From 1c8f8cfafa6f1f750de94f0ba33bea5bfa4b9524 Mon Sep 17 00:00:00 2001 From: Nyambati Thomas <12892110+nyambati@users.noreply.github.com> Date: Tue, 12 Mar 2024 11:31:55 +0100 Subject: [PATCH 1/5] add deadline and ttl second specs --- .../templates/allocation-assets-reports.yaml | 2 ++ stable/kubecost-reports-exporter/values.yaml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/stable/kubecost-reports-exporter/templates/allocation-assets-reports.yaml b/stable/kubecost-reports-exporter/templates/allocation-assets-reports.yaml index 43e159be..e94f59a7 100644 --- a/stable/kubecost-reports-exporter/templates/allocation-assets-reports.yaml +++ b/stable/kubecost-reports-exporter/templates/allocation-assets-reports.yaml @@ -59,4 +59,6 @@ spec: - name: KUBECOST_DIAGNOSTICS_URL value: {{ required "Kubecost reports url is a required value" $.Values.kubecost.diagnosticsUrl | quote }} restartPolicy: {{ $.Values.restartPolicy }} + activeDeadlineSeconds: {{ $.Values.activeDeadlineSeconds }} + ttlSecondsAfterFinished: {{ $.Values.ttlSecondsAfterFinished }} {{- end }} diff --git a/stable/kubecost-reports-exporter/values.yaml b/stable/kubecost-reports-exporter/values.yaml index a0c01191..c63f5833 100644 --- a/stable/kubecost-reports-exporter/values.yaml +++ b/stable/kubecost-reports-exporter/values.yaml @@ -7,6 +7,8 @@ restartPolicy: OnFailure successfulJobsHistoryLimit: 1 failedJobsHistoryLimit: 1 concurrencyPolicy: Forbid +activeDeadlineSeconds: 20 +ttlSecondsAfterFinished: 0 image: # image.repository -- The container image to use From 4811fc3bc9179e0ff63f04010ad52c5b291eb7fa Mon Sep 17 00:00:00 2001 From: Nyambati Thomas <12892110+nyambati@users.noreply.github.com> Date: Tue, 12 Mar 2024 12:04:21 +0100 Subject: [PATCH 2/5] add pre commit and docs --- .pre-commit-config.yaml | 8 ++++++++ README.md | 7 +++++++ stable/kubecost-reports-exporter/Chart.yaml | 2 +- stable/kubecost-reports-exporter/README.md | 4 +++- 4 files changed, 19 insertions(+), 2 deletions(-) create mode 100644 .pre-commit-config.yaml diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 00000000..3bbafa2e --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,8 @@ +repos: + - repo: https://github.com/norwoodj/helm-docs + rev: v1.11.0 + hooks: + - id: helm-docs + args: + - --chart-search-root=stable + - --template-files=../ci/README.md.gotmpl diff --git a/README.md b/README.md index 7836c599..b3790475 100644 --- a/README.md +++ b/README.md @@ -80,6 +80,7 @@ This repository has multiple Github Actions to ensure quality is high, these inc - [chart-testing](https://github.com/helm/chart-testing): lint and install tests - [markdown-lint](https://github.com/avto-dev/markdown-lint): lint all markdown files +- [pre-commit](https://pre-commit.com/): Auto generate helm docs before commit. - [helm-docs](https://github.com/norwoodj/helm-docs): check all chart `README.md` have all values documented - [helm-conftest](https://github.com/instrumenta/helm-conftest): Ensures standard labels are present @@ -120,7 +121,13 @@ All commands to be run from the root of this repo. To generate chart `README.md` files from the [template](ci/README.md.gotmpl): ```console + docker run --rm -v "${PWD}:/helm-docs" jnorwood/helm-docs:v1.11.3 --template-files ./ci/README.md.gotmpl + + # install pre-commit https://pre-commit.com/#install + $ brew install pre-commit + $ pre-commit install + $ pre-commit install-hooks ``` `helm-conftest`: diff --git a/stable/kubecost-reports-exporter/Chart.yaml b/stable/kubecost-reports-exporter/Chart.yaml index 7f34d0ac..152044dc 100644 --- a/stable/kubecost-reports-exporter/Chart.yaml +++ b/stable/kubecost-reports-exporter/Chart.yaml @@ -6,7 +6,7 @@ description: | if you are using old installation please use v1 chart home: https://www.kubecost.com type: application -version: 2.0.3 +version: 2.0.4 appVersion: "2.0.0" maintainers: - name: nyambati diff --git a/stable/kubecost-reports-exporter/README.md b/stable/kubecost-reports-exporter/README.md index 8bb9f6d9..3b3e1dbf 100644 --- a/stable/kubecost-reports-exporter/README.md +++ b/stable/kubecost-reports-exporter/README.md @@ -1,6 +1,6 @@ # kubecost-reports-exporter -![Version: 2.0.3](https://img.shields.io/badge/Version-2.0.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.0](https://img.shields.io/badge/AppVersion-2.0.0-informational?style=flat-square) +![Version: 2.0.4](https://img.shields.io/badge/Version-2.0.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.0](https://img.shields.io/badge/AppVersion-2.0.0-informational?style=flat-square) Helm chart for exporting kubernetes cost reports to AWS s3 bucket. N/B We have updated chart to use V2 scripts using allocations and assets api. @@ -48,6 +48,7 @@ helm install my-release deliveryhero/kubecost-reports-exporter -f values.yaml | Key | Type | Default | Description | |-----|------|---------|-------------| +| activeDeadlineSeconds | int | `20` | | | affinity | object | `{}` | | | concurrencyPolicy | string | `"Forbid"` | | | env | object | `{}` | Extra environment variables | @@ -77,6 +78,7 @@ helm install my-release deliveryhero/kubecost-reports-exporter -f values.yaml | serviceAccount.name | string | `""` | | | successfulJobsHistoryLimit | int | `1` | | | tolerations | list | `[]` | | +| ttlSecondsAfterFinished | int | `0` | | ## Maintainers From b1483e3f114ec1aac28bfc0279e7db9eb84591a1 Mon Sep 17 00:00:00 2001 From: Nyambati Thomas <12892110+nyambati@users.noreply.github.com> Date: Tue, 12 Mar 2024 12:06:38 +0100 Subject: [PATCH 3/5] fix: sentry sdk security issues --- stable/kubecost-reports-exporter/docker/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stable/kubecost-reports-exporter/docker/requirements.txt b/stable/kubecost-reports-exporter/docker/requirements.txt index 0d22ffd9..bd2d5a36 100644 --- a/stable/kubecost-reports-exporter/docker/requirements.txt +++ b/stable/kubecost-reports-exporter/docker/requirements.txt @@ -1,4 +1,4 @@ boto3>=0.17.0 -sentry-sdk==1.3.1 +sentry-sdk==1.14.0 datadog-api-client>=2.0.0 requests From 1969164bf3913c3445eaee9fb51e25a11ac2f079 Mon Sep 17 00:00:00 2001 From: Nyambati Thomas <12892110+nyambati@users.noreply.github.com> Date: Tue, 12 Mar 2024 12:31:44 +0100 Subject: [PATCH 4/5] add check pr action --- .github/pr-title-checker-config.json | 14 ++++++++++++++ .github/workflows/check_pr.yaml | 17 +++++++++++++++++ .../templates/allocation-assets-reports.yaml | 4 ++-- 3 files changed, 33 insertions(+), 2 deletions(-) create mode 100644 .github/pr-title-checker-config.json create mode 100644 .github/workflows/check_pr.yaml diff --git a/.github/pr-title-checker-config.json b/.github/pr-title-checker-config.json new file mode 100644 index 00000000..9b8f672f --- /dev/null +++ b/.github/pr-title-checker-config.json @@ -0,0 +1,14 @@ +{ + "LABEL": { + "name": "title needs formatting", + "color": "EEEEEE" + }, + "CHECKS": { + "regexp": "^\\[stable\\/\\..+\\]: .+" + }, + "MESSAGES": { + "success": "PR Title looks fine. 🙌", + "failure": "The title of your PR does not match the expected format. It **must** always contain a reference to the chart i.e [stable/my-cool-chart]: my cool PR", + "notice": "" + } +} diff --git a/.github/workflows/check_pr.yaml b/.github/workflows/check_pr.yaml new file mode 100644 index 00000000..8ea03b09 --- /dev/null +++ b/.github/workflows/check_pr.yaml @@ -0,0 +1,17 @@ +name: "PR Title Checker" +on: + pull_request_target: + types: + - opened + - edited + - synchronize + - labeled + - unlabeled + +jobs: + check: + runs-on: ubuntu-latest + steps: + - uses: thehanimo/pr-title-checker@v1.4.2 + with: + pass_on_octokit_error: false diff --git a/stable/kubecost-reports-exporter/templates/allocation-assets-reports.yaml b/stable/kubecost-reports-exporter/templates/allocation-assets-reports.yaml index e94f59a7..e78555ca 100644 --- a/stable/kubecost-reports-exporter/templates/allocation-assets-reports.yaml +++ b/stable/kubecost-reports-exporter/templates/allocation-assets-reports.yaml @@ -15,6 +15,8 @@ spec: successfulJobsHistoryLimit: {{ $.Values.successfulJobsHistoryLimit }} failedJobsHistoryLimit: {{ $.Values.failedJobsHistoryLimit }} concurrencyPolicy: {{ $.Values.concurrencyPolicy }} + activeDeadlineSeconds: {{ $.Values.activeDeadlineSeconds }} + ttlSecondsAfterFinished: {{ $.Values.ttlSecondsAfterFinished }} jobTemplate: spec: template: @@ -59,6 +61,4 @@ spec: - name: KUBECOST_DIAGNOSTICS_URL value: {{ required "Kubecost reports url is a required value" $.Values.kubecost.diagnosticsUrl | quote }} restartPolicy: {{ $.Values.restartPolicy }} - activeDeadlineSeconds: {{ $.Values.activeDeadlineSeconds }} - ttlSecondsAfterFinished: {{ $.Values.ttlSecondsAfterFinished }} {{- end }} From 4e5a3fa5811356e2ec1c5414249ce99cac280fb7 Mon Sep 17 00:00:00 2001 From: Nyambati Thomas <12892110+nyambati@users.noreply.github.com> Date: Tue, 12 Mar 2024 12:41:45 +0100 Subject: [PATCH 5/5] fix pr check action --- .github/pr-title-checker-config.json | 14 -------------- .github/workflows/check_pr.yaml | 14 ++++++++------ .../templates/allocation-assets-reports.yaml | 5 +++-- 3 files changed, 11 insertions(+), 22 deletions(-) delete mode 100644 .github/pr-title-checker-config.json diff --git a/.github/pr-title-checker-config.json b/.github/pr-title-checker-config.json deleted file mode 100644 index 9b8f672f..00000000 --- a/.github/pr-title-checker-config.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "LABEL": { - "name": "title needs formatting", - "color": "EEEEEE" - }, - "CHECKS": { - "regexp": "^\\[stable\\/\\..+\\]: .+" - }, - "MESSAGES": { - "success": "PR Title looks fine. 🙌", - "failure": "The title of your PR does not match the expected format. It **must** always contain a reference to the chart i.e [stable/my-cool-chart]: my cool PR", - "notice": "" - } -} diff --git a/.github/workflows/check_pr.yaml b/.github/workflows/check_pr.yaml index 8ea03b09..7cf8d685 100644 --- a/.github/workflows/check_pr.yaml +++ b/.github/workflows/check_pr.yaml @@ -1,17 +1,19 @@ name: "PR Title Checker" on: - pull_request_target: + pull_request: types: - opened - edited - synchronize - - labeled - - unlabeled jobs: - check: + check_pr_title: + name: check PR title runs-on: ubuntu-latest steps: - - uses: thehanimo/pr-title-checker@v1.4.2 + - name: Checkout Code + uses: actions/checkout@v2 + - uses: deepakputhraya/action-pr-title@master with: - pass_on_octokit_error: false + regex: '^\[stable\/+.+]\s.+' + prefix_case_sensitive: false diff --git a/stable/kubecost-reports-exporter/templates/allocation-assets-reports.yaml b/stable/kubecost-reports-exporter/templates/allocation-assets-reports.yaml index e78555ca..8b35fae0 100644 --- a/stable/kubecost-reports-exporter/templates/allocation-assets-reports.yaml +++ b/stable/kubecost-reports-exporter/templates/allocation-assets-reports.yaml @@ -15,10 +15,11 @@ spec: successfulJobsHistoryLimit: {{ $.Values.successfulJobsHistoryLimit }} failedJobsHistoryLimit: {{ $.Values.failedJobsHistoryLimit }} concurrencyPolicy: {{ $.Values.concurrencyPolicy }} - activeDeadlineSeconds: {{ $.Values.activeDeadlineSeconds }} - ttlSecondsAfterFinished: {{ $.Values.ttlSecondsAfterFinished }} + jobTemplate: spec: + activeDeadlineSeconds: {{ $.Values.activeDeadlineSeconds }} + ttlSecondsAfterFinished: {{ $.Values.ttlSecondsAfterFinished }} template: metadata: {{- with $.Values.podAnnotations }}