feat: rename mirror to rsyncd-mirror, allow setting an ingress to…

… expose `rsyncd` service and add missing updatecli manifest (jenkins-infra#608)

* chore: rename `mirror` to `rsyncd-mirror` and add missing updatecli manifest

* no default whitelisted source IP

* allow setting an ingress to expose the rsyncd service

charts/mirror/Chart.yaml → charts/rsyncd-mirror/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
 appVersion: "1.0"
 description: A Helm chart which deploys a Jenkins mirror
-name: mirror
+name: rsyncd-mirror
 version: 0.1.23

charts/mirror/README.md → charts/rsyncd-mirror/README.md

@@ -1,4 +1,4 @@
-# Mirror
+# rsyncd-mirror
 
 This helm charts starts three containers:
 - One to synchronize remote Jenkins mirror with a local directory using rsync command from a cronjob

charts/mirror/templates/NOTES.txt → charts/rsyncd-mirror/templates/NOTES.txt

@@ -6,16 +6,16 @@
   {{- end }}
 {{- end }}
 {{- else if contains "NodePort" .Values.service.type }}
-  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mirror.fullname" . }})
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "rsyncd-mirror.fullname" . }})
   export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
   echo http://$NODE_IP:$NODE_PORT
 {{- else if contains "LoadBalancer" .Values.service.type }}
      NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "mirror.fullname" . }}'
-  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mirror.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "rsyncd-mirror.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "rsyncd-mirror.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
   echo http://$SERVICE_IP:{{ .Values.service.port }}
 {{- else if contains "ClusterIP" .Values.service.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mirror.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "rsyncd-mirror.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
   echo "Visit http://127.0.0.1:8080 to use your application"
   kubectl port-forward $POD_NAME 8080:80
 {{- end }}

charts/mirror/templates/_helpers.tpl → charts/rsyncd-mirror/templates/_helpers.tpl

@@ -2,7 +2,7 @@
 {{/*
 Expand the name of the chart.
 */}}
-{{- define "mirror.name" -}}
+{{- define "rsyncd-mirror.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
@@ -11,7 +11,7 @@ Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
-{{- define "mirror.fullname" -}}
+{{- define "rsyncd-mirror.fullname" -}}
 {{- if .Values.fullnameOverride -}}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
@@ -27,16 +27,16 @@ If release name contains chart name it will be used as a full name.
 {{/*
 Create chart name and version as used by the chart label.
 */}}
-{{- define "mirror.chart" -}}
+{{- define "rsyncd-mirror.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
 {{/*
 Common labels
 */}}
-{{- define "mirror.labels" -}}
-app.kubernetes.io/name: {{ include "mirror.name" . }}
-helm.sh/chart: {{ include "mirror.chart" . }}
+{{- define "rsyncd-mirror.labels" -}}
+app.kubernetes.io/name: {{ include "rsyncd-mirror.name" . }}
+helm.sh/chart: {{ include "rsyncd-mirror.chart" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}

charts/mirror/templates/configmap.yaml → charts/rsyncd-mirror/templates/configmap.yaml

@@ -2,7 +2,7 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: {{ include "mirror.fullname" . }}
+  name: {{ include "rsyncd-mirror.fullname" . }}
 data:
   httpd.conf: |
     ServerRoot "/usr/local/apache2"
@@ -521,7 +521,7 @@ data:
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: {{ include "mirror.fullname" . }}-cronjobs
+  name: {{ include "rsyncd-mirror.fullname" . }}-cronjobs
 data:
   root: |
     PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

charts/mirror/templates/deployment.yaml → charts/rsyncd-mirror/templates/deployment.yaml

@@ -1,21 +1,21 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{ include "mirror.fullname" . }}
+  name: {{ include "rsyncd-mirror.fullname" . }}
   labels:
-{{ include "mirror.labels" . | indent 4 }}
+{{ include "rsyncd-mirror.labels" . | indent 4 }}
 spec:
   replicas: {{ .Values.replicaCount }}
   strategy: 
     {{- toYaml .Values.strategy | nindent 4 }} 
   selector:
     matchLabels:
-      app.kubernetes.io/name: {{ include "mirror.name" . }}
+      app.kubernetes.io/name: {{ include "rsyncd-mirror.name" . }}
       app.kubernetes.io/instance: {{ .Release.Name }}
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: {{ include "mirror.name" . }}
+        app.kubernetes.io/name: {{ include "rsyncd-mirror.name" . }}
         app.kubernetes.io/instance: {{ .Release.Name }}
         checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum | trunc 63 }}
     spec:
@@ -101,17 +101,17 @@ spec:
       volumes:
         - name: conf
           configMap:
-            name: {{ include "mirror.fullname" . }}
+            name: {{ include "rsyncd-mirror.fullname" . }}
             items:
               - key: httpd.conf
                 path: httpd.conf
         {{- if .Values.persistent.volumeClaim.enabled }}
         - name: binary
           persistentVolumeClaim:
-            claimName:  {{ $.Values.persistent.volumeClaim.name | default (printf "%s-binary" (include "mirror.fullname" .))  }}
+            claimName:  {{ $.Values.persistent.volumeClaim.name | default (printf "%s-binary" (include "rsyncd-mirror.fullname" .))  }}
         {{- end }}
       {{- if .Values.synchronize.enabled }}
         - name: cronjobs
           configMap:
-            name: {{ include "mirror.fullname" . }}-cronjobs
+            name: {{ include "rsyncd-mirror.fullname" . }}-cronjobs
       {{- end }}

charts/rsyncd-mirror/templates/ingress-rsyncd.yaml

@@ -0,0 +1,42 @@
+{{- if .Values.ingressRsyncd.enabled -}}
+{{- $fullName := include "rsyncd-mirror.fullname" . -}}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+{{ include "rsyncd-mirror.labels" . | indent 4 }}
+  {{- with .Values.ingressRsyncd.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+{{- if .Values.ingressRsyncd.ingressClassName }}
+  ingressClassName: {{ .Values.ingressRsyncd.ingressClassName }}
+{{- end }}
+{{- if .Values.ingressRsyncd.tls }}
+  tls:
+  {{- range .Values.ingressRsyncd.tls }}
+    - hosts:
+      {{- range .hosts }}
+        - {{ . | quote }}
+      {{- end }}
+      secretName: {{ .secretName }}
+  {{- end }}
+{{- end }}
+  rules:
+  {{- range .Values.ingressRsyncd.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+        {{- range .paths }}
+          - path: {{ .path }}
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ $fullName }}-rsyncd
+                port:
+                  number: {{ int ($.Values.service.rsyncd.port) }}
+        {{- end }}
+  {{- end }}
+{{- end }}

charts/mirror/templates/ingress.yaml → charts/rsyncd-mirror/templates/ingress.yaml

@@ -1,11 +1,11 @@
 {{- if .Values.ingress.enabled -}}
-{{- $fullName := include "mirror.fullname" . -}}
+{{- $fullName := include "rsyncd-mirror.fullname" . -}}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: {{ $fullName }}
   labels:
-{{ include "mirror.labels" . | indent 4 }}
+{{ include "rsyncd-mirror.labels" . | indent 4 }}
   {{- with .Values.ingress.annotations }}
   annotations:
     {{- toYaml . | nindent 4 }}

charts/mirror/templates/persistentVolume.yaml → charts/rsyncd-mirror/templates/persistentVolume.yaml

@@ -3,9 +3,9 @@
 apiVersion: v1
 kind: PersistentVolume
 metadata:
-  name: {{ $.Values.persistent.volume.name | default (printf "%s-binary" (include "mirror.fullname" .))}}
+  name: {{ $.Values.persistent.volume.name | default (printf "%s-binary" (include "rsyncd-mirror.fullname" .))}}
   labels:
-    data: {{ $.Values.persistent.volume.name | default (printf "%s-binary" (include "mirror.fullname" .))}}
+    data: {{ $.Values.persistent.volume.name | default (printf "%s-binary" (include "rsyncd-mirror.fullname" .))}}
 spec:
 {{ toYaml $.Values.persistent.volume.spec | nindent 2 }}
 {{- end -}}

charts/mirror/templates/persistentVolumeClaim.yaml → charts/rsyncd-mirror/templates/persistentVolumeClaim.yaml

@@ -3,7 +3,7 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: {{ $.Values.persistent.volumeClaim.name | default (printf "%s-binary" (include "mirror.fullname" .))  }}
+  name: {{ $.Values.persistent.volumeClaim.name | default (printf "%s-binary" (include "rsyncd-mirror.fullname" .))  }}
 spec:
 {{ toYaml $.Values.persistent.volumeClaim.spec | nindent 2 }}
 {{- end -}}

charts/mirror/templates/secret.yaml → charts/rsyncd-mirror/templates/secret.yaml

@@ -3,7 +3,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ $.Values.persistent.volumeClaim.name | default (printf "%s-binary" (include "mirror.fullname" .))  }}
+  name: {{ $.Values.persistent.volumeClaim.name | default (printf "%s-binary" (include "rsyncd-mirror.fullname" .))  }}
 type: Opaque
 data:
   {{- range $key, $val := .Values.persistent.secret.data }}

charts/mirror/templates/service-rsyncd.yaml → charts/rsyncd-mirror/templates/service-rsyncd.yaml

@@ -1,9 +1,9 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ include "mirror.fullname" . }}-rsyncd
+  name: {{ include "rsyncd-mirror.fullname" . }}-rsyncd
   labels:
-{{ include "mirror.labels" . | indent 4 }}
+{{ include "rsyncd-mirror.labels" . | indent 4 }}
 spec:
   type: {{ .Values.service.rsyncd.type }}
   {{- if eq .Values.service.rsyncd.type "LoadBalancer" }}
@@ -22,5 +22,5 @@ spec:
       protocol: TCP
       name: rsyncd
   selector:
-    app.kubernetes.io/name: {{ include "mirror.name" . }}
+    app.kubernetes.io/name: {{ include "rsyncd-mirror.name" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}

charts/mirror/templates/service-web.yaml → charts/rsyncd-mirror/templates/service-web.yaml

@@ -1,9 +1,9 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ include "mirror.fullname" . }}
+  name: {{ include "rsyncd-mirror.fullname" . }}
   labels:
-{{ include "mirror.labels" . | indent 4 }}
+{{ include "rsyncd-mirror.labels" . | indent 4 }}
 spec:
   type: {{ .Values.service.web.type }}
   {{- if eq .Values.service.web.type "LoadBalancer" }}
@@ -22,5 +22,5 @@ spec:
       protocol: TCP
       name: http
   selector:
-    app.kubernetes.io/name: {{ include "mirror.name" . }}
+    app.kubernetes.io/name: {{ include "rsyncd-mirror.name" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}

charts/mirror/templates/tests/test-connection.yaml → charts/rsyncd-mirror/templates/tests/test-connection.yaml

@@ -1,15 +1,15 @@
 apiVersion: v1
 kind: Pod
 metadata:
-  name: "{{ include "mirror.fullname" . }}-test-connection"
+  name: "{{ include "rsyncd-mirror.fullname" . }}-test-connection"
   labels:
-{{ include "mirror.labels" . | indent 4 }}
+{{ include "rsyncd-mirror.labels" . | indent 4 }}
   annotations:
     "helm.sh/hook": test-success
 spec:
   containers:
     - name: wget
       image: busybox
       command: ['wget']
-      args:  ['{{ include "mirror.fullname" . }}:{{ .Values.service.port }}']
+      args:  ['{{ include "rsyncd-mirror.fullname" . }}:{{ .Values.service.port }}']
   restartPolicy: Never

charts/mirror/values.yaml → charts/rsyncd-mirror/values.yaml

@@ -1,4 +1,4 @@
-# Default values for mirror.
+# Default values for rsyncd-mirror.
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.
 
@@ -38,13 +38,13 @@ service:
     type: ClusterIP
     port: 873
     #    IP:
-    whitelisted_sources:
-      - 52.167.253.43/32
-      - 52.202.51.185/32
+    whitelisted_sources: []
+      # - 52.167.253.43/32
+      # - 52.202.51.185/32
 # ingress:
 #  enabled: true
 #  annotations: 
-#    "cert-manager.io/cluster-issuer": "letsencrypt-prod"
+#    "cert-manager.io/cluster-issuer": "letsencrypt-staging"
 #    "nginx.ingress.kubernetes.io/proxy-body-size": "500m"
 #
 #  hosts:
@@ -53,6 +53,17 @@ service:
 #    - secretName: releasemirror-tls
 #      hosts:
 #        - mirror.jenkins.io
+ingressRsyncd:
+ enabled: false
+ annotations: 
+   "cert-manager.io/cluster-issuer": "letsencrypt-staging"
+
+ hosts:
+   - host: rsyncd.mirror.jenkins.io
+ tls:
+   - secretName: rsyncd-releasemirror-tls
+     hosts:
+       - rsyncd.mirror.jenkins.io
 resources:
   web:
     limits:
@@ -80,11 +91,11 @@ tolerations: []
 affinity: {}
 persistent:
   volume:
-    name: mirror-binary
+    name: rsyncd-mirror-binary
     enabled: false
     spec: {}
   volumeClaim:
-    name: mirror-binary
+    name: rsyncd-mirror-binary
     enabled: false
     spec:
       storageClassName: default
@@ -94,7 +105,7 @@ persistent:
         requests:
           storage: 200Gi
   secret:
-    name: mirror-binary
+    name: rsyncd-mirror-binary
     enabled: false
     data: {}
 synchronize:

updatecli/updatecli.d/rsyncd-mirror.yaml

@@ -0,0 +1,47 @@
+name: Bump `rsyncd-mirror` docker image digest and helm chart version
+
+scms:
+  default:
+    kind: github
+    spec:
+      user: "{{ .github.user }}"
+      email: "{{ .github.email }}"
+      owner: "{{ .github.owner }}"
+      repository: "{{ .github.repository }}"
+      token: "{{ requiredEnv .github.token }}"
+      username: "{{ .github.username }}"
+      branch: "{{ .github.branch }}"
+
+sources:
+  rsyncd:
+    kind: dockerdigest
+    name: "Get jenkinsciinfra/rsyncd:cron-latest docker image digest"
+    spec:
+      image: "jenkinsciinfra/rsyncd"
+      tag: "cron-latest"
+      architecture: "amd64"
+    transformers:
+      - trimprefix: 'sha256:'
+
+# no condition to test docker image availability as we're using a digest from docker hub
+
+targets:
+  updateChart:
+    name: Update rsyncd helm chart
+    kind: helmchart
+    sourceid: rsyncd
+    spec:
+      name: charts/rsyncd-mirror
+      key: image.rsync.tag
+      versionincrement: patch
+    scmid: default
+
+actions:
+  default:
+    kind: github/pullrequest
+    scmid: default
+    title: Bump `rsyncd-mirror` docker image to {{ source "rsyncd" }}
+    spec:
+      labels:
+        - dependencies
+        - rsyncd