feat: update chart to 107.84.12 (#13)

* feat: update chart to 107.84.12

* docs: updated docs to be more accurate and mimic upstream UDS

* chore: lint

* feat: update actions to v0.4.5

* Setting resource limits

* chore: lint

* gimme the logs

* gimme the logs part 2

* Go further beyond

* ci: changed to use uds-ubuntu-big-boy-8-core

* ci: restricted only test to use larger runner

.github/workflows/commitlint.yaml

@@ -12,4 +12,4 @@ on:
 jobs:
   validate:
     name: Validate
-    uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@b2e8b25930c953ef893e7c787fe350f0d8679ee2 # v0.4.2
+    uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@11e591f2ec7d158923d973c85097ce28a5f55db4 # v0.4.5

.github/workflows/lint.yaml

@@ -20,7 +20,7 @@ jobs:
           fetch-depth: 0
 
       - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@b2e8b25930c953ef893e7c787fe350f0d8679ee2 # v0.4.2
+        uses: defenseunicorns/uds-common/.github/actions/setup@11e591f2ec7d158923d973c85097ce28a5f55db4 # v0.4.5
         with:
           registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
           registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}

.github/workflows/tag-and-release.yaml

@@ -9,7 +9,7 @@ jobs:
   tag-new-version:
     name: Tag New Version
     permissions: write-all
-    runs-on: ubuntu-latest
+    runs-on: uds-ubuntu-big-boy-8-core
     outputs:
       release_created: ${{ steps.release-flag.outputs.release_created }}
     steps:
@@ -36,7 +36,7 @@ jobs:
       - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
 
       - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@b2e8b25930c953ef893e7c787fe350f0d8679ee2 # v0.4.2
+        uses: defenseunicorns/uds-common/.github/actions/setup@11e591f2ec7d158923d973c85097ce28a5f55db4 # v0.4.5
         with:
           registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
           registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
@@ -47,6 +47,6 @@ jobs:
 
       - name: Save logs
         if: always()
-        uses: defenseunicorns/uds-common/.github/actions/save-logs@b2e8b25930c953ef893e7c787fe350f0d8679ee2 # v0.4.2
+        uses: defenseunicorns/uds-common/.github/actions/save-logs@11e591f2ec7d158923d973c85097ce28a5f55db4 # v0.4.5
         with:
           suffix: '${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}'

.github/workflows/test.yaml

@@ -34,7 +34,7 @@ permissions:
 jobs:
   run-test:
     name: ${{ matrix.type }} ${{ matrix.flavor }}
-    runs-on: ubuntu-latest
+    runs-on: uds-ubuntu-big-boy-8-core
     timeout-minutes: 25
     strategy:
       matrix:
@@ -48,20 +48,44 @@ jobs:
         uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
 
       - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@b2e8b25930c953ef893e7c787fe350f0d8679ee2 # v0.4.2
+        uses: defenseunicorns/uds-common/.github/actions/setup@11e591f2ec7d158923d973c85097ce28a5f55db4 # v0.4.5
         with:
           registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
           registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
           ghToken: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Test
-        uses: defenseunicorns/uds-common/.github/actions/test@b2e8b25930c953ef893e7c787fe350f0d8679ee2 # v0.4.2
+        uses: defenseunicorns/uds-common/.github/actions/test@11e591f2ec7d158923d973c85097ce28a5f55db4 # v0.4.5
         with:
           flavor: ${{ matrix.flavor }}
           type: ${{ matrix.type }}
 
       - name: Save logs
         if: always()
-        uses: defenseunicorns/uds-common/.github/actions/save-logs@b2e8b25930c953ef893e7c787fe350f0d8679ee2 # v0.4.2
+        uses: defenseunicorns/uds-common/.github/actions/save-logs@11e591f2ec7d158923d973c85097ce28a5f55db4 # v0.4.5
         with:
           suffix: ${{ matrix.type }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}
+
+      - name: Print cluster info
+        if: always()
+        shell: bash -e -o pipefail {0}
+        run: |
+          kubectl get nodes -o wide
+
+      - name: Print pod info
+        if: always()
+        shell: bash -e -o pipefail {0}
+        run: |
+          kubectl get pods -A -o wide
+
+      - name: Print service info
+        if: always()
+        shell: bash -e -o pipefail {0}
+        run: |
+          kubectl get svc -A -o wide
+
+      - name: Print events
+        if: always()
+        shell: bash -e -o pipefail {0}
+        run: |
+          kubectl get events -A -o wide

README.md

@@ -1,69 +1,51 @@
-# uds-package-artifactory
+# 🚚 UDS Artifactory Zarf Package
 
-Bigbang [Artifactory](https://repo1.dso.mil/big-bang/apps/third-party/jfrog-platform) deployed via flux by zarf
+[![Latest Release](https://img.shields.io/github/v/release/defenseunicorns/uds-package-artifactory)](https://github.com/defenseunicorns/uds-package-artifactory/releases)
+[![Build Status](https://img.shields.io/github/actions/workflow/status/defenseunicorns/uds-package-artifactory/tag-and-release.yaml)](https://github.com/defenseunicorns/uds-package-artifactory/actions/workflows/tag-and-release.yaml)
+[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/defenseunicorns/uds-package-artifactory/badge)](https://api.securityscorecards.dev/projects/github.com/defenseunicorns/uds-package-artifactory)
 
-## Deployment Prerequisites
+This package is designed to be deployed on [UDS Core](https://github.com/defenseunicorns/uds-core), and is based on the upstream [Artifactory](https://github.com/jfrog/charts/tree/master/stable/artifactory) chart.
 
-### Resources
+## Pre-requisites
 
-- Minimum compute requirements for single node deployment are at LEAST 64 GB RAM and 32 virtual CPU threads (aws `m6i.8xlarge` instance type should do)
-- k3d installed on machine
+The Artifactory Package expects to be deployed on top of [UDS Core](https://github.com/defenseunicorns/uds-core) with the dependencies listed below being configured prior to deployment.
 
-#### General
+> [!IMPORTANT]
+> **NOTE**: Many features are locked behind a license. Some notable features include:
+> - In place upgrades
+> - Single sign-on capabilities
 
-- Create `artifactory` namespace
-- Label `artifactory` namespace with `istio-injection: enabled`
+Artifactory is configured by default to assume the internal dependencies that are used for testing (see postgres in the [bundle](bundle/uds-bundle.yaml)).
 
 #### Database
 
-- A Postgres database is running on port `5432` and accessible to the cluster
-- This database can be logged into via the user configured with the zarf var `ARTIFACTORY_DB_USERNAME`. Default is `artifactory`
-- This database instance has a psql database configured with the zarf var `ARTIFACTORY_DB_NAME`. Default is `artifactorydb`
+- A Postgres database is running on port `5432` and accessible to the cluster via the `ARTIFACTORY_DB_ENDPOINT` Zarf var.
+- This database can be logged into via the username configured with the Zarf var `ARTIFACTORY_DB_USERNAME`. Default is `artifactory.artifactory`
+- This database instance has a psql database created matching what is defined in the Zarf var `ARTIFACTORY_DB_NAME`. Default is `artifactorydb`
 - The user has read/write access to the above mentioned database
 - Create `artifactory-postgres` service in `artifactory` namespace that points to the psql database
 - Create `artifactory-postgres` secret in `artifactory` namespace with the key `password` that contains the password to the user for the psql database
 
-## Deploy
+## Flavors
 
-### Use zarf to login to the needed registries i.e. registry1.dso.mil
+| Flavor | Description | Example Creation |
+| ------ | ----------- | ---------------- |
+| registry1 | Uses images from registry1.dso.mil within the package. | `zarf package create . -f registry1` |
 
-```bash
-# Download Zarf
-make build/zarf
+> [!IMPORTANT]
+> **NOTE:** To create the registry1 flavor you will need to be logged into Iron Bank - you can find instructions on how to do this in the [Big Bang Zarf Tutorial](https://docs.zarf.dev/tutorials/6-big-bang/#setup).
 
-# Login to the registry
-set +o history
+## Releases
 
-# registry1.dso.mil (To access registry1 images needed during build time)
-export REGISTRY1_USERNAME="YOUR-USERNAME-HERE"
-export REGISTRY1_TOKEN="YOUR-TOKEN-HERE"
-echo $REGISTRY1_TOKEN | build/zarf tools registry login registry1.dso.mil --username $REGISTRY1_USERNAME --password-stdin
+The released packages can be found in [ghcr](https://github.com/defenseunicorns/uds-package-artifactory/pkgs/container/packages%2Fuds%2Fartifactory).
 
-set -o history
-```
+## UDS Tasks (for local dev and CI)
 
-### Build and Deploy Everything via Makefile and local package
+*For local dev, this requires you install [uds-cli](https://github.com/defenseunicorns/uds-cli?tab=readme-ov-file#install)
 
-```bash
-# This will run make build/all, make cluster/reset, and make deploy/all. Follow the breadcrumbs in the Makefile to see what and how its doing it.
-make all
-```
+> [!TIP]
+> To get a list of tasks to run you can use `uds run --list`!
 
-## Declare This Package In Your UDS Bundle
+## Contributing
 
-Below is an example of how to use this projects zarf package in your UDS Bundle
-
-```yaml
-kind: UDSBundle
-metadata:
-  name: example-bundle
-  description: An Example UDS Bundle
-  version: 0.0.1
-  architecture: amd64
-
-packages:
-  # Artifactory
-  - name: artifactory
-    repository: ghcr.io/defenseunicorns/uds/artifactory
-    ref: x.x.x
-```
+Please see the [CONTRIBUTING.md](./CONTRIBUTING.md)

common/zarf.yaml

@@ -0,0 +1,23 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/defenseunicorns/zarf/main/zarf.schema.json
+kind: ZarfPackageConfig
+metadata:
+  name: artifactory-common
+  description: "UDS Artifactory Common Package"
+
+components:
+  - name: artifactory
+    required: true
+    charts:
+      - name: uds-artifactory-config
+        namespace: artifactory
+        version: 0.1.0
+        localPath: ../chart
+      # renovate: datasource=helm
+      - name: artifactory
+        namespace: artifactory
+        url: https://charts.jfrog.io
+        version: 107.84.12
+        repoName: artifactory
+        releaseName: artifactory
+        valuesFiles:
+          - ../values/common.yaml

tasks.yaml

@@ -2,11 +2,11 @@ includes:
   - cleanup: ./tasks/cleanup.yaml
   - dependencies: ./tasks/dependencies.yaml
   - test: ./tasks/test.yaml
-  - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.2/tasks/create.yaml
-  - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.2/tasks/lint.yaml
-  - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.2/tasks/pull.yaml
-  - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.2/tasks/deploy.yaml
-  - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.2/tasks/setup.yaml
+  - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.5/tasks/create.yaml
+  - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.5/tasks/lint.yaml
+  - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.5/tasks/pull.yaml
+  - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.5/tasks/deploy.yaml
+  - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.5/tasks/setup.yaml
 
 tasks:
   - name: default

tasks/publish.yaml

@@ -1,7 +1,7 @@
 includes:
   - dependencies: ./dependencies.yaml
-  - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.2/tasks/create.yaml
-  - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.2/tasks/publish.yaml
+  - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.5/tasks/create.yaml
+  - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.5/tasks/publish.yaml
 
 tasks:
   - name: package

values/registry1-values.yaml → values/common.yaml

@@ -1,22 +1,7 @@
-global:
-  imagePullSecrets:
-    - name: private-registry
-initContainerImage: registry1.dso.mil/ironbank/redhat/ubi/ubi9-minimal:9.4
 artifactory:
-  name: artifactory
-  image:
-    registry: registry1.dso.mil
-    repository: ironbank/jfrog/artifactory/artifactory
-    tag: 7.77.5
   license:
     secret: ###ZARF_VAR_LICENSE_SECRET_NAME###
     dataKey: ###ZARF_VAR_LICENSE_SECRET_KEY###
-router:
-  name: router
-  image:
-    registry: registry1.dso.mil
-    repository: ironbank/jfrog/jfrog-xray/router
-    tag: 7.87.0
 database:
   type: postgresql
   driver: org.postgresql.Driver
@@ -30,7 +15,6 @@ database:
     url:
       name: artifactory-postgres
       key: url
-installerInfo: '{"productId":"ironbank_helm_artifactory-pro/10.14.4","features":[{"featureId":"Partner/ACC-013116"}]}'
 nginx:
   enabled: false
 postgresql:

values/registry1.yaml

@@ -0,0 +1,21 @@
+global:
+  imagePullSecrets:
+    - name: private-registry
+initContainers:
+  image:
+    registry: registry1.dso.mil
+    repository: ironbank/redhat/ubi/ubi9-minimal
+    tag: 9.4
+artifactory:
+  name: artifactory
+  image:
+    registry: registry1.dso.mil
+    repository: ironbank/jfrog/artifactory/artifactory
+    tag: 7.77.5
+router:
+  name: router
+  image:
+    registry: registry1.dso.mil
+    repository: ironbank/jfrog/jfrog-xray/router
+    tag: 7.87.0
+installerInfo: '{"productId":"ironbank_helm_artifactory-pro/10.14.4","features":[{"featureId":"Partner/ACC-013116"}]}'

zarf.yaml

@@ -19,22 +19,16 @@ components:
   - name: artifactory
     required: true
     description: "Deploy artifactory"
+    import:
+      path: common
     only:
       flavor: registry1
+      cluster:
+        architecture: amd64
     charts:
-      - name: uds-artifactory-config
-        namespace: artifactory
-        version: 0.1.0
-        localPath: chart
-      # renovate: datasource=helm
       - name: artifactory
-        url: https://charts.jfrog.io
-        version: 107.77.12
-        namespace: artifactory
-        repoName: artifactory
-        releaseName: artifactory
         valuesFiles:
-          - values/registry1-values.yaml
+          - values/registry1.yaml
     images:
       - registry1.dso.mil/ironbank/jfrog/artifactory/artifactory:7.77.5
       - registry1.dso.mil/ironbank/jfrog/jfrog-xray/router:7.87.0