-
Notifications
You must be signed in to change notification settings - Fork 47
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
common update #89
common update #89
Commits on Mar 21, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 1cb3f09 - Browse repository at this point
Copy the full SHA 1cb3f09View commit details -
Configuration menu - View commit details
-
Copy full SHA for e68b7d9 - Browse repository at this point
Copy the full SHA e68b7d9View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8aa8396 - Browse repository at this point
Copy the full SHA 8aa8396View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6b55045 - Browse repository at this point
Copy the full SHA 6b55045View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7565648 - Browse repository at this point
Copy the full SHA 7565648View commit details -
Configuration menu - View commit details
-
Copy full SHA for 185d11a - Browse repository at this point
Copy the full SHA 185d11aView commit details
Commits on Apr 3, 2023
-
Add an experimental letsencypt chart
This change adds an experimental letsencrypt chart that allows a pattern user/developer to have all routes and the API endpoint use signed certificates by letsencrypt. At this stage only AWS is supported. The full documentation is contained in the chart's README.md file
Configuration menu - View commit details
-
Copy full SHA for c2ecb2a - Browse repository at this point
Copy the full SHA c2ecb2aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 7572b82 - Browse repository at this point
Copy the full SHA 7572b82View commit details
Commits on Apr 11, 2023
-
In the same vein as Industrial Edge 57f41dc135f72011d3796fe42d9cbf05d2b82052 we call kustomize build. Newer gitops versions dropped the openshift-clients rpm by default which contained kubectl. Let's just invoke "kustomize" directly as the binary is present in both old and new gitops versions Since "kubectl kustomize" builds the set of resources by default, we need to switch to "kubectl build" by default We also use the same naming conventions used in Industrial Edge while we're at it.
Configuration menu - View commit details
-
Copy full SHA for 527ca41 - Browse repository at this point
Copy the full SHA 527ca41View commit details -
Merge pull request #293 from mbaldessari/fix-customize
Fix up kustomize example
Configuration menu - View commit details
-
Copy full SHA for c154929 - Browse repository at this point
Copy the full SHA c154929View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3a77a96 - Browse repository at this point
Copy the full SHA 3a77a96View commit details -
Merge pull request #294 from mbaldessari/vault-helm-0.24.0
Upgrade vault-helm to v0.24.0
Configuration menu - View commit details
-
Copy full SHA for 3be58c7 - Browse repository at this point
Copy the full SHA 3be58c7View commit details
Commits on Apr 15, 2023
-
Add a hello-world ansible playbook example
Just a simple example that reads a helm value and puts it in a configmap
Configuration menu - View commit details
-
Copy full SHA for 817bf1f - Browse repository at this point
Copy the full SHA 817bf1fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 248ac46 - Browse repository at this point
Copy the full SHA 248ac46View commit details -
Configuration menu - View commit details
-
Copy full SHA for bcc7b24 - Browse repository at this point
Copy the full SHA bcc7b24View commit details -
Configuration menu - View commit details
-
Copy full SHA for 879737f - Browse repository at this point
Copy the full SHA 879737fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 12fd2f8 - Browse repository at this point
Copy the full SHA 12fd2f8View commit details -
Avoid checking those two playbooks the action seems to be too limited to understand where the ansible.cfg is
Configuration menu - View commit details
-
Copy full SHA for a3b22b5 - Browse repository at this point
Copy the full SHA a3b22b5View commit details -
Merge pull request #297 from mbaldessari/hello-world-ansible
Add Hello World imperative example
Configuration menu - View commit details
-
Copy full SHA for 8a63118 - Browse repository at this point
Copy the full SHA 8a63118View commit details
Commits on Apr 20, 2023
-
Added health check for pvc resource in argocd.yaml
This allows argo to continue rolling out the rest of the applications. Without the health check the application is stuck in a progressing state and will not continue thus preventing any downstream application from deploying.
Configuration menu - View commit details
-
Copy full SHA for dde9699 - Browse repository at this point
Copy the full SHA dde9699View commit details -
Configuration menu - View commit details
-
Copy full SHA for f2010a3 - Browse repository at this point
Copy the full SHA f2010a3View commit details -
Configuration menu - View commit details
-
Copy full SHA for e06ad88 - Browse repository at this point
Copy the full SHA e06ad88View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3545945 - Browse repository at this point
Copy the full SHA 3545945View commit details -
Merge pull request #299 from mbaldessari/superlinter-v5
Update super-linter image to latest
Configuration menu - View commit details
-
Copy full SHA for ce520d2 - Browse repository at this point
Copy the full SHA ce520d2View commit details -
Configuration menu - View commit details
-
Copy full SHA for adb4a67 - Browse repository at this point
Copy the full SHA adb4a67View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7fa15b1 - Browse repository at this point
Copy the full SHA 7fa15b1View commit details -
Configuration menu - View commit details
-
Copy full SHA for 17a1402 - Browse repository at this point
Copy the full SHA 17a1402View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6b88bcd - Browse repository at this point
Copy the full SHA 6b88bcdView commit details
Commits on Apr 21, 2023
-
Configuration menu - View commit details
-
Copy full SHA for d6ab881 - Browse repository at this point
Copy the full SHA d6ab881View commit details -
Merge pull request #301 from mbaldessari/dependabot
Add dependabot settings for github actions
Configuration menu - View commit details
-
Copy full SHA for 5978a08 - Browse repository at this point
Copy the full SHA 5978a08View commit details -
Merge pull request #287 from mbaldessari/letsencrypt
Add an experimental letsencypt chart
Configuration menu - View commit details
-
Copy full SHA for eaf2619 - Browse repository at this point
Copy the full SHA eaf2619View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8faea73 - Browse repository at this point
Copy the full SHA 8faea73View commit details -
- Added functionality to support the following format for labels and …
…annotations: labels: openshift.io/node-selector: "" annotations: openshift.io/cluster-monitoring: "true"
Configuration menu - View commit details
-
Copy full SHA for d3b6faf - Browse repository at this point
Copy the full SHA d3b6fafView commit details -
Configuration menu - View commit details
-
Copy full SHA for 3c60aa1 - Browse repository at this point
Copy the full SHA 3c60aa1View commit details -
Configuration menu - View commit details
-
Copy full SHA for 9d6fc02 - Browse repository at this point
Copy the full SHA 9d6fc02View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2863999 - Browse repository at this point
Copy the full SHA 2863999View commit details -
Configuration menu - View commit details
-
Copy full SHA for fd004fb - Browse repository at this point
Copy the full SHA fd004fbView commit details
Commits on Apr 22, 2023
-
Merge pull request #298 from hybrid-cloud-patterns/argocd-pvc-healthc…
…heck Added health check for pvc resource in argocd.yaml
Configuration menu - View commit details
-
Copy full SHA for 90602fc - Browse repository at this point
Copy the full SHA 90602fcView commit details
Commits on Apr 27, 2023
-
Avoid exited containers proliferation
When running the `pattern.sh` script multiple times, a lot of podman exited containers will be left on the machine, adding `--rm` parameter to `podman run` makes podman automatically delete the exited containers leaving the machine cleaner.
Lorenzo Dalrio committedApr 27, 2023 Configuration menu - View commit details
-
Copy full SHA for d1cf543 - Browse repository at this point
Copy the full SHA d1cf543View commit details -
Merge pull request #302 from beelzetron/feature/clean-podman-exited-c…
…ontainers Avoid exited containers proliferation using pattern.sh script
Configuration menu - View commit details
-
Copy full SHA for cc44bff - Browse repository at this point
Copy the full SHA cc44bffView commit details
Commits on Apr 28, 2023
-
Handling of pre-release builds is too complex for a helm chart
Generating the ICSP and allowing insecure registries is best done prior to helm upgrade, and requires VPN access to registry-proxy.engineering.redhat.com
Configuration menu - View commit details
-
Copy full SHA for 37c8f3a - Browse repository at this point
Copy the full SHA 37c8f3aView commit details
Commits on May 3, 2023
-
Configuration menu - View commit details
-
Copy full SHA for d6b2b0d - Browse repository at this point
Copy the full SHA d6b2b0dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 3c81c48 - Browse repository at this point
Copy the full SHA 3c81c48View commit details -
Configuration menu - View commit details
-
Copy full SHA for fa9f2dc - Browse repository at this point
Copy the full SHA fa9f2dcView commit details -
Configuration menu - View commit details
-
Copy full SHA for a0e2d91 - Browse repository at this point
Copy the full SHA a0e2d91View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3f6d9b5 - Browse repository at this point
Copy the full SHA 3f6d9b5View commit details
Commits on May 5, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 6566688 - Browse repository at this point
Copy the full SHA 6566688View commit details
Commits on May 10, 2023
-
Merge pull request #283 from claudiol/namespace-additional-properties
WIP: Add labels and annotations support for namespaces (RFE)
Configuration menu - View commit details
-
Copy full SHA for b855239 - Browse repository at this point
Copy the full SHA b855239View commit details
Commits on May 15, 2023
-
Allow overriding the pattern's name
This is especially useful when multiple people are working on a pattern an have been using different names: $ make help |grep Pattern: Pattern: multicloud-gitops $ make NAME=foobar help |grep Pattern: Pattern: foobar
Configuration menu - View commit details
-
Copy full SHA for c7dadbf - Browse repository at this point
Copy the full SHA c7dadbfView commit details -
Merge pull request #303 from mbaldessari/name
Allow overriding the pattern's name
Configuration menu - View commit details
-
Copy full SHA for 7ccd29c - Browse repository at this point
Copy the full SHA 7ccd29cView commit details
Commits on May 16, 2023
-
Configuration menu - View commit details
-
Copy full SHA for a6bb073 - Browse repository at this point
Copy the full SHA a6bb073View commit details -
Configuration menu - View commit details
-
Copy full SHA for ea7186e - Browse repository at this point
Copy the full SHA ea7186eView commit details -
Configuration menu - View commit details
-
Copy full SHA for c09126f - Browse repository at this point
Copy the full SHA c09126fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 70b778c - Browse repository at this point
Copy the full SHA 70b778cView commit details -
Configuration menu - View commit details
-
Copy full SHA for ee59eee - Browse repository at this point
Copy the full SHA ee59eeeView commit details -
Merge pull request #304 from mbaldessari/vault-helm-0.24.1
vault helm 0.24.1
Configuration menu - View commit details
-
Copy full SHA for 07acbc3 - Browse repository at this point
Copy the full SHA 07acbc3View commit details
Commits on May 18, 2023
-
After merging validatedpatterns/patterns-operator@235b303 it is now effectively possible to pick a different catalogSource for the gitops operator. This is needed in order to allow CI to install the gitops operator from an IIB
Configuration menu - View commit details
-
Copy full SHA for 0e661bf - Browse repository at this point
Copy the full SHA 0e661bfView commit details -
This variable can be set in order to pass additional helm arguments from the the command line. I.e. we can set things without having to tweak values files So it is now possible to run something like the following: ./pattern.sh make install \ EXTRA_HELM_OPTS="--set main.gitops.operatorSource=iib-49232"
Configuration menu - View commit details
-
Copy full SHA for d9db633 - Browse repository at this point
Copy the full SHA d9db633View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8bfb05d - Browse repository at this point
Copy the full SHA 8bfb05dView commit details -
Merge pull request #306 from mbaldessari/catalogsource
catalgSource fixes
Configuration menu - View commit details
-
Copy full SHA for 2fff431 - Browse repository at this point
Copy the full SHA 2fff431View commit details -
Configuration menu - View commit details
-
Copy full SHA for b4e5967 - Browse repository at this point
Copy the full SHA b4e5967View commit details -
Configuration menu - View commit details
-
Copy full SHA for 5cbc2c0 - Browse repository at this point
Copy the full SHA 5cbc2c0View commit details -
Configuration menu - View commit details
-
Copy full SHA for bb97c58 - Browse repository at this point
Copy the full SHA bb97c58View commit details -
Configuration menu - View commit details
-
Copy full SHA for 65dda37 - Browse repository at this point
Copy the full SHA 65dda37View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4dfeecb - Browse repository at this point
Copy the full SHA 4dfeecbView commit details -
Configuration menu - View commit details
-
Copy full SHA for 33dfdb3 - Browse repository at this point
Copy the full SHA 33dfdb3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 93fd8c8 - Browse repository at this point
Copy the full SHA 93fd8c8View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6263afe - Browse repository at this point
Copy the full SHA 6263afeView commit details -
Configuration menu - View commit details
-
Copy full SHA for c776ed0 - Browse repository at this point
Copy the full SHA c776ed0View commit details -
Configuration menu - View commit details
-
Copy full SHA for b6b4836 - Browse repository at this point
Copy the full SHA b6b4836View commit details -
Configuration menu - View commit details
-
Copy full SHA for 51b9fb4 - Browse repository at this point
Copy the full SHA 51b9fb4View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7567a73 - Browse repository at this point
Copy the full SHA 7567a73View commit details -
Configuration menu - View commit details
-
Copy full SHA for ff6b73f - Browse repository at this point
Copy the full SHA ff6b73fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 7dfa5cf - Browse repository at this point
Copy the full SHA 7dfa5cfView commit details -
Configuration menu - View commit details
-
Copy full SHA for 5e51a63 - Browse repository at this point
Copy the full SHA 5e51a63View commit details -
Configuration menu - View commit details
-
Copy full SHA for 1b80705 - Browse repository at this point
Copy the full SHA 1b80705View commit details -
Configuration menu - View commit details
-
Copy full SHA for aef9717 - Browse repository at this point
Copy the full SHA aef9717View commit details -
Configuration menu - View commit details
-
Copy full SHA for 14209b3 - Browse repository at this point
Copy the full SHA 14209b3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7d17348 - Browse repository at this point
Copy the full SHA 7d17348View commit details -
Configuration menu - View commit details
-
Copy full SHA for dbdbc8c - Browse repository at this point
Copy the full SHA dbdbc8cView commit details -
Revert "Test dropping nevercontact source"
This reverts commit d8746a37fce2663018f52203c892f00b825e32a7.
Configuration menu - View commit details
-
Copy full SHA for 0355fa4 - Browse repository at this point
Copy the full SHA 0355fa4View commit details -
Configuration menu - View commit details
-
Copy full SHA for 47855e0 - Browse repository at this point
Copy the full SHA 47855e0View commit details -
Configuration menu - View commit details
-
Copy full SHA for 49f018a - Browse repository at this point
Copy the full SHA 49f018aView commit details -
Configuration menu - View commit details
-
Copy full SHA for d1dc09f - Browse repository at this point
Copy the full SHA d1dc09fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 729232a - Browse repository at this point
Copy the full SHA 729232aView commit details -
Configuration menu - View commit details
-
Copy full SHA for d4eb914 - Browse repository at this point
Copy the full SHA d4eb914View commit details -
Configuration menu - View commit details
-
Copy full SHA for f73f75d - Browse repository at this point
Copy the full SHA f73f75dView commit details -
Configuration menu - View commit details
-
Copy full SHA for b660f93 - Browse repository at this point
Copy the full SHA b660f93View commit details -
Fetch the operator bundle itself in a more robust way
It seems that the operator bundle image itself is nowhere to be found inside any OCP cluster object (it's not in packagemanifests nor catalogsource). Resorting to parsing the IIB via opm alpha commands to fetch the exact image.
Configuration menu - View commit details
-
Copy full SHA for 41dc747 - Browse repository at this point
Copy the full SHA 41dc747View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2a941fb - Browse repository at this point
Copy the full SHA 2a941fbView commit details
Commits on May 19, 2023
-
Configuration menu - View commit details
-
Copy full SHA for a4e232b - Browse repository at this point
Copy the full SHA a4e232bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 45912f1 - Browse repository at this point
Copy the full SHA 45912f1View commit details -
Configuration menu - View commit details
-
Copy full SHA for 86ac7c2 - Browse repository at this point
Copy the full SHA 86ac7c2View commit details -
Configuration menu - View commit details
-
Copy full SHA for d713e7b - Browse repository at this point
Copy the full SHA d713e7bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 09e5389 - Browse repository at this point
Copy the full SHA 09e5389View commit details -
Configuration menu - View commit details
-
Copy full SHA for f4b54ae - Browse repository at this point
Copy the full SHA f4b54aeView commit details
Commits on May 22, 2023
-
Improve the grepping for the operator bundle
Without also grepping for the default_channel we can end up getting multiple results, which breaks everything. Tested this and it fixed the issue I was seeing with the openshift-gitops-operator this morning
Configuration menu - View commit details
-
Copy full SHA for 45a5e25 - Browse repository at this point
Copy the full SHA 45a5e25View commit details -
Merge pull request #307 from mbaldessari/fix-iib1
Improve the grepping for the operator bundle
Configuration menu - View commit details
-
Copy full SHA for 8239ea4 - Browse repository at this point
Copy the full SHA 8239ea4View commit details -
display_skipped_hosts=False has a horrible side-effect: When a task takes a long time, it is always the *next* task and not the one printed on the screen/log. That is because ansible has to wait for the task to finish before printing it as it does not know before hand if the host will be skipped and hence the task should not be displayed at all
Configuration menu - View commit details
-
Copy full SHA for 3c29969 - Browse repository at this point
Copy the full SHA 3c29969View commit details -
Merge pull request #308 from mbaldessari/ansible-cfg
Drop display_skipped_hosts
Configuration menu - View commit details
-
Copy full SHA for 65c512a - Browse repository at this point
Copy the full SHA 65c512aView commit details -
Configuration menu - View commit details
-
Copy full SHA for ff1eacf - Browse repository at this point
Copy the full SHA ff1eacfView commit details -
Configuration menu - View commit details
-
Copy full SHA for 44f6d57 - Browse repository at this point
Copy the full SHA 44f6d57View commit details -
Configuration menu - View commit details
-
Copy full SHA for 06698b3 - Browse repository at this point
Copy the full SHA 06698b3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 9abbef7 - Browse repository at this point
Copy the full SHA 9abbef7View commit details -
Configuration menu - View commit details
-
Copy full SHA for b0e08e0 - Browse repository at this point
Copy the full SHA b0e08e0View commit details -
Move to new spec format for dex/sso
Via https://issues.redhat.com/browse/GITOPS-2761 we are told that the dex configuration has a new format. Old format: spec: dex: openShiftOAuth: true resources: ... New format: spec: sso: provider: dex dex: openShiftOAuth: true resources: ... This format is only supported starting with gitops-1.8.0, so we should merge this only when we are absolutely sure that no pattern in no situation needs an older gitops version. Tested on MCG with gitops-1.8.2 Note: with this change gitops < 1.8 is not supported. Starting with gitops-1.9 the old format will be unsupported.
Configuration menu - View commit details
-
Copy full SHA for f672950 - Browse repository at this point
Copy the full SHA f672950View commit details -
Disable ArgoCD from kubeconform
The reason is that most of the tools we used to generate the json schema, seem to be unmaintained, so it is getting hard to update our schemas in our GH org. We'll need to revisit this in the future.
Configuration menu - View commit details
-
Copy full SHA for 8ed17fc - Browse repository at this point
Copy the full SHA 8ed17fcView commit details -
Merge pull request #290 from mbaldessari/modernize-argo-sso
Move to new spec format for dex/sso
Configuration menu - View commit details
-
Copy full SHA for 460cc67 - Browse repository at this point
Copy the full SHA 460cc67View commit details
Commits on May 24, 2023
-
Configuration menu - View commit details
-
Copy full SHA for bf56440 - Browse repository at this point
Copy the full SHA bf56440View commit details -
Merge pull request #310 from mbaldessari/readme-iib
Add a short line about username/token for the iib role on OCP <= 4.12
Configuration menu - View commit details
-
Copy full SHA for 576c246 - Browse repository at this point
Copy the full SHA 576c246View commit details -
Drop https:// from podman login
Seems we hit https://www.github.com/containers/podman/issues/13691 at least with older podman versions. If this turns out to break podman 4.5.0 I will special case it later
Configuration menu - View commit details
-
Copy full SHA for dfc504e - Browse repository at this point
Copy the full SHA dfc504eView commit details -
Merge pull request #311 from mbaldessari/podman-version-
Drop https:// from podman login
Configuration menu - View commit details
-
Copy full SHA for e01dcda - Browse repository at this point
Copy the full SHA e01dcdaView commit details
Commits on May 25, 2023
-
Set the mce-subscription-spec annotation
We set it by default to "redhat-operators" and if defined to .Values.clusterGroup.subscriptions.acm.source The reason we do this is the following: 1. In a default deployment scenario MCE has to be deployed as normal from the redhat-operators catalogSource just as ACM is 2. When we deploy gitops-operator from an IIB instead, MCE would be installed trying to get it from the IIB because https://www.github.com/stolostron/multiclusterhub-operator/pull/975 made it so that it picks the latest version looking at all catalog sources. But since we only mirrored the gitops operator in the cluster, this breaks as the images for MCE from the IIB are not there By setting the default to "redhat-operators" we fix this case 3. Now in the case where we want to install ACM from an IIB we need to be able to override this and we will pick whatever value is set in .Values.clusterGroup.subscriptions.acm.source, which will need to be defined for this to work when testing ACM+MCE from an IIB Note: Currently point 3. works only if you set it in a values file. Setting .Values.clusterGroup.subscriptions.acm.source via extraParams won't be passed down from the clusterGroup app to the applications. It's a bug that we need to fix. Note(2): We surround this with an 'if kindIs "map" .Values.clusterGroup.subscriptions' because we do not want to break things if subscription is a list and not a map. If we ever manage to drop subscriptions as list, then we can remove that if
Configuration menu - View commit details
-
Copy full SHA for 1edf4da - Browse repository at this point
Copy the full SHA 1edf4daView commit details -
Merge pull request #312 from mbaldessari/mce-sub
Set the mce-subscription-spec annotation
Configuration menu - View commit details
-
Copy full SHA for 240d04b - Browse repository at this point
Copy the full SHA 240d04bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 5396871 - Browse repository at this point
Copy the full SHA 5396871View commit details -
Configuration menu - View commit details
-
Copy full SHA for 058d5c6 - Browse repository at this point
Copy the full SHA 058d5c6View commit details -
Configuration menu - View commit details
-
Copy full SHA for e20c287 - Browse repository at this point
Copy the full SHA e20c287View commit details
Commits on May 30, 2023
-
Add support for extraParams being passed down to all applications
Via validatedpatterns/patterns-operator#74 we add the extraParams in an extraParametersNested dictionary that holds the extraParams key/value pairs. If they exist, let's add them as parameters. This allows them to end up in the applications.
Configuration menu - View commit details
-
Copy full SHA for 0432536 - Browse repository at this point
Copy the full SHA 0432536View commit details -
Merge pull request #314 from mbaldessari/fix-extraparams
Add support for extraParams being passed down to all applications
Configuration menu - View commit details
-
Copy full SHA for bb8e98b - Browse repository at this point
Copy the full SHA bb8e98bView commit details
Commits on Jun 1, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 48126e7 - Browse repository at this point
Copy the full SHA 48126e7View commit details -
Merge pull request #315 from mbaldessari/lookup
Add a lookup playbook to figure out IIB numbers
Configuration menu - View commit details
-
Copy full SHA for ff8bea5 - Browse repository at this point
Copy the full SHA ff8bea5View commit details -
Allow overriding channel and source when installing the patterns-oper…
…ator This will allow us to test the patterns-operator using a different catalogsource (potentially installed via an IIB). So we can run: make EXTRA_HELM_OPTS="\ --set main.extraParameters[0].name=main.patternsOperator.channel --set main.extraParameters[0].value=slow \ --set main.extraParameters[1].name=main.patternsOperator.source --set main.extraParameters[1].value=patten-index" install
Configuration menu - View commit details
-
Copy full SHA for b1070a1 - Browse repository at this point
Copy the full SHA b1070a1View commit details
Commits on Jun 2, 2023
-
Merge pull request #316 from mbaldessari/pattern-index
Allow overriding channel and source when installing the patterns-operator
Configuration menu - View commit details
-
Copy full SHA for 35f79c0 - Browse repository at this point
Copy the full SHA 35f79c0View commit details
Commits on Jun 6, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 8f3c407 - Browse repository at this point
Copy the full SHA 8f3c407View commit details -
Merge pull request #317 from mbaldessari/fixtypo1
Fix small typo in iib instructions
Configuration menu - View commit details
-
Copy full SHA for b6ee6ed - Browse repository at this point
Copy the full SHA b6ee6edView commit details
Commits on Jun 7, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 6116964 - Browse repository at this point
Copy the full SHA 6116964View commit details -
Merge pull request #318 from mbaldessari/drop-iib-log
Drop a redirect and up retries when pushing the IIB to the internal registry
Configuration menu - View commit details
-
Copy full SHA for 6923648 - Browse repository at this point
Copy the full SHA 6923648View commit details
Commits on Jun 15, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 6e6f258 - Browse repository at this point
Copy the full SHA 6e6f258View commit details -
Merge pull request #319 from mbaldessari/eso-0.8.3
Update ESO to v0.8.3
Configuration menu - View commit details
-
Copy full SHA for 18d2ac2 - Browse repository at this point
Copy the full SHA 18d2ac2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2797699 - Browse repository at this point
Copy the full SHA 2797699View commit details -
Configuration menu - View commit details
-
Copy full SHA for ab5532a - Browse repository at this point
Copy the full SHA ab5532aView commit details -
Configuration menu - View commit details
-
Copy full SHA for d4d3fe1 - Browse repository at this point
Copy the full SHA d4d3fe1View commit details
Commits on Jun 26, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 598bc74 - Browse repository at this point
Copy the full SHA 598bc74View commit details -
Configuration menu - View commit details
-
Copy full SHA for 64e9dc7 - Browse repository at this point
Copy the full SHA 64e9dc7View commit details -
Configuration menu - View commit details
-
Copy full SHA for e296fb0 - Browse repository at this point
Copy the full SHA e296fb0View commit details
Commits on Jul 7, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 1895a73 - Browse repository at this point
Copy the full SHA 1895a73View commit details -
Revert "Adding rbac to support the vault sa checking on the vault-0 p…
…od status." This reverts commit 598bc74.
Configuration menu - View commit details
-
Copy full SHA for 08eee55 - Browse repository at this point
Copy the full SHA 08eee55View commit details -
Configuration menu - View commit details
-
Copy full SHA for c5aa3d2 - Browse repository at this point
Copy the full SHA c5aa3d2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6d4a481 - Browse repository at this point
Copy the full SHA 6d4a481View commit details -
Revert "WIP add presync for eso that waits for vault to be up"
This reverts commit 2797699.
Configuration menu - View commit details
-
Copy full SHA for 3bf245b - Browse repository at this point
Copy the full SHA 3bf245bView commit details -
Increase the default retry limit when syncing
ArgoCD will retry 5 times by default to sync an application in case of errors and then will give up. So if an application contains a reference to a CRD that has not been installed yet (say because it will be installed by another application), it will error out and retry later. This happens by default for a maximum of 5 times [1]. After those 5 times the application will give up and will stay in Degraded moded and eventually move to Failed. In this case a manual sync will usually fix the application just fine (i.e. as long as the missing CRD has been installed in the meantime). Now to solve this issue we can add complex preSync Jobs that wait for the needed resources, but this fundamentally breaks the simplicity of things and introduces unneeded dependencies. In this change we just increase the default retry limit to something larger (20) that should cover most cases. The retry limit functionality is rather undocumented currently in the docs but is defined at [2] and also shown at [3]. In our patterns' case the concrete issue happened as follows: 1. ESO ClusterSecrets were often not synced/degraded 2. We introduced a Job in a preSync hook for the ESO chart that would wait on vault to be ready before applying the rest of ESO 3. MCG started failing because the config-demo app had already tried to sync 5 times and failed everytime because the ESO CRDs were not installed yet (due to ESO waiting on vault) So instead of adding yet another job, let's just try a lot more often. We picked 20 as a sane default because that should have argo try for about 60 minutes (3min is the default maximum backoff limit) Tested with two MCG installations (with the ESO Job hook included) and both worked out of the box. Whereas before I managed to get three failures out of three installs. [1] https://github.com/argoproj/argo-cd/blob/master/controller/appcontroller.go#L1680 [2] https://github.com/argoproj/argo-cd/blob/master/manifests/crds/application-crd.yaml#L1476 [3] https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/application.yaml#L202C18-L202C100
Configuration menu - View commit details
-
Copy full SHA for 0ae561b - Browse repository at this point
Copy the full SHA 0ae561bView commit details
Commits on Jul 8, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 66d456d - Browse repository at this point
Copy the full SHA 66d456dView commit details -
Merge pull request #323 from mbaldessari/retry-final
Revert ESO/Vault Job and add a default higher number of retries
Configuration menu - View commit details
-
Copy full SHA for 0c1d103 - Browse repository at this point
Copy the full SHA 0c1d103View commit details -
* Updated namespaces template to include labels and annotations functionality * Added schema validation to support additional formal for labels and annotations * Updated the values-example.yaml to include new format for namespaces * Updated Changes.md to include new namespaces functionality. * Updating CI tests * Fixed Markdown errors * Add an experimental letsencypt chart This change adds an experimental letsencrypt chart that allows a pattern user/developer to have all routes and the API endpoint use signed certificates by letsencrypt. At this stage only AWS is supported. The full documentation is contained in the chart's README.md file * Do not run kubeconform on the certificate stuff just yet * Fix up kustomize example In the same vein as Industrial Edge 57f41dc135f72011d3796fe42d9cbf05d2b82052 we call kustomize build. Newer gitops versions dropped the openshift-clients rpm by default which contained kubectl. Let's just invoke "kustomize" directly as the binary is present in both old and new gitops versions Since "kubectl kustomize" builds the set of resources by default, we need to switch to "kubectl build" by default We also use the same naming conventions used in Industrial Edge while we're at it. * Upgrade vault-helm to v0.24.0 Tested on MCG with hub and spoke * Add a hello-world ansible playbook example Just a simple example that reads a helm value and puts it in a configmap * Inject ANSIBLE_CONFIG in make ansible-lint * Use new ansible-lint action * Fix some ansible-lint warnings * Fix up python versions * Skip cannot find role error Avoid checking those two playbooks the action seems to be too limited to understand where the ansible.cfg is * Added health check for pvc resource in argocd.yaml This allows argo to continue rolling out the rest of the applications. Without the health check the application is stuck in a progressing state and will not continue thus preventing any downstream application from deploying. * adding tests * Update super-linter image to latest * Update super-linter image to latest * Update CI workflows * updated template with why implemented comment * Add dependabot settings for github actions * adding tests * - Added functionality to support the following format for labels and annotations: labels: openshift.io/node-selector: "" annotations: openshift.io/cluster-monitoring: "true" * Fixed CI Issues * Applying @claudiol recommendation * make test * Avoid exited containers proliferation When running the `pattern.sh` script multiple times, a lot of podman exited containers will be left on the machine, adding `--rm` parameter to `podman run` makes podman automatically delete the exited containers leaving the machine cleaner. * Handling of pre-release builds is too complex for a helm chart Generating the ICSP and allowing insecure registries is best done prior to helm upgrade, and requires VPN access to registry-proxy.engineering.redhat.com * Fixing issues with operator groups * Adding CI test * Updated operator group template * Updating CI issues * Removed duplicate code for operatorgroup by using multiple conditions * Allow overriding the pattern's name This is especially useful when multiple people are working on a pattern an have been using different names: $ make help |grep Pattern: Pattern: multicloud-gitops $ make NAME=foobar help |grep Pattern: Pattern: foobar * Add precise instruction to upgrade the vault subchart * Upgrade vault-helm to v0.24.1 * Add an item to README.md * Fix up common/ tests * Fix super linter * Set gitOpsSpec.operatorSource After merging validatedpatterns/patterns-operator@235b303 it is now effectively possible to pick a different catalogSource for the gitops operator. This is needed in order to allow CI to install the gitops operator from an IIB * Introduce EXTRA_HELM_OPTS This variable can be set in order to pass additional helm arguments from the the command line. I.e. we can set things without having to tweak values files So it is now possible to run something like the following: ./pattern.sh make install \ EXTRA_HELM_OPTS="--set main.gitops.operatorSource=iib-49232" * Disable var-naming[no-role-prefix] in ansible lint * Add new ansible role to deal with IIBs * Simplify load-iib target * Add templates folder * Fix a couple of linting warnings * Fix some super-linter complaints * Skip the iib-ci playbook * Drop var-naming[no-role-prefix] linter * Allow for multiple images when calling load-iib * Add help for load-iib * Output index_image in make * Output index_image in make (2) * Set facts later in the playbook not in defaults/ * Fix how we export vars in make load-iib * Fix how we export vars in make load-iib (2) * Use machineCount to register the number of nodes that need to be ready * Add helpful debug messages * Add | on shell now that we call pipefail * Test dropping nevercontact source * Skip insecure tls when logging in * Also allow gchr.io * Revert "Test dropping nevercontact source" This reverts commit d8746a37fce2663018f52203c892f00b825e32a7. * Fix typo * Clarify instructions in the README file * Automate the channel example * Find out KUBEADMINAPI programmatically * Use command instead of shell * Do not grep for operator bundle unless it is the gitops operator * Also whitelist ghcr.io * Fetch the operator bundle itself in a more robust way It seems that the operator bundle image itself is nowhere to be found inside any OCP cluster object (it's not in packagemanifests nor catalogsource). Resorting to parsing the IIB via opm alpha commands to fetch the exact image. * Add more mirrors * Some more work to support MCE * Cleanup spacing * Fix super-linter * Move task in right folder * Drop last mention of operator instead of item * Improve the grepping for the operator bundle Without also grepping for the default_channel we can end up getting multiple results, which breaks everything. Tested this and it fixed the issue I was seeing with the openshift-gitops-operator this morning * Drop display_skipped_hosts display_skipped_hosts=False has a horrible side-effect: When a task takes a long time, it is always the *next* task and not the one printed on the screen/log. That is because ansible has to wait for the task to finish before printing it as it does not know before hand if the host will be skipped and hence the task should not be displayed at all * Be more specific about the steps in the README * Upgrade ESO to v0.8.2 * Update README.md * Update tests after eso 0.8.2 upgrade * Move to new spec format for dex/sso Via https://issues.redhat.com/browse/GITOPS-2761 we are told that the dex configuration has a new format. Old format: spec: dex: openShiftOAuth: true resources: ... New format: spec: sso: provider: dex dex: openShiftOAuth: true resources: ... This format is only supported starting with gitops-1.8.0, so we should merge this only when we are absolutely sure that no pattern in no situation needs an older gitops version. Tested on MCG with gitops-1.8.2 Note: with this change gitops < 1.8 is not supported. Starting with gitops-1.9 the old format will be unsupported. * Disable ArgoCD from kubeconform The reason is that most of the tools we used to generate the json schema, seem to be unmaintained, so it is getting hard to update our schemas in our GH org. We'll need to revisit this in the future. * Add a short line about username/token for the iib role on OCP <= 4.12 * Drop https:// from podman login Seems we hit https://www.github.com/containers/podman/issues/13691 at least with older podman versions. If this turns out to break podman 4.5.0 I will special case it later * Set the mce-subscription-spec annotation We set it by default to "redhat-operators" and if defined to .Values.clusterGroup.subscriptions.acm.source The reason we do this is the following: 1. In a default deployment scenario MCE has to be deployed as normal from the redhat-operators catalogSource just as ACM is 2. When we deploy gitops-operator from an IIB instead, MCE would be installed trying to get it from the IIB because https://www.github.com/stolostron/multiclusterhub-operator/pull/975 made it so that it picks the latest version looking at all catalog sources. But since we only mirrored the gitops operator in the cluster, this breaks as the images for MCE from the IIB are not there By setting the default to "redhat-operators" we fix this case 3. Now in the case where we want to install ACM from an IIB we need to be able to override this and we will pick whatever value is set in .Values.clusterGroup.subscriptions.acm.source, which will need to be defined for this to work when testing ACM+MCE from an IIB Note: Currently point 3. works only if you set it in a values file. Setting .Values.clusterGroup.subscriptions.acm.source via extraParams won't be passed down from the clusterGroup app to the applications. It's a bug that we need to fix. Note(2): We surround this with an 'if kindIs "map" .Values.clusterGroup.subscriptions' because we do not want to break things if subscription is a list and not a map. If we ever manage to drop subscriptions as list, then we can remove that if * Fix typo in README for iib * Simplify the README a bit * Add support for extraParams being passed down to all applications Via validatedpatterns/patterns-operator#74 we add the extraParams in an extraParametersNested dictionary that holds the extraParams key/value pairs. If they exist, let's add them as parameters. This allows them to end up in the applications. * Add a lookup playbook to figure out IIB numbers * Allow overriding channel and source when installing the patterns-operator This will allow us to test the patterns-operator using a different catalogsource (potentially installed via an IIB). So we can run: make EXTRA_HELM_OPTS="\ --set main.extraParameters[0].name=main.patternsOperator.channel --set main.extraParameters[0].value=slow \ --set main.extraParameters[1].name=main.patternsOperator.source --set main.extraParameters[1].value=patten-index" install * Fix small typo in iib instructions * Drop a redirect and up retries when pushing the IIB to the internal registry * Update ESO to v0.8.3 * WIP add presync for eso that waits for vault to be up * Add tests * Fix image and comment * Adding rbac to support the vault sa checking on the vault-0 pod status. * Make Test * Revert "Make Test" This reverts commit 64e9dc7. * Revert "Adding rbac to support the vault sa checking on the vault-0 pod status." This reverts commit 598bc74. * Revert "Fix image and comment" This reverts commit d4d3fe1. * Revert "Add tests" This reverts commit ab5532a. * Revert "WIP add presync for eso that waits for vault to be up" This reverts commit 2797699. * Increase the default retry limit when syncing ArgoCD will retry 5 times by default to sync an application in case of errors and then will give up. So if an application contains a reference to a CRD that has not been installed yet (say because it will be installed by another application), it will error out and retry later. This happens by default for a maximum of 5 times [1]. After those 5 times the application will give up and will stay in Degraded moded and eventually move to Failed. In this case a manual sync will usually fix the application just fine (i.e. as long as the missing CRD has been installed in the meantime). Now to solve this issue we can add complex preSync Jobs that wait for the needed resources, but this fundamentally breaks the simplicity of things and introduces unneeded dependencies. In this change we just increase the default retry limit to something larger (20) that should cover most cases. The retry limit functionality is rather undocumented currently in the docs but is defined at [2] and also shown at [3]. In our patterns' case the concrete issue happened as follows: 1. ESO ClusterSecrets were often not synced/degraded 2. We introduced a Job in a preSync hook for the ESO chart that would wait on vault to be ready before applying the rest of ESO 3. MCG started failing because the config-demo app had already tried to sync 5 times and failed everytime because the ESO CRDs were not installed yet (due to ESO waiting on vault) So instead of adding yet another job, let's just try a lot more often. We picked 20 as a sane default because that should have argo try for about 60 minutes (3min is the default maximum backoff limit) Tested with two MCG installations (with the ESO Job hook included) and both worked out of the box. Whereas before I managed to get three failures out of three installs. [1] https://github.com/argoproj/argo-cd/blob/master/controller/appcontroller.go#L1680 [2] https://github.com/argoproj/argo-cd/blob/master/manifests/crds/application-crd.yaml#L1476 [3] https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/application.yaml#L202C18-L202C100 * Add Changes.md entry * Fix up tests after common rebase --------- Co-authored-by: Lester Claudio <claudiol@redhat.com> Co-authored-by: day0hero <jonny@redhat.com> Co-authored-by: Lorenzo Dalrio <ldalrio@redhat.com> Co-authored-by: Andrew Beekhof <andrew@beekhof.net> Co-authored-by: Martin Jackson <mhjacks@redhat.com> Co-authored-by: jonny <65790298+day0hero@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 7ed309b - Browse repository at this point
Copy the full SHA 7ed309bView commit details
Commits on Jul 9, 2023
-
* Updated namespaces template to include labels and annotations functionality * Added schema validation to support additional formal for labels and annotations * Updated the values-example.yaml to include new format for namespaces * Updated Changes.md to include new namespaces functionality. * Updating CI tests * Fixed Markdown errors * Add an experimental letsencypt chart This change adds an experimental letsencrypt chart that allows a pattern user/developer to have all routes and the API endpoint use signed certificates by letsencrypt. At this stage only AWS is supported. The full documentation is contained in the chart's README.md file * Do not run kubeconform on the certificate stuff just yet * Fix up kustomize example In the same vein as Industrial Edge 57f41dc135f72011d3796fe42d9cbf05d2b82052 we call kustomize build. Newer gitops versions dropped the openshift-clients rpm by default which contained kubectl. Let's just invoke "kustomize" directly as the binary is present in both old and new gitops versions Since "kubectl kustomize" builds the set of resources by default, we need to switch to "kubectl build" by default We also use the same naming conventions used in Industrial Edge while we're at it. * Upgrade vault-helm to v0.24.0 Tested on MCG with hub and spoke * Add a hello-world ansible playbook example Just a simple example that reads a helm value and puts it in a configmap * Inject ANSIBLE_CONFIG in make ansible-lint * Use new ansible-lint action * Fix some ansible-lint warnings * Fix up python versions * Skip cannot find role error Avoid checking those two playbooks the action seems to be too limited to understand where the ansible.cfg is * Added health check for pvc resource in argocd.yaml This allows argo to continue rolling out the rest of the applications. Without the health check the application is stuck in a progressing state and will not continue thus preventing any downstream application from deploying. * adding tests * Update super-linter image to latest * Update super-linter image to latest * Update CI workflows * updated template with why implemented comment * Add dependabot settings for github actions * adding tests * - Added functionality to support the following format for labels and annotations: labels: openshift.io/node-selector: "" annotations: openshift.io/cluster-monitoring: "true" * Fixed CI Issues * Applying @claudiol recommendation * make test * Avoid exited containers proliferation When running the `pattern.sh` script multiple times, a lot of podman exited containers will be left on the machine, adding `--rm` parameter to `podman run` makes podman automatically delete the exited containers leaving the machine cleaner. * Handling of pre-release builds is too complex for a helm chart Generating the ICSP and allowing insecure registries is best done prior to helm upgrade, and requires VPN access to registry-proxy.engineering.redhat.com * Fixing issues with operator groups * Adding CI test * Updated operator group template * Updating CI issues * Removed duplicate code for operatorgroup by using multiple conditions * Allow overriding the pattern's name This is especially useful when multiple people are working on a pattern an have been using different names: $ make help |grep Pattern: Pattern: multicloud-gitops $ make NAME=foobar help |grep Pattern: Pattern: foobar * Add precise instruction to upgrade the vault subchart * Upgrade vault-helm to v0.24.1 * Add an item to README.md * Fix up common/ tests * Fix super linter * Set gitOpsSpec.operatorSource After merging validatedpatterns/patterns-operator@235b303 it is now effectively possible to pick a different catalogSource for the gitops operator. This is needed in order to allow CI to install the gitops operator from an IIB * Introduce EXTRA_HELM_OPTS This variable can be set in order to pass additional helm arguments from the the command line. I.e. we can set things without having to tweak values files So it is now possible to run something like the following: ./pattern.sh make install \ EXTRA_HELM_OPTS="--set main.gitops.operatorSource=iib-49232" * Disable var-naming[no-role-prefix] in ansible lint * Add new ansible role to deal with IIBs * Simplify load-iib target * Add templates folder * Fix a couple of linting warnings * Fix some super-linter complaints * Skip the iib-ci playbook * Drop var-naming[no-role-prefix] linter * Allow for multiple images when calling load-iib * Add help for load-iib * Output index_image in make * Output index_image in make (2) * Set facts later in the playbook not in defaults/ * Fix how we export vars in make load-iib * Fix how we export vars in make load-iib (2) * Use machineCount to register the number of nodes that need to be ready * Add helpful debug messages * Add | on shell now that we call pipefail * Test dropping nevercontact source * Skip insecure tls when logging in * Also allow gchr.io * Revert "Test dropping nevercontact source" This reverts commit d8746a37fce2663018f52203c892f00b825e32a7. * Fix typo * Clarify instructions in the README file * Automate the channel example * Find out KUBEADMINAPI programmatically * Use command instead of shell * Do not grep for operator bundle unless it is the gitops operator * Also whitelist ghcr.io * Fetch the operator bundle itself in a more robust way It seems that the operator bundle image itself is nowhere to be found inside any OCP cluster object (it's not in packagemanifests nor catalogsource). Resorting to parsing the IIB via opm alpha commands to fetch the exact image. * Add more mirrors * Some more work to support MCE * Cleanup spacing * Fix super-linter * Move task in right folder * Drop last mention of operator instead of item * Improve the grepping for the operator bundle Without also grepping for the default_channel we can end up getting multiple results, which breaks everything. Tested this and it fixed the issue I was seeing with the openshift-gitops-operator this morning * Drop display_skipped_hosts display_skipped_hosts=False has a horrible side-effect: When a task takes a long time, it is always the *next* task and not the one printed on the screen/log. That is because ansible has to wait for the task to finish before printing it as it does not know before hand if the host will be skipped and hence the task should not be displayed at all * Be more specific about the steps in the README * Upgrade ESO to v0.8.2 * Update README.md * Update tests after eso 0.8.2 upgrade * Move to new spec format for dex/sso Via https://issues.redhat.com/browse/GITOPS-2761 we are told that the dex configuration has a new format. Old format: spec: dex: openShiftOAuth: true resources: ... New format: spec: sso: provider: dex dex: openShiftOAuth: true resources: ... This format is only supported starting with gitops-1.8.0, so we should merge this only when we are absolutely sure that no pattern in no situation needs an older gitops version. Tested on MCG with gitops-1.8.2 Note: with this change gitops < 1.8 is not supported. Starting with gitops-1.9 the old format will be unsupported. * Disable ArgoCD from kubeconform The reason is that most of the tools we used to generate the json schema, seem to be unmaintained, so it is getting hard to update our schemas in our GH org. We'll need to revisit this in the future. * Add a short line about username/token for the iib role on OCP <= 4.12 * Drop https:// from podman login Seems we hit https://www.github.com/containers/podman/issues/13691 at least with older podman versions. If this turns out to break podman 4.5.0 I will special case it later * Set the mce-subscription-spec annotation We set it by default to "redhat-operators" and if defined to .Values.clusterGroup.subscriptions.acm.source The reason we do this is the following: 1. In a default deployment scenario MCE has to be deployed as normal from the redhat-operators catalogSource just as ACM is 2. When we deploy gitops-operator from an IIB instead, MCE would be installed trying to get it from the IIB because https://www.github.com/stolostron/multiclusterhub-operator/pull/975 made it so that it picks the latest version looking at all catalog sources. But since we only mirrored the gitops operator in the cluster, this breaks as the images for MCE from the IIB are not there By setting the default to "redhat-operators" we fix this case 3. Now in the case where we want to install ACM from an IIB we need to be able to override this and we will pick whatever value is set in .Values.clusterGroup.subscriptions.acm.source, which will need to be defined for this to work when testing ACM+MCE from an IIB Note: Currently point 3. works only if you set it in a values file. Setting .Values.clusterGroup.subscriptions.acm.source via extraParams won't be passed down from the clusterGroup app to the applications. It's a bug that we need to fix. Note(2): We surround this with an 'if kindIs "map" .Values.clusterGroup.subscriptions' because we do not want to break things if subscription is a list and not a map. If we ever manage to drop subscriptions as list, then we can remove that if * Fix typo in README for iib * Simplify the README a bit * Add support for extraParams being passed down to all applications Via validatedpatterns/patterns-operator#74 we add the extraParams in an extraParametersNested dictionary that holds the extraParams key/value pairs. If they exist, let's add them as parameters. This allows them to end up in the applications. * Add a lookup playbook to figure out IIB numbers * Allow overriding channel and source when installing the patterns-operator This will allow us to test the patterns-operator using a different catalogsource (potentially installed via an IIB). So we can run: make EXTRA_HELM_OPTS="\ --set main.extraParameters[0].name=main.patternsOperator.channel --set main.extraParameters[0].value=slow \ --set main.extraParameters[1].name=main.patternsOperator.source --set main.extraParameters[1].value=patten-index" install * Fix small typo in iib instructions * Drop a redirect and up retries when pushing the IIB to the internal registry * Update ESO to v0.8.3 * WIP add presync for eso that waits for vault to be up * Add tests * Fix image and comment * Adding rbac to support the vault sa checking on the vault-0 pod status. * Make Test * Removed previous version of common to convert to subtree from https://github.com/hybrid-cloud-patterns/common.git main * updated script to check for new status * make test * make test and remove presync checks for eso * make test * make test --------- Co-authored-by: Lester Claudio <claudiol@redhat.com> Co-authored-by: Michele Baldessari <michele@acksyn.org> Co-authored-by: Lorenzo Dalrio <ldalrio@redhat.com> Co-authored-by: Andrew Beekhof <andrew@beekhof.net> Co-authored-by: Martin Jackson <mhjacks@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for f247f63 - Browse repository at this point
Copy the full SHA f247f63View commit details
Commits on Jul 11, 2023
-
Split off global helm variables to a helper definition
We can only split out bits of yaml that reference $.* variables. This is because these sinppets in _helpers.tbl are passed a single context either $ or . and cannot use both like the top-level domain.
Configuration menu - View commit details
-
Copy full SHA for 54056c7 - Browse repository at this point
Copy the full SHA 54056c7View commit details -
Switch ApplicationSets to use the newly-introduced helpers
I only remove the variables that are defined identically in ApplicationSet and in the helper. Leaving the other ones as is as their presence is not entirely clear to me and I do not want to risk breaking things.
Configuration menu - View commit details
-
Copy full SHA for fdee136 - Browse repository at this point
Copy the full SHA fdee136View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4e1f360 - Browse repository at this point
Copy the full SHA 4e1f360View commit details -
Configuration menu - View commit details
-
Copy full SHA for 35e7990 - Browse repository at this point
Copy the full SHA 35e7990View commit details -
Configuration menu - View commit details
-
Copy full SHA for e85c3ab - Browse repository at this point
Copy the full SHA e85c3abView commit details -
Configuration menu - View commit details
-
Copy full SHA for eb791ba - Browse repository at this point
Copy the full SHA eb791baView commit details
Commits on Jul 13, 2023
-
Tweak the load secret debug message to be clearer
When HOME is set we replace it with '~' in this debug message because when run from inside the container the HOME is /pattern-home which is confusing for users. Printing out '~' when at the start of the string is less confusing. Before: ok: [localhost] => { "msg": "/home/michele/.config/hybrid-cloud-patterns/values-secret-multicloud-gitops.yaml" } After: ok: [localhost] => { "msg": "~/.config/hybrid-cloud-patterns/values-secret-multicloud-gitops.yaml" }
Configuration menu - View commit details
-
Copy full SHA for 16fab03 - Browse repository at this point
Copy the full SHA 16fab03View commit details -
Merge pull request #325 from mbaldessari/fix-found-fileoutput
Tweak the load secret debug message to be clearer
Configuration menu - View commit details
-
Copy full SHA for 5219947 - Browse repository at this point
Copy the full SHA 5219947View commit details
Commits on Jul 14, 2023
-
Check if the KUBECONFIG file is pointing outside of the HOME folder
If it is somewhere under /tmp or out of the HOME folder, bail out explaining why. This has caused a few silly situations where the user would save the KUBECONFIG file under /tmp. Since bind-mounting /tmp seems like a wrong thing to do in general, we at least bail out with a clear error message. To do this we rely on a bash functionality so let's just switch the script to use that. Tested as follows: export KUBECONFIG=/tmp/kubeconfig ./scripts/pattern-util.sh make help /tmp/kubeconfig is pointing outside of the HOME folder, this will make it unavailable from the container. Please move it somewhere inside your /home/michele folder, as that is what gets bind-mounted inside the container export KUBECONFIG=~/kubeconfig ./scripts/pattern-util.sh make help Pattern: common Usage: make <target> ...
Configuration menu - View commit details
-
Copy full SHA for 6e31814 - Browse repository at this point
Copy the full SHA 6e31814View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4193c08 - Browse repository at this point
Copy the full SHA 4193c08View commit details -
Configuration menu - View commit details
-
Copy full SHA for ad39f4d - Browse repository at this point
Copy the full SHA ad39f4dView commit details -
Configuration menu - View commit details
-
Copy full SHA for b087e87 - Browse repository at this point
Copy the full SHA b087e87View commit details -
Configuration menu - View commit details
-
Copy full SHA for 38d83ec - Browse repository at this point
Copy the full SHA 38d83ecView commit details -
Configuration menu - View commit details
-
Copy full SHA for 4a0d715 - Browse repository at this point
Copy the full SHA 4a0d715View commit details -
Configuration menu - View commit details
-
Copy full SHA for fa6865c - Browse repository at this point
Copy the full SHA fa6865cView commit details -
Merge pull request #328 from hybrid-cloud-patterns/standby-pool
Sanely handle cluster pools with no clusters (yet)
Configuration menu - View commit details
-
Copy full SHA for b071b89 - Browse repository at this point
Copy the full SHA b071b89View commit details
Commits on Jul 16, 2023
-
Clustergroup Chart.yaml name change
We currently have a small inconsistency where we use common/clustergroup in order to point Argo CD to this chart, but the name inside the chart is 'pattern-clustergroup'. This inconsistency is currently irrelevant, but in the future when migrating to helm charts inside proper helm repos, this becomes problematic. So let's fix the name to be the same as the folder. Tested on MCG successfully.
Configuration menu - View commit details
-
Copy full SHA for c220a68 - Browse repository at this point
Copy the full SHA c220a68View commit details -
Merge pull request #330 from mbaldessari/clustergroup-name
Clustergroup Chart.yaml name change
Configuration menu - View commit details
-
Copy full SHA for 6e6824d - Browse repository at this point
Copy the full SHA 6e6824dView commit details
Commits on Jul 18, 2023
-
Merge pull request #326 from mbaldessari/small-uxfix
Check if the KUBECONFIG file is inside /tmp
Configuration menu - View commit details
-
Copy full SHA for 29a5843 - Browse repository at this point
Copy the full SHA 29a5843View commit details
Commits on Jul 19, 2023
-
Fix the clusterPoolName in clusterClaims
Currently with the following values snippet: managedClusterGroups: exampleRegion: name: group-one acmlabels: - name: clusterGroup value: group-one helmOverrides: - name: clusterGroup.isHubCluster value: false clusterPools: exampleAWSPool: size: 1 name: aws-ap-bandini openshiftVersion: 4.12.24 baseDomain: blueprints.rhecoeng.com controlPlane: count: 1 platform: aws: type: m5.2xlarge workers: count: 0 platform: aws: region: ap-southeast-2 clusters: - One You will get a clusterClaim that is pointing to the wrong Pool: NAMESPACE NAME POOL open-cluster-management one-group-one aws-ap-bandini This is wrong because the clusterPool name will be generated using the pool name + "-" group name: {{- $pool := . }} {{- $poolName := print .name "-" $group.name }} But the clusterPoolName inside the clusterName is only using the "$pool.name" which will make the clusterClaim ineffective as the pool does not exist. Switch to using the same poolName that is being used when creating the clusterPool.
Configuration menu - View commit details
-
Copy full SHA for 21c534c - Browse repository at this point
Copy the full SHA 21c534cView commit details -
Merge pull request #331 from mbaldessari/clusterclaim-fix
Fix the clusterPoolName in clusterClaims
Configuration menu - View commit details
-
Copy full SHA for e0d7954 - Browse repository at this point
Copy the full SHA e0d7954View commit details
Commits on Jul 24, 2023
-
Add some comments to make if/else and loops clearer
Let's improve readability by adding some comments to point out which flow constructs are being ended.
Configuration menu - View commit details
-
Copy full SHA for 4c05974 - Browse repository at this point
Copy the full SHA 4c05974View commit details -
Merge pull request #332 from mbaldessari/comments
Add some comments to make if/else and loops clearer
Configuration menu - View commit details
-
Copy full SHA for 36d679a - Browse repository at this point
Copy the full SHA 36d679aView commit details
Commits on Jul 27, 2023
-
Configuration menu - View commit details
-
Copy full SHA for dd3cdcb - Browse repository at this point
Copy the full SHA dd3cdcbView commit details -
Configuration menu - View commit details
-
Copy full SHA for 5f33f33 - Browse repository at this point
Copy the full SHA 5f33f33View commit details -
Split out values files to a helper for the acm chart
Just like we did for the clustergroup chart, let's split the values file list into a dedicated helper. This time since there are no global variables we include it with the current context and not with the '$' context. Tested with MCG: hub and spoke. Correctly observed all the applications running on the spoke.
Configuration menu - View commit details
-
Copy full SHA for 91f3ef0 - Browse repository at this point
Copy the full SHA 91f3ef0View commit details -
They changed because we made the list indentation more correct (two extra spaces to the left)
Configuration menu - View commit details
-
Copy full SHA for 17697e5 - Browse repository at this point
Copy the full SHA 17697e5View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3bd8487 - Browse repository at this point
Copy the full SHA 3bd8487View commit details
Commits on Jul 28, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 669ff92 - Browse repository at this point
Copy the full SHA 669ff92View commit details
Commits on Jul 30, 2023
-
Merge pull request #334 from stocky37/fix-vault-unseal-ansible
Fix sa/namespace mixup in vault_spokes_init
Configuration menu - View commit details
-
Copy full SHA for d7994cb - Browse repository at this point
Copy the full SHA d7994cbView commit details
Commits on Jul 31, 2023
-
Also set seccompProfile to null to make things work on OCP 4.10
Configuration menu - View commit details
-
Copy full SHA for 5cb41a3 - Browse repository at this point
Copy the full SHA 5cb41a3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 9d2df97 - Browse repository at this point
Copy the full SHA 9d2df97View commit details -
Tested the ESO upgrade on MCG on both 4.10 and 4.13
Configuration menu - View commit details
-
Copy full SHA for e720991 - Browse repository at this point
Copy the full SHA e720991View commit details -
Merge pull request #335 from mbaldessari/fix-eso
Upgrade ESO to v0.8.5
Configuration menu - View commit details
-
Copy full SHA for 15363f6 - Browse repository at this point
Copy the full SHA 15363f6View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4cbef5e - Browse repository at this point
Copy the full SHA 4cbef5eView commit details -
* Updated namespaces template to include labels and annotations functionality * Added schema validation to support additional formal for labels and annotations * Updated the values-example.yaml to include new format for namespaces * Updated Changes.md to include new namespaces functionality. * Updating CI tests * Fixed Markdown errors * Add an experimental letsencypt chart This change adds an experimental letsencrypt chart that allows a pattern user/developer to have all routes and the API endpoint use signed certificates by letsencrypt. At this stage only AWS is supported. The full documentation is contained in the chart's README.md file * Do not run kubeconform on the certificate stuff just yet * Fix up kustomize example In the same vein as Industrial Edge 57f41dc135f72011d3796fe42d9cbf05d2b82052 we call kustomize build. Newer gitops versions dropped the openshift-clients rpm by default which contained kubectl. Let's just invoke "kustomize" directly as the binary is present in both old and new gitops versions Since "kubectl kustomize" builds the set of resources by default, we need to switch to "kubectl build" by default We also use the same naming conventions used in Industrial Edge while we're at it. * Upgrade vault-helm to v0.24.0 Tested on MCG with hub and spoke * Add a hello-world ansible playbook example Just a simple example that reads a helm value and puts it in a configmap * Inject ANSIBLE_CONFIG in make ansible-lint * Use new ansible-lint action * Fix some ansible-lint warnings * Fix up python versions * Skip cannot find role error Avoid checking those two playbooks the action seems to be too limited to understand where the ansible.cfg is * Added health check for pvc resource in argocd.yaml This allows argo to continue rolling out the rest of the applications. Without the health check the application is stuck in a progressing state and will not continue thus preventing any downstream application from deploying. * adding tests * Update super-linter image to latest * Update super-linter image to latest * Update CI workflows * updated template with why implemented comment * Add dependabot settings for github actions * adding tests * - Added functionality to support the following format for labels and annotations: labels: openshift.io/node-selector: "" annotations: openshift.io/cluster-monitoring: "true" * Fixed CI Issues * Applying @claudiol recommendation * make test * Avoid exited containers proliferation When running the `pattern.sh` script multiple times, a lot of podman exited containers will be left on the machine, adding `--rm` parameter to `podman run` makes podman automatically delete the exited containers leaving the machine cleaner. * Handling of pre-release builds is too complex for a helm chart Generating the ICSP and allowing insecure registries is best done prior to helm upgrade, and requires VPN access to registry-proxy.engineering.redhat.com * Fixing issues with operator groups * Adding CI test * Updated operator group template * Updating CI issues * Removed duplicate code for operatorgroup by using multiple conditions * Allow overriding the pattern's name This is especially useful when multiple people are working on a pattern an have been using different names: $ make help |grep Pattern: Pattern: multicloud-gitops $ make NAME=foobar help |grep Pattern: Pattern: foobar * Add precise instruction to upgrade the vault subchart * Upgrade vault-helm to v0.24.1 * Add an item to README.md * Fix up common/ tests * Fix super linter * Set gitOpsSpec.operatorSource After merging validatedpatterns/patterns-operator@235b303 it is now effectively possible to pick a different catalogSource for the gitops operator. This is needed in order to allow CI to install the gitops operator from an IIB * Introduce EXTRA_HELM_OPTS This variable can be set in order to pass additional helm arguments from the the command line. I.e. we can set things without having to tweak values files So it is now possible to run something like the following: ./pattern.sh make install \ EXTRA_HELM_OPTS="--set main.gitops.operatorSource=iib-49232" * Disable var-naming[no-role-prefix] in ansible lint * Add new ansible role to deal with IIBs * Simplify load-iib target * Add templates folder * Fix a couple of linting warnings * Fix some super-linter complaints * Skip the iib-ci playbook * Drop var-naming[no-role-prefix] linter * Allow for multiple images when calling load-iib * Add help for load-iib * Output index_image in make * Output index_image in make (2) * Set facts later in the playbook not in defaults/ * Fix how we export vars in make load-iib * Fix how we export vars in make load-iib (2) * Use machineCount to register the number of nodes that need to be ready * Add helpful debug messages * Add | on shell now that we call pipefail * Test dropping nevercontact source * Skip insecure tls when logging in * Also allow gchr.io * Revert "Test dropping nevercontact source" This reverts commit d8746a37fce2663018f52203c892f00b825e32a7. * Fix typo * Clarify instructions in the README file * Automate the channel example * Find out KUBEADMINAPI programmatically * Use command instead of shell * Do not grep for operator bundle unless it is the gitops operator * Also whitelist ghcr.io * Fetch the operator bundle itself in a more robust way It seems that the operator bundle image itself is nowhere to be found inside any OCP cluster object (it's not in packagemanifests nor catalogsource). Resorting to parsing the IIB via opm alpha commands to fetch the exact image. * Add more mirrors * Some more work to support MCE * Cleanup spacing * Fix super-linter * Move task in right folder * Drop last mention of operator instead of item * Improve the grepping for the operator bundle Without also grepping for the default_channel we can end up getting multiple results, which breaks everything. Tested this and it fixed the issue I was seeing with the openshift-gitops-operator this morning * Drop display_skipped_hosts display_skipped_hosts=False has a horrible side-effect: When a task takes a long time, it is always the *next* task and not the one printed on the screen/log. That is because ansible has to wait for the task to finish before printing it as it does not know before hand if the host will be skipped and hence the task should not be displayed at all * Be more specific about the steps in the README * Upgrade ESO to v0.8.2 * Update README.md * Update tests after eso 0.8.2 upgrade * Move to new spec format for dex/sso Via https://issues.redhat.com/browse/GITOPS-2761 we are told that the dex configuration has a new format. Old format: spec: dex: openShiftOAuth: true resources: ... New format: spec: sso: provider: dex dex: openShiftOAuth: true resources: ... This format is only supported starting with gitops-1.8.0, so we should merge this only when we are absolutely sure that no pattern in no situation needs an older gitops version. Tested on MCG with gitops-1.8.2 Note: with this change gitops < 1.8 is not supported. Starting with gitops-1.9 the old format will be unsupported. * Disable ArgoCD from kubeconform The reason is that most of the tools we used to generate the json schema, seem to be unmaintained, so it is getting hard to update our schemas in our GH org. We'll need to revisit this in the future. * Add a short line about username/token for the iib role on OCP <= 4.12 * Drop https:// from podman login Seems we hit https://www.github.com/containers/podman/issues/13691 at least with older podman versions. If this turns out to break podman 4.5.0 I will special case it later * Set the mce-subscription-spec annotation We set it by default to "redhat-operators" and if defined to .Values.clusterGroup.subscriptions.acm.source The reason we do this is the following: 1. In a default deployment scenario MCE has to be deployed as normal from the redhat-operators catalogSource just as ACM is 2. When we deploy gitops-operator from an IIB instead, MCE would be installed trying to get it from the IIB because https://www.github.com/stolostron/multiclusterhub-operator/pull/975 made it so that it picks the latest version looking at all catalog sources. But since we only mirrored the gitops operator in the cluster, this breaks as the images for MCE from the IIB are not there By setting the default to "redhat-operators" we fix this case 3. Now in the case where we want to install ACM from an IIB we need to be able to override this and we will pick whatever value is set in .Values.clusterGroup.subscriptions.acm.source, which will need to be defined for this to work when testing ACM+MCE from an IIB Note: Currently point 3. works only if you set it in a values file. Setting .Values.clusterGroup.subscriptions.acm.source via extraParams won't be passed down from the clusterGroup app to the applications. It's a bug that we need to fix. Note(2): We surround this with an 'if kindIs "map" .Values.clusterGroup.subscriptions' because we do not want to break things if subscription is a list and not a map. If we ever manage to drop subscriptions as list, then we can remove that if * Fix typo in README for iib * Simplify the README a bit * Add support for extraParams being passed down to all applications Via validatedpatterns/patterns-operator#74 we add the extraParams in an extraParametersNested dictionary that holds the extraParams key/value pairs. If they exist, let's add them as parameters. This allows them to end up in the applications. * Add a lookup playbook to figure out IIB numbers * Allow overriding channel and source when installing the patterns-operator This will allow us to test the patterns-operator using a different catalogsource (potentially installed via an IIB). So we can run: make EXTRA_HELM_OPTS="\ --set main.extraParameters[0].name=main.patternsOperator.channel --set main.extraParameters[0].value=slow \ --set main.extraParameters[1].name=main.patternsOperator.source --set main.extraParameters[1].value=patten-index" install * Fix small typo in iib instructions * Drop a redirect and up retries when pushing the IIB to the internal registry * Update ESO to v0.8.3 * WIP add presync for eso that waits for vault to be up * Add tests * Fix image and comment * Adding rbac to support the vault sa checking on the vault-0 pod status. * Make Test * Revert "Make Test" This reverts commit 64e9dc7. * Revert "Adding rbac to support the vault sa checking on the vault-0 pod status." This reverts commit 598bc74. * Revert "Fix image and comment" This reverts commit d4d3fe1. * Revert "Add tests" This reverts commit ab5532a. * Revert "WIP add presync for eso that waits for vault to be up" This reverts commit 2797699. * Increase the default retry limit when syncing ArgoCD will retry 5 times by default to sync an application in case of errors and then will give up. So if an application contains a reference to a CRD that has not been installed yet (say because it will be installed by another application), it will error out and retry later. This happens by default for a maximum of 5 times [1]. After those 5 times the application will give up and will stay in Degraded moded and eventually move to Failed. In this case a manual sync will usually fix the application just fine (i.e. as long as the missing CRD has been installed in the meantime). Now to solve this issue we can add complex preSync Jobs that wait for the needed resources, but this fundamentally breaks the simplicity of things and introduces unneeded dependencies. In this change we just increase the default retry limit to something larger (20) that should cover most cases. The retry limit functionality is rather undocumented currently in the docs but is defined at [2] and also shown at [3]. In our patterns' case the concrete issue happened as follows: 1. ESO ClusterSecrets were often not synced/degraded 2. We introduced a Job in a preSync hook for the ESO chart that would wait on vault to be ready before applying the rest of ESO 3. MCG started failing because the config-demo app had already tried to sync 5 times and failed everytime because the ESO CRDs were not installed yet (due to ESO waiting on vault) So instead of adding yet another job, let's just try a lot more often. We picked 20 as a sane default because that should have argo try for about 60 minutes (3min is the default maximum backoff limit) Tested with two MCG installations (with the ESO Job hook included) and both worked out of the box. Whereas before I managed to get three failures out of three installs. [1] https://github.com/argoproj/argo-cd/blob/master/controller/appcontroller.go#L1680 [2] https://github.com/argoproj/argo-cd/blob/master/manifests/crds/application-crd.yaml#L1476 [3] https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/application.yaml#L202C18-L202C100 * Add Changes.md entry * Split off global helm variables to a helper definition We can only split out bits of yaml that reference $.* variables. This is because these sinppets in _helpers.tbl are passed a single context either $ or . and cannot use both like the top-level domain. * Switch ApplicationSets to use the newly-introduced helpers I only remove the variables that are defined identically in ApplicationSet and in the helper. Leaving the other ones as is as their presence is not entirely clear to me and I do not want to risk breaking things. * Split off valueFiles to _helpers.tbl * Switch applicationsets to use the new helper * Drop some older comments * Tweak the load secret debug message to be clearer When HOME is set we replace it with '~' in this debug message because when run from inside the container the HOME is /pattern-home which is confusing for users. Printing out '~' when at the start of the string is less confusing. Before: ok: [localhost] => { "msg": "/home/michele/.config/hybrid-cloud-patterns/values-secret-multicloud-gitops.yaml" } After: ok: [localhost] => { "msg": "~/.config/hybrid-cloud-patterns/values-secret-multicloud-gitops.yaml" } * Check if the KUBECONFIG file is pointing outside of the HOME folder If it is somewhere under /tmp or out of the HOME folder, bail out explaining why. This has caused a few silly situations where the user would save the KUBECONFIG file under /tmp. Since bind-mounting /tmp seems like a wrong thing to do in general, we at least bail out with a clear error message. To do this we rely on a bash functionality so let's just switch the script to use that. Tested as follows: export KUBECONFIG=/tmp/kubeconfig ./scripts/pattern-util.sh make help /tmp/kubeconfig is pointing outside of the HOME folder, this will make it unavailable from the container. Please move it somewhere inside your /home/michele folder, as that is what gets bind-mounted inside the container export KUBECONFIG=~/kubeconfig ./scripts/pattern-util.sh make help Pattern: common Usage: make <target> ... * Include an example SNO cluster pool in the tests * Enforce lowercase names for cluster claims * Avoid mixing yaml and json in the OCP install-config * Update provisioning tests * Sanely handle cluster pools with no clusters (yet) * Clustergroup Chart.yaml name change We currently have a small inconsistency where we use common/clustergroup in order to point Argo CD to this chart, but the name inside the chart is 'pattern-clustergroup'. This inconsistency is currently irrelevant, but in the future when migrating to helm charts inside proper helm repos, this becomes problematic. So let's fix the name to be the same as the folder. Tested on MCG successfully. * Fix the clusterPoolName in clusterClaims Currently with the following values snippet: managedClusterGroups: exampleRegion: name: group-one acmlabels: - name: clusterGroup value: group-one helmOverrides: - name: clusterGroup.isHubCluster value: false clusterPools: exampleAWSPool: size: 1 name: aws-ap-bandini openshiftVersion: 4.12.24 baseDomain: blueprints.rhecoeng.com controlPlane: count: 1 platform: aws: type: m5.2xlarge workers: count: 0 platform: aws: region: ap-southeast-2 clusters: - One You will get a clusterClaim that is pointing to the wrong Pool: NAMESPACE NAME POOL open-cluster-management one-group-one aws-ap-bandini This is wrong because the clusterPool name will be generated using the pool name + "-" group name: {{- $pool := . }} {{- $poolName := print .name "-" $group.name }} But the clusterPoolName inside the clusterName is only using the "$pool.name" which will make the clusterClaim ineffective as the pool does not exist. Switch to using the same poolName that is being used when creating the clusterPool. * Add some comments to make if/else and loops clearer Let's improve readability by adding some comments to point out which flow constructs are being ended. * Add some more comments in applications.yaml * Add a default for options applicationRetryLimit * Split out values files to a helper for the acm chart Just like we did for the clustergroup chart, let's split the values file list into a dedicated helper. This time since there are no global variables we include it with the current context and not with the '$' context. Tested with MCG: hub and spoke. Correctly observed all the applications running on the spoke. * Fix up tests They changed because we made the list indentation more correct (two extra spaces to the left) * Fix sa/namespace mixup in vault_spokes_init * Update local patch Also set seccompProfile to null to make things work on OCP 4.10 * Update ESO to 0.8.5 * Tweak ESO UBI images Tested the ESO upgrade on MCG on both 4.10 and 4.13 * Removed previous version of common to convert to subtree from https://github.com/hybrid-cloud-patterns/common.git main * make test --------- Co-authored-by: Lester Claudio <claudiol@redhat.com> Co-authored-by: Michele Baldessari <michele@acksyn.org> Co-authored-by: Lorenzo Dalrio <ldalrio@redhat.com> Co-authored-by: Andrew Beekhof <andrew@beekhof.net> Co-authored-by: Martin Jackson <mhjacks@redhat.com> Co-authored-by: Tom Stockwell <2060486+stocky37@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for fc060b8 - Browse repository at this point
Copy the full SHA fc060b8View commit details -
Configuration menu - View commit details
-
Copy full SHA for a72f2d3 - Browse repository at this point
Copy the full SHA a72f2d3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 057001f - Browse repository at this point
Copy the full SHA 057001fView commit details
Commits on Aug 1, 2023
-
Error out from load-iib when INDEX_IMAGES is undefined
If you call the load-iib target you *must* set INDEX_IMAGES, so let's error out properly if you do not. Tested as: $ unset INDEX_IMAGES $ make load-iib make -f common/Makefile load-iib make[1]: Entering directory '/home/michele/Engineering/cloud-patterns/multicloud-gitops' No INDEX_IMAGES defined. Bailing out $ export INDEX_IMAGES=foo make load-iib make -f common/Makefile load-iib make[1]: Entering directory '/home/michele/Engineering/cloud-patterns/multicloud-gitops' PLAY [IIB CI playbook] ***
Configuration menu - View commit details
-
Copy full SHA for 49728fa - Browse repository at this point
Copy the full SHA 49728faView commit details -
Merge pull request #337 from mbaldessari/iib-ux
Error out from load-iib when INDEX_IMAGES is undefined
Configuration menu - View commit details
-
Copy full SHA for bc74b85 - Browse repository at this point
Copy the full SHA bc74b85View commit details -
Merge pull request #336 from mbaldessari/vault-helm-0.25.0
Upgrade vault-helm to v0.25.0
Configuration menu - View commit details
-
Copy full SHA for 35e64a1 - Browse repository at this point
Copy the full SHA 35e64a1View commit details -
Configuration menu - View commit details
-
Copy full SHA for eb45d81 - Browse repository at this point
Copy the full SHA eb45d81View commit details -
Configuration menu - View commit details
-
Copy full SHA for ffb008c - Browse repository at this point
Copy the full SHA ffb008cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 3444d34 - Browse repository at this point
Copy the full SHA 3444d34View commit details -
Merge pull request #90 from hybrid-cloud-patterns/update-common
Update common
Configuration menu - View commit details
-
Copy full SHA for a246609 - Browse repository at this point
Copy the full SHA a246609View commit details