diff --git a/.github/kubeconform.sh b/.github/kubeconform.sh new file mode 100755 index 000000000..872c011d3 --- /dev/null +++ b/.github/kubeconform.sh @@ -0,0 +1,38 @@ +#!/bin/bash +set -euo pipefail + +KUBECONFORM_VERSION="v0.6.4" +# https://github.com/yannh/kubeconform/issues/51 +CRD_SPEC_URL="https://raw.githubusercontent.com/kubernetes/kubernetes/master/api/openapi-spec/v3/apis__apiextensions.k8s.io__v1_openapi.json" +# Remove after v1.16 support / testing is dropped +LEGACY_SCHEMA_URL="https://github.com/instrumenta/kubernetes-json-schema" +OS=$(uname) + +CHANGED_CHARTS=${CHANGED_CHARTS:-${1:-}} +if [ -n "$CHANGED_CHARTS" ]; +then + CHART_DIRS=$CHANGED_CHARTS +else + CHART_DIRS=$(ls -d charts/*) +fi + +# install kubeconform +curl --silent --show-error --fail --location --output /tmp/kubeconform.tar.gz "https://github.com/yannh/kubeconform/releases/download/${KUBECONFORM_VERSION}/kubeconform-${OS}-amd64.tar.gz" +tar -xf /tmp/kubeconform.tar.gz kubeconform + +# validate charts +for CHART_DIR in ${CHART_DIRS}; do + echo "Running kubeconform for folder: '$CHART_DIR'" + + # Note: -ignore-missing-schemas could be added if needed, but not currently + # needed since we have the schema necessary to validate the CRDs themselves. + # + # Also, if at some point we needed to validate things _using_ these CRDs, + # they're available via + # https://github.com/datreeio/CRDs-catalog/tree/main/datadoghq.com + helm dep up "${CHART_DIR}" && helm template --kube-version "${KUBERNETES_VERSION#v}" \ + --values "${CHART_DIR}/ci/kubeconform-values.yaml" "${CHART_DIR}" \ + | ./kubeconform -strict -schema-location default -schema-location "$CRD_SPEC_URL" \ + -schema-location $LEGACY_SCHEMA_URL -output pretty \ + -verbose -kubernetes-version "${KUBERNETES_VERSION#v}" - +done diff --git a/.github/kubeval.sh b/.github/kubeval.sh deleted file mode 100755 index 181f7c84c..000000000 --- a/.github/kubeval.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash -set -euo pipefail - -KUBEVAL_VERSION="v0.16.1" -SCHEMA_LOCATION="https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master" -OS=$(uname) - -CHANGED_CHARTS=${CHANGED_CHARTS:-${1:-}} -if [ -n "$CHANGED_CHARTS" ]; -then - CHART_DIRS=$CHANGED_CHARTS -else - CHART_DIRS=$(ls -d charts/*) -fi - -# install kubeval -curl --silent --show-error --fail --location --output /tmp/kubeval.tar.gz "https://github.com/instrumenta/kubeval/releases/download/${KUBEVAL_VERSION}/kubeval-${OS}-amd64.tar.gz" -tar -xf /tmp/kubeval.tar.gz kubeval - -# validate charts -for CHART_DIR in ${CHART_DIRS}; do - echo "Running kubeval for folder: '$CHART_DIR'" - helm dep up "${CHART_DIR}" && helm template --kube-version "${KUBERNETES_VERSION#v}" --values "${CHART_DIR}"/ci/kubeval-values.yaml "${CHART_DIR}" | ./kubeval --strict --ignore-missing-schemas --kubernetes-version "${KUBERNETES_VERSION#v}" --schema-location "${SCHEMA_LOCATION}" -done diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index fddde5673..d6a4f786a 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -33,7 +33,9 @@ jobs: if [[ -n "$changed" ]]; then echo -n "Charts changed:" echo "$changed" - echo "::set-output name=changed::$changed" + echo "changed<> $GITHUB_OUTPUT + echo "$changed" >> $GITHUB_OUTPUT + echo "EOF" >> $GITHUB_OUTPUT else echo "PR without any chart changes - failing" exit 1 @@ -68,7 +70,7 @@ jobs: - name: Run helm-docs run: .github/helm-docs.sh - kubeval-chart: + kubeconform-chart: runs-on: ubuntu-latest needs: - changed @@ -80,12 +82,12 @@ jobs: # https://github.com/instrumenta/kubernetes-json-schema is no # longer updated k8s: - # - v1.14.10 (deprecated with kind 1.16) - - v1.16.15 + - v1.16.4 - v1.18.20 - - v1.22.9 - - v1.24.2 - # v1.25.2 (when agent 7.40 is out) + - v1.22.17 + - v1.24.17 + - v1.25.16 + - v1.26.13 steps: - name: Checkout uses: actions/checkout@v3 @@ -95,11 +97,11 @@ jobs: run: helm repo add datadog https://helm.datadoghq.com && helm repo update - name: Add KSM helm repo run: helm repo add kube-state-metrics https://prometheus-community.github.io/helm-charts - - name: Run kubeval + - name: Run kubeconform env: KUBERNETES_VERSION: ${{ matrix.k8s }} CHANGED_CHARTS: ${{needs.changed.outputs.charts}} - run: .github/kubeval.sh + run: .github/kubeconform.sh install-chart: name: install-chart @@ -107,15 +109,15 @@ jobs: timeout-minutes: 60 needs: - lint-chart - - kubeval-chart + - kubeconform-chart strategy: matrix: k8s: - - v1.16.15 - v1.18.20 - v1.22.9 - v1.24.2 - - v1.25.2 + - v1.25.16 + - v1.26.13 steps: - name: Checkout uses: actions/checkout@v3 diff --git a/.gitignore b/.gitignore index 9f0bb268c..089390f06 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,6 @@ charts/*/charts helm-docs -kubeval +kubeconform .idea vendor/ .vscode diff --git a/charts/datadog-crds/CHANGELOG.md b/charts/datadog-crds/CHANGELOG.md index 3e4c23ef8..b47bfbc6a 100644 --- a/charts/datadog-crds/CHANGELOG.md +++ b/charts/datadog-crds/CHANGELOG.md @@ -1,5 +1,8 @@ # Changelog +## 1.3.1 +* Migrate from `kubeval` to `kubeconform` for ci chart validation. + ## 1.3.0 * Update CRDs from Datadog Operator v1.3.0 tag. diff --git a/charts/datadog-crds/Chart.yaml b/charts/datadog-crds/Chart.yaml index 416ef901b..ec19ee5e7 100644 --- a/charts/datadog-crds/Chart.yaml +++ b/charts/datadog-crds/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 name: datadog-crds description: Datadog Kubernetes CRDs chart -version: 1.3.0 +version: 1.3.1 appVersion: "1" keywords: - monitoring diff --git a/charts/datadog-crds/README.md b/charts/datadog-crds/README.md index 40d5ee6d0..8a0149622 100644 --- a/charts/datadog-crds/README.md +++ b/charts/datadog-crds/README.md @@ -1,6 +1,6 @@ # Datadog CRDs -![Version: 1.3.0](https://img.shields.io/badge/Version-1.3.0-informational?style=flat-square) ![AppVersion: 1](https://img.shields.io/badge/AppVersion-1-informational?style=flat-square) +![Version: 1.3.1](https://img.shields.io/badge/Version-1.3.1-informational?style=flat-square) ![AppVersion: 1](https://img.shields.io/badge/AppVersion-1-informational?style=flat-square) This chart was designed to allow other "datadog" charts to share `CustomResourceDefinitions` such as the `DatadogMetric`. diff --git a/charts/datadog-crds/ci/kubeval-values.yaml b/charts/datadog-crds/ci/kubeconform-values.yaml similarity index 100% rename from charts/datadog-crds/ci/kubeval-values.yaml rename to charts/datadog-crds/ci/kubeconform-values.yaml diff --git a/charts/datadog-operator/CHANGELOG.md b/charts/datadog-operator/CHANGELOG.md index 06d1f6fd5..1468c4e69 100644 --- a/charts/datadog-operator/CHANGELOG.md +++ b/charts/datadog-operator/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +## 1.4.2 + +* Migrate from `kubeval` to `kubeconform` for ci chart validation. + ## 1.4.1 * Add configuration for Operator flag `datadogSLOEnabled` : this parameter is used to enable the Datadog SLO Controller. It is disabled by default. diff --git a/charts/datadog-operator/Chart.yaml b/charts/datadog-operator/Chart.yaml index 67efc918e..8ddcf6bc8 100644 --- a/charts/datadog-operator/Chart.yaml +++ b/charts/datadog-operator/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: datadog-operator -version: 1.4.1 +version: 1.4.2 appVersion: 1.3.0 description: Datadog Operator keywords: diff --git a/charts/datadog-operator/README.md b/charts/datadog-operator/README.md index 0e9d28def..2df990a9f 100644 --- a/charts/datadog-operator/README.md +++ b/charts/datadog-operator/README.md @@ -1,6 +1,6 @@ # Datadog Operator -![Version: 1.4.1](https://img.shields.io/badge/Version-1.4.1-informational?style=flat-square) ![AppVersion: 1.3.0](https://img.shields.io/badge/AppVersion-1.3.0-informational?style=flat-square) +![Version: 1.4.2](https://img.shields.io/badge/Version-1.4.2-informational?style=flat-square) ![AppVersion: 1.3.0](https://img.shields.io/badge/AppVersion-1.3.0-informational?style=flat-square) ## Values diff --git a/charts/datadog-operator/ci/kubeval-values.yaml b/charts/datadog-operator/ci/kubeconform-values.yaml similarity index 100% rename from charts/datadog-operator/ci/kubeval-values.yaml rename to charts/datadog-operator/ci/kubeconform-values.yaml diff --git a/charts/datadog/CHANGELOG.md b/charts/datadog/CHANGELOG.md index b3d4fa869..645f41a1d 100644 --- a/charts/datadog/CHANGELOG.md +++ b/charts/datadog/CHANGELOG.md @@ -1,12 +1,16 @@ # Datadog changelog +## 3.54.1 + +* Migrate from `kubeval` to `kubeconform` for ci chart validation. + ## 3.53.3 * Update `fips.image.tag` to `1.1.1` ## 3.53.2 -* Exclude agent pod from labels injection from the admission controller +* Exclude agent pod from labels injection from the admission controller. ## 3.53.1 diff --git a/charts/datadog/Chart.yaml b/charts/datadog/Chart.yaml index 61ed41284..8a811cd17 100644 --- a/charts/datadog/Chart.yaml +++ b/charts/datadog/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v1 name: datadog -version: 3.53.3 +version: 3.54.1 appVersion: "7" description: Datadog Agent keywords: diff --git a/charts/datadog/README.md b/charts/datadog/README.md index 450c918b1..d1fae80ee 100644 --- a/charts/datadog/README.md +++ b/charts/datadog/README.md @@ -1,6 +1,6 @@ # Datadog -![Version: 3.53.3](https://img.shields.io/badge/Version-3.53.3-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) +![Version: 3.54.1](https://img.shields.io/badge/Version-3.54.1-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/). diff --git a/charts/datadog/ci/kubeval-values.yaml b/charts/datadog/ci/kubeconform-values.yaml similarity index 93% rename from charts/datadog/ci/kubeval-values.yaml rename to charts/datadog/ci/kubeconform-values.yaml index 162127c79..5fb292aef 100644 --- a/charts/datadog/ci/kubeval-values.yaml +++ b/charts/datadog/ci/kubeconform-values.yaml @@ -36,7 +36,7 @@ clusterAgent: enabled: true createPodDisruptionBudget: true nodeSelector: - kubernetes.io/os: linux + disktype: ssd metricsProvider: enabled: false admissionController: @@ -46,10 +46,10 @@ clusterChecksRunner: enabled: true createPodDisruptionBudget: true nodeSelector: - kubernetes.io/os: linux + disktype: ssd agents: nodeSelector: - kubernetes.io/os: linux + disktype: ssd podSecurity: podSecurityPolicy: create: true diff --git a/charts/extended-daemon-set/CHANGELOG.md b/charts/extended-daemon-set/CHANGELOG.md index e4b46d670..a5242cee5 100644 --- a/charts/extended-daemon-set/CHANGELOG.md +++ b/charts/extended-daemon-set/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +## 0.3.1 + +* Migrate from `kubeval` to `kubeconform` for ci chart validation. + ## 0.3.0 * Updated for EDS 0.8.0. diff --git a/charts/extended-daemon-set/Chart.yaml b/charts/extended-daemon-set/Chart.yaml index 4be6b294d..b8cc49934 100644 --- a/charts/extended-daemon-set/Chart.yaml +++ b/charts/extended-daemon-set/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: v0.8.0 description: Extended Daemonset Controller name: extendeddaemonset -version: v0.3.0 +version: v0.3.1 keywords: - monitoring - alerting diff --git a/charts/extended-daemon-set/README.md b/charts/extended-daemon-set/README.md index fe0c4a05d..26b39da47 100644 --- a/charts/extended-daemon-set/README.md +++ b/charts/extended-daemon-set/README.md @@ -1,6 +1,6 @@ # Extended DaemonSet -![Version: v0.3.0](https://img.shields.io/badge/Version-v0.3.0-informational?style=flat-square) ![AppVersion: v0.8.0](https://img.shields.io/badge/AppVersion-v0.8.0-informational?style=flat-square) +![Version: v0.3.1](https://img.shields.io/badge/Version-v0.3.1-informational?style=flat-square) ![AppVersion: v0.8.0](https://img.shields.io/badge/AppVersion-v0.8.0-informational?style=flat-square) This chart installs the Extended DaemonSet (EDS). It aims to provide a new implementation of the Kubernetes DaemonSet resource with key features: - Canary Deployment: Deploy a new DaemonSet version with only a few nodes. diff --git a/charts/extended-daemon-set/ci/kubeval-values.yaml b/charts/extended-daemon-set/ci/kubeconform-values.yaml similarity index 100% rename from charts/extended-daemon-set/ci/kubeval-values.yaml rename to charts/extended-daemon-set/ci/kubeconform-values.yaml diff --git a/charts/observability-pipelines-worker/CHANGELOG.md b/charts/observability-pipelines-worker/CHANGELOG.md index 6021faef1..ea0c2d35a 100644 --- a/charts/observability-pipelines-worker/CHANGELOG.md +++ b/charts/observability-pipelines-worker/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +## 1.8.1 + +* Migrate from `kubeval` to `kubeconform` for ci chart validation. + ## 1.8.0 * Official image `1.8.0` diff --git a/charts/observability-pipelines-worker/Chart.yaml b/charts/observability-pipelines-worker/Chart.yaml index fa6f7a36f..592df157c 100644 --- a/charts/observability-pipelines-worker/Chart.yaml +++ b/charts/observability-pipelines-worker/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: observability-pipelines-worker -version: "1.8.0" +version: "1.8.1" description: Observability Pipelines Worker type: application keywords: diff --git a/charts/observability-pipelines-worker/README.md b/charts/observability-pipelines-worker/README.md index 5b82ccaf1..cc45ada43 100644 --- a/charts/observability-pipelines-worker/README.md +++ b/charts/observability-pipelines-worker/README.md @@ -1,6 +1,6 @@ # Observability Pipelines Worker -![Version: 1.8.0](https://img.shields.io/badge/Version-1.8.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.8.0](https://img.shields.io/badge/AppVersion-1.8.0-informational?style=flat-square) +![Version: 1.8.1](https://img.shields.io/badge/Version-1.8.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.8.0](https://img.shields.io/badge/AppVersion-1.8.0-informational?style=flat-square) ## How to use Datadog Helm repository diff --git a/charts/observability-pipelines-worker/ci/kubeval-values.yaml b/charts/observability-pipelines-worker/ci/kubeconform-values.yaml similarity index 100% rename from charts/observability-pipelines-worker/ci/kubeval-values.yaml rename to charts/observability-pipelines-worker/ci/kubeconform-values.yaml diff --git a/charts/synthetics-private-location/CHANGELOG.md b/charts/synthetics-private-location/CHANGELOG.md index 49cb64fc2..fd5e381a4 100644 --- a/charts/synthetics-private-location/CHANGELOG.md +++ b/charts/synthetics-private-location/CHANGELOG.md @@ -1,5 +1,9 @@ # Datadog changelog +## 0.15.26 + +* Migrate from `kubeval` to `kubeconform` for ci chart validation. + ## 0.15.25 * Update private location image version to `1.44.0`. diff --git a/charts/synthetics-private-location/Chart.yaml b/charts/synthetics-private-location/Chart.yaml index 467126e38..18ce0b289 100644 --- a/charts/synthetics-private-location/Chart.yaml +++ b/charts/synthetics-private-location/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: synthetics-private-location -version: 0.15.25 +version: 0.15.26 appVersion: 1.44.0 description: Datadog Synthetics Private Location keywords: diff --git a/charts/synthetics-private-location/README.md b/charts/synthetics-private-location/README.md index 098c16bc2..9224ef930 100644 --- a/charts/synthetics-private-location/README.md +++ b/charts/synthetics-private-location/README.md @@ -1,6 +1,6 @@ # Datadog Synthetics Private Location -![Version: 0.15.25](https://img.shields.io/badge/Version-0.15.25-informational?style=flat-square) ![AppVersion: 1.44.0](https://img.shields.io/badge/AppVersion-1.44.0-informational?style=flat-square) +![Version: 0.15.26](https://img.shields.io/badge/Version-0.15.26-informational?style=flat-square) ![AppVersion: 1.44.0](https://img.shields.io/badge/AppVersion-1.44.0-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds a Datadog Synthetics Private Location Deployment. For more information about synthetics monitoring with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/synthetics/private_locations). diff --git a/charts/synthetics-private-location/ci/kubeval-values.yaml b/charts/synthetics-private-location/ci/kubeconform-values.yaml similarity index 100% rename from charts/synthetics-private-location/ci/kubeval-values.yaml rename to charts/synthetics-private-location/ci/kubeconform-values.yaml