merge main and resolve

.gitignore

@@ -24,12 +24,14 @@ vite.config.ts.timestamp-*
 # # Playwright/ Vitest
 /ui/test-results
 screenshot.png
+page-load-failure-*.png
 
 # Dev
 zarf-sbom
 tmp/
 *.tar.zst
 .vscode/
+state.json
 
 *.pem
 .github/test-infra/**/.terraform*

.release-please-manifest.json

@@ -1,3 +1,3 @@
 {
-  ".": "0.7.0"
+  ".": "0.8.0"
 }

CHANGELOG.md

@@ -1,5 +1,40 @@
 # Changelog
 
+## [0.8.0](https://github.com/defenseunicorns/uds-runtime/compare/v0.7.0...v0.8.0) (2024-10-29)
+
+
+### Features
+
+* add user menu and logout ([#475](https://github.com/defenseunicorns/uds-runtime/issues/475)) ([85fe229](https://github.com/defenseunicorns/uds-runtime/commit/85fe2291dce97fd358541abbc3759eb101e647fa))
+* adds health check ([#465](https://github.com/defenseunicorns/uds-runtime/issues/465)) ([9e14fc2](https://github.com/defenseunicorns/uds-runtime/commit/9e14fc263ddbfd699edf8a909e588287adb96ae9))
+* **api:** handle local mode in airgap ([#498](https://github.com/defenseunicorns/uds-runtime/issues/498)) ([48a4045](https://github.com/defenseunicorns/uds-runtime/commit/48a4045c7ee5f418c88df9b07848b4d8599612e9))
+* **ui:** 411 overview dashboard core services ([#471](https://github.com/defenseunicorns/uds-runtime/issues/471)) ([e89b69f](https://github.com/defenseunicorns/uds-runtime/commit/e89b69f822e6b64b4c95c26064fc503dd9ec7ce6))
+* **ui:** adding graph title inside of canvas element ([#502](https://github.com/defenseunicorns/uds-runtime/issues/502)) ([ccebbfc](https://github.com/defenseunicorns/uds-runtime/commit/ccebbfc5a23f217a84131ebe15fce7108ed90e19))
+* **ui:** applications widget ([#505](https://github.com/defenseunicorns/uds-runtime/issues/505)) ([b84f2d4](https://github.com/defenseunicorns/uds-runtime/commit/b84f2d4f48c50fea38a9111ea58297334c4ce491))
+* **UI:** overview when metrics server missing ([#485](https://github.com/defenseunicorns/uds-runtime/issues/485)) ([73d9b56](https://github.com/defenseunicorns/uds-runtime/commit/73d9b567bd63b9cae1930b4c08f0cff434a96a07))
+* **ui:** update overview cards to navigate on click ([#488](https://github.com/defenseunicorns/uds-runtime/issues/488)) ([8978525](https://github.com/defenseunicorns/uds-runtime/commit/897852569d711d198e38e2319e9a6f453dba67b0))
+
+
+### Bug Fixes
+
+* ensure swagger is behind local auth ([#466](https://github.com/defenseunicorns/uds-runtime/issues/466)) ([a6a3958](https://github.com/defenseunicorns/uds-runtime/commit/a6a3958ab9208cc5ae16a1941a46eaca0da8bc28))
+* readme logo cutoff ([#480](https://github.com/defenseunicorns/uds-runtime/issues/480)) ([e2bbf19](https://github.com/defenseunicorns/uds-runtime/commit/e2bbf1913dac54e3e436cfd1786afb2abbe00dab))
+* **ui:** fixing issue with core services displaying undefined service ([#504](https://github.com/defenseunicorns/uds-runtime/issues/504)) ([81c597b](https://github.com/defenseunicorns/uds-runtime/commit/81c597b9e7d3460659dd6cd5e9e2d90a14149494))
+
+
+### Miscellaneous
+
+* add e2e in cluster testing ([#451](https://github.com/defenseunicorns/uds-runtime/issues/451)) ([267b611](https://github.com/defenseunicorns/uds-runtime/commit/267b611c2361db6100831933c7511459c8e5164f))
+* **api:** bind only to localhost interface on serve ([#474](https://github.com/defenseunicorns/uds-runtime/issues/474)) ([da577ff](https://github.com/defenseunicorns/uds-runtime/commit/da577ff7f29a2058dc129c3712c79bf03a01f913))
+* **deps:** update dependency kubernetes-fluent-client to v3.1.3 ([#463](https://github.com/defenseunicorns/uds-runtime/issues/463)) ([844e9bc](https://github.com/defenseunicorns/uds-runtime/commit/844e9bc2c5f82bdf630c5c602df25a357f555daf))
+* **deps:** update dependency kubernetes-fluent-client to v3.2.0 ([#479](https://github.com/defenseunicorns/uds-runtime/issues/479)) ([62fd169](https://github.com/defenseunicorns/uds-runtime/commit/62fd169e28ac1f7ca013ad06836b2e7dd2cf84b0))
+* **deps:** update dependency kubernetes-fluent-client to v3.2.1 ([#495](https://github.com/defenseunicorns/uds-runtime/issues/495)) ([48f7a56](https://github.com/defenseunicorns/uds-runtime/commit/48f7a5610c9a94f6117c54b70656ba5f133f4076))
+* **deps:** update kubernetes packages to v0.31.2 ([#490](https://github.com/defenseunicorns/uds-runtime/issues/490)) ([0eaf9ed](https://github.com/defenseunicorns/uds-runtime/commit/0eaf9ed99948f22f70dbe86859774049a1d3aa59))
+* **deps:** update module github.com/charmbracelet/lipgloss to v0.13.1 ([#486](https://github.com/defenseunicorns/uds-runtime/issues/486)) ([e9f2b1e](https://github.com/defenseunicorns/uds-runtime/commit/e9f2b1e31e9bbd66775ac9f7b2f6ed9f94a7ffea))
+* **deps:** update module github.com/swaggo/swag to v1.16.4 ([#472](https://github.com/defenseunicorns/uds-runtime/issues/472)) ([f1a6563](https://github.com/defenseunicorns/uds-runtime/commit/f1a65633a4867c6c0af304863721194f232b9091))
+* rename LICENSE to LICENSE.md ([#477](https://github.com/defenseunicorns/uds-runtime/issues/477)) ([b2efe51](https://github.com/defenseunicorns/uds-runtime/commit/b2efe519b9cd491a4abe83e32ada5db0ede06d63))
+* **ui:** update node and custom resource sidebar icons ([#469](https://github.com/defenseunicorns/uds-runtime/issues/469)) ([a7e9f53](https://github.com/defenseunicorns/uds-runtime/commit/a7e9f53167fcff18322c174c7531e377a43cb1ac))
+
 ## [0.7.0](https://github.com/defenseunicorns/uds-runtime/compare/v0.6.1...v0.7.0) (2024-10-17)
 
 

chart/values.yaml

@@ -5,7 +5,7 @@ replicaCount: 1
 image:
   repository: ghcr.io/defenseunicorns/uds-runtime
   # x-release-please-start-version
-  tag: 0.7.0
+  tag: 0.8.0
   # x-release-please-end
   pullPolicy: IfNotPresent
 sso:

go.sum

@@ -6,6 +6,7 @@ atomicgo.dev/keyboard v0.2.9 h1:tOsIid3nlPLZ3lwgG8KZMp/SFmr7P0ssEN5JUsm78K8=
 atomicgo.dev/keyboard v0.2.9/go.mod h1:BC4w9g00XkxH/f1HXhW2sXmJFOCWbKn9xrOunSFtExQ=
 atomicgo.dev/schedule v0.1.0 h1:nTthAbhZS5YZmgYbb2+DH8uQIZcTlIrd4eYr3UQxEjs=
 atomicgo.dev/schedule v0.1.0/go.mod h1:xeUa3oAkiuHYh8bKiQBRojqAMq3PXXbJujjb0hw8pEU=
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/KyleBanks/depth v1.2.1 h1:5h8fQADFrWtarTdtDudMmGsC7GPbOAu6RVB3ffsVFHc=
 github.com/KyleBanks/depth v1.2.1/go.mod h1:jzSb9d0L43HxTQfT+oSA1EEp2q+ne2uh6XgeJcm8brE=
 github.com/MarvinJWendt/testza v0.1.0/go.mod h1:7AxNvlfeHP7Z/hDQ5JtE3OKYT3XFUeLCDE2DQninSqs=
@@ -31,6 +32,9 @@ github.com/charmbracelet/x/ansi v0.3.2/go.mod h1:dk73KoMTT5AX5BsX0KrqhsTqAnhZZoC
 github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U=
 github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 h1:q2hJAaP1k2wIvVRd/hEHD7lacgqrCPS+k8g1MndzfWY=
 github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk=
+github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
+github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4=
+github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
@@ -150,9 +154,13 @@ github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
 github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
 github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
 github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
+github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
+github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
 github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8=
 github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4=
+github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
 github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
@@ -170,6 +178,8 @@ github.com/swaggo/http-swagger/v2 v2.0.2 h1:FKCdLsl+sFCx60KFsyM0rDarwiUSZ8DqbfSy
 github.com/swaggo/http-swagger/v2 v2.0.2/go.mod h1:r7/GBkAWIfK6E/OLnE8fXnviHiDeAHmgIyooa4xm3AQ=
 github.com/swaggo/swag v1.16.4 h1:clWJtd9LStiG3VeijiCfOVODP6VpHtKdQy9ELFG3s1A=
 github.com/swaggo/swag v1.16.4/go.mod h1:VBsHJRsDvfYvqoiMKnsdwhNV9LEMHgEDZcyVYX0sxPg=
+github.com/urfave/cli/v2 v2.3.0 h1:qph92Y649prgesehzOrQjdWyxFOp/QVM+6imKHad91M=
+github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI=
 github.com/wk8/go-ordered-map/v2 v2.1.8 h1:5h/BUHu93oj4gIdvHHHGsScSTMijfx5PeYkE/fJgbpc=
 github.com/wk8/go-ordered-map/v2 v2.1.8/go.mod h1:5nJHM5DyteebpVlHnWMV0rPz6Zp7+xBAnxjb1X5vnTw=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
@@ -267,6 +277,7 @@ gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWM
 gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
 gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=

hack/test/zarf.yaml

@@ -14,8 +14,6 @@ components:
   - name: uds-runtime
     required: true
     description: smoke test of nightly release of uds-runtime
-    only:
-      flavor: smoke
     images:
       - uds-runtime:test # local copy of uds-runtime
     charts:
@@ -24,18 +22,15 @@ components:
         namespace: uds-runtime
         version: 0.1.0
         valuesFiles:
-          - smoke-values.yaml
-  - name: uds-runtime
-    required: true
-    description: e2e test of uds-runtime running in cluster
-    only:
-      flavor: e2e
-    images:
-      - uds-runtime:test # local copy of uds-runtime
-    charts:
-      - name: uds-runtime
-        localPath: ../../chart
-        namespace: uds-runtime
-        version: 0.1.0
-        valuesFiles:
-          - e2e-values.yaml
+          - values.yaml
+    actions:
+      onDeploy:
+        after:
+          - description: Validate Runtime Package
+            maxTotalSeconds: 300
+            wait:
+              cluster:
+                kind: packages.uds.dev
+                name: uds-runtime
+                namespace: uds-runtime
+                condition: "'{.status.phase}'=Ready"

main.go

@@ -5,10 +5,10 @@ package main
 
 import (
 	"embed"
+	"log/slog"
 	"os"
 
 	"github.com/defenseunicorns/uds-runtime/src/pkg/api"
-	"github.com/zarf-dev/zarf/src/pkg/message"
 )
 
 //go:embed ui/build/*
@@ -21,11 +21,12 @@ var localCert []byte
 var localKey []byte
 
 func main() {
-	message.SetLogLevel(message.DebugLevel)
+	slog.SetLogLoggerLevel(slog.LevelDebug)
 
+	slog.Info("Setting up API server")
 	r, inCluster, err := api.Setup(&assets)
 	if err != nil {
-		message.WarnErr(err, "failed to start the API server")
+		slog.Warn("failed to start the API server", "error", err)
 		os.Exit(1)
 	}
 

src/pkg/api/airgap.go

@@ -0,0 +1,136 @@
+// Copyright 2024 Defense Unicorns
+// SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
+
+package api
+
+import (
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"crypto/x509/pkix"
+	"encoding/pem"
+	"errors"
+	"log/slog"
+	"math/big"
+	"net"
+	"net/http"
+	"os"
+	"os/signal"
+	"syscall"
+	"time"
+
+	"github.com/go-chi/chi/v5"
+)
+
+// serveAirgap starts a server assuming airgap and uses self-signed certificates
+func serveAirgap(r *chi.Mux) error {
+	err := generateCerts()
+	if err != nil {
+		return errors.New("failed to generate certs")
+	}
+	defer cleanupCerts()
+
+	srv := &http.Server{
+		Addr:              "127.0.0.1:8443",
+		ReadHeaderTimeout: 10 * time.Second,
+		Handler:           r,
+	}
+
+	// Start server in goroutine so we can handle shutdown
+	var serverErr error
+	stop := make(chan os.Signal, 1)
+	signal.Notify(stop, os.Interrupt, syscall.SIGTERM)
+	go func() {
+		//nolint:gosec,govet
+		if err := srv.ListenAndServeTLS("airgap-cert.pem", "airgap-key.pem"); err != nil && !errors.Is(err, http.ErrServerClosed) {
+			slog.Error("Failed to start server:", "error", err)
+			serverErr = err
+			stop <- syscall.SIGTERM // send signal to kill stop channel
+			return
+		}
+	}()
+	<-stop
+	slog.Info("Shutting down server")
+	return serverErr
+}
+
+// isAirgapped checks if we're in an airgapped environment by attempting a DNS query against uds.dev
+func isAirgapped() bool {
+	_, err := net.LookupHost("runtime-local.uds.dev")
+	return err != nil
+}
+
+// generateCerts creates self-signed certificates for running locally in the airgap
+func generateCerts() error {
+	// Generate private key
+	privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
+	if err != nil {
+		return err
+	}
+
+	// Create certificate template
+	template := x509.Certificate{
+		SerialNumber: big.NewInt(1),
+		Subject: pkix.Name{
+			CommonName: "localhost",
+		},
+		NotBefore: time.Now(),
+		NotAfter:  time.Now().Add(365 * 24 * time.Hour), // Valid for 1 year
+		KeyUsage:  x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
+		ExtKeyUsage: []x509.ExtKeyUsage{
+			x509.ExtKeyUsageServerAuth,
+		},
+		BasicConstraintsValid: true,
+		DNSNames:              []string{"localhost"},
+	}
+
+	// Create certificate using template
+	derBytes, err := x509.CreateCertificate(
+		rand.Reader,
+		&template,
+		&template,
+		&privateKey.PublicKey,
+		privateKey,
+	)
+	if err != nil {
+		return err
+	}
+
+	// Save certificate to file
+	certFile, err := os.Create("airgap-cert.pem")
+	if err != nil {
+		return err
+	}
+	defer certFile.Close()
+
+	err = pem.Encode(certFile, &pem.Block{
+		Type:  "CERTIFICATE",
+		Bytes: derBytes,
+	})
+	if err != nil {
+		return err
+	}
+
+	// Save private key to file
+	keyFile, err := os.Create("airgap-key.pem")
+	if err != nil {
+		return err
+	}
+	defer keyFile.Close()
+
+	err = pem.Encode(keyFile, &pem.Block{
+		Type:  "RSA PRIVATE KEY",
+		Bytes: x509.MarshalPKCS1PrivateKey(privateKey),
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func cleanupCerts() {
+	slog.Info("Cleaning up short-lived airgap certs")
+	os.Remove("airgap-cert.pem")
+	os.Remove("airgap-key.pem")
+}

src/pkg/api/airgap_test.go

@@ -0,0 +1,53 @@
+// Copyright 2024 Defense Unicorns
+// SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
+
+package api
+
+import (
+	"bytes"
+	"context"
+	"log/slog"
+	"os"
+	"syscall"
+	"testing"
+	"time"
+
+	"github.com/go-chi/chi/v5"
+	"github.com/stretchr/testify/require"
+)
+
+func TestServeAirgap(t *testing.T) {
+	// Setup test context
+	ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second)
+	defer cancel()
+
+	// Capture log output
+	var buf bytes.Buffer
+	logger := slog.New(slog.NewTextHandler(&buf, nil))
+	slog.SetDefault(logger)
+
+	r := chi.NewRouter()
+
+	// Start server in background
+	done := make(chan error)
+	go func() {
+		done <- serveAirgap(r)
+	}()
+
+	// Wait for either timeout or server error
+	select {
+	case err := <-done:
+		t.Fatal("Server stopped unexpectedly:", err)
+	case <-ctx.Done():
+		// Send shutdown signal
+		p, _ := os.FindProcess(os.Getpid())
+		p.Signal(syscall.SIGTERM)
+		err := <-done
+		require.NoError(t, err)
+	}
+
+	// Verify sucessful shutdown
+	logOutput := buf.String()
+	require.Contains(t, logOutput, "Shutting down server")
+	require.Contains(t, logOutput, "Cleaning up")
+}