diff --git a/.drone.yml b/.drone.yml index e6dfc01..2ac6f40 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,21 +1,260 @@ +# Copyright (c) 2017-present SIGHUP s.r.l All rights reserved. +# Use of this source code is governed by a BSD-style +# license that can be found in the LICENSE file. + +# FIXME: Skipping for the moment, we need to add the license header to all the files. +# name: license +# kind: pipeline +# type: docker + +# steps: +# - name: check +# image: docker.io/library/golang:1.16 +# pull: always +# commands: +# - go get -u github.com/google/addlicense +# - addlicense -c "SIGHUP s.r.l" -v -l bsd -y "2017-present" --check . + +# --- +name: policeman +kind: pipeline +type: docker + +# FIXME: enable me when license check gets enabled. +# depends_on: +# - license + +platform: + os: linux + arch: amd64 + +steps: + - name: lint + image: quay.io/sighup/policeman + pull: always + environment: + # Identifies false positives like missing 'selector'. + # Doing this is valid for Kustomize patches + VALIDATE_KUBERNETES_KUBEVAL: "false" + # Some duplicated code is intended. + VALIDATE_JSCPD: "false" + # hadolint already validated dockerfiles + VALIDATE_DOCKERFILE: "false" + # Disable natural language checks + VALIDATE_NATURAL_LANGUAGE: "false" + # Shellcheck gets confused with Jinja2 tempalates. Skipping all of them + FILTER_REGEX_EXCLUDE: (roles/.*/templates/.*j2) + depends_on: + - clone + + - name: render + image: quay.io/sighup/e2e-testing:1.1.0_0.2.2_2.16.1_1.9.4_1.20.7_3.8.7_2.4.1 + pull: always + depends_on: + - clone + commands: + - kustomize build katalog/vsphere-cm > vsphere-cm.yaml + - kustomize build katalog/vsphere-csi > vsphere-csi.yaml + + - name: check-deprecated-apis + image: us-docker.pkg.dev/fairwinds-ops/oss/pluto:v5 + pull: always + depends_on: + - render + commands: + # we use --ignore-deprecations because we don't want the CI to fail when the API has not been removed yet. + - /pluto detect vsphere-cm.yaml --target-versions=k8s=v1.25.0 --ignore-deprecations + - /pluto detect vsphere-csi.yaml --target-versions=k8s=v1.25.0 --ignore-deprecations + +# FIXME: Add E2E tests +# --- +# name: e2e-kubernetes-1.25 +# kind: pipeline +# type: docker + +# depends_on: +# - policeman + +# node: +# runner: internal + +# platform: +# os: linux +# arch: amd64 + +# trigger: +# ref: +# include: +# - refs/heads/master +# - refs/heads/main +# - refs/tags/** + +# steps: +# - name: init +# image: quay.io/sighup/e2e-testing-drone-plugin:v1.25.3 +# pull: always +# volumes: +# - name: shared +# path: /shared +# depends_on: [clone] +# settings: +# action: custom-cluster-125 +# pipeline_id: cluster-125 +# local_kind_config_path: katalog/tests/kind/config.yml +# cluster_version: "1.25.3" +# instance_path: /shared +# aws_default_region: +# from_secret: aws_region +# aws_access_key_id: +# from_secret: aws_access_key_id +# aws_secret_access_key: +# from_secret: aws_secret_access_key +# terraform_tf_states_bucket_name: +# from_secret: terraform_tf_states_bucket_name +# vsphere_server: +# from_secret: vsphere_server +# vsphere_password: +# from_secret: vsphere_password +# vsphere_user: +# from_secret: vsphere_user +# dockerhub_username: +# from_secret: dockerhub_username +# dockerhub_password: +# from_secret: dockerhub_password + +# - name: e2e +# # KUBECTL 1.25.3 - KUSTOMIZE 3.5.3 - HELM 3.1.1 - YQ 4.21.1 - ISTIOCTL 1.9.4 - FURYCTL 0.9.0 - BATS 1.1.0 +# image: quay.io/sighup/e2e-testing:1.1.0_0.9.0_3.1.1_1.9.4_1.25.3_3.5.3_4.21.1 +# pull: always +# volumes: +# - name: shared +# path: /shared +# depends_on: [init] +# commands: +# - export KUBECONFIG=/shared/kube/kubeconfig-125 +# - bats -t katalog/tests/gatekeeper.sh + +# - name: destroy +# image: quay.io/sighup/e2e-testing-drone-plugin:v1.25.3 +# pull: always +# depends_on: [e2e] +# settings: +# action: destroy +# pipeline_id: cluster-125 +# aws_default_region: +# from_secret: aws_region +# aws_access_key_id: +# from_secret: aws_access_key_id +# aws_secret_access_key: +# from_secret: aws_secret_access_key +# terraform_tf_states_bucket_name: +# from_secret: terraform_tf_states_bucket_name +# vsphere_server: +# from_secret: vsphere_server +# vsphere_password: +# from_secret: vsphere_password +# vsphere_user: +# from_secret: vsphere_user +# dockerhub_username: +# from_secret: dockerhub_username +# dockerhub_password: +# from_secret: dockerhub_password +# when: +# status: +# - success +# - failure + +# volumes: +# - name: shared +# temp: {} + --- +name: release kind: pipeline -name: test +type: docker + +# FIXME: enable when we have e2e working +# depends_on: +# - e2e-kubernetes-1.25 platform: os: linux arch: amd64 +trigger: + ref: + include: + - refs/tags/** + steps: - - name: katalog - image: python:3 + - name: prepare-tar-gz + image: alpine:latest + pull: always + depends_on: [clone] commands: - - apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y curl - - curl -L https://github.com/kubernetes-sigs/kustomize/releases/download/v1.0.10/kustomize_1.0.10_linux_amd64 -o /usr/local/bin/kustomize && chmod +x /usr/local/bin/kustomize && kustomize version - - pip install -rkatalog/tests/test-requirements.txt - - flake8 --ignore=E501 katalog/tests/test.py - - bash katalog/tests/pytest.sh - - rm -rf .pytest_cache katalog/tests/__pycache__ + - tar -zcvf fury-kubernetes-on-premises-${DRONE_TAG}.tar.gz katalog/ roles/ LICENSE README.md + when: + ref: + include: + - refs/tags/** + + - name: prepare-release-notes + image: quay.io/sighup/fury-release-notes-plugin:3.7_2.8.4 + pull: always + depends_on: [clone] + settings: + release_notes_file_path: release-notes.md + when: + ref: + include: + - refs/tags/** + + - name: publish-prerelease + image: plugins/github-release + pull: always + depends_on: + - prepare-tar-gz + - prepare-release-notes + settings: + api_key: + from_secret: github_token + file_exists: overwrite + files: + - fury-kubernetes-on-premises-${DRONE_TAG}.tar.gz + prerelease: true + overwrite: true + title: "Preview ${DRONE_TAG}" + note: release-notes.md + checksum: + - md5 + - sha256 + when: + ref: + include: + - refs/tags/v**-rc** + + - name: publish-stable + image: plugins/github-release + pull: always + depends_on: + - prepare-tar-gz + - prepare-release-notes + settings: + api_key: + from_secret: github_token + file_exists: overwrite + files: + - fury-kubernetes-on-premises-${DRONE_TAG}.tar.gz + prerelease: false + overwrite: true + title: "Release ${DRONE_TAG}" + note: release-notes.md + checksum: + - md5 + - sha256 when: - event: - - push + ref: + exclude: + - refs/tags/v**-rc** + include: + - refs/tags/v** diff --git a/docs/COMPATIBILITY_MATRIX.md b/docs/COMPATIBILITY_MATRIX.md index 8be1c4c..aa329d2 100644 --- a/docs/COMPATIBILITY_MATRIX.md +++ b/docs/COMPATIBILITY_MATRIX.md @@ -1,19 +1,20 @@ # Compatibility Matrix -| Module Version / Kubernetes Version | 1.15.X | 1.19.X | 1.20.15 | 1.21.14 | 1.22.13 | 1.23.12 | 1.24.7 | -|-------------------------------------------|:------------------:|:------------------:|:------------------:|:------------------:|:------------------:|:------------------:|:------------------:| -| v1.15.4 | :white_check_mark: | | | | | | | -| v1.19.7 | | :white_check_mark: | | | | | | -| v1.20.15 | | | :white_check_mark: | | | | | -| v1.21.14 | | | :white_check_mark: | :white_check_mark: | | | | -| v1.22.13 | | | | :warning: | :warning: | | | -| v1.23.12 | | | | :warning: | :warning: | :warning: | | -| v1.23.12-rev.1 | | | | :white_check_mark: | :white_check_mark: | :white_check_mark: | | -| v1.24.7 | | | | | | :white_check_mark: | :white_check_mark: | +| Module Version / Kubernetes Version | 1.15.X | 1.19.X | 1.20.15 | 1.21.14 | 1.22.13 | 1.23.12 | 1.24.7 | +| ----------------------------------- | :----------------: | :----------------: | :----------------: | :----------------: | :----------------: | :----------------: | :----------------: | +| v1.15.4 | :white_check_mark: | | | | | | | +| v1.19.7 | | :white_check_mark: | | | | | | +| v1.20.15 | | | :white_check_mark: | | | | | +| v1.21.14 | | | :white_check_mark: | :white_check_mark: | | | | +| v1.22.13 | | | | :warning: | :warning: | | | +| v1.23.12 | | | | :warning: | :warning: | :warning: | | +| v1.23.12-rev.1 | | | | :white_check_mark: | :white_check_mark: | :white_check_mark: | | +| v1.24.7 | | | | | | :white_check_mark: | :white_check_mark: | - :white_check_mark: Compatible - :warning: Has issues - :x: Incompatible Notes: -- `v1.23.12-rev.1` fixes an issue with yum-versionlock on RHEL systems, Ansible Roles can be used with `1.21.14`, `1.22.13` and `1.23.12` Kubernetes versions. \ No newline at end of file + +- `v1.23.12-rev.1` fixes an issue with yum-versionlock on RHEL systems, Ansible Roles can be used with `1.21.14`, `1.22.13` and `1.23.12` Kubernetes versions. diff --git a/docs/releases/v1.20.15.md b/docs/releases/v1.20.15.md index d7bd6cb..9a40ccb 100644 --- a/docs/releases/v1.20.15.md +++ b/docs/releases/v1.20.15.md @@ -7,20 +7,19 @@ SIGHUP. ⚠️ This minor relases consolidates the repository adding enhanced capabilities like the addition of the `containerd` ansible role. Docker installation was also removed from `kube-node-common` ansible role and moved to a dedicated `docker` ansible role. - ## Package Versions 🚢 -| Package | Supported Version | Previous Version | -|------------------------------------------------------|-------------------|-------------------| -| [vmware-cm](katalog/vmware-cm) | `1.2.1` | `Updated` | -| [vmware-csi](katalog/vmware-csi) | `2.1.0` | `Updated` | -| [etcd](roles/etcd) | `3.4.7` | `No update` | -| [haproxy](roles/haproxy) | `2.2` | `No update` | -| [containerd](roles/containerd) | `1.5.8` | `New Package` | -| [docker](roles/docker) | `19.X` | `Updated` | -| [kube-node-common](roles/kube-node-common) | `1.20.15` | `Updated` | -| [kube-control-plane](roles/kube-control-plane) | `1.20.15` | `Updated` | -| [kube-worker](roles/kube-worker) | `1.20.15` | `Updated` | +| Package | Supported Version | Previous Version | +| ---------------------------------------------- | ----------------- | ---------------- | +| [vmware-cm](katalog/vmware-cm) | `1.2.1` | `Updated` | +| [vmware-csi](katalog/vmware-csi) | `2.1.0` | `Updated` | +| [etcd](roles/etcd) | `3.4.7` | `No update` | +| [haproxy](roles/haproxy) | `2.2` | `No update` | +| [containerd](roles/containerd) | `1.5.8` | `New Package` | +| [docker](roles/docker) | `19.X` | `Updated` | +| [kube-node-common](roles/kube-node-common) | `1.20.15` | `Updated` | +| [kube-control-plane](roles/kube-control-plane) | `1.20.15` | `Updated` | +| [kube-worker](roles/kube-worker) | `1.20.15` | `Updated` | ## Removed packages 🚮 @@ -48,10 +47,11 @@ kustomize build | kubectl apply -f - ## vsphere-cm -The vSphere controller manager update can be executed before upgrading the cluster version to v1.20.x. +The vSphere controller manager update can be executed before upgrading the cluster version to v1.20.x. The current versions is compatible with Kubernetes 1.20.x and it's standard skew versions. Due to some changes on the manifests, you need to change the patch on the secrets used by the vsphere controller manager: + - rename Secret `vsphere-credentials` to `vsphere-cloud-secret` - rename Secret `cloud-config` to `vsphere-cloud-config` @@ -69,8 +69,7 @@ kustomize build | kubectl apply ## vsphere-csi -The vSphere CSI driver update is a little bit more complicated. In this version the CSI driver DaemonSet and Deployment -are moved to a new dedicated namespace `vmware-system-csi`. To address this we need to first delete the current CSI driver from the cluster: +The vSphere CSI driver update is a little bit more complicated. In this version the CSI driver DaemonSet and Deployment are moved to a new dedicated namespace `vmware-system-csi`. To address this we need to first delete the current CSI driver from the cluster: ```yaml kubectl delete -f katalog/vsphere-csi/vsphere-csi-controller-deployment.yaml @@ -85,5 +84,3 @@ and apply the new version: ```yaml kustomize build | kubectl apply -f - ``` - - diff --git a/docs/releases/v1.21.14.md b/docs/releases/v1.21.14.md index fa5a678..6e864f2 100644 --- a/docs/releases/v1.21.14.md +++ b/docs/releases/v1.21.14.md @@ -18,7 +18,6 @@ This minor release adds the compatibility with Kubernetes 1.21.14 and some gener | [kube-control-plane](roles/kube-control-plane) | `-` | `Updated` | | [kube-worker](roles/kube-worker) | `-` | `Updated` | - ## New features 🚀 This release adds some new features to the ansible roles: @@ -42,8 +41,7 @@ In this guide, we will try to summarize the update process from `v1.20.15` to th ## vsphere-cm -The vSphere controller manager update can be executed before upgrading the cluster version to v1.21.14. -The current version is compatible with Kubernetes 1.21.x and its standard skew versions. +The vSphere controller manager update can be executed before upgrading the cluster version to v1.21.14. The current version is compatible with Kubernetes 1.21.x and its standard skew versions. To upgrade, please run the following command: diff --git a/docs/releases/v1.22.13.md b/docs/releases/v1.22.13.md index ec10020..3371f25 100644 --- a/docs/releases/v1.22.13.md +++ b/docs/releases/v1.22.13.md @@ -31,8 +31,7 @@ In this guide, we will try to summarize the update process from `v1.21.14` to th ## vsphere-cm -The vSphere controller manager update can be executed before upgrading the cluster version to v1.22.13. -The current version is compatible with Kubernetes 1.22.x and its standard skew versions. +The vSphere controller manager update can be executed before upgrading the cluster version to v1.22.13. The current version is compatible with Kubernetes 1.22.x and its standard skew versions. To upgrade, please run the following command: @@ -49,4 +48,4 @@ To upgrade, please run the following command: ```yaml kustomize build | kubectl apply -f - -``` \ No newline at end of file +``` diff --git a/docs/releases/v1.23.12-rev.1.md b/docs/releases/v1.23.12-rev.1.md index bb80543..0f22d30 100644 --- a/docs/releases/v1.23.12-rev.1.md +++ b/docs/releases/v1.23.12-rev.1.md @@ -18,6 +18,6 @@ This revision release fixes a problem with RHEL systems. | [kube-control-plane](roles/kube-control-plane) | `-` | `No update` | | [kube-worker](roles/kube-worker) | `-` | `No update` | -# Bug Fixes 🐛 +## Bug Fixes 🐛 - Fixed a problem when using `yum-versionlock` with RHEL systems. diff --git a/docs/releases/v1.23.12.md b/docs/releases/v1.23.12.md index 2927446..2707008 100644 --- a/docs/releases/v1.23.12.md +++ b/docs/releases/v1.23.12.md @@ -6,17 +6,17 @@ This minor release adds the compatibility with Kubernetes 1.23.12. ## Package Versions 🚢 -| Package | Supported Version | Previous Version | -|------------------------------------------------------|-------------------|-------------------| -| [vmware-cm](katalog/vmware-cm) | `1.23.2` | `Updated` | -| [vmware-csi](katalog/vmware-csi) | `2.5.2` | `No update` | -| [etcd](roles/etcd) | `3.4.7` | `No update` | -| [haproxy](roles/haproxy) | `2.2` | `No update` | -| [containerd](roles/containerd) | `1.5.8` | `No update` | -| [docker](roles/docker) | `19.X` | `No update` | -| [kube-node-common](roles/kube-node-common) | `-` | `Updated` | -| [kube-control-plane](roles/kube-control-plane) | `-` | `No update` | -| [kube-worker](roles/kube-worker) | `-` | `No update` | +| Package | Supported Version | Previous Version | +| ---------------------------------------------- | ----------------- | ---------------- | +| [vmware-cm](katalog/vmware-cm) | `1.23.2` | `Updated` | +| [vmware-csi](katalog/vmware-csi) | `2.5.2` | `No update` | +| [etcd](roles/etcd) | `3.4.7` | `No update` | +| [haproxy](roles/haproxy) | `2.2` | `No update` | +| [containerd](roles/containerd) | `1.5.8` | `No update` | +| [docker](roles/docker) | `19.X` | `No update` | +| [kube-node-common](roles/kube-node-common) | `-` | `Updated` | +| [kube-control-plane](roles/kube-control-plane) | `-` | `No update` | +| [kube-worker](roles/kube-worker) | `-` | `No update` | ## Update Guide 🦮 @@ -31,8 +31,7 @@ In this guide, we will try to summarize the update process from `v1.22.13` to th ## vsphere-cm -The vSphere controller manager update can be executed before upgrading the cluster version to v1.23.12. -The current version is compatible with Kubernetes 1.23.x and its standard skew versions. +The vSphere controller manager update can be executed before upgrading the cluster version to v1.23.12. The current version is compatible with Kubernetes 1.23.x and its standard skew versions. To upgrade, please run the following command: diff --git a/docs/releases/v1.24.7.md b/docs/releases/v1.24.7.md index ef06de3..336ff8c 100644 --- a/docs/releases/v1.24.7.md +++ b/docs/releases/v1.24.7.md @@ -6,16 +6,16 @@ This minor release adds the compatibility with Kubernetes 1.24.7. ## Package Versions 🚢 -| Package | Supported Version | Previous Version | -|------------------------------------------------------|----------------------------|-------------------| -| [vmware-cm](katalog/vmware-cm) | [`1.24.2`][cm-changelog] | `1.23.2` | -| [vmware-csi](katalog/vmware-csi) | [`2.6.2`][csi-changelog] | `2.5.2` | -| [etcd](roles/etcd) | `3.4.7` | `No update` | -| [haproxy](roles/haproxy) | `2.2` | `No update` | -| [containerd](roles/containerd) | `1.6.8` | `1.5.8` | -| [kube-node-common](roles/kube-node-common) | `-` | `Updated` | -| [kube-control-plane](roles/kube-control-plane) | `-` | `No update` | -| [kube-worker](roles/kube-worker) | `-` | `No update` | +| Package | Supported Version | Previous Version | +| ---------------------------------------------- | ------------------------ | ---------------- | +| [vmware-cm](katalog/vmware-cm) | [`1.24.2`][cm-changelog] | `1.23.2` | +| [vmware-csi](katalog/vmware-csi) | [`2.6.2`][csi-changelog] | `2.5.2` | +| [etcd](roles/etcd) | `3.4.7` | `No update` | +| [haproxy](roles/haproxy) | `2.2` | `No update` | +| [containerd](roles/containerd) | `1.6.8` | `1.5.8` | +| [kube-node-common](roles/kube-node-common) | `-` | `Updated` | +| [kube-control-plane](roles/kube-control-plane) | `-` | `No update` | +| [kube-worker](roles/kube-worker) | `-` | `No update` | ## Docker Ansible Role removal 🗑️ @@ -32,17 +32,15 @@ In this guide, we will try to summarize the update process from `v1.23.12` to th 3. Update workers (see the [example playbooks](examples/playbooks)) 4. Update KFD if applicable (see the [KFD `1.24.x` release notes](https://github.com/sighupio/fury-distribution/tree/master/docs/releases)) -## node-role.kubernetes.io/master: "" label and taint removal +## node-role.kubernetes.io/master: "" label and taint removal -From this Kubernetes version, the label `node-role.kubernetes.io/master: ""` -has been removed from the master nodes, and replaced by label `node-role.kubernetes.io/control-plane: ""`. +From this Kubernetes version, the label `node-role.kubernetes.io/master: ""` has been removed from the master nodes, and replaced by label `node-role.kubernetes.io/control-plane: ""`. Taints `node-role.kubernetes.io/control-plane:NoSchedule` and `node-role.kubernetes.io/master:NoSchedule` are still present. ## vsphere-cm -The vSphere controller manager update can be executed before upgrading the cluster version to v1.24.7. -The current version is compatible with Kubernetes 1.24.x and its standard skew versions. +The vSphere controller manager update can be executed before upgrading the cluster version to v1.24.7. The current version is compatible with Kubernetes 1.24.x and its standard skew versions. To upgrade, please run the following command: @@ -50,7 +48,6 @@ To upgrade, please run the following command: kustomize build | kubectl apply -f - ``` - ## vsphere-csi The vSphere CSI driver update can be executed before upgrading the cluster version to v1.24.7. @@ -64,4 +61,3 @@ kustomize build | kubectl apply [csi-changelog]: https://docs.vmware.com/en/VMware-vSphere-Container-Storage-Plug-in/2.6/rn/vmware-vsphere-container-storage-plugin-26-release-notes/index.html [cm-changelog]: https://github.com/sighupio/fury-distribution -[kfd-docs]: https://docs.kubernetesfury.com/docs/distribution/ diff --git a/examples/playbooks/README.md b/examples/playbooks/README.md index a70ccb6..9cf5306 100644 --- a/examples/playbooks/README.md +++ b/examples/playbooks/README.md @@ -3,25 +3,29 @@ In this directory we provide example playbooks for deploying a Kubernetes cluster using Kubernetes Fury Distribution to on-premises virtual machines at version 1.23.12 and then how to upgrade it to 1.24.7. -- [Requirements](#requirements) -- [Cluster Architecture](#cluster-architecture) -- [Install phases](#install-phases) +- [Example Playbooks for Kubernetes cluster deployment with Fury](#example-playbooks-for-kubernetes-cluster-deployment-with-fury) + - [Requirements](#requirements) + - [Cluster Architecture](#cluster-architecture) + - [Install phases](#install-phases) - [Initialize PKI](#initialize-pki) - - [Install Container Runtime](#install-the-container-runtime) - - [Install Load Balancer](#install-the-load-balancer) + - [Install the Container Runtime](#install-the-container-runtime) + - [Containerd](#containerd) + - [Install the Load Balancer](#install-the-load-balancer) - [Provision Master and Worker Nodes](#provision-master-and-worker-nodes) -- [Upgrade cluster](#upgrade-cluster) -- [Utilities](#utilities) - - [How to migrate from Docker to Containerd](#how-to-migrate-from-docker-to-containerd) - + - [Upgrade cluster](#upgrade-cluster) + - [Utilities](#utilities) + - [How to migrate from Docker to Containerd](#how-to-migrate-from-docker-to-containerd) + ## Requirements To be able to run the examples, you need to have the following software installed: + - ansible >= 2.8.0 - furyagent - kubectl One of the following supported Operating Systems on the target machines: + - Ubuntu 20.04 LTS - RHEL 8 - Rocky 8 @@ -80,7 +84,6 @@ In this step you can choose which container runtime you want to use: - containerd - #### Containerd Run the `1.containerd.yml` playbook with: @@ -122,7 +125,7 @@ kubernetes_version='1.24.7' ``` > NOTE: the `kubernetes_version` must be one of the versions available in the roles, i.e. supported by this installer. - + > IMPORTANT: all the nodes must be in Ready status before running the upgrade. First you need to upgrade the control plane with the `55.upgrade-control-plane.yml` playbook with: diff --git a/katalog/tests/__pycache__/test.cpython-37-PYTEST.pyc b/katalog/tests/__pycache__/test.cpython-37-PYTEST.pyc deleted file mode 100644 index 113983d..0000000 Binary files a/katalog/tests/__pycache__/test.cpython-37-PYTEST.pyc and /dev/null differ diff --git a/katalog/tests/pytest.sh b/katalog/tests/pytest.sh deleted file mode 100644 index 4e00fd5..0000000 --- a/katalog/tests/pytest.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/usr/bin/env bash - -# set -x -set -e -set -u -set -o pipefail - -find . -type f \ - -name 'kustomization.yaml' \ - -not -path './examples/*' | \ -sort | \ -xargs dirname | \ -while read dir; do - echo "------------- RUNNING TESTS INTO $dir ---------" - kustomize build "$dir" > /dev/null - set +e - kustomize build "$dir" | pytest -svv --disable-pytest-warnings katalog/tests/test.py - set -e -done - -exit 0 diff --git a/katalog/tests/test-requirements.txt b/katalog/tests/test-requirements.txt deleted file mode 100644 index 864e13a..0000000 --- a/katalog/tests/test-requirements.txt +++ /dev/null @@ -1,3 +0,0 @@ -flake8==3.6.0 -pytest==4.0.2 -pyyaml==5.4 diff --git a/katalog/tests/test.py b/katalog/tests/test.py deleted file mode 100644 index fcfd4d2..0000000 --- a/katalog/tests/test.py +++ /dev/null @@ -1,115 +0,0 @@ -import fileinput -import pytest -import yaml - - -stdin = "" - - -def read_stdin(): - global stdin - with fileinput.input(files=("-")) as stream: - for line in stream: - stdin += line - - -def spec(): - if not stdin: - read_stdin() - - data = [] - for d in yaml.load_all(stdin): - data.append(d) - return data - - -@pytest.mark.parametrize('doc', spec()) -def test_api_version(doc): - allowed_api_version = [ - "v1", - "apps/v1", - "batch/v1beta1", - "monitoring.coreos.com/v1", - "rbac.authorization.k8s.io/v1", - "apiextensions.k8s.io/v1beta1", - "apiregistration.k8s.io/v1", - "storage.k8s.io/v1" - ] - assert doc['apiVersion'] in allowed_api_version - - -def get_images(): - images = [] - - for doc in spec(): - if doc["kind"] in ["DaemonSet", "Deployment", "Job", "StatefulSet"]: - for init_container in doc["spec"]["template"]["spec"].get("initContainers", []): - images.append(init_container["image"]) - - for container in doc["spec"]["template"]["spec"]["containers"]: - images.append(container["image"]) - - if doc["kind"] == "Pod": - for init_container in doc["spec"]["template"]["spec"].get("initContainers", []): - images.append(init_container["image"]) - - for container in doc["spec"]["containers"]: - images.append(container["image"]) - - if doc["kind"] == "CronJob": - for init_container in doc["spec"]["jobTemplate"]["spec"]["template"]["spec"].get("initContainers", []): - images.append(init_container["image"]) - - for container in doc["spec"]["jobTemplate"]["spec"]["template"]["spec"]["containers"]: - images.append(container["image"]) - - return images - - -@pytest.mark.parametrize('image', get_images()) -def test_image_latest_tag(image): - image_split = image.split(":") - if len(image_split) < 2: - tag = "latest" - else: - tag = image_split[-1] - assert tag != "latest" - - -@pytest.mark.parametrize('doc', spec()) -def test_default_namespace(doc): - not_namespaced = [ - "ComponentStatus", - "Namespace", - "Node", - "PersistentVolume", - "InitializerConfiguration", - "MutatingWebhookConfiguration", - "ValidatingWebhookConfiguration", - "CustomResourceDefinition", - "APIService", - "TokenReview", - "SelfSubjectAccessReview", - "SelfSubjectRulesReview", - "SubjectAccessReview", - "CertificateSigningRequest", - "PodSecurityPolicy", - "NodeMetrics", - "PodSecurityPolicy", - "ClusterRoleBinding", - "ClusterRole", - "PriorityClass", - "StorageClass", - "VolumeAttachment" - ] - - if doc["kind"] not in not_namespaced: - assert doc["metadata"].get("namespace", "default") != "default" - - -@pytest.mark.parametrize('doc', spec()) -def test_service_type(doc): - allowed_service_type = ["ClusterIP", "NodePort"] - if doc["kind"] == "Service": - service_type = doc["spec"].get("type", "ClusterIP") - assert service_type in allowed_service_type diff --git a/katalog/vsphere-cm/README.md b/katalog/vsphere-cm/README.md index d901756..758dcf6 100644 --- a/katalog/vsphere-cm/README.md +++ b/katalog/vsphere-cm/README.md @@ -15,7 +15,7 @@ This katalog deploys the [vSphere Cloud Controller Manager](https://github.com/k ## Image repository and tag -* vSphere cloud controller manager image: `gcr.io/cloud-provider-vsphere/cpi/release/manager:v1.24.2` +- vSphere cloud controller manager image: `gcr.io/cloud-provider-vsphere/cpi/release/manager:v1.24.2` ## Setting credentials @@ -46,7 +46,7 @@ data: The user to be able to interact with vCenter and to be able to provision volumes dynamically needs these permissions: -https://docs.vmware.com/en/VMware-vSphere-Container-Storage-Plug-in/2.0/vmware-vsphere-csp-getting-started/GUID-0AB6E692-AA47-4B6A-8CEA-38B754E16567.html + ## Install diff --git a/katalog/vsphere-csi/README.md b/katalog/vsphere-csi/README.md index d7bab72..80e61d1 100644 --- a/katalog/vsphere-csi/README.md +++ b/katalog/vsphere-csi/README.md @@ -8,14 +8,14 @@ Follow all the [prerequisites from `vsphere-cm` modules](../vsphere-cm/). ## Image repository and tag -* csi-attacher: `k8s.gcr.io/sig-storage/csi-attacher:v3.4.0` -* csi-resizer: `k8s.gcr.io/sig-storage/csi-resizer:v1.4.0` -* vsphere-csi-controller: `gcr.io/cloud-provider-vsphere/csi/release/driver:v2.6.2` -* liveness-probe: `k8s.gcr.io/sig-storage/livenessprobe:v2.7.0` -* vsphere-syncer: `gcr.io/cloud-provider-vsphere/csi/release/syncer:v2.6.2` -* csi-provisioner: `k8s.gcr.io/sig-storage/csi-provisioner:v3.2.1` -* node-driver-registrar: `k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.5.1` -* vsphere-csi-node: `gcr.io/cloud-provider-vsphere/csi/release/driver:v2.6.2` +- csi-attacher: `k8s.gcr.io/sig-storage/csi-attacher:v3.4.0` +- csi-resizer: `k8s.gcr.io/sig-storage/csi-resizer:v1.4.0` +- vsphere-csi-controller: `gcr.io/cloud-provider-vsphere/csi/release/driver:v2.6.2` +- liveness-probe: `k8s.gcr.io/sig-storage/livenessprobe:v2.7.0` +- vsphere-syncer: `gcr.io/cloud-provider-vsphere/csi/release/syncer:v2.6.2` +- csi-provisioner: `k8s.gcr.io/sig-storage/csi-provisioner:v3.2.1` +- node-driver-registrar: `k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.5.1` +- vsphere-csi-node: `gcr.io/cloud-provider-vsphere/csi/release/driver:v2.6.2` ## Setting credentials @@ -47,7 +47,7 @@ type: Opaque After setting all prerequisites and the password, you can apply all manifests to the cluster. -## Check that everything is working after installation: +## Check that everything is working after installation Run these commands, the output should be similar: diff --git a/roles/kube-control-plane/README.md b/roles/kube-control-plane/README.md index 909b7c3..7b9088a 100644 --- a/roles/kube-control-plane/README.md +++ b/roles/kube-control-plane/README.md @@ -1,6 +1,5 @@ +# kube-control-plane + -https://godoc.org/k8s.io/kubernetes/pkg/apis/componentconfig#KubeControllerManagerConfiguration - - -https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/ \ No newline at end of file + diff --git a/roles/kube-control-plane/files/kube.sh b/roles/kube-control-plane/files/kube.sh index a5f4e6b..5ca0150 100644 --- a/roles/kube-control-plane/files/kube.sh +++ b/roles/kube-control-plane/files/kube.sh @@ -1 +1,2 @@ +#!/bin/bash export KUBECONFIG=/etc/kubernetes/admin.conf \ No newline at end of file