Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

common update #89

Merged
merged 190 commits into from
Aug 1, 2023
Merged

common update #89

merged 190 commits into from
Aug 1, 2023

Commits on Mar 21, 2023

  1. Configuration menu
    Copy the full SHA
    1cb3f09 View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    e68b7d9 View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    8aa8396 View commit details
    Browse the repository at this point in the history
  4. Configuration menu
    Copy the full SHA
    6b55045 View commit details
    Browse the repository at this point in the history
  5. Updating CI tests

    claudiol committed Mar 21, 2023
    Configuration menu
    Copy the full SHA
    7565648 View commit details
    Browse the repository at this point in the history
  6. Fixed Markdown errors

    claudiol committed Mar 21, 2023
    Configuration menu
    Copy the full SHA
    185d11a View commit details
    Browse the repository at this point in the history

Commits on Apr 3, 2023

  1. Add an experimental letsencypt chart

    This change adds an experimental letsencrypt chart that allows a pattern
    user/developer to have all routes and the API endpoint use signed
    certificates by letsencrypt.
    
    At this stage only AWS is supported. The full documentation is contained
    in the chart's README.md file
    mbaldessari committed Apr 3, 2023
    Configuration menu
    Copy the full SHA
    c2ecb2a View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    7572b82 View commit details
    Browse the repository at this point in the history

Commits on Apr 11, 2023

  1. Fix up kustomize example

    In the same vein as Industrial Edge 57f41dc135f72011d3796fe42d9cbf05d2b82052
    we call kustomize build.
    
    Newer gitops versions dropped the openshift-clients rpm by default which
    contained kubectl. Let's just invoke "kustomize" directly as the binary
    is present in both old and new gitops versions
    
    Since "kubectl kustomize" builds the set of resources by default, we
    need to switch to "kubectl build" by default
    
    We also use the same naming conventions used in Industrial Edge while
    we're at it.
    mbaldessari committed Apr 11, 2023
    Configuration menu
    Copy the full SHA
    527ca41 View commit details
    Browse the repository at this point in the history
  2. Merge pull request #293 from mbaldessari/fix-customize

    Fix up kustomize example
    mbaldessari authored Apr 11, 2023
    Configuration menu
    Copy the full SHA
    c154929 View commit details
    Browse the repository at this point in the history
  3. Upgrade vault-helm to v0.24.0

    Tested on MCG with hub and spoke
    mbaldessari committed Apr 11, 2023
    Configuration menu
    Copy the full SHA
    3a77a96 View commit details
    Browse the repository at this point in the history
  4. Merge pull request #294 from mbaldessari/vault-helm-0.24.0

    Upgrade vault-helm to v0.24.0
    mbaldessari authored Apr 11, 2023
    Configuration menu
    Copy the full SHA
    3be58c7 View commit details
    Browse the repository at this point in the history

Commits on Apr 15, 2023

  1. Add a hello-world ansible playbook example

    Just a simple example that reads a helm value and puts it in a configmap
    mbaldessari committed Apr 15, 2023
    Configuration menu
    Copy the full SHA
    817bf1f View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    248ac46 View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    bcc7b24 View commit details
    Browse the repository at this point in the history
  4. Configuration menu
    Copy the full SHA
    879737f View commit details
    Browse the repository at this point in the history
  5. Fix up python versions

    mbaldessari committed Apr 15, 2023
    Configuration menu
    Copy the full SHA
    12fd2f8 View commit details
    Browse the repository at this point in the history
  6. Skip cannot find role error

    Avoid checking those two playbooks the action seems to be too limited
    to understand where the ansible.cfg is
    mbaldessari committed Apr 15, 2023
    Configuration menu
    Copy the full SHA
    a3b22b5 View commit details
    Browse the repository at this point in the history
  7. Merge pull request #297 from mbaldessari/hello-world-ansible

    Add Hello World imperative example
    mbaldessari authored Apr 15, 2023
    Configuration menu
    Copy the full SHA
    8a63118 View commit details
    Browse the repository at this point in the history

Commits on Apr 20, 2023

  1. Added health check for pvc resource in argocd.yaml

    This allows argo to continue rolling out the rest of the applications.
    Without the health check the application is stuck in a progressing state
    and will not continue thus preventing any downstream application from
    deploying.
    day0hero committed Apr 20, 2023
    Configuration menu
    Copy the full SHA
    dde9699 View commit details
    Browse the repository at this point in the history
  2. adding tests

    day0hero committed Apr 20, 2023
    Configuration menu
    Copy the full SHA
    f2010a3 View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    e06ad88 View commit details
    Browse the repository at this point in the history
  4. Configuration menu
    Copy the full SHA
    3545945 View commit details
    Browse the repository at this point in the history
  5. Merge pull request #299 from mbaldessari/superlinter-v5

    Update super-linter image to latest
    mbaldessari authored Apr 20, 2023
    Configuration menu
    Copy the full SHA
    ce520d2 View commit details
    Browse the repository at this point in the history
  6. Configuration menu
    Copy the full SHA
    adb4a67 View commit details
    Browse the repository at this point in the history
  7. Update CI workflows

    mbaldessari committed Apr 20, 2023
    Configuration menu
    Copy the full SHA
    7fa15b1 View commit details
    Browse the repository at this point in the history
  8. Configuration menu
    Copy the full SHA
    17a1402 View commit details
    Browse the repository at this point in the history
  9. Configuration menu
    Copy the full SHA
    6b88bcd View commit details
    Browse the repository at this point in the history

Commits on Apr 21, 2023

  1. Configuration menu
    Copy the full SHA
    d6ab881 View commit details
    Browse the repository at this point in the history
  2. Merge pull request #301 from mbaldessari/dependabot

    Add dependabot settings for github actions
    mbaldessari authored Apr 21, 2023
    Configuration menu
    Copy the full SHA
    5978a08 View commit details
    Browse the repository at this point in the history
  3. Merge pull request #287 from mbaldessari/letsencrypt

    Add an experimental letsencypt chart
    mbaldessari authored Apr 21, 2023
    Configuration menu
    Copy the full SHA
    eaf2619 View commit details
    Browse the repository at this point in the history
  4. adding tests

    day0hero committed Apr 21, 2023
    Configuration menu
    Copy the full SHA
    8faea73 View commit details
    Browse the repository at this point in the history
  5. - Added functionality to support the following format for labels and …

    …annotations:
    
          labels:
            openshift.io/node-selector: ""
          annotations:
            openshift.io/cluster-monitoring: "true"
    claudiol committed Apr 21, 2023
    Configuration menu
    Copy the full SHA
    d3b6faf View commit details
    Browse the repository at this point in the history
  6. Configuration menu
    Copy the full SHA
    3c60aa1 View commit details
    Browse the repository at this point in the history
  7. Fixed CI Issues

    claudiol committed Apr 21, 2023
    Configuration menu
    Copy the full SHA
    9d6fc02 View commit details
    Browse the repository at this point in the history
  8. Applying @claudiol recommendation

    day0hero committed Apr 21, 2023
    Configuration menu
    Copy the full SHA
    2863999 View commit details
    Browse the repository at this point in the history
  9. make test

    day0hero committed Apr 21, 2023
    Configuration menu
    Copy the full SHA
    fd004fb View commit details
    Browse the repository at this point in the history

Commits on Apr 22, 2023

  1. Merge pull request #298 from hybrid-cloud-patterns/argocd-pvc-healthc…

    …heck
    
    Added health check for pvc resource in argocd.yaml
    mbaldessari authored Apr 22, 2023
    Configuration menu
    Copy the full SHA
    90602fc View commit details
    Browse the repository at this point in the history

Commits on Apr 27, 2023

  1. Avoid exited containers proliferation

    When running the `pattern.sh` script multiple times, a lot of
    podman exited containers will be left on the machine, adding
    `--rm` parameter to `podman run` makes podman automatically
    delete the exited containers leaving the machine cleaner.
    Lorenzo Dalrio committed Apr 27, 2023
    Configuration menu
    Copy the full SHA
    d1cf543 View commit details
    Browse the repository at this point in the history
  2. Merge pull request #302 from beelzetron/feature/clean-podman-exited-c…

    …ontainers
    
    Avoid exited containers proliferation using pattern.sh script
    mbaldessari authored Apr 27, 2023
    Configuration menu
    Copy the full SHA
    cc44bff View commit details
    Browse the repository at this point in the history

Commits on Apr 28, 2023

  1. Handling of pre-release builds is too complex for a helm chart

    Generating the ICSP and allowing insecure registries is best done prior
    to helm upgrade, and requires VPN access to registry-proxy.engineering.redhat.com
    beekhof committed Apr 28, 2023
    Configuration menu
    Copy the full SHA
    37c8f3a View commit details
    Browse the repository at this point in the history

Commits on May 3, 2023

  1. Configuration menu
    Copy the full SHA
    d6b2b0d View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    3c81c48 View commit details
    Browse the repository at this point in the history
  3. Adding CI test

    claudiol committed May 3, 2023
    Configuration menu
    Copy the full SHA
    fa9f2dc View commit details
    Browse the repository at this point in the history
  4. Configuration menu
    Copy the full SHA
    a0e2d91 View commit details
    Browse the repository at this point in the history
  5. Updating CI issues

    claudiol committed May 3, 2023
    Configuration menu
    Copy the full SHA
    3f6d9b5 View commit details
    Browse the repository at this point in the history

Commits on May 5, 2023

  1. Configuration menu
    Copy the full SHA
    6566688 View commit details
    Browse the repository at this point in the history

Commits on May 10, 2023

  1. Merge pull request #283 from claudiol/namespace-additional-properties

    WIP: Add labels and annotations support for namespaces (RFE)
    mbaldessari authored May 10, 2023
    Configuration menu
    Copy the full SHA
    b855239 View commit details
    Browse the repository at this point in the history

Commits on May 15, 2023

  1. Allow overriding the pattern's name

    This is especially useful when multiple people are working on a pattern
    an have been using different names:
    
        $ make help |grep Pattern:
        Pattern: multicloud-gitops
        $ make NAME=foobar help |grep Pattern:
        Pattern: foobar
    mbaldessari committed May 15, 2023
    Configuration menu
    Copy the full SHA
    c7dadbf View commit details
    Browse the repository at this point in the history
  2. Merge pull request #303 from mbaldessari/name

    Allow overriding the pattern's name
    mhjacks authored May 15, 2023
    Configuration menu
    Copy the full SHA
    7ccd29c View commit details
    Browse the repository at this point in the history

Commits on May 16, 2023

  1. Configuration menu
    Copy the full SHA
    a6bb073 View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    ea7186e View commit details
    Browse the repository at this point in the history
  3. Add an item to README.md

    mbaldessari committed May 16, 2023
    Configuration menu
    Copy the full SHA
    c09126f View commit details
    Browse the repository at this point in the history
  4. Fix up common/ tests

    mbaldessari committed May 16, 2023
    Configuration menu
    Copy the full SHA
    70b778c View commit details
    Browse the repository at this point in the history
  5. Fix super linter

    mbaldessari committed May 16, 2023
    Configuration menu
    Copy the full SHA
    ee59eee View commit details
    Browse the repository at this point in the history
  6. Configuration menu
    Copy the full SHA
    07acbc3 View commit details
    Browse the repository at this point in the history

Commits on May 18, 2023

  1. Set gitOpsSpec.operatorSource

    After merging validatedpatterns/patterns-operator@235b303
    it is now effectively possible to pick a different catalogSource for
    the gitops operator. This is needed in order to allow CI to install
    the gitops operator from an IIB
    mbaldessari committed May 18, 2023
    Configuration menu
    Copy the full SHA
    0e661bf View commit details
    Browse the repository at this point in the history
  2. Introduce EXTRA_HELM_OPTS

    This variable can be set in order to pass additional helm arguments from the
    the command line. I.e. we can set things without having to tweak values files
    So it is now possible to run something like the following:
    
      ./pattern.sh make install \
      EXTRA_HELM_OPTS="--set main.gitops.operatorSource=iib-49232"
    mbaldessari committed May 18, 2023
    Configuration menu
    Copy the full SHA
    d9db633 View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    8bfb05d View commit details
    Browse the repository at this point in the history
  4. Merge pull request #306 from mbaldessari/catalogsource

    catalgSource fixes
    mbaldessari authored May 18, 2023
    Configuration menu
    Copy the full SHA
    2fff431 View commit details
    Browse the repository at this point in the history
  5. Configuration menu
    Copy the full SHA
    b4e5967 View commit details
    Browse the repository at this point in the history
  6. Simplify load-iib target

    mbaldessari committed May 18, 2023
    Configuration menu
    Copy the full SHA
    5cbc2c0 View commit details
    Browse the repository at this point in the history
  7. Add templates folder

    mbaldessari committed May 18, 2023
    Configuration menu
    Copy the full SHA
    bb97c58 View commit details
    Browse the repository at this point in the history
  8. Configuration menu
    Copy the full SHA
    65dda37 View commit details
    Browse the repository at this point in the history
  9. Configuration menu
    Copy the full SHA
    4dfeecb View commit details
    Browse the repository at this point in the history
  10. Skip the iib-ci playbook

    mbaldessari committed May 18, 2023
    Configuration menu
    Copy the full SHA
    33dfdb3 View commit details
    Browse the repository at this point in the history
  11. Configuration menu
    Copy the full SHA
    93fd8c8 View commit details
    Browse the repository at this point in the history
  12. Configuration menu
    Copy the full SHA
    6263afe View commit details
    Browse the repository at this point in the history
  13. Add help for load-iib

    mbaldessari committed May 18, 2023
    Configuration menu
    Copy the full SHA
    c776ed0 View commit details
    Browse the repository at this point in the history
  14. Configuration menu
    Copy the full SHA
    b6b4836 View commit details
    Browse the repository at this point in the history
  15. Configuration menu
    Copy the full SHA
    51b9fb4 View commit details
    Browse the repository at this point in the history
  16. Configuration menu
    Copy the full SHA
    7567a73 View commit details
    Browse the repository at this point in the history
  17. Configuration menu
    Copy the full SHA
    ff6b73f View commit details
    Browse the repository at this point in the history
  18. Configuration menu
    Copy the full SHA
    7dfa5cf View commit details
    Browse the repository at this point in the history
  19. Configuration menu
    Copy the full SHA
    5e51a63 View commit details
    Browse the repository at this point in the history
  20. Configuration menu
    Copy the full SHA
    1b80705 View commit details
    Browse the repository at this point in the history
  21. Configuration menu
    Copy the full SHA
    aef9717 View commit details
    Browse the repository at this point in the history
  22. Configuration menu
    Copy the full SHA
    14209b3 View commit details
    Browse the repository at this point in the history
  23. Configuration menu
    Copy the full SHA
    7d17348 View commit details
    Browse the repository at this point in the history
  24. Also allow gchr.io

    mbaldessari committed May 18, 2023
    Configuration menu
    Copy the full SHA
    dbdbc8c View commit details
    Browse the repository at this point in the history
  25. Revert "Test dropping nevercontact source"

    This reverts commit d8746a37fce2663018f52203c892f00b825e32a7.
    mbaldessari committed May 18, 2023
    Configuration menu
    Copy the full SHA
    0355fa4 View commit details
    Browse the repository at this point in the history
  26. Fix typo

    mbaldessari committed May 18, 2023
    Configuration menu
    Copy the full SHA
    47855e0 View commit details
    Browse the repository at this point in the history
  27. Configuration menu
    Copy the full SHA
    49f018a View commit details
    Browse the repository at this point in the history
  28. Configuration menu
    Copy the full SHA
    d1dc09f View commit details
    Browse the repository at this point in the history
  29. Configuration menu
    Copy the full SHA
    729232a View commit details
    Browse the repository at this point in the history
  30. Configuration menu
    Copy the full SHA
    d4eb914 View commit details
    Browse the repository at this point in the history
  31. Configuration menu
    Copy the full SHA
    f73f75d View commit details
    Browse the repository at this point in the history
  32. Also whitelist ghcr.io

    mbaldessari committed May 18, 2023
    Configuration menu
    Copy the full SHA
    b660f93 View commit details
    Browse the repository at this point in the history
  33. Fetch the operator bundle itself in a more robust way

    It seems that the operator bundle image itself is nowhere to be found
    inside any OCP cluster object (it's not in packagemanifests nor
    catalogsource). Resorting to parsing the IIB via opm alpha commands
    to fetch the exact image.
    mbaldessari committed May 18, 2023
    Configuration menu
    Copy the full SHA
    41dc747 View commit details
    Browse the repository at this point in the history
  34. Add more mirrors

    mbaldessari committed May 18, 2023
    Configuration menu
    Copy the full SHA
    2a941fb View commit details
    Browse the repository at this point in the history

Commits on May 19, 2023

  1. Configuration menu
    Copy the full SHA
    a4e232b View commit details
    Browse the repository at this point in the history
  2. Cleanup spacing

    mbaldessari committed May 19, 2023
    Configuration menu
    Copy the full SHA
    45912f1 View commit details
    Browse the repository at this point in the history
  3. Fix super-linter

    mbaldessari committed May 19, 2023
    Configuration menu
    Copy the full SHA
    86ac7c2 View commit details
    Browse the repository at this point in the history
  4. Move task in right folder

    mbaldessari committed May 19, 2023
    Configuration menu
    Copy the full SHA
    d713e7b View commit details
    Browse the repository at this point in the history
  5. Configuration menu
    Copy the full SHA
    09e5389 View commit details
    Browse the repository at this point in the history
  6. Merge pull request #305 from mbaldessari/iib

    IIB Support
    mbaldessari authored May 19, 2023
    Configuration menu
    Copy the full SHA
    f4b54ae View commit details
    Browse the repository at this point in the history

Commits on May 22, 2023

  1. Improve the grepping for the operator bundle

    Without also grepping for the default_channel we can end up getting
    multiple results, which breaks everything.
    
    Tested this and it fixed the issue I was seeing with the
    openshift-gitops-operator this morning
    mbaldessari committed May 22, 2023
    Configuration menu
    Copy the full SHA
    45a5e25 View commit details
    Browse the repository at this point in the history
  2. Merge pull request #307 from mbaldessari/fix-iib1

    Improve the grepping for the operator bundle
    mbaldessari authored May 22, 2023
    Configuration menu
    Copy the full SHA
    8239ea4 View commit details
    Browse the repository at this point in the history
  3. Drop display_skipped_hosts

    display_skipped_hosts=False has a horrible side-effect:
    When a task takes a long time, it is always the *next* task and not the
    one printed on the screen/log. That is because ansible has to wait for
    the task to finish before printing it as it does not know before hand if
    the host will be skipped and hence the task should not be displayed at
    all
    mbaldessari committed May 22, 2023
    Configuration menu
    Copy the full SHA
    3c29969 View commit details
    Browse the repository at this point in the history
  4. Merge pull request #308 from mbaldessari/ansible-cfg

    Drop display_skipped_hosts
    mbaldessari authored May 22, 2023
    Configuration menu
    Copy the full SHA
    65c512a View commit details
    Browse the repository at this point in the history
  5. Configuration menu
    Copy the full SHA
    ff1eacf View commit details
    Browse the repository at this point in the history
  6. Upgrade ESO to v0.8.2

    mbaldessari committed May 22, 2023
    Configuration menu
    Copy the full SHA
    44f6d57 View commit details
    Browse the repository at this point in the history
  7. Update README.md

    mbaldessari committed May 22, 2023
    Configuration menu
    Copy the full SHA
    06698b3 View commit details
    Browse the repository at this point in the history
  8. Configuration menu
    Copy the full SHA
    9abbef7 View commit details
    Browse the repository at this point in the history
  9. Configuration menu
    Copy the full SHA
    b0e08e0 View commit details
    Browse the repository at this point in the history
  10. Move to new spec format for dex/sso

    Via https://issues.redhat.com/browse/GITOPS-2761 we are told that the
    dex configuration has a new format.
    Old format:
    
        spec:
          dex:
            openShiftOAuth: true
            resources:
            ...
    
    New format:
    
        spec:
          sso:
            provider: dex
            dex:
              openShiftOAuth: true
              resources:
              ...
    
    This format is only supported starting with gitops-1.8.0, so we should
    merge this only when we are absolutely sure that no pattern in no
    situation needs an older gitops version.
    
    Tested on MCG with gitops-1.8.2
    
    Note: with this change gitops < 1.8 is not supported. Starting with
    gitops-1.9 the old format will be unsupported.
    mbaldessari committed May 22, 2023
    Configuration menu
    Copy the full SHA
    f672950 View commit details
    Browse the repository at this point in the history
  11. Disable ArgoCD from kubeconform

    The reason is that most of the tools we used to generate the json
    schema, seem to be unmaintained, so it is getting hard to update
    our schemas in our GH org. We'll need to revisit this in the future.
    mbaldessari committed May 22, 2023
    Configuration menu
    Copy the full SHA
    8ed17fc View commit details
    Browse the repository at this point in the history
  12. Merge pull request #290 from mbaldessari/modernize-argo-sso

    Move to new spec format for dex/sso
    mbaldessari authored May 22, 2023
    Configuration menu
    Copy the full SHA
    460cc67 View commit details
    Browse the repository at this point in the history

Commits on May 24, 2023

  1. Configuration menu
    Copy the full SHA
    bf56440 View commit details
    Browse the repository at this point in the history
  2. Merge pull request #310 from mbaldessari/readme-iib

    Add a short line about username/token for the iib role on OCP <= 4.12
    mbaldessari authored May 24, 2023
    Configuration menu
    Copy the full SHA
    576c246 View commit details
    Browse the repository at this point in the history
  3. Drop https:// from podman login

    Seems we hit https://www.github.com/containers/podman/issues/13691 at
    least with older podman versions.
    
    If this turns out to break podman 4.5.0 I will special case it later
    mbaldessari committed May 24, 2023
    Configuration menu
    Copy the full SHA
    dfc504e View commit details
    Browse the repository at this point in the history
  4. Merge pull request #311 from mbaldessari/podman-version-

    Drop https:// from podman login
    mbaldessari authored May 24, 2023
    Configuration menu
    Copy the full SHA
    e01dcda View commit details
    Browse the repository at this point in the history

Commits on May 25, 2023

  1. Set the mce-subscription-spec annotation

    We set it by default to "redhat-operators" and if defined to .Values.clusterGroup.subscriptions.acm.source
    The reason we do this is the following:
    1. In a default deployment scenario MCE has to be deployed as normal
       from the redhat-operators catalogSource just as ACM is
    2. When we deploy gitops-operator from an IIB instead, MCE would be
       installed trying to get it from the IIB because
       https://www.github.com/stolostron/multiclusterhub-operator/pull/975
       made it so that it picks the latest version looking at all catalog
       sources. But since we only mirrored the gitops operator in the
       cluster, this breaks as the images for MCE from the IIB are not there
       By setting the default to "redhat-operators" we fix this case
    3. Now in the case where we want to install ACM from an IIB we need to
       be able to override this and we will pick whatever value is set in
       .Values.clusterGroup.subscriptions.acm.source, which will need to be
       defined for this to work when testing ACM+MCE from an IIB
    
    Note: Currently point 3. works only if you set it in a values file.
    Setting .Values.clusterGroup.subscriptions.acm.source via extraParams
    won't be passed down from the clusterGroup app to the applications.
    It's a bug that we need to fix.
    
    Note(2): We surround this with an 'if kindIs "map" .Values.clusterGroup.subscriptions'
    because we do not want to break things if subscription is a list and not
    a map. If we ever manage to drop subscriptions as list, then we can
    remove that if
    mbaldessari committed May 25, 2023
    Configuration menu
    Copy the full SHA
    1edf4da View commit details
    Browse the repository at this point in the history
  2. Merge pull request #312 from mbaldessari/mce-sub

    Set the mce-subscription-spec annotation
    mbaldessari authored May 25, 2023
    Configuration menu
    Copy the full SHA
    240d04b View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    5396871 View commit details
    Browse the repository at this point in the history
  4. Simplify the README a bit

    mbaldessari committed May 25, 2023
    Configuration menu
    Copy the full SHA
    058d5c6 View commit details
    Browse the repository at this point in the history
  5. Configuration menu
    Copy the full SHA
    e20c287 View commit details
    Browse the repository at this point in the history

Commits on May 30, 2023

  1. Add support for extraParams being passed down to all applications

    Via validatedpatterns/patterns-operator#74
    we add the extraParams in an extraParametersNested dictionary that holds
    the extraParams key/value pairs. If they exist, let's add them as
    parameters.
    
    This allows them to end up in the applications.
    mbaldessari committed May 30, 2023
    Configuration menu
    Copy the full SHA
    0432536 View commit details
    Browse the repository at this point in the history
  2. Merge pull request #314 from mbaldessari/fix-extraparams

    Add support for extraParams being passed down to all applications
    mbaldessari authored May 30, 2023
    Configuration menu
    Copy the full SHA
    bb8e98b View commit details
    Browse the repository at this point in the history

Commits on Jun 1, 2023

  1. Configuration menu
    Copy the full SHA
    48126e7 View commit details
    Browse the repository at this point in the history
  2. Merge pull request #315 from mbaldessari/lookup

    Add a lookup playbook to figure out IIB numbers
    mbaldessari authored Jun 1, 2023
    Configuration menu
    Copy the full SHA
    ff8bea5 View commit details
    Browse the repository at this point in the history
  3. Allow overriding channel and source when installing the patterns-oper…

    …ator
    
    This will allow us to test the patterns-operator using a different
    catalogsource (potentially installed via an IIB). So we can run:
    
    make EXTRA_HELM_OPTS="\
      --set main.extraParameters[0].name=main.patternsOperator.channel --set main.extraParameters[0].value=slow \
      --set main.extraParameters[1].name=main.patternsOperator.source --set main.extraParameters[1].value=patten-index" install
    mbaldessari committed Jun 1, 2023
    Configuration menu
    Copy the full SHA
    b1070a1 View commit details
    Browse the repository at this point in the history

Commits on Jun 2, 2023

  1. Merge pull request #316 from mbaldessari/pattern-index

    Allow overriding channel and source when installing the patterns-operator
    mbaldessari authored Jun 2, 2023
    Configuration menu
    Copy the full SHA
    35f79c0 View commit details
    Browse the repository at this point in the history

Commits on Jun 6, 2023

  1. Configuration menu
    Copy the full SHA
    8f3c407 View commit details
    Browse the repository at this point in the history
  2. Merge pull request #317 from mbaldessari/fixtypo1

    Fix small typo in iib instructions
    mbaldessari authored Jun 6, 2023
    Configuration menu
    Copy the full SHA
    b6ee6ed View commit details
    Browse the repository at this point in the history

Commits on Jun 7, 2023

  1. Configuration menu
    Copy the full SHA
    6116964 View commit details
    Browse the repository at this point in the history
  2. Merge pull request #318 from mbaldessari/drop-iib-log

    Drop a redirect and up retries when pushing the IIB to the internal registry
    mbaldessari authored Jun 7, 2023
    Configuration menu
    Copy the full SHA
    6923648 View commit details
    Browse the repository at this point in the history

Commits on Jun 15, 2023

  1. Update ESO to v0.8.3

    mbaldessari committed Jun 15, 2023
    Configuration menu
    Copy the full SHA
    6e6f258 View commit details
    Browse the repository at this point in the history
  2. Merge pull request #319 from mbaldessari/eso-0.8.3

    Update ESO to v0.8.3
    mbaldessari authored Jun 15, 2023
    Configuration menu
    Copy the full SHA
    18d2ac2 View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    2797699 View commit details
    Browse the repository at this point in the history
  4. Add tests

    mbaldessari committed Jun 15, 2023
    Configuration menu
    Copy the full SHA
    ab5532a View commit details
    Browse the repository at this point in the history
  5. Fix image and comment

    mbaldessari committed Jun 15, 2023
    Configuration menu
    Copy the full SHA
    d4d3fe1 View commit details
    Browse the repository at this point in the history

Commits on Jun 26, 2023

  1. Configuration menu
    Copy the full SHA
    598bc74 View commit details
    Browse the repository at this point in the history
  2. Make Test

    day0hero committed Jun 26, 2023
    Configuration menu
    Copy the full SHA
    64e9dc7 View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    e296fb0 View commit details
    Browse the repository at this point in the history

Commits on Jul 7, 2023

  1. Revert "Make Test"

    This reverts commit 64e9dc7.
    mbaldessari committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    1895a73 View commit details
    Browse the repository at this point in the history
  2. Revert "Adding rbac to support the vault sa checking on the vault-0 p…

    …od status."
    
    This reverts commit 598bc74.
    mbaldessari committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    08eee55 View commit details
    Browse the repository at this point in the history
  3. Revert "Fix image and comment"

    This reverts commit d4d3fe1.
    mbaldessari committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    c5aa3d2 View commit details
    Browse the repository at this point in the history
  4. Revert "Add tests"

    This reverts commit ab5532a.
    mbaldessari committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    6d4a481 View commit details
    Browse the repository at this point in the history
  5. Configuration menu
    Copy the full SHA
    3bf245b View commit details
    Browse the repository at this point in the history
  6. Increase the default retry limit when syncing

    ArgoCD will retry 5 times by default to sync an application in case of
    errors and then will give up. So if an application contains a reference
    to a CRD that has not been installed yet (say because it will be
    installed by another application), it will error out and retry later.
    This happens by default for a maximum of 5 times [1]. After those 5 times
    the application will give up and will stay in Degraded moded and
    eventually move to Failed. In this case a manual sync will usually fix
    the application just fine (i.e. as long as the missing CRD has been
    installed in the meantime).
    
    Now to solve this issue we can add complex preSync Jobs that wait for
    the needed resources, but this fundamentally breaks the simplicity of
    things and introduces unneeded dependencies. In this change we just
    increase the default retry limit to something larger (20) that should
    cover most cases. The retry limit functionality is rather undocumented
    currently in the docs but is defined at [2] and also shown at [3].
    
    In our patterns' case the concrete issue happened as follows:
    1. ESO ClusterSecrets were often not synced/degraded
    2. We introduced a Job in a preSync hook for the ESO chart that would
       wait on vault to be ready before applying the rest of ESO
    3. MCG started failing because the config-demo app had already tried to
       sync 5 times and failed everytime because the ESO CRDs were not
       installed yet (due to ESO waiting on vault)
    
    So instead of adding yet another job, let's just try a lot more often.
    We picked 20 as a sane default because that should have argo try for
    about 60 minutes (3min is the default maximum backoff limit)
    
    Tested with two MCG installations (with the ESO Job hook included) and
    both worked out of the box. Whereas before I managed to get three
    failures out of three installs.
    
    [1] https://github.com/argoproj/argo-cd/blob/master/controller/appcontroller.go#L1680
    [2] https://github.com/argoproj/argo-cd/blob/master/manifests/crds/application-crd.yaml#L1476
    [3] https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/application.yaml#L202C18-L202C100
    mbaldessari committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    0ae561b View commit details
    Browse the repository at this point in the history

Commits on Jul 8, 2023

  1. Add Changes.md entry

    mbaldessari committed Jul 8, 2023
    Configuration menu
    Copy the full SHA
    66d456d View commit details
    Browse the repository at this point in the history
  2. Merge pull request #323 from mbaldessari/retry-final

    Revert ESO/Vault Job and add a default higher number of retries
    mbaldessari authored Jul 8, 2023
    Configuration menu
    Copy the full SHA
    0c1d103 View commit details
    Browse the repository at this point in the history
  3. common automatic update (#84)

    * Updated namespaces template to include labels and annotations functionality
    
    * Added schema validation to support additional formal for labels and annotations
    
    * Updated the values-example.yaml to include new format for namespaces
    
    * Updated Changes.md to include new namespaces functionality.
    
    * Updating CI tests
    
    * Fixed Markdown errors
    
    * Add an experimental letsencypt chart
    
    This change adds an experimental letsencrypt chart that allows a pattern
    user/developer to have all routes and the API endpoint use signed
    certificates by letsencrypt.
    
    At this stage only AWS is supported. The full documentation is contained
    in the chart's README.md file
    
    * Do not run kubeconform on the certificate stuff just yet
    
    * Fix up kustomize example
    
    In the same vein as Industrial Edge 57f41dc135f72011d3796fe42d9cbf05d2b82052
    we call kustomize build.
    
    Newer gitops versions dropped the openshift-clients rpm by default which
    contained kubectl. Let's just invoke "kustomize" directly as the binary
    is present in both old and new gitops versions
    
    Since "kubectl kustomize" builds the set of resources by default, we
    need to switch to "kubectl build" by default
    
    We also use the same naming conventions used in Industrial Edge while
    we're at it.
    
    * Upgrade vault-helm to v0.24.0
    
    Tested on MCG with hub and spoke
    
    * Add a hello-world ansible playbook example
    
    Just a simple example that reads a helm value and puts it in a configmap
    
    * Inject ANSIBLE_CONFIG in make ansible-lint
    
    * Use new ansible-lint action
    
    * Fix some ansible-lint warnings
    
    * Fix up python versions
    
    * Skip cannot find role error
    
    Avoid checking those two playbooks the action seems to be too limited
    to understand where the ansible.cfg is
    
    * Added health check for pvc resource in argocd.yaml
    
    This allows argo to continue rolling out the rest of the applications.
    Without the health check the application is stuck in a progressing state
    and will not continue thus preventing any downstream application from
    deploying.
    
    * adding tests
    
    * Update super-linter image to latest
    
    * Update super-linter image to latest
    
    * Update CI workflows
    
    * updated template with why implemented comment
    
    * Add dependabot settings for github actions
    
    * adding tests
    
    * - Added functionality to support the following format for labels and annotations:
          labels:
            openshift.io/node-selector: ""
          annotations:
            openshift.io/cluster-monitoring: "true"
    
    * Fixed CI Issues
    
    * Applying @claudiol recommendation
    
    * make test
    
    * Avoid exited containers proliferation
    
    When running the `pattern.sh` script multiple times, a lot of
    podman exited containers will be left on the machine, adding
    `--rm` parameter to `podman run` makes podman automatically
    delete the exited containers leaving the machine cleaner.
    
    * Handling of pre-release builds is too complex for a helm chart
    
    Generating the ICSP and allowing insecure registries is best done prior
    to helm upgrade, and requires VPN access to registry-proxy.engineering.redhat.com
    
    * Fixing issues with operator groups
    
    * Adding CI test
    
    * Updated operator group template
    
    * Updating CI issues
    
    * Removed duplicate code for operatorgroup by using multiple conditions
    
    * Allow overriding the pattern's name
    
    This is especially useful when multiple people are working on a pattern
    an have been using different names:
    
        $ make help |grep Pattern:
        Pattern: multicloud-gitops
        $ make NAME=foobar help |grep Pattern:
        Pattern: foobar
    
    * Add precise instruction to upgrade the vault subchart
    
    * Upgrade vault-helm to v0.24.1
    
    * Add an item to README.md
    
    * Fix up common/ tests
    
    * Fix super linter
    
    * Set gitOpsSpec.operatorSource
    
    After merging validatedpatterns/patterns-operator@235b303
    it is now effectively possible to pick a different catalogSource for
    the gitops operator. This is needed in order to allow CI to install
    the gitops operator from an IIB
    
    * Introduce EXTRA_HELM_OPTS
    
    This variable can be set in order to pass additional helm arguments from the
    the command line. I.e. we can set things without having to tweak values files
    So it is now possible to run something like the following:
    
      ./pattern.sh make install \
      EXTRA_HELM_OPTS="--set main.gitops.operatorSource=iib-49232"
    
    * Disable var-naming[no-role-prefix] in ansible lint
    
    * Add new ansible role to deal with IIBs
    
    * Simplify load-iib target
    
    * Add templates folder
    
    * Fix a couple of linting warnings
    
    * Fix some super-linter complaints
    
    * Skip the iib-ci playbook
    
    * Drop var-naming[no-role-prefix] linter
    
    * Allow for multiple images when calling load-iib
    
    * Add help for load-iib
    
    * Output index_image in make
    
    * Output index_image in make (2)
    
    * Set facts later in the playbook not in defaults/
    
    * Fix how we export vars in make load-iib
    
    * Fix how we export vars in make load-iib (2)
    
    * Use machineCount to register the number of nodes that need to be ready
    
    * Add helpful debug messages
    
    * Add | on shell now that we call pipefail
    
    * Test dropping nevercontact source
    
    * Skip insecure tls when logging in
    
    * Also allow gchr.io
    
    * Revert "Test dropping nevercontact source"
    
    This reverts commit d8746a37fce2663018f52203c892f00b825e32a7.
    
    * Fix typo
    
    * Clarify instructions in the README file
    
    * Automate the channel example
    
    * Find out KUBEADMINAPI programmatically
    
    * Use command instead of shell
    
    * Do not grep for operator bundle unless it is the gitops operator
    
    * Also whitelist ghcr.io
    
    * Fetch the operator bundle itself in a more robust way
    
    It seems that the operator bundle image itself is nowhere to be found
    inside any OCP cluster object (it's not in packagemanifests nor
    catalogsource). Resorting to parsing the IIB via opm alpha commands
    to fetch the exact image.
    
    * Add more mirrors
    
    * Some more work to support MCE
    
    * Cleanup spacing
    
    * Fix super-linter
    
    * Move task in right folder
    
    * Drop last mention of operator instead of item
    
    * Improve the grepping for the operator bundle
    
    Without also grepping for the default_channel we can end up getting
    multiple results, which breaks everything.
    
    Tested this and it fixed the issue I was seeing with the
    openshift-gitops-operator this morning
    
    * Drop display_skipped_hosts
    
    display_skipped_hosts=False has a horrible side-effect:
    When a task takes a long time, it is always the *next* task and not the
    one printed on the screen/log. That is because ansible has to wait for
    the task to finish before printing it as it does not know before hand if
    the host will be skipped and hence the task should not be displayed at
    all
    
    * Be more specific about the steps in the README
    
    * Upgrade ESO to v0.8.2
    
    * Update README.md
    
    * Update tests after eso 0.8.2 upgrade
    
    * Move to new spec format for dex/sso
    
    Via https://issues.redhat.com/browse/GITOPS-2761 we are told that the
    dex configuration has a new format.
    Old format:
    
        spec:
          dex:
            openShiftOAuth: true
            resources:
            ...
    
    New format:
    
        spec:
          sso:
            provider: dex
            dex:
              openShiftOAuth: true
              resources:
              ...
    
    This format is only supported starting with gitops-1.8.0, so we should
    merge this only when we are absolutely sure that no pattern in no
    situation needs an older gitops version.
    
    Tested on MCG with gitops-1.8.2
    
    Note: with this change gitops < 1.8 is not supported. Starting with
    gitops-1.9 the old format will be unsupported.
    
    * Disable ArgoCD from kubeconform
    
    The reason is that most of the tools we used to generate the json
    schema, seem to be unmaintained, so it is getting hard to update
    our schemas in our GH org. We'll need to revisit this in the future.
    
    * Add a short line about username/token for the iib role on OCP <= 4.12
    
    * Drop https:// from podman login
    
    Seems we hit https://www.github.com/containers/podman/issues/13691 at
    least with older podman versions.
    
    If this turns out to break podman 4.5.0 I will special case it later
    
    * Set the mce-subscription-spec annotation
    
    We set it by default to "redhat-operators" and if defined to .Values.clusterGroup.subscriptions.acm.source
    The reason we do this is the following:
    1. In a default deployment scenario MCE has to be deployed as normal
       from the redhat-operators catalogSource just as ACM is
    2. When we deploy gitops-operator from an IIB instead, MCE would be
       installed trying to get it from the IIB because
       https://www.github.com/stolostron/multiclusterhub-operator/pull/975
       made it so that it picks the latest version looking at all catalog
       sources. But since we only mirrored the gitops operator in the
       cluster, this breaks as the images for MCE from the IIB are not there
       By setting the default to "redhat-operators" we fix this case
    3. Now in the case where we want to install ACM from an IIB we need to
       be able to override this and we will pick whatever value is set in
       .Values.clusterGroup.subscriptions.acm.source, which will need to be
       defined for this to work when testing ACM+MCE from an IIB
    
    Note: Currently point 3. works only if you set it in a values file.
    Setting .Values.clusterGroup.subscriptions.acm.source via extraParams
    won't be passed down from the clusterGroup app to the applications.
    It's a bug that we need to fix.
    
    Note(2): We surround this with an 'if kindIs "map" .Values.clusterGroup.subscriptions'
    because we do not want to break things if subscription is a list and not
    a map. If we ever manage to drop subscriptions as list, then we can
    remove that if
    
    * Fix typo in README for iib
    
    * Simplify the README a bit
    
    * Add support for extraParams being passed down to all applications
    
    Via validatedpatterns/patterns-operator#74
    we add the extraParams in an extraParametersNested dictionary that holds
    the extraParams key/value pairs. If they exist, let's add them as
    parameters.
    
    This allows them to end up in the applications.
    
    * Add a lookup playbook to figure out IIB numbers
    
    * Allow overriding channel and source when installing the patterns-operator
    
    This will allow us to test the patterns-operator using a different
    catalogsource (potentially installed via an IIB). So we can run:
    
    make EXTRA_HELM_OPTS="\
      --set main.extraParameters[0].name=main.patternsOperator.channel --set main.extraParameters[0].value=slow \
      --set main.extraParameters[1].name=main.patternsOperator.source --set main.extraParameters[1].value=patten-index" install
    
    * Fix small typo in iib instructions
    
    * Drop a redirect and up retries when pushing the IIB to the internal registry
    
    * Update ESO to v0.8.3
    
    * WIP add presync for eso that waits for vault to be up
    
    * Add tests
    
    * Fix image and comment
    
    * Adding rbac to support the vault sa checking on the vault-0 pod status.
    
    * Make Test
    
    * Revert "Make Test"
    
    This reverts commit 64e9dc7.
    
    * Revert "Adding rbac to support the vault sa checking on the vault-0 pod status."
    
    This reverts commit 598bc74.
    
    * Revert "Fix image and comment"
    
    This reverts commit d4d3fe1.
    
    * Revert "Add tests"
    
    This reverts commit ab5532a.
    
    * Revert "WIP add presync for eso that waits for vault to be up"
    
    This reverts commit 2797699.
    
    * Increase the default retry limit when syncing
    
    ArgoCD will retry 5 times by default to sync an application in case of
    errors and then will give up. So if an application contains a reference
    to a CRD that has not been installed yet (say because it will be
    installed by another application), it will error out and retry later.
    This happens by default for a maximum of 5 times [1]. After those 5 times
    the application will give up and will stay in Degraded moded and
    eventually move to Failed. In this case a manual sync will usually fix
    the application just fine (i.e. as long as the missing CRD has been
    installed in the meantime).
    
    Now to solve this issue we can add complex preSync Jobs that wait for
    the needed resources, but this fundamentally breaks the simplicity of
    things and introduces unneeded dependencies. In this change we just
    increase the default retry limit to something larger (20) that should
    cover most cases. The retry limit functionality is rather undocumented
    currently in the docs but is defined at [2] and also shown at [3].
    
    In our patterns' case the concrete issue happened as follows:
    1. ESO ClusterSecrets were often not synced/degraded
    2. We introduced a Job in a preSync hook for the ESO chart that would
       wait on vault to be ready before applying the rest of ESO
    3. MCG started failing because the config-demo app had already tried to
       sync 5 times and failed everytime because the ESO CRDs were not
       installed yet (due to ESO waiting on vault)
    
    So instead of adding yet another job, let's just try a lot more often.
    We picked 20 as a sane default because that should have argo try for
    about 60 minutes (3min is the default maximum backoff limit)
    
    Tested with two MCG installations (with the ESO Job hook included) and
    both worked out of the box. Whereas before I managed to get three
    failures out of three installs.
    
    [1] https://github.com/argoproj/argo-cd/blob/master/controller/appcontroller.go#L1680
    [2] https://github.com/argoproj/argo-cd/blob/master/manifests/crds/application-crd.yaml#L1476
    [3] https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/application.yaml#L202C18-L202C100
    
    * Add Changes.md entry
    
    * Fix up tests after common rebase
    
    ---------
    
    Co-authored-by: Lester Claudio <claudiol@redhat.com>
    Co-authored-by: day0hero <jonny@redhat.com>
    Co-authored-by: Lorenzo Dalrio <ldalrio@redhat.com>
    Co-authored-by: Andrew Beekhof <andrew@beekhof.net>
    Co-authored-by: Martin Jackson <mhjacks@redhat.com>
    Co-authored-by: jonny <65790298+day0hero@users.noreply.github.com>
    7 people authored Jul 8, 2023
    Configuration menu
    Copy the full SHA
    7ed309b View commit details
    Browse the repository at this point in the history

Commits on Jul 9, 2023

  1. Odf update (#85)

    * Updated namespaces template to include labels and annotations functionality
    
    * Added schema validation to support additional formal for labels and annotations
    
    * Updated the values-example.yaml to include new format for namespaces
    
    * Updated Changes.md to include new namespaces functionality.
    
    * Updating CI tests
    
    * Fixed Markdown errors
    
    * Add an experimental letsencypt chart
    
    This change adds an experimental letsencrypt chart that allows a pattern
    user/developer to have all routes and the API endpoint use signed
    certificates by letsencrypt.
    
    At this stage only AWS is supported. The full documentation is contained
    in the chart's README.md file
    
    * Do not run kubeconform on the certificate stuff just yet
    
    * Fix up kustomize example
    
    In the same vein as Industrial Edge 57f41dc135f72011d3796fe42d9cbf05d2b82052
    we call kustomize build.
    
    Newer gitops versions dropped the openshift-clients rpm by default which
    contained kubectl. Let's just invoke "kustomize" directly as the binary
    is present in both old and new gitops versions
    
    Since "kubectl kustomize" builds the set of resources by default, we
    need to switch to "kubectl build" by default
    
    We also use the same naming conventions used in Industrial Edge while
    we're at it.
    
    * Upgrade vault-helm to v0.24.0
    
    Tested on MCG with hub and spoke
    
    * Add a hello-world ansible playbook example
    
    Just a simple example that reads a helm value and puts it in a configmap
    
    * Inject ANSIBLE_CONFIG in make ansible-lint
    
    * Use new ansible-lint action
    
    * Fix some ansible-lint warnings
    
    * Fix up python versions
    
    * Skip cannot find role error
    
    Avoid checking those two playbooks the action seems to be too limited
    to understand where the ansible.cfg is
    
    * Added health check for pvc resource in argocd.yaml
    
    This allows argo to continue rolling out the rest of the applications.
    Without the health check the application is stuck in a progressing state
    and will not continue thus preventing any downstream application from
    deploying.
    
    * adding tests
    
    * Update super-linter image to latest
    
    * Update super-linter image to latest
    
    * Update CI workflows
    
    * updated template with why implemented comment
    
    * Add dependabot settings for github actions
    
    * adding tests
    
    * - Added functionality to support the following format for labels and annotations:
          labels:
            openshift.io/node-selector: ""
          annotations:
            openshift.io/cluster-monitoring: "true"
    
    * Fixed CI Issues
    
    * Applying @claudiol recommendation
    
    * make test
    
    * Avoid exited containers proliferation
    
    When running the `pattern.sh` script multiple times, a lot of
    podman exited containers will be left on the machine, adding
    `--rm` parameter to `podman run` makes podman automatically
    delete the exited containers leaving the machine cleaner.
    
    * Handling of pre-release builds is too complex for a helm chart
    
    Generating the ICSP and allowing insecure registries is best done prior
    to helm upgrade, and requires VPN access to registry-proxy.engineering.redhat.com
    
    * Fixing issues with operator groups
    
    * Adding CI test
    
    * Updated operator group template
    
    * Updating CI issues
    
    * Removed duplicate code for operatorgroup by using multiple conditions
    
    * Allow overriding the pattern's name
    
    This is especially useful when multiple people are working on a pattern
    an have been using different names:
    
        $ make help |grep Pattern:
        Pattern: multicloud-gitops
        $ make NAME=foobar help |grep Pattern:
        Pattern: foobar
    
    * Add precise instruction to upgrade the vault subchart
    
    * Upgrade vault-helm to v0.24.1
    
    * Add an item to README.md
    
    * Fix up common/ tests
    
    * Fix super linter
    
    * Set gitOpsSpec.operatorSource
    
    After merging validatedpatterns/patterns-operator@235b303
    it is now effectively possible to pick a different catalogSource for
    the gitops operator. This is needed in order to allow CI to install
    the gitops operator from an IIB
    
    * Introduce EXTRA_HELM_OPTS
    
    This variable can be set in order to pass additional helm arguments from the
    the command line. I.e. we can set things without having to tweak values files
    So it is now possible to run something like the following:
    
      ./pattern.sh make install \
      EXTRA_HELM_OPTS="--set main.gitops.operatorSource=iib-49232"
    
    * Disable var-naming[no-role-prefix] in ansible lint
    
    * Add new ansible role to deal with IIBs
    
    * Simplify load-iib target
    
    * Add templates folder
    
    * Fix a couple of linting warnings
    
    * Fix some super-linter complaints
    
    * Skip the iib-ci playbook
    
    * Drop var-naming[no-role-prefix] linter
    
    * Allow for multiple images when calling load-iib
    
    * Add help for load-iib
    
    * Output index_image in make
    
    * Output index_image in make (2)
    
    * Set facts later in the playbook not in defaults/
    
    * Fix how we export vars in make load-iib
    
    * Fix how we export vars in make load-iib (2)
    
    * Use machineCount to register the number of nodes that need to be ready
    
    * Add helpful debug messages
    
    * Add | on shell now that we call pipefail
    
    * Test dropping nevercontact source
    
    * Skip insecure tls when logging in
    
    * Also allow gchr.io
    
    * Revert "Test dropping nevercontact source"
    
    This reverts commit d8746a37fce2663018f52203c892f00b825e32a7.
    
    * Fix typo
    
    * Clarify instructions in the README file
    
    * Automate the channel example
    
    * Find out KUBEADMINAPI programmatically
    
    * Use command instead of shell
    
    * Do not grep for operator bundle unless it is the gitops operator
    
    * Also whitelist ghcr.io
    
    * Fetch the operator bundle itself in a more robust way
    
    It seems that the operator bundle image itself is nowhere to be found
    inside any OCP cluster object (it's not in packagemanifests nor
    catalogsource). Resorting to parsing the IIB via opm alpha commands
    to fetch the exact image.
    
    * Add more mirrors
    
    * Some more work to support MCE
    
    * Cleanup spacing
    
    * Fix super-linter
    
    * Move task in right folder
    
    * Drop last mention of operator instead of item
    
    * Improve the grepping for the operator bundle
    
    Without also grepping for the default_channel we can end up getting
    multiple results, which breaks everything.
    
    Tested this and it fixed the issue I was seeing with the
    openshift-gitops-operator this morning
    
    * Drop display_skipped_hosts
    
    display_skipped_hosts=False has a horrible side-effect:
    When a task takes a long time, it is always the *next* task and not the
    one printed on the screen/log. That is because ansible has to wait for
    the task to finish before printing it as it does not know before hand if
    the host will be skipped and hence the task should not be displayed at
    all
    
    * Be more specific about the steps in the README
    
    * Upgrade ESO to v0.8.2
    
    * Update README.md
    
    * Update tests after eso 0.8.2 upgrade
    
    * Move to new spec format for dex/sso
    
    Via https://issues.redhat.com/browse/GITOPS-2761 we are told that the
    dex configuration has a new format.
    Old format:
    
        spec:
          dex:
            openShiftOAuth: true
            resources:
            ...
    
    New format:
    
        spec:
          sso:
            provider: dex
            dex:
              openShiftOAuth: true
              resources:
              ...
    
    This format is only supported starting with gitops-1.8.0, so we should
    merge this only when we are absolutely sure that no pattern in no
    situation needs an older gitops version.
    
    Tested on MCG with gitops-1.8.2
    
    Note: with this change gitops < 1.8 is not supported. Starting with
    gitops-1.9 the old format will be unsupported.
    
    * Disable ArgoCD from kubeconform
    
    The reason is that most of the tools we used to generate the json
    schema, seem to be unmaintained, so it is getting hard to update
    our schemas in our GH org. We'll need to revisit this in the future.
    
    * Add a short line about username/token for the iib role on OCP <= 4.12
    
    * Drop https:// from podman login
    
    Seems we hit https://www.github.com/containers/podman/issues/13691 at
    least with older podman versions.
    
    If this turns out to break podman 4.5.0 I will special case it later
    
    * Set the mce-subscription-spec annotation
    
    We set it by default to "redhat-operators" and if defined to .Values.clusterGroup.subscriptions.acm.source
    The reason we do this is the following:
    1. In a default deployment scenario MCE has to be deployed as normal
       from the redhat-operators catalogSource just as ACM is
    2. When we deploy gitops-operator from an IIB instead, MCE would be
       installed trying to get it from the IIB because
       https://www.github.com/stolostron/multiclusterhub-operator/pull/975
       made it so that it picks the latest version looking at all catalog
       sources. But since we only mirrored the gitops operator in the
       cluster, this breaks as the images for MCE from the IIB are not there
       By setting the default to "redhat-operators" we fix this case
    3. Now in the case where we want to install ACM from an IIB we need to
       be able to override this and we will pick whatever value is set in
       .Values.clusterGroup.subscriptions.acm.source, which will need to be
       defined for this to work when testing ACM+MCE from an IIB
    
    Note: Currently point 3. works only if you set it in a values file.
    Setting .Values.clusterGroup.subscriptions.acm.source via extraParams
    won't be passed down from the clusterGroup app to the applications.
    It's a bug that we need to fix.
    
    Note(2): We surround this with an 'if kindIs "map" .Values.clusterGroup.subscriptions'
    because we do not want to break things if subscription is a list and not
    a map. If we ever manage to drop subscriptions as list, then we can
    remove that if
    
    * Fix typo in README for iib
    
    * Simplify the README a bit
    
    * Add support for extraParams being passed down to all applications
    
    Via validatedpatterns/patterns-operator#74
    we add the extraParams in an extraParametersNested dictionary that holds
    the extraParams key/value pairs. If they exist, let's add them as
    parameters.
    
    This allows them to end up in the applications.
    
    * Add a lookup playbook to figure out IIB numbers
    
    * Allow overriding channel and source when installing the patterns-operator
    
    This will allow us to test the patterns-operator using a different
    catalogsource (potentially installed via an IIB). So we can run:
    
    make EXTRA_HELM_OPTS="\
      --set main.extraParameters[0].name=main.patternsOperator.channel --set main.extraParameters[0].value=slow \
      --set main.extraParameters[1].name=main.patternsOperator.source --set main.extraParameters[1].value=patten-index" install
    
    * Fix small typo in iib instructions
    
    * Drop a redirect and up retries when pushing the IIB to the internal registry
    
    * Update ESO to v0.8.3
    
    * WIP add presync for eso that waits for vault to be up
    
    * Add tests
    
    * Fix image and comment
    
    * Adding rbac to support the vault sa checking on the vault-0 pod status.
    
    * Make Test
    
    * Removed previous version of common to convert to subtree from https://github.com/hybrid-cloud-patterns/common.git main
    
    * updated script to check for new status
    
    * make test
    
    * make test and remove presync checks for eso
    
    * make test
    
    * make test
    
    ---------
    
    Co-authored-by: Lester Claudio <claudiol@redhat.com>
    Co-authored-by: Michele Baldessari <michele@acksyn.org>
    Co-authored-by: Lorenzo Dalrio <ldalrio@redhat.com>
    Co-authored-by: Andrew Beekhof <andrew@beekhof.net>
    Co-authored-by: Martin Jackson <mhjacks@redhat.com>
    6 people authored Jul 9, 2023
    Configuration menu
    Copy the full SHA
    f247f63 View commit details
    Browse the repository at this point in the history

Commits on Jul 11, 2023

  1. Split off global helm variables to a helper definition

    We can only split out bits of yaml that reference $.* variables. This is
    because these sinppets in _helpers.tbl are passed a single context
    either $ or . and cannot use both like the top-level domain.
    mbaldessari committed Jul 11, 2023
    Configuration menu
    Copy the full SHA
    54056c7 View commit details
    Browse the repository at this point in the history
  2. Switch ApplicationSets to use the newly-introduced helpers

    I only remove the variables that are defined identically in
    ApplicationSet and in the helper. Leaving the other ones as is
    as their presence is not entirely clear to me and I do not want to
    risk breaking things.
    mbaldessari committed Jul 11, 2023
    Configuration menu
    Copy the full SHA
    fdee136 View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    4e1f360 View commit details
    Browse the repository at this point in the history
  4. Configuration menu
    Copy the full SHA
    35e7990 View commit details
    Browse the repository at this point in the history
  5. Drop some older comments

    mbaldessari committed Jul 11, 2023
    Configuration menu
    Copy the full SHA
    e85c3ab View commit details
    Browse the repository at this point in the history
  6. Configuration menu
    Copy the full SHA
    eb791ba View commit details
    Browse the repository at this point in the history

Commits on Jul 13, 2023

  1. Tweak the load secret debug message to be clearer

    When HOME is set we replace it with '~' in this debug message
    because when run from inside the container the HOME is /pattern-home
    which is confusing for users. Printing out '~' when at the start of
    the string is less confusing.
    
    Before:
    ok: [localhost] => {
        "msg": "/home/michele/.config/hybrid-cloud-patterns/values-secret-multicloud-gitops.yaml"
    }
    
    After:
    ok: [localhost] => {
        "msg": "~/.config/hybrid-cloud-patterns/values-secret-multicloud-gitops.yaml"
    }
    mbaldessari committed Jul 13, 2023
    Configuration menu
    Copy the full SHA
    16fab03 View commit details
    Browse the repository at this point in the history
  2. Merge pull request #325 from mbaldessari/fix-found-fileoutput

    Tweak the load secret debug message to be clearer
    mbaldessari authored Jul 13, 2023
    Configuration menu
    Copy the full SHA
    5219947 View commit details
    Browse the repository at this point in the history

Commits on Jul 14, 2023

  1. Check if the KUBECONFIG file is pointing outside of the HOME folder

    If it is somewhere under /tmp or out of the HOME folder, bail out
    explaining why. This has caused a few silly situations where the user
    would save the KUBECONFIG file under /tmp. Since bind-mounting /tmp
    seems like a wrong thing to do in general, we at least bail out with a
    clear error message. To do this we rely on a bash functionality so let's
    just switch the script to use that.
    
    Tested as follows:
    export KUBECONFIG=/tmp/kubeconfig
    ./scripts/pattern-util.sh make help
    /tmp/kubeconfig is pointing outside of the HOME folder, this will make it unavailable from the container.
    Please move it somewhere inside your /home/michele folder, as that is what gets bind-mounted inside the container
    
    export KUBECONFIG=~/kubeconfig
    ./scripts/pattern-util.sh make help
    Pattern: common
    
    Usage:
      make <target>
    ...
    mbaldessari committed Jul 14, 2023
    Configuration menu
    Copy the full SHA
    6e31814 View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    4193c08 View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    ad39f4d View commit details
    Browse the repository at this point in the history
  4. Configuration menu
    Copy the full SHA
    b087e87 View commit details
    Browse the repository at this point in the history
  5. Update provisioning tests

    beekhof committed Jul 14, 2023
    Configuration menu
    Copy the full SHA
    38d83ec View commit details
    Browse the repository at this point in the history
  6. Merge pull request #327 from beekhof/provision-sno

    Provision sno
    beekhof authored Jul 14, 2023
    Configuration menu
    Copy the full SHA
    4a0d715 View commit details
    Browse the repository at this point in the history
  7. Configuration menu
    Copy the full SHA
    fa6865c View commit details
    Browse the repository at this point in the history
  8. Merge pull request #328 from hybrid-cloud-patterns/standby-pool

    Sanely handle cluster pools with no clusters (yet)
    mbaldessari authored Jul 14, 2023
    Configuration menu
    Copy the full SHA
    b071b89 View commit details
    Browse the repository at this point in the history

Commits on Jul 16, 2023

  1. Clustergroup Chart.yaml name change

    We currently have a small inconsistency where we use common/clustergroup
    in order to point Argo CD to this chart, but the name inside the chart
    is 'pattern-clustergroup'.
    
    This inconsistency is currently irrelevant, but in the future when
    migrating to helm charts inside proper helm repos, this becomes
    problematic. So let's fix the name to be the same as the folder.
    
    Tested on MCG successfully.
    mbaldessari committed Jul 16, 2023
    Configuration menu
    Copy the full SHA
    c220a68 View commit details
    Browse the repository at this point in the history
  2. Merge pull request #330 from mbaldessari/clustergroup-name

    Clustergroup Chart.yaml name change
    mbaldessari authored Jul 16, 2023
    Configuration menu
    Copy the full SHA
    6e6824d View commit details
    Browse the repository at this point in the history

Commits on Jul 18, 2023

  1. Merge pull request #326 from mbaldessari/small-uxfix

    Check if the KUBECONFIG file is inside /tmp
    day0hero authored Jul 18, 2023
    Configuration menu
    Copy the full SHA
    29a5843 View commit details
    Browse the repository at this point in the history

Commits on Jul 19, 2023

  1. Fix the clusterPoolName in clusterClaims

    Currently with the following values snippet:
    
      managedClusterGroups:
        exampleRegion:
          name: group-one
          acmlabels:
          - name: clusterGroup
            value: group-one
          helmOverrides:
          - name: clusterGroup.isHubCluster
            value: false
          clusterPools:
            exampleAWSPool:
              size: 1
              name: aws-ap-bandini
              openshiftVersion: 4.12.24
              baseDomain: blueprints.rhecoeng.com
              controlPlane:
                count: 1
                platform:
                  aws:
                    type: m5.2xlarge
              workers:
                count: 0
              platform:
                aws:
                  region: ap-southeast-2
              clusters:
              - One
    
    You will get a clusterClaim that is pointing to the wrong Pool:
    NAMESPACE                 NAME                       POOL
    open-cluster-management   one-group-one              aws-ap-bandini
    
    This is wrong because the clusterPool name will be generated using the
    pool name + "-" group name:
    
      {{- $pool := . }}
      {{- $poolName := print .name "-" $group.name }}
    
    But the clusterPoolName inside the clusterName is only using the
    "$pool.name" which will make the clusterClaim ineffective as the pool
    does not exist.
    
    Switch to using the same poolName that is being used when creating the
    clusterPool.
    mbaldessari committed Jul 19, 2023
    Configuration menu
    Copy the full SHA
    21c534c View commit details
    Browse the repository at this point in the history
  2. Merge pull request #331 from mbaldessari/clusterclaim-fix

    Fix the clusterPoolName in clusterClaims
    mbaldessari authored Jul 19, 2023
    Configuration menu
    Copy the full SHA
    e0d7954 View commit details
    Browse the repository at this point in the history

Commits on Jul 24, 2023

  1. Add some comments to make if/else and loops clearer

    Let's improve readability by adding some comments to point out which
    flow constructs are being ended.
    mbaldessari committed Jul 24, 2023
    Configuration menu
    Copy the full SHA
    4c05974 View commit details
    Browse the repository at this point in the history
  2. Merge pull request #332 from mbaldessari/comments

    Add some comments to make if/else and loops clearer
    mbaldessari authored Jul 24, 2023
    Configuration menu
    Copy the full SHA
    36d679a View commit details
    Browse the repository at this point in the history

Commits on Jul 27, 2023

  1. Configuration menu
    Copy the full SHA
    dd3cdcb View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    5f33f33 View commit details
    Browse the repository at this point in the history
  3. Split out values files to a helper for the acm chart

    Just like we did for the clustergroup chart, let's split the values
    file list into a dedicated helper. This time since there are no global
    variables we include it with the current context and not with the '$'
    context.
    
    Tested with MCG: hub and spoke. Correctly observed all the applications
    running on the spoke.
    mbaldessari committed Jul 27, 2023
    Configuration menu
    Copy the full SHA
    91f3ef0 View commit details
    Browse the repository at this point in the history
  4. Fix up tests

    They changed because we made the list indentation more correct (two
    extra spaces to the left)
    mbaldessari committed Jul 27, 2023
    Configuration menu
    Copy the full SHA
    17697e5 View commit details
    Browse the repository at this point in the history
  5. Configuration menu
    Copy the full SHA
    3bd8487 View commit details
    Browse the repository at this point in the history

Commits on Jul 28, 2023

  1. Configuration menu
    Copy the full SHA
    669ff92 View commit details
    Browse the repository at this point in the history

Commits on Jul 30, 2023

  1. Merge pull request #334 from stocky37/fix-vault-unseal-ansible

    Fix sa/namespace mixup in vault_spokes_init
    mbaldessari authored Jul 30, 2023
    Configuration menu
    Copy the full SHA
    d7994cb View commit details
    Browse the repository at this point in the history

Commits on Jul 31, 2023

  1. Update local patch

    Also set seccompProfile to null to make things work on OCP 4.10
    mbaldessari committed Jul 31, 2023
    Configuration menu
    Copy the full SHA
    5cb41a3 View commit details
    Browse the repository at this point in the history
  2. Update ESO to 0.8.5

    mbaldessari committed Jul 31, 2023
    Configuration menu
    Copy the full SHA
    9d2df97 View commit details
    Browse the repository at this point in the history
  3. Tweak ESO UBI images

    Tested the ESO upgrade on MCG on both 4.10 and 4.13
    mbaldessari committed Jul 31, 2023
    Configuration menu
    Copy the full SHA
    e720991 View commit details
    Browse the repository at this point in the history
  4. Merge pull request #335 from mbaldessari/fix-eso

    Upgrade ESO to v0.8.5
    mbaldessari authored Jul 31, 2023
    Configuration menu
    Copy the full SHA
    15363f6 View commit details
    Browse the repository at this point in the history
  5. Configuration menu
    Copy the full SHA
    4cbef5e View commit details
    Browse the repository at this point in the history
  6. Update Common (#87)

    * Updated namespaces template to include labels and annotations functionality
    
    * Added schema validation to support additional formal for labels and annotations
    
    * Updated the values-example.yaml to include new format for namespaces
    
    * Updated Changes.md to include new namespaces functionality.
    
    * Updating CI tests
    
    * Fixed Markdown errors
    
    * Add an experimental letsencypt chart
    
    This change adds an experimental letsencrypt chart that allows a pattern
    user/developer to have all routes and the API endpoint use signed
    certificates by letsencrypt.
    
    At this stage only AWS is supported. The full documentation is contained
    in the chart's README.md file
    
    * Do not run kubeconform on the certificate stuff just yet
    
    * Fix up kustomize example
    
    In the same vein as Industrial Edge 57f41dc135f72011d3796fe42d9cbf05d2b82052
    we call kustomize build.
    
    Newer gitops versions dropped the openshift-clients rpm by default which
    contained kubectl. Let's just invoke "kustomize" directly as the binary
    is present in both old and new gitops versions
    
    Since "kubectl kustomize" builds the set of resources by default, we
    need to switch to "kubectl build" by default
    
    We also use the same naming conventions used in Industrial Edge while
    we're at it.
    
    * Upgrade vault-helm to v0.24.0
    
    Tested on MCG with hub and spoke
    
    * Add a hello-world ansible playbook example
    
    Just a simple example that reads a helm value and puts it in a configmap
    
    * Inject ANSIBLE_CONFIG in make ansible-lint
    
    * Use new ansible-lint action
    
    * Fix some ansible-lint warnings
    
    * Fix up python versions
    
    * Skip cannot find role error
    
    Avoid checking those two playbooks the action seems to be too limited
    to understand where the ansible.cfg is
    
    * Added health check for pvc resource in argocd.yaml
    
    This allows argo to continue rolling out the rest of the applications.
    Without the health check the application is stuck in a progressing state
    and will not continue thus preventing any downstream application from
    deploying.
    
    * adding tests
    
    * Update super-linter image to latest
    
    * Update super-linter image to latest
    
    * Update CI workflows
    
    * updated template with why implemented comment
    
    * Add dependabot settings for github actions
    
    * adding tests
    
    * - Added functionality to support the following format for labels and annotations:
          labels:
            openshift.io/node-selector: ""
          annotations:
            openshift.io/cluster-monitoring: "true"
    
    * Fixed CI Issues
    
    * Applying @claudiol recommendation
    
    * make test
    
    * Avoid exited containers proliferation
    
    When running the `pattern.sh` script multiple times, a lot of
    podman exited containers will be left on the machine, adding
    `--rm` parameter to `podman run` makes podman automatically
    delete the exited containers leaving the machine cleaner.
    
    * Handling of pre-release builds is too complex for a helm chart
    
    Generating the ICSP and allowing insecure registries is best done prior
    to helm upgrade, and requires VPN access to registry-proxy.engineering.redhat.com
    
    * Fixing issues with operator groups
    
    * Adding CI test
    
    * Updated operator group template
    
    * Updating CI issues
    
    * Removed duplicate code for operatorgroup by using multiple conditions
    
    * Allow overriding the pattern's name
    
    This is especially useful when multiple people are working on a pattern
    an have been using different names:
    
        $ make help |grep Pattern:
        Pattern: multicloud-gitops
        $ make NAME=foobar help |grep Pattern:
        Pattern: foobar
    
    * Add precise instruction to upgrade the vault subchart
    
    * Upgrade vault-helm to v0.24.1
    
    * Add an item to README.md
    
    * Fix up common/ tests
    
    * Fix super linter
    
    * Set gitOpsSpec.operatorSource
    
    After merging validatedpatterns/patterns-operator@235b303
    it is now effectively possible to pick a different catalogSource for
    the gitops operator. This is needed in order to allow CI to install
    the gitops operator from an IIB
    
    * Introduce EXTRA_HELM_OPTS
    
    This variable can be set in order to pass additional helm arguments from the
    the command line. I.e. we can set things without having to tweak values files
    So it is now possible to run something like the following:
    
      ./pattern.sh make install \
      EXTRA_HELM_OPTS="--set main.gitops.operatorSource=iib-49232"
    
    * Disable var-naming[no-role-prefix] in ansible lint
    
    * Add new ansible role to deal with IIBs
    
    * Simplify load-iib target
    
    * Add templates folder
    
    * Fix a couple of linting warnings
    
    * Fix some super-linter complaints
    
    * Skip the iib-ci playbook
    
    * Drop var-naming[no-role-prefix] linter
    
    * Allow for multiple images when calling load-iib
    
    * Add help for load-iib
    
    * Output index_image in make
    
    * Output index_image in make (2)
    
    * Set facts later in the playbook not in defaults/
    
    * Fix how we export vars in make load-iib
    
    * Fix how we export vars in make load-iib (2)
    
    * Use machineCount to register the number of nodes that need to be ready
    
    * Add helpful debug messages
    
    * Add | on shell now that we call pipefail
    
    * Test dropping nevercontact source
    
    * Skip insecure tls when logging in
    
    * Also allow gchr.io
    
    * Revert "Test dropping nevercontact source"
    
    This reverts commit d8746a37fce2663018f52203c892f00b825e32a7.
    
    * Fix typo
    
    * Clarify instructions in the README file
    
    * Automate the channel example
    
    * Find out KUBEADMINAPI programmatically
    
    * Use command instead of shell
    
    * Do not grep for operator bundle unless it is the gitops operator
    
    * Also whitelist ghcr.io
    
    * Fetch the operator bundle itself in a more robust way
    
    It seems that the operator bundle image itself is nowhere to be found
    inside any OCP cluster object (it's not in packagemanifests nor
    catalogsource). Resorting to parsing the IIB via opm alpha commands
    to fetch the exact image.
    
    * Add more mirrors
    
    * Some more work to support MCE
    
    * Cleanup spacing
    
    * Fix super-linter
    
    * Move task in right folder
    
    * Drop last mention of operator instead of item
    
    * Improve the grepping for the operator bundle
    
    Without also grepping for the default_channel we can end up getting
    multiple results, which breaks everything.
    
    Tested this and it fixed the issue I was seeing with the
    openshift-gitops-operator this morning
    
    * Drop display_skipped_hosts
    
    display_skipped_hosts=False has a horrible side-effect:
    When a task takes a long time, it is always the *next* task and not the
    one printed on the screen/log. That is because ansible has to wait for
    the task to finish before printing it as it does not know before hand if
    the host will be skipped and hence the task should not be displayed at
    all
    
    * Be more specific about the steps in the README
    
    * Upgrade ESO to v0.8.2
    
    * Update README.md
    
    * Update tests after eso 0.8.2 upgrade
    
    * Move to new spec format for dex/sso
    
    Via https://issues.redhat.com/browse/GITOPS-2761 we are told that the
    dex configuration has a new format.
    Old format:
    
        spec:
          dex:
            openShiftOAuth: true
            resources:
            ...
    
    New format:
    
        spec:
          sso:
            provider: dex
            dex:
              openShiftOAuth: true
              resources:
              ...
    
    This format is only supported starting with gitops-1.8.0, so we should
    merge this only when we are absolutely sure that no pattern in no
    situation needs an older gitops version.
    
    Tested on MCG with gitops-1.8.2
    
    Note: with this change gitops < 1.8 is not supported. Starting with
    gitops-1.9 the old format will be unsupported.
    
    * Disable ArgoCD from kubeconform
    
    The reason is that most of the tools we used to generate the json
    schema, seem to be unmaintained, so it is getting hard to update
    our schemas in our GH org. We'll need to revisit this in the future.
    
    * Add a short line about username/token for the iib role on OCP <= 4.12
    
    * Drop https:// from podman login
    
    Seems we hit https://www.github.com/containers/podman/issues/13691 at
    least with older podman versions.
    
    If this turns out to break podman 4.5.0 I will special case it later
    
    * Set the mce-subscription-spec annotation
    
    We set it by default to "redhat-operators" and if defined to .Values.clusterGroup.subscriptions.acm.source
    The reason we do this is the following:
    1. In a default deployment scenario MCE has to be deployed as normal
       from the redhat-operators catalogSource just as ACM is
    2. When we deploy gitops-operator from an IIB instead, MCE would be
       installed trying to get it from the IIB because
       https://www.github.com/stolostron/multiclusterhub-operator/pull/975
       made it so that it picks the latest version looking at all catalog
       sources. But since we only mirrored the gitops operator in the
       cluster, this breaks as the images for MCE from the IIB are not there
       By setting the default to "redhat-operators" we fix this case
    3. Now in the case where we want to install ACM from an IIB we need to
       be able to override this and we will pick whatever value is set in
       .Values.clusterGroup.subscriptions.acm.source, which will need to be
       defined for this to work when testing ACM+MCE from an IIB
    
    Note: Currently point 3. works only if you set it in a values file.
    Setting .Values.clusterGroup.subscriptions.acm.source via extraParams
    won't be passed down from the clusterGroup app to the applications.
    It's a bug that we need to fix.
    
    Note(2): We surround this with an 'if kindIs "map" .Values.clusterGroup.subscriptions'
    because we do not want to break things if subscription is a list and not
    a map. If we ever manage to drop subscriptions as list, then we can
    remove that if
    
    * Fix typo in README for iib
    
    * Simplify the README a bit
    
    * Add support for extraParams being passed down to all applications
    
    Via validatedpatterns/patterns-operator#74
    we add the extraParams in an extraParametersNested dictionary that holds
    the extraParams key/value pairs. If they exist, let's add them as
    parameters.
    
    This allows them to end up in the applications.
    
    * Add a lookup playbook to figure out IIB numbers
    
    * Allow overriding channel and source when installing the patterns-operator
    
    This will allow us to test the patterns-operator using a different
    catalogsource (potentially installed via an IIB). So we can run:
    
    make EXTRA_HELM_OPTS="\
      --set main.extraParameters[0].name=main.patternsOperator.channel --set main.extraParameters[0].value=slow \
      --set main.extraParameters[1].name=main.patternsOperator.source --set main.extraParameters[1].value=patten-index" install
    
    * Fix small typo in iib instructions
    
    * Drop a redirect and up retries when pushing the IIB to the internal registry
    
    * Update ESO to v0.8.3
    
    * WIP add presync for eso that waits for vault to be up
    
    * Add tests
    
    * Fix image and comment
    
    * Adding rbac to support the vault sa checking on the vault-0 pod status.
    
    * Make Test
    
    * Revert "Make Test"
    
    This reverts commit 64e9dc7.
    
    * Revert "Adding rbac to support the vault sa checking on the vault-0 pod status."
    
    This reverts commit 598bc74.
    
    * Revert "Fix image and comment"
    
    This reverts commit d4d3fe1.
    
    * Revert "Add tests"
    
    This reverts commit ab5532a.
    
    * Revert "WIP add presync for eso that waits for vault to be up"
    
    This reverts commit 2797699.
    
    * Increase the default retry limit when syncing
    
    ArgoCD will retry 5 times by default to sync an application in case of
    errors and then will give up. So if an application contains a reference
    to a CRD that has not been installed yet (say because it will be
    installed by another application), it will error out and retry later.
    This happens by default for a maximum of 5 times [1]. After those 5 times
    the application will give up and will stay in Degraded moded and
    eventually move to Failed. In this case a manual sync will usually fix
    the application just fine (i.e. as long as the missing CRD has been
    installed in the meantime).
    
    Now to solve this issue we can add complex preSync Jobs that wait for
    the needed resources, but this fundamentally breaks the simplicity of
    things and introduces unneeded dependencies. In this change we just
    increase the default retry limit to something larger (20) that should
    cover most cases. The retry limit functionality is rather undocumented
    currently in the docs but is defined at [2] and also shown at [3].
    
    In our patterns' case the concrete issue happened as follows:
    1. ESO ClusterSecrets were often not synced/degraded
    2. We introduced a Job in a preSync hook for the ESO chart that would
       wait on vault to be ready before applying the rest of ESO
    3. MCG started failing because the config-demo app had already tried to
       sync 5 times and failed everytime because the ESO CRDs were not
       installed yet (due to ESO waiting on vault)
    
    So instead of adding yet another job, let's just try a lot more often.
    We picked 20 as a sane default because that should have argo try for
    about 60 minutes (3min is the default maximum backoff limit)
    
    Tested with two MCG installations (with the ESO Job hook included) and
    both worked out of the box. Whereas before I managed to get three
    failures out of three installs.
    
    [1] https://github.com/argoproj/argo-cd/blob/master/controller/appcontroller.go#L1680
    [2] https://github.com/argoproj/argo-cd/blob/master/manifests/crds/application-crd.yaml#L1476
    [3] https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/application.yaml#L202C18-L202C100
    
    * Add Changes.md entry
    
    * Split off global helm variables to a helper definition
    
    We can only split out bits of yaml that reference $.* variables. This is
    because these sinppets in _helpers.tbl are passed a single context
    either $ or . and cannot use both like the top-level domain.
    
    * Switch ApplicationSets to use the newly-introduced helpers
    
    I only remove the variables that are defined identically in
    ApplicationSet and in the helper. Leaving the other ones as is
    as their presence is not entirely clear to me and I do not want to
    risk breaking things.
    
    * Split off valueFiles to _helpers.tbl
    
    * Switch applicationsets to use the new helper
    
    * Drop some older comments
    
    * Tweak the load secret debug message to be clearer
    
    When HOME is set we replace it with '~' in this debug message
    because when run from inside the container the HOME is /pattern-home
    which is confusing for users. Printing out '~' when at the start of
    the string is less confusing.
    
    Before:
    ok: [localhost] => {
        "msg": "/home/michele/.config/hybrid-cloud-patterns/values-secret-multicloud-gitops.yaml"
    }
    
    After:
    ok: [localhost] => {
        "msg": "~/.config/hybrid-cloud-patterns/values-secret-multicloud-gitops.yaml"
    }
    
    * Check if the KUBECONFIG file is pointing outside of the HOME folder
    
    If it is somewhere under /tmp or out of the HOME folder, bail out
    explaining why. This has caused a few silly situations where the user
    would save the KUBECONFIG file under /tmp. Since bind-mounting /tmp
    seems like a wrong thing to do in general, we at least bail out with a
    clear error message. To do this we rely on a bash functionality so let's
    just switch the script to use that.
    
    Tested as follows:
    export KUBECONFIG=/tmp/kubeconfig
    ./scripts/pattern-util.sh make help
    /tmp/kubeconfig is pointing outside of the HOME folder, this will make it unavailable from the container.
    Please move it somewhere inside your /home/michele folder, as that is what gets bind-mounted inside the container
    
    export KUBECONFIG=~/kubeconfig
    ./scripts/pattern-util.sh make help
    Pattern: common
    
    Usage:
      make <target>
    ...
    
    * Include an example SNO cluster pool in the tests
    
    * Enforce lowercase names for cluster claims
    
    * Avoid mixing yaml and json in the OCP install-config
    
    * Update provisioning tests
    
    * Sanely handle cluster pools with no clusters (yet)
    
    * Clustergroup Chart.yaml name change
    
    We currently have a small inconsistency where we use common/clustergroup
    in order to point Argo CD to this chart, but the name inside the chart
    is 'pattern-clustergroup'.
    
    This inconsistency is currently irrelevant, but in the future when
    migrating to helm charts inside proper helm repos, this becomes
    problematic. So let's fix the name to be the same as the folder.
    
    Tested on MCG successfully.
    
    * Fix the clusterPoolName in clusterClaims
    
    Currently with the following values snippet:
    
      managedClusterGroups:
        exampleRegion:
          name: group-one
          acmlabels:
          - name: clusterGroup
            value: group-one
          helmOverrides:
          - name: clusterGroup.isHubCluster
            value: false
          clusterPools:
            exampleAWSPool:
              size: 1
              name: aws-ap-bandini
              openshiftVersion: 4.12.24
              baseDomain: blueprints.rhecoeng.com
              controlPlane:
                count: 1
                platform:
                  aws:
                    type: m5.2xlarge
              workers:
                count: 0
              platform:
                aws:
                  region: ap-southeast-2
              clusters:
              - One
    
    You will get a clusterClaim that is pointing to the wrong Pool:
    NAMESPACE                 NAME                       POOL
    open-cluster-management   one-group-one              aws-ap-bandini
    
    This is wrong because the clusterPool name will be generated using the
    pool name + "-" group name:
    
      {{- $pool := . }}
      {{- $poolName := print .name "-" $group.name }}
    
    But the clusterPoolName inside the clusterName is only using the
    "$pool.name" which will make the clusterClaim ineffective as the pool
    does not exist.
    
    Switch to using the same poolName that is being used when creating the
    clusterPool.
    
    * Add some comments to make if/else and loops clearer
    
    Let's improve readability by adding some comments to point out which
    flow constructs are being ended.
    
    * Add some more comments in applications.yaml
    
    * Add a default for options applicationRetryLimit
    
    * Split out values files to a helper for the acm chart
    
    Just like we did for the clustergroup chart, let's split the values
    file list into a dedicated helper. This time since there are no global
    variables we include it with the current context and not with the '$'
    context.
    
    Tested with MCG: hub and spoke. Correctly observed all the applications
    running on the spoke.
    
    * Fix up tests
    
    They changed because we made the list indentation more correct (two
    extra spaces to the left)
    
    * Fix sa/namespace mixup in vault_spokes_init
    
    * Update local patch
    
    Also set seccompProfile to null to make things work on OCP 4.10
    
    * Update ESO to 0.8.5
    
    * Tweak ESO UBI images
    
    Tested the ESO upgrade on MCG on both 4.10 and 4.13
    
    * Removed previous version of common to convert to subtree from https://github.com/hybrid-cloud-patterns/common.git main
    
    * make test
    
    ---------
    
    Co-authored-by: Lester Claudio <claudiol@redhat.com>
    Co-authored-by: Michele Baldessari <michele@acksyn.org>
    Co-authored-by: Lorenzo Dalrio <ldalrio@redhat.com>
    Co-authored-by: Andrew Beekhof <andrew@beekhof.net>
    Co-authored-by: Martin Jackson <mhjacks@redhat.com>
    Co-authored-by: Tom Stockwell <2060486+stocky37@users.noreply.github.com>
    7 people authored Jul 31, 2023
    Configuration menu
    Copy the full SHA
    fc060b8 View commit details
    Browse the repository at this point in the history
  7. resolving merge conflicts

    day0hero committed Jul 31, 2023
    Configuration menu
    Copy the full SHA
    a72f2d3 View commit details
    Browse the repository at this point in the history
  8. make test

    day0hero committed Jul 31, 2023
    Configuration menu
    Copy the full SHA
    057001f View commit details
    Browse the repository at this point in the history

Commits on Aug 1, 2023

  1. Error out from load-iib when INDEX_IMAGES is undefined

    If you call the load-iib target you *must* set INDEX_IMAGES, so
    let's error out properly if you do not.
    
    Tested as:
    
            $ unset INDEX_IMAGES
            $ make load-iib
            make -f common/Makefile load-iib
            make[1]: Entering directory '/home/michele/Engineering/cloud-patterns/multicloud-gitops'
            No INDEX_IMAGES defined. Bailing out
    
            $ export INDEX_IMAGES=foo
            make load-iib
            make -f common/Makefile load-iib
            make[1]: Entering directory '/home/michele/Engineering/cloud-patterns/multicloud-gitops'
    
            PLAY [IIB CI playbook] ***
    mbaldessari committed Aug 1, 2023
    Configuration menu
    Copy the full SHA
    49728fa View commit details
    Browse the repository at this point in the history
  2. Merge pull request #337 from mbaldessari/iib-ux

    Error out from load-iib when INDEX_IMAGES is undefined
    mbaldessari authored Aug 1, 2023
    Configuration menu
    Copy the full SHA
    bc74b85 View commit details
    Browse the repository at this point in the history
  3. Merge pull request #336 from mbaldessari/vault-helm-0.25.0

    Upgrade vault-helm to v0.25.0
    mbaldessari authored Aug 1, 2023
    Configuration menu
    Copy the full SHA
    35e64a1 View commit details
    Browse the repository at this point in the history
  4. Configuration menu
    Copy the full SHA
    eb45d81 View commit details
    Browse the repository at this point in the history
  5. Add 'common/' from commit '35e64a102db0fb7fe3903acff56d3b4be9cf02b7'

    git-subtree-dir: common
    git-subtree-mainline: eb45d81
    git-subtree-split: 35e64a1
    day0hero committed Aug 1, 2023
    Configuration menu
    Copy the full SHA
    ffb008c View commit details
    Browse the repository at this point in the history
  6. Make test

    day0hero committed Aug 1, 2023
    Configuration menu
    Copy the full SHA
    3444d34 View commit details
    Browse the repository at this point in the history
  7. Configuration menu
    Copy the full SHA
    a246609 View commit details
    Browse the repository at this point in the history