chore: Add policy bundle kpt fn (#338)

* Add kpt fn to get a policy bundle and write to sink dir. Fn is working locally. * Add kpt function to get a policy bundle. Add shared code from generateDocs to common, will remove from generateDocs function. Add tests for the core functionality. Add dockerfile for policy bundle function. * Update generate docs kpt fn to use common code, add kpt fn documentation. * Remove comment from common. Fix cmek settings sample. * Add cloudbuild config for testing kpt functions. Add docs for tests. * Update target name for kpt tests * Update build command for kpt tests. * Update kpt test cmd. Merge master * Revert inadvertent changes to cmek test constraint. * Try running npm install before npm test * Add tslint config, fix lint errors, and add lint step to cloud build. * Use safeDump for writing yaml * Addressed PR feedback. Removed ability for getPolicyBundle meeting to write files. Simplified some of the tests. Fixed issue with markdown-table import. Updated docs.
damiansztankowski · Apr 20, 2020 · e869e1a · e869e1a
1 parent 19ae992
commit e869e1a
Show file tree

Hide file tree

Showing 158 changed files with 3,440 additions and 1,438 deletions.
diff --git a/Makefile b/Makefile
@@ -126,9 +126,31 @@ build/rego-%/Dockerfile: cloudbuild/Dockerfile
 	@mkdir -p $(dir $@)
 	@sed -e 's/__REGO_VERSION__/$*/' $^ > $@
 
+# KPT Targets
+
 ## Generate docs
 .PHONY: generate_docs
 generate_docs: # Generate docs
 	@echo "Generating docs with kpt..."
 	@kpt fn source ./samples/ ./policies/ | \
 	 docker run -v $(shell pwd)/docs:/docs -i gcr.io/config-validator/generate-docs:dev  -d overwrite=true -d sink_dir=/docs/
+
+.PHONY: docker_build_kpt
+docker_build_kpt_bundle: ## Build docker image for get policy bundle KPT function
+	docker build -f ./bundler/build/get_policy_bundle.Dockerfile -t gcr.io/config-validator/get-policy-bundle:latest ./bundler/
+
+.PHONY: docker_test_kpt
+docker_test_kpt: ## Run npm test for KPT functions
+	docker run -i \
+		--entrypoint=npm \
+		-v $(CURDIR):/workspace \
+		docker.io/library/node:10.20.1-alpine3.11 \
+		--prefix /workspace/bundler/ test
+
+.PHONY: docker_test_lint_kpt
+docker_test_lint_kpt: ## Run tslint for KPT functions
+	docker run -i \
+		--entrypoint=npm \
+		-v $(CURDIR):/workspace \
+		docker.io/library/node:10.20.1-alpine3.11 \
+		--prefix /workspace/bundler/ run lint
diff --git a/bundler/build/get_policy_bundle.Dockerfile b/bundler/build/get_policy_bundle.Dockerfile
@@ -0,0 +1,33 @@
+FROM node:10-alpine as builder
+
+RUN mkdir -p /home/node/app && \
+    chown -R node:node /home/node/app
+
+USER node
+
+WORKDIR /home/node/app
+
+# Install dependencies and cache them.
+COPY --chown=node:node package*.json ./
+RUN npm ci
+
+# Build the source.
+COPY --chown=node:node tsconfig.json .
+COPY --chown=node:node src src
+RUN npm run build && \
+    npm prune --production && \
+    rm -r src tsconfig.json
+
+#############################################
+
+FROM node:10-alpine
+
+# Run as non-root user as a best-practices:
+# https://github.com/nodejs/docker-node/blob/master/docs/BestPractices.md
+USER node
+
+WORKDIR /home/node/app
+
+COPY --from=builder /home/node/app /home/node/app
+
+ENTRYPOINT ["node", "/home/node/app/dist/get_policy_bundle_run.js"]
diff --git a/bundler/dist/common.js b/bundler/dist/common.js
diff --git a/bundler/dist/common.js.map b/bundler/dist/common.js.map
diff --git a/bundler/dist/common_test.js b/bundler/dist/common_test.js