From c03b38fe019cd3902ee1b46bd4912c45acb1a47f Mon Sep 17 00:00:00 2001 From: Atanas Dinov Date: Fri, 27 Sep 2024 16:41:09 +0300 Subject: [PATCH] make charts Signed-off-by: Atanas Dinov --- .../upgrade-controller-0.1.0.tgz | Bin 0 -> 6606 bytes charts/upgrade-controller/0.1.0/.helmignore | 23 +++ charts/upgrade-controller/0.1.0/Chart.yaml | 11 ++ .../0.1.0/charts/lifecycle-crds/Chart.yaml | 6 + .../templates/release-manifest-crd.yaml | 135 +++++++++++++ .../templates/upgrade-plan-crd.yaml | 180 ++++++++++++++++++ .../0.1.0/templates/NOTES.txt | 0 .../0.1.0/templates/_helpers.tpl | 83 ++++++++ .../0.1.0/templates/certificate.yaml | 28 +++ .../0.1.0/templates/clusterrole.yaml | 114 +++++++++++ .../0.1.0/templates/clusterrole_binding.yaml | 14 ++ .../0.1.0/templates/deployment.yaml | 85 +++++++++ .../0.1.0/templates/leader_election_role.yaml | 40 ++++ .../leader_election_role_binding.yaml | 15 ++ .../0.1.0/templates/serviceaccount.yaml | 14 ++ .../validating_webhook_configuration.yaml | 29 +++ .../0.1.0/templates/webhook_service.yaml | 15 ++ charts/upgrade-controller/0.1.0/values.yaml | 91 +++++++++ index.yaml | 16 ++ .../lifecycle-crds/dependency.yaml | 6 + 20 files changed, 905 insertions(+) create mode 100644 assets/upgrade-controller/upgrade-controller-0.1.0.tgz create mode 100644 charts/upgrade-controller/0.1.0/.helmignore create mode 100644 charts/upgrade-controller/0.1.0/Chart.yaml create mode 100644 charts/upgrade-controller/0.1.0/charts/lifecycle-crds/Chart.yaml create mode 100644 charts/upgrade-controller/0.1.0/charts/lifecycle-crds/templates/release-manifest-crd.yaml create mode 100644 charts/upgrade-controller/0.1.0/charts/lifecycle-crds/templates/upgrade-plan-crd.yaml create mode 100644 charts/upgrade-controller/0.1.0/templates/NOTES.txt create mode 100644 charts/upgrade-controller/0.1.0/templates/_helpers.tpl create mode 100644 charts/upgrade-controller/0.1.0/templates/certificate.yaml create mode 100644 charts/upgrade-controller/0.1.0/templates/clusterrole.yaml create mode 100644 charts/upgrade-controller/0.1.0/templates/clusterrole_binding.yaml create mode 100644 charts/upgrade-controller/0.1.0/templates/deployment.yaml create mode 100644 charts/upgrade-controller/0.1.0/templates/leader_election_role.yaml create mode 100644 charts/upgrade-controller/0.1.0/templates/leader_election_role_binding.yaml create mode 100644 charts/upgrade-controller/0.1.0/templates/serviceaccount.yaml create mode 100644 charts/upgrade-controller/0.1.0/templates/validating_webhook_configuration.yaml create mode 100644 charts/upgrade-controller/0.1.0/templates/webhook_service.yaml create mode 100644 charts/upgrade-controller/0.1.0/values.yaml create mode 100644 packages/upgrade-controller/generated-changes/dependencies/lifecycle-crds/dependency.yaml diff --git a/assets/upgrade-controller/upgrade-controller-0.1.0.tgz b/assets/upgrade-controller/upgrade-controller-0.1.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..e35a43f83ef8b66ec6601eaffc0a546ca9ef7079 GIT binary patch literal 6606 zcmV;<88PM`iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKDHbKJJ^cz)(zf$zDU+OEiZ=;8EcG8t8tQ%!6~qm$ilYx(2i z$h|v6Aiw~i?2D7n-~Jgq_~!AbN942>G83N&V0W>=E_N47Fin;MN8pE?DZwcPF+5sf zp@KDz=~s7CMx)W_U~kX-I~tAZ|Bm*?$D>S+z{GBD0 z3X88sx5iZ;+`mb|33&@b63(XRYU1G}$^RS$<6z`PkN}H-g#_f(^HIoIM3iX|ibw{) z@SH;AA;fSDQ$)!E!gWZ&*VP_E0unBX;$l5T3qoN!90tQsuQ54nG`^}Mm!TkuMR$n) z1~f*dD_U@Y-q^K^j`FqZSsI#)+EeQUrU)kqB_Y=Eyc()6JrQ51w8;MzrYXofQ~+D# zfA?TKs>}amfB!-L@1s0I&tZX6s*s&_BUsHv5qOW#`HDzHB*N$)hp%4x3oc@;6hua< zb%W;+QY-*nVL`M~kVtVf2b5qbAwq;Hj@CRCNI{%XtUv~yC%}m05l@+#qOs?Z7%yR3 zQyc=8L@KckcmhnO5&|xkLn5z+`i~(*ODL4dP}7YG1EDD!wrB%{l9bX@PD!|)qLamI zu1*C=V9G=25&Gc@gdmX~zzUEd2r0ZoA6HxgiX6j;t+x88P@I8>bmJ)+3_K6ml^qHN zEa4SqWC2p?N65mx-OwCdKX!mUgf7!Lgo@r73J1@C%T?w$*c}DCZmv#KN@oxXP;!di zy*D~IJA zurgbZ{WV2Oq+kFYri#Z{kq}e5MzQIL(X4{Hb@aQF;1GRtYKW7l8f~d9LRN<4E z7m>0<`I@sc&I_(c2tytxr-GYJ-K-D0$)2T5krH8@ z>7&D!FZEAMDgSsX$Q7Zmgku?EimfrQz*K_geT4an^Gi3e(|ow@xvx2GC&>v`t0@|; z08_R4**-F`z8-x&_7EbB==Jp+C|=J%TTpU}#`~HG5XA7@KAVg@0XQOCQR!CezL;7N zjYppM2p!UocrDQ-Kw?!H2!*aVO=Ca{BBVlup%6yo|6$Uf!9 zPQ)}{92Vs(En;nWjg+4neh!8zPKK9XOTUV9Xe5;_4Q@Hmy)@^4V07&S!DBpv8Bhon z7j~^EPPJfK8GHBM^YCJ!=VfiHwWX^E>kMZH=S%JXE%sl&I}cy~aDF@s)F*X29NYXq z{kv-a9qf;uJ=lNuQ99@U!wP5uLIx_ijVrKa{`YqG_G|P1Y;Q7pnE(4IpFac%^}381SEM3==*dIf`I~Q2fiRcBfHH}5)*A)8AFdq^mx8DOnLr#rrT8#`m)#`-?2 zr!t502Q!T6H~r_fpfP8N1rnTDZrQ#Wot1~zBrXwzsRbJRQTl(BgBmQ0wEs$L|5;go zrHR#Ytlk8CXI(n@VR`y>!Te(yDSiILsYyU5Aq- zxXgt*Abgnnte-!(bomASlyU_%o;0DvnBgTv{(Nl#Wh=}%9<4mhtitPXwLW0Kl^Scu zZsDC(6+!!W2$Kr45UQgo3uN26uWu0Ter(TymR<4Jo77shS>U|k+BWmJiw%X=44!NP z%gW;}>6Hw@!2KBX0t_5C=)#v|$sqDAnr>2VLPHn!!dolj{nAF(@3?f@|0Sm1<~U%B{XagK>{adm$!M}S zez5=Vqm#K%EjWNsb9WAT zoNxwAP0K;G8?fs}jEa~v&-HJA8?v^|N#hJQp$X(w_?rO^LL1->C=W69klX6cU}5K} zvYhpUTdqGn?;nX;xoBx-9k^JhZBveDYTE7JLGic%^#!)8ZvAh$DLDNt_5bAAZbSd? zP9DyG@1@k$pqS$@z^PhsL4Gzt?BMciSyhO3Rh)5JRfxT0sbr4Zb$=&nRHW2qr{IKq zCwQ7TAYO0edJFR%sss+c*tZ zz&aS6w3B0E5+PQKLMt0}z0E@EKk_t*vbqgS=#RBOPx6!bz#QF&JZ{2u0mv*5;P$iG z2dR_LgyQ<*>nR6`TQYq(dtHKt3&JoZKZB^z=1|=p!KMjp9a#gN1J$)yZq8WC!#?`I z@BaT`PFO_P@+Nk`w)4Md_59DtWHf#_|GAfP^S%GCc0v4ZOaM;7+4-5Ib&SZ%e1Wnt zb2Iv7I{y(uWy}u?vzlhq7i?QZ^cvpV4d=g8{loPW(!saL|Nj2&v%391-aB}Z z|NAIq`Nv5j3sHZbPyQWxRO=*MHY%W`o)RRvOIE}Q_+iysD9v-1xpuMWR!rKZABU{^scm)&x?%Gv_Y_iz4se02Wu8sJ^Nc|WjkkI!Z& zKfJyc;Hx5Apbhlw`0VY;(ea1FqoW_*ygoNmb?39B^;(OTD0ND>P>tnTh_f44HAtQx zLs#+Us=?+rZ|+`XK{tUUf-4?!Iz{J4r=_|^Vsuejv`3|Nhwf-5L3e_!Ht&R6a3v<%HvE(^@L>2Hab4Rko!K$V+&OjO%VxU7KG6OF7-SXjVyrzEgZz?sUlt z%Cf2N6i+E>yJ%I;qB1WJSpUCL6$L2HiUv}LD^aqw-op; zV#Y4C+dv<3E+WEefvg%mhAY24EjK=?`O+)?p_I$D_5TeH0=DV@(WoB(-`#)qaQ=TU zdyGi&aeG8>@QBbxW)HK$$cZ6H&t~*P@ZG;1Ae8BbNn8s1ehN!?^Be^rbU!uypbAAb| z5}d1(koBv*Tyo3#@09;5Oi6?lVapFLRQSPqJE@I|^wbF3?7xHE+WWtgz5V@%{EvGn zmGj@o1p?fCG3_Sc+k8>DH=2&hOXAj6VX@}&yBI2K?(T%XA;a}o00`3tnjd0+A$Yu5 z4-K!Kkncv8<$Y#+KZ7d*AKiT9AxB^9TSFfuz?5b8w0b&OgeQCPd{c6L1?G(*9<;nCUg;rVgp(VNrfulNUiktUK=#h3j`PlS z;?R~(TYYz-(&lbS<$$z&b=38aR_jNq)l8(@q#f<`Hw;_kKUe{c$&zsaceBQ}$^U-c z{u}R4CJ+AKy_84j6e|V79{$)_M;}+f&^#qHB5a8g9A4rj$ovjSnI=YHkX!+!Xi53p zCe9JI+(7~;R^$qdT~K!!J43=gWMUN8!3-Spf>v;XYCjt6_(KX`C^wcDw1O%dl zLEr_?XCG#Y3-BHxcUQ&RqZx{bkY2DPYH0p%$@hZ!&tho)pFLPDhx&inpYn%sI5r^LI~MJcarji9w4Oo*C*(d;Hewr!$=Au(>0+YW}IIp+u_h+iG7D z*CL^*z_dx0^Ss$IrC2nowN)N+t+H}IB`R*I&pie^;#$Z+hAW8iv>ZTSho>iRcW1Q< zgep3=HiGP$Y1_+O&#nKgj{_Z^o|Mx^1y4YfZr5$ZJL(y#6&il=8~Ll6beB16uj#R5 zIaWaA#%r&JA`%Hm?2X#i+~W&`8RF*1GiU&xncG%ncDHlL*%b(d1cZFa$j>=+nccf= zG?7AtX*&^9o04m7%sT8CuaN+a7p1HO(Oq-jX#YxEz=SRM)ZDx)r^Dfrs7w?>9>*yo zYHhB`7G$0(F61zRE1*M3mOd8YiYN$GDqx5c;+w%R6FCav=usXGsv)*Jqf~;hWu?lj z`fE;>mIZrNy9H^zT8*?F^5R5WejP&QkdvxF@`*q#f)V*?dflyJh_ zt-vN|iDWvDiPFpBr_`)h#hZYSOi0#Tl4w$qqGpp5hK_Iy^a$Gvv+s58^c+cFPe||C ztH111?O>T*sVcwn(mLHW{V+=)tVm=8k_as^3M+F{Tbsfx$|g;LOy;<|ho+^jyQeP2 zoi^?D+aVYzyB(GNK%mmq^_`76=CNAzD%MQy2Ips3J6dgA2NiUeF!?WM!ggf7UMd~6 znu!~#x8irff3}>hrGl3CK5XeT4`BjkD~B$&^_qc1fKqGoLfUOXxrh!#hay~cE+V2J z-m=Por5ibv6(4>2`ryOC-qvPV>*Ou%dal=)uoFW)8gJzn76Pv~w(22Ay=eM*og^Sm zp5GEsAKA#4T}PW@L3K2$E|rdk+r-|_hksM4{K&;6I^ zBXa)KZvZ#{h|yhwwa&{uvc0G2aE(FqGaroZ(ravMs~*}bYg(G@t!=kkFFlR8K3hv4 zO|BKz%`|2=biZVA?@#t0?ti|Q@|(r~%js=xvHvfcf0+f@Y@oT=ZA{WDEZ0-ya$C()m&=oB&$cwo zmPE|!B~jiY!RilHI4&L2#n3aF^MSVKnC4lg*E))EAK*RBvN?-mm{LvS2&N_RF*|;# zrib49(MyTy4aY8J+8>Tw9*$g!@^IwxpL^s|(hJ*iJaY zd0uL4sIPuA*X!Waz`!RQClt_NHy8zzK^v6cTd=6Si}VQ;-E1QXIkPIM zbvbv)S%ucYQ3j^?dSe6%6KXXa*Bgrw|NLX2sSx)2`OT6K$>_4f(-V}rkiiA>egA^l zymBSd&`h*8GMQE%3*N4OA|i}+DZzY7li4MXur+|Jwlw+Yft{G3U`v3|iw#iSqT0D& z=09a#5P8A5n=VV=XI-OP4~OV1H`z4aR+x5P-MhouBu5L*|0FYhS>6OCnBQxi(nhzY zrWFMiFhv)G!z)av-nB0VJLqC?D)>@>)XtTDpv{1b!E>;B`C?FDY=!w}b6L+T5KH(T z*57E{B^qt*%z4Y-#JX9zT04U0>jb`uaiX8MqPQqEeua}dntTOH^zOa3>8{2>u`2)d zqvULQF(~-6!(+X=6Sck=v~MJ3nx_{7OZ5O%MmoJ17$OGt^_+RSm|hI#YXx#=ydxml z(GKS~1=fqfzp~ZRHAwUQboY5#-S*cFByQd7D3@QL;*r4 z3v2ukiL~cpw%{Gzk)c#(UY4Oahp07<)d>!aan!;P5~by3Gm&=dnIiLEtA=?SBO?YW z@$ydQ%Ym}~<|>UbGgoHn!4!2YGCB5anQLx5=c(0@#q@2RA?4k@jGDd?c2NHUK47`_crVa@@sULMH{o~s#5R~OC&*|Io1Yy znsl@C1s5p$@am4ab)yXp$@d1jM&rp2n!7n`ZVB%`y$@OjLnQjkPK{FST%=~Rc6YpO zD&}o0XWD1hdu6Z6HvDWP+ogvv)sevy6Gq}Ro}$r~m75eV%PqGgH&W(pwEdbL}9 zI4C78kBeB+R!!m*kk#CJz%Ei{^iVGaG#*Vl7hc|OVq<*#G(cWA|g^ z|K-EZ^!?M)pYNZ1`-j`8yLKm{D3vwr_S($+&eq3{*@*c9or@H9&HHYi+Fu&Myc;9uGT0p`~H^ zU3gz%wnl{-x9_3X#Z4-$ad9ZPl*JVih>}Y{xutJ6hdG4UctT=Ml)z$Lasp9^8Jc$~ z{8YjsrRcE)K<0Yq=05Yp?k0FnC{b&3ODu$(EhusBTAXm9Fl#wxD9X9fkW2W4h_bH* zgVdcLM@){#ligW5k9dp;dl9SQlW!mYlwzvYZ1ft(@FG@EdRZLfgC3&%_?;El_mAKC z?$^`o(UWfN^0Q!JHOBY!TYCAzAe=~xrIj99ye+l?i-sryKrN@-Muze z=U+Q(uiogK-XcI%i@Rw*(T{QBU&4BWlH5o~6Oct5Dl$7WG_29 zS9~fLX6no@a~3C&m6OSpHac?@bX^X%UNa8X*TSw0@rPE6vt%dIwKjFaONdZm*R}^o z?B-P(U4UKzX3E$t`B9@*Zk*B9J%5{#*=;+@G}P*4mM#|L(@jI5vo}Wtkc=17{)HnK z1;><@)VRG^&qnlTZ;q}#YJ`rACu1Pk+p*)m_@?TQ^F8~1l M|BA&vl>nds0K4J(rvLx| literal 0 HcmV?d00001 diff --git a/charts/upgrade-controller/0.1.0/.helmignore b/charts/upgrade-controller/0.1.0/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/upgrade-controller/0.1.0/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/upgrade-controller/0.1.0/Chart.yaml b/charts/upgrade-controller/0.1.0/Chart.yaml new file mode 100644 index 00000000..ab799b49 --- /dev/null +++ b/charts/upgrade-controller/0.1.0/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +appVersion: 0.1.0 +dependencies: +- condition: crds.enabled + name: lifecycle-crds + repository: file://./charts/lifecycle-crds + version: 0.1.0 +description: A Helm chart for Upgrade Controller +name: upgrade-controller +type: application +version: 0.1.0 diff --git a/charts/upgrade-controller/0.1.0/charts/lifecycle-crds/Chart.yaml b/charts/upgrade-controller/0.1.0/charts/lifecycle-crds/Chart.yaml new file mode 100644 index 00000000..61c67a7e --- /dev/null +++ b/charts/upgrade-controller/0.1.0/charts/lifecycle-crds/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +appVersion: 0.1.0 +description: A Helm chart containing SUSE Lifecycle CRDs +name: lifecycle-crds +type: application +version: 0.1.0 diff --git a/charts/upgrade-controller/0.1.0/charts/lifecycle-crds/templates/release-manifest-crd.yaml b/charts/upgrade-controller/0.1.0/charts/lifecycle-crds/templates/release-manifest-crd.yaml new file mode 100644 index 00000000..06d416fc --- /dev/null +++ b/charts/upgrade-controller/0.1.0/charts/lifecycle-crds/templates/release-manifest-crd.yaml @@ -0,0 +1,135 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: releasemanifests.lifecycle.suse.com +spec: + group: lifecycle.suse.com + names: + kind: ReleaseManifest + listKind: ReleaseManifestList + plural: releasemanifests + singular: releasemanifest + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ReleaseManifest is the Schema for the releasemanifests API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ReleaseManifestSpec defines the desired state of ReleaseManifest + properties: + components: + properties: + kubernetes: + properties: + k3s: + properties: + version: + type: string + required: + - version + type: object + rke2: + properties: + version: + type: string + required: + - version + type: object + required: + - k3s + - rke2 + type: object + operatingSystem: + properties: + cpeScheme: + type: string + prettyName: + type: string + supportedArchs: + items: + enum: + - x86_64 + - aarch64 + type: string + minItems: 1 + type: array + version: + type: string + zypperID: + type: string + required: + - cpeScheme + - prettyName + - supportedArchs + - version + - zypperID + type: object + workloads: + properties: + helm: + items: + properties: + addonCharts: + x-kubernetes-preserve-unknown-fields: true + chart: + type: string + dependencyCharts: + x-kubernetes-preserve-unknown-fields: true + prettyName: + type: string + releaseName: + type: string + repository: + type: string + values: + x-kubernetes-preserve-unknown-fields: true + version: + type: string + required: + - chart + - prettyName + - releaseName + - version + type: object + type: array + required: + - helm + type: object + required: + - kubernetes + - operatingSystem + - workloads + type: object + releaseVersion: + type: string + required: + - releaseVersion + type: object + status: + description: ReleaseManifestStatus defines the observed state of ReleaseManifest + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/upgrade-controller/0.1.0/charts/lifecycle-crds/templates/upgrade-plan-crd.yaml b/charts/upgrade-controller/0.1.0/charts/lifecycle-crds/templates/upgrade-plan-crd.yaml new file mode 100644 index 00000000..6d4d276d --- /dev/null +++ b/charts/upgrade-controller/0.1.0/charts/lifecycle-crds/templates/upgrade-plan-crd.yaml @@ -0,0 +1,180 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: upgradeplans.lifecycle.suse.com + annotations: + cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "upgrade-controller.certificate" . }} +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + namespace: {{ .Release.Namespace }} + name: {{ include "upgrade-controller.webhookServiceName" $ }} + path: /convert + conversionReviewVersions: + - v1 + group: lifecycle.suse.com + names: + kind: UpgradePlan + listKind: UpgradePlanList + plural: upgradeplans + singular: upgradeplan + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: UpgradePlan is the Schema for the upgradeplans API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: UpgradePlanSpec defines the desired state of UpgradePlan + properties: + disableDrain: + description: DisableDrain specifies whether control-plane and worker + nodes drain should be disabled. + properties: + controlPlane: + type: boolean + worker: + type: boolean + type: object + helm: + description: |- + Helm specifies additional values for components installed via Helm. + It is only advised to use this field for values that are critical for upgrades. + Standard chart value updates should be performed after + the respective charts have been upgraded to the next version. + items: + properties: + chart: + type: string + values: + x-kubernetes-preserve-unknown-fields: true + required: + - chart + - values + type: object + type: array + releaseVersion: + description: |- + ReleaseVersion specifies the target version for platform upgrade. + The version format is X.Y.Z, for example "3.0.2". + type: string + required: + - releaseVersion + type: object + status: + description: UpgradePlanStatus defines the observed state of UpgradePlan + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + lastSuccessfulReleaseVersion: + description: LastSuccessfulReleaseVersion is the last release version + that this UpgradePlan has successfully upgraded to. + type: string + observedGeneration: + description: ObservedGeneration is the currently tracked generation + of the UpgradePlan. Meant for internal use only. + format: int64 + type: integer + sucNameSuffix: + description: |- + SUCNameSuffix is the suffix added to all resources created for SUC. Meant for internal use only. + Changes for each new ObservedGeneration. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/upgrade-controller/0.1.0/templates/NOTES.txt b/charts/upgrade-controller/0.1.0/templates/NOTES.txt new file mode 100644 index 00000000..e69de29b diff --git a/charts/upgrade-controller/0.1.0/templates/_helpers.tpl b/charts/upgrade-controller/0.1.0/templates/_helpers.tpl new file mode 100644 index 00000000..ed881638 --- /dev/null +++ b/charts/upgrade-controller/0.1.0/templates/_helpers.tpl @@ -0,0 +1,83 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "upgrade-controller.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "upgrade-controller.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "upgrade-controller.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "upgrade-controller.labels" -}} +helm.sh/chart: {{ include "upgrade-controller.chart" . }} +{{ include "upgrade-controller.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "upgrade-controller.selectorLabels" -}} +app.kubernetes.io/name: {{ include "upgrade-controller.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "upgrade-controller.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "upgrade-controller.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Webhook service name +*/}} +{{- define "upgrade-controller.webhookServiceName" -}} +{{ .Release.Name }}-webhook +{{- end }} + +{{/* +Certificate issuer name +*/}} +{{- define "upgrade-controller.certificateIssuer" -}} +{{ .Release.Name }}-self-signed-issuer +{{- end }} + +{{/* +Certificate name +*/}} +{{- define "upgrade-controller.certificate" -}} +{{ .Release.Name }}-serving-cert +{{- end }} diff --git a/charts/upgrade-controller/0.1.0/templates/certificate.yaml b/charts/upgrade-controller/0.1.0/templates/certificate.yaml new file mode 100644 index 00000000..088e6269 --- /dev/null +++ b/charts/upgrade-controller/0.1.0/templates/certificate.yaml @@ -0,0 +1,28 @@ +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + labels: + {{- include "upgrade-controller.labels" . | nindent 4 }} + name: {{ include "upgrade-controller.certificateIssuer" . }} + namespace: {{ .Release.Namespace }} +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + labels: + {{- include "upgrade-controller.labels" . | nindent 4 }} + app.kubernetes.io/component: certificate + name: {{ include "upgrade-controller.certificate" . }} + namespace: {{ .Release.Namespace }} +spec: + dnsNames: + - {{ include "upgrade-controller.webhookServiceName" . }}.{{ .Release.Namespace }}.svc + - {{ include "upgrade-controller.webhookServiceName" . }}.{{ .Release.Namespace }}.svc.cluster.local + issuerRef: + kind: Issuer + name: {{ include "upgrade-controller.certificateIssuer" . }} + {{- with first .Values.volumes }} + secretName: {{ .secret.secretName }} + {{- end }} diff --git a/charts/upgrade-controller/0.1.0/templates/clusterrole.yaml b/charts/upgrade-controller/0.1.0/templates/clusterrole.yaml new file mode 100644 index 00000000..4293058e --- /dev/null +++ b/charts/upgrade-controller/0.1.0/templates/clusterrole.yaml @@ -0,0 +1,114 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "upgrade-controller.fullname" . }} + labels: + {{- include "upgrade-controller.labels" . | nindent 4 }} +rules: +- apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - watch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - get + - list + - watch +- apiGroups: + - batch + resources: + - jobs/status + verbs: + - get +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - helm.cattle.io + resources: + - helmcharts + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - helm.cattle.io + resources: + - helmcharts/status + verbs: + - get +- apiGroups: + - lifecycle.suse.com + resources: + - releasemanifests + verbs: + - create + - get + - list + - watch +- apiGroups: + - lifecycle.suse.com + resources: + - upgradeplans + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - lifecycle.suse.com + resources: + - upgradeplans/finalizers + verbs: + - update +- apiGroups: + - lifecycle.suse.com + resources: + - upgradeplans/status + verbs: + - get + - patch + - update +- apiGroups: + - upgrade.cattle.io + resources: + - plans + verbs: + - create + - delete + - get + - list + - watch diff --git a/charts/upgrade-controller/0.1.0/templates/clusterrole_binding.yaml b/charts/upgrade-controller/0.1.0/templates/clusterrole_binding.yaml new file mode 100644 index 00000000..618ebaa3 --- /dev/null +++ b/charts/upgrade-controller/0.1.0/templates/clusterrole_binding.yaml @@ -0,0 +1,14 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "upgrade-controller.fullname" . }} + labels: + {{- include "upgrade-controller.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "upgrade-controller.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ include "upgrade-controller.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/upgrade-controller/0.1.0/templates/deployment.yaml b/charts/upgrade-controller/0.1.0/templates/deployment.yaml new file mode 100644 index 00000000..619cedf1 --- /dev/null +++ b/charts/upgrade-controller/0.1.0/templates/deployment.yaml @@ -0,0 +1,85 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "upgrade-controller.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "upgrade-controller.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "upgrade-controller.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "upgrade-controller.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "upgrade-controller.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: + - --leader-elect + - --health-probe-bind-address=:8081 + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: RELEASE_MANIFEST_IMAGE + value: {{ .Values.env.releaseManifest.image }} + - name: KUBECTL_IMAGE + value: {{ .Values.env.kubectl.image }} + - name: KUBECTL_VERSION + value: {{ .Values.env.kubectl.version }} + - name: SERVICE_ACCOUNT_NAME + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + ports: + - name: {{ .Values.webhookService.name }} + containerPort: {{ .Values.webhookService.targetPort }} + protocol: TCP + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/upgrade-controller/0.1.0/templates/leader_election_role.yaml b/charts/upgrade-controller/0.1.0/templates/leader_election_role.yaml new file mode 100644 index 00000000..4e920cc9 --- /dev/null +++ b/charts/upgrade-controller/0.1.0/templates/leader_election_role.yaml @@ -0,0 +1,40 @@ +# permissions to do leader election. +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "upgrade-controller.fullname" . }}-leader-election + namespace: {{ .Release.Namespace }} + labels: + {{- include "upgrade-controller.labels" . | nindent 4 }} +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/charts/upgrade-controller/0.1.0/templates/leader_election_role_binding.yaml b/charts/upgrade-controller/0.1.0/templates/leader_election_role_binding.yaml new file mode 100644 index 00000000..c73a21f1 --- /dev/null +++ b/charts/upgrade-controller/0.1.0/templates/leader_election_role_binding.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "upgrade-controller.fullname" . }}-leader-election + namespace: {{ .Release.Namespace }} + labels: + {{- include "upgrade-controller.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "upgrade-controller.fullname" . }}-leader-election +subjects: +- kind: ServiceAccount + name: {{ include "upgrade-controller.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/upgrade-controller/0.1.0/templates/serviceaccount.yaml b/charts/upgrade-controller/0.1.0/templates/serviceaccount.yaml new file mode 100644 index 00000000..a4a52103 --- /dev/null +++ b/charts/upgrade-controller/0.1.0/templates/serviceaccount.yaml @@ -0,0 +1,14 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "upgrade-controller.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "upgrade-controller.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/charts/upgrade-controller/0.1.0/templates/validating_webhook_configuration.yaml b/charts/upgrade-controller/0.1.0/templates/validating_webhook_configuration.yaml new file mode 100644 index 00000000..6e81aaf0 --- /dev/null +++ b/charts/upgrade-controller/0.1.0/templates/validating_webhook_configuration.yaml @@ -0,0 +1,29 @@ +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: {{ include "upgrade-controller.fullname" . }}-validating-webhook-configuration + labels: + {{- include "upgrade-controller.labels" . | nindent 4 }} + annotations: + cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "upgrade-controller.certificate" . }} +webhooks: + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: {{ include "upgrade-controller.webhookServiceName" . }} + namespace: {{ .Release.Namespace }} + path: /validate-lifecycle-suse-com-v1alpha1-upgradeplan + failurePolicy: Fail + name: upgrade-plan-policy.suse.com + rules: + - apiGroups: + - lifecycle.suse.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - upgradeplans + sideEffects: None diff --git a/charts/upgrade-controller/0.1.0/templates/webhook_service.yaml b/charts/upgrade-controller/0.1.0/templates/webhook_service.yaml new file mode 100644 index 00000000..3758a0eb --- /dev/null +++ b/charts/upgrade-controller/0.1.0/templates/webhook_service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "upgrade-controller.webhookServiceName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "upgrade-controller.labels" . | nindent 4 }} +spec: + type: {{ .Values.webhookService.type }} + ports: + - port: {{ .Values.webhookService.port }} + targetPort: {{ .Values.webhookService.targetPort }} + protocol: TCP + selector: + {{- include "upgrade-controller.selectorLabels" . | nindent 4 }} diff --git a/charts/upgrade-controller/0.1.0/values.yaml b/charts/upgrade-controller/0.1.0/values.yaml new file mode 100644 index 00000000..88cc294c --- /dev/null +++ b/charts/upgrade-controller/0.1.0/values.yaml @@ -0,0 +1,91 @@ +# Default values for upgrade-controller. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: registry.opensuse.org/isv/suse/edge/lifecycle/containerfile/upgrade-controller + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +env: + releaseManifest: + image: registry.opensuse.org/isv/suse/edge/lifecycle/containerfile/release-manifest + kubectl: + image: registry.opensuse.org/isv/suse/edge/lifecycle/containerfile/kubectl + version: 1.30.3 + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + +securityContext: + capabilities: + drop: + - ALL + allowPrivilegeEscalation: false + +webhookService: + name: webhook-server + type: ClusterIP + port: 443 + targetPort: 9443 + +resources: {} + +livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 +readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + +# Always keep the cert volume first in case others are appended +# or adjust the certificate resources lookup. +volumes: + - name: cert + secret: + secretName: webhook-server-cert + defaultMode: 420 + optional: false + +volumeMounts: + - name: cert + mountPath: "/tmp/k8s-webhook-server/serving-certs" + readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +crds: + enabled: true diff --git a/index.yaml b/index.yaml index 9a93970f..abe360d1 100755 --- a/index.yaml +++ b/index.yaml @@ -1638,4 +1638,20 @@ entries: urls: - assets/sriov-network-operator/sriov-network-operator-1.1.0+up0.1.0.tgz version: 1.1.0+up0.1.0 + upgrade-controller: + - apiVersion: v2 + appVersion: 0.1.0 + created: "2024-09-27T16:39:46.486857+03:00" + dependencies: + - condition: crds.enabled + name: lifecycle-crds + repository: file://./charts/lifecycle-crds + version: 0.1.0 + description: A Helm chart for Upgrade Controller + digest: 03e38b9d8bedb8437d5816e2d8bd7b07eea5369bfcc399797903557fc6b80f45 + name: upgrade-controller + type: application + urls: + - assets/upgrade-controller/upgrade-controller-0.1.0.tgz + version: 0.1.0 generated: "2023-10-17T12:11:15.900212+03:00" diff --git a/packages/upgrade-controller/generated-changes/dependencies/lifecycle-crds/dependency.yaml b/packages/upgrade-controller/generated-changes/dependencies/lifecycle-crds/dependency.yaml new file mode 100644 index 00000000..0b504894 --- /dev/null +++ b/packages/upgrade-controller/generated-changes/dependencies/lifecycle-crds/dependency.yaml @@ -0,0 +1,6 @@ +workingDir: "" +url: https://github.com/suse-edge/upgrade-controller.git +subdirectory: helm/upgrade-controller/charts/lifecycle-crds +commit: bac33b4be264fc482b16431be124d63deed8deae +ignoreDependencies: [] +replacePaths: []