From 2b58e104618f3129de8b13d738832fcc2ef23958 Mon Sep 17 00:00:00 2001 From: takahiro-yamada Date: Thu, 19 Dec 2024 03:02:11 +0000 Subject: [PATCH 1/4] Bump Argo CD version from 2.11.7 to 2.13.2 --- Makefile | 2 +- aqua.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 8b13cc9..3f98f43 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ # Tool versions CTRL_RUNTIME_VERSION := $(shell awk '/sigs.k8s.io\/controller-runtime/ {print substr($$2, 2)}' go.mod) -ARGOCD_VERSION = 2.11.7 +ARGOCD_VERSION = 2.13.2 # Test tools BIN_DIR := $(shell pwd)/bin diff --git a/aqua.yaml b/aqua.yaml index e6744ec..49c2602 100644 --- a/aqua.yaml +++ b/aqua.yaml @@ -5,7 +5,7 @@ registries: - type: standard ref: v4.218.0 # renovate: depName=aquaproj/aqua-registry packages: - - name: argoproj/argo-cd@v2.11.7 + - name: argoproj/argo-cd@v2.13.2 - name: kubernetes/kubectl@v1.30.4 - name: kubernetes-sigs/kubebuilder@v4.2.0 - name: kubernetes-sigs/kustomize@kustomize/v5.4.3 From 0e97166eaa9605c31af0fb1fe7cb412366d7e754 Mon Sep 17 00:00:00 2001 From: takahiro-yamada Date: Thu, 19 Dec 2024 03:02:26 +0000 Subject: [PATCH 2/4] Format markdowns --- docs/README.md | 2 +- docs/SUMMARY.md | 6 +++--- docs/config.md | 2 +- docs/design.md | 14 +++++++------- docs/development.md | 28 ++++++++++++++-------------- docs/overview.md | 1 - docs/release.md | 19 +++++++++---------- docs/setup.md | 30 +++++++++++++++--------------- docs/sharding.md | 8 ++++---- docs/usage.md | 8 ++++---- 10 files changed, 58 insertions(+), 60 deletions(-) diff --git a/docs/README.md b/docs/README.md index afed839..14c94b3 100644 --- a/docs/README.md +++ b/docs/README.md @@ -3,7 +3,7 @@ Cattage is a Kubernetes controller that enhances the multi-tenancy of [Argo CD][] with [Accurate][]. It is currently developed and maintained by [Cybozu](https://cybozu-global.com/). -The repository is at https://github.com/cybozu-go/cattage . +The repository is at . [Accurate]: https://github.com/cybozu-go/accurate [Argo CD]: https://argo-cd.readthedocs.io/en/stable/ diff --git a/docs/SUMMARY.md b/docs/SUMMARY.md index 0a44192..ea50cd5 100644 --- a/docs/SUMMARY.md +++ b/docs/SUMMARY.md @@ -2,19 +2,19 @@ [Cattage](README.md) -# User manual +## User manual - [Overview](overview.md) - [Setup](setup.md) - [Usage](usage.md) - [Sharding](sharding.md) -# References +## References - [Tenant custom resource](crd_tenant.md) - [Configurations](config.md) -# Developer documents +## Developer documents - [Design notes](design.md) - [Development](development.md) diff --git a/docs/config.md b/docs/config.md index 34a442b..e7b674e 100644 --- a/docs/config.md +++ b/docs/config.md @@ -106,7 +106,7 @@ argocd: ## Command-line flags -``` +```txt Flags: --add_dir_header If true, adds the file directory to the header --alsologtostderr log to standard error as well as files diff --git a/docs/design.md b/docs/design.md index 4c0e425..2358adf 100644 --- a/docs/design.md +++ b/docs/design.md @@ -8,11 +8,11 @@ Cattage is a Kubernetes controller that enhances the multi-tenancy of [Argo CD][ There is a known limitation for Argo CD to implement app-of-apps pattern in a multi-tenancy environment. -https://github.com/argoproj/argo-cd/issues/2785 + We have developed the following mechanism to resolve the problem. -https://blog.kintone.io/entry/production-grade-delivery-workflow-using-argocd#Multi-tenancy + However, the mechanism still has the following problems: @@ -48,7 +48,7 @@ No more deploying to another tenant's namespace by mistake. There are cases where you want to move ownership of an application between tenants. Accurate supports `kubectl accurate sub move` command to change the parent of a sub-namespace. -https://cybozu-go.github.io/accurate/subnamespaces.html#changing-the-parent-of-a-sub-namespace + An administrators can use this command to move the sub-namespace to another tenant. The permission of AppProjects, Applications and Namespaces will be updated automatically. @@ -59,7 +59,7 @@ The permission of AppProjects, Applications and Namespaces will be updated autom ApplicationSet is one of the features of Argo CD which generates Application resources based on user input. -https://argo-cd.readthedocs.io/en/stable/user-guide/application-set/ + However, this feature does not give tenant users enough flexibility in their settings. @@ -67,7 +67,7 @@ However, this feature does not give tenant users enough flexibility in their set AppSource controller is similar to our proposal. -https://github.com/argoproj-labs/appsource + But AppSource is still not production-ready. Also, it does not solve our some problems. @@ -80,8 +80,8 @@ We considered having an Argo CD instance for each tenant team, but it turned out Other Continuous Delivery tools support multi-tenancy. -- https://github.com/fluxcd/flux2 -- https://github.com/pipe-cd/pipe +- +- However, we love Argo CD (the many features and the useful UI). We already have a lot of manifests managed by Argo CD. It's hard to switch to another tool now. diff --git a/docs/development.md b/docs/development.md index d7b518c..a3961d5 100644 --- a/docs/development.md +++ b/docs/development.md @@ -3,43 +3,43 @@ 1. Prepare a Linux box running Docker. 2. Checkout this repository. - ```console - $ git clone https://github.com/cybozu-go/cattage + ```sh + git clone https://github.com/cybozu-go/cattage ``` ## Setup CLI tools 1. Install [aqua][]. - https://aquaproj.github.io/docs/tutorial-basics/quick-start + 2. Install CLI tools. - ```console - $ cd cybozu-go/cattage - $ aqua i -l + ```sh + cd cybozu-go/cattage + aqua i -l ``` ## Development & Debug 1. Launch local Kubernetes cluster. - ```console - $ cd cybozu-go/cattage - $ make dev + ```sh + cd cybozu-go/cattage + make dev ``` 2. Start [Tilt][]. - ```console - $ tilt up + ```sh + tilt up ``` -3. Access: http://localhost:10350/ +3. Access: `http://localhost:10350/` 4. Stop the Kubernetes cluster. - ```console - $ make stop-dev + ```sh + make stop-dev ``` [aqua]: https://aquaproj.github.io diff --git a/docs/overview.md b/docs/overview.md index 35a036b..db9c763 100644 --- a/docs/overview.md +++ b/docs/overview.md @@ -28,4 +28,3 @@ Cattage is a Kubernetes controller that enhances the multi-tenancy of [Argo CD][ [Accurate]: https://github.com/cybozu-go/accurate [Argo CD]: https://argo-cd.readthedocs.io/en/stable/ -[App Of Apps Pattern]: https://argo-cd.readthedocs.io/en/stable/operator-manual/cluster-bootstrapping/#app-of-apps-pattern diff --git a/docs/release.md b/docs/release.md index fae8db6..eb4bdbc 100644 --- a/docs/release.md +++ b/docs/release.md @@ -1,5 +1,4 @@ -Release procedure -================= +# Release procedure This document describes how to release a new version. @@ -17,19 +16,19 @@ Follow [semantic versioning 2.0.0][semver] to choose the new version number. 1. Determine a new version number. Then set `VERSION` variable. - ```console + ```sh # Set VERSION and confirm it. It should not have "v" prefix. - $ VERSION=x.y.z - $ echo $VERSION + VERSION=x.y.z + echo $VERSION ``` 2. Add a git tag to the main HEAD, then push it. - ```console - $ git switch main - $ git tag -a -m "Release v$VERSION" "v$VERSION" - $ git tag -ln | grep $VERSION - $ git push origin v$VERSION + ```sh + git switch main + git tag -a -m "Release v$VERSION" "v$VERSION" + git tag -ln | grep $VERSION + git push origin v$VERSION ``` [semver]: https://semver.org/spec/v2.0.0.html diff --git a/docs/setup.md b/docs/setup.md index 334a2a2..e210b70 100644 --- a/docs/setup.md +++ b/docs/setup.md @@ -13,14 +13,14 @@ For on-premises, [Teleport](https://goteleport.com) and [Loft](https://loft.sh) Install Argo CD as shown in the following page: -https://argo-cd.readthedocs.io/en/stable/getting_started/ + Cattage isolates AppProject resource for each tenant. So, please refer to the following page to enable user management. Argo CD supports a lot of authentication methods. -https://argo-cd.readthedocs.io/en/stable/operator-manual/user-management/ + Cattage expects tenant users to be able to create Application resources. Apply the following manifest: @@ -53,12 +53,12 @@ In order to enable the feature, add `--application-namespace="*"` parameter to ` ## cert-manager -Cattage and Accurate depend on [cert-manager][] to issue TLS certificate for admission webhooks. +Cattage and Accurate depend on [cert-manager](https://cert-manager.io/) to issue TLS certificate for admission webhooks. If cert-manager is not installed on your cluster, install it as follows: -```console -$ curl -fsLO https://github.com/jetstack/cert-manager/releases/latest/download/cert-manager.yaml -$ kubectl apply -f cert-manager.yaml +```sh +curl -fsLO https://github.com/jetstack/cert-manager/releases/latest/download/cert-manager.yaml +kubectl apply -f cert-manager.yaml ``` ## Accurate @@ -81,13 +81,13 @@ controller: Install Accurate with the values.yaml as follows: -```console -$ helm install --create-namespace --namespace accurate accurate -f values.yaml accurate/accurate +```sh +helm install --create-namespace --namespace accurate accurate -f values.yaml accurate/accurate ``` For more information, see the following page: -https://cybozu-go.github.io/accurate/helm.html + ## Cattage @@ -150,13 +150,13 @@ Read [Configurations](config.md) for details. Setup Helm repository: - ```console - $ helm repo add cattage https://cybozu-go.github.io/cattage - $ helm repo update - ``` + ```sh + helm repo add cattage https://cybozu-go.github.io/cattage + helm repo update + ``` Install the Helm chart with your values.yaml: -```console -$ helm install --create-namespace --namespace cattage cattage cattage/cattage -f values.yaml +```sh +helm install --create-namespace --namespace cattage cattage cattage/cattage -f values.yaml ``` diff --git a/docs/sharding.md b/docs/sharding.md index 176c380..9a15d6e 100644 --- a/docs/sharding.md +++ b/docs/sharding.md @@ -3,9 +3,9 @@ ## Overview In Argo CD, as the number of managed applications increases, the load on the Application Controller becomes significant. -While Argo CD supports sharding, it can only shard controllers per Kubernetes cluster. (ref. https://argo-cd.readthedocs.io/en/stable/operator-manual/high_availability/ ) +While Argo CD supports sharding, it can only shard controllers per Kubernetes cluster. (ref. ) -Cattage provides the capability to shard controllers on a per-tenant basis using [applications in any namespace](https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/). +Cattage provides the capability to shard controllers on a per-tenant basis using [applications in any namespace](https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/). By specifying a controller name in the Tenant resource, you can designate which controller will process Applications created in that tenant's Namespaces. ## How to use @@ -13,7 +13,7 @@ By specifying a controller name in the Tenant resource, you can designate which ### Setup stakater/Reloader [stakater/Reloader](https://github.com/stakater/Reloader) is a Kubernetes controller that watches for changes in ConfigMaps and Secrets, executing rolling updates on Deployments and StatefulSets as needed. -Cattage uses `stakater/Reloader` to roll out updates to the Argo CD Application Controller whenever a ConfigMap is modified. +Cattage uses `stakater/Reloader` to roll out updates to the Argo CD Application Controller whenever a ConfigMap is modified. Follow these steps to set it up: @@ -130,7 +130,7 @@ Cattage generates the following configmaps: - `default-application-controller-cm`: Lists namespaces for tenants without a specified controller - `-application-controller-cm`: Lists namespaces for tenants with a specified controller -### Setup Cattage +### Setup Cattage Follow the [setup instructions](./setup.md) to install Cattage. diff --git a/docs/usage.md b/docs/usage.md index 7123b53..3bd0718 100644 --- a/docs/usage.md +++ b/docs/usage.md @@ -41,8 +41,8 @@ your-team 2m Tenant users can create a SubNamespace on their namespaces. -```console -$ kubectl accurate sub create your-sub your-root +```sh +kubectl accurate sub create your-sub your-root ``` Tenant users can create an Application resource in the sub-namespace. @@ -74,8 +74,8 @@ spec: Apply the resource: -```console -$ kubectl apply -f application.yaml +```sh +kubectl apply -f application.yaml ``` Make sure that the Application resource is synchronized. From 3e0aaebc0b92005a06d46b71383e306b56c4e1a7 Mon Sep 17 00:00:00 2001 From: takahiro-yamada Date: Thu, 19 Dec 2024 03:09:31 +0000 Subject: [PATCH 3/4] Fix cron expression --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index c787c2d..79e1f3e 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -1,7 +1,7 @@ name: Renovate on: schedule: - - cron: '0 30 * * 1' + - cron: '0 10 * * 1' jobs: renovate: runs-on: ubuntu-latest From 165f030d5b3156a68adafeca97f769eb70e3285c Mon Sep 17 00:00:00 2001 From: takahiro-yamada Date: Thu, 19 Dec 2024 05:20:49 +0000 Subject: [PATCH 4/4] Fix maintenance.md --- docs/maintenance.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/maintenance.md b/docs/maintenance.md index 894ef47..bf7f6de 100644 --- a/docs/maintenance.md +++ b/docs/maintenance.md @@ -16,7 +16,7 @@ If Kubernetes or controller-runtime API has changed, please fix the relevant sou Cattage supports one Argo CD version. If a new Argo CD is released, please update the following files. -- Update Argo CD Version in `aqua.yaml`, `e2e/Makefile` and `Makefile`. +- Update Argo CD Version in `aqua.yaml` and `Makefile`. - Run `make crds`. If Argo CD API has changed, please fix the relevant source code.