ci(track): bump upload-charm action 2.4.0 -> 2.6.2 #467
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
change the automation to instead use https://github.com/canonical/gh-jira-sync-bot for creating issues, instead of the previous workflow
* Update GH files for issue templates and Jira automation This PR updates the .github files to * Ensure we have a file for tasks/enhancements * Ensure we expose dod in task issues * Use the FastAPI for ticket sync, and not JIRA_URL * review: Update task.yaml template
* ci: use charmcraft latest/candidate instead of latest/edge Use the latest candidate version of charmcraft to avoid potential issues with the edge version of charmcraft. This commit is specifically reacting to canonical/craft-application#167 NOTE: this change makes sure that the repository is aligned with our other repositories, most of them (with very few exceptions) point to latest/candidate.
…357) * refactor: use the istioctl wrapper for installing the control plane This refactor uses the install method form the istioctl wrapper to install the control plane without calling subprocess directly in the charm code. This commit also changes the unit tests and lints the code and tests to adapt to the recent refactor. Part of #351
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* feat: enable Istio CNI plugin by default This commit enables the Istio CNI plugin by default in all new deployments of istio-pilot provided the required charm configuration is present; otherwise the control plane remains intact. It is also ensured that the required configurations are present when upgrading to future versions so the plugin is correctly installed on existing control planes (versions <1.17). Fixes #356 Part of #351
* docs: add instructions to enable istio cni plugin
) * feat: set meshConfig.accessLogFile configuration for exposing logs This setting allow users to access debug logs. Fixes #370
* test: trust kubeflow-volumes This charm now requires to be trusted at deployment time.
feat: enable csr-domain-name config option so istio-pilot can use it on CSRs The istio-pilot charm already has a mechanism in place to discover the ingress gateway address from the `Service`, but it is limited to only returning IP addresses, which not all TLS certificate providers accept as a valid cert subject. Having the domain-name config option will allow users to specify the domain name they'd like to use when integrating with TLS certificate operators. This feature expands the support for integrating with TLS certificate providers that cannot issue signed certificates on a CSR that only contains an IP address (like we used to do). This commit also adds some test coverage to test the recently added code. Fixes #379
#389) In recent versions of charmcraft, the summary line must not exceed 78 characters. This change has been introduced in v2.5, which is heavily used by CKF charms. Since pinning the charmcraft version to an earlier release won't scale correctly, it has been decided to move on with the workaround, which aligns more to what charmcraft will expect in the future.
fix: shorten the summary as a workaround for canonical/charmcraft#1568 (#389)
* fix: call self._cni_config_changed and handle exception The _cni_config_changed() method was not called correctly because of a typo, which led to the condition evaluating it to always be True, and running upgrades when they are not required. Calling correctly the method ensures the charm executes correct pieces of code. By doing this, the GenericCharmRuntimeError exception that gets raised on an error with CNI configuration must be re-raised when handling the reconcile. Fixes #395
#394) * feat: add action to handle SSL values as secrets for TLS configuration This commits introduces actions that allow users to configure the TLS ingress gateway for a single host directly passing the SSL cert and key to the charm. - save-tls-secret: allows users to pass the ssl-key and ssl-crt values, which the charm saves in a juju secret (owned by the charm) and uses them to reconcile the ingress Gateway with such information. - remove-tls-secret: a handy action that allows users to remove the TLS secret, which in turn removes the TLS configuration from the ingress Gateway. This commit also adds unit and integration tests to increase the coverage due to the recent changes. WARNING: please note this feature is only supported in 1.17 and 1.18, and it will be removed after releasing 1.18 in favour of the TLS provider method. Fixes #380
…408) * tests: pin deployed charms to a latest and stable compatible version This commit pins all charms that get deployed from Charmhub to a latest/edge or suggested versions. Part of canonical/bundle-kubeflow#863
* refactor: change TRUST variable names to keep consistency Rename all variables TRUST_* -> *_TRUST to keep consistency wit other charms and with the changes introduced in #409.
* ci: bump juju to 3.5 Co-authored-by: NohaIhab <[email protected]>
This commit ensures the istio-pilot charm checks that the ingress routes dictionary it uses for reconciling VirtualServices from requirers is not empty and the relation data for the departing application is there before attempting to pop values during a RelationBroken event. Fixes #423
…ress gateway (#401) * refactor: use secret config instead of action The recommended way of handling user secrets is by saving the user secret ID in a charm configuration, that way the charm can use it to get the contents of the secret. When the charm is granted with the user secret via the CLI, it allows the charm to observe secret events, which help handle changes in their contents. The istio-pilot charm implemented a way to use actions to wrap the secret logic, but because of the above, this commit does a small refactor to remove the set-tls and unset-tls actions and instead directly use user secrets. This commit also renames ssl to tls to be more accurate when referring to the actual configuration that gets done in the Gateway. Part of #398
This commit adds a section in the README to document instructions for enabling the TLS ingress gateway using juju secrets. Part of #398
This PR cherry-picks all the work done for enabling TLS ingress gateway using juju secrets. * docs: add instructions for TLS with secrets (#421) * refactor: use secret config instead of action for configuring TLS ingress gateway (#401) * fix: check routes is not empty before popping values (#424) Fixes #398
This commit adds support for istio operators 1.22.0. Part of #413
We must ensure we do not break the deployment of existing users with a hard requirement on juju 3.5. Since in our documentation the least supported juju version is 3.1, we should reflect that also in these charms. The only scenario where people are required to bump juju to 3.5 is when they want to set the TLS ingress gateway with secrets, but this is documented in a public guide.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Ref canonical/bundle-kubeflow#962