Make secret name consistent (apache#6739)

* Make secret name consistent
---

*Motivation*

Make the secret name consistent. And all secret names should
use the release name as the prefix.

* Update ci script

* Fix the file path

* Fix path

* Fix env

Co-authored-by: Sijie Guo <[email protected]>

.ci/chart_test.sh

@@ -29,8 +29,6 @@ FUNCTION=${FUNCTION:-"false"}
 
 source ${PULSAR_HOME}/.ci/helm.sh
 
-CHARTS_HOME="${PULSAR_HOME}/deployment/kubernetes/helm"
-
 # create cluster
 ci::create_cluster
 

.ci/clusters/values-bk-tls.yaml

@@ -17,6 +17,12 @@
 # under the License.
 #
 
+monitoring:
+  prometheus: false
+  grafana: false
+  node_exporter: false
+  alert_manager: false
+
 volumes:
   local_storage: true
 
@@ -27,6 +33,7 @@ affinity:
 # disable auto recovery
 components:
   autorecovery: false
+  pulsar_manager: fales
 
 zookeeper:
   replicaCount: 1
@@ -65,4 +72,4 @@ tls:
 # disable cert manager
 certs:
   internal_issuer:
-    enabled: false
+    enabled: false

.ci/clusters/values-broker-tls.yaml

@@ -17,6 +17,12 @@
 # under the License.
 #
 
+monitoring:
+  prometheus: false
+  grafana: false
+  node_exporter: false
+  alert_manager: false
+
 volumes:
   local_storage: true
 
@@ -27,6 +33,7 @@ affinity:
 # disable auto recovery
 components:
   autorecovery: false
+  pulsar_manager: false
 
 zookeeper:
   replicaCount: 1
@@ -67,4 +74,4 @@ tls:
 # disable cert-manager
 certs:
   internal_issuer:
-    enabled: false
+    enabled: false

.ci/clusters/values-function.yaml

@@ -17,6 +17,12 @@
 # under the License.
 #
 
+monitoring:
+  prometheus: false
+  grafana: false
+  node_exporter: false
+  alert_manager: false
+
 volumes:
   local_storage: true
 
@@ -27,6 +33,7 @@ affinity:
 # disable auto recovery
 components:
   autorecovery: false
+  pulsar_manager: false
 
 zookeeper:
   replicaCount: 1

.ci/clusters/values-jwt-asymmetric.yaml

@@ -17,6 +17,15 @@
 # under the License.
 #
 
+components:
+  pulsar_manager: false
+
+monitoring:
+  prometheus: false
+  grafana: false
+  node_exporter: false
+  alert_manager: false
+
 volumes:
   local_storage: true
 

.ci/clusters/values-jwt-symmetric.yaml

@@ -17,6 +17,15 @@
 # under the License.
 #
 
+components:
+  pulsar_manager: false
+
+monitoring:
+  prometheus: false
+  grafana: false
+  node_exporter: false
+  alert_manager: false
+
 volumes:
   local_storage: true
 

.ci/clusters/values-local-pv.yaml

@@ -17,6 +17,15 @@
 # under the License.
 #
 
+components:
+  pulsar_manager: false
+
+monitoring:
+  prometheus: false
+  grafana: false
+  node_exporter: false
+  alert_manager: false
+
 volumes:
   local_storage: true
 

.ci/clusters/values-pulsar-image.yaml

@@ -17,8 +17,17 @@
 # under the License.
 #
 
+components:
+  pulsar_manager: false
+
+monitoring:
+  prometheus: false
+  grafana: false
+  node_exporter: false
+  alert_manager: false
+
 volumes:
-  local_storage: true
+  persistence: false
 
 # disabled AntiAffinity
 affinity:

.ci/clusters/values-tls.yaml

@@ -17,6 +17,15 @@
 # under the License.
 #
 
+components:
+  pulsar_manager: false
+
+monitoring:
+  prometheus: false
+  grafana: false
+  node_exporter: false
+  alert_manager: false
+
 volumes:
   local_storage: true
 

.ci/clusters/values-zk-tls.yaml

@@ -17,6 +17,15 @@
 # under the License.
 #
 
+components:
+  pulsar_manager: false
+
+monitoring:
+  prometheus: false
+  grafana: false
+  node_exporter: false
+  alert_manager: false
+
 volumes:
   local_storage: true
 

.ci/clusters/values-zkbk-tls.yaml

@@ -17,6 +17,15 @@
 # under the License.
 #
 
+components:
+  pulsar_manager: false
+
+monitoring:
+  prometheus: false
+  grafana: false
+  node_exporter: false
+  alert_manager: false
+
 volumes:
   local_storage: true
 

.ci/helm.sh

@@ -19,11 +19,12 @@
 #
 
 BINDIR=`dirname "$0"`
-CHARTS_HOME=`cd ${BINDIR}/../deployment/kubernetes/helm/;pwd`
+PULSAR_HOME=`cd ${BINDIR}/..;pwd`
+CHARTS_HOME=${PULSAR_HOME}/deployment/kubernetes/helm
 OUTPUT_BIN=${CHARTS_HOME}/output/bin
+KIND_BIN=$OUTPUT_BIN/kind
 HELM=${OUTPUT_BIN}/helm
 KUBECTL=${OUTPUT_BIN}/kubectl
-KIND_BIN=$OUTPUT_BIN/kind
 NAMESPACE=pulsar
 CLUSTER=pulsar-ci
 CLUSTER_ID=$(uuidgen)
@@ -77,7 +78,7 @@ function ci::install_pulsar_chart() {
     ${KUBECTL} create namespace ${NAMESPACE}
     echo ${CHARTS_HOME}/scripts/pulsar/prepare_helm_release.sh -k ${CLUSTER} -n ${NAMESPACE} ${extra_opts}
     ${CHARTS_HOME}/scripts/pulsar/prepare_helm_release.sh -k ${CLUSTER} -n ${NAMESPACE} ${extra_opts}
-    ${CHARTS_HOME}/scripts/pulsar/upload_tls.sh -k ${CLUSTER} -d ${CHARTS_HOME}/../../../.ci/tls
+    ${CHARTS_HOME}/scripts/pulsar/upload_tls.sh -k ${CLUSTER} -d ${PULSAR_HOME}/.ci/tls
     sleep 10
 
     echo ${HELM} install --values ${value_file} ${CLUSTER} ${CHARTS_HOME}/pulsar

.ci/release.sh

@@ -0,0 +1,112 @@
+#!/usr/bin/env bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+BINDIR=`dirname "$0"`
+CHARTS_HOME=`cd ${BINDIR}/..;pwd`
+CHARTS_PKGS=${CHARTS_HOME}/.chart-packages
+CHARTS_INDEX=${CHARTS_HOME}/.chart-index
+CHARTS_REPO=${CHARTS_REPO:-"https://charts.streamnative.io"}
+OWNER=${OWNER:-streamnative}
+REPO=${REPO:-charts}
+GITHUB_TOKEN=${GITHUB_TOKEN:-"UNSET"}
+PUBLISH_CHARTS=${PUBLISH_CHARTS:-"false"}
+GITUSER=${GITUSER:-"UNSET"}
+GITEMAIL=${GITEMAIL:-"UNSET"}
+
+# hack/common.sh need this variable to be set
+PULSAR_CHART_HOME=${CHARTS_HOME}
+
+source ${CHARTS_HOME}/hack/common.sh
+source ${CHARTS_HOME}/.ci/git.sh
+
+# allow overwriting cr binary
+CR="docker run -v ${CHARTS_HOME}:/cr quay.io/helmpack/chart-releaser:v${CR_VERSION} cr"
+
+function release::ensure_dir() {
+    local dir=$1
+    if [[ -d ${dir} ]]; then
+        rm -rf ${dir}
+    fi
+    mkdir -p ${dir}
+}
+
+function release::find_changed_charts() {
+    local charts_dir=$1
+    echo $(git diff --find-renames --name-only "$latest_tag_rev" -- ${charts_dir} | cut -d '/' -f 2 | uniq)
+}
+
+function release::package_chart() {
+    local chart=$1
+    echo "Packaging chart '$chart'..."
+    helm package ${CHARTS_HOME}/charts/$chart --destination ${CHARTS_PKGS}
+}
+
+function release::upload_packages() {
+    ${CR} upload --owner ${OWNER} --git-repo ${REPO} -t ${GITHUB_TOKEN} --package-path /cr/.chart-packages
+}
+
+function release::update_chart_index() {
+    ${CR} index -o ${OWNER} -r ${REPO} -t "${GITHUB_TOKEN}" -c ${CHARTS_REPO} --index-path /cr/.chart-index --package-path /cr/.chart-packages
+}
+
+function release::publish_charts() {
+    git config user.email "${GITEMAIL}"
+    git config user.name "${GITUSER}"
+
+    git checkout gh-pages
+    cp --force ${CHARTS_INDEX}/index.yaml index.yaml
+    git add index.yaml
+    git commit --message="Publish new charts to ${CHARTS_REPO}" --signoff
+    git remote -v
+    git remote add sn https://${SNBOT_USER}:${GITHUB_TOKEN}@github.com/${OWNER}/${REPO} 
+    git push sn gh-pages 
+}
+
+# install cr
+# hack::ensure_cr
+docker pull quay.io/helmpack/chart-releaser:v${CR_VERSION}
+
+latest_tag=$(git::find_latest_tag)
+echo "Latest tag: $latest_tag"
+
+latest_tag_rev=$(git::get_revision "$latest_tag")
+echo "$latest_tag_rev $latest_tag (latest tag)"
+
+head_rev=$(git::get_revision HEAD)
+echo "$head_rev HEAD"
+
+if [[ "$latest_tag_rev" == "$head_rev" ]]; then
+    echo "Do nothing. Exiting ..."
+    exit
+fi
+
+release::ensure_dir ${CHARTS_PKGS}
+release::ensure_dir ${CHARTS_INDEX}
+
+for chart in $(release::find_changed_charts charts); do
+    release::package_chart ${chart}
+done
+
+release::upload_packages
+release::update_chart_index
+
+if [[ "x${PUBLISH_CHARTS}" == "xtrue" ]]; then
+    release::publish_charts
+fi

deployment/kubernetes/helm/pulsar/templates/_autorecovery.tpl

@@ -47,15 +47,15 @@ Define autorecovery tls certs volumes
 {{- if and .Values.tls.enabled .Values.tls.zookeeper.enabled }}
 - name: autorecovery-certs
   secret:
-    secretName: "{{ template "pulsar.fullname" . }}-{{ .Values.tls.autorecovery.cert_name }}"
+    secretName: "{{ .Release.Name }}-{{ .Values.tls.autorecovery.cert_name }}"
     items:
     - key: tls.crt
       path: tls.crt
     - key: tls.key
       path: tls.key
 - name: ca
   secret:
-    secretName: "{{ template "pulsar.fullname" . }}-ca-tls"
+    secretName: "{{ .Release.Name }}-ca-tls"
     items:
     - key: ca.crt
       path: ca.crt
@@ -77,4 +77,4 @@ bin/apply-config-from-env.py conf/bookkeeper.conf;
 until bin/bookkeeper shell whatisinstanceid; do
   sleep 3;
 done;
-{{- end }}
+{{- end }}

deployment/kubernetes/helm/pulsar/templates/_bookkeeper.tpl

@@ -48,15 +48,15 @@ Define bookie tls certs volumes
 {{- if and .Values.tls.enabled (or .Values.tls.bookie.enabled .Values.tls.zookeeper.enabled) }}
 - name: bookie-certs
   secret:
-    secretName: "{{ template "pulsar.fullname" . }}-{{ .Values.tls.bookie.cert_name }}"
+    secretName: "{{ .Release.Name }}-{{ .Values.tls.bookie.cert_name }}"
     items:
     - key: tls.crt
       path: tls.crt
     - key: tls.key
       path: tls.key
 - name: ca
   secret:
-    secretName: "{{ template "pulsar.fullname" . }}-ca-tls"
+    secretName: "{{ .Release.Name }}-ca-tls"
     items:
     - key: ca.crt
       path: ca.crt
@@ -118,4 +118,4 @@ until bin/bookkeeper shell whatisinstanceid; do
   sleep 3;
 done;
 {{- end }}
-{{- end }}
+{{- end }}