From e6462938855d7bcc8bdfd328b6ac4e3fb5e42e10 Mon Sep 17 00:00:00 2001 From: Aleksey Date: Thu, 16 Jun 2022 11:39:13 +0400 Subject: [PATCH 01/10] Fix externalRedis for correct template `externalRedis` in https://github.com/grafana/oncall/blob/dev/helm/oncall/templates/_env.tpl#L141 but here `external_redis` --- helm/oncall/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/oncall/values.yaml b/helm/oncall/values.yaml index 6c781718..98b82347 100644 --- a/helm/oncall/values.yaml +++ b/helm/oncall/values.yaml @@ -120,7 +120,7 @@ externalRabbitmq: redis: enabled: true -external_redis: +externalRedis: host: password: From 948ed5ff6c1c46efc8a2c438c560aba809b1d669 Mon Sep 17 00:00:00 2001 From: Aditya C S Date: Thu, 16 Jun 2022 13:36:42 +0530 Subject: [PATCH 02/10] fix(helm): fix password key in external redis secret --- helm/oncall/templates/secrets.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/oncall/templates/secrets.yaml b/helm/oncall/templates/secrets.yaml index 2a1ecba9..88b4eaed 100644 --- a/helm/oncall/templates/secrets.yaml +++ b/helm/oncall/templates/secrets.yaml @@ -38,6 +38,6 @@ metadata: name: {{ include "oncall.fullname" . }}-redis-external type: Opaque data: - rabbitmq-password: {{ required "externalRedis.password is required if not redis.enabled" .Values.externalRedis.password | b64enc | quote }} + redis-password: {{ required "externalRedis.password is required if not redis.enabled" .Values.externalRedis.password | b64enc | quote }} {{- end }} From c307bc56ce044ca41f26480537906d4c08375178 Mon Sep 17 00:00:00 2001 From: Alexandre Chaussier Date: Sat, 18 Jun 2022 15:40:58 +0200 Subject: [PATCH 03/10] fix: fix ingress-nginx dependency management in values.yaml --- helm/oncall/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/oncall/values.yaml b/helm/oncall/values.yaml index 6c781718..7ebecdc9 100644 --- a/helm/oncall/values.yaml +++ b/helm/oncall/values.yaml @@ -55,7 +55,7 @@ ingress: cert-manager.io/issuer: "letsencrypt-prod" # Whether to install ingress controller -nginx-ingress: +ingress-nginx: enabled: true # Install cert-manager as a part of the release From ce982ae1c2ce4b022aa0ab5615d956bb40925336 Mon Sep 17 00:00:00 2001 From: Michael Derynck Date: Mon, 20 Jun 2022 09:29:37 -0600 Subject: [PATCH 04/10] Tweak docker-compose (#104) * Remove env var causing celery container to exit, put containers in their own network * Remove unnecessary network, remove version since we are mixing, make DB and redis ports internal * Restore property for CELERY_WORKER_SHUTDOWN_INVERVAL since restart policy added --- docker-compose.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 894b26fe..bf44777b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -34,7 +34,6 @@ services: condition: service_started celery: - # TODO: change to the public image once it's public image: grafana/oncall restart: always command: sh -c "./celery_with_exporter.sh" @@ -102,8 +101,8 @@ services: cpus: 0.5 command: --default-authentication-plugin=mysql_native_password --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci restart: always - ports: - - 3306:3306 + expose: + - 3306 volumes: - dbdata:/var/lib/mysql environment: @@ -119,8 +118,8 @@ services: mem_limit: 100m cpus: 0.1 restart: always - ports: - - 6379:6379 + expose: + - 6379 rabbitmq: image: "rabbitmq:3.7.15-management" From a4d9bc99a8efe639c45c303e2733179b441bbd51 Mon Sep 17 00:00:00 2001 From: Julia Date: Tue, 21 Jun 2022 12:53:22 +0300 Subject: [PATCH 05/10] Rename field `webhook` to `url` for outgoing webhook public api endpoint, update tests --- engine/apps/public_api/serializers/action.py | 16 +++++++-------- .../public_api/tests/test_custom_actions.py | 20 +++++++++---------- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/engine/apps/public_api/serializers/action.py b/engine/apps/public_api/serializers/action.py index 963aacbc..f652bc7c 100644 --- a/engine/apps/public_api/serializers/action.py +++ b/engine/apps/public_api/serializers/action.py @@ -14,6 +14,7 @@ class ActionCreateSerializer(serializers.ModelSerializer): id = serializers.CharField(read_only=True, source="public_primary_key") organization = serializers.HiddenField(default=CurrentOrganizationDefault()) team_id = TeamPrimaryKeyRelatedField(required=False, allow_null=True, source="team") + url = serializers.CharField(required=True, allow_null=False, allow_blank=False, source="webhook") class Meta: model = CustomButton @@ -22,7 +23,7 @@ class ActionCreateSerializer(serializers.ModelSerializer): "name", "organization", "team_id", - "webhook", + "url", "data", "user", "password", @@ -31,7 +32,6 @@ class ActionCreateSerializer(serializers.ModelSerializer): ] extra_kwargs = { "name": {"required": True, "allow_null": False, "allow_blank": False}, - "webhook": {"required": True, "allow_null": False, "allow_blank": False}, "data": {"required": False, "allow_null": True, "allow_blank": False}, "user": {"required": False, "allow_null": True, "allow_blank": False}, "password": {"required": False, "allow_null": True, "allow_blank": False}, @@ -41,13 +41,13 @@ class ActionCreateSerializer(serializers.ModelSerializer): validators = [UniqueTogetherValidator(queryset=CustomButton.objects.all(), fields=["name", "organization"])] - def validate_webhook(self, webhook): - if webhook: + def validate_url(self, url): + if url: try: - URLValidator()(webhook) + URLValidator()(url) except ValidationError: - raise serializers.ValidationError("Webhook is incorrect") - return webhook + raise serializers.ValidationError("URL is incorrect") + return url return None def validate_data(self, data): @@ -74,12 +74,12 @@ class ActionCreateSerializer(serializers.ModelSerializer): class ActionUpdateSerializer(ActionCreateSerializer): team_id = TeamPrimaryKeyRelatedField(source="team", read_only=True) + url = serializers.CharField(required=False, allow_null=False, allow_blank=False, source="webhook") class Meta(ActionCreateSerializer.Meta): extra_kwargs = { "name": {"required": False, "allow_null": False, "allow_blank": False}, - "webhook": {"required": False, "allow_null": False, "allow_blank": False}, "data": {"required": False, "allow_null": True, "allow_blank": False}, "user": {"required": False, "allow_null": True, "allow_blank": False}, "password": {"required": False, "allow_null": True, "allow_blank": False}, diff --git a/engine/apps/public_api/tests/test_custom_actions.py b/engine/apps/public_api/tests/test_custom_actions.py index ee0e5f67..9fb4ebb6 100644 --- a/engine/apps/public_api/tests/test_custom_actions.py +++ b/engine/apps/public_api/tests/test_custom_actions.py @@ -30,7 +30,7 @@ def test_get_custom_actions( "id": custom_action.public_primary_key, "name": custom_action.name, "team_id": None, - "webhook": custom_action.webhook, + "url": custom_action.webhook, "data": custom_action.data, "user": custom_action.user, "password": custom_action.password, @@ -68,7 +68,7 @@ def test_get_custom_actions_filter_by_name( "id": custom_action.public_primary_key, "name": custom_action.name, "team_id": None, - "webhook": custom_action.webhook, + "url": custom_action.webhook, "data": custom_action.data, "user": custom_action.user, "password": custom_action.password, @@ -122,7 +122,7 @@ def test_get_custom_action( "id": custom_action.public_primary_key, "name": custom_action.name, "team_id": None, - "webhook": custom_action.webhook, + "url": custom_action.webhook, "data": custom_action.data, "user": custom_action.user, "password": custom_action.password, @@ -144,7 +144,7 @@ def test_create_custom_action(make_organization_and_user_with_token): data = { "name": "Test outgoing webhook", - "webhook": "https://example.com", + "url": "https://example.com", } response = client.post(url, data=data, format="json", HTTP_AUTHORIZATION=f"{token}") @@ -155,7 +155,7 @@ def test_create_custom_action(make_organization_and_user_with_token): "id": custom_action.public_primary_key, "name": custom_action.name, "team_id": None, - "webhook": custom_action.webhook, + "url": custom_action.webhook, "data": custom_action.data, "user": custom_action.user, "password": custom_action.password, @@ -179,13 +179,13 @@ def test_create_custom_action_invalid_data( data = { "name": "Test outgoing webhook", - "webhook": "invalid_url", + "url": "invalid_url", } response = client.post(url, data=data, format="json", HTTP_AUTHORIZATION=f"{token}") assert response.status_code == status.HTTP_400_BAD_REQUEST - assert response.data["webhook"][0] == "Webhook is incorrect" + assert response.data["url"][0] == "URL is incorrect" data = { "name": "Test outgoing webhook", @@ -194,10 +194,10 @@ def test_create_custom_action_invalid_data( response = client.post(url, data=data, format="json", HTTP_AUTHORIZATION=f"{token}") assert response.status_code == status.HTTP_400_BAD_REQUEST - assert response.data["webhook"][0] == "This field is required." + assert response.data["url"][0] == "This field is required." data = { - "webhook": "https://example.com", + "url": "https://example.com", } response = client.post(url, data=data, format="json", HTTP_AUTHORIZATION=f"{token}") @@ -231,7 +231,7 @@ def test_update_custom_action( "id": custom_action.public_primary_key, "name": data["name"], "team_id": None, - "webhook": custom_action.webhook, + "url": custom_action.webhook, "data": custom_action.data, "user": custom_action.user, "password": custom_action.password, From 1fc68ec871ce0718b00f9fd1c34510f7cae56cc4 Mon Sep 17 00:00:00 2001 From: Ildar Iskhakov Date: Tue, 21 Jun 2022 13:13:42 +0300 Subject: [PATCH 06/10] Release helm chart from grafana/oncall to grafana/helm-charts using common workflow --- .github/workflows/helm_release.yml | 17 +++++++++++++++++ helm/cr.yaml | 5 +++++ helm/oncall/Chart.yaml | 2 +- 3 files changed, 23 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/helm_release.yml create mode 100644 helm/cr.yaml diff --git a/.github/workflows/helm_release.yml b/.github/workflows/helm_release.yml new file mode 100644 index 00000000..de0cca58 --- /dev/null +++ b/.github/workflows/helm_release.yml @@ -0,0 +1,17 @@ +name: helm-release + +on: + push: + branches: + - main + +jobs: + call-update-helm-repo: + uses: grafana/helm-charts/.github/workflows/update-helm-repo.yaml@main + with: + charts_dir: helm/ + cr_configfile: helm/cr.yaml + secrets: + helm_repo_token: ${{ secrets.GH_BOT_ACCESS_TOKEN }} + # See https://github.com/grafana/helm-charts/blob/main/INTERNAL.md about this key + gpg_key_base64: ${{ secrets.HELM_SIGN_KEY_BASE64 }} diff --git a/helm/cr.yaml b/helm/cr.yaml new file mode 100644 index 00000000..39265199 --- /dev/null +++ b/helm/cr.yaml @@ -0,0 +1,5 @@ +git-repo: helm-charts +key: Grafana Loki +owner: grafana +sign: true +skip-existing: true \ No newline at end of file diff --git a/helm/oncall/Chart.yaml b/helm/oncall/Chart.yaml index 81051591..23a91cd5 100644 --- a/helm/oncall/Chart.yaml +++ b/helm/oncall/Chart.yaml @@ -8,7 +8,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 +version: 1.0.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From d872a0e939eb0a35b79b41ea4c73490af660135e Mon Sep 17 00:00:00 2001 From: Ildar Iskhakov Date: Tue, 21 Jun 2022 15:01:46 +0300 Subject: [PATCH 07/10] Add helm tests --- .github/workflows/helm_release.yml | 3 ++- helm/ct.yaml | 12 ++++++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 helm/ct.yaml diff --git a/.github/workflows/helm_release.yml b/.github/workflows/helm_release.yml index de0cca58..7f0f9672 100644 --- a/.github/workflows/helm_release.yml +++ b/.github/workflows/helm_release.yml @@ -9,8 +9,9 @@ jobs: call-update-helm-repo: uses: grafana/helm-charts/.github/workflows/update-helm-repo.yaml@main with: - charts_dir: helm/ + charts_dir: helm cr_configfile: helm/cr.yaml + ct_configfile: helm/ct.yaml secrets: helm_repo_token: ${{ secrets.GH_BOT_ACCESS_TOKEN }} # See https://github.com/grafana/helm-charts/blob/main/INTERNAL.md about this key diff --git a/helm/ct.yaml b/helm/ct.yaml new file mode 100644 index 00000000..c0297aa0 --- /dev/null +++ b/helm/ct.yaml @@ -0,0 +1,12 @@ +# See https://github.com/helm/chart-testing#configuration +remote: origin +target-branch: main +chart-dirs: + - helm/ +chart-repos: + - jetstack=https://charts.jetstack.io + - bitnami=https://charts.bitnami.com/bitnami + - grafana=https://grafana.github.io/helm-charts + - ingress-nginx=https://kubernetes.github.io/ingress-nginx +helm-extra-args: --timeout 600s +validate-maintainers: false \ No newline at end of file From 26395011aabd0eeafec60a35411dc55b755b4aca Mon Sep 17 00:00:00 2001 From: Ildar Iskhakov Date: Tue, 21 Jun 2022 15:03:42 +0300 Subject: [PATCH 08/10] Remove trailing slash --- helm/ct.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/ct.yaml b/helm/ct.yaml index c0297aa0..ac6439b6 100644 --- a/helm/ct.yaml +++ b/helm/ct.yaml @@ -2,7 +2,7 @@ remote: origin target-branch: main chart-dirs: - - helm/ + - helm chart-repos: - jetstack=https://charts.jetstack.io - bitnami=https://charts.bitnami.com/bitnami From 8783a3aa6e81ba46ad7bf0d0931e22b89e0eff45 Mon Sep 17 00:00:00 2001 From: Jack Baldry Date: Tue, 21 Jun 2022 13:46:56 +0100 Subject: [PATCH 09/10] Allow workflow to silently succeed if nothing is to be committed Signed-off-by: Jack Baldry --- .github/workflows/publish-technical-documentation-release.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/publish-technical-documentation-release.yml b/.github/workflows/publish-technical-documentation-release.yml index ace2f629..707e20c7 100644 --- a/.github/workflows/publish-technical-documentation-release.yml +++ b/.github/workflows/publish-technical-documentation-release.yml @@ -72,3 +72,7 @@ jobs: source_folder: "docs/sources" # Append ".x" to target to produce a v..x directory. target_folder: "content/docs/oncall/${{ steps.target.outputs.target }}.x" + # Allow the workflow to succeed if there are no changes to commit. + # This is only going to be true on tags as those events ignore the path + # filter in the workflow `on.push` section. + allow_no_changes: "true" From 622bc4eb06b8a3f6c25c88358edc27923cbe0807 Mon Sep 17 00:00:00 2001 From: Ildar Iskhakov Date: Tue, 21 Jun 2022 16:13:29 +0300 Subject: [PATCH 10/10] Edit envs and remove tests --- helm/oncall/templates/_env.tpl | 2 ++ helm/oncall/templates/tests/test-connection.yaml | 15 --------------- 2 files changed, 2 insertions(+), 15 deletions(-) delete mode 100644 helm/oncall/templates/tests/test-connection.yaml diff --git a/helm/oncall/templates/_env.tpl b/helm/oncall/templates/_env.tpl index db8b3e14..d5b881f2 100644 --- a/helm/oncall/templates/_env.tpl +++ b/helm/oncall/templates/_env.tpl @@ -19,6 +19,8 @@ value: "admin" - name: OSS value: "True" +- name: UWSGI_LISTEN + value: "1024" {{- end }} {{- define "snippet.celery.env" -}} diff --git a/helm/oncall/templates/tests/test-connection.yaml b/helm/oncall/templates/tests/test-connection.yaml deleted file mode 100644 index fc82b110..00000000 --- a/helm/oncall/templates/tests/test-connection.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "oncall.fullname" . }}-test-connection" - labels: - {{- include "oncall.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": test -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "oncall.fullname" . }}:{{ .Values.service.port }}'] - restartPolicy: Never