-
Notifications
You must be signed in to change notification settings - Fork 24
/
Copy pathtasks.yaml
154 lines (126 loc) · 5.55 KB
/
tasks.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
# Copyright 2024 Defense Unicorns
# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
variables:
- name: FLAVOR
default: upstream
- name: LAYER
includes:
- create: ./tasks/create.yaml
- setup: ./tasks/setup.yaml
- deploy: ./tasks/deploy.yaml
- test: ./tasks/test.yaml
- lint: ./tasks/lint.yaml
tasks:
- name: default
actions:
- description: "Build, deploy and test UDS Core"
task: test-uds-core
- name: dev-setup
description: "Create k3d cluster with istio"
actions:
- description: "Create the dev cluster"
task: setup:create-k3d-cluster
# Note: the `registry-url` flag used here requires uds 0.19.2+
- description: "Deploy the Istio source package with Zarf Dev"
cmd: "uds zarf dev deploy src/istio --flavor upstream --registry-url docker.io --no-progress"
# Note: this abuses the --flavor flag to only install the CRDs from this package - the "crds-only" flavor is not an explicit flavor of the package
- description: "Deploy the Prometheus-Stack source package with Zarf Dev to only install the CRDs"
cmd: "uds zarf dev deploy src/prometheus-stack --flavor crds-only --no-progress"
- description: "Dev instructions"
cmd: |
echo "Next steps:"
echo " - To test & develop the Pepr module, run 'npx pepr dev' from a Javascript debug terminal"
echo " - Otherwise run 'npx pepr deploy' to deploy the Pepr module to the cluster"
echo " - Additional source packages can be deployed with 'zarf dev deploy src/<package> --flavor upstream'"
- name: slim-dev
actions:
- description: "Build slim dev bundle"
task: create:k3d-slim-dev-bundle
- description: "Deploy slim dev bundle"
task: deploy:k3d-slim-dev-bundle
- name: dev-identity
description: "Create k3d cluster with istio, Pepr, Keycloak, and Authservice for development"
actions:
- task: dev-setup
- description: "Deploy Pepr"
cmd: "npx pepr deploy --confirm"
- description: "Deploy Keycloak + Authservice"
cmd: "uds run dev-deploy --set LAYER=identity-authorization --no-progress"
- name: dev-deploy
description: "Deploy the given core layer with Zarf Dev"
actions:
- cmd: "uds zarf dev deploy packages/${LAYER} --flavor ${FLAVOR} --no-progress"
- name: setup-cluster
description: "Create a k3d Cluster and Initialize with Zarf"
actions:
- task: setup:k3d-test-cluster
- name: create-standard-package
description: "Create UDS Core Zarf Package, `upstream` flavor default, use --set FLAVOR={flavor} to change"
actions:
- task: create:standard-package
- name: test-single-layer
description: "Deploys k3d cluster, layer dependencies and the provided layer (based on LAYER variable)"
actions:
- task: test:layer-dependencies
- task: test:single-layer
- name: deploy-standard-bundle
actions:
- task: deploy:k3d-standard-bundle
- name: test-uds-core
description: "Build and test UDS Core"
actions:
- task: test:uds-core
- name: test-uds-core-ha
description: "Build and test UDS Core"
actions:
- cmd: docker stop postgres && docker rm postgres || true
- cmd: docker network create k3d-uds || true
- cmd: docker run -p 5432:5432 --network=k3d-uds --name postgres -e POSTGRES_DB=keycloak -e POSTGRES_USER=postgres -e POSTGRES_PASSWORD=password -d postgres
- cmd: sleep 3 && docker exec postgres psql -U postgres -c "CREATE DATABASE grafana;"
- task: test:uds-core-ha
- name: test-uds-core-upgrade
description: "Test an upgrade from the latest released UDS Core package to current branch"
actions:
- task: test:uds-core-upgrade
- name: test-compliance-compose
description: "Compose OSCAL Component Definition"
actions:
- task: test:local-compliance-compose
- name: test-compliance-validate
description: "Validate Compliance of UDS Core to produce Assessment Results"
actions:
- task: test:compliance-validate
- name: test-compliance-evaluate
description: "Evaluate Compliance of UDS Core against an established threshold"
actions:
- task: test:compliance-evaluate
- name: lint-check
description: "Run linting checks"
actions:
- task: lint:check
- name: lint-fix
description: "Fix linting issues"
actions:
- task: lint:fix
- name: lint-oscal
actions:
- task: lint:oscal
# Note that due to cloning the docs repo (which is private) this task will require organization access to the repo
# This task does not clone in/manage docs outside of the core repo so you may hit some 404s during development
- name: dev-docs
description: "Start the dev docs server"
actions:
- description: "Cleanup previous runs"
cmd: |
rm -rf uds-docs
- description: "Clone the docs repo and symlink the reference docs"
cmd: |
git clone https://github.com/defenseunicorns/uds-docs.git uds-docs
rm -rf uds-docs/src/content/docs/reference uds-docs/src/content/docs/.images
# This only symlinks the reference and images folders since these are the only docs we use in the docs site
ln -s $(pwd)/docs/reference uds-docs/src/content/docs/reference
ln -s $(pwd)/docs/.images uds-docs/src/content/docs/.images
- description: "Start the docs server with npm (this will run until you stop it)"
cmd: |
# Actual startup takes up to a minute because of the npm install
cd uds-docs && npm i && npm run dev