common automatic update #6
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
mbaldessari
commented
Sep 10, 2024
mbaldessari
commented
- Set the user's passwd entry inside the container
- Upgrade helm to v3.13.2
- Drop old patch around null subkeys
- Do check for remote existance all the time
- Run validate-prereq only when not in a container
- Bump dorny/paths-filter from 2 to 3
- Add support for parsing secrets into intermediate structure and creating k8s secret objects
- Upgrade ESO to v0.9.12
- Update vault image to 1.15.5-ubi
- Use gitops-1.11 in acm as well
- Small gitops channel cleanups
- Upgrade namespaced argocd version to v1beta1
- Stop using OpenShiftControllerManager lookups
- Bump azure/setup-helm from 3 to 4
- Upgrade ESO to v0.9.13
- Upgrade vault to 1.15.6
- Bind mount /etc/pki in the wrapper
- Properly error out in preview-all when we cannot connect to the cluster
- Only include values files if they do exist in preview.sh
- Do not error out in preview when kustomize: true
- Also pass EXTRA_PLAYBOOK_OPTS environment setting
- Use oc kustomize
- Print out application being parsed for easier debugging
- Add .global.secretStore.backend in the clustergroup schema
- Fix check for secretStore.backend
- Introduce a generic parameter override via the EXTRA_ARGS env variable
- Allow overriding the oc lookups in preview.sh
- Always include values-global.yaml and values-.yaml
- Add help and message clarifying that preview has certain limits
- Add clustergroup support to preview target
- Fix preview when the application's index name is not the same as the name attribute
- Force strings in extraParametersNested
- In ACM policies do not use $ARGOCD_APP_SOURCE_ variables*
- Add support for custom CAs
- Update tests
- Support for issue #459
- Drop unused piece of schema json
- Small cleanup to remove unneeded log messages
- Support for cluster-wide proxy
- Update ESO to 0.9.14
- Update CRD from operator v0.0.44
- Expose main.experimentalCapabilities in operator-install
- Release clustergroup v0.8.3
- feat: add support for hive clusterdeployments creating spokes
- test: regenerated tests after clusterdeployment commit
- Support remote repoURL when previewing templates
- test: updated test-cased and regeneated expectations
- Moved CLUSTERGROUP declaration to restore make preview-% functionality
- Namespace argocd.argoproj.io/managed-by label issue
- Fixed indenting and duplicate entries in application-policies.yaml
- Add main.experimentalCapabilities to values.schema.json
- Release clustergroup v0.8.4
- Move the CLUSTERGROUP env variable for previews inside its section
- Fix up tests after upstream PR merge
- Drop old comments
- bug: Fix to generate OperatorGroup definition when namespaces definition has labels
- Try fallbacks for /etc/pki when it does not exist
- Fix for multiple OperatorGroup rendering
- Updated tests for CI
- Update ESO to 0.9.16
- Updated vault-helm to v0.28.0
- Use --recurse-submodules when cloning
- Drop support for IIB on OCP 4.12
- Stop saving stderr in a file when running skopeo
- Rearchitect the code so we can print out the actual error
- Check for prereqs for IIB
- chore: added annotations controling gitops and fail for missing meta for clusterdeployments
- chore: removed managedclusterset spec
- Rework IIB loading support
- Switch to gitops-1.12
- Add overrides for MCE IIB
- Update README for IIB changes
- Release clustergroup v0.8.5
- New global scope argocdServer section for values-global.yaml
- Improve readme for ACM IIB
- Drop gitopsspec from pattern's CR
- Allow customizing the VP operator subscription
- Add retries when checking oc version
- Add an imperative-admin-sa service account
- Added support to label/annotate nodes
- Added support to enable user workloads in control plane nodes
- Added full support for the scheduler
- Simplified PR for auto approve install plans
- Switch to registry.redhat.io for the initContainer image
- Update for ACM chart to application-policies.yaml
- Add extraParameters to values.schema.json
- Update ESO to 0.9.18
- Update vault to 1.16.2
- Feat: Followup to definition of extraParameters under the main section of a values file.
- Use golang-external-secrets for the acm hub-ca bits
- Only do the acm hub ca policy when vault is the backend
- fix: when using clusterdeployments, secrets should exist in the cluster-namespace
- Force rolebindings as early as possible
- bug: Invalid OperatorGroup generated when ommitting targetNamespaces
- Fix CI issue
- Actually use adminServiceAccountName for the auto approve job
- Make sure that the if condition on chart split is not always true
- Bump super-linter from 5 to 6
- Drop some validations for now
- Add some debugging to the chart split action
- Use a specific git version when running git subtree split
- Release clustergroup v0.8.6
- Add a sudo to apt-get command
- Add some READMEs in the individual charts
- Fix super-linter issues and upgrade local super-linter target
- Skip unreachable spokes when setting up vault
- Add no_log to spokes initialization task
- Drop initContainers variable and make it the default
- Update tests after dropping initContainers
- Release clustergroup v0.8.7
- Upgrade ESO to v0.9.19
- Update helm version in CI to 3.14.0
- Drop imperative.initcontainers.gitinit
- Have unseal work whenever we specifiy HEAD
- make resourceExclusion configurable
- Update tests after upgrading resourceExclusions tweak
- Make resourcehealthchecks configurable
- Update tests after upgrading resourceHealthChecks change
- Do not quote $BRANCH variable
- Fix initcontainer race on spokes
- Release clustergroup v0.8.8
- configure annotation based resource tracking
- Drop imperative.volumes and imperative.volumemounts
- Properly quote vault kv command
- Make HUB work when spokes point to in hub cluster gitea
- update tests
- ACM chart version 0.0.2
- golang-external-secrets chart version 0.0.4
- hashicorp-vault chart version 0.0.2
- Implement multi-source
- Add tests for proper multisource support on spokes
- Release clustergroup v0.8.9
- Fix multisource indent error
- Release clustergroup v0.8.10
- Release acm v0.0.3
- Fix missing chart field
- Release acm v0.0.4
- Update chart versions
- Update vault-helm to v0.28.1 and vault to 1.17.2
- Update ESO to 0.9.20
- Release new hashicorp-vault and golang-external-secrets charts
- Add Ansible playbook
- Put the playbook in a more normal location for us
- Exclude new playbook
- Allow for choice in where file is written
- Fix pki bind mount when using podman machine
- Allow originRepo to be set via make install and main.git parameters
- resolves #21 rag-llm-gitops
- Fix vars that were erroneously dropped
- Allow more flexibility with multiSourceConfig schema
- Inject VALUES_SECRET env var
- Add helmRepoUrl variable
- Update letsencrypt to v0.1.1
- Allow overriding gitops source on spokes
- Update acm chart to v0.1.1
- Update clustergroup chart to 0.8.11
- Extend the schema for disconnected
- Update clustergroup chart to 0.8.12
- Update super-linter to v7
- Fix action path
- Fix action path v2
- Upgrade ESO to v0.10.0
- Upgrade vault to 1.17.3
- Update hashicorp-vault to 0.1.2
- Update golang-external-secrets to 0.1.2
- Switch to gitops-1.13
- Add a pushsecrets policy and vault path for ESO syncing
- Fix PyInk warnings
- Replace tabs with spaces and add some missing env vars that could be passed
- Also push any changes to operator-install to its own repo
- Update CRD from operator v0.0.55
- Fix chart name in pattern-install branch+split wf
- Tweak readme
- Use $group.name in clusterset metadata
- Update tests after common rebase
Drop unused piece of schema json
Custom CA support
Small cleanup to remove unneeded log messages
If the clusterwide proxy object is configured, let's support it when we clone the git repos for the imperative framework.
Support for cluster-wide proxy
Update ESO to 0.9.14
feat: Support for issue #459
Update CRD from operator v0.0.44
Expose main.experimentalCapabilities in operator-install
Release clustergroup v0.8.3
Co-authored-by: Alejandro Villegas <[email protected]> Signed-off-by: Tomer Figenblat <[email protected]>
Co-authored-by: Alejandro Villegas <[email protected]> Signed-off-by: Tomer Figenblat <[email protected]>
This allows us to have a remote repoURL + path kustomize combo and show
the resulting templates in `make preview`.
Tested with:
web-terminal:
name: web-terminal
namespace: hello-world
project: hub
kustomize: true
targetRevision: main
repoURL: https://github.com/redhat-cop/gitops-catalog
path: web-terminal/aggregate/overlays/default
Closes: validatedpatterns/multicloud-gitops#356
Support remote repoURL when previewing templates
Co-authored-by: Alejandro Villegas <[email protected]> Signed-off-by: Tomer Figenblat <[email protected]>
- Fixed issue in common/clustergroup/templates/_helpers.tpl to render correct label
Namespace argocd.argoproj.io/managed-by label issue
This corrects Argo error: Failed to load target state: failed to generate manifest for source 1 of 1: rpc error: code = Unknown desc = Manifest generation error (cached): `helm template . --name-template acm --namespace open-cluster-management --kube-version 1.25 --set global.privateRepo=false --set global.experimentalCapabilities=initcontainers --set global.repoURL=https://github.myrepo.com/EnterpriseKubernetes/multicloud-gitops.git --set global.clusterDomain=mydomain.azure.us --set global.clusterPlatform=Azure --set global.hubClusterDomain=mydomain.azure.us --set global.localClusterDomain=mydomain.azure.us --set global.targetRevision=prod --set global.namespace=open-cluster-management --set global.pattern=ekho --set global.clusterVersion=4.12 --values <path to cached source>/values-global.yaml --values <path to cached source>/values-hub.yaml <api versions removed> --include-crds` failed exit status 1: Error: YAML parse error on acm/templates/policies/application-policies.yaml: error converting YAML to JSON: yaml: line 50: did not find expected key Use --debug flag to render out invalid YAML Also corrects mapping error warning on make preview-acm
This way it can be set straight from a values-*.yaml file Tested on MCG.
Add main.experimentalCapabilities to values.schema.json
ClusterGroup v0.8.4
Moved CLUSTERGROUP declaration to restore make preview-% functionality
This way the code is a bit less confusing and it's more obvious when/where CLUSTERGROUP is used. make preview-% still keeps working as usual and you can override things via `make CLUSTERGROUP=group-one preview-hello-world` Gotta love Makefile's idiosyncrasies around per-target variables
Update super-linter to v7
Upgrade ESO to v0.10.0
Upgrade vault to 1.17.3
Release new hashicorp-vault and golang-external-secrets charts
It is supported all the way back to OCP 4.12 Tested on sno hub + spoke successfully
Switch to gitops-1.13
See the README for more details, but TLDR: you can use
`secret/pushsecrets` to push secrets from any node to the vault.
This secret can then be retrieved from either a different namespace
or a different cluster node.
Tested this with a pushsecret as follows:
```
apiVersion: external-secrets.io/v1alpha1
kind: PushSecret
metadata:
name: pushsecret
namespace: hello-world
spec:
data:
- conversionStrategy: None
match:
remoteRef:
property: baz
remoteKey: pushsecrets/testme
secretKey: bar
deletionPolicy: Delete
refreshInterval: 10s
secretStoreRefs:
- kind: ClusterSecretStore
name: vault-backend
selector:
secret:
name: existing-secret
updatePolicy: Replace
```
The above takes the property called `baz` of an existing secret called `existing-secret` in
the `hello-world` namespace and pushes it to the `secret/pushsecrets/testme` vault path.
Suggested-By: Chris Butler <[email protected]>
Closes: MBP-641
Add a pushsecrets policy and vault path for ESO syncing
Replace tabs with spaces and add some missing env vars that could be passed
Since at the time the folder was named operator-install and the chart pattern-install, let's push it out to the `pattern-install-chart` repo which is a bit clearer.
Also push any changes to operator-install to its own repo
Update CRD from operator v0.0.55
Fix chart name in pattern-install branch+split wf
Use $group.name in clusterset metadata
It is being just silly
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.