common automatic update #38
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
mbaldessari
commented
Aug 6, 2024
mbaldessari
commented
- feat: add support for hive clusterdeployments creating spokes
- test: regenerated tests after clusterdeployment commit
- test: updated test-cased and regeneated expectations
- chore: added annotations controling gitops and fail for missing meta for clusterdeployments
- chore: removed managedclusterset spec
- New global scope argocdServer section for values-global.yaml
- Improve readme for ACM IIB
- Drop gitopsspec from pattern's CR
- Allow customizing the VP operator subscription
- Add retries when checking oc version
- Add an imperative-admin-sa service account
- Added support to label/annotate nodes
- Added support to enable user workloads in control plane nodes
- Added full support for the scheduler
- Simplified PR for auto approve install plans
- Switch to registry.redhat.io for the initContainer image
- Update for ACM chart to application-policies.yaml
- Add extraParameters to values.schema.json
- Update ESO to 0.9.18
- Update vault to 1.16.2
- Feat: Followup to definition of extraParameters under the main section of a values file.
- Use golang-external-secrets for the acm hub-ca bits
- Only do the acm hub ca policy when vault is the backend
- fix: when using clusterdeployments, secrets should exist in the cluster-namespace
- Force rolebindings as early as possible
- bug: Invalid OperatorGroup generated when ommitting targetNamespaces
- Fix CI issue
- Actually use adminServiceAccountName for the auto approve job
- Make sure that the if condition on chart split is not always true
- Bump super-linter from 5 to 6
- Drop some validations for now
- Add some debugging to the chart split action
- Use a specific git version when running git subtree split
- Release clustergroup v0.8.6
- Add a sudo to apt-get command
- Add some READMEs in the individual charts
- Fix super-linter issues and upgrade local super-linter target
- Skip unreachable spokes when setting up vault
- Add no_log to spokes initialization task
- Drop initContainers variable and make it the default
- Update tests after dropping initContainers
- Release clustergroup v0.8.7
- Upgrade ESO to v0.9.19
- Update helm version in CI to 3.14.0
- Drop imperative.initcontainers.gitinit
- Have unseal work whenever we specifiy HEAD
- make resourceExclusion configurable
- Update tests after upgrading resourceExclusions tweak
- Make resourcehealthchecks configurable
- Update tests after upgrading resourceHealthChecks change
- Do not quote $BRANCH variable
- Fix initcontainer race on spokes
- Release clustergroup v0.8.8
- configure annotation based resource tracking
- Drop imperative.volumes and imperative.volumemounts
- Properly quote vault kv command
- Make HUB work when spokes point to in hub cluster gitea
- update tests
- ACM chart version 0.0.2
- golang-external-secrets chart version 0.0.4
- hashicorp-vault chart version 0.0.2
- Implement multi-source
- Add tests for proper multisource support on spokes
- Release clustergroup v0.8.9
- Fix multisource indent error
- Release clustergroup v0.8.10
- Release acm v0.0.3
- Fix missing chart field
- Release acm v0.0.4
- Update chart versions
- Update vault-helm to v0.28.1 and vault to 1.17.2
- Update ESO to 0.9.20
- Release new hashicorp-vault and golang-external-secrets charts
- Add Ansible playbook
- Put the playbook in a more normal location for us
- Exclude new playbook
- Allow for choice in where file is written
- Fix pki bind mount when using podman machine
- Update tests after common rebase
Co-authored-by: Alejandro Villegas <[email protected]> Signed-off-by: Tomer Figenblat <[email protected]>
Co-authored-by: Alejandro Villegas <[email protected]> Signed-off-by: Tomer Figenblat <[email protected]>
Co-authored-by: Alejandro Villegas <[email protected]> Signed-off-by: Tomer Figenblat <[email protected]>
…for clusterdeployments Signed-off-by: Tomer Figenblat <[email protected]>
Signed-off-by: Tomer Figenblat <[email protected]>
- Added new section for to configure the ArgoCD server to support tls
argocdServer:
route:
tls:
insecureEdgeTerminationPolicy: Redirect
termination: reencrypt
- Default for ArgoCD is to create route with the following:
route: enabled
tls:
insecureEdgeTerminationPolicy: Redirect
termination: passthrough
For more information please refer to https://issues.redhat.com/browse/GITOPS-3918.
- Changed default value for termination
Improve readme for ACM IIB
New global scope argocdServer section for values-global.yaml
We drive this from the patterns-operator-config configmap these days, which makes more sense (it is a clusterwide setting and not really a per pattern one).
Tested with:
❯ helm template operator-install --show-only templates/subscription.yaml --set main.patternsOperator.installPlanApproval=Manual
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: patterns-operator
namespace: openshift-operators
labels:
operators.coreos.com/patterns-operator.openshift-operators: ""
spec:
channel: fast
installPlanApproval: Manual
name: patterns-operator
source: community-operators
sourceNamespace: openshift-marketplace
❯ helm template operator-install --show-only templates/subscription.yaml --set main.patternsOperator.installPlanApproval=Manual --set main.patternsOperator.startingCSV=1.2.3
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: patterns-operator
namespace: openshift-operators
labels:
operators.coreos.com/patterns-operator.openshift-operators: ""
spec:
channel: fast
installPlanApproval: Manual
name: patterns-operator
source: community-operators
sourceNamespace: openshift-marketplace
startingCSV: 1.2.3
Drop gitopsspec from pattern's CR
Allow customizing the VP operator subscription
Add retries when checking oc version
Add an imperative-admin-sa service account
This makes the registry url more consistent with what we already use (e.g. in the imperative templates)
Switch to registry.redhat.io for the initContainer image
- If statement was checking for .Values.global.extraValueFiles.
- We now checking at the .extraValueFiles in the managedClusterGroups section.
managedClusterGroups:
aro-prod:
name: innovation
acmlabels:
- name: clusterGroup
value: innovation
extraValueFiles:
- '/overrides/values-common-capabilities.yaml'
helmOverrides:
- name: clusterGroup.isHubCluster
value: "false"
Update for ACM chart to application-policies.yaml
- Problem Statement
The current **clustergroup** schema does not allow the definition of **extraParameters** under the **main** section of a values file.
- Caveat
The user defined variables in the **extraParameters** section would only be applied if the user deploys the pattern via the command, using `./pattern.sh make install` or `./pattern.sh make operator-deploy` and not via the OpenShift Validated Patterns Operator UI.
- Fix Description
Add the **extraParameters** to the definition of **Main.properties** in the values.schema.json:
"extraParameters": {
"type": "array",
"description": "Pass in extra Helm parameters to all ArgoCD Applications and the framework."
},
- This will allow users to define extra parameters that will be added by the framework to the ArgoCD applications it creates.
- For more information see validatedpatterns/common#510
Add extraParameters to values.schema.json
Update ESO to 0.9.18
Release clustergroup v0.8.9
Release clustergroup v0.8.10
Release acm v0.0.3
Small multisource fix
Release acm v0.0.4
Update chart versions
Update vault-helm to v0.28.1 and vault to 1.17.2
Update ESO to 0.9.20
Release new hashicorp-vault and golang-external-secrets charts
Provide kubeconfig writer
Added support to label/annotate nodes
Currently we test for the existance of local TLS folder and bind mount them in containers. This does not work correctly when using podman machine, because a the test is running on the host and so we might bind mount the wrong folder. For example: On Mac OSX /etc/pki does not exist on the folder and so we bind mount /etc/ssl even though /etc/pki does exist in the podman machine VM Co-Authored-By: Ákos Erős <[email protected]>
Fix pki bind mount when using podman machine
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.