Prep Repository for BB Integration
Feature Request
Why
Insert the purpose of the Epic or sub-epic here*
Proposed Solution
Insert proposed solution, with relevant links here*
Definition of Done Checklist
Package:
-
Do you have a main
branch that is default and protected? -
Are all other branches merged or deleted? For master
anddev
branches, tag the branch commit before deleting the branch so we can retrieve it if necessary. Exception: branches labeled release -
Does the repo contain only the following directories: chart
,docs
,tests
? All other directories should be deleted. -
Is there a CODEOWNERS
file containing some code owners? -
Is there a CHANGELOG.md
file with initial changes? -
Is there a README.md
file documenting basic use? -
Is there a CONTRIBUTING.md
file outlining how a new person can contribute? -
Is there a .gitlab-ci.yml
pipeline setup pointing to a pipeline template? -
Is there a tests/test-values.yaml
file setup to provide default values for the pipeline? This must include image pull secret references. -
Is there a chart/Kptfile
that points to the upstream chart used in the repo? Exception: Not needed if upstream chart is not used. -
Does the upstream chart version deploy the application version used in Iron Bank (or as close as possible)? This will help avoid incompatible configuration settings. -
Have you run helm dep up
and added all .tgz file dependencies inchart/charts
to the repo? -
Have you updated chart/requirements.yaml
orchart/Chart.yaml
to point to thefile://./charts/<file>.tgz
dependencies? -
If the chart has a web interface, have you added a VirtualService using hostname that is conditionally added if istio.enabled
is true? Verify this works using the web address. -
If the chart integrates with Prometheus monitoring, have you added a Service and ServiceMonitor that are conditionally added if monitoring.enabled
is true? Verify this using Prometheus to check targets. -
Does your package have resource requests and limits set and equal to each other? -
Do you have a tag on your main branch for the Big Bang release version of the package? -
Have all of your images been updated to pull from registry1.dso.mil. Exception: If there is no Iron Bank image, are you pulling from registry.dso.mil? -
If the package supports SSO, have you integrated SSO settings? Needs clarification -
If the package requires a database, have you integrated external database settings? Needs clarification -
If the package requires storage, have you integrated external storage (e.g. MinIO) settings? Needs clarification -
Are all secrets and certificates removed from the repo? All secrets should be references or randomly generated during deployment.
Big Bang:
-
Have you added a namespace.yaml
inchart/templates
that sets up the package's namespace -
Have you added pull secret creation to a resource? This may be in the namespace.yaml
file. -
Have you added a gitrepository.yaml
inchart/templates
that sets up a flux GitRepository resource pointing to the package's git repository? -
Have you added a helmrelease.yaml
inchart/templates
that sets up a flux HelmRelease resource pointing to the package's helm chart? -
Have you added default values to the HelmRelease that need to be passed downstream to the package? For example: hostname
,istio.enabled
,monitoring.enabled
. -
Have you added image pull secret references to the HelmRelease to be passed downstream to the package? -
Have you added other package dependencies to the HelmRelease to ensure deployment order? -
Have you added a key for <package>.yaml
intochart/templates/values.yaml
so override values can be passed downstream to the package? -
Have you added a valuesFrom configuration in the HelmRelease pointing to the values secret with a valuesKey equal to <package>.yaml
? -
Have you added the package into chart/values.yaml
under addons? Exception: core apps do not go under addons. -
Have you added enabled: false to your chart/values.yaml
and conditional statements on enabled: true for your namespace, pull secret, git repository, and helm release? -
Have you added git repo configuration to chart/values.yaml
pointing to the packages git repo, helm chart path, and tag. -
Have you added a values: {} placeholder for you package in chart/values.yaml
? -
Have you added any applicable default values from Fences and Party Bus to the package? Exception: Infrastructure specific implementations (e.g. AWS) -
Have you verified that additional details on definition of done need to be added for: - Database integration
- Storage (minio) integration
- Certificates?
- SSO integration
Testing:
-
Have you verified the CI/CD pipeline passes? -
Have you verified the application is available via web URL (if applicable)? -
Have you verified you can login via SSO with your Platform One account (if applicable)? -
Have you verified you Prometheus is scraping data from monitoring endpoints on the application (if applicable)? -
Have you verified the application has database connectivity to the external database (if applicable)? -
Have you verified the application has storage connectivity to the external storage (if applicable)?
Future Work (as separate issues)
-
SSO is integrated as BigBang values
Edited by Ryan Daily