[bitnami/attu,milvus] chore: 👷 Add VIB integration (#38448)

* [bitnami/attu,milvus] chore: 👷 Add VIB integration Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> * test: ✅ Fix incorrect parameters Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> * test: ✅ Update directory test Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> * test: ✅ Adapt to current testing standards Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> * test: ✅ Remove http tests Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> --------- Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
2026-03-27 15:27:48 +08:00 · 2023-06-22 17:39:44 +02:00
parent fb9a1bc540
commit b1a869aa94
10 changed files with 453 additions and 0 deletions
--- a/.vib/attu/goss/attu.yaml
+++ b/.vib/attu/goss/attu.yaml
@@ -0,0 +1,22 @@
+user:
+  attu:
+    exists: true
+    uid: 1001
+    gid: 0
+file:
+  /app:
+    exists: true
+    filetype: symlink
+    linked-to: /opt/bitnami/attu
+command:
+  attu-command-available:
+    exec: cd /opt/bitnami/attu; npm run
+    exit-status: 0
+    stdout:
+      - start:prod
+  run-attu:
+    exec: cd /opt/bitnami/attu; timeout --preserve-status 5 milvus run standalone || true
+    timeout: 8000
+    exit-status: 0
+    stdout:
+      - Attu server started
--- a/.vib/attu/goss/goss.yaml
+++ b/.vib/attu/goss/goss.yaml
@@ -0,0 +1,12 @@
+gossfile:
+  # Goss tests exclusive to the current container
+  ../../attu/goss/attu.yaml: {}
+  # Load scripts from .vib/common/goss/templates
+  ../../common/goss/templates/check-app-version.yaml: {}
+  ../../common/goss/templates/check-binaries.yaml: {}
+  ../../common/goss/templates/check-broken-symlinks.yaml: {}
+  ../../common/goss/templates/check-ca-certs.yaml: {}
+  ../../common/goss/templates/check-directories.yaml: {}
+  ../../common/goss/templates/check-linked-libraries.yaml: {}
+  ../../common/goss/templates/check-sed-in-place.yaml: {}
+  ../../common/goss/templates/check-spdx.yaml: {}
--- a/.vib/attu/goss/vars.yaml
+++ b/.vib/attu/goss/vars.yaml
@@ -0,0 +1,13 @@
+binaries:
+  - node
+  - yarn
+  - npm
+root_dir: /opt/bitnami
+directories:
+  - paths:
+      # Paths to the client and server directories
+      - /opt/bitnami/attu/dist
+      - /opt/bitnami/attu/build
+version:
+  bin_name: npm
+  flag: list /opt/bitnami/attu
--- a/.vib/attu/vib-publish.json
+++ b/.vib/attu/vib-publish.json
@@ -0,0 +1,123 @@
+{
+  "context": {
+    "resources": {
+      "url": "{VIB_ENV_CONTAINER_URL}",
+      "path": "{VIB_ENV_PATH}"
+    },
+    "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd"
+  },
+  "phases": {
+    "package": {
+      "actions": [
+        {
+          "action_id": "container-image-package",
+          "params": {
+            "application": {
+              "details": {
+                "name": "{VIB_ENV_CONTAINER}",
+                "tag": "{VIB_ENV_TAG}"
+              }
+            },
+            "architectures": [
+              "linux/amd64",
+              "linux/arm64"
+            ]
+          }
+        },
+        {
+          "action_id": "container-image-lint",
+          "params": {
+            "threshold": "error"
+          }
+        }
+      ]
+    },
+    "verify": {
+      "actions": [
+        {
+          "action_id": "goss",
+          "params": {
+            "resources": {
+              "path": "/.vib"
+            },
+            "tests_file": "attu/goss/goss.yaml",
+            "vars_file": "attu/goss/vars.yaml",
+            "remote": {
+              "pod": {
+                "workload": "deploy-attu"
+              }
+            }
+          }
+        },
+        {
+          "action_id": "trivy",
+          "params": {
+            "threshold": "CRITICAL",
+            "vuln_type": [
+              "OS"
+            ]
+          }
+        },
+        {
+          "action_id": "grype",
+          "params": {
+            "threshold": "CRITICAL",
+            "package_type": [
+              "OS"
+            ]
+          }
+        },
+        {
+          "action_id": "osspi-application",
+          "params": {
+            "additional_packages_file": "osspi-packages-amd64.json",
+            "scan_type": "BASE_OS",
+            "osm": {
+              "associated_bossd_release": "{VIB_ENV_BOSSD_RELEASE_ID}",
+              "product_name": "main-catalog-{VIB_ENV_CONTAINER}",
+              "product_version": "{VIB_ENV_APP_VERSION}-{VIB_ENV_OS_FLAVOUR}-container",
+              "architecture_overrides": [
+                {
+                  "architecture": "linux/amd64",
+                  "product_version": "{VIB_ENV_APP_VERSION}-{VIB_ENV_OS_FLAVOUR}-container",
+                  "additional_packages_file": "osspi-packages-amd64.json"
+                },
+                {
+                  "architecture": "linux/arm64",
+                  "product_version": "{VIB_ENV_APP_VERSION}-{VIB_ENV_OS_FLAVOUR}-container-arm64",
+                  "additional_packages_file": "osspi-packages-arm64.json"
+                }
+              ]
+            },
+            "resources": {
+              "url": "{VIB_ENV_PACKAGES_JSON_URL}",
+              "path": "/{VIB_ENV_PATH}",
+              "authn": {
+                  "header": "Authorization",
+                  "token": "Bearer {VIB_ENV_GITHUB_TOKEN}"
+                }
+            }
+          }
+        }
+      ]
+    },
+    "publish": {
+      "actions": [
+        {
+          "action_id": "container-image-publish",
+          "params": {
+            "metadata": {
+              "tags": {VIB_ENV_ROLLING_TAGS}
+            },
+            "repository": {
+              "kind": "OCI",
+              "url": "{VIB_ENV_REGISTRY_URL}",
+              "username": "{VIB_ENV_REGISTRY_USERNAME}",
+              "password": "{VIB_ENV_REGISTRY_PASSWORD}"
+            }
+          }
+        }
+      ]
+    }
+  }
+}
--- a/.vib/attu/vib-verify.json
+++ b/.vib/attu/vib-verify.json
@@ -0,0 +1,65 @@
+{
+  "context": {
+    "resources": {
+      "url": "{SHA_ARCHIVE}",
+      "path": "{VIB_ENV_PATH}"
+    },
+    "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd"
+  },
+  "phases": {
+    "package": {
+      "actions": [
+        {
+          "action_id": "container-image-package",
+          "params": {
+            "application": {
+              "details": {
+                "name": "{VIB_ENV_CONTAINER}",
+                "tag": "{VIB_ENV_TAG}"
+              }
+            }
+          }
+        },
+        {
+          "action_id": "container-image-lint",
+          "params": {
+            "threshold": "error"
+          }
+        }
+      ]
+    },
+    "verify": {
+      "actions": [
+        {
+          "action_id": "goss",
+          "params": {
+            "resources": {
+              "path": "/.vib"
+            },
+            "tests_file": "attu/goss/goss.yaml",
+            "vars_file": "attu/goss/vars.yaml",
+            "remote": {
+              "pod": {
+                "workload": "deploy-attu"
+              }
+            }
+          }
+        },
+        {
+          "action_id": "trivy",
+          "params": {
+            "threshold": "CRITICAL",
+            "vuln_type": ["OS"]
+          }
+        },
+        {
+          "action_id": "grype",
+          "params": {
+            "threshold": "CRITICAL",
+            "package_type": ["OS"]
+          }
+        }
+      ]
+    }
+  }
+}
--- a/.vib/milvus/goss/goss.yaml
+++ b/.vib/milvus/goss/goss.yaml
@@ -0,0 +1,11 @@
+gossfile:
+  # Goss tests exclusive to the current container
+  ../../milvus/goss/milvus.yaml: {}
+  # Load scripts from .vib/common/goss/templates
+  ../../common/goss/templates/check-binaries.yaml: {}
+  ../../common/goss/templates/check-broken-symlinks.yaml: {}
+  ../../common/goss/templates/check-ca-certs.yaml: {}
+  ../../common/goss/templates/check-directories.yaml: {}
+  ../../Common/goss/templates/check-linked-libraries.yaml: {}
+  ../../common/goss/templates/check-sed-in-place.yaml: {}
+  ../../common/goss/templates/check-spdx.yaml: {}
--- a/.vib/milvus/goss/milvus.yaml
+++ b/.vib/milvus/goss/milvus.yaml
@@ -0,0 +1,25 @@
+user:
+  milvus:
+    exists: true
+    uid: 1001
+    gid: 0
+file:
+  /milvus:
+    exists: true
+    filetype: symlink
+    linked-to: /opt/bitnami/milvus
+  /var/lib/milvus:
+    exists: true
+    filetype: symlink
+    linked-to: /bitnami/milvus/data
+  /run/milvus:
+    exists: true
+    filetype: symlink
+    linked-to: /opt/bitnami/milvus/tmp
+command:
+  run-milvus:
+    exec: cd /opt/bitnami/milvus; timeout --preserve-status 5 milvus run standalone || true
+    timeout: 8000
+    exit-status: 0
+    stdout:
+      - running Milvus components
--- a/.vib/milvus/goss/vars.yaml
+++ b/.vib/milvus/goss/vars.yaml
@@ -0,0 +1,8 @@
+binaries:
+  - milvus
+directories:
+  - paths:
+      - /opt/bitnami/milvus/bin
+      - /opt/bitnami/milvus/tmp
+      - /bitnami/milvus/data
+root_dir: /opt/bitnami
--- a/.vib/milvus/vib-publish.json
+++ b/.vib/milvus/vib-publish.json
@@ -0,0 +1,109 @@
+{
+  "context": {
+    "resources": {
+      "url": "{VIB_ENV_CONTAINER_URL}",
+      "path": "{VIB_ENV_PATH}"
+    },
+    "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd"
+  },
+  "phases": {
+    "package": {
+      "actions": [
+        {
+          "action_id": "container-image-package",
+          "params": {
+            "application": {
+              "details": {
+                "name": "{VIB_ENV_CONTAINER}",
+                "tag": "{VIB_ENV_TAG}"
+              }
+            }
+          }
+        },
+        {
+          "action_id": "container-image-lint",
+          "params": {
+            "threshold": "error"
+          }
+        }
+      ]
+    },
+    "verify": {
+      "actions": [
+        {
+          "action_id": "goss",
+          "params": {
+            "resources": {
+              "path": "/.vib"
+            },
+            "tests_file": "milvus/goss/goss.yaml",
+            "vars_file": "milvus/goss/vars.yaml",
+            "remote": {
+              "pod": {
+                "workload": "deploy-milvus"
+              }
+            }
+          }
+        },
+        {
+          "action_id": "trivy",
+          "params": {
+            "threshold": "CRITICAL",
+            "vuln_type": [
+              "OS"
+            ]
+          }
+        },
+        {
+          "action_id": "grype",
+          "params": {
+            "threshold": "CRITICAL",
+            "package_type": [
+              "OS"
+            ]
+          }
+        },
+        {
+          "action_id": "osspi-application",
+          "params": {
+            "additional_packages_file": "osspi-packages-amd64.json",
+            "scan_type": "BASE_OS",
+            "osm": {
+              "associated_bossd_release": "{VIB_ENV_BOSSD_RELEASE_ID}",
+              "product_name": "main-catalog-{VIB_ENV_CONTAINER}",
+              "product_version": "{VIB_ENV_APP_VERSION}-{VIB_ENV_OS_FLAVOUR}-container"
+            },
+            "resources": {
+              "url": "{VIB_ENV_PACKAGES_JSON_URL}",
+              "path": "/{VIB_ENV_PATH}",
+              "authn": {
+                  "header": "Authorization",
+                  "token": "Bearer {VIB_ENV_GITHUB_TOKEN}"
+                }
+            }
+          }
+        }
+      ]
+    },
+    "publish": {
+      "actions": [
+        {
+          "action_id": "container-image-publish",
+          "params": {
+            "metadata": {
+              "tags": {VIB_ENV_ROLLING_TAGS}
+            },
+            "repository": {
+              "kind": "OCI",
+              "url": "{VIB_ENV_REGISTRY_URL}",
+              "authn": {
+                "username": "{VIB_ENV_REGISTRY_USERNAME}",
+                "password": "{VIB_ENV_REGISTRY_PASSWORD}"
+              }
+            }
+          }
+        }
+      ]
+    }
+  }
+}
--- a/.vib/milvus/vib-verify.json
+++ b/.vib/milvus/vib-verify.json
@@ -0,0 +1,65 @@
+{
+  "context": {
+    "resources": {
+      "url": "{SHA_ARCHIVE}",
+      "path": "{VIB_ENV_PATH}"
+    },
+    "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd"
+  },
+  "phases": {
+    "package": {
+      "actions": [
+        {
+          "action_id": "container-image-package",
+          "params": {
+            "application": {
+              "details": {
+                "name": "{VIB_ENV_CONTAINER}",
+                "tag": "{VIB_ENV_TAG}"
+              }
+            }
+          }
+        },
+        {
+          "action_id": "container-image-lint",
+          "params": {
+            "threshold": "error"
+          }
+        }
+      ]
+    },
+    "verify": {
+      "actions": [
+        {
+          "action_id": "goss",
+          "params": {
+            "resources": {
+              "path": "/.vib"
+            },
+            "tests_file": "milvus/goss/goss.yaml",
+            "vars_file": "milvus/goss/vars.yaml",
+            "remote": {
+              "pod": {
+                "workload": "deploy-milvus"
+              }
+            }
+          }
+        },
+        {
+          "action_id": "trivy",
+          "params": {
+            "threshold": "CRITICAL",
+            "vuln_type": ["OS"]
+          }
+        },
+        {
+          "action_id": "grype",
+          "params": {
+            "threshold": "CRITICAL",
+            "package_type": ["OS"]
+          }
+        }
+      ]
+    }
+  }
+}