From 25b999a77e69afb6383251875fc2fcf237a0f80e Mon Sep 17 00:00:00 2001 From: Tamal Saha Date: Thu, 2 Nov 2023 18:09:49 -0700 Subject: [PATCH] Use reloader v1.0.50 (#260) Signed-off-by: Tamal Saha --- apis/installer/v1alpha1/reloader_types.go | 12 + apis/installer/v1alpha1/types_test.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 30 ++ charts/ace-installer/README.md | 2 +- charts/ace-installer/values.yaml | 2 +- charts/opscenter-features/README.md | 2 +- charts/opscenter-features/values.yaml | 2 +- schema/reloader/values.openapiv3_schema.yaml | 270 ++++++++++++++++++ 8 files changed, 317 insertions(+), 5 deletions(-) diff --git a/apis/installer/v1alpha1/reloader_types.go b/apis/installer/v1alpha1/reloader_types.go index 8cf5e4474..201ea49a8 100644 --- a/apis/installer/v1alpha1/reloader_types.go +++ b/apis/installer/v1alpha1/reloader_types.go @@ -18,6 +18,7 @@ package v1alpha1 import ( core "k8s.io/api/core/v1" + networking "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -62,6 +63,7 @@ type ReloaderKubernetes struct { } type ReloaderDetails struct { + AutoReloadAll bool `json:"autoReloadAll"` IsArgoRollouts bool `json:"isArgoRollouts"` IsOpenshift bool `json:"isOpenshift"` IgnoreSecrets bool `json:"ignoreSecrets"` @@ -86,6 +88,8 @@ type ReloaderDetails struct { ServiceMonitor ReloaderServiceMonitorSpec `json:"serviceMonitor"` PodMonitor ReloaderPodMonitorSpec `json:"podMonitor"` PodDisruptionBudget ReloaderPodDisruptionBudget `json:"podDisruptionBudget"` + Netpol ReloaderNetpol `json:"netpol"` + WebhookUrl string `json:"webhookUrl"` } type ReloaderLegacy struct { @@ -194,6 +198,14 @@ type ReloaderPodDisruptionBudget struct { Enabled bool `json:"enabled"` } +type ReloaderNetpol struct { + Enabled bool `json:"enabled"` + // +optional + From []networking.NetworkPolicyPeer `json:"from"` + // +optional + To []networking.NetworkPolicyPeer `json:"to"` +} + // EnvVar represents an environment variable present in a Container. type EnvVar struct { // Name of the environment variable. Must be a C_IDENTIFIER. diff --git a/apis/installer/v1alpha1/types_test.go b/apis/installer/v1alpha1/types_test.go index a53282c15..c1c873a1d 100644 --- a/apis/installer/v1alpha1/types_test.go +++ b/apis/installer/v1alpha1/types_test.go @@ -53,7 +53,7 @@ func TestDefaultValues(t *testing.T) { sc.TestCase{Obj: v1alpha1.SmtprelaySpec{}}, sc.TestCase{Obj: v1alpha1.StashPresetsSpec{}}, sc.TestCase{Obj: v1alpha1.NatsSpec{}, File: "https://github.com/nats-io/k8s/raw/nats-0.19.17/helm/charts/nats/values.yaml"}, - sc.TestCase{Obj: v1alpha1.ReloaderSpec{}, File: "https://github.com/stakater/Reloader/raw/v1.0.24/deployments/kubernetes/chart/reloader/values.yaml"}, + sc.TestCase{Obj: v1alpha1.ReloaderSpec{}, File: "https://github.com/stakater/Reloader/raw/v1.0.50/deployments/kubernetes/chart/reloader/values.yaml"}, ) checker.TestAll(t) } diff --git a/apis/installer/v1alpha1/zz_generated.deepcopy.go b/apis/installer/v1alpha1/zz_generated.deepcopy.go index d10ea7022..ff24b664a 100644 --- a/apis/installer/v1alpha1/zz_generated.deepcopy.go +++ b/apis/installer/v1alpha1/zz_generated.deepcopy.go @@ -6345,6 +6345,7 @@ func (in *ReloaderDetails) DeepCopyInto(out *ReloaderDetails) { in.ServiceMonitor.DeepCopyInto(&out.ServiceMonitor) in.PodMonitor.DeepCopyInto(&out.PodMonitor) out.PodDisruptionBudget = in.PodDisruptionBudget + in.Netpol.DeepCopyInto(&out.Netpol) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReloaderDetails. @@ -6532,6 +6533,35 @@ func (in *ReloaderList) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ReloaderNetpol) DeepCopyInto(out *ReloaderNetpol) { + *out = *in + if in.From != nil { + in, out := &in.From, &out.From + *out = make([]networkingv1.NetworkPolicyPeer, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.To != nil { + in, out := &in.To, &out.To + *out = make([]networkingv1.NetworkPolicyPeer, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReloaderNetpol. +func (in *ReloaderNetpol) DeepCopy() *ReloaderNetpol { + if in == nil { + return nil + } + out := new(ReloaderNetpol) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ReloaderPodDisruptionBudget) DeepCopyInto(out *ReloaderPodDisruptionBudget) { *out = *in diff --git a/charts/ace-installer/README.md b/charts/ace-installer/README.md index 52fbecd77..b645b7016 100644 --- a/charts/ace-installer/README.md +++ b/charts/ace-installer/README.md @@ -88,7 +88,7 @@ The following table lists the configurable parameters of the `ace-installer` cha | helm.releases.panopticon.version | | "v2023.10.1" | | helm.releases.panopticon.values | | {"monitoring":{"agent":"prometheus.io/operator","enabled":true,"serviceMonitor":{"labels":{"release":"kube-prometheus-stack"}}}} | | helm.releases.reloader.enabled | | true | -| helm.releases.reloader.version | | "v1.0.24" | +| helm.releases.reloader.version | | "v1.0.50" | | helm.releases.stash.enabled | | true | | helm.releases.stash.version | | "v2023.10.9" | | helm.releases.stash.values | | {"features":{"enterprise":true}} | diff --git a/charts/ace-installer/values.yaml b/charts/ace-installer/values.yaml index 601688a9f..1bc386a7f 100644 --- a/charts/ace-installer/values.yaml +++ b/charts/ace-installer/values.yaml @@ -108,7 +108,7 @@ helm: release: kube-prometheus-stack reloader: enabled: true - version: "v1.0.24" + version: "v1.0.50" stash: enabled: true version: "v2023.10.9" diff --git a/charts/opscenter-features/README.md b/charts/opscenter-features/README.md index 65bd28716..b698aae48 100644 --- a/charts/opscenter-features/README.md +++ b/charts/opscenter-features/README.md @@ -100,7 +100,7 @@ The following table lists the configurable parameters of the `opscenter-features | helm.releases.stash-opscenter.version | | "v2023.10.9" | | helm.releases.stash-presets.version | | "v2023.10.18" | | helm.releases.supervisor.version | | "v2023.10.1" | -| helm.releases.reloader.version | | "v1.0.24" | +| helm.releases.reloader.version | | "v1.0.50" | | helm.releases.voyager.version | | "v2023.9.18" | | clusterManagers | | [] | | capi.provider | | "" | diff --git a/charts/opscenter-features/values.yaml b/charts/opscenter-features/values.yaml index 8c70daa1d..3cf2f018b 100644 --- a/charts/opscenter-features/values.yaml +++ b/charts/opscenter-features/values.yaml @@ -128,7 +128,7 @@ helm: supervisor: version: "v2023.10.1" reloader: - version: "v1.0.24" + version: "v1.0.50" voyager: version: "v2023.9.18" diff --git a/schema/reloader/values.openapiv3_schema.yaml b/schema/reloader/values.openapiv3_schema.yaml index c1fa54efa..7511bea3c 100644 --- a/schema/reloader/values.openapiv3_schema.yaml +++ b/schema/reloader/values.openapiv3_schema.yaml @@ -21,6 +21,8 @@ properties: type: string reloader: properties: + autoReloadAll: + type: boolean custom_annotations: additionalProperties: type: string @@ -1768,6 +1770,269 @@ properties: type: object namespaceSelector: type: string + netpol: + properties: + enabled: + type: boolean + from: + items: + description: NetworkPolicyPeer describes a peer to allow traffic to/from. + Only certain combinations of fields are allowed + properties: + ipBlock: + description: IPBlock defines policy on a particular IPBlock. If + this field is set then neither of the other fields can be. + properties: + cidr: + description: CIDR is a string representing the IP Block Valid + examples are "192.168.1.1/24" or "2001:db9::/64" + type: string + except: + description: Except is a slice of CIDRs that should not be included + within an IP Block Valid examples are "192.168.1.1/24" or + "2001:db9::/64" Except values will be rejected if they are + outside the CIDR range + items: + type: string + type: array + required: + - cidr + type: object + namespaceSelector: + description: "Selects Namespaces using cluster-scoped labels. This\ + \ field follows standard label selector semantics; if present\ + \ but empty, it selects all namespaces. \n If PodSelector is also\ + \ set, then the NetworkPolicyPeer as a whole selects the Pods\ + \ matching PodSelector in the Namespaces selected by NamespaceSelector.\ + \ Otherwise it selects all Pods in the Namespaces selected by\ + \ NamespaceSelector." + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + podSelector: + description: "This is a label selector which selects Pods. This\ + \ field follows standard label selector semantics; if present\ + \ but empty, it selects all pods. \n If NamespaceSelector is also\ + \ set, then the NetworkPolicyPeer as a whole selects the Pods\ + \ matching PodSelector in the Namespaces selected by NamespaceSelector.\ + \ Otherwise it selects the Pods matching PodSelector in the policy's\ + \ own Namespace." + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + type: object + type: array + to: + items: + description: NetworkPolicyPeer describes a peer to allow traffic to/from. + Only certain combinations of fields are allowed + properties: + ipBlock: + description: IPBlock defines policy on a particular IPBlock. If + this field is set then neither of the other fields can be. + properties: + cidr: + description: CIDR is a string representing the IP Block Valid + examples are "192.168.1.1/24" or "2001:db9::/64" + type: string + except: + description: Except is a slice of CIDRs that should not be included + within an IP Block Valid examples are "192.168.1.1/24" or + "2001:db9::/64" Except values will be rejected if they are + outside the CIDR range + items: + type: string + type: array + required: + - cidr + type: object + namespaceSelector: + description: "Selects Namespaces using cluster-scoped labels. This\ + \ field follows standard label selector semantics; if present\ + \ but empty, it selects all namespaces. \n If PodSelector is also\ + \ set, then the NetworkPolicyPeer as a whole selects the Pods\ + \ matching PodSelector in the Namespaces selected by NamespaceSelector.\ + \ Otherwise it selects all Pods in the Namespaces selected by\ + \ NamespaceSelector." + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + podSelector: + description: "This is a label selector which selects Pods. This\ + \ field follows standard label selector semantics; if present\ + \ but empty, it selects all pods. \n If NamespaceSelector is also\ + \ set, then the NetworkPolicyPeer as a whole selects the Pods\ + \ matching PodSelector in the Namespaces selected by NamespaceSelector.\ + \ Otherwise it selects the Pods matching PodSelector in the policy's\ + \ own Namespace." + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + type: object + type: array + required: + - enabled + type: object podDisruptionBudget: properties: enabled: @@ -1906,7 +2171,10 @@ properties: type: boolean watchGlobally: type: boolean + webhookUrl: + type: string required: + - autoReloadAll - custom_annotations - deployment - enableHA @@ -1919,6 +2187,7 @@ properties: - logFormat - matchLabels - namespaceSelector + - netpol - podDisruptionBudget - podMonitor - rbac @@ -1931,6 +2200,7 @@ properties: - serviceMonitor - syncAfterRestart - watchGlobally + - webhookUrl type: object required: - global