Fix/deployment/445 (#23)

Creates a new weekly validation job for "minor" gitlab instances:
- gitlab.gnome.org
- gitlab.freedesktop.org
- salsa.debian.org

Merge after: packit/deployment#484

helm-charts/packit-service-validation/Chart.yaml

@@ -3,7 +3,7 @@ name        : packit-service-validation
 description : Helm chart for deploying packit-service-validation app
 type        : application
 # Increment each time you make changes to the chart and its templates.
-version     : 1.2.1
+version     : 1.3.0
 
 keywords:
   - python

helm-charts/packit-service-validation/templates/job-run-validation.yml

@@ -1,36 +1,58 @@
 # https://docs.openshift.com/container-platform/latest/rest_api/workloads_apis/cronjob-batch-v1.html
+{{- range $cronjob := $.Values.cronjobs }}
 apiVersion: batch/v1
 kind: CronJob
 metadata:
-  name: {{ .Release.Name }}
+  name: {{ $.Release.Name }}-{{ $cronjob.id }}
 spec:
-  schedule: {{ .Values.cronjob.schedule | quote }}
+  schedule: {{ $cronjob.schedule | quote }}
   jobTemplate:
     spec:
-      activeDeadlineSeconds: {{ .Values.cronjob.activeDeadlineSeconds }}
+      activeDeadlineSeconds: {{ $cronjob.activeDeadlineSeconds }}
       template:
         spec:
           containers:
           - name: run-validation
-            image: "{{ .Values.image.repo }}:{{ .Values.image.tag }}"
+            image: "{{ $.Values.image.repo }}:{{ $.Values.image.tag }}"
             env:
+{{- if eq $cronjob.id "daily-validation" }}
             - name: GITHUB_TOKEN
               valueFrom:
                 secretKeyRef:
-                  name: {{ .Release.Name }}-github
+                  name: {{ $.Release.Name }}-github
                   key: token
             - name: GITLAB_TOKEN
               valueFrom:
                 secretKeyRef:
-                  name: {{ .Release.Name }}-gitlab
+                  name: {{ $.Release.Name }}-gitlab
                   key: token
+{{- end }}
+{{- if eq $cronjob.id "weekly-validation"}}
+            - name: GITLAB_GNOME_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ $.Release.Name }}-gitlab-gnome
+                  key: token
+            - name: GITLAB_FREEDESKTOP_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ $.Release.Name }}-gitlab-freedesktop
+                  key: token
+            - name: SALSA_DEBIAN_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ $.Release.Name }}-salsa-debian
+                  key: token
+{{- end }}
             - name: SENTRY_SECRET
               valueFrom:
                 secretKeyRef:
-                  name: {{ .Release.Name }}-sentry
+                  name: {{ $.Release.Name }}-sentry
                   key: dsn
             - name: DEPLOYMENT
-              value: {{ .Values.deployment }}
+              value: {{ $.Values.deployment }}
             resources:
-              {{- toYaml .Values.resources | nindent 14 }}
+              {{- toYaml $.Values.resources | nindent 14 }}
           restartPolicy: OnFailure
+---
+{{- end }}

helm-charts/packit-service-validation/templates/secret-github.yaml

@@ -1,8 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Release.Name }}-github
-  namespace: {{ .Release.Namespace }}
+  name: {{ $.Release.Name }}-github
 type: Opaque
 data:
-  token: "{{ .Values.secrets.github }}"
+  token: "{{ $.Values.secrets.github }}"

helm-charts/packit-service-validation/templates/secret-gitlab-freedesktop.yml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ $.Release.Name }}-gitlab-freedesktop
+type: Opaque
+data:
+  token: "{{ $.Values.secrets.gitlabfreedesktop }}"

helm-charts/packit-service-validation/templates/secret-gitlab-gnome.yml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ $.Release.Name }}-gitlab-gnome
+type: Opaque
+data:
+  token: "{{ $.Values.secrets.gitlabgnome }}"

helm-charts/packit-service-validation/templates/secret-gitlab.yml

@@ -1,8 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Release.Name }}-gitlab
-  namespace: {{ .Release.Namespace }}
+  name: {{ $.Release.Name }}-gitlab
 type: Opaque
 data:
-  token: "{{ .Values.secrets.gitlab }}"
+  token: "{{ $.Values.secrets.gitlab }}"

helm-charts/packit-service-validation/templates/secret-salsa-debian.yml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ $.Release.Name }}-salsa-debian
+type: Opaque
+data:
+  token: "{{ $.Values.secrets.salsadebian }}"

helm-charts/packit-service-validation/templates/secret-sentry.yml

@@ -1,8 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Release.Name }}-sentry
-  namespace: {{ .Release.Namespace }}
+  name: {{ $.Release.Name }}-sentry
 type: Opaque
 data:
-  dsn: "{{ .Values.secrets.sentry }}"
+  dsn: "{{ $.Values.secrets.sentry }}"

helm-charts/packit-service-validation/values.yaml

@@ -1,11 +1,17 @@
 deployment: ~
 
 # Cron job parameters
-cronjob:
-  # runs every day at 4 a.m.
-  schedule: "0 4 * * *"
-  # maximum duration is 4 hours
-  activeDeadlineSeconds: 14400
+cronjobs:
+  - id: "daily-validation"
+    # runs every day at 4 a.m.
+    schedule: "0 4 * * *"
+    # maximum duration is 4 hours
+    activeDeadlineSeconds: 14400
+  - id: "weekly-validation"
+    # runs on wednesday at 4 a.m.
+    schedule: "0 4 * * wed"
+    # maximum duration is 4 hours
+    activeDeadlineSeconds: 14400
 
 # Container image
 image:
@@ -28,3 +34,6 @@ secrets:
   sentry: ~
   github: ~
   gitlab: ~
+  gitlabgnome: ~
+  gitlabfreedesktop: ~
+  salsadebian: ~

values/packit-service-validation/Makefile

@@ -4,7 +4,7 @@ CHART ?= ../../helm-charts/packit-service-validation/
 # Upgrade (or install if doesn't exist) the release/chart with values from $(DEPLOYMENT).yaml
 # You have to be logged in a cluster
 install:
-	helm upgrade $(EXTRA_OPTIONS) --install --cleanup-on-fail packit-$(DEPLOYMENT)-validation $(CHART) --set secrets.sentry=${SENTRY} --set secrets.github=${GITHUB} --set secrets.gitlab=${GITLAB} --values $(DEPLOYMENT).yaml
+	helm upgrade $(EXTRA_OPTIONS) --install --cleanup-on-fail packit-$(DEPLOYMENT)-validation $(CHART) --set secrets.sentry=${SENTRY} --set secrets.github=${GITHUB} --set secrets.gitlab=${GITLAB} --set secrets.gitlabgnome=${GITLAB_GNOME} --set secrets.gitlabfreedesktop=${GITLAB_FREEDESKTOP} --set secrets.salsadebian=${SALSA_DEBIAN} --values $(DEPLOYMENT).yaml
 
 # Generate the templates on cluster but doesn't perform the upgrade/install
 # You have to be logged in a cluster

values/packit-service-validation/README.md

@@ -7,11 +7,18 @@ Login to [PSI](https://ocp4.psi.redhat.com) and switch to `cyborg` project.
 
 Get secrets from Bitwarden.
 Sentry from `extra-vars.yml` in `secrets-packit-[prod|stg]` item,
-GitHub token from `Release/usercont bot` item and GitLab token from `Gitlab.com account for validation` item.
+GitHub token from `Release/usercont bot` item.
+GitLab token from `Gitlab.com account for validation` item.
+Gitlab gnome token for `packit-validation` user taken from `Gitlab (gnome.org)` item.
+Gitlab freedesktop token for `packit-validation` user taken from `Gitlab (freedesktop.org)` item.
+Gitlab salsa debian token for `packit-validation` user taken from `Gitlab (salsa.debian.org)` item.
 
     export SENTRY=$( echo -n 'token from bitwarden' | base64 )
     export GITHUB=$( echo -n 'token from bitwarden' | base64 )
     export GITLAB=$( echo -n 'token from bitwarden' | base64 )
+    export GITLAB_GNOME=$( echo -n 'token from bitwarden' | base64 )
+    export GITLAB_FREEDESKTOP=$( echo -n 'token from bitwarden' | base64 )
+    export SALSA_DEBIAN=$( echo -n 'token from bitwarden' | base64 )
 
 ### Install from this repo