d \") -o replicated.tar.gz \
     && tar xf replicated.tar.gz replicated && rm replicated.tar.gz \
-    && mv replicated /usr/local/bin/replicated
+    && mv replicated /usr/local/bin/replicated \
+    
+    # Install Preflight CLI
+    && curl -Ls https://github.com/replicatedhq/troubleshoot/releases/latest/download/preflight_linux_amd64.tar.gz -o preflight.tar.gz \
+    && tar xf preflight.tar.gz preflight && rm preflight.tar.gz \
+    && mv preflight /usr/local/bin/preflight \
+
+    # Install yq
+    && BINARY=yq_linux_amd64 \
+    && VERSION=v4.45.1 \
+    && curl -Ls https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY}.tar.gz -O \
+    && tar xf ${BINARY}.tar.gz && rm ${BINARY}.tar.gz \
+    && mv ${BINARY} /usr/local/bin/yq
 
 # Create a non-root user for better security
 RUN groupadd -r devuser && useradd -r -g devuser -m -s /bin/bash devuser