diff --git a/chart/templates/holocron/gitlab-ingress.yaml b/chart/templates/holocron/gitlab-ingress.yaml
deleted file mode 100644
index 9656926323b342bb1a8a4a1495045a0c91afc06f..0000000000000000000000000000000000000000
--- a/chart/templates/holocron/gitlab-ingress.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-{{- $pkg := "holocron" }}
-{{- if and .Values.networkPolicies.enabled .Values.addons.gitlab.enabled (get .Values.addons $pkg).enabled }}
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
- name: {{ $pkg }}-allow-ingress
- namespace: gitlab
-spec:
- podSelector:
- matchLabels:
- app: webservice
- policyTypes:
- - Ingress
- ingress:
- - from:
- - namespaceSelector:
- matchLabels:
- app.kubernetes.io/name: holocron
- podSelector:
- matchLabels:
- role: collector
-{{- end }}
diff --git a/chart/templates/holocron/gitrepository.yaml b/chart/templates/holocron/gitrepository.yaml
deleted file mode 100644
index 616274f5c3665696fa04b7821ade82d43207330a..0000000000000000000000000000000000000000
--- a/chart/templates/holocron/gitrepository.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-{{- $pkg := "holocron" }}
-{{- if and (eq (get .Values.addons $pkg).sourceType "git") (not .Values.offline) (get .Values.addons $pkg).enabled }}
-apiVersion: source.toolkit.fluxcd.io/v1
-kind: GitRepository
-metadata:
- name: {{ $pkg }}
- namespace: {{ .Release.Namespace }}
-spec:
- interval: {{ .Values.flux.interval }}
- url: {{ (get .Values.addons $pkg).git.repo }}
- ref:
- {{- include "validRef" (get .Values.addons $pkg).git | nindent 4 }}
- {{ include "gitIgnore" . }}
- {{- include "gitCreds" . | nindent 2 }}
-{{- end }}
diff --git a/chart/templates/holocron/helmrelease.yaml b/chart/templates/holocron/helmrelease.yaml
deleted file mode 100644
index 3384999f860065d39a3b99b38a82365ac8108906..0000000000000000000000000000000000000000
--- a/chart/templates/holocron/helmrelease.yaml
+++ /dev/null
@@ -1,71 +0,0 @@
-{{- $pkg := "holocron" }}
-{{- $fluxSettingsHolocron := merge (get .Values.addons $pkg).flux .Values.flux -}}
-{{- if (get .Values.addons $pkg).enabled }}
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
-kind: HelmRelease
-metadata:
- name: {{ $pkg }}
- namespace: {{ .Release.Namespace }}
- labels:
- app.kubernetes.io/name: {{ $pkg }}
- {{- include "commonLabels" . | nindent 4}}
- annotations:
- checksum/bigbang-values: {{ include (print $.Template.BasePath "/holocron/values.yaml") . | sha256sum }}
-spec:
- releaseName: {{ $pkg }}
- targetNamespace: {{ $pkg }}
- chart:
- spec:
- {{- if eq (get .Values.addons $pkg).sourceType "git" }}
- chart: {{ (get .Values.addons $pkg).git.path }}
- sourceRef:
- kind: GitRepository
- name: holocron
- namespace: {{ .Release.Namespace }}
- {{- else }}
- chart: {{ (get .Values.addons $pkg).helmRepo.chartName }}
- version: {{ (get .Values.addons $pkg).helmRepo.tag }}
- sourceRef:
- kind: HelmRepository
- name: {{ (get .Values.addons $pkg).helmRepo.repoName }}
- namespace: {{ .Release.Namespace }}
- {{- end }}
- interval: 5m
-
- {{- toYaml $fluxSettingsHolocron | nindent 2 }}
-
- {{- if (get .Values.addons $pkg).postRenderers }}
- postRenderers:
- {{ toYaml (get .Values.addons $pkg).postRenderers | nindent 4 }}
- {{- end }}
- valuesFrom:
- - name: {{ .Release.Name }}-{{ $pkg }}-values
- kind: Secret
- valuesKey: "common"
- - name: {{ .Release.Name }}-{{ $pkg }}-values
- kind: Secret
- valuesKey: "defaults"
- - name: {{ .Release.Name }}-{{ $pkg }}-values
- kind: Secret
- valuesKey: "overlays"
-
- {{- if or .Values.istio.enabled .Values.kyvernoPolicies.enabled .Values.monitoring.enabled .Values.addons.gitlab.enabled}}
- dependsOn:
- {{- if .Values.istio.enabled }}
- - name: istio
- namespace: {{ .Release.Namespace }}
- {{- end }}
- {{- if .Values.kyvernoPolicies.enabled }}
- - name: kyverno-policies
- namespace: {{ .Release.Namespace }}
- {{- end }}
- {{- if .Values.monitoring.enabled }}
- - name: monitoring
- namespace: {{ .Release.Namespace }}
- {{- end }}
- {{- if .Values.addons.gitlab.enabled }}
- - name: gitlab
- namespace: {{ .Release.Namespace }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/chart/templates/holocron/imagepullsecret.yaml b/chart/templates/holocron/imagepullsecret.yaml
deleted file mode 100644
index 8b4fae63f9f75ca30a4c6f6107717800126526f6..0000000000000000000000000000000000000000
--- a/chart/templates/holocron/imagepullsecret.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-{{- $pkg := "holocron" }}
-{{- if and (get .Values.addons $pkg).enabled ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: {{ $pkg }}
- labels:
- app.kubernetes.io/name: {{ $pkg }}
- {{- include "commonLabels" . | nindent 4 }}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
diff --git a/chart/templates/holocron/jira-ingress.yaml b/chart/templates/holocron/jira-ingress.yaml
deleted file mode 100644
index 84e5b7052a40a1a816068335472d2d3c2a3d0fba..0000000000000000000000000000000000000000
--- a/chart/templates/holocron/jira-ingress.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-{{- $pkg := "holocron" }}
-{{- if and .Values.networkPolicies.enabled (get .Values.addons $pkg).jira.enabled (get .Values.addons $pkg).enabled }}
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
- name: {{ $pkg }}-allow-ingress
- namespace: jira
-spec:
- podSelector:
- matchLabels:
- app: jira
- policyTypes:
- - Ingress
- ingress:
- - from:
- - namespaceSelector:
- matchLabels:
- app.kubernetes.io/name: holocron
- podSelector:
- matchLabels:
- role: collector
-{{- end }}
\ No newline at end of file
diff --git a/chart/templates/holocron/namespace.yaml b/chart/templates/holocron/namespace.yaml
deleted file mode 100644
index c95b54af805538a84274109545c7f1dd0241739b..0000000000000000000000000000000000000000
--- a/chart/templates/holocron/namespace.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-{{- $pkg := "holocron" }}
-{{- if and (get .Values.addons $pkg).enabled (not (get .Values.addons $pkg).collectorAuth.existingSecret) }}
-apiVersion: v1
-kind: Namespace
-metadata:
- name: {{ $pkg }}
- labels:
- {{- if .Values.istio.enabled }}
- istio-injection: enabled
- {{- end }}
- app.kubernetes.io/name: {{ $pkg }}
- app.kubernetes.io/component: "core"
- {{- include "commonLabels" . | nindent 4}}
-{{- end }}
diff --git a/chart/templates/holocron/sonarqube-ingress.yaml b/chart/templates/holocron/sonarqube-ingress.yaml
deleted file mode 100644
index 5787f7fa721cbf80ef820589a9d3647f2574b826..0000000000000000000000000000000000000000
--- a/chart/templates/holocron/sonarqube-ingress.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-{{- $pkg := "holocron" }}
-{{- if and .Values.networkPolicies.enabled .Values.addons.sonarqube.enabled (get .Values.addons $pkg).enabled }}
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
- name: {{ $pkg }}-allow-ingress
- namespace: sonarqube
-spec:
- podSelector:
- matchLabels:
- app: sonarqube
- policyTypes:
- - Ingress
- ingress:
- - from:
- - namespaceSelector:
- matchLabels:
- app.kubernetes.io/name: holocron
- podSelector:
- matchLabels:
- role: collector
-{{- end }}
diff --git a/chart/templates/holocron/values.yaml b/chart/templates/holocron/values.yaml
deleted file mode 100644
index ac9ea16902427e2051dc2539c0bf715b328e6093..0000000000000000000000000000000000000000
--- a/chart/templates/holocron/values.yaml
+++ /dev/null
@@ -1,183 +0,0 @@
-{{- $pkg := "holocron" }}
-
-{{- /* Create secret */ -}}
-{{- if (get .Values.addons $pkg).enabled }}
-{{- include "values-secret" (dict "root" $ "package" (get .Values.addons $pkg) "name" $pkg "defaults" (include (printf "bigbang.defaults.%s" $pkg) .)) }}
-{{- end }}
-
-{{- define "bigbang.defaults.holocron" -}}
-
-imagePullSecrets:
-- name: private-registry
-imagePullPolicy: {{ .Values.imagePullPolicy }}
-
-externalURL: https://holocron.{{ .Values.domain }}
-
-domain: {{ .Values.domain }}
-
-api:
- env:
- REQUEST_IP_HEADER: Host
- SSO_ENABLED: {{ .Values.addons.holocron.sso.enabled }}
- SSO_ADMIN_GROUP: {{ .Values.addons.holocron.sso.groups.admin }}
- SSO_LEADERSHIP_GROUP: {{ .Values.addons.holocron.sso.groups.leadership }}
- SSO_GROUPS_KEY: {{ .Values.sso.oidc.claims.groups }}
- SSO_USERNAME_KEY: {{ .Values.sso.oidc.claims.username }}
-
-{{- if .Values.addons.gitlab.enabled }}
-{{- $gitlabURL := "http://gitlab-webservice-default.gitlab.svc.cluster.local:8080" }}
-collectorGitlabSCM:
- replicas: 1
- image:
- repository: registry1.dso.mil/ironbank/holocron/collector-gitlab-scm
- tag: "3.0.2"
- pullPolicy: IfNotPresent
- instances:
- - accessTokenSecretKey: gitlab-scm-0
- env:
- COLLECTOR_NAME: gitlab-scm-0
- COLLECTOR_INTERVAL_SECONDS: 600
- LOOK_BACK_DAYS: 365
- TARGET_URL: {{ $gitlabURL }}
- COLLECTOR_TARGETS_INTRVL_SECS: 86400
- MAX_REQUESTS_PER_MINUTE: 500
-collectorGitlabBuild:
- replicas: 1
- image:
- repository: registry1.dso.mil/ironbank/holocron/collector-gitlab-build
- tag: "3.0.2"
- pullPolicy: IfNotPresent
- instances:
- - accessTokenSecretKey: gitlab-build-0
- env:
- COLLECTOR_NAME: gitlab-build-0
- COLLECTOR_INTERVAL_SECONDS: 600
- LOOK_BACK_DAYS: 365
- TARGET_URL: {{ $gitlabURL }}
- COLLECTOR_TARGETS_INTRVL_SECS: 86400
- MAX_REQUESTS_PER_MINUTE: 500
-collectorGitlabWorkflow:
- replicas: 1
- image:
- repository: registry1.dso.mil/ironbank/holocron/collector-gitlab-workflow
- tag: "3.0.2"
- pullPolicy: IfNotPresent
- instances:
- - accessTokenSecretKey: gitlab-workflow-0
- env:
- COLLECTOR_NAME: gitlab-workflow-0
- COLLECTOR_INTERVAL_SECONDS: 600
- LOOK_BACK_DAYS: 365
- TARGET_URL: {{ $gitlabURL }}
- COLLECTOR_TARGETS_INTRVL_SECS: 86400
- MAX_REQUESTS_PER_MINUTE: 500
- HIGHEST_PRIORITY_LABELS: priority::1,highest
- HIGH_PRIORITY_LABELS: priority::2,high
- MEDIUM_PRIORITY_LABELS: priority::3,medium
- LOW_PRIORITY_LABELS: priority::4,low
- LOWEST_PRIORITY_LABELS: priority::5,lowest
- DEFAULT_TICKET_PRIORITY: lowest
- FEATURE_LABELS: kind::feature,feature
- DEFECT_LABELS: kind::bug,kind::defect,bug,defect
- MAINTENANCE_LABELS: kind::maintenance,kind::docs,maintenance,docs,documentation
- UNPLANNED_LABELS: kind::unplanned
- DEFAULT_TICKET_TYPE: feature
-{{- else }}
-collectorGitlabSCM:
- instances: []
-collectorGitlabBuild:
- instances: []
-collectorGitlabWorkflow:
- instances: []
-{{- end }}
-{{- if .Values.addons.holocron.jira.enabled }}
-collectorJiraWorkflow:
- replicas: 1
- image:
- repository: registry1.dso.mil/ironbank/holocron/collector-jira-workflow
- tag: "3.0.2"
- pullPolicy: IfNotPresent
- instances:
- - accessTokenSecretKey: jira-workflow-0
- env:
- COLLECTOR_NAME: jira-workflow-0
- COLLECTOR_INTERVAL_SECONDS: 600
- LOOK_BACK_DAYS: 365
- TARGET_URL: {{ .Values.addons.holocron.jira.service }}
- COLLECTOR_TARGETS_INTRVL_SECS: 86400
- MAX_REQUESTS_PER_MINUTE: 500
-{{- else }}
-collectorJiraWorkflow:
- instances: []
-{{- end }}
-{{- if .Values.addons.sonarqube.enabled }}
-collectorSonarQubeProjectAnalysis:
- replicas: 1
- image:
- repository: registry1.dso.mil/ironbank/holocron/collector-sonarqube-project-analysis
- tag: "3.0.2"
- pullPolicy: IfNotPresent
- instances:
- - accessTokenSecretKey: sonarqube-project-analysis-0
- env:
- COLLECTOR_NAME: sonarqube-project-analysis-0
- COLLECTOR_INTERVAL_SECONDS: 600
- LOOK_BACK_DAYS: 365
- TARGET_URL: "http://sonarqube-sonarqube.gitlab.svc.cluster.local:9000"
- COLLECTOR_TARGETS_INTRVL_SECS: 86400
- MAX_REQUESTS_PER_MINUTE: 500
-{{- else }}
-collectorSonarQubeProjectAnalysis:
- instances: []
-{{- end }}
-
-postgresql:
- {{- if .Values.addons.holocron.database.host }}
- enabled: false
- service:
- name: {{ .Values.addons.holocron.database.host }}
- {{- else }}
- enabled: true
- {{- end }}
- service:
- ports:
- postgresql: {{ .Values.addons.holocron.database.port }}
-
- image:
- repository: ironbank/opensource/postgres/postgresql
- tag: "15.5"
- auth:
- secretKey: password
- username: {{ .Values.addons.holocron.database.username }}
- password: {{ .Values.addons.holocron.database.password }}
- database: {{ .Values.addons.holocron.database.database }}
- tls:
- enabled: true
- autoGenerated: true
-
-istio:
- enabled: {{ .Values.istio.enabled }}
- injection: enabled
- holocron:
- gateways:
- - istio-system/{{ default "public" .Values.addons.holocron.ingress.gateway }}
- hosts:
- - holocron.{{ .Values.domain }}
-
-networkPolicies:
- enabled: {{ .Values.networkPolicies.enabled }}
- egressHostLabels:
- {{- if .Values.addons.gitlab.enabled }}
- app.kubernetes.io/name: gitlab
- {{- end }}
- {{- if .Values.addons.holocron.jira.enabled }}
- {{ toYaml .Values.addons.holocron.jira.service.label | nindent 4 }}
- {{- end }}
- {{- if .Values.addons.sonarqube.enabled }}
- app: sonarqube
- {{- end }}
-
-monitoring:
- enabled: {{ .Values.monitoring.enabled }}
-
-{{- end }}
diff --git a/chart/templates/kyverno-policies/values.yaml b/chart/templates/kyverno-policies/values.yaml
index f48083333a8cd2336e1ea31669e4de405f98294b..d3d0fa675113a881b9c7866481a8ced998cb1c43 100644
--- a/chart/templates/kyverno-policies/values.yaml
+++ b/chart/templates/kyverno-policies/values.yaml
@@ -251,17 +251,10 @@ policies:
require-non-root-group:
validationFailureAction: Enforce
- {{ if .Values.istio.enabled }}
+ {{- if .Values.istio.enabled }}
parameters:
excludeContainers:
- istio-init
- {{ if not .Values.addons.holocron.database.host }}
- - init-chmod-data
- {{- end }}
- {{ else if not .Values.addons.holocron.database.host }}
- parameters:
- excludeContainers:
- - init-chmod-data
{{- end }}
{{- if or $deployNodeAgent .Values.twistlock.enabled .Values.fluentbit.enabled .Values.promtail.enabled .Values.neuvector.enabled }}
exclude:
@@ -327,13 +320,6 @@ policies:
parameters:
excludeContainers:
- istio-init
- {{ if not .Values.addons.holocron.database.host }}
- - init-chmod-data
- {{- end }}
- {{ else if not .Values.addons.holocron.database.host }}
- parameters:
- excludeContainers:
- - init-chmod-data
{{- end }}
exclude:
any:
diff --git a/chart/values.schema.json b/chart/values.schema.json
index 6aac62b6ba95a2c19964d4fb14ca9fe512061769..3501fd8c5a6a8b540c5d73a990aee96904eca97b 100644
--- a/chart/values.schema.json
+++ b/chart/values.schema.json
@@ -1087,13 +1087,6 @@
}
]
},
- "holocron": {
- "allOf": [
- {
- "$ref": "#/$defs/basePackage"
- }
- ]
- },
"thanos": {
"allOf": [
{
diff --git a/chart/values.yaml b/chart/values.yaml
index 2acd54c792a1625744003ffe8bb7cdbf4903d5c1..f1f1218357c31c8286d548f55be445d502fecb9b 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -505,6 +505,7 @@ kyverno:
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
+
kyvernoPolicies:
# -- Toggle deployment of Kyverno policies
enabled: true
@@ -740,7 +741,7 @@ loki:
# ----------------------------------------------------------------------------------------------------------------------
neuvector:
- # -- Toggle deployment of Neuvector.
+ # -- Toggle deployment of Neuvector.
enabled: true
# -- Choose source type of "git" or "helmRepo"
@@ -1205,7 +1206,7 @@ addons:
# -- Gitlab SSO Scopes, default is ["Gitlab"]
scopes:
- - Gitlab
+ - Gitlab
database:
# -- Hostname of a pre-existing PostgreSQL database to use for Gitlab.
@@ -1263,11 +1264,12 @@ addons:
# with a random password.
# -- This needs to be set to a non-empty value in order for the Grafana Redis Datasource and Dashboards to be installed.
password: ""
-
+
# -- Rails plain text secret to define. If empty (""), the gitlab charts will create the gitlab-rails-secret with randomized data.
# Read the following for more information on setting Gitlab rails secrets: https://docs.gitlab.com/charts/installation/secrets#gitlab-rails-secret
railsSecret: ""
+
# -- Values to passthrough to the gitlab chart: https://repo1.dso.mil/big-bang/product/packages/gitlab.git
values: {}
@@ -1912,81 +1914,6 @@ addons:
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
-
- holocron:
- # -- Toggle deployment of Holocron.
- enabled: false
-
- # -- Choose source type of "git" or "helmRepo"
- sourceType: "git"
-
- git:
- repo: https://repo1.dso.mil/big-bang/product/packages/holocron.git
- tag: "0.1.2"
- path: "./chart"
- helmRepo:
- repoName: "registry1"
- chartName: "holocron"
- tag: "0.1.2"
-
- collectorAuth:
- # -- Name of existing secret with auth tokens for collector services: https://repo1.dso.mil/groups/big-bang/apps/sandbox/holocron/-/wikis/Administrator-Guide
- # -- Default keys for secret are:
- # -- gitlab-scm-0, gitlab-workflow-0, gitlab-build-0, jira-workflow-0
- # -- If not provided, one will be created
- existingSecret: ""
- # -- Tokens for the secret to be created
- gitlabToken: ""
- jiraToken: ""
-
- jira:
- # -- If there is a Jira deployment, enable a collector for it
- enabled: false
- service:
- # -- The service name to communicate with
- name: ""
- # -- If network policies are enabled, a label to match the namespace for egress policy
- label:
- key: value
-
- # -- Flux reconciliation overrides specifically for the Holocron Package
- flux: {}
-
- # -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
- ingress:
- gateway: ""
-
- sso:
- # -- Toggle SSO for Holocron on and off
- enabled: false
-
- # -- Holocron SSO group roles: https://repo1.dso.mil/groups/big-bang/apps/sandbox/holocron/-/wikis/Administrator-Guide
- groups:
- admin: ""
- leadership: ""
-
- database:
- # -- Hostname of a pre-existing PostgreSQL database to use for Gitlab.
- # -- Entering connection info will disable the deployment of an internal database and will auto-create any required secrets.
- host: ""
-
- # -- Port of a pre-existing PostgreSQL database to use for Gitlab.
- port: 5432
-
- # -- Database name to connect to on host.
- database: "holocron"
-
- # -- Username to connect as to external database, the user must have all privileges on the database.
- username: "holocron"
-
- # -- Database password for the username used to connect to the existing database.
- password: "holocron"
-
- # -- Post Renderers. See docs/postrenders.md
- postRenderers: []
-
- # -- Values to passthrough to the Holocron chart: https://repo1.dso.mil/big-bang/product/packages/holocron.git
- values: {}
# ----------------------------------------------------------------------------------------------------------------------
# thanos
diff --git a/docs/understanding-bigbang/package-architecture/holocron.md b/docs/understanding-bigbang/package-architecture/holocron.md
deleted file mode 100644
index 692d2e038e2e0ccebee527cd85029c20c3820d34..0000000000000000000000000000000000000000
--- a/docs/understanding-bigbang/package-architecture/holocron.md
+++ /dev/null
@@ -1,20 +0,0 @@
-# Holocron
-
-## Overview
-Holocron is a software delivery metrics tracker and aggregator. It is designed to provide key insights into potential pain points for software delivery teams and help facilitate more efficient development. Holocron is an opinionated tool displaying goals for work in progress, continuous integration, and keeping piplines, branches, and merge requests from becoming stale. It also tracks how much effort is spent on different types of work, how often bugs are introduced, and how quickly tickets are resolved. It is an open-source project developed in-house at Platform One.
-
-### Architecture
-
-| Component | Description |
-| --- | --- |
-| Holocron Dashboard | Frontend allowing communication with the API to configure teams, value streams, and organizations and view their collected metrics. |
-| Holocron API | Backend server connecting to the database, receives requests from the frontend and can potentially be integrated with a custom UI solution. |
-| Postgresql Database | Holocron requires a Postgresql database for persistence. |
-| SSO | (Optional) Holocron can utilize RBAC if there is an SSO service enabled. |
-| Collector GitLab Build | (Optional) Periodically collects build data (pipelines) from a targeted GitLab instance. |
-| Collector GitLab SCM |(Optional) Periodically collects SCM data (commits, branches, etc.) from a targeted GitLab instance. |
-| Collector GitLab Workflow | (Optional) Periodically collects workflow data (tickets) from a targeted GitLab instance. |
-| Collector Jira Workflow | (Optional) Periodically collects workflow data (tickets) from a targeted Jira instance. |
-| Collector SonarQube Project Analysis | (Optional) Periodically collects project issue data (code smells, vulnerabilities, etc.) from a targeted SonarQube instance. |
-
-**Note: While all collectors are optional, Holocron won't have any metrics and as such no value if none are utilized.**