Deep merge

SCT-Engineering · Apr 17, 2025 · 0d247ed · 0d247ed
2 parents f080752 + 85e6d6d
commit 0d247ed
Show file tree

Hide file tree

Showing 10 changed files with 123 additions and 197 deletions.
diff --git a/.github/workflows/terraform-release.yaml b/.github/workflows/terraform-release.yaml
@@ -0,0 +1,73 @@
+name: Terraform CI/CD
+on:
+  workflow_dispatch:
+  pull_request:
+    types: [closed]
+    branches:
+      - main
+jobs:
+  terraform-ci-cd:
+    runs-on: 229685449397
+    permissions:
+      contents: write
+
+    steps:
+      - name: Checkout code
+        uses: CSVD/gh-actions-checkout@v4
+
+      - name: Setup Terraform
+        uses: CSVD/gh-actions-setup-terraform@v3
+        with:
+          terraform_version: "1.9.1"
+
+      - name: Setup GITHUB Credentials
+        id: github_credentials
+        uses: CSVD/gh-auth@main
+        with:
+          github_app_pem_file: ${{ secrets.GH_APP_PEM_FILE }}
+          github_app_installation_id: ${{ vars.GH_APP_INSTALLATION_ID }}
+          github_app_id: ${{ vars.GH_APP_ID }}
+
+
+      - name: Debug Authentication
+        run: |
+          # Print the GitHub server URL
+          echo "GitHub Server URL: ${{ github.server_url }}"
+
+          # Extract the host from the URL
+          HOST="${{ github.server_url }}"
+          HOST="${HOST#*//}"
+          HOST="${HOST%%/*}"
+          echo "GitHub Host: $HOST"
+
+          # Check if token exists
+          if [[ -n "${{ steps.github_credentials.outputs.github_token }}" ]]; then
+            echo "Token generated successfully"
+            # Test the token with a simple GitHub API call (without exposing the token)
+            STATUS=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Bearer ${{ steps.github_credentials.outputs.github_token }}" "${{ github.server_url }}/api/v3/user")
+            echo "API Test Status Code: $STATUS"
+          else
+            echo "No token was generated!"
+          fi
+
+      - name: Setup GitHub CLI
+        run: |
+          # Force manual authentication since setup-git might not work with GitHub Enterprise
+          echo "${{ steps.github_credentials.outputs.github_token }}" > /tmp/token.txt
+          gh auth login --with-token --hostname "github.e.it.census.gov" < /tmp/token.txt
+          rm /tmp/token.txt
+
+          # Test GitHub CLI auth status
+          gh auth status || echo "GitHub CLI authentication failed"
+
+      - name: AWS Auth
+        id: aws_auth
+        uses: CSVD/aws-auth@main
+        with:
+          ecs: true
+
+      - name: Run Terraform Module Release Action
+        uses: CSVD/terraform-module-release@main
+        with:
+          github-token: ${{ steps.github_credentials.outputs.github_token }}
+          working-directory: '.'
diff --git a/.github/workflows/terraform-validate.yaml b/.github/workflows/terraform-validate.yaml
@@ -0,0 +1,42 @@
+name: Terraform Validate
+on:
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+
+  terraform-validate:
+    runs-on: "229685449397"
+    permissions:
+      contents: write
+    steps:
+      - name: Checkout code
+        uses: CSVD/gh-actions-checkout@v4
+
+      - name: Setup Terraform
+        uses: CSVD/gh-actions-setup-terraform@v2
+        with:
+          terraform_version: '1.7.3'
+
+      - name: Validate Terraform Configuration
+        id: validate
+        uses: CSVD/terraform-validate@main
+
+      - name: Check Validation/Test Results
+        if: always()
+        run: |
+          # Set default values if outputs are empty
+          IS_VALID="${{ steps.validate.outputs.is_valid }}"
+          TESTS_PASSED="${{ steps.validate.outputs.tests_passed }}"
+
+          # If outputs are empty, set them to false
+          [ -z "$IS_VALID" ] && IS_VALID="false"
+          [ -z "$TESTS_PASSED" ] && TESTS_PASSED="false"
+
+          if [[ "$IS_VALID" != "true" || "$TESTS_PASSED" != "true" ]]; then
+            echo "Validation or test errors found:"
+            echo "${{ steps.validate.outputs.stderr }}"
+            exit 1
+          else
+            echo "All validations and tests passed successfully!"
+          fi
diff --git a/.github/workflows/terragrunt-cicd.yml b/.github/workflows/terragrunt-cicd.yml
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -37,7 +37,7 @@ repos:
 
 # Terraform Hooks
 - repo: https://github.com/antonbabenko/pre-commit-terraform
-  rev: v1.96.1 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases
+  rev: v1.98.0 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases
   hooks:
     - id: terraform_fmt
       args:
@@ -94,6 +94,6 @@ repos:
     #     - --hook-config=--parallelism-ci-cpu-cores=2
 
 - repo: https://github.com/ljnsn/cz-conventional-gitmoji
-  rev: v0.6.1
+  rev: v0.7.0
   hooks:
     - id: conventional-gitmoji
diff --git a/README.md b/README.md
@@ -19,8 +19,8 @@
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_images"></a> [images](#module\_images) | git@github.e.it.census.gov:terraform-modules/aws-ecr-copy-images.git/ | tf-upgrade |
-| <a name="module_ingress_resources"></a> [ingress\_resources](#module\_ingress\_resources) | git@github.e.it.census.gov:SCT-Engineering/tfmod-istio-service-ingress.git | main |
+| <a name="module_images"></a> [images](#module\_images) | git::https://github.e.it.census.gov/terraform-modules/aws-ecr-copy-images.git/ | tf-upgrade |
+| <a name="module_ingress_resources"></a> [ingress\_resources](#module\_ingress\_resources) | git::https://github.e.it.census.gov/SCT-Engineering/tfmod-istio-service-ingress.git | main |
 
 ## Resources
 

diff --git a/copy_images.tf b/copy_images.tf
@@ -26,7 +26,7 @@ locals {
 }
 
 module "images" {
-  source = "git@github.e.it.census.gov:terraform-modules/aws-ecr-copy-images.git/?ref=tf-upgrade"
+  source = "git::https://github.e.it.census.gov/terraform-modules/aws-ecr-copy-images.git/?ref=tf-upgrade"
 
   profile          = var.profile
   application_name = var.cluster_name

diff --git a/kiali-operator/values.yaml b/kiali-operator/values.yaml
@@ -2,8 +2,8 @@ nameOverride: ""
 fullnameOverride: ""
 
 image: # see: https://quay.io/repository/kiali/kiali-operator?tab=tags
-  repo: ${HELM_IMAGE_REPO} # quay.io/kiali/kiali-operator
-  tag: ${HELM_IMAGE_TAG} # version string like v1.39.0 or a digest hash
+  repo: quay.io/kiali/kiali-operator # quay.io/kiali/kiali-operator
+  tag: v2.7.1 # version string like v1.39.0 or a digest hash
   digest: "" # use "sha256" if tag is a sha256 hash (do NOT prefix this value with a "@")
   pullPolicy: Always
   pullSecrets: []
@@ -102,4 +102,4 @@ cr:
 
   spec:
     deployment:
-      cluster_wide_access: true
+      cluster_wide_access: true
diff --git a/kiali-server/.helmignore b/kiali-server/.helmignore
diff --git a/kiali-server/templates/NOTES.txt b/kiali-server/templates/NOTES.txt
diff --git a/kiali-server/templates/_helpers.tpl b/kiali-server/templates/_helpers.tpl