Draft
Conversation
Scaffold out the project to create kubeadm clusters on PRs and verify their installation. * Missing custom installation of kubernetes container services * Missing implementation of spread tests
* Understand why gh runners don't need cni-plugins * Create component for cni-plugins * Remove early debug * handle all installation methods * Address review comments
* Begin to implement image pull * Adjust hooks to not need arch passed * Bind kubeadm bootstrap to pre-pulled images defined by the manifest * Address review comments * Dynamic hook execution * Update src/kube_galaxy/pkg/components/kubeadm.py Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Address review comments * Golf --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Tidy up more of the components * Review comment
* First shots deploying with a calico CNI * Validate manifest applications * Validate kube-system is deployed * Update tests/unit/components/test_container_manifest.py Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Apply review comments --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates the CoreDNS container image source in the smoktest manifest from the official Kubernetes registry to a Canonical-built rockcraft image hosted on GitHub Container Registry. The PR description indicates this is experimental work with known issues related to read-only filesystem security contexts.
Changes:
- Swaps CoreDNS container image from
registry.k8s.io/coredns/coredns:v{release}toghcr.io/canonical/coredns:{release}-ck4
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
addyess
force-pushed
the
trial/coredns-rock
branch
4 times, most recently
from
747fedc to
ddc86d2
Compare
addyess
force-pushed
the
trial/coredns-rock
branch
from
ddc86d2 to
ad89e4f
Compare
bschimke95
approved these changes
Feb 24, 2026
* Prepare for testing with spread * Ready CNCF validation * Prepared a Sonobouy component * Kubeadm bootstraps with no node taints * Review comments * Single out the kube-galaxy tasks from each component's spread suite.
addyess
force-pushed
the
trial/coredns-rock
branch
from
67cbd56 to
c642eec
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fails until i can find a way to adjust:
$ kubectl edit deployment -n kube-system coredns # spec.template.spec.containers[0].securityContext.readOnlyRootFileystem = falseUpdate:
kubeadm doesn't REALLY let you set this. Instead this patch provides this update after kubeadm is bootstrapped in a CoreDNS component
bootstrap_hook()which is just a hacky work-around