Skip to content

Commit

Permalink
update sync chart from ACM operotar repo
Browse files Browse the repository at this point in the history
Signed-off-by: Zhiwei Yin <[email protected]>
  • Loading branch information
zhiweiyin318 committed Sep 26, 2024
1 parent 90193ea commit a6b7011
Show file tree
Hide file tree
Showing 28 changed files with 237 additions and 102 deletions.
8 changes: 8 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
@@ -1,4 +1,12 @@
export ACM_VERSION?=2.12
export MCE_VERSION?=2.7

SED_CMD:=sed
ifeq ($(GOHOSTOS),darwin)
SED_CMD:=gsed
endif

export SED=$(SED_CMD)

HELM?=_output/bin/helm
HELM_VERSION?=v3.14.0
Expand Down
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
creationTimestamp: null
name: multiclusterengines.multicluster.openshift.io
spec:
group: multicluster.openshift.io
Expand Down Expand Up @@ -284,9 +284,3 @@ spec:
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: null
storedVersions: null
1 change: 1 addition & 0 deletions e2e/mce-chart/templates/clusterrole.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
Expand Down
2 changes: 1 addition & 1 deletion hack/e2e.sh
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ function waitForReady() {
break
fi

echo "failed, expected $rst, but got $result, re-try after 5 seconds."
echo "expected $rst, but got $result, re-try after 5 seconds..."
sleep 5
(( SECOND = SECOND + 5 ))
done
Expand Down
63 changes: 53 additions & 10 deletions hack/update.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,12 @@ set -o errexit
set -o nounset
set -o pipefail

rm -rf multiclusterhub-operator

git clone --depth 1 --branch "release-$ACM_VERSION" https://github.com/stolostron/multiclusterhub-operator.git


# update CRDs
CRD_FILES="./multiclusterhub-operator/pkg/templates/crds/grc/policy.open-cluster-management.io_placementbindings.yaml
./multiclusterhub-operator/pkg/templates/crds/grc/policy.open-cluster-management.io_policies.yaml
./multiclusterhub-operator/pkg/templates/crds/grc/policy.open-cluster-management.io_policyautomations.yaml
Expand All @@ -12,25 +18,62 @@ CRD_FILES="./multiclusterhub-operator/pkg/templates/crds/grc/policy.open-cluster
./multiclusterhub-operator/pkg/templates/crds/multicloud-operators-subscription/apps.open-cluster-management.io_placementrules_crd_v1.yaml
"

GRC_CMA_FILES="./multiclusterhub-operator/pkg/templates/charts/toggle/grc/templates/config-policy-clustermanagementaddon.yaml
for f in $CRD_FILES
do
cp $f ./policy/crds/
done


# update grc sub-chart
#cp ./multiclusterhub-operator/pkg/templates/charts/toggle/grc/Chart.yaml ./policy/charts/grc/
#cp ./multiclusterhub-operator/pkg/templates/charts/toggle/grc/values.yaml ./policy/charts/grc/

GRC_FILES="./multiclusterhub-operator/pkg/templates/charts/toggle/grc/templates/config-policy-clustermanagementaddon.yaml
./multiclusterhub-operator/pkg/templates/charts/toggle/grc/templates/governance-policy-framework-clustermanagementaddon.yaml
"
# ./multiclusterhub-operator/pkg/templates/charts/toggle/grc/templates/grc-clusterrole.yaml
# ./multiclusterhub-operator/pkg/templates/charts/toggle/grc/templates/grc-clusterrolebinding.yaml
# ./multiclusterhub-operator/pkg/templates/charts/toggle/grc/templates/grc-policy-addon-role.yaml
# ./multiclusterhub-operator/pkg/templates/charts/toggle/grc/templates/grc-policy-addon-rolebinding.yaml
# ./multiclusterhub-operator/pkg/templates/charts/toggle/grc/templates/grc-policy-addon-clusterrole.yaml
# ./multiclusterhub-operator/pkg/templates/charts/toggle/grc/templates/grc-policy-addon-clusterrolebinding.yaml
# ./multiclusterhub-operator/pkg/templates/charts/toggle/grc/templates/grc-policy-addon-sa.yaml
# ./multiclusterhub-operator/pkg/templates/charts/toggle/grc/templates/grc-role.yaml
# ./multiclusterhub-operator/pkg/templates/charts/toggle/grc/templates/grc-rolebinding.yaml
# ./multiclusterhub-operator/pkg/templates/charts/toggle/grc/templates/grc-sa.yaml
# "

rm -rf multiclusterhub-operator

git clone --depth 1 --branch "release-$ACM_VERSION" https://github.com/stolostron/multiclusterhub-operator.git
for f in $GRC_FILES
do
cp $f ./policy/charts/grc/templates/
done

# update cluster-lifecycle sub-chart
#cp ./multiclusterhub-operator/pkg/templates/charts/toggle/cluster-lifecycle/Chart.yaml ./policy/charts/cluster-lifecycle/
#cp ./multiclusterhub-operator/pkg/templates/charts/toggle/cluster-lifecycle/values.yaml ./policy/charts/cluster-lifecycle/

for f in $CRD_FILES
do
cp $f ./acm-addons/crds/
done
CLUSTER_LIFECYCLE_FILES="./multiclusterhub-operator/pkg/templates/charts/toggle/cluster-lifecycle/templates/klusterlet-addon-role.yaml
./multiclusterhub-operator/pkg/templates/charts/toggle/cluster-lifecycle/templates/klusterlet-addon-role_binding.yaml
./multiclusterhub-operator/pkg/templates/charts/toggle/cluster-lifecycle/templates/klusterlet-addon-deployment.yaml"

for f in $GRC_CMA_FILES
for f in $CLUSTER_LIFECYCLE_FILES
do
cp $f ./acm-addons/charts/grc/templates/
cp $f ./policy/charts/cluster-lifecycle/templates/
done


rm -rf multiclusterhub-operator


# update e2e mce chart

rm -rf backplane-operator

git clone --depth 1 --branch "backplane-$MCE_VERSION" https://github.com/stolostron/backplane-operator.git

cp ./backplane-operator/config/crd/bases/multicluster.openshift.io_multiclusterengines.yaml ./e2e/mce-chart/crds/
cp ./backplane-operator/config/rbac/role.yaml ./e2e/mce-chart/templates/clusterrole.yaml

$SED -i 's/multicluster-engine-operator-role/multicluster-engine-operator/' ./e2e/mce-chart/templates/clusterrole.yaml

rm -rf backplane-operator
5 changes: 4 additions & 1 deletion policy/charts/cluster-lifecycle/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
# Copyright (c) 2024 Red Hat, Inc.
# Copyright Contributors to the Open Cluster Management project

apiVersion: v1
appVersion: 2.12.0
version: 2.12.0
description: Helm chart for deploying the cluster lifecycle
kubeVersion: ">=1.11.0-0"
name: cluster-lifecycle
version: 2.12.0
Original file line number Diff line number Diff line change
@@ -1,27 +1,40 @@
# Copyright Contributors to the Open Cluster Management project

apiVersion: apps/v1
kind: Deployment
metadata:
name: klusterlet-addon-controller-v2
namespace: {{ .Values.global.namespace }}
labels:
app: klusterlet-addon-controller-v2
app.kubernetes.io/name: klusterlet-addon-controller
component: klusterlet-addon-controller
name: klusterlet-addon-controller-v2
namespace: {{ .Values.global.namespace }}
app.kubernetes.io/name: klusterlet-addon-controller
spec:
minReadySeconds: 0
replicas: {{ .Values.hubconfig.replicaCount }}
selector:
matchLabels:
app: klusterlet-addon-controller-v2
component: klusterlet-addon-controller
template:
metadata:
creationTimestamp: null
labels:
app: klusterlet-addon-controller-v2
app.kubernetes.io/name: klusterlet-addon-controller
ocm-antiaffinity-selector: "klusterletaddon"
component: klusterlet-addon-controller
ocm-antiaffinity-selector: klusterletaddon
app.kubernetes.io/name: klusterlet-addon-controller
spec:
{{- if .Values.global.pullSecret }}
imagePullSecrets:
- name: {{ .Values.global.pullSecret }}
{{- end }}
serviceAccountName: klusterlet-addon-controller-v2
hostNetwork: false
hostPID: false
hostIPC: false
terminationGracePeriodSeconds: 60
securityContext:
runAsNonRoot: true
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
Expand All @@ -36,66 +49,75 @@ spec:
- arm64
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
- weight: 70
podAffinityTerm:
topologyKey: topology.kubernetes.io/zone
labelSelector:
matchExpressions:
- key: ocm-antiaffinity-selector
operator: In
values:
- klusterletaddon
topologyKey: topology.kubernetes.io/zone
weight: 70
- podAffinityTerm:
- weight: 35
podAffinityTerm:
topologyKey: kubernetes.io/hostname
labelSelector:
matchExpressions:
- key: ocm-antiaffinity-selector
operator: In
values:
- klusterletaddon
topologyKey: kubernetes.io/hostname
weight: 35
{{- with .Values.hubconfig.tolerations }}
tolerations:
{{- range . }}
- {{ if .Key }} key: {{ .Key }} {{- end }}
{{ if .Operator }} operator: {{ .Operator }} {{- end }}
{{ if .Value }} value: {{ .Value }} {{- end }}
{{ if .Effect }} effect: {{ .Effect }} {{- end }}
{{ if .TolerationSeconds }} tolerationSeconds: {{ .TolerationSeconds }} {{- end }}
{{- end }}
{{- end }}
containers:
- env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: klusterlet-addon-controller
image: "{{ .Values.global.imageOverrides.klusterlet_addon_controller }}"
imagePullPolicy: IfNotPresent
name: klusterlet-addon-controller
resources:
limits:
cpu: 500m
memory: 2Gi
requests:
cpu: 50m
memory: 96Mi
imagePullPolicy: {{ .Values.global.pullPolicy }}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
imagePullSecrets:
- name: open-cluster-management-image-pull-credentials
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
runAsNonRoot: true
serviceAccount: klusterlet-addon-controller-v2
serviceAccountName: klusterlet-addon-controller-v2
terminationGracePeriodSeconds: 60
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/infra
operator: Exists
resources:
requests:
memory: "96Mi"
cpu: "50m"
limits:
memory: "2Gi"
cpu: "500m"
env:
- name: WATCH_NAMESPACE
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: OPERATOR_NAME
value: klusterlet-addon-controller
- name: HUB_VERSION
value: {{ .Values.hubconfig.hubVersion }}
- name: USE_SHA_MANIFEST
value: "true"
- name: DEFAULT_IMAGE_PULL_SECRET
value: {{ .Values.global.pullSecret }}
- name: DEFAULT_IMAGE_REGISTRY
value: {{ .Values.global.imageRepository }}
- name: ADDON_CLUSTERROLE_PREFIX
value: "open-cluster-management:addons:"
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
{{- with .Values.hubconfig.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# Copyright Contributors to the Open Cluster Management project

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# Copyright Contributors to the Open Cluster Management project

kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
Expand All @@ -9,7 +11,7 @@ metadata:
subjects:
- kind: ServiceAccount
name: klusterlet-addon-controller-v2
namespace: {{ .Values.global.namespace }}
namespace: '{{ .Values.global.namespace }}'
roleRef:
kind: ClusterRole
name: open-cluster-management:klusterlet-addon-controller-v2
Expand Down
14 changes: 10 additions & 4 deletions policy/charts/cluster-lifecycle/values.yaml
Original file line number Diff line number Diff line change
@@ -1,8 +1,14 @@
global:
imageOverrides:
klusterlet_addon_controller: ""

namespace: multicluster-engine

klusterlet_addon_controller: ''
templateOverrides: {}
namespace: ''
pullSecret: null
imageRepository: ''
hubSize: Small
hubconfig:
nodeSelector: null
proxyConfigs: {}
replicaCount: 1
tolerations: []
org: open-cluster-management
12 changes: 10 additions & 2 deletions policy/charts/grc/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,13 @@
# Copyright (c) 2024 Red Hat, Inc.
# Copyright Contributors to the Open Cluster Management project

apiVersion: v1
appVersion: 2.12.0
version: 2.12.0
description: A Helm chart for multicloud policy
description: A Helm chart for multicloud grc
category: "Development"
keywords:
- acm
- grc
name: grc
verified: "RHACM"
version: 2.12.0
Loading

0 comments on commit a6b7011

Please sign in to comment.