fix(helmExecute): General fixes (#3691)

* Add missing credentials and config params

Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>

* Add kubeConfigFileCredentialsId to secrets

Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>

* Add helmExecute.md

Co-authored-by: Pavel Busko <pavel.busko@sap.com>

* Add targetRepository credentials

Co-authored-by: Pavel Busko <pavel.busko@sap.com>

* Add credentials

Co-authored-by: Pavel Busko <pavel.busko@sap.com>

* small fix

* small fix

* small fix

Co-authored-by: Philipp Stehle <philipp.stehle@sap.com>
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
Co-authored-by: Vitalii Sidorov <56587879+kingvvgo@users.noreply.github.com>
Co-authored-by: “Vitalii <“vitalii.sidorov@sap.com”>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>

cmd/helmExecute.go

@@ -11,12 +11,15 @@ import (
 
 func helmExecute(config helmExecuteOptions, telemetryData *telemetry.CustomData) {
 	helmConfig := kubernetes.HelmExecuteOptions{
+		AdditionalParameters:      config.AdditionalParameters,
 		ChartPath:                 config.ChartPath,
 		Image:                     config.Image,
 		Namespace:                 config.Namespace,
 		KubeContext:               config.KubeContext,
+		KeepFailedDeployments:     config.KeepFailedDeployments,
 		KubeConfig:                config.KubeConfig,
 		HelmDeployWaitSeconds:     config.HelmDeployWaitSeconds,
+		DockerConfigJSON:          config.DockerConfigJSON,
 		AppVersion:                config.AppVersion,
 		Dependency:                config.Dependency,
 		PackageDependencyUpdate:   config.PackageDependencyUpdate,

cmd/helmExecute_generated.go

@@ -163,7 +163,7 @@ func addHelmExecuteFlags(cmd *cobra.Command, stepConfig *helmExecuteOptions) {
 	cmd.Flags().StringVar(&stepConfig.ChartPath, "chartPath", os.Getenv("PIPER_chartPath"), "Defines the chart path for helm. chartPath is mandatory for install/upgrade/publish commands.")
 	cmd.Flags().StringVar(&stepConfig.TargetRepositoryURL, "targetRepositoryURL", os.Getenv("PIPER_targetRepositoryURL"), "URL of the target repository where the compiled helm .tgz archive shall be uploaded - typically provided by the CI/CD environment.")
 	cmd.Flags().StringVar(&stepConfig.TargetRepositoryName, "targetRepositoryName", os.Getenv("PIPER_targetRepositoryName"), "set the chart repository. The value is required for install/upgrade/uninstall commands.")
-	cmd.Flags().StringVar(&stepConfig.TargetRepositoryUser, "targetRepositoryUser", os.Getenv("PIPER_targetRepositoryUser"), "Username for the char repository where the compiled helm .tgz archive shall be uploaded - typically provided by the CI/CD environment.")
+	cmd.Flags().StringVar(&stepConfig.TargetRepositoryUser, "targetRepositoryUser", os.Getenv("PIPER_targetRepositoryUser"), "Username for the chart repository where the compiled helm .tgz archive shall be uploaded - typically provided by the CI/CD environment.")
 	cmd.Flags().StringVar(&stepConfig.TargetRepositoryPassword, "targetRepositoryPassword", os.Getenv("PIPER_targetRepositoryPassword"), "Password for the target repository where the compiled helm .tgz archive shall be uploaded - typically provided by the CI/CD environment.")
 	cmd.Flags().IntVar(&stepConfig.HelmDeployWaitSeconds, "helmDeployWaitSeconds", 300, "Number of seconds before helm deploy returns.")
 	cmd.Flags().StringSliceVar(&stepConfig.HelmValues, "helmValues", []string{}, "List of helm values as YAML file reference or URL (as per helm parameter description for `-f` / `--values`)")
@@ -197,8 +197,9 @@ func helmExecuteMetadata() config.StepData {
 		Spec: config.StepSpec{
 			Inputs: config.StepInputs{
 				Secrets: []config.StepSecrets{
-					{Name: "dockerCredentialsId", Type: "jenkins"},
+					{Name: "kubeConfigFileCredentialsId", Description: "Jenkins 'Secret file' credentials ID containing kubeconfig file. Details can be found in the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/).", Type: "jenkins", Aliases: []config.Alias{{Name: "kubeCredentialsId", Deprecated: true}}},
 					{Name: "dockerConfigJsonCredentialsId", Description: "Jenkins 'Secret file' credentials ID containing Docker config.json (with registry credential(s)).", Type: "jenkins"},
+					{Name: "targetRepositoryCredentialsId", Description: "Jenkins 'Username Password' credentials ID containing username and password for the Helm Repository authentication", Type: "jenkins"},
 				},
 				Resources: []config.StepResources{
 					{Name: "deployDescriptor", Type: "stash"},
@@ -253,6 +254,18 @@ func helmExecuteMetadata() config.StepData {
 					{
 						Name: "targetRepositoryUser",
 						ResourceRef: []config.ResourceReference{
+							{
+								Name:  "targetRepositoryCredentialsId",
+								Param: "username",
+								Type:  "secret",
+							},
+
+							{
+								Name:    "targetRepositoryUserSecretName",
+								Type:    "vaultSecret",
+								Default: "publishing",
+							},
+
 							{
 								Name:  "commonPipelineEnvironment",
 								Param: "custom/helmRepositoryUsername",
@@ -266,12 +279,24 @@ func helmExecuteMetadata() config.StepData {
 						Scope:     []string{"PARAMETERS", "STAGES", "STEPS"},
 						Type:      "string",
 						Mandatory: false,
-						Aliases:   []config.Alias{},
+						Aliases:   []config.Alias{{Name: "helmRepositoryUsername"}},
 						Default:   os.Getenv("PIPER_targetRepositoryUser"),
 					},
 					{
 						Name: "targetRepositoryPassword",
 						ResourceRef: []config.ResourceReference{
+							{
+								Name:  "targetRepositoryCredentialsId",
+								Param: "password",
+								Type:  "secret",
+							},
+
+							{
+								Name:    "targetRepositoryPasswordSecret",
+								Type:    "vaultSecret",
+								Default: "publishing",
+							},
+
 							{
 								Name:  "commonPipelineEnvironment",
 								Param: "custom/helmRepositoryPassword",
@@ -285,7 +310,7 @@ func helmExecuteMetadata() config.StepData {
 						Scope:     []string{"PARAMETERS", "STAGES", "STEPS"},
 						Type:      "string",
 						Mandatory: false,
-						Aliases:   []config.Alias{},
+						Aliases:   []config.Alias{{Name: "helmRepositoryPassword"}},
 						Default:   os.Getenv("PIPER_targetRepositoryPassword"),
 					},
 					{

resources/metadata/helmExecute.yaml

@@ -27,11 +27,18 @@ metadata:
 spec:
   inputs:
     secrets:
-      - name: dockerCredentialsId
+      - name: kubeConfigFileCredentialsId
+        description: Jenkins 'Secret file' credentials ID containing kubeconfig file. Details can be found in the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/).
+        aliases:
+          - name: kubeCredentialsId
+            deprecated: true
         type: jenkins
       - name: dockerConfigJsonCredentialsId
         description: Jenkins 'Secret file' credentials ID containing Docker config.json (with registry credential(s)).
         type: jenkins
+      - name: targetRepositoryCredentialsId
+        description: Jenkins 'Username Password' credentials ID containing username and password for the Helm Repository authentication
+        type: jenkins
     resources:
       - name: deployDescriptor
         type: stash
@@ -75,7 +82,9 @@ spec:
           - STAGES
           - STEPS
       - name: targetRepositoryUser
-        description: "Username for the char repository where the compiled helm .tgz archive shall be uploaded - typically provided by the CI/CD environment."
+        aliases:
+          - name: helmRepositoryUsername
+        description: "Username for the chart repository where the compiled helm .tgz archive shall be uploaded - typically provided by the CI/CD environment."
         type: string
         scope:
           - PARAMETERS
@@ -83,11 +92,19 @@ spec:
           - STEPS
         secret: true
         resourceRef:
+          - name: targetRepositoryCredentialsId
+            type: secret
+            param: username
+          - type: vaultSecret
+            name: targetRepositoryUserSecretName
+            default: publishing
           - name: commonPipelineEnvironment
             param: custom/helmRepositoryUsername
           - name: commonPipelineEnvironment
             param: custom/repositoryUsername
       - name: targetRepositoryPassword
+        aliases:
+          - name: helmRepositoryPassword
         description: "Password for the target repository where the compiled helm .tgz archive shall be uploaded - typically provided by the CI/CD environment."
         type: string
         scope:
@@ -96,6 +113,12 @@ spec:
           - STEPS
         secret: true
         resourceRef:
+          - name: targetRepositoryCredentialsId
+            type: secret
+            param: password
+          - type: vaultSecret
+            name: targetRepositoryPasswordSecret
+            default: publishing
           - name: commonPipelineEnvironment
             param: custom/helmRepositoryPassword
           - name: commonPipelineEnvironment

vars/helmExecute.groovy

@@ -4,6 +4,10 @@ import groovy.transform.Field
 @Field String METADATA_FILE = "metadata/helmExecute.yaml"
 
 void call(Map parameters = [:]) {
-    List credentials = [[type: 'file', id: 'dockerConfigJsonCredentialsId', env: ['PIPER_dockerConfigJSON']]]
+    List credentials = [
+        [type: 'file', id: 'kubeConfigFileCredentialsId', env: ['PIPER_kubeConfig']],
+        [type: 'file', id: 'dockerConfigJsonCredentialsId', env: ['PIPER_dockerConfigJSON']],
+        [type: 'usernamePassword', id: 'targetRepositoryCredentialsId', env: ['PIPER_targetRepositoryUser', 'PIPER_targetRepositoryPassword']],
+    ]
     piperExecuteBin(parameters, STEP_NAME, METADATA_FILE, credentials)
 }