Move to slimmed down common #55
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Update ESO to 0.9.18
…n of a values file. - The operator adds these extraParameters to the extraParametersNested section as key/value pairs in the Cluster Wide ArgoCD Application created by the Validated Patterns operator. - This update will add the user defined extra parameters on the ArgoCD Applications on the Spoke Clusters. efinition of extraParameters under the main
We'd like to make the imperative namespace optional, so let's use the golang-external-secrets one, which is probably more correct anyways since the acm hub ca is tied to ESO anyways.
The acm hub ca is needed for ESO on spokes to connect to the vault on the hub, there is no need for this when vault is not used, so let's drop it in that case
Feat: Followup to definition of extraParameters under the main section of a values file.
Updates to acm-hub-ca
Update vault to 1.16.2
…er-namespace Co-authored-by: Michele Baldessari <[email protected]> Co-authored-by: Alejandro Villegas <[email protected]> Signed-off-by: Tomer Figenblat <[email protected]>
This is important because in some situations (we've observed this on the clusterwide argo instance on spokes) the permissions are not there yet when argo tries to create service accounts for the imperative SAs. This means that the very first sync works up to the service account creation which then fails due to lacking RBACs. This triggers a gitops issue where selfheal never retries because the previous run failed and so the app is in a stuck loop forever Co-Authored-By: Jonny Rickard <[email protected]> Closes: GITOPS-4677
Force rolebindings as early as possible
Problem Statement:
When setting a namespace like this:
- openshift-distributed-tracing:
operatorGroup: true
targetNamespaces: []
The chart generates the following yaml:
```yaml
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
name: openshift-distributed-tracing-operator-group
namespace: openshift-distributed-tracing
spec:
targetNamespaces:
```
Which k8s rejects the targetNamespaces key as invalid when it attempts to apply it and removes it since it doesn't have a value, which just so happens to have the desired result of not setting the targetNamespaces (or a selector) to enable it for All Namespaces.
bug: Invalid OperatorGroup generated when omitting targetNamespaces
feat: use hive clusterdeployment for creating spoke clusters
Fix CI issue
…sters Added support to control the scheduler/cluster spec
Simplified PR for auto approve install plans
Actually use adminServiceAccountName for the auto approve job
This should fix the fact that jobs are triggered on unrelated changes
Make sure that the if condition on chart split is not always true
Bump super-linter from 5 to 6
Add some debugging to the chart split action
Otherwise we will get errors during the command as git subtree has regressed since v2.44.0
Fix path when invoking the qe run_test.sh script
Co-Authored-By: Akos Eros <[email protected]>
Since the slimming of common this won't work anymore: ❯ make validate-schema make -f common/Makefile validate-schema make[1]: Entering directory '/home/michele/Engineering/cloud-patterns/multicloud-gitops' Validating clustergroup schema of: ./values-global.yamlError: repo common not found make[1]: *** [common/Makefile:162: validate-schema] Error 1 make[1]: Leaving directory '/home/michele/Engineering/cloud-patterns/multicloud-gitops' make: *** [Makefile:12: validate-schema] Error 2 Fix this to use the oci helm chart: ❯ make validate-schema make -f common/Makefile validate-schema make[1]: Entering directory '/home/michele/Engineering/cloud-patterns/multicloud-gitops' Validating clustergroup schema of: ./values-global.yamlPulled: quay.io/hybridcloudpatterns/clustergroup:0.9.13 Digest: sha256:725af54c0a5ad8c2235676bbff2785ece62c9929ab58aaf33837aa3f19708ce6 ./values-group-one.yamlPulled: quay.io/hybridcloudpatterns/clustergroup:0.9.13 Digest: sha256:725af54c0a5ad8c2235676bbff2785ece62c9929ab58aaf33837aa3f19708ce6 ./values-hub.yamlPulled: quay.io/hybridcloudpatterns/clustergroup:0.9.13 Digest: sha256:725af54c0a5ad8c2235676bbff2785ece62c9929ab58aaf33837aa3f19708ce6 make[1]: Leaving directory '/home/michele/Engineering/cloud-patterns/multicloud-gitops'
Fix validated-schema make target
Yukin observed a case on a baremetal server where the install failed
with:
make -f common/Makefile operator-deploy
make[1]: Entering directory '/home/fedora/validated_patterns/multicloud-gitops'
Checking repository:
https://github.com/validatedpatterns-workspace/multicloud-gitops - branch 'qe_test-18760': OK
Checking cluster:
cluster-info: OK
storageclass: OK
Installing pattern: ....Installation failed [5/5]. Error:
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /home/fedora/rhvpsno2-intel-18760/auth/kubeconfig
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /home/fedora/rhvpsno2-intel-18760/auth/kubeconfig
Pulled: quay.io/hybridcloudpatterns/pattern-install:0.0.7
Digest: sha256:b845f86c735478cfd44b0b43842697851cec64737c737bd18a872fa86bb0484d
customresourcedefinition.apiextensions.k8s.io/patterns.gitops.hybrid-cloud-patterns.io unchanged
configmap/patterns-operator-config unchanged
pattern.gitops.hybrid-cloud-patterns.io/multicloud-gitops created
subscription.operators.coreos.com/patterns-operator unchanged
make[1]: *** [common/Makefile:71: operator-deploy] Error 1
make[1]: Leaving directory '/home/fedora/validated_patterns/multicloud-gitops'
make: *** [Makefile:12: operator-deploy] Error 2
In fact the install proceeded just okay, we just gave up too early.
Let's double the amount of times we wait for this and also increase the
wait in between tries by 5 seconds. Hopefully this should cover these
edge cases.
Wait some more before giving up
If ACM is installed the search for `applications` matches the ACM one and not the argo one.
Fix argo-healthcheck target
This way we can override the TARGET_SITE when invoking pattern.sh
Add TARGET_SITE as an env variable
Since ubuntu sometimes has /etc/pki/fwupd with little else in there, let's just bind mount /etc/pki when /etc/pki/tls exists. This keeps Fedora-based distros running and should fix this specific corner case observed on ubuntu. Co-Authored-By: Akos Eros <[email protected]> Closes: validatedpatterns/medical-diagnosis#130
Do not bind mount /etc/pki blindly
Update common to v1 branch
Moved to slimmed down common. Tested there is no diff from upstream: $ diff -urN -x '.git' common ../common $
mbaldessari
force-pushed
the
multisource
branch
from
3f46d49 to
b029ad5
Compare
This was referenced Mar 20, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
10 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR moves to the latest common from the main branch. See https://validatedpatterns.io/blog/2024-09-26-slimming-of-common/
for more details