From 6e992d72313792d7e3024fd99599ca8658c98737 Mon Sep 17 00:00:00 2001 From: Geoffrey Israel Date: Wed, 17 Jan 2024 14:49:08 +0100 Subject: [PATCH 1/4] chore(lifecycle-operator): remove pre post deploy task evaluation v1beta1 (#2782) BREAKING CHANGE: Pre/Post evaluations and tasks for an application are now defined in the newly introduced `KeptnAppContext` instead of the `KeptnApp` CRD. `KeptnApps` are now fully managed by the operator and are not intended to be created by the user. The version of a `KeptnApp` will be automatically derived as a function of all workloads that belong to the same application. Signed-off-by: Geoffrey Israel Co-authored-by: Florian Bacher --- .github/actions/spelling/expect.txt | 1 + .../scripts/.helm-tests/default/result.yaml | 8 +++ .../.helm-tests/lifecycle-only/result.yaml | 8 +++ .../lifecycle-with-certs/result.yaml | 8 +++ .../lifecycle/v1alpha1/keptnapp_conversion.go | 8 --- .../v1alpha1/keptnapp_conversion_test.go | 48 ----------------- .../keptnappversion_conversion_test.go | 4 ++ .../lifecycle/v1alpha2/keptnapp_conversion.go | 8 --- .../v1alpha2/keptnapp_conversion_test.go | 48 ----------------- .../keptnappversion_conversion_test.go | 4 ++ .../lifecycle/v1alpha3/keptnapp_conversion.go | 8 --- .../v1alpha3/keptnapp_conversion_test.go | 48 ----------------- .../keptnappversion_conversion_test.go | 4 ++ .../apis/lifecycle/v1beta1/keptnapp_types.go | 22 -------- .../v1beta1/keptnappversion_types.go | 3 +- .../v1beta1/keptnappversion_types_test.go | 4 +- .../v1beta1/zz_generated.deepcopy.go | 21 +------- .../templates/lifecycle-operator-rbac.yaml | 8 +++ .../bases/lifecycle.keptn.sh_keptnapps.yaml | 32 ----------- lifecycle-operator/config/rbac/role.yaml | 8 +++ .../common/evaluation/handler_test.go | 10 ++-- .../controllers/common/task/handler_test.go | 16 +++--- .../lifecycle/keptnapp/controller.go | 16 +++++- .../lifecycle/keptnapp/controller_test.go | 54 ++++++++++++++++++- .../keptnappcreationrequest/controller.go | 8 +-- .../keptnappversion/controller_test.go | 2 + .../component/appversion/appversion_test.go | 4 +- .../00-assert.yaml | 2 +- .../00-install.yaml | 6 +-- .../app-failing-post-task/00-assert.yaml | 2 +- .../app-failing-post-task/00-install.yaml | 6 +-- .../app-failing-pre-evaluation/00-assert.yaml | 2 +- .../00-install.yaml | 6 +-- .../app-failing-pre-task-retry/00-assert.yaml | 4 +- .../00-install.yaml | 6 +-- .../00-assert.yaml | 4 +- .../00-install.yaml | 6 +-- .../app-failing-pre-task/00-assert.yaml | 2 +- .../app-failing-pre-task/00-install.yaml | 6 +-- .../00-assert.yaml | 4 +- .../00-install.yaml | 6 +-- .../podtato-head-application/00-assert.yaml | 7 ++- .../podtato-head-application/00-install.yaml | 16 +----- 43 files changed, 169 insertions(+), 329 deletions(-) diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt index 3a5339fb63..a0e3095ffa 100644 --- a/.github/actions/spelling/expect.txt +++ b/.github/actions/spelling/expect.txt @@ -92,6 +92,7 @@ configmapref configmapreference containedctx containerspec +contextcommon contextdata controllercommon controllererrors diff --git a/.github/scripts/.helm-tests/default/result.yaml b/.github/scripts/.helm-tests/default/result.yaml index 53a005bf80..56a6a87321 100644 --- a/.github/scripts/.helm-tests/default/result.yaml +++ b/.github/scripts/.helm-tests/default/result.yaml @@ -9831,6 +9831,14 @@ rules: - secrets verbs: - get +- apiGroups: + - lifecycle.keptn.sh + resources: + - keptnappcontexts + verbs: + - get + - list + - watch - apiGroups: - lifecycle.keptn.sh resources: diff --git a/.github/scripts/.helm-tests/lifecycle-only/result.yaml b/.github/scripts/.helm-tests/lifecycle-only/result.yaml index c2b208f392..4706bbd46a 100644 --- a/.github/scripts/.helm-tests/lifecycle-only/result.yaml +++ b/.github/scripts/.helm-tests/lifecycle-only/result.yaml @@ -7836,6 +7836,14 @@ rules: - secrets verbs: - get +- apiGroups: + - lifecycle.keptn.sh + resources: + - keptnappcontexts + verbs: + - get + - list + - watch - apiGroups: - lifecycle.keptn.sh resources: diff --git a/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml b/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml index 83214e1a89..6bc08ea4ab 100644 --- a/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml +++ b/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml @@ -7929,6 +7929,14 @@ rules: - secrets verbs: - get +- apiGroups: + - lifecycle.keptn.sh + resources: + - keptnappcontexts + verbs: + - get + - list + - watch - apiGroups: - lifecycle.keptn.sh resources: diff --git a/lifecycle-operator/apis/lifecycle/v1alpha1/keptnapp_conversion.go b/lifecycle-operator/apis/lifecycle/v1alpha1/keptnapp_conversion.go index a51656a676..b71f9f8470 100644 --- a/lifecycle-operator/apis/lifecycle/v1alpha1/keptnapp_conversion.go +++ b/lifecycle-operator/apis/lifecycle/v1alpha1/keptnapp_conversion.go @@ -27,10 +27,6 @@ func (src *KeptnApp) ConvertTo(dstRaw conversion.Hub) error { Version: srcWl.Version, }) } - dst.Spec.PreDeploymentTasks = src.Spec.PreDeploymentTasks - dst.Spec.PostDeploymentTasks = src.Spec.PostDeploymentTasks - dst.Spec.PreDeploymentEvaluations = src.Spec.PreDeploymentEvaluations - dst.Spec.PostDeploymentEvaluations = src.Spec.PostDeploymentEvaluations dst.Status.CurrentVersion = src.Status.CurrentVersion @@ -59,10 +55,6 @@ func (dst *KeptnApp) ConvertFrom(srcRaw conversion.Hub) error { Version: srcWl.Version, }) } - dst.Spec.PreDeploymentTasks = src.Spec.PreDeploymentTasks - dst.Spec.PostDeploymentTasks = src.Spec.PostDeploymentTasks - dst.Spec.PreDeploymentEvaluations = src.Spec.PreDeploymentEvaluations - dst.Spec.PostDeploymentEvaluations = src.Spec.PostDeploymentEvaluations dst.Status.CurrentVersion = src.Status.CurrentVersion diff --git a/lifecycle-operator/apis/lifecycle/v1alpha1/keptnapp_conversion_test.go b/lifecycle-operator/apis/lifecycle/v1alpha1/keptnapp_conversion_test.go index 67730ecf83..5a31de0254 100644 --- a/lifecycle-operator/apis/lifecycle/v1alpha1/keptnapp_conversion_test.go +++ b/lifecycle-operator/apis/lifecycle/v1alpha1/keptnapp_conversion_test.go @@ -47,18 +47,6 @@ func TestKeptnApp_ConvertFrom(t *testing.T) { Version: "4.5.6", }, }, - PreDeploymentTasks: []string{ - "some-pre-deployment-task1", - }, - PostDeploymentTasks: []string{ - "some-post-deployment-task2", - }, - PreDeploymentEvaluations: []string{ - "some-pre-evaluation-task1", - }, - PostDeploymentEvaluations: []string{ - "some-pre-evaluation-task2", - }, }, Status: v1beta1.KeptnAppStatus{ CurrentVersion: "1.2.3", @@ -88,18 +76,6 @@ func TestKeptnApp_ConvertFrom(t *testing.T) { Version: "4.5.6", }, }, - PreDeploymentTasks: []string{ - "some-pre-deployment-task1", - }, - PostDeploymentTasks: []string{ - "some-post-deployment-task2", - }, - PreDeploymentEvaluations: []string{ - "some-pre-evaluation-task1", - }, - PostDeploymentEvaluations: []string{ - "some-pre-evaluation-task2", - }, }, Status: KeptnAppStatus{ CurrentVersion: "1.2.3", @@ -161,18 +137,6 @@ func TestKeptnApp_ConvertTo(t *testing.T) { Version: "4.5.6", }, }, - PreDeploymentTasks: []string{ - "some-pre-deployment-task1", - }, - PostDeploymentTasks: []string{ - "some-post-deployment-task2", - }, - PreDeploymentEvaluations: []string{ - "some-pre-evaluation-task1", - }, - PostDeploymentEvaluations: []string{ - "some-pre-evaluation-task2", - }, }, Status: KeptnAppStatus{ CurrentVersion: "1.2.3", @@ -203,18 +167,6 @@ func TestKeptnApp_ConvertTo(t *testing.T) { Version: "4.5.6", }, }, - PreDeploymentTasks: []string{ - "some-pre-deployment-task1", - }, - PostDeploymentTasks: []string{ - "some-post-deployment-task2", - }, - PreDeploymentEvaluations: []string{ - "some-pre-evaluation-task1", - }, - PostDeploymentEvaluations: []string{ - "some-pre-evaluation-task2", - }, }, Status: v1beta1.KeptnAppStatus{ CurrentVersion: "1.2.3", diff --git a/lifecycle-operator/apis/lifecycle/v1alpha1/keptnappversion_conversion_test.go b/lifecycle-operator/apis/lifecycle/v1alpha1/keptnappversion_conversion_test.go index 47b89fab6b..2134aef355 100644 --- a/lifecycle-operator/apis/lifecycle/v1alpha1/keptnappversion_conversion_test.go +++ b/lifecycle-operator/apis/lifecycle/v1alpha1/keptnappversion_conversion_test.go @@ -51,6 +51,8 @@ func TestKeptnAppVersion_ConvertFrom(t *testing.T) { Version: "4.5.6", }, }, + }, + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{ "some-pre-deployment-task1", }, @@ -471,6 +473,8 @@ func TestKeptnAppVersion_ConvertTo(t *testing.T) { Version: "4.5.6", }, }, + }, + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{ "some-pre-deployment-task1", }, diff --git a/lifecycle-operator/apis/lifecycle/v1alpha2/keptnapp_conversion.go b/lifecycle-operator/apis/lifecycle/v1alpha2/keptnapp_conversion.go index 34c6a07689..d3a485c51f 100644 --- a/lifecycle-operator/apis/lifecycle/v1alpha2/keptnapp_conversion.go +++ b/lifecycle-operator/apis/lifecycle/v1alpha2/keptnapp_conversion.go @@ -27,10 +27,6 @@ func (src *KeptnApp) ConvertTo(dstRaw conversion.Hub) error { Version: srcWl.Version, }) } - dst.Spec.PreDeploymentTasks = src.Spec.PreDeploymentTasks - dst.Spec.PostDeploymentTasks = src.Spec.PostDeploymentTasks - dst.Spec.PreDeploymentEvaluations = src.Spec.PreDeploymentEvaluations - dst.Spec.PostDeploymentEvaluations = src.Spec.PostDeploymentEvaluations dst.Status.CurrentVersion = src.Status.CurrentVersion @@ -58,10 +54,6 @@ func (dst *KeptnApp) ConvertFrom(srcRaw conversion.Hub) error { Version: srcWl.Version, }) } - dst.Spec.PreDeploymentTasks = src.Spec.PreDeploymentTasks - dst.Spec.PostDeploymentTasks = src.Spec.PostDeploymentTasks - dst.Spec.PreDeploymentEvaluations = src.Spec.PreDeploymentEvaluations - dst.Spec.PostDeploymentEvaluations = src.Spec.PostDeploymentEvaluations dst.Status.CurrentVersion = src.Status.CurrentVersion diff --git a/lifecycle-operator/apis/lifecycle/v1alpha2/keptnapp_conversion_test.go b/lifecycle-operator/apis/lifecycle/v1alpha2/keptnapp_conversion_test.go index 152ed3040b..8b6509e7b9 100644 --- a/lifecycle-operator/apis/lifecycle/v1alpha2/keptnapp_conversion_test.go +++ b/lifecycle-operator/apis/lifecycle/v1alpha2/keptnapp_conversion_test.go @@ -47,18 +47,6 @@ func TestKeptnApp_ConvertFrom(t *testing.T) { Version: "4.5.6", }, }, - PreDeploymentTasks: []string{ - "some-pre-deployment-task1", - }, - PostDeploymentTasks: []string{ - "some-post-deployment-task2", - }, - PreDeploymentEvaluations: []string{ - "some-pre-evaluation-task1", - }, - PostDeploymentEvaluations: []string{ - "some-pre-evaluation-task2", - }, }, Status: v1beta1.KeptnAppStatus{ CurrentVersion: "1.2.3", @@ -89,18 +77,6 @@ func TestKeptnApp_ConvertFrom(t *testing.T) { Version: "4.5.6", }, }, - PreDeploymentTasks: []string{ - "some-pre-deployment-task1", - }, - PostDeploymentTasks: []string{ - "some-post-deployment-task2", - }, - PreDeploymentEvaluations: []string{ - "some-pre-evaluation-task1", - }, - PostDeploymentEvaluations: []string{ - "some-pre-evaluation-task2", - }, }, Status: KeptnAppStatus{ CurrentVersion: "1.2.3", @@ -163,18 +139,6 @@ func TestKeptnApp_ConvertTo(t *testing.T) { Version: "4.5.6", }, }, - PreDeploymentTasks: []string{ - "some-pre-deployment-task1", - }, - PostDeploymentTasks: []string{ - "some-post-deployment-task2", - }, - PreDeploymentEvaluations: []string{ - "some-pre-evaluation-task1", - }, - PostDeploymentEvaluations: []string{ - "some-pre-evaluation-task2", - }, }, Status: KeptnAppStatus{ CurrentVersion: "1.2.3", @@ -205,18 +169,6 @@ func TestKeptnApp_ConvertTo(t *testing.T) { Version: "4.5.6", }, }, - PreDeploymentTasks: []string{ - "some-pre-deployment-task1", - }, - PostDeploymentTasks: []string{ - "some-post-deployment-task2", - }, - PreDeploymentEvaluations: []string{ - "some-pre-evaluation-task1", - }, - PostDeploymentEvaluations: []string{ - "some-pre-evaluation-task2", - }, }, Status: v1beta1.KeptnAppStatus{ CurrentVersion: "1.2.3", diff --git a/lifecycle-operator/apis/lifecycle/v1alpha2/keptnappversion_conversion_test.go b/lifecycle-operator/apis/lifecycle/v1alpha2/keptnappversion_conversion_test.go index f078be1301..54eaf92329 100644 --- a/lifecycle-operator/apis/lifecycle/v1alpha2/keptnappversion_conversion_test.go +++ b/lifecycle-operator/apis/lifecycle/v1alpha2/keptnappversion_conversion_test.go @@ -51,6 +51,8 @@ func TestKeptnAppVersion_ConvertFrom(t *testing.T) { Version: "4.5.6", }, }, + }, + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{ "some-pre-deployment-task1", }, @@ -471,6 +473,8 @@ func TestKeptnAppVersion_ConvertTo(t *testing.T) { Version: "4.5.6", }, }, + }, + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{ "some-pre-deployment-task1", }, diff --git a/lifecycle-operator/apis/lifecycle/v1alpha3/keptnapp_conversion.go b/lifecycle-operator/apis/lifecycle/v1alpha3/keptnapp_conversion.go index f13d791978..e958c9d4b4 100644 --- a/lifecycle-operator/apis/lifecycle/v1alpha3/keptnapp_conversion.go +++ b/lifecycle-operator/apis/lifecycle/v1alpha3/keptnapp_conversion.go @@ -27,10 +27,6 @@ func (src *KeptnApp) ConvertTo(dstRaw conversion.Hub) error { Version: srcWl.Version, }) } - dst.Spec.PreDeploymentTasks = src.Spec.PreDeploymentTasks - dst.Spec.PostDeploymentTasks = src.Spec.PostDeploymentTasks - dst.Spec.PreDeploymentEvaluations = src.Spec.PreDeploymentEvaluations - dst.Spec.PostDeploymentEvaluations = src.Spec.PostDeploymentEvaluations dst.Status.CurrentVersion = src.Status.CurrentVersion @@ -58,10 +54,6 @@ func (dst *KeptnApp) ConvertFrom(srcRaw conversion.Hub) error { Version: srcWl.Version, }) } - dst.Spec.PreDeploymentTasks = src.Spec.PreDeploymentTasks - dst.Spec.PostDeploymentTasks = src.Spec.PostDeploymentTasks - dst.Spec.PreDeploymentEvaluations = src.Spec.PreDeploymentEvaluations - dst.Spec.PostDeploymentEvaluations = src.Spec.PostDeploymentEvaluations dst.Status.CurrentVersion = src.Status.CurrentVersion diff --git a/lifecycle-operator/apis/lifecycle/v1alpha3/keptnapp_conversion_test.go b/lifecycle-operator/apis/lifecycle/v1alpha3/keptnapp_conversion_test.go index 8c471ce541..d7b1ff6d42 100644 --- a/lifecycle-operator/apis/lifecycle/v1alpha3/keptnapp_conversion_test.go +++ b/lifecycle-operator/apis/lifecycle/v1alpha3/keptnapp_conversion_test.go @@ -47,18 +47,6 @@ func TestKeptnApp_ConvertFrom(t *testing.T) { Version: "4.5.6", }, }, - PreDeploymentTasks: []string{ - "some-pre-deployment-task1", - }, - PostDeploymentTasks: []string{ - "some-post-deployment-task2", - }, - PreDeploymentEvaluations: []string{ - "some-pre-evaluation-task1", - }, - PostDeploymentEvaluations: []string{ - "some-pre-evaluation-task2", - }, }, Status: v1beta1.KeptnAppStatus{ CurrentVersion: "1.2.3", @@ -89,18 +77,6 @@ func TestKeptnApp_ConvertFrom(t *testing.T) { Version: "4.5.6", }, }, - PreDeploymentTasks: []string{ - "some-pre-deployment-task1", - }, - PostDeploymentTasks: []string{ - "some-post-deployment-task2", - }, - PreDeploymentEvaluations: []string{ - "some-pre-evaluation-task1", - }, - PostDeploymentEvaluations: []string{ - "some-pre-evaluation-task2", - }, }, Status: KeptnAppStatus{ CurrentVersion: "1.2.3", @@ -163,18 +139,6 @@ func TestKeptnApp_ConvertTo(t *testing.T) { Version: "4.5.6", }, }, - PreDeploymentTasks: []string{ - "some-pre-deployment-task1", - }, - PostDeploymentTasks: []string{ - "some-post-deployment-task2", - }, - PreDeploymentEvaluations: []string{ - "some-pre-evaluation-task1", - }, - PostDeploymentEvaluations: []string{ - "some-pre-evaluation-task2", - }, }, Status: KeptnAppStatus{ CurrentVersion: "1.2.3", @@ -205,18 +169,6 @@ func TestKeptnApp_ConvertTo(t *testing.T) { Version: "4.5.6", }, }, - PreDeploymentTasks: []string{ - "some-pre-deployment-task1", - }, - PostDeploymentTasks: []string{ - "some-post-deployment-task2", - }, - PreDeploymentEvaluations: []string{ - "some-pre-evaluation-task1", - }, - PostDeploymentEvaluations: []string{ - "some-pre-evaluation-task2", - }, }, Status: v1beta1.KeptnAppStatus{ CurrentVersion: "1.2.3", diff --git a/lifecycle-operator/apis/lifecycle/v1alpha3/keptnappversion_conversion_test.go b/lifecycle-operator/apis/lifecycle/v1alpha3/keptnappversion_conversion_test.go index f94bcc1026..71eac0a232 100644 --- a/lifecycle-operator/apis/lifecycle/v1alpha3/keptnappversion_conversion_test.go +++ b/lifecycle-operator/apis/lifecycle/v1alpha3/keptnappversion_conversion_test.go @@ -51,6 +51,8 @@ func TestKeptnAppVersion_ConvertFrom(t *testing.T) { Version: "4.5.6", }, }, + }, + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{ "some-pre-deployment-task1", }, @@ -473,6 +475,8 @@ func TestKeptnAppVersion_ConvertTo(t *testing.T) { Version: "4.5.6", }, }, + }, + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{ "some-pre-deployment-task1", }, diff --git a/lifecycle-operator/apis/lifecycle/v1beta1/keptnapp_types.go b/lifecycle-operator/apis/lifecycle/v1beta1/keptnapp_types.go index 27a6fb745c..177d441d78 100644 --- a/lifecycle-operator/apis/lifecycle/v1beta1/keptnapp_types.go +++ b/lifecycle-operator/apis/lifecycle/v1beta1/keptnapp_types.go @@ -41,28 +41,6 @@ type KeptnAppSpec struct { // Workloads is a list of all KeptnWorkloads that are part of the KeptnApp. // +optional Workloads []KeptnWorkloadRef `json:"workloads,omitempty"` - // PreDeploymentTasks is a list of all tasks to be performed during the pre-deployment phase of the KeptnApp. - // The items of this list refer to the names of KeptnTaskDefinitions - // located in the same namespace as the KeptnApp, or in the Keptn namespace. - // +optional - PreDeploymentTasks []string `json:"preDeploymentTasks,omitempty"` - // PostDeploymentTasks is a list of all tasks to be performed during the post-deployment phase of the KeptnApp. - // The items of this list refer to the names of KeptnTaskDefinitions - // located in the same namespace as the KeptnApp, or in the Keptn namespace. - // +optional - PostDeploymentTasks []string `json:"postDeploymentTasks,omitempty"` - // PreDeploymentEvaluations is a list of all evaluations to be performed - // during the pre-deployment phase of the KeptnApp. - // The items of this list refer to the names of KeptnEvaluationDefinitions - // located in the same namespace as the KeptnApp, or in the Keptn namespace. - // +optional - PreDeploymentEvaluations []string `json:"preDeploymentEvaluations,omitempty"` - // PostDeploymentEvaluations is a list of all evaluations to be performed - // during the post-deployment phase of the KeptnApp. - // The items of this list refer to the names of KeptnEvaluationDefinitions - // located in the same namespace as the KeptnApp, or in the Keptn namespace. - // +optional - PostDeploymentEvaluations []string `json:"postDeploymentEvaluations,omitempty"` } // KeptnAppStatus defines the observed state of KeptnApp diff --git a/lifecycle-operator/apis/lifecycle/v1beta1/keptnappversion_types.go b/lifecycle-operator/apis/lifecycle/v1beta1/keptnappversion_types.go index eb0de7a91b..8b84c5ec79 100644 --- a/lifecycle-operator/apis/lifecycle/v1beta1/keptnappversion_types.go +++ b/lifecycle-operator/apis/lifecycle/v1beta1/keptnappversion_types.go @@ -30,7 +30,8 @@ import ( // KeptnAppVersionSpec defines the desired state of KeptnAppVersion type KeptnAppVersionSpec struct { - KeptnAppSpec `json:",inline"` + DeploymentTaskSpec `json:",inline"` + KeptnAppSpec `json:",inline"` // AppName is the name of the KeptnApp. AppName string `json:"appName"` // PreviousVersion is the version of the KeptnApp that has been deployed prior to this version. diff --git a/lifecycle-operator/apis/lifecycle/v1beta1/keptnappversion_types_test.go b/lifecycle-operator/apis/lifecycle/v1beta1/keptnappversion_types_test.go index 6649899dbc..a94d8a2f79 100644 --- a/lifecycle-operator/apis/lifecycle/v1beta1/keptnappversion_types_test.go +++ b/lifecycle-operator/apis/lifecycle/v1beta1/keptnappversion_types_test.go @@ -57,11 +57,13 @@ func TestKeptnAppVersion(t *testing.T) { }, Spec: KeptnAppVersionSpec{ KeptnAppSpec: KeptnAppSpec{ + Version: "version", + }, + DeploymentTaskSpec: DeploymentTaskSpec{ PreDeploymentTasks: []string{"task1", "task2"}, PostDeploymentTasks: []string{"task3", "task4"}, PreDeploymentEvaluations: []string{"task5", "task6"}, PostDeploymentEvaluations: []string{"task7", "task8"}, - Version: "version", }, PreviousVersion: "prev", AppName: "appname", diff --git a/lifecycle-operator/apis/lifecycle/v1beta1/zz_generated.deepcopy.go b/lifecycle-operator/apis/lifecycle/v1beta1/zz_generated.deepcopy.go index 41cdb57bc3..1819d8d6b1 100644 --- a/lifecycle-operator/apis/lifecycle/v1beta1/zz_generated.deepcopy.go +++ b/lifecycle-operator/apis/lifecycle/v1beta1/zz_generated.deepcopy.go @@ -451,26 +451,6 @@ func (in *KeptnAppSpec) DeepCopyInto(out *KeptnAppSpec) { *out = make([]KeptnWorkloadRef, len(*in)) copy(*out, *in) } - if in.PreDeploymentTasks != nil { - in, out := &in.PreDeploymentTasks, &out.PreDeploymentTasks - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.PostDeploymentTasks != nil { - in, out := &in.PostDeploymentTasks, &out.PostDeploymentTasks - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.PreDeploymentEvaluations != nil { - in, out := &in.PreDeploymentEvaluations, &out.PreDeploymentEvaluations - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.PostDeploymentEvaluations != nil { - in, out := &in.PostDeploymentEvaluations, &out.PostDeploymentEvaluations - *out = make([]string, len(*in)) - copy(*out, *in) - } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeptnAppSpec. @@ -560,6 +540,7 @@ func (in *KeptnAppVersionList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KeptnAppVersionSpec) DeepCopyInto(out *KeptnAppVersionSpec) { *out = *in + in.DeploymentTaskSpec.DeepCopyInto(&out.DeploymentTaskSpec) in.KeptnAppSpec.DeepCopyInto(&out.KeptnAppSpec) if in.TraceId != nil { in, out := &in.TraceId, &out.TraceId diff --git a/lifecycle-operator/chart/templates/lifecycle-operator-rbac.yaml b/lifecycle-operator/chart/templates/lifecycle-operator-rbac.yaml index eb0895255e..1f45b3ff8c 100644 --- a/lifecycle-operator/chart/templates/lifecycle-operator-rbac.yaml +++ b/lifecycle-operator/chart/templates/lifecycle-operator-rbac.yaml @@ -99,6 +99,14 @@ rules: - secrets verbs: - get +- apiGroups: + - lifecycle.keptn.sh + resources: + - keptnappcontexts + verbs: + - get + - list + - watch - apiGroups: - lifecycle.keptn.sh resources: diff --git a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnapps.yaml b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnapps.yaml index c70bc9d3a5..0c49e8ece4 100644 --- a/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnapps.yaml +++ b/lifecycle-operator/config/crd/bases/lifecycle.keptn.sh_keptnapps.yaml @@ -262,38 +262,6 @@ spec: spec: description: Spec describes the desired state of the KeptnApp. properties: - postDeploymentEvaluations: - description: PostDeploymentEvaluations is a list of all evaluations - to be performed during the post-deployment phase of the KeptnApp. - The items of this list refer to the names of KeptnEvaluationDefinitions - located in the same namespace as the KeptnApp, or in the Keptn namespace. - items: - type: string - type: array - postDeploymentTasks: - description: PostDeploymentTasks is a list of all tasks to be performed - during the post-deployment phase of the KeptnApp. The items of this - list refer to the names of KeptnTaskDefinitions located in the same - namespace as the KeptnApp, or in the Keptn namespace. - items: - type: string - type: array - preDeploymentEvaluations: - description: PreDeploymentEvaluations is a list of all evaluations - to be performed during the pre-deployment phase of the KeptnApp. - The items of this list refer to the names of KeptnEvaluationDefinitions - located in the same namespace as the KeptnApp, or in the Keptn namespace. - items: - type: string - type: array - preDeploymentTasks: - description: PreDeploymentTasks is a list of all tasks to be performed - during the pre-deployment phase of the KeptnApp. The items of this - list refer to the names of KeptnTaskDefinitions located in the same - namespace as the KeptnApp, or in the Keptn namespace. - items: - type: string - type: array revision: default: 1 description: Revision can be modified to trigger another deployment diff --git a/lifecycle-operator/config/rbac/role.yaml b/lifecycle-operator/config/rbac/role.yaml index 26125ccaa4..db29ef0610 100644 --- a/lifecycle-operator/config/rbac/role.yaml +++ b/lifecycle-operator/config/rbac/role.yaml @@ -93,6 +93,14 @@ rules: - secrets verbs: - get +- apiGroups: + - lifecycle.keptn.sh + resources: + - keptnappcontexts + verbs: + - get + - list + - watch - apiGroups: - lifecycle.keptn.sh resources: diff --git a/lifecycle-operator/controllers/common/evaluation/handler_test.go b/lifecycle-operator/controllers/common/evaluation/handler_test.go index e3ef967c7c..7f626b11ab 100644 --- a/lifecycle-operator/controllers/common/evaluation/handler_test.go +++ b/lifecycle-operator/controllers/common/evaluation/handler_test.go @@ -71,7 +71,7 @@ func TestEvaluationHandler(t *testing.T) { name: "evaluation not started", object: &v1beta1.KeptnAppVersion{ Spec: v1beta1.KeptnAppVersionSpec{ - KeptnAppSpec: v1beta1.KeptnAppSpec{ + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentEvaluations: []string{"eval-def"}, }, }, @@ -102,7 +102,7 @@ func TestEvaluationHandler(t *testing.T) { name: "already done evaluation", object: &v1beta1.KeptnAppVersion{ Spec: v1beta1.KeptnAppVersionSpec{ - KeptnAppSpec: v1beta1.KeptnAppSpec{ + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentEvaluations: []string{"eval-def"}, }, }, @@ -146,7 +146,7 @@ func TestEvaluationHandler(t *testing.T) { Namespace: "namespace", }, Spec: v1beta1.KeptnAppVersionSpec{ - KeptnAppSpec: v1beta1.KeptnAppSpec{ + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentEvaluations: []string{"eval-def"}, }, }, @@ -208,7 +208,7 @@ func TestEvaluationHandler(t *testing.T) { Namespace: "namespace", }, Spec: v1beta1.KeptnAppVersionSpec{ - KeptnAppSpec: v1beta1.KeptnAppSpec{ + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentEvaluations: []string{"eval-def"}, }, }, @@ -325,7 +325,7 @@ func TestEvaluationHandler_createEvaluation(t *testing.T) { Namespace: "namespace", }, Spec: v1beta1.KeptnAppVersionSpec{ - KeptnAppSpec: v1beta1.KeptnAppSpec{ + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentEvaluations: []string{"eval-def"}, }, }, diff --git a/lifecycle-operator/controllers/common/task/handler_test.go b/lifecycle-operator/controllers/common/task/handler_test.go index b241865695..38a03f1bef 100644 --- a/lifecycle-operator/controllers/common/task/handler_test.go +++ b/lifecycle-operator/controllers/common/task/handler_test.go @@ -71,7 +71,7 @@ func TestTaskHandler(t *testing.T) { Namespace: "namespace", }, Spec: v1beta1.KeptnAppVersionSpec{ - KeptnAppSpec: v1beta1.KeptnAppSpec{ + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{"task-def"}, }, }, @@ -99,7 +99,7 @@ func TestTaskHandler(t *testing.T) { Namespace: "namespace", }, Spec: v1beta1.KeptnAppVersionSpec{ - KeptnAppSpec: v1beta1.KeptnAppSpec{ + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{"task-def", "other-task-def"}, }, }, @@ -139,7 +139,7 @@ func TestTaskHandler(t *testing.T) { Namespace: "namespace", }, Spec: v1beta1.KeptnAppVersionSpec{ - KeptnAppSpec: v1beta1.KeptnAppSpec{ + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{"task-def"}, }, }, @@ -179,7 +179,7 @@ func TestTaskHandler(t *testing.T) { Namespace: "namespace", }, Spec: v1beta1.KeptnAppVersionSpec{ - KeptnAppSpec: v1beta1.KeptnAppSpec{ + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{"task-def"}, }, }, @@ -216,7 +216,7 @@ func TestTaskHandler(t *testing.T) { name: "already done task", object: &v1beta1.KeptnAppVersion{ Spec: v1beta1.KeptnAppVersionSpec{ - KeptnAppSpec: v1beta1.KeptnAppSpec{ + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{"task-def"}, }, }, @@ -260,7 +260,7 @@ func TestTaskHandler(t *testing.T) { Namespace: "namespace", }, Spec: v1beta1.KeptnAppVersionSpec{ - KeptnAppSpec: v1beta1.KeptnAppSpec{ + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{"task-def"}, }, }, @@ -312,7 +312,7 @@ func TestTaskHandler(t *testing.T) { Namespace: "namespace", }, Spec: v1beta1.KeptnAppVersionSpec{ - KeptnAppSpec: v1beta1.KeptnAppSpec{ + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{"task-def"}, }, }, @@ -424,7 +424,7 @@ func TestTaskHandler_createTask(t *testing.T) { Namespace: "namespace", }, Spec: v1beta1.KeptnAppVersionSpec{ - KeptnAppSpec: v1beta1.KeptnAppSpec{ + DeploymentTaskSpec: v1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{"task-def"}, }, }, diff --git a/lifecycle-operator/controllers/lifecycle/keptnapp/controller.go b/lifecycle-operator/controllers/lifecycle/keptnapp/controller.go index 3385d894ce..f937d4b25c 100644 --- a/lifecycle-operator/controllers/lifecycle/keptnapp/controller.go +++ b/lifecycle-operator/controllers/lifecycle/keptnapp/controller.go @@ -54,6 +54,7 @@ type KeptnAppReconciler struct { // +kubebuilder:rbac:groups=lifecycle.keptn.sh,resources=keptnappversion,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=lifecycle.keptn.sh,resources=keptnappversion/status,verbs=get;update;patch // +kubebuilder:rbac:groups=lifecycle.keptn.sh,resources=keptnappversion/finalizers,verbs=update +// +kubebuilder:rbac:groups=lifecycle.keptn.sh,resources=keptnappcontexts,verbs=get;list;watch // Reconcile is part of the main kubernetes reconciliation loop which aims to // move the current state of the cluster closer to the desired state. @@ -88,7 +89,16 @@ func (r *KeptnAppReconciler) Reconcile(ctx context.Context, req ctrl.Request) (c err = r.Get(ctx, types.NamespacedName{Namespace: app.Namespace, Name: app.GetAppVersionName()}, appVersion) // If the app instance does not exist, create it if errors.IsNotFound(err) { - appVersion, err := r.createAppVersion(ctx, app) + appContext := &klcv1beta1.KeptnAppContext{} + err := r.Get(ctx, types.NamespacedName{ + Namespace: app.Namespace, + Name: app.Name, + }, appContext) + if client.IgnoreNotFound(err) != nil { + r.Log.Error(err, "Could not look up related KeptnAppContext", "requestInfo", requestInfo) + } + + appVersion, err := r.createAppVersion(ctx, app, appContext) if err != nil { return reconcile.Result{}, err } @@ -124,7 +134,7 @@ func (r *KeptnAppReconciler) SetupWithManager(mgr ctrl.Manager) error { Complete(r) } -func (r *KeptnAppReconciler) createAppVersion(ctx context.Context, app *klcv1beta1.KeptnApp) (*klcv1beta1.KeptnAppVersion, error) { +func (r *KeptnAppReconciler) createAppVersion(ctx context.Context, app *klcv1beta1.KeptnApp, appContext *klcv1beta1.KeptnAppContext) (*klcv1beta1.KeptnAppVersion, error) { previousVersion := "" if app.Spec.Version != app.Status.CurrentVersion { @@ -133,6 +143,8 @@ func (r *KeptnAppReconciler) createAppVersion(ctx context.Context, app *klcv1bet appVersion := app.GenerateAppVersion(previousVersion) + appVersion.Spec.DeploymentTaskSpec = appContext.Spec.DeploymentTaskSpec + err := controllerutil.SetControllerReference(app, &appVersion, r.Scheme) if err != nil { r.Log.Error(err, "could not set controller reference for AppVersion: "+appVersion.Name) diff --git a/lifecycle-operator/controllers/lifecycle/keptnapp/controller_test.go b/lifecycle-operator/controllers/lifecycle/keptnapp/controller_test.go index 3108121030..d82792dd45 100644 --- a/lifecycle-operator/controllers/lifecycle/keptnapp/controller_test.go +++ b/lifecycle-operator/controllers/lifecycle/keptnapp/controller_test.go @@ -36,9 +36,34 @@ func TestKeptnAppReconciler_createAppVersionSuccess(t *testing.T) { }, Status: lfcv1beta1.KeptnAppStatus{}, } + appContext := &lfcv1beta1.KeptnAppContext{ + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{ + Name: "my-app-context", + Namespace: "default", + Generation: 1, + }, + Spec: lfcv1beta1.KeptnAppContextSpec{ + DeploymentTaskSpec: lfcv1beta1.DeploymentTaskSpec{ + PreDeploymentTasks: []string{ + "some-pre-deployment-task1", + }, + PostDeploymentTasks: []string{ + "some-post-deployment-task2", + }, + PreDeploymentEvaluations: []string{ + "some-pre-evaluation-task1", + }, + PostDeploymentEvaluations: []string{ + "some-pre-evaluation-task2", + }, + }, + }, + Status: lfcv1beta1.KeptnAppContextStatus{}, + } r, _ := setupReconciler() - appVersion, err := r.createAppVersion(context.TODO(), app) + appVersion, err := r.createAppVersion(context.TODO(), app, appContext) if err != nil { t.Errorf("Error Creating appVersion: %s", err.Error()) } @@ -61,9 +86,34 @@ func TestKeptnAppReconciler_createAppVersionWithLongName(t *testing.T) { Version: "version", }, } + appContext := &lfcv1beta1.KeptnAppContext{ + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{ + Name: "my-app-context", + Namespace: "default", + Generation: 1, + }, + Spec: lfcv1beta1.KeptnAppContextSpec{ + DeploymentTaskSpec: lfcv1beta1.DeploymentTaskSpec{ + PreDeploymentTasks: []string{ + "some-pre-deployment-task1", + }, + PostDeploymentTasks: []string{ + "some-post-deployment-task2", + }, + PreDeploymentEvaluations: []string{ + "some-pre-evaluation-task1", + }, + PostDeploymentEvaluations: []string{ + "some-pre-evaluation-task2", + }, + }, + }, + Status: lfcv1beta1.KeptnAppContextStatus{}, + } r, _ := setupReconciler() - appVersion, err := r.createAppVersion(context.Background(), app) + appVersion, err := r.createAppVersion(context.Background(), app, appContext) if err != nil { t.Errorf("Error creating app version: %s", err.Error()) } diff --git a/lifecycle-operator/controllers/lifecycle/keptnappcreationrequest/controller.go b/lifecycle-operator/controllers/lifecycle/keptnappcreationrequest/controller.go index 915ceedc23..da499e6c76 100644 --- a/lifecycle-operator/controllers/lifecycle/keptnappcreationrequest/controller.go +++ b/lifecycle-operator/controllers/lifecycle/keptnappcreationrequest/controller.go @@ -248,12 +248,8 @@ func (r *KeptnAppCreationRequestReconciler) createKeptnApp(ctx context.Context, Annotations: creationRequest.Annotations, }, Spec: lifecycle.KeptnAppSpec{ - Version: computeVersionFromWorkloads(workloads), - PreDeploymentTasks: []string{}, - PostDeploymentTasks: []string{}, - PreDeploymentEvaluations: []string{}, - PostDeploymentEvaluations: []string{}, - Workloads: []lifecycle.KeptnWorkloadRef{}, + Version: computeVersionFromWorkloads(workloads), + Workloads: []lifecycle.KeptnWorkloadRef{}, }, } diff --git a/lifecycle-operator/controllers/lifecycle/keptnappversion/controller_test.go b/lifecycle-operator/controllers/lifecycle/keptnappversion/controller_test.go index c64542d6cd..26063ad4fe 100644 --- a/lifecycle-operator/controllers/lifecycle/keptnappversion/controller_test.go +++ b/lifecycle-operator/controllers/lifecycle/keptnappversion/controller_test.go @@ -140,6 +140,8 @@ func TestKeptnAppVersionReconciler_ReconcileFailed(t *testing.T) { Spec: lfcv1beta1.KeptnAppVersionSpec{ KeptnAppSpec: lfcv1beta1.KeptnAppSpec{ Version: "1.0.0", + }, + DeploymentTaskSpec: lfcv1beta1.DeploymentTaskSpec{ PreDeploymentTasks: []string{ "task", }, diff --git a/lifecycle-operator/test/component/appversion/appversion_test.go b/lifecycle-operator/test/component/appversion/appversion_test.go index 6e44b1fdee..c2f404e702 100644 --- a/lifecycle-operator/test/component/appversion/appversion_test.go +++ b/lifecycle-operator/test/component/appversion/appversion_test.go @@ -92,7 +92,9 @@ var _ = Describe("Appversion", Ordered, func() { Spec: klcv1beta1.KeptnAppVersionSpec{ AppName: appName, KeptnAppSpec: klcv1beta1.KeptnAppSpec{ - Version: version, + Version: version, + }, + DeploymentTaskSpec: klcv1beta1.DeploymentTaskSpec{ PreDeploymentEvaluations: []string{"eval-def-appversion"}, }, }, diff --git a/test/integration/app-failing-post-evaluation/00-assert.yaml b/test/integration/app-failing-post-evaluation/00-assert.yaml index 3dca4164ae..5afbd60b81 100644 --- a/test/integration/app-failing-post-evaluation/00-assert.yaml +++ b/test/integration/app-failing-post-evaluation/00-assert.yaml @@ -1,7 +1,7 @@ apiVersion: lifecycle.keptn.sh/v1beta1 kind: KeptnAppVersion metadata: - name: podtato-head-1.3-6b86b273 + name: podtato-head-0.1.0-6b86b273 status: currentPhase: AppPostDeployEvaluations postDeploymentStatus: Succeeded diff --git a/test/integration/app-failing-post-evaluation/00-install.yaml b/test/integration/app-failing-post-evaluation/00-install.yaml index 6872cb2be8..b46d79b636 100644 --- a/test/integration/app-failing-post-evaluation/00-install.yaml +++ b/test/integration/app-failing-post-evaluation/00-install.yaml @@ -1,12 +1,8 @@ apiVersion: lifecycle.keptn.sh/v1beta1 -kind: KeptnApp +kind: KeptnAppContext metadata: name: podtato-head spec: - version: "1.3" - workloads: - - name: podtato-head-entry - version: 0.1.0 postDeploymentEvaluations: - available-cpus --- diff --git a/test/integration/app-failing-post-task/00-assert.yaml b/test/integration/app-failing-post-task/00-assert.yaml index 91c25cf468..31b8ca905b 100644 --- a/test/integration/app-failing-post-task/00-assert.yaml +++ b/test/integration/app-failing-post-task/00-assert.yaml @@ -1,7 +1,7 @@ apiVersion: lifecycle.keptn.sh/v1beta1 kind: KeptnAppVersion metadata: - name: podtato-head-1.3-6b86b273 + name: podtato-head-0.1.0-6b86b273 status: currentPhase: AppPostDeployTasks postDeploymentEvaluationStatus: Deprecated diff --git a/test/integration/app-failing-post-task/00-install.yaml b/test/integration/app-failing-post-task/00-install.yaml index c924872383..053452e0d0 100644 --- a/test/integration/app-failing-post-task/00-install.yaml +++ b/test/integration/app-failing-post-task/00-install.yaml @@ -1,12 +1,8 @@ apiVersion: lifecycle.keptn.sh/v1beta1 -kind: KeptnApp +kind: KeptnAppContext metadata: name: podtato-head spec: - version: "1.3" - workloads: - - name: podtato-head-entry - version: 0.1.0 postDeploymentTasks: - failing-task --- diff --git a/test/integration/app-failing-pre-evaluation/00-assert.yaml b/test/integration/app-failing-pre-evaluation/00-assert.yaml index 196c5fd7c3..a0a4447503 100644 --- a/test/integration/app-failing-pre-evaluation/00-assert.yaml +++ b/test/integration/app-failing-pre-evaluation/00-assert.yaml @@ -1,7 +1,7 @@ apiVersion: lifecycle.keptn.sh/v1beta1 kind: KeptnAppVersion metadata: - name: podtato-head-1.3-6b86b273 + name: podtato-head-0.1.0-6b86b273 status: currentPhase: AppPreDeployEvaluations postDeploymentEvaluationStatus: Deprecated diff --git a/test/integration/app-failing-pre-evaluation/00-install.yaml b/test/integration/app-failing-pre-evaluation/00-install.yaml index b79a79aba8..fe89ab3982 100644 --- a/test/integration/app-failing-pre-evaluation/00-install.yaml +++ b/test/integration/app-failing-pre-evaluation/00-install.yaml @@ -1,12 +1,8 @@ apiVersion: lifecycle.keptn.sh/v1beta1 -kind: KeptnApp +kind: KeptnAppContext metadata: name: podtato-head spec: - version: "1.3" - workloads: - - name: podtato-head-entry - version: 0.1.0 preDeploymentEvaluations: - available-cpus --- diff --git a/test/integration/app-failing-pre-task-retry/00-assert.yaml b/test/integration/app-failing-pre-task-retry/00-assert.yaml index 07b079fcbe..a4079a906c 100644 --- a/test/integration/app-failing-pre-task-retry/00-assert.yaml +++ b/test/integration/app-failing-pre-task-retry/00-assert.yaml @@ -1,7 +1,7 @@ apiVersion: lifecycle.keptn.sh/v1beta1 kind: KeptnAppVersion metadata: - name: podtato-head-1.3-6b86b273 + name: podtato-head-0.1.0-6b86b273 status: currentPhase: AppPreDeployTasks postDeploymentEvaluationStatus: Deprecated @@ -16,7 +16,7 @@ kind: KeptnTask spec: context: appName: podtato-head - appVersion: '1.3' + appVersion: '0.1.0' taskType: pre retries: 2 taskDefinition: pre-task-retries diff --git a/test/integration/app-failing-pre-task-retry/00-install.yaml b/test/integration/app-failing-pre-task-retry/00-install.yaml index 7f6dd4a96c..50e834d200 100644 --- a/test/integration/app-failing-pre-task-retry/00-install.yaml +++ b/test/integration/app-failing-pre-task-retry/00-install.yaml @@ -1,12 +1,8 @@ apiVersion: lifecycle.keptn.sh/v1beta1 -kind: KeptnApp +kind: KeptnAppContext metadata: name: podtato-head spec: - version: "1.3" - workloads: - - name: podtato-head-entry - version: 0.1.0 preDeploymentTasks: - pre-task-retries --- diff --git a/test/integration/app-failing-pre-task-timeout/00-assert.yaml b/test/integration/app-failing-pre-task-timeout/00-assert.yaml index 598c08e2d1..1add66fdfa 100644 --- a/test/integration/app-failing-pre-task-timeout/00-assert.yaml +++ b/test/integration/app-failing-pre-task-timeout/00-assert.yaml @@ -1,7 +1,7 @@ apiVersion: lifecycle.keptn.sh/v1beta1 kind: KeptnAppVersion metadata: - name: podtato-head-1.3-6b86b273 + name: podtato-head-0.1.0-6b86b273 status: currentPhase: AppPreDeployTasks postDeploymentEvaluationStatus: Deprecated @@ -16,7 +16,7 @@ kind: KeptnTask spec: context: appName: podtato-head - appVersion: '1.3' + appVersion: '0.1.0' taskType: pre retries: 10 taskDefinition: pre-task-timeout diff --git a/test/integration/app-failing-pre-task-timeout/00-install.yaml b/test/integration/app-failing-pre-task-timeout/00-install.yaml index ca02231bce..93a46082e4 100644 --- a/test/integration/app-failing-pre-task-timeout/00-install.yaml +++ b/test/integration/app-failing-pre-task-timeout/00-install.yaml @@ -1,12 +1,8 @@ apiVersion: lifecycle.keptn.sh/v1beta1 -kind: KeptnApp +kind: KeptnAppContext metadata: name: podtato-head spec: - version: "1.3" - workloads: - - name: podtato-head-entry - version: 0.1.0 preDeploymentTasks: - pre-task-timeout --- diff --git a/test/integration/app-failing-pre-task/00-assert.yaml b/test/integration/app-failing-pre-task/00-assert.yaml index 67862e9775..e0f44beba4 100644 --- a/test/integration/app-failing-pre-task/00-assert.yaml +++ b/test/integration/app-failing-pre-task/00-assert.yaml @@ -1,7 +1,7 @@ apiVersion: lifecycle.keptn.sh/v1beta1 kind: KeptnAppVersion metadata: - name: podtato-head-1.3-6b86b273 + name: podtato-head-0.1.0-6b86b273 status: currentPhase: AppPreDeployTasks postDeploymentEvaluationStatus: Deprecated diff --git a/test/integration/app-failing-pre-task/00-install.yaml b/test/integration/app-failing-pre-task/00-install.yaml index 08d633ff52..58419775fd 100644 --- a/test/integration/app-failing-pre-task/00-install.yaml +++ b/test/integration/app-failing-pre-task/00-install.yaml @@ -1,12 +1,8 @@ apiVersion: lifecycle.keptn.sh/v1beta1 -kind: KeptnApp +kind: KeptnAppContext metadata: name: podtato-head spec: - version: "1.3" - workloads: - - name: podtato-head-entry - version: 0.1.0 preDeploymentTasks: - check-entry-service --- diff --git a/test/integration/app-one-taskdefinition-not-found/00-assert.yaml b/test/integration/app-one-taskdefinition-not-found/00-assert.yaml index 2bce287db0..e9e08878b2 100644 --- a/test/integration/app-one-taskdefinition-not-found/00-assert.yaml +++ b/test/integration/app-one-taskdefinition-not-found/00-assert.yaml @@ -1,7 +1,7 @@ apiVersion: lifecycle.keptn.sh/v1beta1 kind: KeptnAppVersion metadata: - name: podtato-head-1.3-6b86b273 + name: podtato-head-0.1.0-6b86b273 status: currentPhase: AppPreDeployTasks postDeploymentEvaluationStatus: Pending @@ -16,7 +16,7 @@ kind: KeptnTask spec: context: appName: podtato-head - appVersion: '1.3' + appVersion: '0.1.0' taskType: pre retries: 10 taskDefinition: pre-task-timeout diff --git a/test/integration/app-one-taskdefinition-not-found/00-install.yaml b/test/integration/app-one-taskdefinition-not-found/00-install.yaml index ed3a9f32f6..08781a3756 100644 --- a/test/integration/app-one-taskdefinition-not-found/00-install.yaml +++ b/test/integration/app-one-taskdefinition-not-found/00-install.yaml @@ -1,12 +1,8 @@ apiVersion: lifecycle.keptn.sh/v1beta1 -kind: KeptnApp +kind: KeptnAppContext metadata: name: podtato-head spec: - version: "1.3" - workloads: - - name: podtato-head-entry - version: 0.1.0 preDeploymentTasks: - pre-task-timeout - pre-task-notfound diff --git a/test/integration/podtato-head-application/00-assert.yaml b/test/integration/podtato-head-application/00-assert.yaml index fee18de8eb..be00d96664 100644 --- a/test/integration/podtato-head-application/00-assert.yaml +++ b/test/integration/podtato-head-application/00-assert.yaml @@ -1,7 +1,12 @@ apiVersion: lifecycle.keptn.sh/v1beta1 +kind: KeptnApp +metadata: + name: podtato-head +--- +apiVersion: lifecycle.keptn.sh/v1beta1 kind: KeptnAppVersion metadata: - name: podtato-head-1.3-6b86b273 + name: podtato-head-95a0b0ddca-6b86b273 status: currentPhase: Completed postDeploymentEvaluationStatus: Succeeded diff --git a/test/integration/podtato-head-application/00-install.yaml b/test/integration/podtato-head-application/00-install.yaml index 6a12eb37e2..cc56b3f31d 100644 --- a/test/integration/podtato-head-application/00-install.yaml +++ b/test/integration/podtato-head-application/00-install.yaml @@ -1,22 +1,8 @@ apiVersion: lifecycle.keptn.sh/v1beta1 -kind: KeptnApp +kind: KeptnAppContext metadata: name: podtato-head spec: - version: "1.3" - workloads: - - name: podtato-head-left-arm - version: 0.1.0 - - name: podtato-head-left-leg - version: 0.1.0 - - name: podtato-head-entry - version: 0.1.0 - - name: podtato-head-right-arm - version: 0.1.0 - - name: podtato-head-right-leg - version: 0.1.0 - - name: podtato-head-hat - version: 0.1.0 preDeploymentEvaluations: - available-cpus preDeploymentTasks: From d6d83c7f67a18a4b30aabe774a8fa2c93399f301 Mon Sep 17 00:00:00 2001 From: odubajDT <93584209+odubajDT@users.noreply.github.com> Date: Thu, 18 Jan 2024 07:51:28 +0100 Subject: [PATCH 2/4] feat: introduce configurable support of cert-manager.io CA injection (#2811) Signed-off-by: Geoffrey Israel Signed-off-by: sudipto baral Signed-off-by: odubajDT <93584209+odubajDT@users.noreply.github.com> Signed-off-by: odubajDT Co-authored-by: Geoffrey Israel Co-authored-by: Sudipto Baral Co-authored-by: Giovanni Liva --- .../.helm-tests/certificates-only/values.yaml | 2 +- .../scripts/.helm-tests/default/result.yaml | 39 +++++++++++-------- .../scripts/.helm-tests/default/values.yaml | 3 +- .../.helm-tests/lifecycle-only/result.yaml | 26 +++++++------ .../.helm-tests/lifecycle-only/values.yaml | 5 ++- .../lifecycle-with-certs/result.yaml | 26 +++++++------ .../lifecycle-with-certs/values.yaml | 4 +- .../result.yaml | 13 ++++--- .../values.yaml | 5 ++- .../.helm-tests/metrics-only/result.yaml | 13 ++++--- .../.helm-tests/metrics-only/values.yaml | 5 ++- .../metrics-with-certs/result.yaml | 13 ++++--- .../metrics-with-certs/values.yaml | 4 +- chart/Chart.lock | 4 +- chart/Chart.yaml | 2 +- chart/NOTES.txt | 2 +- chart/README.md | 23 +++++------ chart/values.yaml | 9 +++-- .../configuration/cert-manager.md | 37 +++++++++++++----- keptn-cert-manager/.gitignore | 2 + keptn-cert-manager/chart/README.md | 13 ++++--- keptn-cert-manager/chart/values.yaml | 4 +- lifecycle-operator/chart/README.md | 4 +- .../chart/templates/deployment.yaml | 2 + .../chart/templates/keptnapp-crd.yaml | 4 +- .../keptnappcreationrequest-crd.yaml | 6 ++- .../chart/templates/keptnappversion-crd.yaml | 4 +- .../chart/templates/keptnconfig-crd.yaml | 4 +- .../chart/templates/keptnevaluation-crd.yaml | 4 +- .../keptnevaluationdefinition-crd.yaml | 4 +- .../chart/templates/keptntask-crd.yaml | 4 +- .../templates/keptntaskdefinition-crd.yaml | 4 +- .../chart/templates/keptnworkload-crd.yaml | 4 +- .../templates/keptnworkloadversion-crd.yaml | 4 +- ...ecycle-mutating-webhook-configuration.yaml | 12 +++++- ...ycle-validating-webhook-configuration.yaml | 12 +++++- lifecycle-operator/chart/values.yaml | 7 +++- .../config/manager/manager.yaml | 2 + lifecycle-operator/go.mod | 2 +- lifecycle-operator/go.sum | 4 +- lifecycle-operator/main.go | 17 ++++++-- metrics-operator/.gitignore | 2 + metrics-operator/chart/README.md | 14 ++++--- .../chart/templates/analysis-crd.yaml | 3 ++ .../templates/analysisdefinition-crd.yaml | 4 +- .../templates/analysisvaluetemplate-crd.yaml | 4 +- .../chart/templates/deployment.yaml | 2 + .../chart/templates/keptnmetric-crd.yaml | 4 +- .../templates/keptnmetricsprovider-crd.yaml | 4 +- ...rics-validating-webhook-configuration.yaml | 12 +++++- metrics-operator/chart/values.yaml | 7 +++- metrics-operator/config/manager/manager.yaml | 2 + metrics-operator/go.mod | 2 +- metrics-operator/go.sum | 4 +- metrics-operator/main.go | 16 ++++++-- 55 files changed, 294 insertions(+), 144 deletions(-) diff --git a/.github/scripts/.helm-tests/certificates-only/values.yaml b/.github/scripts/.helm-tests/certificates-only/values.yaml index f9539c1323..d0245a41ba 100644 --- a/.github/scripts/.helm-tests/certificates-only/values.yaml +++ b/.github/scripts/.helm-tests/certificates-only/values.yaml @@ -1,5 +1,4 @@ certManager: - enabled: true image: tag: v0.0.0 lifecycleOperator: @@ -8,6 +7,7 @@ metricsOperator: enabled: false global: + certManagerEnabled: true imageRegistry: "testreg" imagePullSecrets: [] commonAnnotations: diff --git a/.github/scripts/.helm-tests/default/result.yaml b/.github/scripts/.helm-tests/default/result.yaml index 56a6a87321..96ccb7da4f 100644 --- a/.github/scripts/.helm-tests/default/result.yaml +++ b/.github/scripts/.helm-tests/default/result.yaml @@ -137,7 +137,7 @@ metadata: name: keptnapps.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -585,7 +585,7 @@ metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -684,7 +684,7 @@ metadata: name: keptnappversions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -1820,7 +1820,7 @@ metadata: name: keptnconfigs.options.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -1890,7 +1890,7 @@ metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2419,7 +2419,7 @@ metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2674,7 +2674,7 @@ metadata: name: keptntasks.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3241,7 +3241,7 @@ metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -6580,7 +6580,7 @@ metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -6977,7 +6977,7 @@ metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -7604,6 +7604,7 @@ metadata: name: analyses.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 + cert-manager.io/inject-ca-from: helmtests/keptn-certs cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' labels: app.kubernetes.io/part-of: keptn @@ -7949,7 +7950,7 @@ metadata: name: analysisdefinitions.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -8636,7 +8637,7 @@ metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -8775,7 +8776,7 @@ metadata: name: keptnmetrics.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -9292,7 +9293,7 @@ metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -10969,6 +10970,8 @@ spec: value: "false" - name: KUBERNETES_CLUSTER_DOMAIN value: cluster.local + - name: CERT_MANAGER_ENABLED + value: "true" image: ghcr.io/keptn/lifecycle-operator:v0.0.0 imagePullPolicy: Always name: lifecycle-operator @@ -11154,6 +11157,8 @@ spec: value: "0" - name: KUBERNETES_CLUSTER_DOMAIN value: cluster.local + - name: CERT_MANAGER_ENABLED + value: "true" image: ghcr.io/keptn/metrics-operator:v0.0.0 imagePullPolicy: Always name: metrics-operator @@ -11259,7 +11264,7 @@ kind: MutatingWebhookConfiguration metadata: name: lifecycle-mutating-webhook-configuration annotations: - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: keptn.sh/inject-cert: "true" app.kubernetes.io/part-of: "keptn" @@ -11312,7 +11317,7 @@ kind: ValidatingWebhookConfiguration metadata: name: lifecycle-validating-webhook-configuration annotations: - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: keptn.sh/inject-cert: "true" app.kubernetes.io/instance: keptn-test @@ -11348,7 +11353,7 @@ kind: ValidatingWebhookConfiguration metadata: name: metrics-validating-webhook-configuration annotations: - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: keptn.sh/inject-cert: "true" app.kubernetes.io/instance: keptn-test diff --git a/.github/scripts/.helm-tests/default/values.yaml b/.github/scripts/.helm-tests/default/values.yaml index bc85b753fc..d8a7bfa39c 100644 --- a/.github/scripts/.helm-tests/default/values.yaml +++ b/.github/scripts/.helm-tests/default/values.yaml @@ -1,5 +1,4 @@ certManager: - enabled: true image: tag: v0.0.0 lifecycleOperator: @@ -18,3 +17,5 @@ metricsOperator: global: commonLabels: app.kubernetes.io/version: vmyversion + caInjectionAnnotations: + cert-manager.io/inject-ca-from: helmtests/keptn-certs diff --git a/.github/scripts/.helm-tests/lifecycle-only/result.yaml b/.github/scripts/.helm-tests/lifecycle-only/result.yaml index 4706bbd46a..61396599c1 100644 --- a/.github/scripts/.helm-tests/lifecycle-only/result.yaml +++ b/.github/scripts/.helm-tests/lifecycle-only/result.yaml @@ -83,7 +83,7 @@ metadata: name: keptnapps.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -531,7 +531,7 @@ metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -630,7 +630,7 @@ metadata: name: keptnappversions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -1766,7 +1766,7 @@ metadata: name: keptnconfigs.options.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -1836,7 +1836,7 @@ metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2365,7 +2365,7 @@ metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -2620,7 +2620,7 @@ metadata: name: keptntasks.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -3187,7 +3187,7 @@ metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -6526,7 +6526,7 @@ metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -6923,7 +6923,7 @@ metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: lifecycle.keptn.sh @@ -8450,6 +8450,8 @@ spec: value: "false" - name: KUBERNETES_CLUSTER_DOMAIN value: cluster.local + - name: CERT_MANAGER_ENABLED + value: "false" image: testreg/myrep:v0.0.1 imagePullPolicy: Always name: lifecycle-operator @@ -8581,7 +8583,7 @@ kind: MutatingWebhookConfiguration metadata: name: lifecycle-mutating-webhook-configuration annotations: - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: keptn.sh/inject-cert: "true" app.kubernetes.io/part-of: "keptn" @@ -8634,7 +8636,7 @@ kind: ValidatingWebhookConfiguration metadata: name: lifecycle-validating-webhook-configuration annotations: - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: keptn.sh/inject-cert: "true" app.kubernetes.io/instance: keptn-test diff --git a/.github/scripts/.helm-tests/lifecycle-only/values.yaml b/.github/scripts/.helm-tests/lifecycle-only/values.yaml index fd2f55533c..62396aa88a 100644 --- a/.github/scripts/.helm-tests/lifecycle-only/values.yaml +++ b/.github/scripts/.helm-tests/lifecycle-only/values.yaml @@ -1,10 +1,11 @@ global: + certManagerEnabled: false imageRegistry: "testreg" commonLabels: app.kubernetes.io/version: vmyversion + caInjectionAnnotations: + cert-manager.io/inject-ca-from: helmtests/keptn-certs -certManager: - enabled: false lifecycleOperator: enabled: true lifecycleOperator: diff --git a/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml b/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml index 6bc08ea4ab..17cf25f0b8 100644 --- a/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml +++ b/.github/scripts/.helm-tests/lifecycle-with-certs/result.yaml @@ -107,7 +107,7 @@ metadata: name: keptnapps.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs test/jj: test labels: app.kubernetes.io/part-of: keptn @@ -557,7 +557,7 @@ metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs test/jj: test labels: app.kubernetes.io/part-of: keptn @@ -657,7 +657,7 @@ metadata: name: keptnappversions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs test/jj: test labels: app.kubernetes.io/part-of: keptn @@ -1794,7 +1794,7 @@ metadata: name: keptnconfigs.options.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs test/jj: test labels: app.kubernetes.io/part-of: keptn @@ -1865,7 +1865,7 @@ metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs test/jj: test labels: app.kubernetes.io/part-of: keptn @@ -2395,7 +2395,7 @@ metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs test/jj: test labels: app.kubernetes.io/part-of: keptn @@ -2651,7 +2651,7 @@ metadata: name: keptntasks.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs test/jj: test labels: app.kubernetes.io/part-of: keptn @@ -3219,7 +3219,7 @@ metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs test/jj: test labels: app.kubernetes.io/part-of: keptn @@ -6559,7 +6559,7 @@ metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs test/jj: test labels: app.kubernetes.io/part-of: keptn @@ -6957,7 +6957,7 @@ metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs test/jj: test labels: app.kubernetes.io/part-of: keptn @@ -8764,6 +8764,8 @@ spec: value: "false" - name: KUBERNETES_CLUSTER_DOMAIN value: cluster.local + - name: CERT_MANAGER_ENABLED + value: "true" image: ghcr.io/keptn/lifecycle-operator:v0.0.0 imagePullPolicy: Never name: lifecycle-operator @@ -8896,8 +8898,8 @@ kind: MutatingWebhookConfiguration metadata: name: lifecycle-mutating-webhook-configuration annotations: - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' test/jj: test + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: keptn.sh/inject-cert: "true" app.kubernetes.io/part-of: "keptn" @@ -8950,8 +8952,8 @@ kind: ValidatingWebhookConfiguration metadata: name: lifecycle-validating-webhook-configuration annotations: - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' test/jj: test + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: keptn.sh/inject-cert: "true" app.kubernetes.io/instance: keptn-test diff --git a/.github/scripts/.helm-tests/lifecycle-with-certs/values.yaml b/.github/scripts/.helm-tests/lifecycle-with-certs/values.yaml index 29e7429e06..d814a47b1c 100644 --- a/.github/scripts/.helm-tests/lifecycle-with-certs/values.yaml +++ b/.github/scripts/.helm-tests/lifecycle-with-certs/values.yaml @@ -1,5 +1,4 @@ certManager: - enabled: true image: tag: v0.0.0 lifecycleOperator: @@ -16,7 +15,10 @@ metricsOperator: enabled: false global: + certManagerEnabled: true commonLabels: app.kubernetes.io/version: vmyversion commonAnnotations: test/jj: test + caInjectionAnnotations: + cert-manager.io/inject-ca-from: helmtests/keptn-certs diff --git a/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/result.yaml b/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/result.yaml index 5b0d8e415d..98556f637f 100644 --- a/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/result.yaml +++ b/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/result.yaml @@ -45,6 +45,7 @@ metadata: name: analyses.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 + cert-manager.io/inject-ca-from: helmtests/keptn-certs cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' labels: app.kubernetes.io/part-of: keptn @@ -390,7 +391,7 @@ metadata: name: analysisdefinitions.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1077,7 +1078,7 @@ metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1216,7 +1217,7 @@ metadata: name: keptnmetrics.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1733,7 +1734,7 @@ metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2301,6 +2302,8 @@ spec: value: "0" - name: KUBERNETES_CLUSTER_DOMAIN value: cluster.local + - name: CERT_MANAGER_ENABLED + value: "false" image: ghcr.io/keptn/metrics-operator:v0.0.0 imagePullPolicy: Always name: metrics-operator @@ -2362,7 +2365,7 @@ kind: ValidatingWebhookConfiguration metadata: name: metrics-validating-webhook-configuration annotations: - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: keptn.sh/inject-cert: "true" app.kubernetes.io/instance: keptn-test diff --git a/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/values.yaml b/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/values.yaml index 8ea2f879bd..4c70043b50 100644 --- a/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/values.yaml +++ b/.github/scripts/.helm-tests/metrics-only-with-apiservice-disabled/values.yaml @@ -1,5 +1,3 @@ -certManager: - enabled: false lifecycleOperator: enabled: false metricsOperator: @@ -10,5 +8,8 @@ metricsOperator: enabled: "false" global: + certManagerEnabled: false commonLabels: app.kubernetes.io/version: vmyversion + caInjectionAnnotations: + cert-manager.io/inject-ca-from: helmtests/keptn-certs diff --git a/.github/scripts/.helm-tests/metrics-only/result.yaml b/.github/scripts/.helm-tests/metrics-only/result.yaml index b10f54ab51..9b8a5ec662 100644 --- a/.github/scripts/.helm-tests/metrics-only/result.yaml +++ b/.github/scripts/.helm-tests/metrics-only/result.yaml @@ -45,6 +45,7 @@ metadata: name: analyses.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 + cert-manager.io/inject-ca-from: helmtests/keptn-certs cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' labels: app.kubernetes.io/part-of: keptn @@ -390,7 +391,7 @@ metadata: name: analysisdefinitions.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1077,7 +1078,7 @@ metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1216,7 +1217,7 @@ metadata: name: keptnmetrics.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1733,7 +1734,7 @@ metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2322,6 +2323,8 @@ spec: value: "0" - name: KUBERNETES_CLUSTER_DOMAIN value: cluster.local + - name: CERT_MANAGER_ENABLED + value: "false" image: ghcr.io/keptn/metrics-operator:v0.0.0 imagePullPolicy: Always name: metrics-operator @@ -2427,7 +2430,7 @@ kind: ValidatingWebhookConfiguration metadata: name: metrics-validating-webhook-configuration annotations: - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: keptn.sh/inject-cert: "true" app.kubernetes.io/instance: keptn-test diff --git a/.github/scripts/.helm-tests/metrics-only/values.yaml b/.github/scripts/.helm-tests/metrics-only/values.yaml index bb1ff14c19..b6e3830029 100644 --- a/.github/scripts/.helm-tests/metrics-only/values.yaml +++ b/.github/scripts/.helm-tests/metrics-only/values.yaml @@ -1,5 +1,3 @@ -certManager: - enabled: false lifecycleOperator: enabled: false metricsOperator: @@ -8,5 +6,8 @@ metricsOperator: tag: v0.0.0 global: + certManagerEnabled: false commonLabels: app.kubernetes.io/version: vmyversion + caInjectionAnnotations: + cert-manager.io/inject-ca-from: helmtests/keptn-certs diff --git a/.github/scripts/.helm-tests/metrics-with-certs/result.yaml b/.github/scripts/.helm-tests/metrics-with-certs/result.yaml index b6043cdeb5..362064e06c 100644 --- a/.github/scripts/.helm-tests/metrics-with-certs/result.yaml +++ b/.github/scripts/.helm-tests/metrics-with-certs/result.yaml @@ -60,6 +60,7 @@ metadata: name: analyses.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 + cert-manager.io/inject-ca-from: helmtests/keptn-certs cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' labels: app.kubernetes.io/part-of: keptn @@ -405,7 +406,7 @@ metadata: name: analysisdefinitions.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1092,7 +1093,7 @@ metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1231,7 +1232,7 @@ metadata: name: keptnmetrics.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -1748,7 +1749,7 @@ metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: app.kubernetes.io/part-of: keptn crdGroup: metrics.keptn.sh @@ -2578,6 +2579,8 @@ spec: value: "0" - name: KUBERNETES_CLUSTER_DOMAIN value: cluster.local + - name: CERT_MANAGER_ENABLED + value: "true" image: ghcr.io/keptn/metrics-operator:v0.0.0 imagePullPolicy: Never name: metrics-operator @@ -2683,7 +2686,7 @@ kind: ValidatingWebhookConfiguration metadata: name: metrics-validating-webhook-configuration annotations: - cert-manager.io/inject-ca-from: 'helmtests/keptn-certs' + cert-manager.io/inject-ca-from: helmtests/keptn-certs labels: keptn.sh/inject-cert: "true" app.kubernetes.io/instance: keptn-test diff --git a/.github/scripts/.helm-tests/metrics-with-certs/values.yaml b/.github/scripts/.helm-tests/metrics-with-certs/values.yaml index 4ed593f0b6..152810f6f6 100644 --- a/.github/scripts/.helm-tests/metrics-with-certs/values.yaml +++ b/.github/scripts/.helm-tests/metrics-with-certs/values.yaml @@ -1,5 +1,4 @@ certManager: - enabled: true image: tag: v0.0.0 lifecycleOperator: @@ -11,5 +10,8 @@ metricsOperator: imagePullPolicy: Never global: + certManagerEnabled: true commonLabels: app.kubernetes.io/version: vmyversion + caInjectionAnnotations: + cert-manager.io/inject-ca-from: helmtests/keptn-certs diff --git a/chart/Chart.lock b/chart/Chart.lock index 7a3b5f6109..84e8402e5b 100644 --- a/chart/Chart.lock +++ b/chart/Chart.lock @@ -8,5 +8,5 @@ dependencies: - name: keptn-metrics-operator repository: file://../metrics-operator/chart version: 0.1.0 -digest: sha256:ab7d035d4105c783c6d8914d455ecb41eb6b305ec6c1907bf2a2bbfa60bc95f0 -generated: "2024-01-15T15:02:08.867692+01:00" +digest: sha256:637c41b238e53b8e68661a83ddd30c5d1cbe7b47310c7503d39510551364a7e0 +generated: "2024-01-16T09:07:28.358693+01:00" diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 8d888a12a0..4508d55d53 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -52,7 +52,7 @@ dependencies: - name: keptn-cert-manager version: 0.2.0 alias: certManager - condition: certManager.enabled + condition: global.certManagerEnabled repository: file://../keptn-cert-manager/chart - name: keptn-lifecycle-operator version: 0.1.0 diff --git a/chart/NOTES.txt b/chart/NOTES.txt index 72433f91d2..74d75f5704 100644 --- a/chart/NOTES.txt +++ b/chart/NOTES.txt @@ -6,7 +6,7 @@ KEPTN VERSION: {{ .Chart.AppVersion }} The following controllers have been deployed: - {{- if .Values.certManager.enabled }} + {{- if .Values.global.certManagerEnabled }} - keptn-cert-manager {{- end }} {{- if .Values.lifecycleOperator.enabled }} diff --git a/chart/README.md b/chart/README.md index f4d3811e0e..6b746c52fb 100644 --- a/chart/README.md +++ b/chart/README.md @@ -9,17 +9,18 @@ metrics, observability, health checks, with pre- and post-deployment evaluations ### Keptn -| Name | Description | Value | -| --------------------------- | ------------------------------------------------------ | ------ | -| `certManager.enabled` | Enable this value to install Keptn Certificate Manager | `true` | -| `lifecycleOperator.enabled` | Enable this value to install Keptn Lifecycle Operator | `true` | -| `metricsOperator.enabled` | Enable this value to install Keptn Metrics Operator | `true` | +| Name | Description | Value | +| --------------------------- | ----------------------------------------------------- | ------ | +| `lifecycleOperator.enabled` | Enable this value to install Keptn Lifecycle Operator | `true` | +| `metricsOperator.enabled` | Enable this value to install Keptn Metrics Operator | `true` | ### Global parameters -| Name | Description | Value | -| -------------------------- | ------------------------------------------------------------------------- | ----- | -| `global.imageRegistry` | Global Docker image registry | `""` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | -| `global.commonLabels` | Common annotations to add to all Keptn resources. Evaluated as a template | `{}` | -| `global.commonAnnotations` | Common annotations to add to all Keptn resources. Evaluated as a template | `{}` | +| Name | Description | Value | +| ------------------------------- | ------------------------------------------------------------------------- | ------ | +| `global.certManagerEnabled` | Enable this value to install Keptn Certificate Manager | `true` | +| `global.imageRegistry` | Global Docker image registry | `""` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | +| `global.commonLabels` | Common labels to add to all Keptn resources. Evaluated as a template | `{}` | +| `global.commonAnnotations` | Common annotations to add to all Keptn resources. Evaluated as a template | `{}` | +| `global.caInjectionAnnotations` | CA injection annotations for cert-manager.io configuration | `{}` | diff --git a/chart/values.yaml b/chart/values.yaml index 378d41963a..e75214c390 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -1,7 +1,4 @@ ## @section Keptn -certManager: - ## @param certManager.enabled Enable this value to install Keptn Certificate Manager - enabled: true lifecycleOperator: ## @param lifecycleOperator.enabled Enable this value to install Keptn Lifecycle Operator enabled: true @@ -15,6 +12,8 @@ metricsOperator: ## global: + ## @param global.certManagerEnabled Enable this value to install Keptn Certificate Manager + certManagerEnabled: true ## @param global.imageRegistry Global Docker image registry imageRegistry: "" @@ -24,7 +23,9 @@ global: ## - myRegistryKeySecretName ## imagePullSecrets: [] - ## @param global.commonLabels Common annotations to add to all Keptn resources. Evaluated as a template + ## @param global.commonLabels Common labels to add to all Keptn resources. Evaluated as a template commonLabels: {} ## @param global.commonAnnotations Common annotations to add to all Keptn resources. Evaluated as a template commonAnnotations: {} + ## @param global.caInjectionAnnotations CA injection annotations for cert-manager.io configuration + caInjectionAnnotations: {} diff --git a/docs-new/docs/installation/configuration/cert-manager.md b/docs-new/docs/installation/configuration/cert-manager.md index 485efb7d69..68c439d6c0 100644 --- a/docs-new/docs/installation/configuration/cert-manager.md +++ b/docs-new/docs/installation/configuration/cert-manager.md @@ -22,7 +22,8 @@ The steps are: * Install `cert-manager.io` if it is not already installed. * Add the `Certificate` and `Issuer` CRs for `cert-manager.io`. -* (optional) Install Keptn without the built-in `keptn-cert-manager` via Helm +* (optional) Install Keptn without the built-in `keptn-cert-manager` +and with injected CA annotations via Helm ## Add the CR(s) for cert-manager.io @@ -33,13 +34,13 @@ apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: keptn-certs - namespace: + namespace: spec: dnsNames: - - lifecycle-webhook-service..svc - - lifecycle-webhook-service..svc.cluster.local - - metrics-webhook-service..svc - - metrics-webhook-service..svc.cluster.local + - lifecycle-webhook-service..svc + - lifecycle-webhook-service..svc.cluster.local + - metrics-webhook-service..svc + - metrics-webhook-service..svc.cluster.local issuerRef: kind: Issuer name: keptn-selfsigned-issuer @@ -49,7 +50,7 @@ apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: keptn-selfsigned-issuer - namespace: + namespace: spec: selfSigned: {} ``` @@ -61,5 +62,23 @@ Note the following about these fields: must be `keptn-certs`. * Substitute the namespace placeholders with your namespace, where Keptn is installed. -See the [CA Injector](https://cert-manager.io/docs/concepts/ca-injector/) -documentation for more details. +## Injecting CA Annotations + +`cert-manager.io` supports specific annotations for +injectable resources depending on the injection source. +To configure these annotations, modify the `global.caInjectionAnnotation` Helm value. +See the [CA Injector](https://cert-manager.io/docs/concepts/ca-injector/) documentation for more details. + +Here is an example `values.yaml` file demonstrating the configuration of CA injection +by using the `cert-manager.io/inject-ca-from` annotation: + +```yaml +global: + certManagerEnabled: false # disable Keptn Cert Manager + caInjectionAnnotations: + cert-manager.io/inject-ca-from: keptn-system/keptn-certs +``` + +Refer to the +[Customizing the configuration of components](../index.md#customizing-the-configuration-of-components) +for more details. diff --git a/keptn-cert-manager/.gitignore b/keptn-cert-manager/.gitignore index 50df7b57cb..7a89040098 100644 --- a/keptn-cert-manager/.gitignore +++ b/keptn-cert-manager/.gitignore @@ -32,3 +32,5 @@ load-report.* config/rendered/release.yaml chart/rendered.yaml + +chart/charts/*.tgz diff --git a/keptn-cert-manager/chart/README.md b/keptn-cert-manager/chart/README.md index fd7b0c381f..19c8574741 100644 --- a/keptn-cert-manager/chart/README.md +++ b/keptn-cert-manager/chart/README.md @@ -8,12 +8,13 @@ resource. ### Global parameters -| Name | Description | Value | -| -------------------------- | ------------------------------------------------------------------------- | ----- | -| `global.imageRegistry` | Global container image registry | `""` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | -| `global.commonLabels` | Common annotations to add to all Keptn resources. Evaluated as a template | `{}` | -| `global.commonAnnotations` | Common annotations to add to all Keptn resources. Evaluated as a template | `{}` | +| Name | Description | Value | +| ------------------------------- | ------------------------------------------------------------------------- | ----- | +| `global.imageRegistry` | Global container image registry | `""` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | +| `global.commonLabels` | Common labels to add to all Keptn resources. Evaluated as a template | `{}` | +| `global.commonAnnotations` | Common annotations to add to all Keptn resources. Evaluated as a template | `{}` | +| `global.caInjectionAnnotations` | CA injection annotations for cert-manager.io configuration | `{}` | ### Keptn Certificate Operator common diff --git a/keptn-cert-manager/chart/values.yaml b/keptn-cert-manager/chart/values.yaml index 1617d15278..a6202853c5 100644 --- a/keptn-cert-manager/chart/values.yaml +++ b/keptn-cert-manager/chart/values.yaml @@ -13,10 +13,12 @@ global: ## - myRegistryKeySecretName ## imagePullSecrets: [] - ## @param global.commonLabels Common annotations to add to all Keptn resources. Evaluated as a template + ## @param global.commonLabels Common labels to add to all Keptn resources. Evaluated as a template commonLabels: {} ## @param global.commonAnnotations Common annotations to add to all Keptn resources. Evaluated as a template commonAnnotations: {} + ## @param global.caInjectionAnnotations CA injection annotations for cert-manager.io configuration + caInjectionAnnotations: { } # yamllint disable rule:line-length diff --git a/lifecycle-operator/chart/README.md b/lifecycle-operator/chart/README.md index b601cb0f06..8fe37f534d 100644 --- a/lifecycle-operator/chart/README.md +++ b/lifecycle-operator/chart/README.md @@ -13,10 +13,12 @@ and application health checks | Name | Description | Value | | ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | +| `global.certManagerEnabled` | Enable this value to install Keptn Certificate Manager | `true` | | `global.imageRegistry` | Global container image registry | `""` | | `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | -| `global.commonLabels` | Common annotations to add to all Keptn resources. Evaluated as a template | `{}` | +| `global.commonLabels` | Common labels to add to all Keptn resources. Evaluated as a template | `{}` | | `global.commonAnnotations` | Common annotations to add to all Keptn resources. Evaluated as a template | `{}` | +| `global.caInjectionAnnotations` | CA injection annotations for cert-manager.io configuration | `{}` | | `lifecycleOperatorConfig.health.healthProbeBindAddress` | setup on what address to start the default health handler | `:8081` | | `lifecycleOperatorConfig.leaderElection.leaderElect` | enable leader election for multiple replicas of the lifecycle operator | `true` | | `lifecycleOperatorConfig.leaderElection.resourceName` | define LeaderElectionID | `6b866dd9.keptn.sh` | diff --git a/lifecycle-operator/chart/templates/deployment.yaml b/lifecycle-operator/chart/templates/deployment.yaml index e8f42fe96c..81b5be0a37 100644 --- a/lifecycle-operator/chart/templates/deployment.yaml +++ b/lifecycle-operator/chart/templates/deployment.yaml @@ -104,6 +104,8 @@ spec: }} - name: KUBERNETES_CLUSTER_DOMAIN value: {{ .Values.kubernetesClusterDomain }} + - name: CERT_MANAGER_ENABLED + value: {{ .Values.global.certManagerEnabled | quote }} image: {{ include "common.images.image" ( dict "imageRoot" .Values.lifecycleOperator.image "global" .Values.global ) }} imagePullPolicy: {{ .Values.lifecycleOperator.imagePullPolicy }} name: lifecycle-operator diff --git a/lifecycle-operator/chart/templates/keptnapp-crd.yaml b/lifecycle-operator/chart/templates/keptnapp-crd.yaml index eb14f75472..5d4d66619c 100644 --- a/lifecycle-operator/chart/templates/keptnapp-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnapp-crd.yaml @@ -4,7 +4,9 @@ metadata: name: keptnapps.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "common.annotations" (dict "context" .) }} labels: app.kubernetes.io/part-of: keptn diff --git a/lifecycle-operator/chart/templates/keptnappcreationrequest-crd.yaml b/lifecycle-operator/chart/templates/keptnappcreationrequest-crd.yaml index aa602851d6..04128469f3 100644 --- a/lifecycle-operator/chart/templates/keptnappcreationrequest-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnappcreationrequest-crd.yaml @@ -4,7 +4,9 @@ metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "common.annotations" ( dict "context" . ) }} labels: app.kubernetes.io/part-of: keptn @@ -91,4 +93,4 @@ spec: served: true storage: false subresources: - status: {} \ No newline at end of file + status: {} diff --git a/lifecycle-operator/chart/templates/keptnappversion-crd.yaml b/lifecycle-operator/chart/templates/keptnappversion-crd.yaml index afd15522a4..05a9ba20e1 100644 --- a/lifecycle-operator/chart/templates/keptnappversion-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnappversion-crd.yaml @@ -4,7 +4,9 @@ metadata: name: keptnappversions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "common.annotations" ( dict "context" . ) }} labels: app.kubernetes.io/part-of: keptn diff --git a/lifecycle-operator/chart/templates/keptnconfig-crd.yaml b/lifecycle-operator/chart/templates/keptnconfig-crd.yaml index 1dc455b41b..43aa18cff3 100644 --- a/lifecycle-operator/chart/templates/keptnconfig-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnconfig-crd.yaml @@ -4,7 +4,9 @@ metadata: name: keptnconfigs.options.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "common.annotations" ( dict "context" . ) }} labels: app.kubernetes.io/part-of: keptn diff --git a/lifecycle-operator/chart/templates/keptnevaluation-crd.yaml b/lifecycle-operator/chart/templates/keptnevaluation-crd.yaml index 00948573cb..534f5bbb14 100644 --- a/lifecycle-operator/chart/templates/keptnevaluation-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnevaluation-crd.yaml @@ -4,7 +4,9 @@ metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "common.annotations" ( dict "context" . ) }} labels: app.kubernetes.io/part-of: keptn diff --git a/lifecycle-operator/chart/templates/keptnevaluationdefinition-crd.yaml b/lifecycle-operator/chart/templates/keptnevaluationdefinition-crd.yaml index e11a4513dc..d540533700 100644 --- a/lifecycle-operator/chart/templates/keptnevaluationdefinition-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnevaluationdefinition-crd.yaml @@ -4,7 +4,9 @@ metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "common.annotations" ( dict "context" . ) }} labels: app.kubernetes.io/part-of: keptn diff --git a/lifecycle-operator/chart/templates/keptntask-crd.yaml b/lifecycle-operator/chart/templates/keptntask-crd.yaml index 73b47b693a..711a7dcd04 100644 --- a/lifecycle-operator/chart/templates/keptntask-crd.yaml +++ b/lifecycle-operator/chart/templates/keptntask-crd.yaml @@ -5,7 +5,9 @@ metadata: name: keptntasks.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "common.annotations" ( dict "context" . ) }} labels: app.kubernetes.io/part-of: keptn diff --git a/lifecycle-operator/chart/templates/keptntaskdefinition-crd.yaml b/lifecycle-operator/chart/templates/keptntaskdefinition-crd.yaml index 1685bb5db4..74d3bb2a17 100644 --- a/lifecycle-operator/chart/templates/keptntaskdefinition-crd.yaml +++ b/lifecycle-operator/chart/templates/keptntaskdefinition-crd.yaml @@ -4,7 +4,9 @@ metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "common.annotations" ( dict "context" . ) }} labels: app.kubernetes.io/part-of: keptn diff --git a/lifecycle-operator/chart/templates/keptnworkload-crd.yaml b/lifecycle-operator/chart/templates/keptnworkload-crd.yaml index dccb1fea60..32258343bf 100644 --- a/lifecycle-operator/chart/templates/keptnworkload-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnworkload-crd.yaml @@ -4,7 +4,9 @@ metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "common.annotations" ( dict "context" . ) }} labels: app.kubernetes.io/part-of: keptn diff --git a/lifecycle-operator/chart/templates/keptnworkloadversion-crd.yaml b/lifecycle-operator/chart/templates/keptnworkloadversion-crd.yaml index 0f1b9f83cd..a7e4ba52e9 100644 --- a/lifecycle-operator/chart/templates/keptnworkloadversion-crd.yaml +++ b/lifecycle-operator/chart/templates/keptnworkloadversion-crd.yaml @@ -4,7 +4,9 @@ metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "common.annotations" ( dict "context" . ) }} labels: app.kubernetes.io/part-of: keptn diff --git a/lifecycle-operator/chart/templates/lifecycle-mutating-webhook-configuration.yaml b/lifecycle-operator/chart/templates/lifecycle-mutating-webhook-configuration.yaml index 62d58c9325..144030faa2 100644 --- a/lifecycle-operator/chart/templates/lifecycle-mutating-webhook-configuration.yaml +++ b/lifecycle-operator/chart/templates/lifecycle-mutating-webhook-configuration.yaml @@ -2,9 +2,17 @@ apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: name: lifecycle-mutating-webhook-configuration +{{- $caAnnotations := .Values.global.caInjectionAnnotations}} +{{- $annotations := include "common.annotations" (dict "context" .) }} +{{- if or $caAnnotations $annotations }} annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' - {{- include "common.annotations" (dict "context" .) }} + {{- with $annotations }} + {{- . -}} + {{- end }} + {{- with $caAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} labels: keptn.sh/inject-cert: "true" app.kubernetes.io/part-of: "keptn" diff --git a/lifecycle-operator/chart/templates/lifecycle-validating-webhook-configuration.yaml b/lifecycle-operator/chart/templates/lifecycle-validating-webhook-configuration.yaml index 5f3f4f3839..c608b7138e 100644 --- a/lifecycle-operator/chart/templates/lifecycle-validating-webhook-configuration.yaml +++ b/lifecycle-operator/chart/templates/lifecycle-validating-webhook-configuration.yaml @@ -2,9 +2,17 @@ apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: name: lifecycle-validating-webhook-configuration +{{- $caAnnotations := .Values.global.caInjectionAnnotations}} +{{- $annotations := include "common.annotations" (dict "context" .) }} +{{- if or $caAnnotations $annotations }} annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' - {{- include "common.annotations" ( dict "context" . ) }} + {{- with $annotations }} + {{- . -}} + {{- end }} + {{- with $caAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} labels: keptn.sh/inject-cert: "true" {{- include "common.labels.standard" ( dict "context" . ) | nindent 4 }} diff --git a/lifecycle-operator/chart/values.yaml b/lifecycle-operator/chart/values.yaml index 3baf6f2553..a36181b029 100644 --- a/lifecycle-operator/chart/values.yaml +++ b/lifecycle-operator/chart/values.yaml @@ -4,6 +4,8 @@ ## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass global: + ## @param global.certManagerEnabled Enable this value to install Keptn Certificate Manager + certManagerEnabled: true ## @param global.imageRegistry Global container image registry imageRegistry: "" @@ -13,12 +15,15 @@ global: ## - myRegistryKeySecretName ## imagePullSecrets: [] - ## @param global.commonLabels Common annotations to add to all Keptn resources. Evaluated as a template + ## @param global.commonLabels Common labels to add to all Keptn resources. Evaluated as a template ## commonLabels: { } ## @param global.commonAnnotations Common annotations to add to all Keptn resources. Evaluated as a template ## commonAnnotations: { } + ## @param global.caInjectionAnnotations CA injection annotations for cert-manager.io configuration + ## + caInjectionAnnotations: { } lifecycleOperatorConfig: health: diff --git a/lifecycle-operator/config/manager/manager.yaml b/lifecycle-operator/config/manager/manager.yaml index a8e6ee7acb..a3b25595d4 100644 --- a/lifecycle-operator/config/manager/manager.yaml +++ b/lifecycle-operator/config/manager/manager.yaml @@ -81,6 +81,8 @@ spec: value: "0" - name: SCHEDULING_GATES_ENABLED value: "false" + - name: CERT_MANAGER_ENABLED + value: "true" securityContext: seccompProfile: type: RuntimeDefault diff --git a/lifecycle-operator/go.mod b/lifecycle-operator/go.mod index 3a274edf88..89f6cade31 100644 --- a/lifecycle-operator/go.mod +++ b/lifecycle-operator/go.mod @@ -9,7 +9,7 @@ require ( github.com/cloudevents/sdk-go/v2 v2.14.0 github.com/go-logr/logr v1.4.1 github.com/kelseyhightower/envconfig v1.4.0 - github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20231211075630-e386ec643fa7 + github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20231220125738-6b5f424f8cf1 github.com/magiconair/properties v1.8.7 github.com/onsi/ginkgo/v2 v2.14.0 github.com/onsi/gomega v1.30.0 diff --git a/lifecycle-operator/go.sum b/lifecycle-operator/go.sum index 0f68044d30..29c98a75fe 100644 --- a/lifecycle-operator/go.sum +++ b/lifecycle-operator/go.sum @@ -78,8 +78,8 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dvMUtDTo2cv8= github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= -github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20231211075630-e386ec643fa7 h1:IQmKPpTRP2/ZBJ778BCkHfwolf8VHt3p5yBJFtwSFII= -github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20231211075630-e386ec643fa7/go.mod h1:5BmQaTihG6MYDrwJoeFI80uGJ5iGIxBIWzl6RcKJejk= +github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20231220125738-6b5f424f8cf1 h1:C1yHneE1lcuOnJY3PLlVK+AhaPLfShOMhSxdlja0S1U= +github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20231220125738-6b5f424f8cf1/go.mod h1:5BmQaTihG6MYDrwJoeFI80uGJ5iGIxBIWzl6RcKJejk= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= diff --git a/lifecycle-operator/main.go b/lifecycle-operator/main.go index 67a9a0d174..986f6f21e6 100644 --- a/lifecycle-operator/main.go +++ b/lifecycle-operator/main.go @@ -103,6 +103,8 @@ type envConfig struct { KeptnOptionsControllerLogLevel int `envconfig:"OPTIONS_CONTROLLER_LOG_LEVEL" default:"0"` SchedulingGatesEnabled bool `envconfig:"SCHEDULING_GATES_ENABLED" default:"false"` + + CertManagerEnabled bool `envconfig:"CERT_MANAGER_ENABLED" default:"true"` } const KeptnLifecycleActiveMetric = "keptn_lifecycle_active" @@ -393,15 +395,22 @@ func main() { setupLog.Info("Keptn lifecycle-operator is alive") keptnLifecycleActive.Add(context.Background(), 1) if !disableWebhook { - webhookBuilder = webhookBuilder.SetCertificateWatcher( - certificates.NewCertificateWatcher( + var certificateWatcher certificates.ICertificateWatcher + + // Check if cert manager is enabled + if env.CertManagerEnabled { + certificateWatcher = certificates.NewCertificateWatcher( mgr.GetAPIReader(), webhookBuilder.GetOptions().CertDir, env.PodNamespace, certCommon.SecretName, setupLog, - )) - + ) + } else { + // Use the NoOpCertificateWatcher when cert manager is disabled + certificateWatcher = certificates.NewNoOpCertificateWatcher() + } + webhookBuilder = webhookBuilder.SetCertificateWatcher(certificateWatcher) setupLog.Info(fmt.Sprintf("%v", webhookBuilder)) webhookLogger := ctrl.Log.WithName("Mutating Webhook") webhookRecorder := mgr.GetEventRecorderFor("keptn/webhook") diff --git a/metrics-operator/.gitignore b/metrics-operator/.gitignore index e28d69955a..0f21226281 100644 --- a/metrics-operator/.gitignore +++ b/metrics-operator/.gitignore @@ -28,3 +28,5 @@ load-report.* *~ .dccache* + +chart/charts/*.tgz diff --git a/metrics-operator/chart/README.md b/metrics-operator/chart/README.md index 3dea96e631..33dda89c4b 100644 --- a/metrics-operator/chart/README.md +++ b/metrics-operator/chart/README.md @@ -13,12 +13,14 @@ Prometheus, Dynatrace, DataDog and K8s metric server... ### Global parameters -| Name | Description | Value | -| -------------------------- | ------------------------------------------------------------------------- | ----- | -| `global.imageRegistry` | Global container image registry | `""` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | -| `global.commonLabels` | Common annotations to add to all Keptn resources. Evaluated as a template | `{}` | -| `global.commonAnnotations` | Common annotations to add to all Keptn resources. Evaluated as a template | `{}` | +| Name | Description | Value | +| ------------------------------- | ------------------------------------------------------------------------- | ------ | +| `global.certManagerEnabled` | Enable this value to install Keptn Certificate Manager | `true` | +| `global.imageRegistry` | Global container image registry | `""` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | +| `global.commonLabels` | Common labels to add to all Keptn resources. Evaluated as a template | `{}` | +| `global.commonAnnotations` | Common annotations to add to all Keptn resources. Evaluated as a template | `{}` | +| `global.caInjectionAnnotations` | CA injection annotations for cert-manager.io configuration | `{}` | ### Keptn Metrics Operator common diff --git a/metrics-operator/chart/templates/analysis-crd.yaml b/metrics-operator/chart/templates/analysis-crd.yaml index 492b134db9..73f311f28c 100644 --- a/metrics-operator/chart/templates/analysis-crd.yaml +++ b/metrics-operator/chart/templates/analysis-crd.yaml @@ -4,6 +4,9 @@ metadata: name: analyses.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' {{- include "common.annotations" ( dict "context" . ) }} labels: diff --git a/metrics-operator/chart/templates/analysisdefinition-crd.yaml b/metrics-operator/chart/templates/analysisdefinition-crd.yaml index 2e75e9eb37..db87f99f58 100644 --- a/metrics-operator/chart/templates/analysisdefinition-crd.yaml +++ b/metrics-operator/chart/templates/analysisdefinition-crd.yaml @@ -4,7 +4,9 @@ metadata: name: analysisdefinitions.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "common.annotations" ( dict "context" . ) }} labels: app.kubernetes.io/part-of: keptn diff --git a/metrics-operator/chart/templates/analysisvaluetemplate-crd.yaml b/metrics-operator/chart/templates/analysisvaluetemplate-crd.yaml index e06ec85b3a..ed4bac9d3b 100644 --- a/metrics-operator/chart/templates/analysisvaluetemplate-crd.yaml +++ b/metrics-operator/chart/templates/analysisvaluetemplate-crd.yaml @@ -4,7 +4,9 @@ metadata: name: analysisvaluetemplates.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "common.annotations" ( dict "context" . ) }} labels: app.kubernetes.io/part-of: keptn diff --git a/metrics-operator/chart/templates/deployment.yaml b/metrics-operator/chart/templates/deployment.yaml index 5a16d36758..8a35a33b8f 100644 --- a/metrics-operator/chart/templates/deployment.yaml +++ b/metrics-operator/chart/templates/deployment.yaml @@ -60,6 +60,8 @@ spec: }} - name: KUBERNETES_CLUSTER_DOMAIN value: {{ .Values.kubernetesClusterDomain }} + - name: CERT_MANAGER_ENABLED + value: {{ .Values.global.certManagerEnabled | quote }} image: {{- include "common.images.image" ( dict "imageRoot" .Values.image "global" .Values.global ) | indent 1}} imagePullPolicy: {{ .Values.imagePullPolicy }} name: metrics-operator diff --git a/metrics-operator/chart/templates/keptnmetric-crd.yaml b/metrics-operator/chart/templates/keptnmetric-crd.yaml index e073d68e3e..7c8baa273f 100644 --- a/metrics-operator/chart/templates/keptnmetric-crd.yaml +++ b/metrics-operator/chart/templates/keptnmetric-crd.yaml @@ -4,7 +4,9 @@ metadata: name: keptnmetrics.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "common.annotations" ( dict "context" . ) }} labels: app.kubernetes.io/part-of: keptn diff --git a/metrics-operator/chart/templates/keptnmetricsprovider-crd.yaml b/metrics-operator/chart/templates/keptnmetricsprovider-crd.yaml index 0d313f6b7f..62665a29ef 100644 --- a/metrics-operator/chart/templates/keptnmetricsprovider-crd.yaml +++ b/metrics-operator/chart/templates/keptnmetricsprovider-crd.yaml @@ -4,7 +4,9 @@ metadata: name: keptnmetricsproviders.metrics.keptn.sh annotations: controller-gen.kubebuilder.io/version: v0.13.0 - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' + {{- with .Values.global.caInjectionAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "common.annotations" ( dict "context" . ) }} labels: app.kubernetes.io/part-of: keptn diff --git a/metrics-operator/chart/templates/metrics-validating-webhook-configuration.yaml b/metrics-operator/chart/templates/metrics-validating-webhook-configuration.yaml index b402989e34..3cebb018c4 100644 --- a/metrics-operator/chart/templates/metrics-validating-webhook-configuration.yaml +++ b/metrics-operator/chart/templates/metrics-validating-webhook-configuration.yaml @@ -2,9 +2,17 @@ apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: name: metrics-validating-webhook-configuration +{{- $caAnnotations := .Values.global.caInjectionAnnotations}} +{{- $annotations := include "common.annotations" (dict "context" .) }} +{{- if or $caAnnotations $annotations }} annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' - {{- include "common.annotations" ( dict "context" . ) }} + {{- with $annotations }} + {{- . -}} + {{- end }} + {{- with $caAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} labels: keptn.sh/inject-cert: "true" {{- include "common.labels.standard" ( dict "context" . ) | nindent 4 }} diff --git a/metrics-operator/chart/values.yaml b/metrics-operator/chart/values.yaml index f0fbf813ff..c5aee68585 100644 --- a/metrics-operator/chart/values.yaml +++ b/metrics-operator/chart/values.yaml @@ -4,6 +4,8 @@ ## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass global: + ## @param global.certManagerEnabled Enable this value to install Keptn Certificate Manager + certManagerEnabled: true ## @param global.imageRegistry Global container image registry imageRegistry: "" @@ -13,12 +15,15 @@ global: ## - myRegistryKeySecretName ## imagePullSecrets: [] - ## @param global.commonLabels Common annotations to add to all Keptn resources. Evaluated as a template + ## @param global.commonLabels Common labels to add to all Keptn resources. Evaluated as a template ## commonLabels: { } ## @param global.commonAnnotations Common annotations to add to all Keptn resources. Evaluated as a template ## commonAnnotations: { } + ## @param global.caInjectionAnnotations CA injection annotations for cert-manager.io configuration + ## + caInjectionAnnotations: { } ## @section Keptn Metrics Operator common ## @extra operatorService.ports[0] webhook port (must correspond to Mutating Webhook Configurations) diff --git a/metrics-operator/config/manager/manager.yaml b/metrics-operator/config/manager/manager.yaml index 55fc51d38a..b8207fe2fe 100644 --- a/metrics-operator/config/manager/manager.yaml +++ b/metrics-operator/config/manager/manager.yaml @@ -71,6 +71,8 @@ spec: value: "0" - name: ANALYSIS_CONTROLLER_LOG_LEVEL value: "0" + - name: CERT_MANAGER_ENABLED + value: "true" ports: - containerPort: 9443 name: webhook-server diff --git a/metrics-operator/go.mod b/metrics-operator/go.mod index 15ea69ac56..2163b8a737 100644 --- a/metrics-operator/go.mod +++ b/metrics-operator/go.mod @@ -8,7 +8,7 @@ require ( github.com/go-logr/logr v1.4.1 github.com/gorilla/mux v1.8.1 github.com/kelseyhightower/envconfig v1.4.0 - github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20231211075630-e386ec643fa7 + github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20231220125738-6b5f424f8cf1 github.com/open-feature/go-sdk v1.9.0 github.com/pkg/errors v0.9.1 github.com/prometheus/client_golang v1.18.0 diff --git a/metrics-operator/go.sum b/metrics-operator/go.sum index e8e47c6f63..d58adf4922 100644 --- a/metrics-operator/go.sum +++ b/metrics-operator/go.sum @@ -111,8 +111,8 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dvMUtDTo2cv8= github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= -github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20231211075630-e386ec643fa7 h1:IQmKPpTRP2/ZBJ778BCkHfwolf8VHt3p5yBJFtwSFII= -github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20231211075630-e386ec643fa7/go.mod h1:5BmQaTihG6MYDrwJoeFI80uGJ5iGIxBIWzl6RcKJejk= +github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20231220125738-6b5f424f8cf1 h1:C1yHneE1lcuOnJY3PLlVK+AhaPLfShOMhSxdlja0S1U= +github.com/keptn/lifecycle-toolkit/keptn-cert-manager v0.0.0-20231220125738-6b5f424f8cf1/go.mod h1:5BmQaTihG6MYDrwJoeFI80uGJ5iGIxBIWzl6RcKJejk= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= diff --git a/metrics-operator/main.go b/metrics-operator/main.go index f3ded37750..3a50b5ad62 100644 --- a/metrics-operator/main.go +++ b/metrics-operator/main.go @@ -73,6 +73,7 @@ type envConfig struct { AnalysisControllerLogLevel int `envconfig:"ANALYSIS_CONTROLLER_LOG_LEVEL" default:"0"` ExposeKeptnMetrics bool `envconfig:"EXPOSE_KEPTN_METRICS" default:"true"` EnableCustomMetricsAPIService bool `envconfig:"ENABLE_CUSTOM_METRICS_API_SERVICE" default:"true"` + CertManagerEnabled bool `envconfig:"CERT_MANAGER_ENABLED" default:"true"` } //nolint:gocyclo,funlen @@ -228,14 +229,23 @@ func main() { setupProbes(mgr) if !disableWebhook { - webhookBuilder = webhookBuilder.SetCertificateWatcher( - certificates.NewCertificateWatcher( + var certificateWatcher certificates.ICertificateWatcher + + // Check if cert manager is enabled + if env.CertManagerEnabled { + certificateWatcher = certificates.NewCertificateWatcher( mgr.GetAPIReader(), webhookBuilder.GetOptions().CertDir, env.PodNamespace, certCommon.SecretName, setupLog, - )) + ) + } else { + // Use the NoOpCertificateWatcher when cert manager is disabled + certificateWatcher = certificates.NewNoOpCertificateWatcher() + } + + webhookBuilder = webhookBuilder.SetCertificateWatcher(certificateWatcher) webhookBuilder.Register(mgr, nil) setupLog.Info("starting webhook") } From 728cea8cc0f91404e1755a982750bf375d6391d8 Mon Sep 17 00:00:00 2001 From: Rizul Gupta <112455393+rizul2108@users.noreply.github.com> Date: Thu, 18 Jan 2024 12:23:25 +0530 Subject: [PATCH 3/4] test: improve metrics integration tests by adding kuttl log collectors (#2765) Signed-off-by: Rizul Gupta Signed-off-by: Rizul Gupta <112455393+rizul2108@users.noreply.github.com> Signed-off-by: odubajDT <93584209+odubajDT@users.noreply.github.com> Co-authored-by: odubajDT <93584209+odubajDT@users.noreply.github.com> --- test/testmetrics/metrics-hpa/01-assert.yaml | 26 ++++++++----------- test/testmetrics/metrics-hpa/deployment.yaml | 15 +++++++++++ .../metrics/02-teststep-assert.yaml | 8 ++++++ 3 files changed, 34 insertions(+), 15 deletions(-) create mode 100644 test/testmetrics/metrics-hpa/deployment.yaml diff --git a/test/testmetrics/metrics-hpa/01-assert.yaml b/test/testmetrics/metrics-hpa/01-assert.yaml index c56170d909..d7695db62e 100644 --- a/test/testmetrics/metrics-hpa/01-assert.yaml +++ b/test/testmetrics/metrics-hpa/01-assert.yaml @@ -1,15 +1,11 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: podtato-head-entry - labels: - app: podtato-head -spec: - selector: - matchLabels: - component: podtato-head-entry - replicas: 3 - template: - metadata: - labels: - component: podtato-head-entry +assert: deployment.yaml +apiVersion: kuttl.dev/v1beta1 +kind: TestAssert +collectors: + - type: pod + selector: app=podtato-head + - command: | + kubectl logs -l app=metrics-operator -n keptn-system + kubectl describe keptnmetric podtatometric -n $NAMESPACE + kubectl describe keptnmetricsprovider dynatrace -n $NAMESPACE + kubectl describe pods -l app=podtato-head -n $NAMESPACE diff --git a/test/testmetrics/metrics-hpa/deployment.yaml b/test/testmetrics/metrics-hpa/deployment.yaml new file mode 100644 index 0000000000..c56170d909 --- /dev/null +++ b/test/testmetrics/metrics-hpa/deployment.yaml @@ -0,0 +1,15 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: podtato-head-entry + labels: + app: podtato-head +spec: + selector: + matchLabels: + component: podtato-head-entry + replicas: 3 + template: + metadata: + labels: + component: podtato-head-entry diff --git a/test/testmetrics/metrics/02-teststep-assert.yaml b/test/testmetrics/metrics/02-teststep-assert.yaml index e6f95ad931..a7b57ee878 100644 --- a/test/testmetrics/metrics/02-teststep-assert.yaml +++ b/test/testmetrics/metrics/02-teststep-assert.yaml @@ -10,3 +10,11 @@ assert: # this checks that kubectl get resource succeeds - goodmetric3.yaml - goodmetric4.yaml - goodmetric5.yaml +collectors: + - type: pod + selector: app=test + - command: | + kubectl logs -l app=metrics-operator -n keptn-system + kubectl describe keptnmetric podtatometric -n $NAMESPACE + kubectl describe keptnmetricsprovider dynatrace -n $NAMESPACE + kubectl describe pods -l app=podtato-head -n $NAMESPACE From 4521e894dbbf08be2de02299ffd03bcdeb9740aa Mon Sep 17 00:00:00 2001 From: Yash Pimple <97302447+YashPimple@users.noreply.github.com> Date: Thu, 18 Jan 2024 12:47:11 +0530 Subject: [PATCH 4/4] docs: add documentation for the refinement process in the contribute guide (#2779) --- .github/actions/spelling/expect.txt | 3 ++ .../general/contrib-guidelines-gen.md | 14 ++++++ .../contribute/general/refinement-guide.md | 50 +++++++++++++++++++ mkdocs.yml | 1 + 4 files changed, 68 insertions(+) create mode 100644 docs-new/docs/contribute/general/refinement-guide.md diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt index a0e3095ffa..fb2b03f4f1 100644 --- a/.github/actions/spelling/expect.txt +++ b/.github/actions/spelling/expect.txt @@ -259,6 +259,7 @@ ikbr imagepullsecret IManager IMeter +inclusivity Infof inlinehilite inlines @@ -512,6 +513,7 @@ previousversion printargs printcolumn privs +Process proj promapi promhttp @@ -626,6 +628,7 @@ teststep tgz thisthatdc thschue +timeblock timeframe Timerange timeseries diff --git a/docs-new/docs/contribute/general/contrib-guidelines-gen.md b/docs-new/docs/contribute/general/contrib-guidelines-gen.md index 572d436361..15e6465065 100644 --- a/docs-new/docs/contribute/general/contrib-guidelines-gen.md +++ b/docs-new/docs/contribute/general/contrib-guidelines-gen.md @@ -43,3 +43,17 @@ please create an issue on the GitHub repository. * If you want to do the work on an issue, include that information in your description of the issue or in a comment to the issue. + +## Proposing new work + +* Create and refine a ticket + * When proposing new work, start by creating an issue or ticket in the project's + [issue tracker](https://github.com/keptn/lifecycle-toolkit/issues). + * Actively participate in the refinement sessions that are part of the weekly + [community meetings](https://community.cncf.io/keptn-community/). + * In these sessions, everyone discusses the proposed work, whether it is a good idea, + what exactly should be done and how it aligns with the project goals. + * After the discussions, maintainers engage in a process known as **Scrum Poker**. + This involves a voting mechanism where maintainers collectively assess the size + and complexity of the proposed work, helping to decide whether it should proceed. + \ No newline at end of file diff --git a/docs-new/docs/contribute/general/refinement-guide.md b/docs-new/docs/contribute/general/refinement-guide.md new file mode 100644 index 0000000000..3454077de1 --- /dev/null +++ b/docs-new/docs/contribute/general/refinement-guide.md @@ -0,0 +1,50 @@ +# Refinement process + +During the Refinement timeblock in community meetings, maintainers engage in technical +discussions on open issues and pull requests. +This dedicated time allows for in-depth conversations, knowledge sharing, +and collective decision-making. +It is an opportunity for the team to synchronize their understanding of +ongoing developments, address challenges, and ensure a common vision for the project. + +**Purpose and goals:** + +- **Alignment:** Ensure a shared understanding among maintainers regarding ongoing +developments, project goals, and upcoming tickets. +- **Technical Depth:** Delve into the technical aspects of open issues and pull +requests, facilitating a deeper understanding of proposed Pull requests. +- **Decision-Making:** Make collective decisions on the adoption of new features, +changes, and improvements based on technical merit. + +This process aligns with our commitment to open-source principles, ensuring that +technical discussions are inclusive, transparent, and beneficial for the +entire Keptn community. + +## Contributor guidance + +Contributors proposing new features are encouraged to participate in +refinement sessions during [community meetings](https://community.cncf.io/keptn-community/) to talk +about their contributions. +This provides valuable insights into ongoing technical discussions and +aligns their efforts with the broader project vision. +Follow these steps: + +1. Review the project's [contributing guide](../index.md) +for information on upcoming refinement meetings. +1. Attend relevant refinement meetings to present and discuss proposed features. +1. Actively engage in technical discussions, seeking feedback and guidance from +maintainers. +1. Iteratively refine contributions based on insights gained during meetings. + +By following this process, contributors contribute not only code but also valuable +perspectives and insights, fostering a collaborative and innovative +community environment. + +## Outcome + +- Shared understanding among maintainers and contributors on ongoing developments. +- Improved contributions via collaborative discussions and refinement. +- Documented decisions and action items for future reference in project documentation. + +This refined process aligns with our commitment to open-source principles, ensuring +transparency, inclusivity, and technical excellence within the Keptn community. diff --git a/mkdocs.yml b/mkdocs.yml index 5872a14475..d643e17795 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -178,6 +178,7 @@ nav: - Create PR: docs/contribute/general/git/pr-create.md - PR review process: docs/contribute/general/git/review.md - Contribution Guidelines: docs/contribute/general/contrib-guidelines-gen.md + - Refinement Process: docs/contribute/general/refinement-guide.md - Software contributions: - docs/contribute/software/index.md - Software development environment: docs/contribute/software/dev-environ.md