From 465767ce01c1917eb0f4d84f00d0fa2116f77f43 Mon Sep 17 00:00:00 2001 From: Karel Vanden Houte Date: Fri, 30 Jun 2023 14:06:03 +0200 Subject: [PATCH 01/22] add cronjob support --- internal/pkg/callbacks/rolling_upgrade.go | 58 +++++++++++++++++++++++ internal/pkg/handler/upgrade.go | 18 +++++++ 2 files changed, 76 insertions(+) diff --git a/internal/pkg/callbacks/rolling_upgrade.go b/internal/pkg/callbacks/rolling_upgrade.go index 02ed23d..f2d9bbb 100644 --- a/internal/pkg/callbacks/rolling_upgrade.go +++ b/internal/pkg/callbacks/rolling_upgrade.go @@ -6,6 +6,7 @@ import ( "github.com/sirupsen/logrus" "github.com/stakater/Reloader/pkg/kube" appsv1 "k8s.io/api/apps/v1" + batchv1 "k8s.io/api/batch/v1" v1 "k8s.io/api/core/v1" meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -67,6 +68,26 @@ func GetDeploymentItems(clients kube.Clients, namespace string) []runtime.Object return items } +// GetCronJobs returns the jobs in given namespace +func GetCronJobs(clients kube.Clients, namespace string) []runtime.Object { + cronjobs, err := clients.KubernetesClient.BatchV1().CronJobs(namespace).List(context.TODO(), meta_v1.ListOptions{}) + if err != nil { + logrus.Errorf("Failed to list cronjobs %v", err) + } + + items := make([]runtime.Object, len(cronjobs.Items)) + // Ensure we always have pod annotations to add to + for i, v := range cronjobs.Items { + if v.Spec.JobTemplate.Spec.Template.ObjectMeta.Annotations == nil { + annotations := make(map[string]string) + cronjobs.Items[i].Spec.JobTemplate.Spec.Template.ObjectMeta.Annotations = annotations + } + items[i] = &cronjobs.Items[i] + } + + return items +} + // GetDaemonSetItems returns the daemonSets in given namespace func GetDaemonSetItems(clients kube.Clients, namespace string) []runtime.Object { daemonSets, err := clients.KubernetesClient.AppsV1().DaemonSets(namespace).List(context.TODO(), meta_v1.ListOptions{}) @@ -148,6 +169,11 @@ func GetDeploymentAnnotations(item runtime.Object) map[string]string { return item.(*appsv1.Deployment).ObjectMeta.Annotations } +// GetCronJobAnnotations returns the annotations of given cronjob +func GetCronJobAnnotations(item runtime.Object) map[string]string { + return item.(*batchv1.CronJob).ObjectMeta.Annotations +} + // GetDaemonSetAnnotations returns the annotations of given daemonSet func GetDaemonSetAnnotations(item runtime.Object) map[string]string { return item.(*appsv1.DaemonSet).ObjectMeta.Annotations @@ -173,6 +199,11 @@ func GetDeploymentPodAnnotations(item runtime.Object) map[string]string { return item.(*appsv1.Deployment).Spec.Template.ObjectMeta.Annotations } +// GetCronJobPodAnnotations returns the pod's annotations of given deployment +func GetCronJobPodAnnotations(item runtime.Object) map[string]string { + return item.(*batchv1.CronJob).Spec.JobTemplate.Spec.Template.ObjectMeta.Annotations +} + // GetDaemonSetPodAnnotations returns the pod's annotations of given daemonSet func GetDaemonSetPodAnnotations(item runtime.Object) map[string]string { return item.(*appsv1.DaemonSet).Spec.Template.ObjectMeta.Annotations @@ -198,6 +229,11 @@ func GetDeploymentContainers(item runtime.Object) []v1.Container { return item.(*appsv1.Deployment).Spec.Template.Spec.Containers } +// GetCronJobContainers returns the containers of given deployment +func GetCronJobContainers(item runtime.Object) []v1.Container { + return item.(*batchv1.CronJob).Spec.JobTemplate.Spec.Template.Spec.Containers +} + // GetDaemonSetContainers returns the containers of given daemonSet func GetDaemonSetContainers(item runtime.Object) []v1.Container { return item.(*appsv1.DaemonSet).Spec.Template.Spec.Containers @@ -223,6 +259,11 @@ func GetDeploymentInitContainers(item runtime.Object) []v1.Container { return item.(*appsv1.Deployment).Spec.Template.Spec.InitContainers } +// GetCronJobInitContainers returns the containers of given deployment +func GetCronJobInitContainers(item runtime.Object) []v1.Container { + return item.(*batchv1.CronJob).Spec.JobTemplate.Spec.Template.Spec.InitContainers +} + // GetDaemonSetInitContainers returns the containers of given daemonSet func GetDaemonSetInitContainers(item runtime.Object) []v1.Container { return item.(*appsv1.DaemonSet).Spec.Template.Spec.InitContainers @@ -250,6 +291,18 @@ func UpdateDeployment(clients kube.Clients, namespace string, resource runtime.O return err } +// CreateJobFromCronjob performs rolling upgrade on deployment +func CreateJobFromCronjob(clients kube.Clients, namespace string, resource runtime.Object) error { + cronJob := resource.(*batchv1.CronJob) + job := &batchv1.Job{ + ObjectMeta: cronJob.Spec.JobTemplate.ObjectMeta, + Spec: cronJob.Spec.JobTemplate.Spec, + } + job.GenerateName = cronJob.Name + "-" + _, err := clients.KubernetesClient.BatchV1().Jobs(namespace).Create(context.TODO(), job, meta_v1.CreateOptions{FieldManager: "Reloader"}) + return err +} + // UpdateDaemonSet performs rolling upgrade on daemonSet func UpdateDaemonSet(clients kube.Clients, namespace string, resource runtime.Object) error { daemonSet := resource.(*appsv1.DaemonSet) @@ -286,6 +339,11 @@ func GetDeploymentVolumes(item runtime.Object) []v1.Volume { return item.(*appsv1.Deployment).Spec.Template.Spec.Volumes } +// GetCronJobVolumes returns the Volumes of given cronjob +func GetCronJobVolumes(item runtime.Object) []v1.Volume { + return item.(*batchv1.CronJob).Spec.JobTemplate.Spec.Template.Spec.Volumes +} + // GetDaemonSetVolumes returns the Volumes of given daemonSet func GetDaemonSetVolumes(item runtime.Object) []v1.Volume { return item.(*appsv1.DaemonSet).Spec.Template.Spec.Volumes diff --git a/internal/pkg/handler/upgrade.go b/internal/pkg/handler/upgrade.go index af06a9f..6506d94 100644 --- a/internal/pkg/handler/upgrade.go +++ b/internal/pkg/handler/upgrade.go @@ -38,6 +38,20 @@ func GetDeploymentRollingUpgradeFuncs() callbacks.RollingUpgradeFuncs { } } +// GetDeploymentRollingUpgradeFuncs returns all callback funcs for a deployment +func GetCronJobCreateJobFuncs() callbacks.RollingUpgradeFuncs { + return callbacks.RollingUpgradeFuncs{ + ItemsFunc: callbacks.GetCronJobs, + AnnotationsFunc: callbacks.GetCronJobAnnotations, + PodAnnotationsFunc: callbacks.GetCronJobPodAnnotations, + ContainersFunc: callbacks.GetCronJobContainers, + InitContainersFunc: callbacks.GetCronJobInitContainers, + UpdateFunc: callbacks.CreateJobFromCronjob, + VolumesFunc: callbacks.GetCronJobVolumes, + ResourceType: "CronJob", + } +} + // GetDaemonSetRollingUpgradeFuncs returns all callback funcs for a daemonset func GetDaemonSetRollingUpgradeFuncs() callbacks.RollingUpgradeFuncs { return callbacks.RollingUpgradeFuncs{ @@ -101,6 +115,10 @@ func doRollingUpgrade(config util.Config, collectors metrics.Collectors, recorde if err != nil { return err } + err = rollingUpgrade(clients, config, GetCronJobCreateJobFuncs(), collectors, recorder) + if err != nil { + return err + } err = rollingUpgrade(clients, config, GetDaemonSetRollingUpgradeFuncs(), collectors, recorder) if err != nil { return err From 4dfd0e514e2b339401560e1837c028cd7b966436 Mon Sep 17 00:00:00 2001 From: stgrace Date: Fri, 29 Sep 2023 15:42:53 +0200 Subject: [PATCH 02/22] Fix comments Signed-off-by: stgrace --- internal/pkg/callbacks/rolling_upgrade.go | 12 ++++++------ internal/pkg/handler/upgrade.go | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/internal/pkg/callbacks/rolling_upgrade.go b/internal/pkg/callbacks/rolling_upgrade.go index f2d9bbb..c0e979c 100644 --- a/internal/pkg/callbacks/rolling_upgrade.go +++ b/internal/pkg/callbacks/rolling_upgrade.go @@ -68,8 +68,8 @@ func GetDeploymentItems(clients kube.Clients, namespace string) []runtime.Object return items } -// GetCronJobs returns the jobs in given namespace -func GetCronJobs(clients kube.Clients, namespace string) []runtime.Object { +// GetCronJobItems returns the jobs in given namespace +func GetCronJobItems(clients kube.Clients, namespace string) []runtime.Object { cronjobs, err := clients.KubernetesClient.BatchV1().CronJobs(namespace).List(context.TODO(), meta_v1.ListOptions{}) if err != nil { logrus.Errorf("Failed to list cronjobs %v", err) @@ -199,7 +199,7 @@ func GetDeploymentPodAnnotations(item runtime.Object) map[string]string { return item.(*appsv1.Deployment).Spec.Template.ObjectMeta.Annotations } -// GetCronJobPodAnnotations returns the pod's annotations of given deployment +// GetCronJobPodAnnotations returns the pod's annotations of given cronjob func GetCronJobPodAnnotations(item runtime.Object) map[string]string { return item.(*batchv1.CronJob).Spec.JobTemplate.Spec.Template.ObjectMeta.Annotations } @@ -229,7 +229,7 @@ func GetDeploymentContainers(item runtime.Object) []v1.Container { return item.(*appsv1.Deployment).Spec.Template.Spec.Containers } -// GetCronJobContainers returns the containers of given deployment +// GetCronJobContainers returns the containers of given cronjob func GetCronJobContainers(item runtime.Object) []v1.Container { return item.(*batchv1.CronJob).Spec.JobTemplate.Spec.Template.Spec.Containers } @@ -259,7 +259,7 @@ func GetDeploymentInitContainers(item runtime.Object) []v1.Container { return item.(*appsv1.Deployment).Spec.Template.Spec.InitContainers } -// GetCronJobInitContainers returns the containers of given deployment +// GetCronJobInitContainers returns the containers of given cronjob func GetCronJobInitContainers(item runtime.Object) []v1.Container { return item.(*batchv1.CronJob).Spec.JobTemplate.Spec.Template.Spec.InitContainers } @@ -291,7 +291,7 @@ func UpdateDeployment(clients kube.Clients, namespace string, resource runtime.O return err } -// CreateJobFromCronjob performs rolling upgrade on deployment +// CreateJobFromCronjob performs rolling upgrade on cronjob func CreateJobFromCronjob(clients kube.Clients, namespace string, resource runtime.Object) error { cronJob := resource.(*batchv1.CronJob) job := &batchv1.Job{ diff --git a/internal/pkg/handler/upgrade.go b/internal/pkg/handler/upgrade.go index 760e898..1b0c003 100644 --- a/internal/pkg/handler/upgrade.go +++ b/internal/pkg/handler/upgrade.go @@ -41,10 +41,10 @@ func GetDeploymentRollingUpgradeFuncs() callbacks.RollingUpgradeFuncs { } } -// GetDeploymentRollingUpgradeFuncs returns all callback funcs for a deployment +// GetDeploymentRollingUpgradeFuncs returns all callback funcs for a cronjob func GetCronJobCreateJobFuncs() callbacks.RollingUpgradeFuncs { return callbacks.RollingUpgradeFuncs{ - ItemsFunc: callbacks.GetCronJobs, + ItemsFunc: callbacks.GetCronJobItems, AnnotationsFunc: callbacks.GetCronJobAnnotations, PodAnnotationsFunc: callbacks.GetCronJobPodAnnotations, ContainersFunc: callbacks.GetCronJobContainers, From 128612c3262067cff90b2c418bb9a37dea84e99b Mon Sep 17 00:00:00 2001 From: Patrick Spies Date: Wed, 4 Oct 2023 16:28:50 +0200 Subject: [PATCH 03/22] fix(helm-chart): add missing rbac for cronjob-triggering --- .../chart/reloader/templates/clusterrole.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/deployments/kubernetes/chart/reloader/templates/clusterrole.yaml b/deployments/kubernetes/chart/reloader/templates/clusterrole.yaml index c342055..e3175fc 100644 --- a/deployments/kubernetes/chart/reloader/templates/clusterrole.yaml +++ b/deployments/kubernetes/chart/reloader/templates/clusterrole.yaml @@ -86,6 +86,19 @@ rules: - get - update - patch + - apiGroups: + - "batch" + resources: + - cronjobs + verbs: + - list + - get + - apiGroups: + - "batch" + resources: + - jobs + verbs: + - create {{- if .Values.reloader.enableHA }} - apiGroups: - "coordination.k8s.io" From e4e4371e60a13a9f7db74567b03abdcd188c473a Mon Sep 17 00:00:00 2001 From: Bharath Nallapeta Date: Wed, 4 Oct 2023 15:10:25 +0000 Subject: [PATCH 04/22] Modify ghcr login to use stakater token instead of user token (#537) Co-authored-by: Karl-Johan Grahn <6355577+karl-johan-grahn@users.noreply.github.com> --- .github/workflows/push.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index dd831d7..3aad10e 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -115,8 +115,8 @@ jobs: uses: docker/login-action@v2 with: registry: ${{env.REGISTRY}} - username: ${{github.actor}} - password: ${{secrets.GITHUB_TOKEN}} + username: ${{ secrets.STAKATER_DOCKERHUB_USERNAME }} + password: ${{ secrets.STAKATER_DOCKERHUB_PASSWORD }} - name: Generate image repository path for ghcr registry run: | From f9d02d76effb1e7212230e51e39fd65e18bf6ba0 Mon Sep 17 00:00:00 2001 From: Muneeb Aijaz <43588696+MuneebAijaz@users.noreply.github.com> Date: Thu, 5 Oct 2023 11:42:23 +0500 Subject: [PATCH 05/22] Revert "Modify ghcr login to use stakater token instead of user token (#537)" This reverts commit e4e4371e60a13a9f7db74567b03abdcd188c473a. --- .github/workflows/push.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index 3aad10e..dd831d7 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -115,8 +115,8 @@ jobs: uses: docker/login-action@v2 with: registry: ${{env.REGISTRY}} - username: ${{ secrets.STAKATER_DOCKERHUB_USERNAME }} - password: ${{ secrets.STAKATER_DOCKERHUB_PASSWORD }} + username: ${{github.actor}} + password: ${{secrets.GITHUB_TOKEN}} - name: Generate image repository path for ghcr registry run: | From 37a4e83ffbd5a0558d25f9f58b85d05b99c8dd3f Mon Sep 17 00:00:00 2001 From: Muneeb Aijaz <43588696+MuneebAijaz@users.noreply.github.com> Date: Thu, 5 Oct 2023 12:08:12 +0500 Subject: [PATCH 06/22] Update push.yaml --- .github/workflows/push.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index dd831d7..e10c7c8 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -115,7 +115,7 @@ jobs: uses: docker/login-action@v2 with: registry: ${{env.REGISTRY}} - username: ${{github.actor}} + username: stakater-user password: ${{secrets.GITHUB_TOKEN}} - name: Generate image repository path for ghcr registry From cf0fa2c24420eb11fcd05f04c14146531e7de10e Mon Sep 17 00:00:00 2001 From: stakater-user Date: Fri, 6 Oct 2023 06:30:26 +0000 Subject: [PATCH 07/22] [skip-ci] Update artifacts --- deployments/kubernetes/chart/reloader/Chart.yaml | 4 ++-- .../kubernetes/chart/reloader/values.yaml | 4 ++-- .../kubernetes/manifests/clusterrole.yaml | 2 +- .../kubernetes/manifests/clusterrolebinding.yaml | 2 +- deployments/kubernetes/manifests/deployment.yaml | 10 +++++----- .../kubernetes/manifests/serviceaccount.yaml | 2 +- deployments/kubernetes/reloader.yaml | 16 ++++++++-------- 7 files changed, 20 insertions(+), 20 deletions(-) diff --git a/deployments/kubernetes/chart/reloader/Chart.yaml b/deployments/kubernetes/chart/reloader/Chart.yaml index a9bfa05..3cb27d9 100644 --- a/deployments/kubernetes/chart/reloader/Chart.yaml +++ b/deployments/kubernetes/chart/reloader/Chart.yaml @@ -3,8 +3,8 @@ apiVersion: v1 name: reloader description: Reloader chart that runs on kubernetes -version: 1.0.41 -appVersion: v1.0.41 +version: 1.0.42 +appVersion: v1.0.42 keywords: - Reloader - kubernetes diff --git a/deployments/kubernetes/chart/reloader/values.yaml b/deployments/kubernetes/chart/reloader/values.yaml index 49e88dc..dd32e97 100644 --- a/deployments/kubernetes/chart/reloader/values.yaml +++ b/deployments/kubernetes/chart/reloader/values.yaml @@ -84,10 +84,10 @@ reloader: labels: provider: stakater group: com.stakater.platform - version: v1.0.41 + version: v1.0.42 image: name: ghcr.io/stakater/reloader - tag: v1.0.41 + tag: v1.0.42 pullPolicy: IfNotPresent # Support for extra environment variables. env: diff --git a/deployments/kubernetes/manifests/clusterrole.yaml b/deployments/kubernetes/manifests/clusterrole.yaml index 1dad56b..8303406 100644 --- a/deployments/kubernetes/manifests/clusterrole.yaml +++ b/deployments/kubernetes/manifests/clusterrole.yaml @@ -9,7 +9,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.41" + chart: "reloader-1.0.42" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" diff --git a/deployments/kubernetes/manifests/clusterrolebinding.yaml b/deployments/kubernetes/manifests/clusterrolebinding.yaml index 632f940..4ff63de 100644 --- a/deployments/kubernetes/manifests/clusterrolebinding.yaml +++ b/deployments/kubernetes/manifests/clusterrolebinding.yaml @@ -9,7 +9,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.41" + chart: "reloader-1.0.42" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" diff --git a/deployments/kubernetes/manifests/deployment.yaml b/deployments/kubernetes/manifests/deployment.yaml index 8e8d70c..06fdbf9 100644 --- a/deployments/kubernetes/manifests/deployment.yaml +++ b/deployments/kubernetes/manifests/deployment.yaml @@ -8,13 +8,13 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.41" + chart: "reloader-1.0.42" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.41 + version: v1.0.42 name: reloader-reloader namespace: default spec: @@ -28,16 +28,16 @@ spec: metadata: labels: app: reloader-reloader - chart: "reloader-1.0.41" + chart: "reloader-1.0.42" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.41 + version: v1.0.42 spec: containers: - - image: "ghcr.io/stakater/reloader:v1.0.41" + - image: "ghcr.io/stakater/reloader:v1.0.42" imagePullPolicy: IfNotPresent name: reloader-reloader diff --git a/deployments/kubernetes/manifests/serviceaccount.yaml b/deployments/kubernetes/manifests/serviceaccount.yaml index ca14a6c..9bb16eb 100644 --- a/deployments/kubernetes/manifests/serviceaccount.yaml +++ b/deployments/kubernetes/manifests/serviceaccount.yaml @@ -8,7 +8,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.41" + chart: "reloader-1.0.42" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" diff --git a/deployments/kubernetes/reloader.yaml b/deployments/kubernetes/reloader.yaml index ac012b5..4e047a6 100644 --- a/deployments/kubernetes/reloader.yaml +++ b/deployments/kubernetes/reloader.yaml @@ -8,7 +8,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.41" + chart: "reloader-1.0.42" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -25,7 +25,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.41" + chart: "reloader-1.0.42" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -79,7 +79,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.41" + chart: "reloader-1.0.42" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -102,13 +102,13 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.41" + chart: "reloader-1.0.42" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.41 + version: v1.0.42 name: reloader-reloader namespace: default spec: @@ -122,16 +122,16 @@ spec: metadata: labels: app: reloader-reloader - chart: "reloader-1.0.41" + chart: "reloader-1.0.42" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.41 + version: v1.0.42 spec: containers: - - image: "ghcr.io/stakater/reloader:v1.0.41" + - image: "ghcr.io/stakater/reloader:v1.0.42" imagePullPolicy: IfNotPresent name: reloader-reloader From f33b5e9ee03abc52fe678d2ab3a86c3fa39884d5 Mon Sep 17 00:00:00 2001 From: Patrick Spies Date: Fri, 6 Oct 2023 08:38:33 +0200 Subject: [PATCH 08/22] fix(helm): add missing permissions to role too --- .../kubernetes/chart/reloader/templates/role.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/deployments/kubernetes/chart/reloader/templates/role.yaml b/deployments/kubernetes/chart/reloader/templates/role.yaml index 86e5e52..5d6224c 100644 --- a/deployments/kubernetes/chart/reloader/templates/role.yaml +++ b/deployments/kubernetes/chart/reloader/templates/role.yaml @@ -77,6 +77,19 @@ rules: - get - update - patch + - apiGroups: + - "batch" + resources: + - cronjobs + verbs: + - list + - get + - apiGroups: + - "batch" + resources: + - jobs + verbs: + - create {{- if .Values.reloader.enableHA }} - apiGroups: - "coordination.k8s.io" From 6a659dede28f68deefc662ff7bd79f5b0cc2a7e6 Mon Sep 17 00:00:00 2001 From: stakater-user Date: Tue, 10 Oct 2023 17:34:53 +0000 Subject: [PATCH 09/22] [skip-ci] Update artifacts --- .../kubernetes/chart/reloader/Chart.yaml | 4 +-- .../kubernetes/chart/reloader/values.yaml | 4 +-- .../kubernetes/manifests/clusterrole.yaml | 15 +++++++++- .../manifests/clusterrolebinding.yaml | 2 +- .../kubernetes/manifests/deployment.yaml | 10 +++---- .../kubernetes/manifests/serviceaccount.yaml | 2 +- deployments/kubernetes/reloader.yaml | 29 ++++++++++++++----- 7 files changed, 46 insertions(+), 20 deletions(-) diff --git a/deployments/kubernetes/chart/reloader/Chart.yaml b/deployments/kubernetes/chart/reloader/Chart.yaml index 3cb27d9..28fa656 100644 --- a/deployments/kubernetes/chart/reloader/Chart.yaml +++ b/deployments/kubernetes/chart/reloader/Chart.yaml @@ -3,8 +3,8 @@ apiVersion: v1 name: reloader description: Reloader chart that runs on kubernetes -version: 1.0.42 -appVersion: v1.0.42 +version: 1.0.43 +appVersion: v1.0.43 keywords: - Reloader - kubernetes diff --git a/deployments/kubernetes/chart/reloader/values.yaml b/deployments/kubernetes/chart/reloader/values.yaml index dd32e97..a14616c 100644 --- a/deployments/kubernetes/chart/reloader/values.yaml +++ b/deployments/kubernetes/chart/reloader/values.yaml @@ -84,10 +84,10 @@ reloader: labels: provider: stakater group: com.stakater.platform - version: v1.0.42 + version: v1.0.43 image: name: ghcr.io/stakater/reloader - tag: v1.0.42 + tag: v1.0.43 pullPolicy: IfNotPresent # Support for extra environment variables. env: diff --git a/deployments/kubernetes/manifests/clusterrole.yaml b/deployments/kubernetes/manifests/clusterrole.yaml index 8303406..740bf37 100644 --- a/deployments/kubernetes/manifests/clusterrole.yaml +++ b/deployments/kubernetes/manifests/clusterrole.yaml @@ -9,7 +9,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.42" + chart: "reloader-1.0.43" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -45,6 +45,19 @@ rules: - get - update - patch + - apiGroups: + - "batch" + resources: + - cronjobs + verbs: + - list + - get + - apiGroups: + - "batch" + resources: + - jobs + verbs: + - create - apiGroups: - "" resources: diff --git a/deployments/kubernetes/manifests/clusterrolebinding.yaml b/deployments/kubernetes/manifests/clusterrolebinding.yaml index 4ff63de..286f4f7 100644 --- a/deployments/kubernetes/manifests/clusterrolebinding.yaml +++ b/deployments/kubernetes/manifests/clusterrolebinding.yaml @@ -9,7 +9,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.42" + chart: "reloader-1.0.43" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" diff --git a/deployments/kubernetes/manifests/deployment.yaml b/deployments/kubernetes/manifests/deployment.yaml index 06fdbf9..4a70293 100644 --- a/deployments/kubernetes/manifests/deployment.yaml +++ b/deployments/kubernetes/manifests/deployment.yaml @@ -8,13 +8,13 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.42" + chart: "reloader-1.0.43" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.42 + version: v1.0.43 name: reloader-reloader namespace: default spec: @@ -28,16 +28,16 @@ spec: metadata: labels: app: reloader-reloader - chart: "reloader-1.0.42" + chart: "reloader-1.0.43" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.42 + version: v1.0.43 spec: containers: - - image: "ghcr.io/stakater/reloader:v1.0.42" + - image: "ghcr.io/stakater/reloader:v1.0.43" imagePullPolicy: IfNotPresent name: reloader-reloader diff --git a/deployments/kubernetes/manifests/serviceaccount.yaml b/deployments/kubernetes/manifests/serviceaccount.yaml index 9bb16eb..75f020c 100644 --- a/deployments/kubernetes/manifests/serviceaccount.yaml +++ b/deployments/kubernetes/manifests/serviceaccount.yaml @@ -8,7 +8,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.42" + chart: "reloader-1.0.43" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" diff --git a/deployments/kubernetes/reloader.yaml b/deployments/kubernetes/reloader.yaml index 4e047a6..dc94626 100644 --- a/deployments/kubernetes/reloader.yaml +++ b/deployments/kubernetes/reloader.yaml @@ -8,7 +8,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.42" + chart: "reloader-1.0.43" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -25,7 +25,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.42" + chart: "reloader-1.0.43" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -61,6 +61,19 @@ rules: - get - update - patch + - apiGroups: + - "batch" + resources: + - cronjobs + verbs: + - list + - get + - apiGroups: + - "batch" + resources: + - jobs + verbs: + - create - apiGroups: - "" resources: @@ -79,7 +92,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.42" + chart: "reloader-1.0.43" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -102,13 +115,13 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.42" + chart: "reloader-1.0.43" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.42 + version: v1.0.43 name: reloader-reloader namespace: default spec: @@ -122,16 +135,16 @@ spec: metadata: labels: app: reloader-reloader - chart: "reloader-1.0.42" + chart: "reloader-1.0.43" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.42 + version: v1.0.43 spec: containers: - - image: "ghcr.io/stakater/reloader:v1.0.42" + - image: "ghcr.io/stakater/reloader:v1.0.43" imagePullPolicy: IfNotPresent name: reloader-reloader From ae80e6dedd965d8758f1afcea095e882201c567c Mon Sep 17 00:00:00 2001 From: Fernando Nogueira Date: Sat, 14 Oct 2023 21:27:22 -0400 Subject: [PATCH 10/22] bumping golang.org/x/net version to v.0.17.0 to address CVE-2023-39325 and CVE-2023-44487 --- go.mod | 8 ++++---- go.sum | 16 ++++++++-------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/go.mod b/go.mod index 1ebc7d2..f6b3098 100644 --- a/go.mod +++ b/go.mod @@ -50,11 +50,11 @@ require ( github.com/prometheus/procfs v0.11.1 // indirect github.com/smartystreets/goconvey v1.7.2 // indirect github.com/spf13/pflag v1.0.5 // indirect - golang.org/x/net v0.13.0 // indirect + golang.org/x/net v0.17.0 // indirect golang.org/x/oauth2 v0.8.0 // indirect - golang.org/x/sys v0.10.0 // indirect - golang.org/x/term v0.10.0 // indirect - golang.org/x/text v0.11.0 // indirect + golang.org/x/sys v0.13.0 // indirect + golang.org/x/term v0.13.0 // indirect + golang.org/x/text v0.13.0 // indirect golang.org/x/time v0.3.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/protobuf v1.30.0 // indirect diff --git a/go.sum b/go.sum index 46dcade..46dc9fe 100644 --- a/go.sum +++ b/go.sum @@ -140,8 +140,8 @@ golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.13.0 h1:Nvo8UFsZ8X3BhAC9699Z1j7XQ3rsZnUUm7jfBEk1ueY= -golang.org/x/net v0.13.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8= golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -152,15 +152,15 @@ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA= -golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.10.0 h1:3R7pNqamzBraeqj/Tj8qt1aQ2HpmlC+Cx/qL/7hn4/c= -golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= +golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4= -golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= From 508038a0f1b2d8af312d151ef616d5520d4c80de Mon Sep 17 00:00:00 2001 From: stakater-user Date: Wed, 18 Oct 2023 10:11:23 +0000 Subject: [PATCH 11/22] [skip-ci] Update artifacts --- deployments/kubernetes/chart/reloader/Chart.yaml | 4 ++-- .../kubernetes/chart/reloader/values.yaml | 4 ++-- .../kubernetes/manifests/clusterrole.yaml | 2 +- .../kubernetes/manifests/clusterrolebinding.yaml | 2 +- deployments/kubernetes/manifests/deployment.yaml | 10 +++++----- .../kubernetes/manifests/serviceaccount.yaml | 2 +- deployments/kubernetes/reloader.yaml | 16 ++++++++-------- 7 files changed, 20 insertions(+), 20 deletions(-) diff --git a/deployments/kubernetes/chart/reloader/Chart.yaml b/deployments/kubernetes/chart/reloader/Chart.yaml index 28fa656..0ec21dc 100644 --- a/deployments/kubernetes/chart/reloader/Chart.yaml +++ b/deployments/kubernetes/chart/reloader/Chart.yaml @@ -3,8 +3,8 @@ apiVersion: v1 name: reloader description: Reloader chart that runs on kubernetes -version: 1.0.43 -appVersion: v1.0.43 +version: 1.0.44 +appVersion: v1.0.44 keywords: - Reloader - kubernetes diff --git a/deployments/kubernetes/chart/reloader/values.yaml b/deployments/kubernetes/chart/reloader/values.yaml index a14616c..5b7926b 100644 --- a/deployments/kubernetes/chart/reloader/values.yaml +++ b/deployments/kubernetes/chart/reloader/values.yaml @@ -84,10 +84,10 @@ reloader: labels: provider: stakater group: com.stakater.platform - version: v1.0.43 + version: v1.0.44 image: name: ghcr.io/stakater/reloader - tag: v1.0.43 + tag: v1.0.44 pullPolicy: IfNotPresent # Support for extra environment variables. env: diff --git a/deployments/kubernetes/manifests/clusterrole.yaml b/deployments/kubernetes/manifests/clusterrole.yaml index 740bf37..c02c3a0 100644 --- a/deployments/kubernetes/manifests/clusterrole.yaml +++ b/deployments/kubernetes/manifests/clusterrole.yaml @@ -9,7 +9,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.43" + chart: "reloader-1.0.44" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" diff --git a/deployments/kubernetes/manifests/clusterrolebinding.yaml b/deployments/kubernetes/manifests/clusterrolebinding.yaml index 286f4f7..7f4a6e0 100644 --- a/deployments/kubernetes/manifests/clusterrolebinding.yaml +++ b/deployments/kubernetes/manifests/clusterrolebinding.yaml @@ -9,7 +9,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.43" + chart: "reloader-1.0.44" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" diff --git a/deployments/kubernetes/manifests/deployment.yaml b/deployments/kubernetes/manifests/deployment.yaml index 4a70293..5cf0f6a 100644 --- a/deployments/kubernetes/manifests/deployment.yaml +++ b/deployments/kubernetes/manifests/deployment.yaml @@ -8,13 +8,13 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.43" + chart: "reloader-1.0.44" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.43 + version: v1.0.44 name: reloader-reloader namespace: default spec: @@ -28,16 +28,16 @@ spec: metadata: labels: app: reloader-reloader - chart: "reloader-1.0.43" + chart: "reloader-1.0.44" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.43 + version: v1.0.44 spec: containers: - - image: "ghcr.io/stakater/reloader:v1.0.43" + - image: "ghcr.io/stakater/reloader:v1.0.44" imagePullPolicy: IfNotPresent name: reloader-reloader diff --git a/deployments/kubernetes/manifests/serviceaccount.yaml b/deployments/kubernetes/manifests/serviceaccount.yaml index 75f020c..d5d8ca8 100644 --- a/deployments/kubernetes/manifests/serviceaccount.yaml +++ b/deployments/kubernetes/manifests/serviceaccount.yaml @@ -8,7 +8,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.43" + chart: "reloader-1.0.44" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" diff --git a/deployments/kubernetes/reloader.yaml b/deployments/kubernetes/reloader.yaml index dc94626..4e3c8e5 100644 --- a/deployments/kubernetes/reloader.yaml +++ b/deployments/kubernetes/reloader.yaml @@ -8,7 +8,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.43" + chart: "reloader-1.0.44" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -25,7 +25,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.43" + chart: "reloader-1.0.44" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -92,7 +92,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.43" + chart: "reloader-1.0.44" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -115,13 +115,13 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.43" + chart: "reloader-1.0.44" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.43 + version: v1.0.44 name: reloader-reloader namespace: default spec: @@ -135,16 +135,16 @@ spec: metadata: labels: app: reloader-reloader - chart: "reloader-1.0.43" + chart: "reloader-1.0.44" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.43 + version: v1.0.44 spec: containers: - - image: "ghcr.io/stakater/reloader:v1.0.43" + - image: "ghcr.io/stakater/reloader:v1.0.44" imagePullPolicy: IfNotPresent name: reloader-reloader From 08a774a7991646969f2b9e45a39c7cfdb79c8c8a Mon Sep 17 00:00:00 2001 From: Daniel Butler Date: Wed, 18 Oct 2023 13:13:38 +0100 Subject: [PATCH 12/22] add ubi dockerfile --- Dockerfile.ubi | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 Dockerfile.ubi diff --git a/Dockerfile.ubi b/Dockerfile.ubi new file mode 100644 index 0000000..d25693c --- /dev/null +++ b/Dockerfile.ubi @@ -0,0 +1,19 @@ +ARG BUILDER_IMAGE +ARG BASE_IMAGE + +FROM ${BUILDER_IMAGE:-docker.io/stakater/reloader:v1.0.44} as SRC + +FROM ${BASE_IMAGE:-registry.access.redhat.com/ubi8/ubi-minimal} + +WORKDIR / +COPY --from=SRC /manager . + +# Update image +RUN microdnf update + +USER 65532:65532 + +# Port for metrics and probes +EXPOSE 9090 + +ENTRYPOINT ["/manager"] From d6740f694df3473b855816ea3c72048546a8259a Mon Sep 17 00:00:00 2001 From: Muneeb Aijaz <43588696+MuneebAijaz@users.noreply.github.com> Date: Thu, 19 Oct 2023 00:46:20 +0500 Subject: [PATCH 13/22] Update issue templates --- .github/ISSUE_TEMPLATE/bug_report.md | 27 +++++++++++++++++++++++ .github/ISSUE_TEMPLATE/feature_request.md | 20 +++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000..a56e789 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,27 @@ +--- +name: Bug report +about: Create a report to help us improve +title: "[BUG]" +labels: kind/bug +assignees: '' + +--- + +**Describe the bug** +A clear and concise description of what the bug is. + +**To Reproduce** +Steps to reproduce the behavior + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Screenshots** +If applicable, add screenshots to help explain your problem. + +**Environment** + - Operator Version: + - Kubernetes/OpenShift Version: + +**Additional context** +Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 0000000..ca9573a --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,20 @@ +--- +name: Feature request +about: Suggest an idea/enhancement for this project +title: "[ENHANCE]" +labels: kind/enhancement +assignees: '' + +--- + +**Is your feature request related to a problem? Please describe.** +A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + +**Describe the solution you'd like** +A clear and concise description of what you want to happen. + +**Describe alternatives you've considered** +A clear and concise description of any alternative solutions or features you've considered. + +**Additional context** +Add any other context or screenshots about the feature request here. From fd52f228ab2fde681a9cd91aba277dea122da3fe Mon Sep 17 00:00:00 2001 From: Patrick Spies Date: Thu, 19 Oct 2023 09:26:51 +0200 Subject: [PATCH 14/22] feat(helm) add egress-rule to netpol --- .../chart/reloader/templates/networkpolicy.yaml | 8 ++++++++ deployments/kubernetes/chart/reloader/values.yaml | 1 + 2 files changed, 9 insertions(+) diff --git a/deployments/kubernetes/chart/reloader/templates/networkpolicy.yaml b/deployments/kubernetes/chart/reloader/templates/networkpolicy.yaml index 11d05e6..884b573 100644 --- a/deployments/kubernetes/chart/reloader/templates/networkpolicy.yaml +++ b/deployments/kubernetes/chart/reloader/templates/networkpolicy.yaml @@ -20,6 +20,7 @@ spec: {{- end }} policyTypes: - Ingress + - Egress ingress: - ports: - port: http @@ -27,4 +28,11 @@ spec: from: {{- toYaml .| nindent 8 }} {{- end }} + egress: + - ports: + - port: 443 + {{- with .Values.reloader.netpol.from}} + to: + {{- toYaml .| nindent 8 }} + {{- end }} {{- end }} diff --git a/deployments/kubernetes/chart/reloader/values.yaml b/deployments/kubernetes/chart/reloader/values.yaml index 5b7926b..079f627 100644 --- a/deployments/kubernetes/chart/reloader/values.yaml +++ b/deployments/kubernetes/chart/reloader/values.yaml @@ -276,5 +276,6 @@ reloader: # - podSelector: # matchLabels: # app.kubernetes.io/name: prometheus + to: [] webhookUrl: "" From cad27649f9029d3cc192b63cfef291f21c8ee182 Mon Sep 17 00:00:00 2001 From: Patrick Spies Date: Thu, 19 Oct 2023 09:28:34 +0200 Subject: [PATCH 15/22] fix typo --- .../kubernetes/chart/reloader/templates/networkpolicy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployments/kubernetes/chart/reloader/templates/networkpolicy.yaml b/deployments/kubernetes/chart/reloader/templates/networkpolicy.yaml index 884b573..c197e78 100644 --- a/deployments/kubernetes/chart/reloader/templates/networkpolicy.yaml +++ b/deployments/kubernetes/chart/reloader/templates/networkpolicy.yaml @@ -31,7 +31,7 @@ spec: egress: - ports: - port: 443 - {{- with .Values.reloader.netpol.from}} + {{- with .Values.reloader.netpol.to}} to: {{- toYaml .| nindent 8 }} {{- end }} From 6fca0d9a6bd1883e3c43d3d246e016ae6bbce918 Mon Sep 17 00:00:00 2001 From: stakater-user Date: Thu, 19 Oct 2023 12:33:01 +0000 Subject: [PATCH 16/22] [skip-ci] Update artifacts --- deployments/kubernetes/chart/reloader/Chart.yaml | 4 ++-- .../kubernetes/chart/reloader/values.yaml | 4 ++-- .../kubernetes/manifests/clusterrole.yaml | 2 +- .../kubernetes/manifests/clusterrolebinding.yaml | 2 +- deployments/kubernetes/manifests/deployment.yaml | 10 +++++----- .../kubernetes/manifests/serviceaccount.yaml | 2 +- deployments/kubernetes/reloader.yaml | 16 ++++++++-------- 7 files changed, 20 insertions(+), 20 deletions(-) diff --git a/deployments/kubernetes/chart/reloader/Chart.yaml b/deployments/kubernetes/chart/reloader/Chart.yaml index 0ec21dc..4509266 100644 --- a/deployments/kubernetes/chart/reloader/Chart.yaml +++ b/deployments/kubernetes/chart/reloader/Chart.yaml @@ -3,8 +3,8 @@ apiVersion: v1 name: reloader description: Reloader chart that runs on kubernetes -version: 1.0.44 -appVersion: v1.0.44 +version: 1.0.45 +appVersion: v1.0.45 keywords: - Reloader - kubernetes diff --git a/deployments/kubernetes/chart/reloader/values.yaml b/deployments/kubernetes/chart/reloader/values.yaml index 079f627..39ec1f5 100644 --- a/deployments/kubernetes/chart/reloader/values.yaml +++ b/deployments/kubernetes/chart/reloader/values.yaml @@ -84,10 +84,10 @@ reloader: labels: provider: stakater group: com.stakater.platform - version: v1.0.44 + version: v1.0.45 image: name: ghcr.io/stakater/reloader - tag: v1.0.44 + tag: v1.0.45 pullPolicy: IfNotPresent # Support for extra environment variables. env: diff --git a/deployments/kubernetes/manifests/clusterrole.yaml b/deployments/kubernetes/manifests/clusterrole.yaml index c02c3a0..96cbe04 100644 --- a/deployments/kubernetes/manifests/clusterrole.yaml +++ b/deployments/kubernetes/manifests/clusterrole.yaml @@ -9,7 +9,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.44" + chart: "reloader-1.0.45" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" diff --git a/deployments/kubernetes/manifests/clusterrolebinding.yaml b/deployments/kubernetes/manifests/clusterrolebinding.yaml index 7f4a6e0..e132e3e 100644 --- a/deployments/kubernetes/manifests/clusterrolebinding.yaml +++ b/deployments/kubernetes/manifests/clusterrolebinding.yaml @@ -9,7 +9,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.44" + chart: "reloader-1.0.45" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" diff --git a/deployments/kubernetes/manifests/deployment.yaml b/deployments/kubernetes/manifests/deployment.yaml index 5cf0f6a..a3d9e83 100644 --- a/deployments/kubernetes/manifests/deployment.yaml +++ b/deployments/kubernetes/manifests/deployment.yaml @@ -8,13 +8,13 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.44" + chart: "reloader-1.0.45" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.44 + version: v1.0.45 name: reloader-reloader namespace: default spec: @@ -28,16 +28,16 @@ spec: metadata: labels: app: reloader-reloader - chart: "reloader-1.0.44" + chart: "reloader-1.0.45" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.44 + version: v1.0.45 spec: containers: - - image: "ghcr.io/stakater/reloader:v1.0.44" + - image: "ghcr.io/stakater/reloader:v1.0.45" imagePullPolicy: IfNotPresent name: reloader-reloader diff --git a/deployments/kubernetes/manifests/serviceaccount.yaml b/deployments/kubernetes/manifests/serviceaccount.yaml index d5d8ca8..5b8a631 100644 --- a/deployments/kubernetes/manifests/serviceaccount.yaml +++ b/deployments/kubernetes/manifests/serviceaccount.yaml @@ -8,7 +8,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.44" + chart: "reloader-1.0.45" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" diff --git a/deployments/kubernetes/reloader.yaml b/deployments/kubernetes/reloader.yaml index 4e3c8e5..e89a1e2 100644 --- a/deployments/kubernetes/reloader.yaml +++ b/deployments/kubernetes/reloader.yaml @@ -8,7 +8,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.44" + chart: "reloader-1.0.45" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -25,7 +25,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.44" + chart: "reloader-1.0.45" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -92,7 +92,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.44" + chart: "reloader-1.0.45" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -115,13 +115,13 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.44" + chart: "reloader-1.0.45" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.44 + version: v1.0.45 name: reloader-reloader namespace: default spec: @@ -135,16 +135,16 @@ spec: metadata: labels: app: reloader-reloader - chart: "reloader-1.0.44" + chart: "reloader-1.0.45" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.44 + version: v1.0.45 spec: containers: - - image: "ghcr.io/stakater/reloader:v1.0.44" + - image: "ghcr.io/stakater/reloader:v1.0.45" imagePullPolicy: IfNotPresent name: reloader-reloader From b5ca915dd33ce734a7c68037215a7e96534fa0c6 Mon Sep 17 00:00:00 2001 From: stakater-user Date: Thu, 19 Oct 2023 13:56:31 +0000 Subject: [PATCH 17/22] [skip-ci] Update artifacts --- deployments/kubernetes/chart/reloader/Chart.yaml | 4 ++-- .../kubernetes/chart/reloader/values.yaml | 4 ++-- .../kubernetes/manifests/clusterrole.yaml | 2 +- .../kubernetes/manifests/clusterrolebinding.yaml | 2 +- deployments/kubernetes/manifests/deployment.yaml | 10 +++++----- .../kubernetes/manifests/serviceaccount.yaml | 2 +- deployments/kubernetes/reloader.yaml | 16 ++++++++-------- 7 files changed, 20 insertions(+), 20 deletions(-) diff --git a/deployments/kubernetes/chart/reloader/Chart.yaml b/deployments/kubernetes/chart/reloader/Chart.yaml index 4509266..01bb582 100644 --- a/deployments/kubernetes/chart/reloader/Chart.yaml +++ b/deployments/kubernetes/chart/reloader/Chart.yaml @@ -3,8 +3,8 @@ apiVersion: v1 name: reloader description: Reloader chart that runs on kubernetes -version: 1.0.45 -appVersion: v1.0.45 +version: 1.0.46 +appVersion: v1.0.46 keywords: - Reloader - kubernetes diff --git a/deployments/kubernetes/chart/reloader/values.yaml b/deployments/kubernetes/chart/reloader/values.yaml index 39ec1f5..c7a2732 100644 --- a/deployments/kubernetes/chart/reloader/values.yaml +++ b/deployments/kubernetes/chart/reloader/values.yaml @@ -84,10 +84,10 @@ reloader: labels: provider: stakater group: com.stakater.platform - version: v1.0.45 + version: v1.0.46 image: name: ghcr.io/stakater/reloader - tag: v1.0.45 + tag: v1.0.46 pullPolicy: IfNotPresent # Support for extra environment variables. env: diff --git a/deployments/kubernetes/manifests/clusterrole.yaml b/deployments/kubernetes/manifests/clusterrole.yaml index 96cbe04..1a95d32 100644 --- a/deployments/kubernetes/manifests/clusterrole.yaml +++ b/deployments/kubernetes/manifests/clusterrole.yaml @@ -9,7 +9,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.45" + chart: "reloader-1.0.46" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" diff --git a/deployments/kubernetes/manifests/clusterrolebinding.yaml b/deployments/kubernetes/manifests/clusterrolebinding.yaml index e132e3e..b248045 100644 --- a/deployments/kubernetes/manifests/clusterrolebinding.yaml +++ b/deployments/kubernetes/manifests/clusterrolebinding.yaml @@ -9,7 +9,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.45" + chart: "reloader-1.0.46" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" diff --git a/deployments/kubernetes/manifests/deployment.yaml b/deployments/kubernetes/manifests/deployment.yaml index a3d9e83..b489ceb 100644 --- a/deployments/kubernetes/manifests/deployment.yaml +++ b/deployments/kubernetes/manifests/deployment.yaml @@ -8,13 +8,13 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.45" + chart: "reloader-1.0.46" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.45 + version: v1.0.46 name: reloader-reloader namespace: default spec: @@ -28,16 +28,16 @@ spec: metadata: labels: app: reloader-reloader - chart: "reloader-1.0.45" + chart: "reloader-1.0.46" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.45 + version: v1.0.46 spec: containers: - - image: "ghcr.io/stakater/reloader:v1.0.45" + - image: "ghcr.io/stakater/reloader:v1.0.46" imagePullPolicy: IfNotPresent name: reloader-reloader diff --git a/deployments/kubernetes/manifests/serviceaccount.yaml b/deployments/kubernetes/manifests/serviceaccount.yaml index 5b8a631..b758a43 100644 --- a/deployments/kubernetes/manifests/serviceaccount.yaml +++ b/deployments/kubernetes/manifests/serviceaccount.yaml @@ -8,7 +8,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.45" + chart: "reloader-1.0.46" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" diff --git a/deployments/kubernetes/reloader.yaml b/deployments/kubernetes/reloader.yaml index e89a1e2..de64a98 100644 --- a/deployments/kubernetes/reloader.yaml +++ b/deployments/kubernetes/reloader.yaml @@ -8,7 +8,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.45" + chart: "reloader-1.0.46" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -25,7 +25,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.45" + chart: "reloader-1.0.46" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -92,7 +92,7 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.45" + chart: "reloader-1.0.46" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" @@ -115,13 +115,13 @@ metadata: meta.helm.sh/release-name: "reloader" labels: app: reloader-reloader - chart: "reloader-1.0.45" + chart: "reloader-1.0.46" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.45 + version: v1.0.46 name: reloader-reloader namespace: default spec: @@ -135,16 +135,16 @@ spec: metadata: labels: app: reloader-reloader - chart: "reloader-1.0.45" + chart: "reloader-1.0.46" release: "reloader" heritage: "Helm" app.kubernetes.io/managed-by: "Helm" group: com.stakater.platform provider: stakater - version: v1.0.45 + version: v1.0.46 spec: containers: - - image: "ghcr.io/stakater/reloader:v1.0.45" + - image: "ghcr.io/stakater/reloader:v1.0.46" imagePullPolicy: IfNotPresent name: reloader-reloader From eb8d215cf14e3f4d37a3c5e8d03a8d9fa5a4d0a3 Mon Sep 17 00:00:00 2001 From: Daniel Butler Date: Thu, 19 Oct 2023 15:12:25 +0100 Subject: [PATCH 18/22] update workflows to build and publish ubi images --- .github/workflows/pull_request.yaml | 45 +++++++++++++++++++++++++++-- .github/workflows/push.yaml | 39 +++++++++++++++++++++++++ Dockerfile.ubi | 2 +- 3 files changed, 83 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index e599287..292355c 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -7,6 +7,7 @@ on: env: DOCKER_FILE_PATH: Dockerfile + UBI_DOCKER_FILE_PATH: Dockerfile.ubi KUBERNETES_VERSION: "1.19.0" KIND_VERSION: "0.17.0" REGISTRY: ghcr.io @@ -82,12 +83,14 @@ jobs: - name: Test run: make test - - name: Generate Tag + - name: Generate Tags id: generate_tag run: | sha=${{ github.event.pull_request.head.sha }} tag="SNAPSHOT-PR-${{ github.event.pull_request.number }}-${sha:0:8}" + ubi_tag="SNAPSHOT-PR-${{ github.event.pull_request.number }}-UBI-${sha:0:8}" echo "GIT_TAG=$(echo ${tag})" >> $GITHUB_OUTPUT + echo "GIT_UBI_TAG=$(echo ${ubi_tag})" >> $GITHUB_OUTPUT - name: Set up QEMU uses: docker/setup-qemu-action@v2 @@ -122,6 +125,25 @@ jobs: org.opencontainers.image.created=${{ steps.prep.outputs.created }} org.opencontainers.image.revision=${{ github.sha }} + - name: Build and Push Docker UBI Image to Docker registry + uses: docker/build-push-action@v4 + with: + context: . + file: ${{ env.DOCKER_UBI_FILE_PATH }} + pull: true + push: true + build-args: | + BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }} + BUILDER_IMAGE=${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_TAG }} + cache-to: type=inline + platforms: linux/amd64,linux/arm,linux/arm64 + tags: | + ${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_UBI_TAG }} + labels: | + org.opencontainers.image.source=${{ github.event.repository.clone_url }} + org.opencontainers.image.created=${{ steps.prep.outputs.created }} + org.opencontainers.image.revision=${{ github.sha }} + - name: Login to ghcr registry uses: docker/login-action@v2 with: @@ -150,13 +172,32 @@ jobs: org.opencontainers.image.created=${{ steps.prep.outputs.created }} org.opencontainers.image.revision=${{ github.sha }} + - name: Build and Push Docker UBI Image to ghcr registry + uses: docker/build-push-action@v4 + with: + context: . + file: ${{ env.DOCKER_UBI_FILE_PATH }} + pull: true + push: true + build-args: | + BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }} + BUILDER_IMAGE=${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_TAG }} + cache-to: type=inline + platforms: linux/amd64,linux/arm,linux/arm64 + tags: | + ${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_UBI_TAG }} + labels: | + org.opencontainers.image.source=${{ github.event.repository.clone_url }} + org.opencontainers.image.created=${{ steps.prep.outputs.created }} + org.opencontainers.image.revision=${{ github.sha }} + - name: Comment on PR uses: mshick/add-pr-comment@v2 if: always() env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - message-success: '@${{ github.actor }} Image is available for testing. `docker pull ${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_TAG }}`' + message-success: '@${{ github.actor }} Images are available for testing. `docker pull ${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_TAG }}`\n`docker pull ${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_UBI_TAG }}`' message-failure: '@${{ github.actor }} Yikes! You better fix it before anyone else finds out! [Build](https://github.com/${{ github.repository }}/commit/${{ github.event.pull_request.head.sha }}/checks) has Failed!' allow-repeats: true diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index e10c7c8..bad87e7 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -7,6 +7,7 @@ on: env: DOCKER_FILE_PATH: Dockerfile + DOCKER_UBI_FILE_PATH: Dockerfile.ubi KUBERNETES_VERSION: "1.19.0" KIND_VERSION: "0.17.0" HELM_REGISTRY_URL: "https://stakater.github.io/stakater-charts" @@ -111,6 +112,25 @@ jobs: org.opencontainers.image.created=${{ steps.prep.outputs.created }} org.opencontainers.image.revision=${{ github.sha }} + - name: Build and Push Docker UBI Image to Docker registry + uses: docker/build-push-action@v4 + with: + context: . + file: ${{ env.DOCKER_UBI_FILE_PATH }} + pull: true + push: true + build-args: | + BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }} + BUILDER_IMAGE= ${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.new_tag }} + cache-to: type=inline + platforms: linux/amd64,linux/arm,linux/arm64 + tags: | + ${{ env.DOCKER_IMAGE_REPOSITORY }}:ubi-${{ steps.generate_tag.outputs.new_tag }} + labels: | + org.opencontainers.image.source=${{ github.event.repository.clone_url }} + org.opencontainers.image.created=${{ steps.prep.outputs.created }} + org.opencontainers.image.revision=${{ github.sha }} + - name: Login to ghcr registry uses: docker/login-action@v2 with: @@ -139,6 +159,25 @@ jobs: org.opencontainers.image.created=${{ steps.prep.outputs.created }} org.opencontainers.image.revision=${{ github.sha }} + - name: Build and Push Docker UBI Image to ghcr registry + uses: docker/build-push-action@v4 + with: + context: . + file: ${{ env.DOCKER_FILE_PATH }} + pull: true + push: true + build-args: | + BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }} + BUILDER_IMAGE= ${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.new_tag }} + cache-to: type=inline + platforms: linux/amd64,linux/arm,linux/arm64 + tags: | + ${{ env.GHCR_IMAGE_REPOSITORY }}:ubi-${{ steps.generate_tag.outputs.new_tag }} + labels: | + org.opencontainers.image.source=${{ github.event.repository.clone_url }} + org.opencontainers.image.created=${{ steps.prep.outputs.created }} + org.opencontainers.image.revision=${{ github.sha }} + ############################## ## Add steps to generate required artifacts for a release here(helm chart, operator manifest etc.) ############################## diff --git a/Dockerfile.ubi b/Dockerfile.ubi index d25693c..43ce010 100644 --- a/Dockerfile.ubi +++ b/Dockerfile.ubi @@ -1,7 +1,7 @@ ARG BUILDER_IMAGE ARG BASE_IMAGE -FROM ${BUILDER_IMAGE:-docker.io/stakater/reloader:v1.0.44} as SRC +FROM ${BUILDER_IMAGE} as SRC FROM ${BASE_IMAGE:-registry.access.redhat.com/ubi8/ubi-minimal} From 03773817291adb63fc95180a6e1b536245a59b3e Mon Sep 17 00:00:00 2001 From: Daniel Butler Date: Mon, 23 Oct 2023 09:39:20 +0100 Subject: [PATCH 19/22] removing extra whitespace in builder image name --- .github/workflows/push.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index bad87e7..2fcdd12 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -121,7 +121,7 @@ jobs: push: true build-args: | BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }} - BUILDER_IMAGE= ${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.new_tag }} + BUILDER_IMAGE=${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.new_tag }} cache-to: type=inline platforms: linux/amd64,linux/arm,linux/arm64 tags: | @@ -168,7 +168,7 @@ jobs: push: true build-args: | BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }} - BUILDER_IMAGE= ${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.new_tag }} + BUILDER_IMAGE=${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.new_tag }} cache-to: type=inline platforms: linux/amd64,linux/arm,linux/arm64 tags: | From 7568cb38412562c3389f856a18073a25f4f1a886 Mon Sep 17 00:00:00 2001 From: Daniel Butler Date: Mon, 23 Oct 2023 10:58:04 +0100 Subject: [PATCH 20/22] removing linux/arm from ubi builds --- .github/workflows/pull_request.yaml | 6 +++--- .github/workflows/push.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 292355c..11a43c3 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -136,7 +136,7 @@ jobs: BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }} BUILDER_IMAGE=${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_TAG }} cache-to: type=inline - platforms: linux/amd64,linux/arm,linux/arm64 + platforms: linux/amd64,linux/arm64 tags: | ${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_UBI_TAG }} labels: | @@ -181,9 +181,9 @@ jobs: push: true build-args: | BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }} - BUILDER_IMAGE=${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_TAG }} + BUILDER_IMAGE=gcr.io/${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_TAG }} cache-to: type=inline - platforms: linux/amd64,linux/arm,linux/arm64 + platforms: linux/amd64,linux/arm64 tags: | ${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_UBI_TAG }} labels: | diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index 2fcdd12..ff04818 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -123,7 +123,7 @@ jobs: BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }} BUILDER_IMAGE=${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.new_tag }} cache-to: type=inline - platforms: linux/amd64,linux/arm,linux/arm64 + platforms: linux/amd64,linux/arm64 tags: | ${{ env.DOCKER_IMAGE_REPOSITORY }}:ubi-${{ steps.generate_tag.outputs.new_tag }} labels: | @@ -168,9 +168,9 @@ jobs: push: true build-args: | BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }} - BUILDER_IMAGE=${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.new_tag }} + BUILDER_IMAGE=gcr.io/${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.new_tag }} cache-to: type=inline - platforms: linux/amd64,linux/arm,linux/arm64 + platforms: linux/amd64,linux/arm64 tags: | ${{ env.GHCR_IMAGE_REPOSITORY }}:ubi-${{ steps.generate_tag.outputs.new_tag }} labels: | From 5535656717e0b8764f7d62230545ac7c26607f5d Mon Sep 17 00:00:00 2001 From: Daniel Butler Date: Mon, 23 Oct 2023 10:58:33 +0100 Subject: [PATCH 21/22] include platform in from builder image --- Dockerfile.ubi | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile.ubi b/Dockerfile.ubi index 43ce010..33d1348 100644 --- a/Dockerfile.ubi +++ b/Dockerfile.ubi @@ -1,9 +1,9 @@ ARG BUILDER_IMAGE ARG BASE_IMAGE -FROM ${BUILDER_IMAGE} as SRC +FROM --platform=${BUILDPLATFORM} ${BUILDER_IMAGE} as SRC -FROM ${BASE_IMAGE:-registry.access.redhat.com/ubi8/ubi-minimal} +FROM ${BASE_IMAGE:-registry.access.redhat.com/ubi8/ubi-minimal:latest} WORKDIR / COPY --from=SRC /manager . From fdcdcd8770fff708b19a0a904575342276273db9 Mon Sep 17 00:00:00 2001 From: Daniel Butler Date: Mon, 23 Oct 2023 14:15:35 +0100 Subject: [PATCH 22/22] fix gcr to ghcr --- .github/workflows/pull_request.yaml | 2 +- .github/workflows/push.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 11a43c3..828879a 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -181,7 +181,7 @@ jobs: push: true build-args: | BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }} - BUILDER_IMAGE=gcr.io/${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_TAG }} + BUILDER_IMAGE=ghcr.io/${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_TAG }} cache-to: type=inline platforms: linux/amd64,linux/arm64 tags: | diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index ff04818..4c7a02b 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -168,7 +168,7 @@ jobs: push: true build-args: | BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }} - BUILDER_IMAGE=gcr.io/${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.new_tag }} + BUILDER_IMAGE=ghcr.io/${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.new_tag }} cache-to: type=inline platforms: linux/amd64,linux/arm64 tags: |