From afd5a7a478541648e538c5667f039f7f6baf72b2 Mon Sep 17 00:00:00 2001 From: shreddedbacon Date: Fri, 28 Jul 2023 09:35:28 +1000 Subject: [PATCH 01/41] chore: modify keycloak healthcheck endpoint for newer keycloak --- charts/lagoon-core/Chart.yaml | 4 ++-- charts/lagoon-core/templates/keycloak.deployment.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/lagoon-core/Chart.yaml b/charts/lagoon-core/Chart.yaml index bde851a4..339f832d 100644 --- a/charts/lagoon-core/Chart.yaml +++ b/charts/lagoon-core/Chart.yaml @@ -21,7 +21,7 @@ type: application # time you make changes to the chart and its templates, including the app # version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.35.0 +version: 1.35.1 # This is the version number of the application being deployed. This version # number should be incremented each time you make changes to the application. @@ -41,4 +41,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: update Lagoon appVersion to v2.15.3 + description: modify keycloak liveness and readiness endpoint diff --git a/charts/lagoon-core/templates/keycloak.deployment.yaml b/charts/lagoon-core/templates/keycloak.deployment.yaml index ab2ed50c..2eabf6e2 100644 --- a/charts/lagoon-core/templates/keycloak.deployment.yaml +++ b/charts/lagoon-core/templates/keycloak.deployment.yaml @@ -53,11 +53,11 @@ spec: containerPort: 8080 livenessProbe: httpGet: - path: / + path: /auth port: http-8080 readinessProbe: httpGet: - path: / + path: /auth port: http-8080 startupProbe: exec: From 30159cb2f1b85afad809da3e4520acc0605ba0fa Mon Sep 17 00:00:00 2001 From: shreddedbacon Date: Tue, 14 Nov 2023 12:53:31 +1100 Subject: [PATCH 02/41] chore: remove dioscuri subchart from lagoon-remote --- charts/lagoon-remote/Chart.lock | 7 ++----- charts/lagoon-remote/Chart.yaml | 10 +++------- charts/lagoon-remote/values.yaml | 5 ----- 3 files changed, 5 insertions(+), 17 deletions(-) diff --git a/charts/lagoon-remote/Chart.lock b/charts/lagoon-remote/Chart.lock index 63327a5c..af9c068d 100644 --- a/charts/lagoon-remote/Chart.lock +++ b/charts/lagoon-remote/Chart.lock @@ -2,14 +2,11 @@ dependencies: - name: lagoon-build-deploy repository: https://uselagoon.github.io/lagoon-charts/ version: 0.26.2 -- name: dioscuri - repository: https://amazeeio.github.io/charts/ - version: 0.4.1 - name: dbaas-operator repository: https://amazeeio.github.io/charts/ version: 0.3.0 - name: nats repository: https://nats-io.github.io/k8s/helm/charts/ version: 0.19.17 -digest: sha256:98fadf31ddfe049c50ff4554a11732ec10a9cf8a41b8e0ce1c33a37af4f81de4 -generated: "2023-11-14T10:12:08.139505+11:00" +digest: sha256:6ae37f7602dc456b2b14c3ca650896f41d77a9476c1417cb4a35cb78c5ce5ee0 +generated: "2023-11-14T12:50:14.804764286+11:00" diff --git a/charts/lagoon-remote/Chart.yaml b/charts/lagoon-remote/Chart.yaml index 4c02e8e8..082ac49d 100644 --- a/charts/lagoon-remote/Chart.yaml +++ b/charts/lagoon-remote/Chart.yaml @@ -19,17 +19,13 @@ type: application # This is the chart version. This version number should be incremented each # time you make changes to the chart and its templates, including the app # version. -version: 0.86.1 +version: 0.87.0 dependencies: - name: lagoon-build-deploy version: ~0.26.0 repository: https://uselagoon.github.io/lagoon-charts/ condition: lagoon-build-deploy.enabled -- name: dioscuri - version: ~0.4.0 - repository: https://amazeeio.github.io/charts/ - condition: dioscuri.enabled - name: dbaas-operator version: ~0.3.0 repository: https://amazeeio.github.io/charts/ @@ -44,5 +40,5 @@ dependencies: # Valid supported kinds are added, changed, deprecated, removed, fixed and security annotations: artifacthub.io/changes: | - - kind: changed - description: update lagoon-build-deploy to v0.26.2 with updated remote-controller + - kind: removed + description: removed dioscuri subchart, activestandby is handled via a Lagoon task directly now diff --git a/charts/lagoon-remote/values.yaml b/charts/lagoon-remote/values.yaml index 7781073c..55d3720c 100644 --- a/charts/lagoon-remote/values.yaml +++ b/charts/lagoon-remote/values.yaml @@ -188,11 +188,6 @@ lagoon-build-deploy: # See the parent chart for the full range of values that can be passed here to control builds # https://github.com/uselagoon/lagoon-charts/blob/main/charts/lagoon-build-deploy/values.yaml -# dioscuri is the operator which implements Lagoon active-standby. -# This subchart is enabled by default as this is a core Lagoon feature. -dioscuri: - enabled: true - # dbaas-operator provisions database-as-a-service accounts for projects. # Example provider configuration can be found in the dbaas-operator values.yaml # https://github.com/amazeeio/charts/blob/main/charts/dbaas-operator/values.yaml From bf52e937293a9285e8bb4d2a0824864d779f8f32 Mon Sep 17 00:00:00 2001 From: rashed-k Date: Tue, 28 Nov 2023 09:35:08 +1100 Subject: [PATCH 03/41] fixed insightsRemote service bug --- charts/lagoon-remote/templates/insights-remote.service.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/lagoon-remote/templates/insights-remote.service.yaml b/charts/lagoon-remote/templates/insights-remote.service.yaml index 01f105dd..dac317ae 100644 --- a/charts/lagoon-remote/templates/insights-remote.service.yaml +++ b/charts/lagoon-remote/templates/insights-remote.service.yaml @@ -1,3 +1,4 @@ +{{- if .Values.insightsRemote.enabled -}} apiVersion: v1 kind: Service metadata: @@ -13,3 +14,4 @@ spec: name: insights-ws selector: {{- include "lagoon-remote.insightsRemote.selectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file From 258225b67a320d3b32937b8598588eda2c886b21 Mon Sep 17 00:00:00 2001 From: Scott Leggett Date: Thu, 14 Dec 2023 13:54:39 +0800 Subject: [PATCH 04/41] fix: avoid installing the registry multiple times While the fill-test-ci-values target's dependency on install-registry was correctly manipulated by the SKIP_INSTALL_REGISTRY variable, the install-lagoon-build-deploy target had a hard-coded dependency on install-registry. The result was that the registry would get installed multiple times anyway via the fill-test-ci-values target via an indirect dependency. Fix that by removing the dependency that install-lagoon-build-deploy has on install-registry when SKIP_INSTALL_REGISTRY=true. --- Makefile | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 64088fcf..16c8ea97 100644 --- a/Makefile +++ b/Makefile @@ -261,7 +261,7 @@ install-lagoon-remote: install-lagoon-build-deploy install-lagoon-core install-m # Do not install without lagoon-core # .PHONY: install-lagoon-build-deploy -install-lagoon-build-deploy: install-lagoon-core install-registry +install-lagoon-build-deploy: install-lagoon-core $(HELM) dependency build ./charts/lagoon-build-deploy/ $(HELM) upgrade \ --install \ @@ -288,6 +288,11 @@ install-lagoon-build-deploy: install-lagoon-core install-registry lagoon-build-deploy \ ./charts/lagoon-build-deploy +# allow skipping registry install for install-lagoon-remote target +ifneq ($(SKIP_INSTALL_REGISTRY),true) +install-lagoon-build-deploy: install-registry +endif + # # The following targets facilitate local development only and aren't used in CI. # From dd6c1dad40007c067c7ff1288112e7aff0f868a0 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Fri, 15 Dec 2023 14:34:49 +1100 Subject: [PATCH 05/41] chore: use 1.28 as default k8s --- .github/workflows/lint-test-matrix.yaml | 1 + .github/workflows/lint-test.yaml | 4 ++-- .github/workflows/test-suite.yaml | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-test-matrix.yaml b/.github/workflows/lint-test-matrix.yaml index e5ed6588..2171946f 100644 --- a/.github/workflows/lint-test-matrix.yaml +++ b/.github/workflows/lint-test-matrix.yaml @@ -15,6 +15,7 @@ jobs: - v1.24.15@sha256:7db4f8bea3e14b82d12e044e25e34bd53754b7f2b0e9d56df21774e6f66a70ab - v1.25.11@sha256:227fa11ce74ea76a0474eeefb84cb75d8dad1b08638371ecf0e86259b35be0c8 - v1.26.6@sha256:6e2d8b28a5b601defe327b98bd1c2d1930b49e5d8c512e1895099e4504007adb + - v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72 - v1.28.0@sha256:b7a4cad12c197af3ba43202d3efe03246b3f0793f162afb40a33c923952d5b31 steps: - name: Checkout diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index a16a362c..7a344d96 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -87,8 +87,8 @@ jobs: uses: helm/kind-action@v1.8.0 with: version: v0.20.0 - node_image: kindest/node:v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72 - kubectl_version: v1.27.3 + node_image: kindest/node:v1.28.0@sha256:b7a4cad12c197af3ba43202d3efe03246b3f0793f162afb40a33c923952d5b31 + kubectl_version: v1.28.0 if: | (steps.list-changed.outputs.changed == 'true') || (contains(github.event.pull_request.labels.*.name, 'needs-testing')) diff --git a/.github/workflows/test-suite.yaml b/.github/workflows/test-suite.yaml index b2039684..881bcc1c 100644 --- a/.github/workflows/test-suite.yaml +++ b/.github/workflows/test-suite.yaml @@ -75,8 +75,8 @@ jobs: (contains(github.event.pull_request.labels.*.name, 'needs-testing')) with: version: v0.20.0 - node_image: kindest/node:v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72 - kubectl_version: v1.27.3 + node_image: kindest/node:v1.28.0@sha256:b7a4cad12c197af3ba43202d3efe03246b3f0793f162afb40a33c923952d5b31 + kubectl_version: v1.28.0 config: test-suite.kind-config.yaml - name: Check node IP matches kind configuration From 744a18ac4f568dea58a547d5a95dd769e8d70695 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Fri, 15 Dec 2023 14:35:17 +1100 Subject: [PATCH 06/41] chore: add 1.29 to test-matrix --- .github/workflows/lint-test-matrix.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-test-matrix.yaml b/.github/workflows/lint-test-matrix.yaml index 2171946f..aeeb2081 100644 --- a/.github/workflows/lint-test-matrix.yaml +++ b/.github/workflows/lint-test-matrix.yaml @@ -16,7 +16,7 @@ jobs: - v1.25.11@sha256:227fa11ce74ea76a0474eeefb84cb75d8dad1b08638371ecf0e86259b35be0c8 - v1.26.6@sha256:6e2d8b28a5b601defe327b98bd1c2d1930b49e5d8c512e1895099e4504007adb - v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72 - - v1.28.0@sha256:b7a4cad12c197af3ba43202d3efe03246b3f0793f162afb40a33c923952d5b31 + - v1.29.0@sha256:eaa1450915475849a73a9227b8f201df25e55e268e5d619312131292e324d570 steps: - name: Checkout uses: actions/checkout@v4 From 195669ccc5780e52fb21926d35728a4ae0c9f822 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Fri, 15 Dec 2023 15:20:06 +1100 Subject: [PATCH 07/41] force action run From 93efcafb10253d1464890d56ac36022bc4d78e46 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Fri, 15 Dec 2023 18:48:02 +1100 Subject: [PATCH 08/41] ensure chart-testing runs on needs-testing --- .github/workflows/lint-test.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 7a344d96..4b09a8e4 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -96,6 +96,11 @@ jobs: - name: Run chart-testing (install) run: ct install --config ./default.ct.yaml --helm-extra-args "--timeout 30m" + - name: Run chart-testing (needs-testing) + run: ct install --config ./default.ct.yaml --helm-extra-args "--timeout 30m" --all + if: | + (contains(github.event.pull_request.labels.*.name, 'needs-testing')) + artifacthub-changelog: runs-on: ubuntu-latest steps: From 479de771d54a4e0062ef740d015594c28dd88a16 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 7 Feb 2024 16:50:07 +1100 Subject: [PATCH 09/41] use main branch images to test --- .github/workflows/test-suite.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test-suite.yaml b/.github/workflows/test-suite.yaml index b2039684..b91e17b4 100644 --- a/.github/workflows/test-suite.yaml +++ b/.github/workflows/test-suite.yaml @@ -123,8 +123,8 @@ jobs: if: | (steps.list-changed.outputs.changed == 'true') || (contains(github.event.pull_request.labels.*.name, 'needs-testing')) - # run: make -j8 -O fill-test-ci-values TESTS=[${{ matrix.test }}] IMAGE_REGISTRY=testlagoon IMAGE_TAG=main OVERRIDE_BUILD_DEPLOY_DIND_IMAGE=uselagoon/build-deploy-image:main OVERRIDE_ACTIVE_STANDBY_TASK_IMAGE=testlagoon/task-activestandby:main - run: make -j8 -O fill-test-ci-values TESTS=[${{ matrix.test }}] + run: make -j8 -O fill-test-ci-values TESTS=[${{ matrix.test }}] IMAGE_REGISTRY=testlagoon IMAGE_TAG=main OVERRIDE_BUILD_DEPLOY_DIND_IMAGE=uselagoon/build-deploy-image:main OVERRIDE_ACTIVE_STANDBY_TASK_IMAGE=testlagoon/task-activestandby:main + # run: make -j8 -O fill-test-ci-values TESTS=[${{ matrix.test }}] - name: Free up some disk space if: | From 261eac63f192e39c4373db5d3cd522d636f40833 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 7 Feb 2024 17:55:15 +1100 Subject: [PATCH 10/41] force actions run From 5ce0953c2394dc4aa8b8f12a839cc1f9671eb5fc Mon Sep 17 00:00:00 2001 From: shreddedbacon Date: Thu, 15 Feb 2024 10:06:42 +1100 Subject: [PATCH 11/41] chore: bump chart version --- charts/lagoon-remote/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/lagoon-remote/Chart.yaml b/charts/lagoon-remote/Chart.yaml index 082ac49d..7cdf7d67 100644 --- a/charts/lagoon-remote/Chart.yaml +++ b/charts/lagoon-remote/Chart.yaml @@ -19,7 +19,7 @@ type: application # This is the chart version. This version number should be incremented each # time you make changes to the chart and its templates, including the app # version. -version: 0.87.0 +version: 0.88.0 dependencies: - name: lagoon-build-deploy From 4f2f2a31fbf679a3118f533078e8bafe0eaabff5 Mon Sep 17 00:00:00 2001 From: shreddedbacon Date: Thu, 15 Feb 2024 12:40:39 +1100 Subject: [PATCH 12/41] chore: update storage-calcluator and add metrics monitor --- charts/lagoon-remote/Chart.yaml | 10 +++------- charts/lagoon-remote/ci/linter-values.yaml | 2 ++ .../storage-calculator.deployment.yaml | 6 +++++- .../templates/storage-calculator.service.yaml | 17 +++++++++++++++++ .../storage-calculator.servicemonitor.yaml | 18 ++++++++++++++++++ charts/lagoon-remote/values.yaml | 10 +++++++++- 6 files changed, 54 insertions(+), 9 deletions(-) create mode 100644 charts/lagoon-remote/templates/storage-calculator.service.yaml create mode 100644 charts/lagoon-remote/templates/storage-calculator.servicemonitor.yaml diff --git a/charts/lagoon-remote/Chart.yaml b/charts/lagoon-remote/Chart.yaml index 26141057..e69c70bb 100644 --- a/charts/lagoon-remote/Chart.yaml +++ b/charts/lagoon-remote/Chart.yaml @@ -19,7 +19,7 @@ type: application # This is the chart version. This version number should be incremented each # time you make changes to the chart and its templates, including the app # version. -version: 0.87.0 +version: 0.88.0 dependencies: - name: lagoon-build-deploy @@ -45,10 +45,6 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: remove insights-remote service if not enabled - - kind: removed - description: removed old kubernetes build deploy references + description: update storage-calculator to v0.5.1 - kind: changed - description: updated to insights-remote:v0.0.8 - - kind: changed - description: updated lagoon-build-deploy chart to v0.26.3 + description: added metrics to storage-calculator diff --git a/charts/lagoon-remote/ci/linter-values.yaml b/charts/lagoon-remote/ci/linter-values.yaml index 9c7e7d9d..fcb91171 100644 --- a/charts/lagoon-remote/ci/linter-values.yaml +++ b/charts/lagoon-remote/ci/linter-values.yaml @@ -98,3 +98,5 @@ sshPortal: storageCalculator: enabled: true + serviceMonitor: + enabled: false diff --git a/charts/lagoon-remote/templates/storage-calculator.deployment.yaml b/charts/lagoon-remote/templates/storage-calculator.deployment.yaml index f4cc3ecf..49dcd6df 100644 --- a/charts/lagoon-remote/templates/storage-calculator.deployment.yaml +++ b/charts/lagoon-remote/templates/storage-calculator.deployment.yaml @@ -35,10 +35,14 @@ spec: command: - /manager args: - - "--metrics-bind-address=127.0.0.1:8080" + - "--metrics-bind-address=0.0.0.0:8080" + - "--prometheus-metrics=true" {{- with .Values.storageCalculator.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} + ports: + - name: metrics + containerPort: 8080 env: {{- range $name, $value := .Values.storageCalculator.extraEnvs }} - name: {{ .name }} diff --git a/charts/lagoon-remote/templates/storage-calculator.service.yaml b/charts/lagoon-remote/templates/storage-calculator.service.yaml new file mode 100644 index 00000000..8a73bfdf --- /dev/null +++ b/charts/lagoon-remote/templates/storage-calculator.service.yaml @@ -0,0 +1,17 @@ +{{- if .Values.storageCalculator.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "lagoon-remote.storageCalculator.fullname" . }}-metrics + labels: + metrics-only: "true" + {{- include "lagoon-remote.storageCalculator.labels" . | nindent 4 }} +spec: + type: {{ .Values.storageCalculator.metricsService.type }} + ports: + - port: {{ .Values.storageCalculator.metricsService.ports.metrics }} + targetPort: metrics + name: metrics + selector: + {{- include "lagoon-remote.storageCalculator.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/lagoon-remote/templates/storage-calculator.servicemonitor.yaml b/charts/lagoon-remote/templates/storage-calculator.servicemonitor.yaml new file mode 100644 index 00000000..fc339b51 --- /dev/null +++ b/charts/lagoon-remote/templates/storage-calculator.servicemonitor.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.storageCalculator.enabled .Values.storageCalculator.serviceMonitor.enabled -}} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "lagoon-remote.storageCalculator.fullname" . }} + labels: + {{- include "lagoon-remote.storageCalculator.labels" . | nindent 4 }} +spec: + endpoints: + - port: metrics + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + metrics-only: "true" + {{- include "lagoon-remote.storageCalculator.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/lagoon-remote/values.yaml b/charts/lagoon-remote/values.yaml index 866f1871..e301cb5e 100644 --- a/charts/lagoon-remote/values.yaml +++ b/charts/lagoon-remote/values.yaml @@ -362,8 +362,16 @@ storageCalculator: # template name: + metricsService: + type: ClusterIP + ports: + metrics: 9912 + + serviceMonitor: + enabled: true + image: repository: uselagoon/remote-calculator pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - tag: v0.2.3 + tag: v0.5.1 From 489381212bcc54743c90e77136c91a577e9da407 Mon Sep 17 00:00:00 2001 From: shreddedbacon Date: Fri, 23 Feb 2024 15:18:29 +1100 Subject: [PATCH 13/41] chore: remove legacy registry passthrough from core --- charts/lagoon-core/Chart.yaml | 10 ++-------- charts/lagoon-core/ci/linter-values.yaml | 1 - charts/lagoon-core/templates/api.deployment.yaml | 2 -- .../templates/webhooks2tasks.deployment.yaml | 2 -- charts/lagoon-core/values.yaml | 1 - 5 files changed, 2 insertions(+), 14 deletions(-) diff --git a/charts/lagoon-core/Chart.yaml b/charts/lagoon-core/Chart.yaml index 0b1d71bb..8c149371 100644 --- a/charts/lagoon-core/Chart.yaml +++ b/charts/lagoon-core/Chart.yaml @@ -21,7 +21,7 @@ type: application # time you make changes to the chart and its templates, including the app # version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.41.0 +version: 1.41.1 # This is the version number of the application being deployed. This version # number should be incremented each time you make changes to the application. @@ -41,10 +41,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: bump lagoon-opensearch-sync version to v0.7.1 - - kind: changed - description: updated to insights-handler:v0.0.2 - - kind: changed - description: pinned insights to trivy:0.48.0 - - kind: changed - description: update lagoon appVersion to v2.17.0 + description: remove unused legacy registry setting from core diff --git a/charts/lagoon-core/ci/linter-values.yaml b/charts/lagoon-core/ci/linter-values.yaml index 610c1ce0..5278a7eb 100644 --- a/charts/lagoon-core/ci/linter-values.yaml +++ b/charts/lagoon-core/ci/linter-values.yaml @@ -3,7 +3,6 @@ # To be deprecated - see uselagoon/lagoon#2907 harborURL: http://disabled-only-use-harbor-via-deploy-controller.invalid harborAdminPassword: not-needed -registry: disabled-only-use-harbor-via-deploy-controller.invalid # used in api elasticsearchURL: http://opendistro-es-client-service.opendistro-es.svc.cluster.local:9200 diff --git a/charts/lagoon-core/templates/api.deployment.yaml b/charts/lagoon-core/templates/api.deployment.yaml index 5f469bf6..482721db 100644 --- a/charts/lagoon-core/templates/api.deployment.yaml +++ b/charts/lagoon-core/templates/api.deployment.yaml @@ -126,8 +126,6 @@ spec: key: RABBITMQ_USERNAME - name: REDIS_HOST value: {{ include "lagoon-core.apiRedis.fullname" . }} - - name: REGISTRY - value: {{ required "A valid .Values.registry required!" .Values.registry | quote }} - name: S3_FILES_BUCKET value: {{ required "A valid .Values.s3FilesBucket required!" .Values.s3FilesBucket | quote }} - name: S3_FILES_HOST diff --git a/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml b/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml index 9efabf37..d9ee07a5 100644 --- a/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml +++ b/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml @@ -94,8 +94,6 @@ spec: secretKeyRef: name: {{ include "lagoon-core.broker.fullname" . }} key: RABBITMQ_USERNAME - - name: REGISTRY - value: {{ required "A valid .Values.registry required!" .Values.registry | quote }} {{- range $key, $val := .Values.webhooks2tasks.additionalEnvs }} - name: {{ $key }} value: {{ $val | quote }} diff --git a/charts/lagoon-core/values.yaml b/charts/lagoon-core/values.yaml index f37eea9a..9b1b167d 100644 --- a/charts/lagoon-core/values.yaml +++ b/charts/lagoon-core/values.yaml @@ -4,7 +4,6 @@ # elasticsearchURL: # harborURL: # kibanaURL: -# registry: # s3BAASSecretAccessKey: # s3BAASAccessKeyID: # s3FilesAccessKeyID: From 6a972118742bef11294be743ad0762445fb06353 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Fri, 23 Feb 2024 16:53:51 +1100 Subject: [PATCH 14/41] update actions and build dependencies --- .github/workflows/lint-test-matrix.yaml | 18 +++++++++--------- .github/workflows/lint-test.yaml | 10 +++++----- .github/workflows/release.yaml | 9 +-------- .github/workflows/test-suite.yaml | 12 ++++++------ Makefile | 6 +++--- 5 files changed, 24 insertions(+), 31 deletions(-) diff --git a/.github/workflows/lint-test-matrix.yaml b/.github/workflows/lint-test-matrix.yaml index aeeb2081..7e63c08a 100644 --- a/.github/workflows/lint-test-matrix.yaml +++ b/.github/workflows/lint-test-matrix.yaml @@ -11,12 +11,12 @@ jobs: fail-fast: false matrix: kindest_node_version: - - v1.23.17@sha256:59c989ff8a517a93127d4a536e7014d28e235fb3529d9fba91b3951d461edfdb - - v1.24.15@sha256:7db4f8bea3e14b82d12e044e25e34bd53754b7f2b0e9d56df21774e6f66a70ab - - v1.25.11@sha256:227fa11ce74ea76a0474eeefb84cb75d8dad1b08638371ecf0e86259b35be0c8 - - v1.26.6@sha256:6e2d8b28a5b601defe327b98bd1c2d1930b49e5d8c512e1895099e4504007adb - - v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72 - - v1.29.0@sha256:eaa1450915475849a73a9227b8f201df25e55e268e5d619312131292e324d570 + - v1.23.17@sha256:14d0a9a892b943866d7e6be119a06871291c517d279aedb816a4b4bc0ec0a5b3 + - v1.24.17@sha256:bad10f9b98d54586cba05a7eaa1b61c6b90bfc4ee174fdc43a7b75ca75c95e51 + - v1.25.16@sha256:e8b50f8e06b44bb65a93678a65a26248fae585b3d3c2a669e5ca6c90c69dc519 + - v1.26.14@sha256:5d548739ddef37b9318c70cb977f57bf3e5015e4552be4e27e57280a8cbb8e4f + - v1.27.11@sha256:681253009e68069b8e01aad36a1e0fa8cf18bb0ab3e5c4069b2e65cafdd70843 + - v1.29.2@sha256:51a1434a5397193442f0be2a297b488b6c919ce8a3931be0ce822606ea5ca245 steps: - name: Checkout uses: actions/checkout@v4 @@ -27,7 +27,7 @@ jobs: run: sudo apt-get -y install python3-wheel - name: Set up chart-testing - uses: helm/chart-testing-action@v2.6.0 + uses: helm/chart-testing-action@v2.6.1 - name: Run chart-testing (list-changed) id: list-changed @@ -42,9 +42,9 @@ jobs: run: ct lint --config ./default.ct.yaml - name: Create kind cluster - uses: helm/kind-action@v1.8.0 + uses: helm/kind-action@v1.9.0 with: - version: v0.20.0 + version: v0.22.0 node_image: kindest/node:${{ matrix.kindest_node_version }} if: | (steps.list-changed.outputs.changed == 'true') || diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 4b09a8e4..76d6e383 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -69,7 +69,7 @@ jobs: run: sudo apt-get -y install python3-wheel - name: Set up chart-testing - uses: helm/chart-testing-action@v2.6.0 + uses: helm/chart-testing-action@v2.6.1 - name: Run chart-testing (list-changed) id: list-changed @@ -84,11 +84,11 @@ jobs: run: ct lint --config ./default.ct.yaml - name: Create kind cluster - uses: helm/kind-action@v1.8.0 + uses: helm/kind-action@v1.9.0 with: - version: v0.20.0 - node_image: kindest/node:v1.28.0@sha256:b7a4cad12c197af3ba43202d3efe03246b3f0793f162afb40a33c923952d5b31 - kubectl_version: v1.28.0 + version: v0.22.0 + node_image: kindest/node:v1.28.7@sha256:9bc6c451a289cf96ad0bbaf33d416901de6fd632415b076ab05f5fa7e4f65c58 + kubectl_version: v1.28.7 if: | (steps.list-changed.outputs.changed == 'true') || (contains(github.event.pull_request.labels.*.name, 'needs-testing')) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 522bb8ac..b03949dc 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -19,13 +19,6 @@ jobs: git config user.name "$GITHUB_ACTOR" git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - # See https://github.com/helm/chart-releaser-action/issues/6 - - name: Install Helm - run: | - curl -fsSLo get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 - chmod 700 get_helm.sh - ./get_helm.sh - - name: Add dependency chart repos run: | helm repo add banzaicloud-stable https://kubernetes-charts.banzaicloud.com @@ -35,6 +28,6 @@ jobs: helm repo add kube-logging https://kube-logging.github.io/helm-charts - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.5.0 + uses: helm/chart-releaser-action@v1.6.0 env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/test-suite.yaml b/.github/workflows/test-suite.yaml index a500058b..69cbea3c 100644 --- a/.github/workflows/test-suite.yaml +++ b/.github/workflows/test-suite.yaml @@ -5,7 +5,7 @@ on: pull_request jobs: # runs for lagoon-core, lagoon-remote, lagoon-test test-suite: - runs-on: ubuntu-20.04 + runs-on: ubuntu-latest strategy: fail-fast: false matrix: @@ -48,7 +48,7 @@ jobs: run: sudo apt-get -y install python3-wheel - name: Set up chart-testing - uses: helm/chart-testing-action@v2.6.0 + uses: helm/chart-testing-action@v2.6.1 - name: Run chart-testing (list-changed) id: list-changed @@ -69,14 +69,14 @@ jobs: envsubst < test-suite.kind-config.yaml.tpl > test-suite.kind-config.yaml - name: Create kind cluster - uses: helm/kind-action@v1.8.0 + uses: helm/kind-action@v1.9.0 if: | (steps.list-changed.outputs.changed == 'true') || (contains(github.event.pull_request.labels.*.name, 'needs-testing')) with: - version: v0.20.0 - node_image: kindest/node:v1.28.0@sha256:b7a4cad12c197af3ba43202d3efe03246b3f0793f162afb40a33c923952d5b31 - kubectl_version: v1.28.0 + version: v0.22.0 + node_image: kindest/node:v1.28.7@sha256:9bc6c451a289cf96ad0bbaf33d416901de6fd632415b076ab05f5fa7e4f65c58 + kubectl_version: v1.28.7 config: test-suite.kind-config.yaml - name: Check node IP matches kind configuration diff --git a/Makefile b/Makefile index 16c8ea97..8cb1713e 100644 --- a/Makefile +++ b/Makefile @@ -86,7 +86,7 @@ install-ingress: --set controller.config.hsts="false" \ --set controller.watchIngressWithoutClass=true \ --set controller.ingressClassResource.default=true \ - --version=4.7.2 \ + --version=4.9.1 \ ingress-nginx \ ingress-nginx/ingress-nginx @@ -106,7 +106,7 @@ install-registry: install-ingress --set clair.enabled=false \ --set notary.enabled=false \ --set trivy.enabled=false \ - --version=1.13.0 \ + --version=1.14.0 \ registry \ harbor/harbor @@ -162,7 +162,7 @@ install-minio: install-ingress --timeout $(TIMEOUT) \ --set auth.rootUser=lagoonFilesAccessKey,auth.rootPassword=lagoonFilesSecretKey \ --set defaultBuckets='lagoon-files\,restores' \ - --version=12.8.7 \ + --version=13.6.2 \ minio \ bitnami/minio From b1a008c762d6cea9ba2fa698ab0c41f1c3ac2e0f Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Fri, 23 Feb 2024 17:40:13 +1100 Subject: [PATCH 15/41] use ingress-nginx 4.7.5 to allow server-snippets --- Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 8cb1713e..79278339 100644 --- a/Makefile +++ b/Makefile @@ -73,6 +73,7 @@ endif .PHONY: install-ingress install-ingress: + # Using 4.7.x because server snippets https://github.com/kubernetes/ingress-nginx/issues/10543 $(HELM) upgrade \ --install \ --create-namespace \ @@ -86,7 +87,7 @@ install-ingress: --set controller.config.hsts="false" \ --set controller.watchIngressWithoutClass=true \ --set controller.ingressClassResource.default=true \ - --version=4.9.1 \ + --version=4.7.5 \ ingress-nginx \ ingress-nginx/ingress-nginx From a8ea19e301cb83ec0726a3ab6143ccdabb5474c4 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Mon, 26 Feb 2024 16:16:45 +1100 Subject: [PATCH 16/41] chore: upgrade ingress-nginx and allowSnippetAnnotations --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 79278339..45f64657 100644 --- a/Makefile +++ b/Makefile @@ -73,13 +73,13 @@ endif .PHONY: install-ingress install-ingress: - # Using 4.7.x because server snippets https://github.com/kubernetes/ingress-nginx/issues/10543 $(HELM) upgrade \ --install \ --create-namespace \ --namespace ingress-nginx \ --wait \ --timeout $(TIMEOUT) \ + --set controller.allowSnippetAnnotations=true \ --set controller.service.type=NodePort \ --set controller.service.nodePorts.http=32080 \ --set controller.service.nodePorts.https=32443 \ @@ -87,7 +87,7 @@ install-ingress: --set controller.config.hsts="false" \ --set controller.watchIngressWithoutClass=true \ --set controller.ingressClassResource.default=true \ - --version=4.7.5 \ + --version=4.9.1 \ ingress-nginx \ ingress-nginx/ingress-nginx From 898f50c2a48ab5fc58af1f514e654fac03319d24 Mon Sep 17 00:00:00 2001 From: Scott Leggett Date: Fri, 23 Feb 2024 22:07:16 +0800 Subject: [PATCH 17/41] feat: add support for logs access via SSH --- .../templates/ssh-portal.clusterrole.yaml | 15 +++++++++++++++ .../templates/ssh-portal.deployment.yaml | 4 ++++ charts/lagoon-remote/values.yaml | 6 +++++- 3 files changed, 24 insertions(+), 1 deletion(-) diff --git a/charts/lagoon-remote/templates/ssh-portal.clusterrole.yaml b/charts/lagoon-remote/templates/ssh-portal.clusterrole.yaml index f3070b64..276d5378 100644 --- a/charts/lagoon-remote/templates/ssh-portal.clusterrole.yaml +++ b/charts/lagoon-remote/templates/ssh-portal.clusterrole.yaml @@ -42,4 +42,19 @@ rules: - pods/exec verbs: - create +{{- if .Values.sshPortal.logAccessEnabled }} +# k8s.Logs +- apiGroups: + - "" + resources: + - pods/log + verbs: + - get +- apiGroups: + - "" + resources: + - pods + verbs: + - watch +{{- end }} {{- end }} diff --git a/charts/lagoon-remote/templates/ssh-portal.deployment.yaml b/charts/lagoon-remote/templates/ssh-portal.deployment.yaml index 4caa2e45..3b49dfec 100644 --- a/charts/lagoon-remote/templates/ssh-portal.deployment.yaml +++ b/charts/lagoon-remote/templates/ssh-portal.deployment.yaml @@ -37,6 +37,10 @@ spec: - name: DEBUG value: "true" {{- end }} + {{- if .Values.sshPortal.logAccessEnabled }} + - name: LOG_ACCESS_ENABLED + value: "true" + {{- end }} - name: NATS_URL value: nats://{{ include "lagoon-remote.fullname" . }}-nats {{- range $key, $val := .Values.sshPortal.additionalEnvs }} diff --git a/charts/lagoon-remote/values.yaml b/charts/lagoon-remote/values.yaml index 866f1871..afa4123d 100644 --- a/charts/lagoon-remote/values.yaml +++ b/charts/lagoon-remote/values.yaml @@ -126,7 +126,7 @@ sshPortal: repository: ghcr.io/uselagoon/lagoon-ssh-portal/ssh-portal pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - tag: "v0.30.1" + tag: "v0.34.0" service: type: LoadBalancer @@ -163,6 +163,10 @@ sshPortal: ed25519: "" rsa: "" + # Log access via SSH is disabled by default. + # Uncomment this line to enable log access via SSH. + # logAccessEnabled: true + # This subchart is disabled by default until this build-deploy type is in # widespread use. lagoon-build-deploy: From f0341ae7dc28b04c06515509500f2714d6c1697e Mon Sep 17 00:00:00 2001 From: Scott Leggett Date: Fri, 23 Feb 2024 22:07:51 +0800 Subject: [PATCH 18/41] chore: bump lagoon-remote chart version --- charts/lagoon-remote/Chart.yaml | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/charts/lagoon-remote/Chart.yaml b/charts/lagoon-remote/Chart.yaml index 26141057..ad732f93 100644 --- a/charts/lagoon-remote/Chart.yaml +++ b/charts/lagoon-remote/Chart.yaml @@ -19,7 +19,7 @@ type: application # This is the chart version. This version number should be incremented each # time you make changes to the chart and its templates, including the app # version. -version: 0.87.0 +version: 0.88.0 dependencies: - name: lagoon-build-deploy @@ -45,10 +45,6 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: remove insights-remote service if not enabled - - kind: removed - description: removed old kubernetes build deploy references - - kind: changed - description: updated to insights-remote:v0.0.8 - - kind: changed - description: updated lagoon-build-deploy chart to v0.26.3 + description: update ssh-portal to v0.34.0 + - kind: added + description: add support for logs access via SSH From 36079e8ceef22632db2516a2df3fc6d1a7fef1d2 Mon Sep 17 00:00:00 2001 From: Scott Leggett Date: Fri, 23 Feb 2024 22:09:15 +0800 Subject: [PATCH 19/41] chore: enable log access in ci values --- charts/lagoon-remote/ci/linter-values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/lagoon-remote/ci/linter-values.yaml b/charts/lagoon-remote/ci/linter-values.yaml index 9c7e7d9d..b377b7b4 100644 --- a/charts/lagoon-remote/ci/linter-values.yaml +++ b/charts/lagoon-remote/ci/linter-values.yaml @@ -96,5 +96,7 @@ sshPortal: 6lnrpkhPYdpdKnF3PCEyAAAAAAECAwQF -----END OPENSSH PRIVATE KEY----- + logAccessEnabled: true + storageCalculator: enabled: true From 3120b26b57d35cb0e1ab9a39e42ce6963347caff Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 28 Feb 2024 10:43:04 +1100 Subject: [PATCH 20/41] chore: update storage-calculator to v0.5.2 --- charts/lagoon-remote/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/lagoon-remote/values.yaml b/charts/lagoon-remote/values.yaml index 0c039946..cd747e32 100644 --- a/charts/lagoon-remote/values.yaml +++ b/charts/lagoon-remote/values.yaml @@ -369,4 +369,4 @@ storageCalculator: repository: uselagoon/remote-calculator pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - tag: v0.5.1 + tag: v0.5.2 From 90dca494d0a654c3a53ab8c87c963156174b4c98 Mon Sep 17 00:00:00 2001 From: Blaize M Kaye Date: Tue, 5 Mar 2024 07:46:22 +1100 Subject: [PATCH 21/41] Updates insights handler and remote versions --- charts/lagoon-core/values.yaml | 2 +- charts/lagoon-remote/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/lagoon-core/values.yaml b/charts/lagoon-core/values.yaml index 9b1b167d..c1a75219 100644 --- a/charts/lagoon-core/values.yaml +++ b/charts/lagoon-core/values.yaml @@ -595,7 +595,7 @@ insightsHandler: repository: uselagoon/insights-handler pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: main + tag: "v0.0.4" podAnnotations: {} diff --git a/charts/lagoon-remote/values.yaml b/charts/lagoon-remote/values.yaml index cd747e32..ce97adbf 100644 --- a/charts/lagoon-remote/values.yaml +++ b/charts/lagoon-remote/values.yaml @@ -215,7 +215,7 @@ insightsRemote: repository: uselagoon/insights-remote pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "v0.0.8" + tag: "v0.0.9" imagePullSecrets: [] nameOverride: "" From 5da09faae905c8ef13a5b4a372acd87b787a255d Mon Sep 17 00:00:00 2001 From: Blaize M Kaye Date: Tue, 5 Mar 2024 07:47:29 +1100 Subject: [PATCH 22/41] Adds artifacthub changelog --- charts/lagoon-core/Chart.yaml | 2 ++ charts/lagoon-remote/Chart.yaml | 4 +++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/charts/lagoon-core/Chart.yaml b/charts/lagoon-core/Chart.yaml index 84795f4d..29ebb0a6 100644 --- a/charts/lagoon-core/Chart.yaml +++ b/charts/lagoon-core/Chart.yaml @@ -44,3 +44,5 @@ annotations: description: remove unused legacy registry setting from core - kind: changed description: modify keycloak liveness and readiness endpoint + - kind: changed + description: updated insights-handler to v0.0.4 diff --git a/charts/lagoon-remote/Chart.yaml b/charts/lagoon-remote/Chart.yaml index 47052664..7b2b3eeb 100644 --- a/charts/lagoon-remote/Chart.yaml +++ b/charts/lagoon-remote/Chart.yaml @@ -41,8 +41,10 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: update storage-calculator to v0.5.1 + description: update storage-calculator to v0.5.2 - kind: changed description: added metrics to storage-calculator - kind: removed description: removed dioscuri subchart, activestandby is handled via a Lagoon task directly now + - kind: changed + description: updated insights-remote version to v0.0.9 From 5ea4cdf4e58e1bd74bc1f2562428bb558b3576cc Mon Sep 17 00:00:00 2001 From: shreddedbacon Date: Tue, 12 Mar 2024 08:04:13 +1100 Subject: [PATCH 23/41] chore: add migration init container --- charts/lagoon-core/templates/api.deployment.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/charts/lagoon-core/templates/api.deployment.yaml b/charts/lagoon-core/templates/api.deployment.yaml index 482721db..6ae9bb80 100644 --- a/charts/lagoon-core/templates/api.deployment.yaml +++ b/charts/lagoon-core/templates/api.deployment.yaml @@ -30,6 +30,12 @@ spec: {{- end }} securityContext: {{- toYaml (coalesce .Values.api.podSecurityContext .Values.podSecurityContext) | nindent 8 }} + initContainers: + - command: + - "node -r dotenv-extended/config dist/migrations/lagoon/migration.js" + image: "{{ .Values.api.image.repository }}:{{ coalesce .Values.api.image.tag .Values.imageTag .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.api.image.pullPolicy }} + name: migrations containers: - name: api securityContext: From 7d554433f4a4c247d94b6f1ea3df74da9b4686ea Mon Sep 17 00:00:00 2001 From: shreddedbacon Date: Tue, 12 Mar 2024 08:04:13 +1100 Subject: [PATCH 24/41] chore: fix entry command --- charts/lagoon-core/templates/api.deployment.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/lagoon-core/templates/api.deployment.yaml b/charts/lagoon-core/templates/api.deployment.yaml index 6ae9bb80..e2d7d330 100644 --- a/charts/lagoon-core/templates/api.deployment.yaml +++ b/charts/lagoon-core/templates/api.deployment.yaml @@ -32,6 +32,8 @@ spec: {{- toYaml (coalesce .Values.api.podSecurityContext .Values.podSecurityContext) | nindent 8 }} initContainers: - command: + - "sh" + - "-c" - "node -r dotenv-extended/config dist/migrations/lagoon/migration.js" image: "{{ .Values.api.image.repository }}:{{ coalesce .Values.api.image.tag .Values.imageTag .Chart.AppVersion }}" imagePullPolicy: {{ .Values.api.image.pullPolicy }} From 0c4a5c3bdf1f2e38bc5ea1a94f177a2767149382 Mon Sep 17 00:00:00 2001 From: shreddedbacon Date: Tue, 12 Mar 2024 08:04:13 +1100 Subject: [PATCH 25/41] chore: add missing vars secret --- .../lagoon-core/templates/api.deployment.yaml | 33 +++++++++++++++++++ .../templates/keycloak.deployment.yaml | 13 ++++++++ 2 files changed, 46 insertions(+) diff --git a/charts/lagoon-core/templates/api.deployment.yaml b/charts/lagoon-core/templates/api.deployment.yaml index e2d7d330..9e80c224 100644 --- a/charts/lagoon-core/templates/api.deployment.yaml +++ b/charts/lagoon-core/templates/api.deployment.yaml @@ -38,6 +38,39 @@ spec: image: "{{ .Values.api.image.repository }}:{{ coalesce .Values.api.image.tag .Values.imageTag .Chart.AppVersion }}" imagePullPolicy: {{ .Values.api.image.pullPolicy }} name: migrations + env: + - name: API_DB_HOST + value: {{ include "lagoon-core.apiDB.fullname" . }} + - name: API_DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "lagoon-core.apiDB.fullname" . }} + key: API_DB_PASSWORD + - name: KEYCLOAK_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "lagoon-core.keycloak.fullname" . }} + key: KEYCLOAK_ADMIN_PASSWORD + - name: KEYCLOAK_ADMIN_USER + value: {{ .Values.keycloakAdminUser | quote }} + - name: KEYCLOAK_API_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "lagoon-core.keycloak.fullname" . }} + key: KEYCLOAK_API_CLIENT_SECRET + - name: KEYCLOAK_URL + {{- if .Values.keycloakFrontEndURL }} + value: {{ .Values.keycloakFrontEndURL }} + {{- else if .Values.keycloak.ingress.enabled }} + value: https://{{ index .Values.keycloak.ingress.hosts 0 "host" }} + {{- else }} + value: http://{{ include "lagoon-core.keycloak.fullname" . }}:{{ .Values.keycloak.service.port }} + {{- end }} + - name: REDIS_HOST + value: {{ include "lagoon-core.apiRedis.fullname" . }} + envFrom: + - secretRef: + name: {{ include "lagoon-core.api.fullname" . }} containers: - name: api securityContext: diff --git a/charts/lagoon-core/templates/keycloak.deployment.yaml b/charts/lagoon-core/templates/keycloak.deployment.yaml index a6820658..5392589e 100644 --- a/charts/lagoon-core/templates/keycloak.deployment.yaml +++ b/charts/lagoon-core/templates/keycloak.deployment.yaml @@ -53,6 +53,19 @@ spec: - name: KEYCLOAK_ADMIN_EMAIL value: {{ . | quote }} {{- end }} + - name: LAGOON_DB_HOST + value: {{ include "lagoon-core.apiDB.fullname" . }} + - name: LAGOON_DB_VENDOR + value: mariadb + - name: LAGOON_DB_USER + value: api + - name: LAGOON_DB_DATABASE + value: infrastructure + - name: LAGOON_DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "lagoon-core.apiDB.fullname" . }} + key: API_DB_PASSWORD {{- range $key, $val := .Values.keycloak.additionalEnvs }} - name: {{ $key }} value: {{ $val | quote }} From 165445418c901d12077cbe3af7f1866c4ee6c2d0 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Tue, 12 Mar 2024 08:09:20 +1100 Subject: [PATCH 26/41] chore: add artifacthub changelog --- charts/lagoon-remote/Chart.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/lagoon-remote/Chart.yaml b/charts/lagoon-remote/Chart.yaml index 7b2b3eeb..1ce3a916 100644 --- a/charts/lagoon-remote/Chart.yaml +++ b/charts/lagoon-remote/Chart.yaml @@ -48,3 +48,5 @@ annotations: description: removed dioscuri subchart, activestandby is handled via a Lagoon task directly now - kind: changed description: updated insights-remote version to v0.0.9 + - kind: changed + description: added initcontainer to api to handle keycloak migrations From 4279733214d84e11b6052ed3ddd7b2a9b206167a Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 13 Mar 2024 07:56:36 +1100 Subject: [PATCH 27/41] chore: fix consistent indent-sequence YAML --- .../lagoon-core/templates/api.deployment.yaml | 80 +++++++++---------- 1 file changed, 40 insertions(+), 40 deletions(-) diff --git a/charts/lagoon-core/templates/api.deployment.yaml b/charts/lagoon-core/templates/api.deployment.yaml index 9e80c224..2ef50a39 100644 --- a/charts/lagoon-core/templates/api.deployment.yaml +++ b/charts/lagoon-core/templates/api.deployment.yaml @@ -31,46 +31,46 @@ spec: securityContext: {{- toYaml (coalesce .Values.api.podSecurityContext .Values.podSecurityContext) | nindent 8 }} initContainers: - - command: - - "sh" - - "-c" - - "node -r dotenv-extended/config dist/migrations/lagoon/migration.js" - image: "{{ .Values.api.image.repository }}:{{ coalesce .Values.api.image.tag .Values.imageTag .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.api.image.pullPolicy }} - name: migrations - env: - - name: API_DB_HOST - value: {{ include "lagoon-core.apiDB.fullname" . }} - - name: API_DB_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "lagoon-core.apiDB.fullname" . }} - key: API_DB_PASSWORD - - name: KEYCLOAK_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "lagoon-core.keycloak.fullname" . }} - key: KEYCLOAK_ADMIN_PASSWORD - - name: KEYCLOAK_ADMIN_USER - value: {{ .Values.keycloakAdminUser | quote }} - - name: KEYCLOAK_API_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: {{ include "lagoon-core.keycloak.fullname" . }} - key: KEYCLOAK_API_CLIENT_SECRET - - name: KEYCLOAK_URL - {{- if .Values.keycloakFrontEndURL }} - value: {{ .Values.keycloakFrontEndURL }} - {{- else if .Values.keycloak.ingress.enabled }} - value: https://{{ index .Values.keycloak.ingress.hosts 0 "host" }} - {{- else }} - value: http://{{ include "lagoon-core.keycloak.fullname" . }}:{{ .Values.keycloak.service.port }} - {{- end }} - - name: REDIS_HOST - value: {{ include "lagoon-core.apiRedis.fullname" . }} - envFrom: - - secretRef: - name: {{ include "lagoon-core.api.fullname" . }} + - command: + - "sh" + - "-c" + - "node -r dotenv-extended/config dist/migrations/lagoon/migration.js" + image: "{{ .Values.api.image.repository }}:{{ coalesce .Values.api.image.tag .Values.imageTag .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.api.image.pullPolicy }} + name: migrations + env: + - name: API_DB_HOST + value: {{ include "lagoon-core.apiDB.fullname" . }} + - name: API_DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "lagoon-core.apiDB.fullname" . }} + key: API_DB_PASSWORD + - name: KEYCLOAK_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "lagoon-core.keycloak.fullname" . }} + key: KEYCLOAK_ADMIN_PASSWORD + - name: KEYCLOAK_ADMIN_USER + value: {{ .Values.keycloakAdminUser | quote }} + - name: KEYCLOAK_API_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "lagoon-core.keycloak.fullname" . }} + key: KEYCLOAK_API_CLIENT_SECRET + - name: KEYCLOAK_URL + {{- if .Values.keycloakFrontEndURL }} + value: {{ .Values.keycloakFrontEndURL }} + {{- else if .Values.keycloak.ingress.enabled }} + value: https://{{ index .Values.keycloak.ingress.hosts 0 "host" }} + {{- else }} + value: http://{{ include "lagoon-core.keycloak.fullname" . }}:{{ .Values.keycloak.service.port }} + {{- end }} + - name: REDIS_HOST + value: {{ include "lagoon-core.apiRedis.fullname" . }} + envFrom: + - secretRef: + name: {{ include "lagoon-core.api.fullname" . }} containers: - name: api securityContext: From d2da4b4fd6adf0b4b82104263265b07683c3fd21 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 13 Mar 2024 07:56:49 +1100 Subject: [PATCH 28/41] test: use image overrides in linter --- charts/lagoon-core/ci/linter-values.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/lagoon-core/ci/linter-values.yaml b/charts/lagoon-core/ci/linter-values.yaml index 5278a7eb..99663c60 100644 --- a/charts/lagoon-core/ci/linter-values.yaml +++ b/charts/lagoon-core/ci/linter-values.yaml @@ -27,7 +27,9 @@ keycloakAdminEmail: admin@example.com api: replicaCount: 1 image: - repository: uselagoon/api +# TODO - update repo/tag before v2.18 release + repository: testlagoon/api + tag: main resources: requests: cpu: "10m" @@ -47,7 +49,6 @@ apiRedis: requests: cpu: "10m" -# TODO - update repo/tag before v2.11 release actionsHandler: replicaCount: 1 image: @@ -71,7 +72,9 @@ keycloak: replyTo: lagoon@example.com envelopeFrom: lagoon@example.com image: - repository: uselagoon/keycloak +# TODO - update repo/tag before v2.18 release + repository: testlagoon/keycloak + tag: main resources: requests: cpu: "10m" From 7bf57b2905a493ceb7933a098b781e401feb89b2 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 13 Mar 2024 13:00:59 +1100 Subject: [PATCH 29/41] chore: update lagoon-build-deploy to 0.26.4 --- charts/lagoon-remote/Chart.lock | 6 +++--- charts/lagoon-remote/Chart.yaml | 2 ++ charts/lagoon-remote/README.md | 4 ++-- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/charts/lagoon-remote/Chart.lock b/charts/lagoon-remote/Chart.lock index 9f4c93aa..3def3a55 100644 --- a/charts/lagoon-remote/Chart.lock +++ b/charts/lagoon-remote/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: lagoon-build-deploy repository: https://uselagoon.github.io/lagoon-charts/ - version: 0.26.3 + version: 0.26.4 - name: dbaas-operator repository: https://amazeeio.github.io/charts/ version: 0.3.0 - name: nats repository: https://nats-io.github.io/k8s/helm/charts/ version: 0.19.17 -digest: sha256:19d026667151fe980c86b856f5e061d89bd669afaef89e1e88a69b8730950bb5 -generated: "2024-02-15T10:02:47.025667985+11:00" +digest: sha256:474fd1780a647f467a7120a0ad75fc1cd02bb3e6a7b964a75a4c5bbaefb4344b +generated: "2024-03-13T12:56:47.068393312+11:00" diff --git a/charts/lagoon-remote/Chart.yaml b/charts/lagoon-remote/Chart.yaml index 1ce3a916..27372ec7 100644 --- a/charts/lagoon-remote/Chart.yaml +++ b/charts/lagoon-remote/Chart.yaml @@ -50,3 +50,5 @@ annotations: description: updated insights-remote version to v0.0.9 - kind: changed description: added initcontainer to api to handle keycloak migrations + - kind: changed + description: update lagoon-build-deploy to 0.26.4 diff --git a/charts/lagoon-remote/README.md b/charts/lagoon-remote/README.md index 6cec937f..aa18e320 100644 --- a/charts/lagoon-remote/README.md +++ b/charts/lagoon-remote/README.md @@ -12,7 +12,7 @@ This is outside the scope of this README. ## Install -*NOTE:* This chart must be installed into the `lagoon` namespace because software that consumes lagoon services inside the cluster asumes that services are available at `*.lagoon.svc`. +*NOTE:* This chart must be installed into the `lagoon` namespace because software that consumes lagoon services inside the cluster assumes that services are available at `*.lagoon.svc`. ``` helm upgrade --install --create-namespace --namespace lagoon lagoon-remote ./charts/lagoon-remote @@ -20,7 +20,7 @@ helm upgrade --install --create-namespace --namespace lagoon lagoon-remote ./cha ### OpenShift -the included docker-host needs `priviledged` permissions: +the included docker-host needs `privileged` permissions: ``` oc -n lagoon adm policy add-scc-to-user privileged -z lagoon-remote-docker-host From e085450c4f7e2c6c381dc4a96878ea1020fce23a Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 13 Mar 2024 17:08:02 +1100 Subject: [PATCH 30/41] test: add image.tag overrides for api and keycloak --- Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Makefile b/Makefile index 45f64657..108fce7e 100644 --- a/Makefile +++ b/Makefile @@ -186,6 +186,7 @@ install-lagoon-core: install-minio --set "lagoonAPIURL=http://lagoon-api.$$($(KUBECTL) get nodes -o jsonpath='{.items[0].status.addresses[0].address}').nip.io:32080/graphql" \ --set actionsHandler.image.repository=$(IMAGE_REGISTRY)/actions-handler \ --set api.image.repository=$(IMAGE_REGISTRY)/api \ + --set api.image.tag=$(IMAGE_TAG) \ --set apiDB.image.repository=$(IMAGE_REGISTRY)/api-db \ --set apiRedis.image.repository=$(IMAGE_REGISTRY)/api-redis \ --set authServer.image.repository=$(IMAGE_REGISTRY)/auth-server \ @@ -194,6 +195,7 @@ install-lagoon-core: install-minio --set broker.image.repository=$(IMAGE_REGISTRY)/broker \ --set insightsHandler.enabled=false \ --set keycloak.image.repository=$(IMAGE_REGISTRY)/keycloak \ + --set keycloak.image.tag=$(IMAGE_TAG) \ --set keycloakDB.image.repository=$(IMAGE_REGISTRY)/keycloak-db \ --set logs2notifications.image.repository=$(IMAGE_REGISTRY)/logs2notifications \ --set logs2notifications.email.disabled=true \ From 1935823681e6611445a5e87afdeb6fbd6e1e4e0e Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 20 Mar 2024 15:27:36 +1100 Subject: [PATCH 31/41] chore: add keycloak ingress buffer size --- charts/lagoon-core/ci/linter-values.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/charts/lagoon-core/ci/linter-values.yaml b/charts/lagoon-core/ci/linter-values.yaml index 99663c60..0229354c 100644 --- a/charts/lagoon-core/ci/linter-values.yaml +++ b/charts/lagoon-core/ci/linter-values.yaml @@ -78,6 +78,9 @@ keycloak: resources: requests: cpu: "10m" + ingress: + annotations: + nginx.ingress.kubernetes.io/proxy-buffer-size: "128k" keycloakDB: image: From 9b4a77c7d82c6dc6556c8fbed6011b3ed9583fb8 Mon Sep 17 00:00:00 2001 From: Brandon Williams Date: Thu, 21 Mar 2024 11:10:56 -0500 Subject: [PATCH 32/41] fix: apiDB livenessProbe access denied Using `localhost` and port `3306` forces mysqladmin to connect to `127.0.0.1` via TCP, instead of via socket. The uselagoon/mariadb images only set a root password for `localhost`, so the attempt to authenticate via `127.0.0.1` fails. --- charts/lagoon-core/values.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/charts/lagoon-core/values.yaml b/charts/lagoon-core/values.yaml index f37eea9a..7f77386b 100644 --- a/charts/lagoon-core/values.yaml +++ b/charts/lagoon-core/values.yaml @@ -180,8 +180,6 @@ apiDB: exec: command: - mysqladmin - - --host=localhost - - --port=3306 - --connect-timeout=4 - ping From e60f4c2abba35070d1fe6fc4d25ac17b65c78cdd Mon Sep 17 00:00:00 2001 From: Brandon Williams Date: Thu, 21 Mar 2024 11:10:57 -0500 Subject: [PATCH 33/41] feat: apiDB readinessProbe uses SQL query for test The current TCP based readiness probe causes an `Aborted connection` log for each check. Changing it to the `readiness-probe.sh` script removes the log and also ensures that mysqld is able to serve SQL requests, not just that it can open a socket. --- charts/lagoon-core/templates/api-db.statefulset.yaml | 5 +++-- charts/lagoon-core/values.yaml | 5 +++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/lagoon-core/templates/api-db.statefulset.yaml b/charts/lagoon-core/templates/api-db.statefulset.yaml index a52cb755..3214fa42 100644 --- a/charts/lagoon-core/templates/api-db.statefulset.yaml +++ b/charts/lagoon-core/templates/api-db.statefulset.yaml @@ -49,9 +49,10 @@ spec: volumeMounts: - name: {{ include "lagoon-core.apiDB.fullname" . }}-data mountPath: /var/lib/mysql + {{- with .Values.apiDB.readinessProbe }} readinessProbe: - tcpSocket: - port: mariadb + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.apiDB.livenessProbe }} livenessProbe: {{- toYaml . | nindent 10 }} diff --git a/charts/lagoon-core/values.yaml b/charts/lagoon-core/values.yaml index 7f77386b..dad80d0a 100644 --- a/charts/lagoon-core/values.yaml +++ b/charts/lagoon-core/values.yaml @@ -183,6 +183,11 @@ apiDB: - --connect-timeout=4 - ping + readinessProbe: + exec: + command: + - /usr/share/container-scripts/mysql/readiness-probe.sh + apiRedis: image: repository: uselagoon/api-redis From fd3521d5191904381c78a402f05f17e6c4476441 Mon Sep 17 00:00:00 2001 From: Brandon Williams Date: Thu, 21 Mar 2024 11:10:57 -0500 Subject: [PATCH 34/41] feat: apiDB startupProbe waits for maraidb init script to complete The mariadb init script starts mysqld multiple times, so a TCP check will signal startup is complete before the init is actually finished. --- charts/lagoon-core/values.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/charts/lagoon-core/values.yaml b/charts/lagoon-core/values.yaml index dad80d0a..33559362 100644 --- a/charts/lagoon-core/values.yaml +++ b/charts/lagoon-core/values.yaml @@ -173,8 +173,11 @@ apiDB: startupProbe: # 60*10s period = 10 minutes failureThreshold: 60 - tcpSocket: - port: mariadb + exec: + command: + - test + - -f + - /tmp/mariadb-init-complete livenessProbe: exec: From df0524182e487d7e7de81711950015da0d479e25 Mon Sep 17 00:00:00 2001 From: Brandon Williams Date: Thu, 21 Mar 2024 11:10:58 -0500 Subject: [PATCH 35/41] feat: apiDB configurable terminationGracePeriodSeconds --- charts/lagoon-core/templates/api-db.statefulset.yaml | 4 ++++ charts/lagoon-core/values.yaml | 2 ++ 2 files changed, 6 insertions(+) diff --git a/charts/lagoon-core/templates/api-db.statefulset.yaml b/charts/lagoon-core/templates/api-db.statefulset.yaml index 3214fa42..2b497996 100644 --- a/charts/lagoon-core/templates/api-db.statefulset.yaml +++ b/charts/lagoon-core/templates/api-db.statefulset.yaml @@ -79,6 +79,10 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.apiDB.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: + {{- toYaml . | nindent 8 }} + {{- end }} volumeClaimTemplates: - metadata: name: {{ include "lagoon-core.apiDB.fullname" . }}-data diff --git a/charts/lagoon-core/values.yaml b/charts/lagoon-core/values.yaml index 33559362..adb5cd7c 100644 --- a/charts/lagoon-core/values.yaml +++ b/charts/lagoon-core/values.yaml @@ -170,6 +170,8 @@ apiDB: storageSize: 128Gi + terminationGracePeriodSeconds: 30 + startupProbe: # 60*10s period = 10 minutes failureThreshold: 60 From 5172590a2ad05189cff18796bc6edd6d6f0f8dec Mon Sep 17 00:00:00 2001 From: Brandon Williams Date: Thu, 21 Mar 2024 11:10:59 -0500 Subject: [PATCH 36/41] feat: align keycloakDB template with apiDB - livenessProbe access denied warnings - readinessProbe aborted connection warnings - startupProbe waits for mariadb init to complete - add configurable terminationGracePeriod --- .../templates/keycloak-db.statefulset.yaml | 16 +++++++++++----- charts/lagoon-core/values.yaml | 14 ++++++++++++++ 2 files changed, 25 insertions(+), 5 deletions(-) diff --git a/charts/lagoon-core/templates/keycloak-db.statefulset.yaml b/charts/lagoon-core/templates/keycloak-db.statefulset.yaml index 3465debc..eedf9351 100644 --- a/charts/lagoon-core/templates/keycloak-db.statefulset.yaml +++ b/charts/lagoon-core/templates/keycloak-db.statefulset.yaml @@ -49,12 +49,14 @@ spec: volumeMounts: - name: {{ include "lagoon-core.keycloakDB.fullname" . }}-data mountPath: /var/lib/mysql - livenessProbe: - tcpSocket: - port: mariadb + {{- with .Values.keycloakDB.readinessProbe }} readinessProbe: - tcpSocket: - port: mariadb + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.keycloakDB.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.keycloakDB.startupProbe }} startupProbe: {{- toYaml . | nindent 10 }} @@ -77,6 +79,10 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.keycloakDB.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: + {{- toYaml . | nindent 8 }} + {{- end }} volumeClaimTemplates: - metadata: name: {{ include "lagoon-core.keycloakDB.fullname" . }}-data diff --git a/charts/lagoon-core/values.yaml b/charts/lagoon-core/values.yaml index adb5cd7c..7fc4908f 100644 --- a/charts/lagoon-core/values.yaml +++ b/charts/lagoon-core/values.yaml @@ -304,12 +304,26 @@ keycloakDB: additionalEnvs: # FOO: Bar + terminationGracePeriodSeconds: 30 + startupProbe: # 60*10s period = 10 minutes failureThreshold: 60 tcpSocket: port: mariadb + livenessProbe: + exec: + command: + - mysqladmin + - --connect-timeout=4 + - ping + + readinessProbe: + exec: + command: + - /usr/share/container-scripts/mysql/readiness-probe.sh + broker: replicaCount: 3 image: From 01863ac25714ec938d742df8fb86fbd1955efdbe Mon Sep 17 00:00:00 2001 From: Brandon Williams Date: Thu, 21 Mar 2024 11:10:59 -0500 Subject: [PATCH 37/41] chore: lagoon-core chart version bump and artifacthub changelog --- charts/lagoon-core/Chart.yaml | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/charts/lagoon-core/Chart.yaml b/charts/lagoon-core/Chart.yaml index 0b1d71bb..b8758d3b 100644 --- a/charts/lagoon-core/Chart.yaml +++ b/charts/lagoon-core/Chart.yaml @@ -21,7 +21,7 @@ type: application # time you make changes to the chart and its templates, including the app # version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.41.0 +version: 1.42.0 # This is the version number of the application being deployed. This version # number should be incremented each time you make changes to the application. @@ -40,11 +40,13 @@ dependencies: # Valid supported kinds are added, changed, deprecated, removed, fixed and security annotations: artifacthub.io/changes: | - - kind: changed - description: bump lagoon-opensearch-sync version to v0.7.1 - - kind: changed - description: updated to insights-handler:v0.0.2 - - kind: changed - description: pinned insights to trivy:0.48.0 - - kind: changed - description: update lagoon appVersion to v2.17.0 + - kind: fixed + description: apiDB livenessProbe access denied + - kind: added + description: apiDB readinessProbe uses sql query + - kind: added + description: apiDB startupProbe waits for init completion + - kind: added + description: apiDB configurable terminationGracePeriodSeconds + - kind: added + description: keycloakDB aligns to apiDB From e0135037d0c0205ca20c8e260b126b692eb45720 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Fri, 22 Mar 2024 08:47:35 +1100 Subject: [PATCH 38/41] test: point testing DB images to temp images --- Makefile | 2 ++ charts/lagoon-core/ci/linter-values.yaml | 8 ++++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 108fce7e..16847628 100644 --- a/Makefile +++ b/Makefile @@ -188,6 +188,7 @@ install-lagoon-core: install-minio --set api.image.repository=$(IMAGE_REGISTRY)/api \ --set api.image.tag=$(IMAGE_TAG) \ --set apiDB.image.repository=$(IMAGE_REGISTRY)/api-db \ + --set apiDB.image.tag=testing-updated-db-images \ --set apiRedis.image.repository=$(IMAGE_REGISTRY)/api-redis \ --set authServer.image.repository=$(IMAGE_REGISTRY)/auth-server \ --set autoIdler.enabled=false \ @@ -197,6 +198,7 @@ install-lagoon-core: install-minio --set keycloak.image.repository=$(IMAGE_REGISTRY)/keycloak \ --set keycloak.image.tag=$(IMAGE_TAG) \ --set keycloakDB.image.repository=$(IMAGE_REGISTRY)/keycloak-db \ + --set keycloakDB.image.tag=testing-updated-db-images \ --set logs2notifications.image.repository=$(IMAGE_REGISTRY)/logs2notifications \ --set logs2notifications.email.disabled=true \ --set logs2notifications.microsoftteams.disabled=true \ diff --git a/charts/lagoon-core/ci/linter-values.yaml b/charts/lagoon-core/ci/linter-values.yaml index 0229354c..12184c78 100644 --- a/charts/lagoon-core/ci/linter-values.yaml +++ b/charts/lagoon-core/ci/linter-values.yaml @@ -36,7 +36,9 @@ api: apiDB: image: - repository: uselagoon/api-db +# TODO - update repo/tag before v2.18 release + repository: testlagoon/api-db + tag: testing-updated-db-images storageSize: 16Gi resources: requests: @@ -84,7 +86,9 @@ keycloak: keycloakDB: image: - repository: uselagoon/keycloak-db +# TODO - update repo/tag before v2.18 release + repository: testlagoon/keycloak-db + tag: testing-updated-db-images resources: requests: cpu: "10m" From 1255a5a5dd0a3a71f433f83ffebd49491f462cac Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Mon, 25 Mar 2024 08:31:44 +1100 Subject: [PATCH 39/41] chore: use published images in CI --- Makefile | 4 ++-- charts/lagoon-core/ci/linter-values.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 16847628..e07a1f6a 100644 --- a/Makefile +++ b/Makefile @@ -188,7 +188,7 @@ install-lagoon-core: install-minio --set api.image.repository=$(IMAGE_REGISTRY)/api \ --set api.image.tag=$(IMAGE_TAG) \ --set apiDB.image.repository=$(IMAGE_REGISTRY)/api-db \ - --set apiDB.image.tag=testing-updated-db-images \ + --set apiDB.image.tag=$(IMAGE_TAG) \ --set apiRedis.image.repository=$(IMAGE_REGISTRY)/api-redis \ --set authServer.image.repository=$(IMAGE_REGISTRY)/auth-server \ --set autoIdler.enabled=false \ @@ -198,7 +198,7 @@ install-lagoon-core: install-minio --set keycloak.image.repository=$(IMAGE_REGISTRY)/keycloak \ --set keycloak.image.tag=$(IMAGE_TAG) \ --set keycloakDB.image.repository=$(IMAGE_REGISTRY)/keycloak-db \ - --set keycloakDB.image.tag=testing-updated-db-images \ + --set keycloakDB.image.tag=$(IMAGE_TAG) \ --set logs2notifications.image.repository=$(IMAGE_REGISTRY)/logs2notifications \ --set logs2notifications.email.disabled=true \ --set logs2notifications.microsoftteams.disabled=true \ diff --git a/charts/lagoon-core/ci/linter-values.yaml b/charts/lagoon-core/ci/linter-values.yaml index 12184c78..908cdfb4 100644 --- a/charts/lagoon-core/ci/linter-values.yaml +++ b/charts/lagoon-core/ci/linter-values.yaml @@ -38,7 +38,7 @@ apiDB: image: # TODO - update repo/tag before v2.18 release repository: testlagoon/api-db - tag: testing-updated-db-images + tag: main storageSize: 16Gi resources: requests: @@ -88,7 +88,7 @@ keycloakDB: image: # TODO - update repo/tag before v2.18 release repository: testlagoon/keycloak-db - tag: testing-updated-db-images + tag: main resources: requests: cpu: "10m" From 4b96a4724a530887d072a5bdba49398c08a65811 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Tue, 2 Apr 2024 12:54:04 +1100 Subject: [PATCH 40/41] fix: remove overrides used in testing --- .github/workflows/test-suite.yaml | 4 ++-- Makefile | 4 ---- charts/lagoon-core/ci/linter-values.yaml | 16 ++++------------ 3 files changed, 6 insertions(+), 18 deletions(-) diff --git a/.github/workflows/test-suite.yaml b/.github/workflows/test-suite.yaml index 69cbea3c..73a03daa 100644 --- a/.github/workflows/test-suite.yaml +++ b/.github/workflows/test-suite.yaml @@ -123,8 +123,8 @@ jobs: if: | (steps.list-changed.outputs.changed == 'true') || (contains(github.event.pull_request.labels.*.name, 'needs-testing')) - run: make -j8 -O fill-test-ci-values TESTS=[${{ matrix.test }}] IMAGE_REGISTRY=testlagoon IMAGE_TAG=main OVERRIDE_BUILD_DEPLOY_DIND_IMAGE=uselagoon/build-deploy-image:main OVERRIDE_ACTIVE_STANDBY_TASK_IMAGE=testlagoon/task-activestandby:main - # run: make -j8 -O fill-test-ci-values TESTS=[${{ matrix.test }}] + # run: make -j8 -O fill-test-ci-values TESTS=[${{ matrix.test }}] IMAGE_REGISTRY=testlagoon IMAGE_TAG=main OVERRIDE_BUILD_DEPLOY_DIND_IMAGE=uselagoon/build-deploy-image:main OVERRIDE_ACTIVE_STANDBY_TASK_IMAGE=testlagoon/task-activestandby:main + run: make -j8 -O fill-test-ci-values TESTS=[${{ matrix.test }}] - name: Free up some disk space if: | diff --git a/Makefile b/Makefile index e07a1f6a..45f64657 100644 --- a/Makefile +++ b/Makefile @@ -186,9 +186,7 @@ install-lagoon-core: install-minio --set "lagoonAPIURL=http://lagoon-api.$$($(KUBECTL) get nodes -o jsonpath='{.items[0].status.addresses[0].address}').nip.io:32080/graphql" \ --set actionsHandler.image.repository=$(IMAGE_REGISTRY)/actions-handler \ --set api.image.repository=$(IMAGE_REGISTRY)/api \ - --set api.image.tag=$(IMAGE_TAG) \ --set apiDB.image.repository=$(IMAGE_REGISTRY)/api-db \ - --set apiDB.image.tag=$(IMAGE_TAG) \ --set apiRedis.image.repository=$(IMAGE_REGISTRY)/api-redis \ --set authServer.image.repository=$(IMAGE_REGISTRY)/auth-server \ --set autoIdler.enabled=false \ @@ -196,9 +194,7 @@ install-lagoon-core: install-minio --set broker.image.repository=$(IMAGE_REGISTRY)/broker \ --set insightsHandler.enabled=false \ --set keycloak.image.repository=$(IMAGE_REGISTRY)/keycloak \ - --set keycloak.image.tag=$(IMAGE_TAG) \ --set keycloakDB.image.repository=$(IMAGE_REGISTRY)/keycloak-db \ - --set keycloakDB.image.tag=$(IMAGE_TAG) \ --set logs2notifications.image.repository=$(IMAGE_REGISTRY)/logs2notifications \ --set logs2notifications.email.disabled=true \ --set logs2notifications.microsoftteams.disabled=true \ diff --git a/charts/lagoon-core/ci/linter-values.yaml b/charts/lagoon-core/ci/linter-values.yaml index 908cdfb4..387372c6 100644 --- a/charts/lagoon-core/ci/linter-values.yaml +++ b/charts/lagoon-core/ci/linter-values.yaml @@ -27,18 +27,14 @@ keycloakAdminEmail: admin@example.com api: replicaCount: 1 image: -# TODO - update repo/tag before v2.18 release - repository: testlagoon/api - tag: main + repository: uselagoon/api resources: requests: cpu: "10m" apiDB: image: -# TODO - update repo/tag before v2.18 release - repository: testlagoon/api-db - tag: main + repository: uselagoon/api-db storageSize: 16Gi resources: requests: @@ -74,9 +70,7 @@ keycloak: replyTo: lagoon@example.com envelopeFrom: lagoon@example.com image: -# TODO - update repo/tag before v2.18 release - repository: testlagoon/keycloak - tag: main + repository: uselagoon/keycloak resources: requests: cpu: "10m" @@ -86,9 +80,7 @@ keycloak: keycloakDB: image: -# TODO - update repo/tag before v2.18 release - repository: testlagoon/keycloak-db - tag: main + repository: uselagoon/keycloak-db resources: requests: cpu: "10m" From bc27e10185b74e326b5d5409c024ba6957f6b00b Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Tue, 2 Apr 2024 14:00:18 +1100 Subject: [PATCH 41/41] fix: update chart.yaml for v2.18.0 release --- charts/lagoon-core/Chart.yaml | 6 +++++- charts/lagoon-remote/Chart.yaml | 2 -- charts/lagoon-test/Chart.yaml | 8 +++----- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/charts/lagoon-core/Chart.yaml b/charts/lagoon-core/Chart.yaml index 9d5ff73f..9b18aa85 100644 --- a/charts/lagoon-core/Chart.yaml +++ b/charts/lagoon-core/Chart.yaml @@ -27,7 +27,7 @@ version: 1.42.0 # number should be incremented each time you make changes to the application. # Versions are not expected to follow Semantic Versioning. They should reflect # the version the application is using. -appVersion: v2.17.0 +appVersion: v2.18.0 dependencies: - name: nats @@ -40,10 +40,14 @@ dependencies: # Valid supported kinds are added, changed, deprecated, removed, fixed and security annotations: artifacthub.io/changes: | + - kind: changed + description: update Lagoon appVersion to v2.18.0 - kind: changed description: remove unused legacy registry setting from core - kind: changed description: modify keycloak liveness and readiness endpoint + - kind: changed + description: added initcontainer to api to handle keycloak migrations - kind: changed description: updated insights-handler to v0.0.4 - kind: fixed diff --git a/charts/lagoon-remote/Chart.yaml b/charts/lagoon-remote/Chart.yaml index 39015826..520119d1 100644 --- a/charts/lagoon-remote/Chart.yaml +++ b/charts/lagoon-remote/Chart.yaml @@ -48,8 +48,6 @@ annotations: description: removed dioscuri subchart, activestandby is handled via a Lagoon task directly now - kind: changed description: updated insights-remote version to v0.0.9 - - kind: changed - description: added initcontainer to api to handle keycloak migrations - kind: changed description: update lagoon-build-deploy to 0.26.4 - kind: changed diff --git a/charts/lagoon-test/Chart.yaml b/charts/lagoon-test/Chart.yaml index a766f179..b4bb6cdf 100644 --- a/charts/lagoon-test/Chart.yaml +++ b/charts/lagoon-test/Chart.yaml @@ -15,13 +15,13 @@ type: application # time you make changes to the chart and its templates, including the app # version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.53.0 +version: 0.54.0 # This is the version number of the application being deployed. This version # number should be incremented each time you make changes to the application. # Versions are not expected to follow Semantic Versioning. They should reflect # the version the application is using. -appVersion: v2.17.0 +appVersion: v2.18.0 # This section is used to collect a changelog for artifacthub.io # It should be started afresh for each release @@ -29,6 +29,4 @@ appVersion: v2.17.0 annotations: artifacthub.io/changes: | - kind: changed - description: add minio settings to api-data-watcher-pusher and make into a helm test job - - kind: changed - description: update lagoon appVersion to v2.17.0 + description: update Lagoon appVersion to v2.18.0