diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index a3c1205237..67d55d7435 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -122,3 +122,85 @@ jobs: with: python-version: '3.10' - run: ./internal/testing/e2e/e2e + + tilt-ci: + name: Run 'tilt ci' + runs-on: + labels: ubuntu-latest + timeout-minutes: 30 + steps: + - name: Install tools + shell: bash + run: | + sudo apt-get install -y git uuid-runtime + + # tilt -- https://raw.githubusercontent.com/tilt-dev/tilt/master/scripts/install.sh + case $(uname -m) in + aarch64) ARCH=arm64;; + armv7l) ARCH=arm;; + *) ARCH=$(uname -m);; + esac + VERSION=0.32.0 + curl -fsSL https://github.com/tilt-dev/tilt/releases/download/v$VERSION/tilt.$VERSION.linux.$ARCH.tar.gz | tar -xzvC /usr/local/bin tilt + + # helm + case $(uname -m) in + aarch64) ARCH=arm64;; + armv7l) ARCH=arm;; + x86_64) ARCH=amd64;; + *) ARCH=$(uname -m);; + esac + VERSION=3.12.0 + curl -fsSL https://get.helm.sh/helm-v$VERSION-linux-$ARCH.tar.gz | tar --strip-components=1 -xzvC /usr/local/bin linux-$ARCH/helm + + # ctlptl - https://github.com/tilt-dev/ctlptl/blob/main/INSTALL.md + CTLPTL_VERSION="0.8.19" + curl -fsSL https://github.com/tilt-dev/ctlptl/releases/download/v$CTLPTL_VERSION/ctlptl.$CTLPTL_VERSION.linux.x86_64.tar.gz | sudo tar -xzv -C /usr/local/bin ctlptl + + # kind - https://kind.sigs.k8s.io/docs/user/quick-start/#installing-from-release-binaries + # For AMD64 / x86_64 + [ $(uname -m) = x86_64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.19.0/kind-linux-amd64 + # For ARM64 + [ $(uname -m) = aarch64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.19.0/kind-linux-arm64 + chmod +x ./kind + sudo mv ./kind /usr/local/bin/kind + - name: Install GoReleaser + uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0 + with: + install-only: true + - name: Checkout code + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # tag=v3 + - name: setup-go + uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # tag=v3.2.1 + with: + go-version: '1.19' + - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} + - name: Setup the project + run: go mod download + - name: Setup kind cluster + shell: bash + run: | + ctlptl create cluster kind --registry=ctlptl-registry + - name: Run 'tilt ci' + shell: bash + run: | + tilt ci + - name: Diag after failure + if: ${{ failure() }} + shell: bash + run: | + echo "K8S CLUSTER STATUS" + kubectl get all + + echo "" + + for pod in $(kubectl get pod | awk '$1 != "NAME" { print $1; }') + do + echo "" + echo "=== DIAG POD ${pod} ===" + echo "" + kubectl describe "pod/${pod#pod/}" | sed 's,^, ,' + done diff --git a/.tiltignore b/.tiltignore new file mode 100644 index 0000000000..ba52ca592e --- /dev/null +++ b/.tiltignore @@ -0,0 +1,4 @@ +**/.entc +**/ent/ +pkg/assembler/clients/generated/ +pkg/assembler/graphql/ diff --git a/Tiltfile b/Tiltfile new file mode 100644 index 0000000000..48c515f546 --- /dev/null +++ b/Tiltfile @@ -0,0 +1,20 @@ +allow_k8s_contexts('kind-kind') +analytics_settings(enable=False) + +load('ext://helm_remote', 'helm_remote') +helm_remote('nats', repo_url='https://nats-io.github.io/k8s/helm/charts/', repo_name='nats', values='k8s/tilt-nats-values.yaml') + +custom_build('local-organic-guac', "export GUAC_IMAGE=\"$EXPECTED_IMAGE\" && make container", deps='pkg/', tag="latest") +k8s_yaml('k8s/k8s.yaml') + +k8s_resource( + workload='guac-collectsub', + resource_deps=['nats'] +) + +k8s_resource( + workload='guac-graphql', + port_forwards=[ + port_forward(8080, 8080, name='graphql') + ] +) diff --git a/cmd/guaccollect/cmd/root.go b/cmd/guaccollect/cmd/root.go index 009d60dd5d..f37892c58f 100644 --- a/cmd/guaccollect/cmd/root.go +++ b/cmd/guaccollect/cmd/root.go @@ -18,6 +18,7 @@ package cmd import ( "fmt" "os" + "strings" "github.com/guacsec/guac/pkg/cli" "github.com/guacsec/guac/pkg/version" @@ -39,6 +40,10 @@ func init() { fmt.Fprintf(os.Stderr, "failed to bind flags: %v", err) os.Exit(1) } + + viper.SetEnvPrefix("GUAC") + viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_")) + viper.AutomaticEnv() } var rootCmd = &cobra.Command{ diff --git a/cmd/guacgql/cmd/root.go b/cmd/guacgql/cmd/root.go index 4f50189510..72aef44679 100644 --- a/cmd/guacgql/cmd/root.go +++ b/cmd/guacgql/cmd/root.go @@ -18,6 +18,7 @@ package cmd import ( "fmt" "os" + "strings" "github.com/guacsec/guac/pkg/cli" "github.com/guacsec/guac/pkg/version" @@ -85,6 +86,10 @@ func init() { fmt.Fprintf(os.Stderr, "failed to bind flags: %v", err) os.Exit(1) } + + viper.SetEnvPrefix("GUAC") + viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_")) + viper.AutomaticEnv() } func Execute() { diff --git a/cmd/guacgql/cmd/server.go b/cmd/guacgql/cmd/server.go index 4a7fa57851..091423d7b4 100644 --- a/cmd/guacgql/cmd/server.go +++ b/cmd/guacgql/cmd/server.go @@ -64,6 +64,8 @@ func startServer(cmd *cobra.Command) { srv.Use(tracer) } + http.HandleFunc("/healthz", healthHandler) + http.Handle("/query", srv) if flags.debug { http.Handle("/", playground.Handler("GraphQL playground", "/query")) @@ -157,3 +159,8 @@ func getGraphqlServer(ctx context.Context) (*handler.Server, error) { return srv, nil } + +func healthHandler(w http.ResponseWriter, r *http.Request) { + w.WriteHeader(http.StatusOK) + _, _ = fmt.Fprint(w, "Server is healthy") +} diff --git a/cmd/guacingest/cmd/root.go b/cmd/guacingest/cmd/root.go index d5becdf383..50c6128e49 100644 --- a/cmd/guacingest/cmd/root.go +++ b/cmd/guacingest/cmd/root.go @@ -18,6 +18,7 @@ package cmd import ( "fmt" "os" + "strings" "github.com/guacsec/guac/pkg/cli" "github.com/guacsec/guac/pkg/version" @@ -39,6 +40,10 @@ func init() { fmt.Fprintf(os.Stderr, "failed to bind flags: %v", err) os.Exit(1) } + + viper.SetEnvPrefix("GUAC") + viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_")) + viper.AutomaticEnv() } var rootCmd = &cobra.Command{ diff --git a/cmd/guacone/cmd/root.go b/cmd/guacone/cmd/root.go index a315d96a27..6eef730900 100644 --- a/cmd/guacone/cmd/root.go +++ b/cmd/guacone/cmd/root.go @@ -18,6 +18,7 @@ package cmd import ( "fmt" "os" + "strings" "github.com/guacsec/guac/pkg/cli" "github.com/guacsec/guac/pkg/version" @@ -39,6 +40,10 @@ func init() { fmt.Fprintf(os.Stderr, "failed to bind flags: %v", err) os.Exit(1) } + + viper.SetEnvPrefix("GUAC") + viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_")) + viper.AutomaticEnv() } var rootCmd = &cobra.Command{ diff --git a/k8s/k8s.yaml b/k8s/k8s.yaml new file mode 100644 index 0000000000..3e27711de3 --- /dev/null +++ b/k8s/k8s.yaml @@ -0,0 +1,167 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: guac-collectsub +spec: + replicas: 1 + selector: + matchLabels: + app: guac-collectsub + template: + metadata: + labels: + app: guac-collectsub + spec: + containers: + - name: guac-collectsub + image: local-organic-guac + command: ["/opt/guac/guaccsub"] + workingDir: /tmp + ports: + - containerPort: 2782 + readinessProbe: + exec: + command: + - wget + - --spider + - http://localhost:2782 + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +--- +apiVersion: v1 +kind: Service +metadata: + name: guac-collectsub +spec: + selector: + app: guac-collectsub + ports: + - protocol: TCP + port: 2782 + targetPort: 2782 + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: guac-graphql +spec: + replicas: 1 + selector: + matchLabels: + app: guac-graphql + template: + metadata: + labels: + app: guac-graphql + spec: + containers: + - name: guac-graphql + image: local-organic-guac + command: ["/opt/guac/guacgql"] + workingDir: /tmp + env: + - name: GUAC_GQL_DEBUG + value: "true" + ports: + - name: http-port + containerPort: 8080 + readinessProbe: + httpGet: + path: /healthz + port: http-port + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +--- +apiVersion: v1 +kind: Service +metadata: + name: guac-graphql +spec: + selector: + app: guac-graphql + ports: + - protocol: TCP + port: 8080 + targetPort: 8080 + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: guac-ingestor +spec: + replicas: 1 + selector: + matchLabels: + app: guac-ingestor + template: + metadata: + labels: + app: guac-ingestor + spec: + containers: + - name: guac-ingestor + image: local-organic-guac + command: ["/opt/guac/guacingest"] + workingDir: /tmp + env: + - name: GUAC_NATS_ADDR + value: nats://nats:4222 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: oci-collector +spec: + replicas: 1 + selector: + matchLabels: + app: oci-collector + template: + metadata: + labels: + app: oci-collector + spec: + containers: + - name: oci-collector + image: local-organic-guac + command: ["/opt/guac/guaccollect", "image"] + workingDir: /tmp + env: + - name: GUAC_NATS_ADDR + value: nats://nats:4222 + - name: GUAC_CSUB_ADDR + value: guac-collectsub:2782 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: depsdev-collector +spec: + replicas: 1 + selector: + matchLabels: + app: depsdev-collector + template: + metadata: + labels: + app: depsdev-collector + spec: + containers: + - name: depsdev-collector + image: local-organic-guac + command: ["/opt/guac/guaccollect", "deps_dev"] + workingDir: /tmp + env: + - name: GUAC_NATS_ADDR + value: nats://nats:4222 + - name: GUAC_CSUB_ADDR + value: guac-collectsub:2782 diff --git a/k8s/tilt-nats-values.yaml b/k8s/tilt-nats-values.yaml new file mode 100644 index 0000000000..5edc202bb4 --- /dev/null +++ b/k8s/tilt-nats-values.yaml @@ -0,0 +1,18 @@ +nats: + image: nats:alpine + + limits: + maxPayload: "64MB" + + jetstream: + enabled: true + + memStorage: + enabled: true + size: "128MB" + + fileStorage: + enabled: false + +cluster: + enabled: false