Skip to content

Commit e077394

Browse files
committed
Merge remote-tracking branch 'origin/main' into k0s-1-28
2 parents 087eeaa + a0bf390 commit e077394

File tree

171 files changed

+13247
-949
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

171 files changed

+13247
-949
lines changed

.github/PULL_REQUEST_TEMPLATE.md

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
#### What this PR does / why we need it:
2+
<!--
3+
Describe the purpose of this change and the problem it solves.
4+
-->
5+
6+
#### Which issue(s) this PR fixes:
7+
<!--
8+
Link to the Shortcut story or Github issue this PR fixes.
9+
-->
10+
11+
#### Does this PR require a test?
12+
<!---
13+
If no, just write "NONE" below.
14+
-->
15+
16+
#### Does this PR require a release note?
17+
<!--
18+
If no, just write "NONE" in the release-note block below.
19+
If yes, a release note is required:
20+
-->
21+
```release-note
22+
23+
```
24+
25+
#### Does this PR require documentation?
26+
<!--
27+
If no, just write "NONE" below.
28+
If yes, link to the related https://github.com/replicatedhq/replicated-docs documentation PR:
29+
-->

.github/dependabot.yml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,21 @@ updates:
1616
update-types:
1717
- "patch"
1818

19+
- package-ecosystem: "gomod"
20+
directory: "/operator/"
21+
open-pull-requests-limit: 25
22+
schedule:
23+
interval: "weekly"
24+
day: "saturday"
25+
labels:
26+
- "dependencies"
27+
- "go"
28+
- "type::chore"
29+
groups:
30+
security:
31+
update-types:
32+
- "patch"
33+
1934
- package-ecosystem: "github-actions"
2035
directory: "/"
2136
labels:

.github/workflows/ci.yaml

Lines changed: 173 additions & 53 deletions
Large diffs are not rendered by default.

.github/workflows/image-scan.yaml

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -33,9 +33,6 @@ jobs:
3333
build/.melange-cache
3434
key: melange-cache
3535

36-
- name: Set up Docker Buildx
37-
uses: docker/setup-buildx-action@v3
38-
3936
- name: Setup Melange
4037
uses: chainguard-dev/actions/setup-melange@main
4138

.github/workflows/release-prod.yaml

Lines changed: 99 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,8 @@ name: Release
22
on:
33
push:
44
tags:
5-
- "*.*.*"
5+
- '[0-9]+\.[0-9]+\.[0-9]+\+k8s-[0-9]+\.[0-9]+'
6+
- '[0-9]+\.[0-9]+\.[0-9]+\+k8s-[0-9]+\.[0-9]+-.+'
67
permissions:
78
contents: write
89
jobs:
@@ -21,17 +22,38 @@ jobs:
2122
id: get-tag
2223
run: |
2324
# remove the "refs/tags/" prefix to get the tag that was pushed
24-
export RAW_TAG=${GITHUB_REF#refs/tags/}
25+
export RAW_TAG=${{ github.ref_name }}
2526
# add a 'v' prefix to the tag if it doesn't already have one
2627
export V_TAG=$(echo "$RAW_TAG" | sed 's/^[^v]/v&/')
2728
# store the tag name in an output for later steps
2829
echo "tag-name=${V_TAG}" >> $GITHUB_OUTPUT
2930
30-
build-images:
31+
buildtools:
32+
runs-on: ubuntu-latest
33+
steps:
34+
- name: Checkout
35+
uses: actions/checkout@v4
36+
37+
- name: Setup Go
38+
uses: actions/setup-go@v5
39+
with:
40+
go-version-file: go.mod
41+
42+
- name: Compile buildtools
43+
run: |
44+
make buildtools
45+
46+
- name: Upload buildtools artifact
47+
uses: actions/upload-artifact@v4
48+
with:
49+
name: buildtools
50+
path: output/bin/buildtools
51+
52+
publish-operator-image:
3153
runs-on: ubuntu-latest
3254
needs: [get-tag]
3355
outputs:
34-
local-artifact-mirror: ${{ steps.local-artifact-mirror.outputs.image }}
56+
image: ${{ steps.operator-image.outputs.image }}
3557
steps:
3658
- name: Checkout
3759
uses: actions/checkout@v4
@@ -43,8 +65,55 @@ jobs:
4365
build/.melange-cache
4466
key: melange-cache
4567

46-
- name: Set up Docker Buildx
47-
uses: docker/setup-buildx-action@v3
68+
- name: Setup Melange
69+
uses: chainguard-dev/actions/setup-melange@main
70+
71+
- name: Build and push operator image
72+
id: operator-image
73+
env:
74+
REGISTRY: docker.io
75+
USERNAME: ${{ secrets.DOCKERHUB_USER }}
76+
PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
77+
run: |
78+
make -C operator apko apko-login build-and-push-operator-image \
79+
PACKAGE_VERSION=${{ needs.get-tag.outputs.tag-name }}
80+
echo "image=$(cat operator/build/image)" >> $GITHUB_OUTPUT
81+
82+
publish-operator-chart:
83+
runs-on: ubuntu-latest
84+
needs: [get-tag, publish-operator-image]
85+
outputs:
86+
chart: ${{ steps.operator-chart.outputs.chart }}
87+
steps:
88+
- name: Checkout
89+
uses: actions/checkout@v4
90+
91+
- name: Build and push operator chart
92+
id: operator-chart
93+
env:
94+
HELM_USER: ${{secrets.REPLICATED_LIBRARY_SERVICE_ACCOUNT}}
95+
HELM_PASS: ${{secrets.REPLICATED_LIBRARY_SERVICE_ACCOUNT}}
96+
HELM_REGISTRY: registry.replicated.com
97+
run: |
98+
make -C operator build-chart \
99+
PACKAGE_VERSION=${{ needs.get-tag.outputs.tag-name }}
100+
echo "chart=$(cat operator/build/chart)" >> $GITHUB_OUTPUT
101+
102+
publish-images:
103+
runs-on: ubuntu-latest
104+
needs: [get-tag]
105+
outputs:
106+
local-artifact-mirror: ${{ steps.local-artifact-mirror.outputs.image }}
107+
steps:
108+
- name: Checkout
109+
uses: actions/checkout@v4
110+
111+
- name: Cache Melange
112+
uses: actions/cache@v4
113+
with:
114+
path: |
115+
build/.melange-cache
116+
key: melange-cache
48117

49118
- name: Setup Melange
50119
uses: chainguard-dev/actions/setup-melange@main
@@ -62,29 +131,41 @@ jobs:
62131
63132
release:
64133
runs-on: ubuntu-latest
65-
needs: [get-tag, build-images]
134+
needs: [get-tag, buildtools, publish-images, publish-operator-image, publish-operator-chart]
66135
steps:
67136
- name: Checkout
68137
uses: actions/checkout@v4
69138

70-
- name: Set up Go
139+
- name: Setup Go
71140
uses: actions/setup-go@v5
72141
with:
73142
go-version-file: go.mod
74143

75-
- name: Set up Docker Buildx
76-
uses: docker/setup-buildx-action@v3
144+
- name: Download buildtools artifact
145+
uses: actions/download-artifact@v4
146+
with:
147+
name: buildtools
148+
path: output/bin
149+
150+
- name: Update embedded-cluster-operator metadata.yaml
151+
env:
152+
IMAGES_REGISTRY_SERVER: ttl.sh
153+
OPERATOR_CHART: ${{ needs.publish-operator-chart.outputs.chart }}
154+
OPERATOR_IMAGE: ${{ needs.publish-operator-image.outputs.image }}
155+
run: |
156+
./scripts/ci-update-operator-metadata.sh
77157
78158
- name: Build linux-amd64
79159
run: |
80160
make embedded-cluster-linux-amd64 \
81161
VERSION=${{ needs.get-tag.outputs.tag-name }} \
82-
LOCAL_ARTIFACT_MIRROR_IMAGE=proxy.replicated.com/anonymous/${{ needs.build-images.outputs.local-artifact-mirror }}
162+
LOCAL_ARTIFACT_MIRROR_IMAGE=proxy.replicated.com/anonymous/${{ needs.publish-images.outputs.local-artifact-mirror }}
83163
tar -C output/bin -czvf embedded-cluster-linux-amd64.tgz embedded-cluster
84164
85165
- name: Output Metadata
86166
run: |
87167
./output/bin/embedded-cluster version metadata > metadata.json
168+
88169
- name: Cache Staging Files
89170
env:
90171
S3_BUCKET: "tf-staging-embedded-cluster-bin"
@@ -93,6 +174,9 @@ jobs:
93174
AWS_REGION: "us-east-1"
94175
run: |
95176
export EC_VERSION="${{ needs.get-tag.outputs.tag-name }}"
177+
export OPERATOR_IMAGE=proxy.replicated.com/anonymous/${{ needs.publish-operator-image.outputs.image }}
178+
export OPERATOR_VERSION=$(echo "${{ needs.get-tag.outputs.tag-name }}" | sed 's/^v//')
179+
96180
./scripts/cache-files.sh
97181
98182
- name: Cache Prod Files
@@ -103,13 +187,16 @@ jobs:
103187
AWS_REGION: "us-east-1"
104188
run: |
105189
export EC_VERSION="${{ needs.get-tag.outputs.tag-name }}"
190+
export OPERATOR_IMAGE=proxy.replicated.com/anonymous/${{ needs.publish-operator-image.outputs.image }}
191+
export OPERATOR_VERSION=$(echo "${{ needs.get-tag.outputs.tag-name }}" | sed 's/^v//')
192+
106193
./scripts/cache-files.sh
107194
108195
- name: Publish release
109196
uses: marvinpinto/action-automatic-releases@latest
110197
with:
111198
repo_token: ${{ secrets.GITHUB_TOKEN }}
112-
prerelease: false
199+
prerelease: true
113200
files: |
114201
*.tgz
115202
metadata.json

Makefile

Lines changed: 23 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
SHELL := /bin/bash
22

3-
include chainguard.mk
3+
include common.mk
44

5-
VERSION ?= $(shell git describe --tags --dirty)
5+
VERSION ?= $(shell git describe --tags --dirty --match='[0-9]*.[0-9]*.[0-9]*')
66
CURRENT_USER := $(if $(GITHUB_USER),$(GITHUB_USER),$(shell id -u -n))
77
UNAME := $(shell uname)
88
ARCH := $(shell uname -m)
@@ -11,14 +11,12 @@ ADMIN_CONSOLE_CHART_REPO_OVERRIDE =
1111
ADMIN_CONSOLE_IMAGE_OVERRIDE =
1212
ADMIN_CONSOLE_MIGRATIONS_IMAGE_OVERRIDE =
1313
ADMIN_CONSOLE_KURL_PROXY_IMAGE_OVERRIDE =
14-
EMBEDDED_OPERATOR_IMAGE_OVERRIDE =
15-
EMBEDDED_OPERATOR_BINARY_URL_OVERRIDE =
1614
K0S_VERSION = v1.28.11+k0s.0
1715
K0S_GO_VERSION = v1.28.11+k0s.0
1816
PREVIOUS_K0S_VERSION ?= v1.28.10+k0s.0
1917
K0S_BINARY_SOURCE_OVERRIDE =
2018
PREVIOUS_K0S_BINARY_SOURCE_OVERRIDE =
21-
TROUBLESHOOT_VERSION = v0.97.0
19+
TROUBLESHOOT_VERSION = v0.100.0
2220
KOTS_VERSION = v$(shell awk '/^version/{print $$2}' pkg/addons/adminconsole/static/metadata.yaml | sed 's/\([0-9]\+\.[0-9]\+\.[0-9]\+\).*/\1/')
2321
KOTS_BINARY_URL_OVERRIDE =
2422
# TODO: move this to a manifest file
@@ -34,8 +32,8 @@ LD_FLAGS = \
3432
-X github.com/replicatedhq/embedded-cluster/pkg/addons/adminconsole.AdminConsoleChartRepoOverride=$(ADMIN_CONSOLE_CHART_REPO_OVERRIDE) \
3533
-X github.com/replicatedhq/embedded-cluster/pkg/addons/adminconsole.AdminConsoleImageOverride=$(ADMIN_CONSOLE_IMAGE_OVERRIDE) \
3634
-X github.com/replicatedhq/embedded-cluster/pkg/addons/adminconsole.AdminConsoleMigrationsImageOverride=$(ADMIN_CONSOLE_MIGRATIONS_IMAGE_OVERRIDE) \
37-
-X github.com/replicatedhq/embedded-cluster/pkg/addons/adminconsole.AdminConsoleKurlProxyImageOverride=$(ADMIN_CONSOLE_KURL_PROXY_IMAGE_OVERRIDE) \
38-
-X github.com/replicatedhq/embedded-cluster/pkg/addons/embeddedclusteroperator.EmbeddedOperatorImageOverride=$(EMBEDDED_OPERATOR_IMAGE_OVERRIDE)
35+
-X github.com/replicatedhq/embedded-cluster/pkg/addons/adminconsole.AdminConsoleKurlProxyImageOverride=$(ADMIN_CONSOLE_KURL_PROXY_IMAGE_OVERRIDE)
36+
DISABLE_FIO_BUILD ?= 0
3937

4038
export PATH := $(shell pwd)/bin:$(PATH)
4139

@@ -48,25 +46,25 @@ default: build-ttl.sh
4846
pkg/goods/bins/k0s: Makefile
4947
mkdir -p pkg/goods/bins
5048
if [ "$(K0S_BINARY_SOURCE_OVERRIDE)" != "" ]; then \
51-
curl -fL -o pkg/goods/bins/k0s "$(K0S_BINARY_SOURCE_OVERRIDE)" ; \
49+
curl --retry 5 --retry-all-errors -fL -o pkg/goods/bins/k0s "$(K0S_BINARY_SOURCE_OVERRIDE)" ; \
5250
else \
53-
curl -fL -o pkg/goods/bins/k0s "https://github.com/k0sproject/k0s/releases/download/$(K0S_VERSION)/k0s-$(K0S_VERSION)-amd64" ; \
51+
curl --retry 5 --retry-all-errors -fL -o pkg/goods/bins/k0s "https://github.com/k0sproject/k0s/releases/download/$(K0S_VERSION)/k0s-$(K0S_VERSION)-amd64" ; \
5452
fi
5553
chmod +x pkg/goods/bins/k0s
5654
touch pkg/goods/bins/k0s
5755

5856
pkg/goods/bins/kubectl-support_bundle: Makefile
5957
mkdir -p pkg/goods/bins
6058
mkdir -p output/tmp/support-bundle
61-
curl -fL -o output/tmp/support-bundle/support-bundle.tar.gz https://github.com/replicatedhq/troubleshoot/releases/download/$(TROUBLESHOOT_VERSION)/support-bundle_linux_amd64.tar.gz
59+
curl --retry 5 --retry-all-errors -fL -o output/tmp/support-bundle/support-bundle.tar.gz https://github.com/replicatedhq/troubleshoot/releases/download/$(TROUBLESHOOT_VERSION)/support-bundle_linux_amd64.tar.gz
6260
tar -xzf output/tmp/support-bundle/support-bundle.tar.gz -C output/tmp/support-bundle
6361
mv output/tmp/support-bundle/support-bundle pkg/goods/bins/kubectl-support_bundle
6462
touch pkg/goods/bins/kubectl-support_bundle
6563

6664
pkg/goods/bins/kubectl-preflight: Makefile
6765
mkdir -p pkg/goods/bins
6866
mkdir -p output/tmp/preflight
69-
curl -fL -o output/tmp/preflight/preflight.tar.gz https://github.com/replicatedhq/troubleshoot/releases/download/$(TROUBLESHOOT_VERSION)/preflight_linux_amd64.tar.gz
67+
curl --retry 5 --retry-all-errors -fL -o output/tmp/preflight/preflight.tar.gz https://github.com/replicatedhq/troubleshoot/releases/download/$(TROUBLESHOOT_VERSION)/preflight_linux_amd64.tar.gz
7068
tar -xzf output/tmp/preflight/preflight.tar.gz -C output/tmp/preflight
7169
mv output/tmp/preflight/preflight pkg/goods/bins/kubectl-preflight
7270
touch pkg/goods/bins/kubectl-preflight
@@ -76,13 +74,23 @@ pkg/goods/bins/local-artifact-mirror: Makefile
7674
$(MAKE) -C local-artifact-mirror build GOOS=linux GOARCH=amd64
7775
cp local-artifact-mirror/bin/local-artifact-mirror-$(GOOS)-$(GOARCH) pkg/goods/bins/local-artifact-mirror
7876

77+
pkg/goods/bins/fio: PLATFORM = linux/amd64
78+
pkg/goods/bins/fio: Makefile
79+
ifneq ($(DISABLE_FIO_BUILD),1)
80+
mkdir -p pkg/goods/bins
81+
docker build -t fio --build-arg PLATFORM=$(PLATFORM) fio
82+
docker rm -f fio && docker run --name fio fio
83+
docker cp fio:/output/fio pkg/goods/bins/fio
84+
touch pkg/goods/bins/fio
85+
endif
86+
7987
pkg/goods/internal/bins/kubectl-kots: Makefile
8088
mkdir -p pkg/goods/internal/bins
8189
mkdir -p output/tmp/kots
8290
if [ "$(KOTS_BINARY_URL_OVERRIDE)" != "" ]; then \
83-
curl -fL -o output/tmp/kots/kots.tar.gz "$(KOTS_BINARY_URL_OVERRIDE)" ; \
91+
curl --retry 5 --retry-all-errors -fL -o output/tmp/kots/kots.tar.gz "$(KOTS_BINARY_URL_OVERRIDE)" ; \
8492
else \
85-
curl -fL -o output/tmp/kots/kots.tar.gz https://github.com/replicatedhq/kots/releases/download/$(KOTS_VERSION)/kots_linux_amd64.tar.gz ; \
93+
curl --retry 5 --retry-all-errors -fL -o output/tmp/kots/kots.tar.gz https://github.com/replicatedhq/kots/releases/download/$(KOTS_VERSION)/kots_linux_amd64.tar.gz ; \
8694
fi
8795
tar -xzf output/tmp/kots/kots.tar.gz -C output/tmp/kots
8896
mv output/tmp/kots/kots pkg/goods/internal/bins/kubectl-kots
@@ -110,6 +118,7 @@ static: pkg/goods/bins/k0s \
110118
pkg/goods/bins/kubectl-preflight \
111119
pkg/goods/bins/kubectl-support_bundle \
112120
pkg/goods/bins/local-artifact-mirror \
121+
pkg/goods/bins/fio \
113122
pkg/goods/internal/bins/kubectl-kots
114123

115124
.PHONY: embedded-cluster-linux-amd64
@@ -138,6 +147,7 @@ unit-tests:
138147
mkdir -p pkg/goods/bins pkg/goods/internal/bins
139148
touch pkg/goods/bins/BUILD pkg/goods/internal/bins/BUILD # compilation will fail if no files are present
140149
go test -v ./pkg/... ./cmd/...
150+
$(MAKE) -C operator test
141151

142152
.PHONY: vet
143153
vet: static
@@ -190,7 +200,6 @@ buildtools:
190200
go build -o ./output/bin/buildtools ./cmd/buildtools
191201

192202
.PHONY: cache-files
193-
cache-files: export EMBEDDED_OPERATOR_BINARY_URL_OVERRIDE
194203
cache-files:
195204
./scripts/cache-files.sh
196205

cmd/buildtools/embeddedclusteroperator.go

Lines changed: 17 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -49,12 +49,25 @@ var updateOperatorAddonCommand = &cli.Command{
4949
}
5050
nextChartVersion = strings.TrimPrefix(nextChartVersion, "v")
5151

52-
upstream := "registry.replicated.com/library/embedded-cluster-operator"
53-
withproto := fmt.Sprintf("oci://proxy.replicated.com/anonymous/%s", upstream)
52+
chartURL := os.Getenv("INPUT_OPERATOR_CHART_URL")
53+
if chartURL != "" {
54+
logrus.Infof("using input override from INPUT_OPERATOR_CHART_URL: %s", chartURL)
55+
} else {
56+
chartURL = "registry.replicated.com/library/embedded-cluster-operator"
57+
chartURL = fmt.Sprintf("oci://proxy.replicated.com/anonymous/%s", chartURL)
58+
}
5459

55-
logrus.Infof("updating embedded cluster operator images")
60+
imageOverride := os.Getenv("INPUT_OPERATOR_IMAGE")
61+
if imageOverride != "" {
62+
logrus.Infof("using input override from INPUT_OPERATOR_IMAGE: %s", imageOverride)
63+
64+
operatorImageComponents[imageOverride] = addonComponent{
65+
name: "embedded-cluster-operator",
66+
useUpstreamImage: true,
67+
}
68+
}
5669

57-
err := updateOperatorAddonImages(c.Context, withproto, nextChartVersion)
70+
err := updateOperatorAddonImages(c.Context, chartURL, nextChartVersion)
5871
if err != nil {
5972
return fmt.Errorf("failed to update embedded cluster operator images: %w", err)
6073
}

0 commit comments

Comments
 (0)