diff --git a/default.yaml b/default.yaml index 6d91d58..d60929a 100644 --- a/default.yaml +++ b/default.yaml @@ -1,5 +1,5 @@ -version: v1.76.4 +version: v1.77.6 landscapeName: gardener-installation diff --git a/package.json b/package.json index b884f8a..1e4902c 100644 --- a/package.json +++ b/package.json @@ -57,7 +57,7 @@ "jest-junit": "^13.0.0", "ts-jest": "^27.1.3", "ts-node": "^10.5.0", - "typescript": "^4.5.5" + "typescript": "^5.2.2" }, "files": [ "lib/**/*", diff --git a/src/charts/host/virtual-cluster/templates/deployment-kube-controller-manager.yaml b/src/charts/host/virtual-cluster/templates/deployment-kube-controller-manager.yaml index be09692..29d6a1a 100644 --- a/src/charts/host/virtual-cluster/templates/deployment-kube-controller-manager.yaml +++ b/src/charts/host/virtual-cluster/templates/deployment-kube-controller-manager.yaml @@ -73,7 +73,7 @@ spec: httpGet: path: /healthz port: 10257 - scheme: HTTP + scheme: HTTPS initialDelaySeconds: 15 periodSeconds: 10 successThreshold: 1 diff --git a/src/ts/log/Logger.ts b/src/ts/log/Logger.ts index f4f79f6..c141660 100644 --- a/src/ts/log/Logger.ts +++ b/src/ts/log/Logger.ts @@ -90,7 +90,7 @@ export class Logger { private log(level: LogLevel, msg: string, labels?: Labels) { this.collector.logger.log(level, msg, { - labels: deepMergeObject(labels, this.labels), + labels: deepMergeObject(labels ?? {}, this.labels), }); } } diff --git a/src/ts/state/KubernetesState.ts b/src/ts/state/KubernetesState.ts index 22aa125..0b2ee46 100644 --- a/src/ts/state/KubernetesState.ts +++ b/src/ts/state/KubernetesState.ts @@ -87,7 +87,7 @@ class KubernetesStateBase { } } -export class KubernetesState extends KubernetesStateBase implements State { +export class KubernetesState extends KubernetesStateBase implements State { constructor( kubeClient: KubeClient, diff --git a/src/ts/state/LocalState.ts b/src/ts/state/LocalState.ts index 8f95785..acad557 100644 --- a/src/ts/state/LocalState.ts +++ b/src/ts/state/LocalState.ts @@ -5,7 +5,7 @@ import {deepMergeObject} from '../utils/deepMerge'; import {NotFound} from '../utils/exceptions'; import {KeyValueState, State} from './State'; -export class LocalState implements State { +export class LocalState implements State { constructor( private readonly stateFile: string, diff --git a/src/ts/utils/deepMerge.ts b/src/ts/utils/deepMerge.ts index b4a56cc..36396ca 100644 --- a/src/ts/utils/deepMerge.ts +++ b/src/ts/utils/deepMerge.ts @@ -8,7 +8,7 @@ import {has} from './has'; * @param source * @returns The target instance as given, merged */ - export const deepMergeObject = (target: T, source: S): T & S => { + export const deepMergeObject = (target: T, source: S): T & S => { if (!has(source)) { return target as T & S; } diff --git a/src/ts/versions/installations.ts b/src/ts/versions/installations.ts index da39daa..432180e 100644 --- a/src/ts/versions/installations.ts +++ b/src/ts/versions/installations.ts @@ -68,6 +68,7 @@ const versions: Record = { 'v1.74.x': Installation_1_74, 'v1.75.x': Installation_1_74, 'v1.76.x': Installation_1_74, + 'v1.77.x': Installation_1_74, }; export class VersionNotFound extends Exception { diff --git a/src/ts/versions/v1.46/components/gardener/Controlplane.ts b/src/ts/versions/v1.46/components/gardener/Controlplane.ts index 9d7fda9..beea5c1 100644 --- a/src/ts/versions/v1.46/components/gardener/Controlplane.ts +++ b/src/ts/versions/v1.46/components/gardener/Controlplane.ts @@ -8,8 +8,11 @@ import {createLogger} from '../../../../log/Logger'; import {KubeClient} from '../../../../utils/KubeClient'; import {Chart, Helm, RemoteChartFromZip, Values} from '../../../../plugins/Helm'; import {deepMergeObject} from '../../../../utils/deepMerge'; -import {base64EncodeMap, getKubeConfigForServiceAccount} from '../../../../utils/kubernetes'; +import {base64EncodeMap, createOrUpdate, enrichKubernetesError, getKubeConfigForServiceAccount} from '../../../../utils/kubernetes'; import {GardenerChartBasePath, GardenerRepoZipUrl} from './Gardener'; +import { SecretRef } from '../Backup'; +import { createSecret } from '../../../../state/KubernetesState'; +import { retryWithBackoff } from '../../../../utils/exponentialBackoffRetry'; const log = createLogger('Gardener'); @@ -79,6 +82,10 @@ export class Controlplane extends Task { this.virtualClient = await waitUntilVirtualClusterIsReady(log, this.values); } + log.info('Create Gardener Controlplane Secrets'); + this.createDnsSecret(`${this.values.gardener.shootDomainPrefix}.${this.values.host}`, 'default'); + this.createDnsSecret(`internal.${this.values.host}`, 'internal'); + log.info('Install Gardener Controlplane'); const gardenerValues = this.getValues(); @@ -95,6 +102,44 @@ export class Controlplane extends Task { await this.helm.createOrUpdate(await runtimeHelmChart.getRelease(this.values)); } + private async createDnsSecret( + domain: string, + type: 'internal' | 'default', + ): Promise { + if (!this.virtualClient) { + throw new Error('Virtual cluster missing'); + } + const name = `${type}-domain-${domain.replaceAll('.', '-')}`; + const secret = createSecret(GardenerNamespace, name); + log.info(`Creating ${type} dns secret "${name}"`); + await retryWithBackoff(async (): Promise => { + if (this.dryRun) { + return true; + } + try { + await createOrUpdate(this.virtualClient!, secret, async (): Promise => { + secret.metadata!.labels = { + 'gardener.cloud/role': `${type}-domain`, + }; + secret.metadata!.annotations = { + 'dns.gardener.cloud/provider': this.values.dns.provider, + 'dns.gardener.cloud/domain': domain, + }; + secret.stringData = this.values.dns.credentials; + }); + return true; + } catch (error) { + log.error(enrichKubernetesError(secret, error)); + } + return false; + }); + + return { + name, + namespace: GardenerNamespace, + }; + } + private getValues() { return { global: { @@ -102,6 +147,7 @@ export class Controlplane extends Task { controller: this.controllerValues(), admission: this.admissionValues(), scheduler: this.schedulerValues(), + // TODO(schrodit): deprecated since Gardener 1.77 defaultDomains: [{ domain: `${this.values.gardener.shootDomainPrefix}.${this.values.host}`, provider: this.values.dns.provider, diff --git a/src/ts/versions/v1.77/extensions.yaml b/src/ts/versions/v1.77/extensions.yaml new file mode 100644 index 0000000..512188a --- /dev/null +++ b/src/ts/versions/v1.77/extensions.yaml @@ -0,0 +1,104 @@ + +gardener: + extensions: + os-coreos: + enabled: true + version: v1.16.0 + controllerRegistration: + repositoryName: gardener-extension-os-coreos + + os-ubuntu: + enabled: true + version: v1.23.0 + controllerRegistration: + repositoryName: gardener-extension-os-ubuntu + + provider-gcp: + enabled: true + version: v1.32.1 + controllerRegistration: + repositoryName: gardener-extension-provider-gcp + + provider-openstack: + enabled: true + version: v1.37.1 + controllerRegistration: + repositoryName: gardener-extension-provider-openstack + + provider-dns-cloudflare: + enabled: true + version: v0.0.6 + controllerRegistration: + org: schrodit + repositoryName: gardener-extension-provider-dns-cloudflare + + provider-equinix: + enabled: true + version: v2.9.0 + controllerRegistration: + repositoryName: gardener-extension-provider-equinix-metal + values: + image: + tag: v2.10.0-dev-6b7b511317539bc6b47b2702cda4d621b6d1f6ee + + networking-cilium: + enabled: true + version: v1.30.2 + controllerRegistration: + repositoryName: gardener-extension-networking-cilium + + networking-calico: + enabled: true + version: v1.37.0 + controllerRegistration: + repositoryName: gardener-extension-networking-calico + + shoot-dns-service: + enabled: true + global: true + + version: v1.38.3 + controllerRegistration: + repositoryName: gardener-extension-shoot-dns-service + + values: + dnsProviderReplication: + enabled: true + dnsProviderManagement: + enabled: true + dnsControllerManager: + image: + repository: eu.gcr.io/gardener-project/dns-controller-manager + tag: v0.13.3 + configuration: + cacheTtl: 300 + controllers: dnscontrollers,dnssources + dnsPoolResyncPeriod: 30m + #poolSize: 20 + #providersPoolResyncPeriod: 24h + serverPortHttp: 8080 + createCRDs: false + deploy: true + replicaCount: 1 + #resources: + # limits: + # memory: 1Gi + # requests: + # cpu: 50m + # memory: 500Mi + + shoot-cert-service: + enabled: true + global: true + + version: v1.38.0 + controllerRegistration: + repositoryName: gardener-extension-shoot-cert-service + + values: + certificateConfig: + defaultIssuer: + acme: + email: foo@example.com + server: https://acme-v02.api.letsencrypt.org/directory + name: default-issuer diff --git a/tsconfig.json b/tsconfig.json index 1d0e896..ae278ea 100644 --- a/tsconfig.json +++ b/tsconfig.json @@ -7,7 +7,7 @@ ], "compilerOptions": { "rootDir": "src/ts", - "target": "ES2020", + "target": "ES2022", "module": "commonjs", "moduleResolution": "node", "outDir": "./lib", @@ -20,7 +20,7 @@ "incremental": true, "removeComments": true, "lib": [ - "ES2020" + "ES2022" ], "types": [ "jest", @@ -29,4 +29,4 @@ "experimentalDecorators": true, "emitDecoratorMetadata": true } -} \ No newline at end of file +} diff --git a/yarn.lock b/yarn.lock index 15b6aaf..05a5d85 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3358,7 +3358,7 @@ __metadata: semver: ^7.3.5 ts-jest: ^27.1.3 ts-node: ^10.5.0 - typescript: ^4.5.5 + typescript: ^5.2.2 validator: ^13.7.0 which: ^2.0.2 winston: ^3.6.0 @@ -6802,23 +6802,23 @@ __metadata: languageName: node linkType: hard -"typescript@npm:^4.5.5": - version: 4.5.5 - resolution: "typescript@npm:4.5.5" +"typescript@npm:^5.2.2": + version: 5.2.2 + resolution: "typescript@npm:5.2.2" bin: tsc: bin/tsc tsserver: bin/tsserver - checksum: 506f4c919dc8aeaafa92068c997f1d213b9df4d9756d0fae1a1e7ab66b585ab3498050e236113a1c9e57ee08c21ec6814ca7a7f61378c058d79af50a4b1f5a5e + checksum: 7912821dac4d962d315c36800fe387cdc0a6298dba7ec171b350b4a6e988b51d7b8f051317786db1094bd7431d526b648aba7da8236607febb26cf5b871d2d3c languageName: node linkType: hard -"typescript@patch:typescript@^4.5.5#~builtin": - version: 4.5.5 - resolution: "typescript@patch:typescript@npm%3A4.5.5#~builtin::version=4.5.5&hash=7ad353" +"typescript@patch:typescript@^5.2.2#~builtin": + version: 5.2.2 + resolution: "typescript@patch:typescript@npm%3A5.2.2#~builtin::version=5.2.2&hash=7ad353" bin: tsc: bin/tsc tsserver: bin/tsserver - checksum: 858c61fa63f7274ca4aaaffeced854d550bf416cff6e558c4884041b3311fb662f476f167cf5c9f8680c607239797e26a2ee0bcc6467fbc05bfcb218e1c6c671 + checksum: 07106822b4305de3f22835cbba949a2b35451cad50888759b6818421290ff95d522b38ef7919e70fb381c5fe9c1c643d7dea22c8b31652a717ddbd57b7f4d554 languageName: node linkType: hard