added a YAML Merger PromotionStep

Signed-off-by: Prune <prune@lecentre.net>

Author: prune998

docs/docs/50-user-guide/60-reference-docs/30-promotion-steps/yaml-merge.md

@@ -0,0 +1,63 @@
+---
+sidebar_label: yaml-merge
+description: Merge multiple YAML file into a single file.
+---
+
+# `yaml-merge`
+
+`yaml-merge` merges multiple YAML files into a single file. This step
+most often used to merge multiple Helm values.yaml files into a single
+file and is commonly followed by a [`helm-template` step](helm-template.md).
+YAML files are merged in order, so the first one is the base, and all
+subsequent files are "overlays", modifying the default values.
+
+## Configuration
+
+| Name | Type | Required | Description |
+|------|------|----------|-------------|
+| `inPaths` | `[]string` | Y | Paths to a YAML files. This path is relative to the temporary workspace that Kargo provisions for use by the promotion process. |
+| `outPath` | `string` | Y | The path to the output file. This path is relative to the temporary workspace that Kargo provisions for use by the promotion process. |
+| `strict` | `bool` | N | Strict will cause the directive to fail if an input path does not exist. Defaults to `false`. |
+
+## Output
+
+| Name | Type | Description |
+|------|------|-------------|
+| `commitMessage` | `string` | A description of the change(s) applied by this step. Typically, a subsequent [`git-commit` step](git-commit.md) will reference this output and aggregate this commit message fragment with other like it to build a comprehensive commit message that describes all changes. |
+
+## Examples
+
+### Common Usage
+
+In this example, two Helm values, one global, one more specific, are merged
+into a new single file, that is then commited.
+
+This pattern is commonly used when you need to merge global values
+into a final `values.yaml` file, to be used by Helm.
+
+```yaml
+vars:
+- name: gitRepo
+  value: https://github.com/example/repo.git
+steps:
+- uses: git-clone
+  config:
+    repoURL: ${{ vars.gitRepo }}
+    checkout:
+    - commit: ${{ commitFrom(vars.gitRepo).ID }}
+      path: ./src
+    - branch: stage/${{ ctx.stage }}
+      create: true
+      path: ./out
+- uses: git-clear
+  config:
+    path: ./out
+- uses: yaml-merge
+  config:
+    inPaths:
+      - ./src/charts/my-chart/values.yaml
+      - ./src/charts/qa/values.yaml
+      - ./src/charts/qa/cluster-a/values.yaml
+    outPath: ./out/charts/my-chart/values.yaml
+# Render manifests to ./out, commit, push, etc...
+```

internal/promotion/runner/builtin/init.go

@@ -45,6 +45,7 @@ func Initialize(kargoClient, argocdClient client.Client, credsDB credentials.Dat
 			newOutputComposer(),
 		),
 		newTarExtractor(),
+		newYAMLMerger(),
 		newYAMLParser(),
 		newYAMLUpdater(),
 	}

internal/promotion/runner/builtin/schemas/yaml-merge-config.json

@@ -0,0 +1,28 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "title": "YAMLMergeConfig",
+
+  "type": "object",
+  "required": ["inPaths", "outPath"],
+  "additionalProperties": false,
+  "properties": {
+    "inPaths": {
+      "type": "array",
+      "description": "InPaths is the list of paths to YAML files to process",
+      "minItems": 1,
+      "items": {
+        "type": "string"
+      }
+    },
+    "outPath": {
+      "type": "string",
+      "description": "OutPath is the path to the merged YAML file to create or update.",
+      "minLength": 1
+    },
+    "strict": {
+      "type": "boolean",
+      "description": "Strict will cause the directive to fail if the input path does not exist.",
+      "default": false
+    }
+  }
+}

internal/promotion/runner/builtin/schemas/yaml-update-config.json

@@ -1,9 +1,8 @@
 {
   "$schema": "https://json-schema.org/draft/2020-12/schema",
   "title": "YAMLUpdateConfig",
-  
-  "definitions": {
 
+  "definitions": {
     "yamlUpdate": {
       "type": "object",
       "additionalProperties": false,
@@ -19,9 +18,8 @@
       },
       "required": ["key", "value"]
     }
-
   },
-  
+
   "type": "object",
   "required": ["path", "updates"],
   "additionalProperties": false,

internal/promotion/runner/builtin/yaml_merger.go

@@ -0,0 +1,148 @@
+package builtin
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+
+	securejoin "github.com/cyphar/filepath-securejoin"
+	"github.com/xeipuuv/gojsonschema"
+
+	kargoapi "github.com/akuity/kargo/api/v1alpha1"
+	"github.com/akuity/kargo/internal/yaml"
+	"github.com/akuity/kargo/pkg/promotion"
+	"github.com/akuity/kargo/pkg/x/promotion/runner/builtin"
+)
+
+// yamlMerger is an implementation of the promotion.StepRunner interface that
+// updates do a merge of the multiple YAML files.
+type yamlMerger struct {
+	schemaLoader gojsonschema.JSONLoader
+}
+
+// newYAMLMerger returns an implementation of the promotion.StepRunner interface
+// that updates the values of specified keys in a YAML file.
+func newYAMLMerger() promotion.StepRunner {
+	r := &yamlMerger{}
+	r.schemaLoader = getConfigSchemaLoader(r.Name())
+	return r
+}
+
+// Name implements the promotion.StepRunner interface.
+func (y *yamlMerger) Name() string {
+	return "yaml-merge"
+}
+
+// Run implements the promotion.StepRunner interface.
+func (y *yamlMerger) Run(
+	ctx context.Context,
+	stepCtx *promotion.StepContext,
+) (promotion.StepResult, error) {
+	failure := promotion.StepResult{Status: kargoapi.PromotionStepStatusErrored}
+
+	if err := y.validate(stepCtx.Config); err != nil {
+		return failure, err
+	}
+
+	// Convert the configuration into a typed struct
+	cfg, err := promotion.ConfigToStruct[builtin.YAMLMergeConfig](stepCtx.Config)
+	if err != nil {
+		return failure, fmt.Errorf("could not convert config into %s config: %w", y.Name(), err)
+	}
+
+	return y.run(ctx, stepCtx, cfg)
+}
+
+// validate validates yamlMerger configuration against a JSON schema.
+func (y *yamlMerger) validate(cfg promotion.Config) error {
+	return validate(y.schemaLoader, gojsonschema.NewGoLoader(cfg), y.Name())
+}
+
+func (y *yamlMerger) run(
+	_ context.Context,
+	stepCtx *promotion.StepContext,
+	cfg builtin.YAMLMergeConfig,
+) (promotion.StepResult, error) {
+
+	result := promotion.StepResult{Status: kargoapi.PromotionStepStatusSucceeded}
+	failure := promotion.StepResult{Status: kargoapi.PromotionStepStatusErrored}
+
+	mergedFiles := []string{} // keep track of files actually merged
+
+	// Secure join the paths to prevent path traversal attacks.
+	yamlData := []string{}
+	for _, path := range cfg.InPaths {
+		inPath, err := securejoin.SecureJoin(stepCtx.WorkDir, path)
+		if err != nil {
+			return promotion.StepResult{Status: kargoapi.PromotionStepStatusErrored},
+				fmt.Errorf("could not secure join inPath %q: %w", path, err)
+		}
+
+		inBytes, err := os.ReadFile(inPath)
+		if err != nil {
+			// we skip if file does not exist
+			if !cfg.Strict && os.IsNotExist(err) {
+				continue
+			}
+			return failure, fmt.Errorf(
+				"error reading file %q: %w",
+				inPath,
+				err,
+			)
+		}
+
+		// we skip if file is empty
+		if len(inBytes) == 0 {
+			continue
+		}
+
+		mergedFiles = append(mergedFiles, path)
+		yamlData = append(yamlData, string(inBytes))
+	}
+
+	// merge YAML files
+	outYAML, err := yaml.MergeYAMLFiles(yamlData)
+
+	// write yaml file
+	outPath, err := securejoin.SecureJoin(stepCtx.WorkDir, cfg.OutPath)
+	if err != nil {
+		return promotion.StepResult{Status: kargoapi.PromotionStepStatusErrored},
+			fmt.Errorf("could not secure join outPath %q: %w", cfg.OutPath, err)
+	}
+
+	if err := os.MkdirAll(filepath.Dir(outPath), 0o700); err != nil {
+		return failure, fmt.Errorf("Error creating directory structure %s: %w", filepath.Dir(outPath), err)
+	}
+	if err = os.WriteFile(outPath, []byte(outYAML), 0o600); err != nil {
+		return failure, fmt.Errorf("Error writing to file %s: %w", outPath, err)
+	}
+
+	// add commit msg
+	if commitMsg := y.generateCommitMessage(cfg.OutPath, mergedFiles); commitMsg != "" {
+		result.Output = map[string]any{
+			"commitMessage": commitMsg,
+		}
+	}
+	return result, nil
+}
+
+func (y *yamlMerger) generateCommitMessage(path string, fileList []string) string {
+	if len(path) <= 1 {
+		return "no YAML file merged"
+	}
+
+	var commitMsg strings.Builder
+	_, _ = commitMsg.WriteString(fmt.Sprintf("Merged YAML files to %s\n", path))
+	for _, file := range fileList {
+		_, _ = commitMsg.WriteString(
+			fmt.Sprintf(
+				"\n- %s",
+				file,
+			),
+		)
+	}
+
+	return commitMsg.String()
+}