baseline dev to main and create new baseline version tag

.bumpversion.toml

@@ -0,0 +1,61 @@
+[tool.bumpversion]
+current_version = "0.2.0"
+parse = "(?P<major>\\d+)\\.(?P<minor>\\d+)\\.(?P<patch>\\d+)"
+serialize = ["{major}.{minor}.{patch}"]
+search = "{current_version}"
+replace = "{new_version}"
+regex = false
+ignore_missing_version = false
+tag = false
+commit = false
+
+# Update the Makefile (Handles the 'v' prefix)
+[[tool.bumpversion.files]]
+filename = "Makefile"
+search = "VERSION ?= v{current_version}"
+replace = "VERSION ?= v{new_version}"
+
+# Update the Umbrella Chart
+[[tool.bumpversion.files]]
+filename = "helm/kubetasker/Chart.yaml"
+search = "version: {current_version}"
+replace = "version: {new_version}"
+
+[[tool.bumpversion.files]]
+filename = "helm/kubetasker/Chart.yaml"
+search = 'appVersion: "{current_version}"'
+replace = 'appVersion: "{new_version}"'
+
+# Update Umbrella Chart Dependencies (Updates the requirements for sub-charts)
+[[tool.bumpversion.files]]
+filename = "helm/kubetasker/Chart.yaml"
+search = 'version: "{current_version}"'
+replace = 'version: "{new_version}"'
+
+# Update Controller Chart
+[[tool.bumpversion.files]]
+filename = "helm/kubetasker-controller/Chart.yaml"
+search = "version: {current_version}"
+replace = "version: {new_version}"
+
+[[tool.bumpversion.files]]
+filename = "helm/kubetasker-controller/Chart.yaml"
+search = 'appVersion: "{current_version}"'
+replace = 'appVersion: "{new_version}"'
+
+# Update Frontend Chart
+[[tool.bumpversion.files]]
+filename = "helm/kubetasker-frontend/Chart.yaml"
+search = "version: {current_version}"
+replace = "version: {new_version}"
+
+[[tool.bumpversion.files]]
+filename = "helm/kubetasker-frontend/Chart.yaml"
+search = 'appVersion: "{current_version}"'
+replace = 'appVersion: "{new_version}"'
+
+# Update E2E Test Suite (Handles the 'v' prefix in image tags)
+[[tool.bumpversion.files]]
+filename = "test/e2e/e2e_suite_test.go"
+search = ':v{current_version}"'
+replace = ':v{new_version}"'

.github/workflows/bump_version.yml

@@ -0,0 +1,68 @@
+name: Auto Bump Version
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+    inputs:
+      part:
+        description: 'Part of the version to bump'
+        required: true
+        default: 'patch'
+        type: choice
+        options:
+          - patch
+          - minor
+          - major
+
+jobs:
+  bump-version:
+    # Skip execution if the commit message starts with "Bump version:" to prevent infinite loops, unless manually triggered
+    if: "github.event_name == 'workflow_dispatch' || !startsWith(github.event.head_commit.message, 'Bump version:')"
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0 # Required to access tags and history for versioning
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: go.mod
+
+      - name: Install bump-my-version
+        run: pip install bump-my-version
+
+      - name: Configure Git User
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+
+      - name: Bump Version
+        env:
+          BUMP_PART: ${{ inputs.part || 'patch' }}
+        run: |
+          # Bump version files but do not commit yet
+          bump-my-version bump "$BUMP_PART"
+
+      - name: Update Generated Files
+        run: |
+          helm dependency update helm/kubetasker
+          make golden-update
+
+      - name: Commit and Tag
+        run: |
+          NEW_VERSION=$(bump-my-version show current_version)
+          git add .
+          git commit -m "Bump version: $NEW_VERSION"
+          git tag "v$NEW_VERSION"
+          git push --follow-tags

.github/workflows/deploy.yml

@@ -14,6 +14,9 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
 
+      - name: Debug - List files
+        run: ls -la
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
@@ -36,8 +39,8 @@ jobs:
       - name: Build and push Frontend
         uses: docker/build-push-action@v5
         with:
-          context: ./frontend
-          file: ./frontend/Dockerfile
+          context: ./helm/kubetasker-frontend
+          file: ./helm/kubetasker-frontend/Dockerfile
           push: true
           tags: |
             ${{ secrets.DOCKER_USERNAME }}/kubetasker-frontend:${{ github.sha }}
@@ -53,45 +56,78 @@ jobs:
       - name: Set up Helm
         uses: azure/setup-helm@v4
 
-      - name: Install kubeval
+      - name: Install kubeconform
         run: |
-          wget https://github.com/instrumenta/kubeval/releases/latest/download/kubeval-linux-amd64.tar.gz
-          tar xf kubeval-linux-amd64.tar.gz
-          sudo cp kubeval /usr/local/bin
+          wget https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz
+          tar xf kubeconform-linux-amd64.tar.gz
+          sudo cp kubeconform /usr/local/bin
 
       - name: Validate Helm Charts
         run: |
           helm dependency build helm/kubetasker
-          helm template helm/kubetasker | kubeval --ignore-missing-schemas --strict
+          helm template helm/kubetasker | kubeconform -strict -ignore-missing-schemas -summary
 
   deploy:
-    name: Deploy to Cluster
+    name: Deploy to Ephemeral kind Cluster
     needs: [build-and-push, validate-manifests]
     runs-on: ubuntu-latest
+
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
 
       - name: Set up Helm
         uses: azure/setup-helm@v4
 
-      - name: Set up Kubectl
+      - name: Set up kubectl
         uses: azure/setup-kubectl@v4
 
-      - name: Deploy to Cluster
-        env:
-          KUBECONFIG_CONTENT: ${{ secrets.KUBECONFIG }}
+      - name: Create kind cluster
+        uses: helm/kind-action@v1
+        with:
+          cluster_name: kubetasker-ci
+          wait: 120s
+
+      - name: Verify cluster
         run: |
-          mkdir -p ~/.kube
-          echo "$KUBECONFIG_CONTENT" > ~/.kube/config
-          chmod 600 ~/.kube/config
+          kubectl cluster-info
+          kubectl get nodes
 
+      - name: Install cert-manager
+        run: |
+          helm repo add jetstack https://charts.jetstack.io --force-update
+          helm repo update
+          helm install cert-manager jetstack/cert-manager \
+            --namespace cert-manager \
+            --create-namespace \
+            --version v1.15.0 \
+            --set installCRDs=true \
+            --wait
+
+      - name: Load images into kind
+        run: |
+          docker pull ${{ secrets.DOCKER_USERNAME }}/kubetasker-controller:${{ github.sha }}
+          docker pull ${{ secrets.DOCKER_USERNAME }}/kubetasker-frontend:${{ github.sha }}
+
+          kind load docker-image \
+            ${{ secrets.DOCKER_USERNAME }}/kubetasker-controller:${{ github.sha }} \
+            ${{ secrets.DOCKER_USERNAME }}/kubetasker-frontend:${{ github.sha }} \
+            --name kubetasker-ci
+
+      - name: Deploy with Helm
+        run: |
           helm dependency build helm/kubetasker
 
           helm upgrade --install kubetasker helm/kubetasker \
-            --namespace kubetasker --create-namespace \
+            --namespace kubetasker \
+            --create-namespace \
             --set kubetasker-controller.image.repository=${{ secrets.DOCKER_USERNAME }}/kubetasker-controller \
             --set kubetasker-controller.image.tag=${{ github.sha }} \
             --set kubetasker-frontend.image.repository=${{ secrets.DOCKER_USERNAME }}/kubetasker-frontend \
             --set kubetasker-frontend.image.tag=${{ github.sha }} \
-            --wait --timeout 5m
+            --wait --timeout 5m
+
+      - name: Smoke test
+        run: |
+          kubectl get pods -n kubetasker
+          kubectl get svc -n kubetasker

.github/workflows/security.yml

@@ -10,6 +10,27 @@ on:
       - main
 
 jobs:
+  dependency-scan:
+    name: Scan Dependencies for Vulnerabilities
+    runs-on: ubuntu-latest
+    steps:
+      - name: Clone the code
+        uses: actions/checkout@v4
+
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: go.mod
+
+      - name: Run Go vulnerability check
+        run: go install golang.org/x/vuln/cmd/govulncheck@latest && govulncheck ./...
+
+      - name: Run Python vulnerability check
+        run: |
+          pip install pip-audit
+          # Audit the dependencies specified in requirements.txt files
+          pip-audit -r requirements.txt
+
   trufflehog:
     name: TruffleHog Scan
     runs-on: ubuntu-latest

.github/workflows/test.yml

@@ -48,24 +48,3 @@ jobs:
         run: |
           source .kubetasker_pyenv/bin/activate
           pytest -vvrA
-
-  dependency-scan:
-    name: Scan Dependencies for Vulnerabilities
-    runs-on: ubuntu-latest
-    steps:
-      - name: Clone the code
-        uses: actions/checkout@v4
-
-      - name: Setup Go
-        uses: actions/setup-go@v5
-        with:
-          go-version-file: go.mod
-
-      - name: Run Go vulnerability check
-        run: go install golang.org/x/vuln/cmd/govulncheck@latest && govulncheck ./...
-
-      - name: Run Python vulnerability check
-        run: |
-          pip install pip-audit
-          # Audit the dependencies specified in both top-level and frontend requirements.txt files
-          pip-audit -r requirements.txt -r helm/kubetasker-frontend/requirements.txt

.gitignore

@@ -32,6 +32,7 @@ __pycache__
 # Helm/Kustomize generated artifacts
 kustomize/base/all.yaml
 kustomize/base/crd.yaml
+helm/kubetasker-frontend/requirements.txt
 
 # Helm chart artifacts
 *.tgz