diff --git a/.github/actions/deploy-klt-on-cluster/action.yml b/.github/actions/deploy-klt-on-cluster/action.yml index 0650aaa584..ed1e02ad48 100644 --- a/.github/actions/deploy-klt-on-cluster/action.yml +++ b/.github/actions/deploy-klt-on-cluster/action.yml @@ -94,16 +94,16 @@ runs: run: | echo "Installing Keptn using helm" helm version - helm install -n keptn-lifecycle-toolkit-system --create-namespace toolkit ./helm/chart \ + helm install -n keptn-lifecycle-toolkit-system --create-namespace lifecycle-operator ./lifecycle-operator/chart \ --set schedulingGatesEnabled=${{ inputs.scheduling-gates }} \ - --set scheduler.scheduler.imagePullPolicy=Never \ - --set scheduler.scheduler.image.tag=${{ inputs.runtime_tag }} \ - --set scheduler.scheduler.image.repository="localhost:5000/keptn/scheduler" \ - --set lifecycleOperator.manager.imagePullPolicy=Never \ - --set lifecycleOperator.manager.image.tag=${{ inputs.runtime_tag }} \ - --set lifecycleOperator.manager.image.repository="localhost:5000/keptn/lifecycle-operator" \ - --set lifecycleOperator.manager.env.functionRunnerImage=localhost:5000/keptn/deno-runtime:${{ inputs.runtime_tag }} \ - --set lifecycleOperator.manager.env.pythonRunnerImage=localhost:5000/keptn/python-runtime:${{ inputs.runtime_tag }} \ + --set scheduler.imagePullPolicy=Never \ + --set scheduler.image.tag=${{ inputs.runtime_tag }} \ + --set scheduler.image.repository="localhost:5000/keptn/scheduler" \ + --set lifecycleOperator.imagePullPolicy=Never \ + --set lifecycleOperator.image.tag=${{ inputs.runtime_tag }} \ + --set lifecycleOperator.image.repository="localhost:5000/keptn/lifecycle-operator" \ + --set lifecycleOperator.env.functionRunnerImage=localhost:5000/keptn/deno-runtime:${{ inputs.runtime_tag }} \ + --set lifecycleOperator.env.pythonRunnerImage=localhost:5000/keptn/python-runtime:${{ inputs.runtime_tag }} \ helm install -n keptn-lifecycle-toolkit-system --create-namespace cert-manager ./klt-cert-manager/chart \ --set imagePullPolicy=Never \ diff --git a/.github/scripts/.helm-tests/default/result.yaml b/.github/scripts/.helm-tests/default/result.yaml index c0d5e3a4cb..b4fb0685e3 100644 --- a/.github/scripts/.helm-tests/default/result.yaml +++ b/.github/scripts/.helm-tests/default/result.yaml @@ -1,39 +1,39 @@ --- -# Source: klt/templates/deployment.yaml +# Source: keptn-lifecycle-operator/templates/deployment.yaml apiVersion: v1 kind: ServiceAccount metadata: name: keptn-scheduler namespace: "helmtests" labels: - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm --- -# Source: klt/templates/deployment.yaml +# Source: keptn-lifecycle-operator/templates/deployment.yaml apiVersion: v1 kind: ServiceAccount metadata: name: lifecycle-operator namespace: "helmtests" labels: - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm --- -# Source: klt/templates/lifecycle-manager-config.yaml +# Source: keptn-lifecycle-operator/templates/lifecycle-manager-config.yaml apiVersion: v1 kind: ConfigMap metadata: name: lifecycle-manager-config namespace: "helmtests" labels: - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -51,15 +51,15 @@ data: webhook: port: 9443 --- -# Source: klt/templates/scheduler-config.yaml +# Source: keptn-lifecycle-operator/templates/scheduler-config.yaml apiVersion: v1 kind: ConfigMap metadata: name: scheduler-config namespace: "helmtests" labels: - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -76,7 +76,7 @@ data: - name: KLCPermit schedulerName: keptn-scheduler --- -# Source: klt/templates/keptnapp-crd.yaml +# Source: keptn-lifecycle-operator/templates/keptnapp-crd.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -88,8 +88,8 @@ metadata: app.kubernetes.io/part-of: keptn-lifecycle-toolkit crdGroup: lifecycle.keptn.sh keptn.sh/inject-cert: "true" - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -341,7 +341,7 @@ spec: subresources: status: {} --- -# Source: klt/templates/keptnappcreationrequest-crd.yaml +# Source: keptn-lifecycle-operator/templates/keptnappcreationrequest-crd.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -353,8 +353,8 @@ metadata: app.kubernetes.io/part-of: keptn-lifecycle-toolkit crdGroup: lifecycle.keptn.sh keptn.sh/inject-cert: "true" - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -404,7 +404,7 @@ spec: subresources: status: {} --- -# Source: klt/templates/keptnappversion-crd.yaml +# Source: keptn-lifecycle-operator/templates/keptnappversion-crd.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -416,8 +416,8 @@ metadata: app.kubernetes.io/part-of: keptn-lifecycle-toolkit crdGroup: lifecycle.keptn.sh keptn.sh/inject-cert: "true" - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -1223,7 +1223,7 @@ spec: subresources: status: {} --- -# Source: klt/templates/keptnconfig-crd.yaml +# Source: keptn-lifecycle-operator/templates/keptnconfig-crd.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -1235,8 +1235,8 @@ metadata: app.kubernetes.io/part-of: keptn-lifecycle-toolkit crdGroup: lifecycle.keptn.sh keptn.sh/inject-cert: "true" - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -1293,7 +1293,7 @@ spec: subresources: status: {} --- -# Source: klt/templates/keptnevaluation-crd.yaml +# Source: keptn-lifecycle-operator/templates/keptnevaluation-crd.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -1305,8 +1305,8 @@ metadata: app.kubernetes.io/part-of: keptn-lifecycle-toolkit crdGroup: lifecycle.keptn.sh keptn.sh/inject-cert: "true" - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -1678,7 +1678,7 @@ spec: subresources: status: {} --- -# Source: klt/templates/keptnevaluationdefinition-crd.yaml +# Source: keptn-lifecycle-operator/templates/keptnevaluationdefinition-crd.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -1690,8 +1690,8 @@ metadata: app.kubernetes.io/part-of: keptn-lifecycle-toolkit crdGroup: lifecycle.keptn.sh keptn.sh/inject-cert: "true" - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -1871,7 +1871,7 @@ spec: subresources: status: {} --- -# Source: klt/templates/keptnevaluationprovider-crd.yaml +# Source: keptn-lifecycle-operator/templates/keptnevaluationprovider-crd.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -1883,8 +1883,8 @@ metadata: app.kubernetes.io/part-of: keptn-lifecycle-toolkit crdGroup: lifecycle.keptn.sh keptn.sh/inject-cert: "true" - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -2053,7 +2053,7 @@ spec: subresources: status: {} --- -# Source: klt/templates/keptntask-crd.yaml +# Source: keptn-lifecycle-operator/templates/keptntask-crd.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -2065,8 +2065,8 @@ metadata: app.kubernetes.io/part-of: keptn-lifecycle-toolkit crdGroup: lifecycle.keptn.sh keptn.sh/inject-cert: "true" - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -2465,7 +2465,7 @@ spec: subresources: status: {} --- -# Source: klt/templates/keptntaskdefinition-crd.yaml +# Source: keptn-lifecycle-operator/templates/keptntaskdefinition-crd.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -2477,8 +2477,8 @@ metadata: app.kubernetes.io/part-of: keptn-lifecycle-toolkit crdGroup: lifecycle.keptn.sh keptn.sh/inject-cert: "true" - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -4185,7 +4185,7 @@ spec: subresources: status: {} --- -# Source: klt/templates/keptnworkload-crd.yaml +# Source: keptn-lifecycle-operator/templates/keptnworkload-crd.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -4197,8 +4197,8 @@ metadata: app.kubernetes.io/part-of: keptn-lifecycle-toolkit crdGroup: lifecycle.keptn.sh keptn.sh/inject-cert: "true" - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -4477,7 +4477,7 @@ spec: subresources: status: {} --- -# Source: klt/templates/keptnworkloadinstance-crd.yaml +# Source: keptn-lifecycle-operator/templates/keptnworkloadinstance-crd.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -4489,8 +4489,8 @@ metadata: app.kubernetes.io/part-of: keptn-lifecycle-toolkit crdGroup: lifecycle.keptn.sh keptn.sh/inject-cert: "true" - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -5267,15 +5267,15 @@ spec: subresources: status: {} --- -# Source: klt/templates/keptn-scheduler-rbac.yaml +# Source: keptn-lifecycle-operator/templates/keptn-scheduler-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: keptn-scheduler namespace: "helmtests" labels: - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -5458,15 +5458,15 @@ rules: - list - watch --- -# Source: klt/templates/lifecycle-operator-rbac.yaml +# Source: keptn-lifecycle-operator/templates/lifecycle-operator-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: lifecycle-operator-role namespace: "helmtests" labels: - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -5833,15 +5833,15 @@ rules: verbs: - get --- -# Source: klt/templates/server-resources-rbac.yaml +# Source: keptn-lifecycle-operator/templates/server-resources-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: release-name-klt-server-resources + name: release-name-keptn-lifecycle-operator-server-resources namespace: "helmtests" labels: - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -5853,15 +5853,15 @@ rules: verbs: - '*' --- -# Source: klt/templates/keptn-scheduler-rbac.yaml +# Source: keptn-lifecycle-operator/templates/keptn-scheduler-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: keptn-scheduler namespace: "helmtests" labels: - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -5874,15 +5874,15 @@ subjects: name: 'keptn-scheduler' namespace: 'helmtests' --- -# Source: klt/templates/lifecycle-operator-rbac.yaml +# Source: keptn-lifecycle-operator/templates/lifecycle-operator-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: lifecycle-operator-rolebinding namespace: "helmtests" labels: - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -5895,7 +5895,7 @@ subjects: name: 'lifecycle-operator' namespace: 'helmtests' --- -# Source: klt/templates/leader-election-rbac.yaml +# Source: keptn-lifecycle-operator/templates/leader-election-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: @@ -5905,8 +5905,8 @@ metadata: app.kubernetes.io/component: rbac app.kubernetes.io/created-by: certificate-operator app.kubernetes.io/part-of: keptn-lifecycle-toolkit - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -5943,15 +5943,15 @@ rules: - create - patch --- -# Source: klt/templates/lifecycle-operator-leader-election-rbac.yaml +# Source: keptn-lifecycle-operator/templates/lifecycle-operator-leader-election-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: lifecycle-operator-leader-election-role namespace: "helmtests" labels: - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -5988,15 +5988,15 @@ rules: - create - patch --- -# Source: klt/templates/extension-apiserver-authentication-reader-rbac.yaml +# Source: keptn-lifecycle-operator/templates/extension-apiserver-authentication-reader-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: extension-apiserver-authentication-reader namespace: "helmtests" labels: - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -6009,15 +6009,15 @@ subjects: name: 'keptn-scheduler' namespace: 'helmtests' --- -# Source: klt/templates/lifecycle-operator-leader-election-rbac.yaml +# Source: keptn-lifecycle-operator/templates/lifecycle-operator-leader-election-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: lifecycle-operator-leader-election-rolebinding namespace: "helmtests" labels: - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -6030,15 +6030,15 @@ subjects: name: 'lifecycle-operator' namespace: 'helmtests' --- -# Source: klt/templates/lifecycle-operator-rbac.yaml +# Source: keptn-lifecycle-operator/templates/lifecycle-operator-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: lifecycle-operator-rolebinding namespace: "helmtests" labels: - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -6051,7 +6051,7 @@ subjects: name: 'lifecycle-operator' namespace: 'helmtests' --- -# Source: klt/templates/lifecycle-operator-metrics-service.yaml +# Source: keptn-lifecycle-operator/templates/lifecycle-operator-metrics-service.yaml apiVersion: v1 kind: Service metadata: @@ -6059,8 +6059,8 @@ metadata: namespace: "helmtests" labels: control-plane: lifecycle-operator - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -6068,7 +6068,7 @@ spec: type: ClusterIP selector: control-plane: lifecycle-operator - app.kubernetes.io/name: klt + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name ports: - name: metrics @@ -6076,15 +6076,15 @@ spec: protocol: TCP targetPort: metrics --- -# Source: klt/templates/lifecycle-webhook-service.yaml +# Source: keptn-lifecycle-operator/templates/lifecycle-webhook-service.yaml apiVersion: v1 kind: Service metadata: name: lifecycle-webhook-service namespace: "helmtests" labels: - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -6092,14 +6092,14 @@ spec: type: ClusterIP selector: control-plane: lifecycle-operator - app.kubernetes.io/name: klt + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name ports: - port: 443 protocol: TCP targetPort: 9443 --- -# Source: klt/templates/deployment.yaml +# Source: keptn-lifecycle-operator/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: @@ -6109,8 +6109,8 @@ metadata: app.kubernetes.io/part-of: keptn-lifecycle-toolkit control-plane: lifecycle-operator keptn.sh/inject-cert: "true" - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -6119,16 +6119,16 @@ spec: selector: matchLabels: control-plane: lifecycle-operator - app.kubernetes.io/name: klt + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name template: metadata: labels: control-plane: lifecycle-operator - app.kubernetes.io/name: klt + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name annotations: - kubectl.kubernetes.io/default-container: manager + kubectl.kubernetes.io/default-container: lifecycle-operator metrics.dynatrace.com/port: "2222" metrics.dynatrace.com/scrape: "true" spec: @@ -6176,7 +6176,7 @@ spec: value: cluster.local image: ghcr.io/keptn/lifecycle-operator:v0.8.2 imagePullPolicy: Always - name: manager + name: lifecycle-operator ports: - containerPort: 9443 name: webhook-server @@ -6230,7 +6230,7 @@ spec: - emptyDir: {} name: adapter-certs-dir --- -# Source: klt/templates/deployment.yaml +# Source: keptn-lifecycle-operator/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: @@ -6238,8 +6238,8 @@ metadata: namespace: "helmtests" labels: component: scheduler - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -6248,13 +6248,13 @@ spec: selector: matchLabels: component: scheduler - app.kubernetes.io/name: klt + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name template: metadata: labels: component: scheduler - app.kubernetes.io/name: klt + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name spec: containers: @@ -6309,7 +6309,7 @@ spec: name: scheduler-config name: scheduler-config --- -# Source: klt/templates/lifecycle-mutating-webhook-configuration.yaml +# Source: keptn-lifecycle-operator/templates/lifecycle-mutating-webhook-configuration.yaml apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: @@ -6319,8 +6319,8 @@ metadata: labels: keptn.sh/inject-cert: "true" app.kubernetes.io/part-of: "keptn-lifecycle-toolkit" - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm @@ -6366,7 +6366,7 @@ webhooks: - pods sideEffects: None --- -# Source: klt/templates/lifecycle-validating-webhook-configuration.yaml +# Source: keptn-lifecycle-operator/templates/lifecycle-validating-webhook-configuration.yaml apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: @@ -6375,8 +6375,8 @@ metadata: cert-manager.io/inject-ca-from: 'helmtests/klt-certs' labels: keptn.sh/inject-cert: "true" - helm.sh/chart: klt-0.2.6 - app.kubernetes.io/name: klt + helm.sh/chart: keptn-lifecycle-operator-0.2.6 + app.kubernetes.io/name: keptn-lifecycle-operator app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.8.2" app.kubernetes.io/managed-by: Helm diff --git a/.github/scripts/.helm-tests/default/values.yaml b/.github/scripts/.helm-tests/default/values.yaml index a137649766..03dbd6f61f 100644 --- a/.github/scripts/.helm-tests/default/values.yaml +++ b/.github/scripts/.helm-tests/default/values.yaml @@ -1,6 +1,6 @@ imagePullSecrets: [] kubernetesClusterDomain: cluster.local -lifecycleManagerConfig: +lifecycleOperatorConfig: controllerManagerConfigYaml: health: healthProbeBindAddress: :8081 @@ -77,17 +77,6 @@ lifecycleWebhookService: protocol: TCP targetPort: 9443 type: ClusterIP -metricsManagerConfig: - controllerManagerConfigYaml: - health: - healthProbeBindAddress: :8081 - leaderElection: - leaderElect: true - resourceName: 3f8532ca.keptn.sh - metrics: - bindAddress: 127.0.0.1:8080 - webhook: - port: 9443 scheduler: nodeSelector: {} replicas: 1 diff --git a/.github/scripts/generate-helm-docs.sh b/.github/scripts/generate-helm-docs.sh index 4f8d00e695..0ec739f398 100755 --- a/.github/scripts/generate-helm-docs.sh +++ b/.github/scripts/generate-helm-docs.sh @@ -24,10 +24,10 @@ else echo "Readme Generator is already installed, continuing..." fi -echo "Generating global readme now..." -cat ./helm/chart/values.yaml ./helm/chart/doc.yaml > ./helm/chart/rendered.yaml -readme-generator --values=./helm/chart/rendered.yaml --readme=./helm/chart/README.md -rm ./helm/chart/rendered.yaml +echo "Generating lifecycle operator readme now..." +cat ./lifecycle-operator/chart/values.yaml ./lifecycle-operator/chart/doc.yaml > ./lifecycle-operator/chart/rendered.yaml +readme-generator --values=./lifecycle-operator/chart/rendered.yaml --readme=./lifecycle-operator/chart/README.md +rm ./lifecycle-operator/chart/rendered.yaml echo "Generating keptn cert manager readme now..." cat ./klt-cert-manager/chart/values.yaml ./klt-cert-manager/chart/doc.yaml > ./klt-cert-manager/chart/rendered.yaml diff --git a/.github/scripts/helm-test.sh b/.github/scripts/helm-test.sh index 8ebc030b40..ff9d719867 100755 --- a/.github/scripts/helm-test.sh +++ b/.github/scripts/helm-test.sh @@ -15,7 +15,8 @@ echo "running Helm tests" for test in $tests do echo "Testing $test" - helm template --namespace helmtests -f $test/values.yaml ./helm/chart > $test/helm_tests_output.yaml + ## TODO: test also other helm charts (metrics-operator, certificate-operator) + helm template --namespace helmtests -f $test/values.yaml ./lifecycle-operator/chart > $test/helm_tests_output.yaml if [ $? -ne 0 ] then echo "Error: helm template failed for test in $test" diff --git a/.github/workflows/validate-helm-chart.yml b/.github/workflows/validate-helm-chart.yml index f19e0a70be..2f47574537 100644 --- a/.github/workflows/validate-helm-chart.yml +++ b/.github/workflows/validate-helm-chart.yml @@ -33,8 +33,9 @@ jobs: cd .. - name: Check if Helm doc is up to date + ## TODO: test also other helm docs (metrics-operator, certificate-operator) run: | - cd ./helm/chart/ + cd ./lifecycle-operator/chart/ cp ./README.md ./README-old.md cat ./values.yaml ./doc.yaml > ./rendered.yaml readme-generator --values=./rendered.yaml --readme=./README.md diff --git a/.yamllint b/.yamllint index 9701453cbd..524e262c72 100644 --- a/.yamllint +++ b/.yamllint @@ -16,6 +16,7 @@ ignore: | helm/chart metrics-operator/chart klt-cert-manager/chart + lifecycle-operator/chart .github/scripts/.helm-tests rules: diff --git a/helm/.gitignore b/helm/.gitignore deleted file mode 100644 index de16b11728..0000000000 --- a/helm/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -*.tgz -chart/rendered.yaml diff --git a/helm/chart/README.md b/helm/chart/README.md deleted file mode 100644 index f7be7cec17..0000000000 --- a/helm/chart/README.md +++ /dev/null @@ -1,86 +0,0 @@ -# Keptn - -Keptn introduces a more cloud-native approach for pre- and post-deployment, -as well as the concept of application health checks - - -## Parameters - -### Keptn Scheduler - -| Name | Description | Value | -| -------------------------------------------------------------------------------- | -------------------------------------------------------------- | ------------------------- | -| `scheduler.scheduler.containerSecurityContext` | Sets security context | | -| `scheduler.scheduler.env.otelCollectorUrl` | sets url for open telemetry collector | `otel-collector:4317` | -| `scheduler.scheduler.image.repository` | set image repository for scheduler | `ghcr.io/keptn/scheduler` | -| `scheduler.scheduler.image.tag` | set image tag for scheduler | `v0.8.2` | -| `scheduler.scheduler.imagePullPolicy` | set image pull policy for scheduler | `Always` | -| `scheduler.scheduler.livenessProbe` | customizable liveness probe for the scheduler | | -| `scheduler.scheduler.readinessProbe` | customizable readiness probe for the scheduler | | -| `scheduler.scheduler.resources` | sets cpu and memory resurces/limits for scheduler | | -| `schedulerConfig.schedulerConfigYaml.leaderElection.leaderElect` | enables leader election for multiple replicas of the scheduler | `false` | -| `schedulerConfig.schedulerConfigYaml.profiles[0].plugins.permit.enabled[0].name` | enables permit plugin | `KLCPermit` | -| `schedulerConfig.schedulerConfigYaml.profiles[0].schedulerName` | changes scheduler name | `keptn-scheduler` | -| `scheduler.nodeSelector` | adds node selectors for scheduler | `{}` | -| `scheduler.replicas` | modifies replicas | `1` | -| `scheduler.tolerations` | adds tolerations for scheduler | `[]` | -| `scheduler.topologySpreadConstraints` | add topology constraints for scheduler | `[]` | - -### Keptn Lifecycle Operator common - -| Name | Description | Value | -| ---------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | -| `lifecycleManagerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress` | setup on what address to start the default health handler | `:8081` | -| `lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.leaderElect` | enable leader election for multiple replicas of the lifecycle operator | `true` | -| `lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.resourceName` | define LeaderElectionID | `6b866dd9.keptn.sh` | -| `lifecycleManagerConfig.controllerManagerConfigYaml.metrics.bindAddress` | MetricsBindAddress is the TCP address that the controller should bind to for serving prometheus metrics. It can be set to "0" to disable the metrics serving. | `127.0.0.1:8080` | -| `lifecycleManagerConfig.controllerManagerConfigYaml.webhook.port` | setup port for the lifecycle operator admission webhook | `9443` | -| `lifecycleOperator.replicas` | customize number of installed lifecycle operator replicas | `1` | -| `lifecycleOperatorMetricsService` | Adjust settings here to change the k8s service for scraping Prometheus metrics | | -| `lifecycleWebhookService` | Mutating Webhook Configurations for lifecycle Operator | | -| `lifecycleWebhookService.ports[0].port` | | `443` | -| `lifecycleWebhookService.ports[0].protocol` | | `TCP` | -| `lifecycleWebhookService.ports[0].targetPort` | | `9443` | -| `lifecycleWebhookService.type` | | `ClusterIP` | -| `lifecycleOperator.nodeSelector` | add custom nodes selector to lifecycle operator | `{}` | -| `lifecycleOperator.tolerations` | add custom tolerations to lifecycle operator | `[]` | -| `lifecycleOperator.topologySpreadConstraints` | add custom topology constraints to lifecycle operator | `[]` | - -### Keptn Lifecycle Operator controller - -| Name | Description | Value | -| ----------------------------------------------------------------------------- | ----------------------------------------------------------- | ------------------------------------- | -| `lifecycleOperator.manager.containerSecurityContext` | Sets security context privileges | | -| `lifecycleOperator.manager.containerSecurityContext.allowPrivilegeEscalation` | | `false` | -| `lifecycleOperator.manager.containerSecurityContext.capabilities.drop` | | `["ALL"]` | -| `lifecycleOperator.manager.containerSecurityContext.privileged` | | `false` | -| `lifecycleOperator.manager.containerSecurityContext.runAsGroup` | | `65532` | -| `lifecycleOperator.manager.containerSecurityContext.runAsNonRoot` | | `true` | -| `lifecycleOperator.manager.containerSecurityContext.runAsUser` | | `65532` | -| `lifecycleOperator.manager.containerSecurityContext.seccompProfile.type` | | `RuntimeDefault` | -| `lifecycleOperator.manager.env.keptnAppControllerLogLevel` | sets the log level of Keptn App Controller | `0` | -| `lifecycleOperator.manager.env.keptnAppCreationRequestControllerLogLevel` | sets the log level of Keptn App Creation Request Controller | `0` | -| `lifecycleOperator.manager.env.keptnAppVersionControllerLogLevel` | sets the log level of Keptn AppVersion Controller | `0` | -| `lifecycleOperator.manager.env.keptnEvaluationControllerLogLevel` | sets the log level of Keptn Evaluation Controller | `0` | -| `lifecycleOperator.manager.env.keptnTaskControllerLogLevel` | sets the log level of Keptn Task Controller | `0` | -| `lifecycleOperator.manager.env.keptnTaskDefinitionControllerLogLevel` | sets the log level of Keptn TaskDefinition Controller | `0` | -| `lifecycleOperator.manager.env.keptnWorkloadControllerLogLevel` | sets the log level of Keptn Workload Controller | `0` | -| `lifecycleOperator.manager.env.keptnWorkloadInstanceControllerLogLevel` | sets the log level of Keptn WorkloadInstance Controller | `0` | -| `lifecycleOperator.manager.env.optionsControllerLogLevel` | sets the log level of Keptn Options Controller | `0` | -| `lifecycleOperator.manager.env.otelCollectorUrl` | Sets the URL for the open telemetry collector | `otel-collector:4317` | -| `lifecycleOperator.manager.env.functionRunnerImage` | specify image for deno task runtime | `ghcr.io/keptn/deno-runtime:v1.0.1` | -| `lifecycleOperator.manager.env.pythonRunnerImage` | specify image for python task runtime | `ghcr.io/keptn/python-runtime:v1.0.0` | -| `lifecycleOperator.manager.image.repository` | specify registry for manager image | `ghcr.io/keptn/lifecycle-operator` | -| `lifecycleOperator.manager.image.tag` | select tag for manager image | `v0.8.2` | -| `lifecycleOperator.manager.imagePullPolicy` | specify pull policy for manager image | `Always` | -| `lifecycleOperator.manager.livenessProbe` | custom livenessprobe for manager container | | -| `lifecycleOperator.manager.readinessProbe` | custom readinessprobe for manager container | | -| `lifecycleOperator.manager.resources` | specify limits and requests for manager container | | - -### Global - -| Name | Description | Value | -| ------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | --------------- | -| `kubernetesClusterDomain` | overrides domain.local | `cluster.local` | -| `imagePullSecrets` | global value for image registry secret | `[]` | -| `schedulingGatesEnabled` | enables the scheduling gates in lifecycle-operator. This feature is available in alpha version from K8s 1.27 or 1.26 enabling the alpha version | `false` | diff --git a/helm/chart/doc.yaml b/helm/chart/doc.yaml deleted file mode 100644 index b49703e06b..0000000000 --- a/helm/chart/doc.yaml +++ /dev/null @@ -1,121 +0,0 @@ -# yamllint disable rule:line-length -## @section Keptn Scheduler -## @extra scheduler.scheduler.containerSecurityContext Sets security context -## @skip scheduler.scheduler.containerSecurityContext.allowPrivilegeEscalation -## @skip scheduler.scheduler.containerSecurityContext.capabilities.drop -## @skip scheduler.scheduler.containerSecurityContext.privileged -## @skip scheduler.scheduler.containerSecurityContext.readOnlyRootFilesystem -## @skip scheduler.scheduler.containerSecurityContext.runAsNonRoot -## @skip scheduler.scheduler.containerSecurityContext.runAsUser -## @skip scheduler.scheduler.containerSecurityContext.seccompProfile.type - -## @param scheduler.scheduler.env.otelCollectorUrl sets url for open telemetry collector - -## @param scheduler.scheduler.image.repository set image repository for scheduler -## @param scheduler.scheduler.image.tag set image tag for scheduler -## @param scheduler.scheduler.imagePullPolicy set image pull policy for scheduler - -## @extra scheduler.scheduler.livenessProbe customizable liveness probe for the scheduler -## @skip scheduler.scheduler.livenessProbe.httpGet.path -## @skip scheduler.scheduler.livenessProbe.httpGet.port -## @skip scheduler.scheduler.livenessProbe.httpGet.scheme -## @skip scheduler.scheduler.livenessProbe.initialDelaySeconds - -## @extra scheduler.scheduler.readinessProbe customizable readiness probe for the scheduler -## @skip scheduler.scheduler.readinessProbe.httpGet.path -## @skip scheduler.scheduler.readinessProbe.httpGet.port -## @skip scheduler.scheduler.readinessProbe.httpGet.scheme - -## @extra scheduler.scheduler.resources sets cpu and memory resurces/limits for scheduler -## @skip scheduler.scheduler.resources.limits.cpu -## @skip scheduler.scheduler.resources.limits.memory -## @skip scheduler.scheduler.resources.requests.cpu -## @skip scheduler.scheduler.resources.requests.memory - -## @param schedulerConfig.schedulerConfigYaml.leaderElection.leaderElect enables leader election for multiple replicas of the scheduler -## @param schedulerConfig.schedulerConfigYaml.profiles[0].plugins.permit.enabled[0].name enables permit plugin -## @param schedulerConfig.schedulerConfigYaml.profiles[0].schedulerName changes scheduler name - -## @param scheduler.nodeSelector adds node selectors for scheduler -## @param scheduler.replicas modifies replicas -## @param scheduler.tolerations adds tolerations for scheduler -## @param scheduler.topologySpreadConstraints add topology constraints for scheduler - -## @section Keptn Lifecycle Operator common - -## @param lifecycleManagerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress setup on what address to start the default health handler -## @param lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.leaderElect enable leader election for multiple replicas of the lifecycle operator -## @param lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.resourceName define LeaderElectionID -## @param lifecycleManagerConfig.controllerManagerConfigYaml.metrics.bindAddress MetricsBindAddress is the TCP address that the controller should bind to for serving prometheus metrics. It can be set to "0" to disable the metrics serving. -## @param lifecycleManagerConfig.controllerManagerConfigYaml.webhook.port setup port for the lifecycle operator admission webhook - -## @param lifecycleOperator.replicas customize number of installed lifecycle operator replicas - -## @extra lifecycleOperatorMetricsService Adjust settings here to change the k8s service for scraping Prometheus metrics -## @skip lifecycleOperatorMetricsService.ports[0].name -## @skip lifecycleOperatorMetricsService.ports[0].port -## @skip lifecycleOperatorMetricsService.ports[0].protocol -## @skip lifecycleOperatorMetricsService.ports[0].targetPort -## @skip lifecycleOperatorMetricsService.type - -## @extra lifecycleWebhookService Mutating Webhook Configurations for lifecycle Operator -## @param lifecycleWebhookService.ports[0].port -## @param lifecycleWebhookService.ports[0].protocol -## @param lifecycleWebhookService.ports[0].targetPort -## @param lifecycleWebhookService.type - -## @param lifecycleOperator.nodeSelector add custom nodes selector to lifecycle operator -## @param lifecycleOperator.tolerations add custom tolerations to lifecycle operator -## @param lifecycleOperator.topologySpreadConstraints add custom topology constraints to lifecycle operator - -## @section Keptn Lifecycle Operator controller -## @extra lifecycleOperator.manager.containerSecurityContext Sets security context privileges -## @param lifecycleOperator.manager.containerSecurityContext.allowPrivilegeEscalation -## @param lifecycleOperator.manager.containerSecurityContext.capabilities.drop -## @param lifecycleOperator.manager.containerSecurityContext.privileged -## @param lifecycleOperator.manager.containerSecurityContext.runAsGroup -## @param lifecycleOperator.manager.containerSecurityContext.runAsNonRoot -## @param lifecycleOperator.manager.containerSecurityContext.runAsUser -## @param lifecycleOperator.manager.containerSecurityContext.seccompProfile.type - -## @param lifecycleOperator.manager.env.keptnAppControllerLogLevel sets the log level of Keptn App Controller -## @param lifecycleOperator.manager.env.keptnAppCreationRequestControllerLogLevel sets the log level of Keptn App Creation Request Controller -## @param lifecycleOperator.manager.env.keptnAppVersionControllerLogLevel sets the log level of Keptn AppVersion Controller -## @param lifecycleOperator.manager.env.keptnEvaluationControllerLogLevel sets the log level of Keptn Evaluation Controller -## @param lifecycleOperator.manager.env.keptnTaskControllerLogLevel sets the log level of Keptn Task Controller -## @param lifecycleOperator.manager.env.keptnTaskDefinitionControllerLogLevel sets the log level of Keptn TaskDefinition Controller -## @param lifecycleOperator.manager.env.keptnWorkloadControllerLogLevel sets the log level of Keptn Workload Controller -## @param lifecycleOperator.manager.env.keptnWorkloadInstanceControllerLogLevel sets the log level of Keptn WorkloadInstance Controller -## @param lifecycleOperator.manager.env.optionsControllerLogLevel sets the log level of Keptn Options Controller - -## @param lifecycleOperator.manager.env.otelCollectorUrl Sets the URL for the open telemetry collector -## @param lifecycleOperator.manager.env.functionRunnerImage specify image for deno task runtime -## @param lifecycleOperator.manager.env.pythonRunnerImage specify image for python task runtime - -## @param lifecycleOperator.manager.image.repository specify registry for manager image -## @param lifecycleOperator.manager.image.tag select tag for manager image -## @param lifecycleOperator.manager.imagePullPolicy specify pull policy for manager image - -## @extra lifecycleOperator.manager.livenessProbe custom livenessprobe for manager container -## @skip lifecycleOperator.manager.livenessProbe.httpGet.path -## @skip lifecycleOperator.manager.livenessProbe.httpGet.port -## @skip lifecycleOperator.manager.livenessProbe.initialDelaySeconds -## @skip lifecycleOperator.manager.livenessProbe.periodSeconds - -## @extra lifecycleOperator.manager.readinessProbe custom readinessprobe for manager container -## @skip lifecycleOperator.manager.readinessProbe.httpGet.path -## @skip lifecycleOperator.manager.readinessProbe.httpGet.port -## @skip lifecycleOperator.manager.readinessProbe.initialDelaySeconds -## @skip lifecycleOperator.manager.readinessProbe.periodSeconds - -## @extra lifecycleOperator.manager.resources specify limits and requests for manager container -## @skip lifecycleOperator.manager.resources.limits.cpu -## @skip lifecycleOperator.manager.resources.limits.memory -## @skip lifecycleOperator.manager.resources.requests.cpu -## @skip lifecycleOperator.manager.resources.requests.memory - -## @section Global -## Current available parameters: kubernetesClusterDomain, imagePullSecrets, schedulingGatesEnabled -## @param kubernetesClusterDomain overrides domain.local -## @param imagePullSecrets global value for image registry secret -## @param schedulingGatesEnabled enables the scheduling gates in lifecycle-operator. This feature is available in alpha version from K8s 1.27 or 1.26 enabling the alpha version diff --git a/helm/chart/templates/lifecycle-manager-config.yaml b/helm/chart/templates/lifecycle-manager-config.yaml deleted file mode 100644 index cd6362d7d6..0000000000 --- a/helm/chart/templates/lifecycle-manager-config.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: lifecycle-manager-config - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "chart.labels" . | nindent 4 }} -data: - controller_manager_config.yaml: | - apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 - health: - healthProbeBindAddress: {{ .Values.lifecycleManagerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress - | quote }} - kind: ControllerManagerConfig - leaderElection: - leaderElect: {{ .Values.lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.leaderElect - }} - resourceName: {{ .Values.lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.resourceName - | quote }} - metrics: - bindAddress: {{ .Values.lifecycleManagerConfig.controllerManagerConfigYaml.metrics.bindAddress - | quote }} - webhook: - port: {{ .Values.lifecycleManagerConfig.controllerManagerConfigYaml.webhook.port - }} \ No newline at end of file diff --git a/helm/chart/values.yaml b/helm/chart/values.yaml deleted file mode 100644 index ee181ba09b..0000000000 --- a/helm/chart/values.yaml +++ /dev/null @@ -1,131 +0,0 @@ -imagePullSecrets: [] -kubernetesClusterDomain: cluster.local -schedulingGatesEnabled: false -lifecycleManagerConfig: - controllerManagerConfigYaml: - health: - healthProbeBindAddress: :8081 - leaderElection: - leaderElect: true - resourceName: 6b866dd9.keptn.sh - metrics: - bindAddress: 127.0.0.1:8080 - webhook: - port: 9443 -lifecycleOperator: - manager: - containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - runAsGroup: 65532 - runAsNonRoot: true - runAsUser: 65532 - seccompProfile: - type: RuntimeDefault - env: - functionRunnerImage: ghcr.io/keptn/deno-runtime:v1.0.1 - keptnAppControllerLogLevel: "0" - keptnAppCreationRequestControllerLogLevel: "0" - keptnAppVersionControllerLogLevel: "0" - keptnEvaluationControllerLogLevel: "0" - keptnTaskControllerLogLevel: "0" - keptnTaskDefinitionControllerLogLevel: "0" - keptnWorkloadControllerLogLevel: "0" - keptnWorkloadInstanceControllerLogLevel: "0" - optionsControllerLogLevel: "0" - otelCollectorUrl: otel-collector:4317 - pythonRunnerImage: ghcr.io/keptn/python-runtime:v1.0.0 - image: - repository: ghcr.io/keptn/lifecycle-operator - tag: v0.8.2 - imagePullPolicy: Always - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 5m - memory: 64Mi - nodeSelector: {} - replicas: 1 - tolerations: [] - topologySpreadConstraints: [] -lifecycleOperatorMetricsService: - ports: - - name: metrics - port: 2222 - protocol: TCP - targetPort: metrics - type: ClusterIP -lifecycleWebhookService: - ports: - - port: 443 - protocol: TCP - targetPort: 9443 - type: ClusterIP -scheduler: - nodeSelector: {} - replicas: 1 - scheduler: - containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 65532 - seccompProfile: - type: RuntimeDefault - env: - otelCollectorUrl: otel-collector:4317 - image: - repository: ghcr.io/keptn/scheduler - tag: v0.8.2 - imagePullPolicy: Always - livenessProbe: - httpGet: - path: /healthz - port: 10259 - scheme: HTTPS - initialDelaySeconds: 15 - readinessProbe: - httpGet: - path: /healthz - port: 10259 - scheme: HTTPS - resources: - limits: - cpu: 300m - memory: 100Mi - requests: - cpu: 100m - memory: 20Mi - tolerations: [] - topologySpreadConstraints: [] -schedulerConfig: - schedulerConfigYaml: - leaderElection: - leaderElect: false - profiles: - - plugins: - permit: - enabled: - - name: KLCPermit - schedulerName: keptn-scheduler diff --git a/lifecycle-operator/.gitignore b/lifecycle-operator/.gitignore index 00f37ab078..2b6ea78bbc 100644 --- a/lifecycle-operator/.gitignore +++ b/lifecycle-operator/.gitignore @@ -28,3 +28,6 @@ load-report.* *~ .dccache* + +*.tgz +chart/rendered.yaml diff --git a/helm/chart/.helmignore b/lifecycle-operator/chart/.helmignore similarity index 100% rename from helm/chart/.helmignore rename to lifecycle-operator/chart/.helmignore diff --git a/helm/chart/Chart.yaml b/lifecycle-operator/chart/Chart.yaml similarity index 98% rename from helm/chart/Chart.yaml rename to lifecycle-operator/chart/Chart.yaml index b819e9081f..30a87afe19 100644 --- a/helm/chart/Chart.yaml +++ b/lifecycle-operator/chart/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -name: klt +name: keptn-lifecycle-operator description: A Helm chart for Keptn Lifecycle Toolkit, a set of tools to enable cloud-native application lifecycle management icon: "https://raw.githubusercontent.com/cncf/artwork/master/projects/keptn/icon/color/keptn-icon-color.svg" home: https://keptn.sh @@ -16,7 +16,6 @@ keywords: - operator - pre-deployment - post-deployment - - evaluation annotations: artifacthub.io/links: | - name: support diff --git a/lifecycle-operator/chart/README.md b/lifecycle-operator/chart/README.md new file mode 100644 index 0000000000..0c915de413 --- /dev/null +++ b/lifecycle-operator/chart/README.md @@ -0,0 +1,86 @@ +# Keptn + +Keptn provides a cloud-native approach for pre- and post-deployment, +and application health checks + + +## Parameters + +### Keptn Lifecycle Operator common + +| Name | Description | Value | +| ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | +| `lifecycleOperatorConfig.health.healthProbeBindAddress` | setup on what address to start the default health handler | `:8081` | +| `lifecycleOperatorConfig.leaderElection.leaderElect` | enable leader election for multiple replicas of the lifecycle operator | `true` | +| `lifecycleOperatorConfig.leaderElection.resourceName` | define LeaderElectionID | `6b866dd9.keptn.sh` | +| `lifecycleOperatorConfig.metrics.bindAddress` | MetricsBindAddress is the TCP address that the controller should bind to for serving prometheus metrics. It can be set to "0" to disable the metrics serving. | `127.0.0.1:8080` | +| `lifecycleOperatorConfig.webhook.port` | setup port for the lifecycle operator admission webhook | `9443` | +| `lifecycleOperator.replicas` | customize number of installed lifecycle operator replicas | `1` | +| `lifecycleOperatorMetricsService` | Adjust settings here to change the k8s service for scraping Prometheus metrics | | +| `lifecycleWebhookService` | Mutating Webhook Configurations for lifecycle Operator | | +| `lifecycleWebhookService.ports[0].port` | | `443` | +| `lifecycleWebhookService.ports[0].protocol` | | `TCP` | +| `lifecycleWebhookService.ports[0].targetPort` | | `9443` | +| `lifecycleWebhookService.type` | | `ClusterIP` | +| `lifecycleOperator.nodeSelector` | add custom nodes selector to lifecycle operator | `{}` | +| `lifecycleOperator.tolerations` | add custom tolerations to lifecycle operator | `[]` | +| `lifecycleOperator.topologySpreadConstraints` | add custom topology constraints to lifecycle operator | `[]` | + +### Keptn Lifecycle Operator controller + +| Name | Description | Value | +| --------------------------------------------------------------------- | ----------------------------------------------------------- | ------------------------------------- | +| `lifecycleOperator.containerSecurityContext` | Sets security context privileges | | +| `lifecycleOperator.containerSecurityContext.allowPrivilegeEscalation` | | `false` | +| `lifecycleOperator.containerSecurityContext.capabilities.drop` | | `["ALL"]` | +| `lifecycleOperator.containerSecurityContext.privileged` | | `false` | +| `lifecycleOperator.containerSecurityContext.runAsGroup` | | `65532` | +| `lifecycleOperator.containerSecurityContext.runAsNonRoot` | | `true` | +| `lifecycleOperator.containerSecurityContext.runAsUser` | | `65532` | +| `lifecycleOperator.containerSecurityContext.seccompProfile.type` | | `RuntimeDefault` | +| `lifecycleOperator.env.keptnAppControllerLogLevel` | sets the log level of Keptn App Controller | `0` | +| `lifecycleOperator.env.keptnAppCreationRequestControllerLogLevel` | sets the log level of Keptn App Creation Request Controller | `0` | +| `lifecycleOperator.env.keptnAppVersionControllerLogLevel` | sets the log level of Keptn AppVersion Controller | `0` | +| `lifecycleOperator.env.keptnEvaluationControllerLogLevel` | sets the log level of Keptn Evaluation Controller | `0` | +| `lifecycleOperator.env.keptnTaskControllerLogLevel` | sets the log level of Keptn Task Controller | `0` | +| `lifecycleOperator.env.keptnTaskDefinitionControllerLogLevel` | sets the log level of Keptn TaskDefinition Controller | `0` | +| `lifecycleOperator.env.keptnWorkloadControllerLogLevel` | sets the log level of Keptn Workload Controller | `0` | +| `lifecycleOperator.env.keptnWorkloadInstanceControllerLogLevel` | sets the log level of Keptn WorkloadInstance Controller | `0` | +| `lifecycleOperator.env.optionsControllerLogLevel` | sets the log level of Keptn Options Controller | `0` | +| `lifecycleOperator.env.otelCollectorUrl` | Sets the URL for the open telemetry collector | `otel-collector:4317` | +| `lifecycleOperator.env.functionRunnerImage` | specify image for deno task runtime | `ghcr.io/keptn/deno-runtime:v1.0.1` | +| `lifecycleOperator.env.pythonRunnerImage` | specify image for python task runtime | `ghcr.io/keptn/python-runtime:v1.0.0` | +| `lifecycleOperator.image.repository` | specify registry for manager image | `ghcr.io/keptn/lifecycle-operator` | +| `lifecycleOperator.image.tag` | select tag for manager image | `v0.8.2` | +| `lifecycleOperator.imagePullPolicy` | specify pull policy for manager image | `Always` | +| `lifecycleOperator.livenessProbe` | custom livenessprobe for manager container | | +| `lifecycleOperator.readinessProbe` | custom readinessprobe for manager container | | +| `lifecycleOperator.resources` | specify limits and requests for manager container | | + +### Global + +| Name | Description | Value | +| ------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | --------------- | +| `kubernetesClusterDomain` | overrides domain.local | `cluster.local` | +| `imagePullSecrets` | global value for image registry secret | `[]` | +| `schedulingGatesEnabled` | enables the scheduling gates in lifecycle-operator. This feature is available in alpha version from K8s 1.27 or 1.26 enabling the alpha version | `false` | + +### Keptn Scheduler + +| Name | Description | Value | +| ------------------------------------------------------------ | -------------------------------------------------------------- | ------------------------- | +| `scheduler.containerSecurityContext` | Sets security context | | +| `scheduler.env.otelCollectorUrl` | sets url for open telemetry collector | `otel-collector:4317` | +| `scheduler.image.repository` | set image repository for scheduler | `ghcr.io/keptn/scheduler` | +| `scheduler.image.tag` | set image tag for scheduler | `v0.8.2` | +| `scheduler.imagePullPolicy` | set image pull policy for scheduler | `Always` | +| `scheduler.livenessProbe` | customizable liveness probe for the scheduler | | +| `scheduler.readinessProbe` | customizable readiness probe for the scheduler | | +| `scheduler.resources` | sets cpu and memory resurces/limits for scheduler | | +| `schedulerConfig.leaderElection.leaderElect` | enables leader election for multiple replicas of the scheduler | `false` | +| `schedulerConfig.profiles[0].plugins.permit.enabled[0].name` | enables permit plugin | `KLCPermit` | +| `schedulerConfig.profiles[0].schedulerName` | changes scheduler name | `keptn-scheduler` | +| `scheduler.nodeSelector` | adds node selectors for scheduler | `{}` | +| `scheduler.replicas` | modifies replicas | `1` | +| `scheduler.tolerations` | adds tolerations for scheduler | `[]` | +| `scheduler.topologySpreadConstraints` | add topology constraints for scheduler | `[]` | diff --git a/lifecycle-operator/chart/doc.yaml b/lifecycle-operator/chart/doc.yaml new file mode 100644 index 0000000000..ac76ef02b2 --- /dev/null +++ b/lifecycle-operator/chart/doc.yaml @@ -0,0 +1,122 @@ + +## @section Keptn Lifecycle Operator common + +## @param lifecycleOperatorConfig.health.healthProbeBindAddress setup on what address to start the default health handler +## @param lifecycleOperatorConfig.leaderElection.leaderElect enable leader election for multiple replicas of the lifecycle operator +## @param lifecycleOperatorConfig.leaderElection.resourceName define LeaderElectionID +## @param lifecycleOperatorConfig.metrics.bindAddress MetricsBindAddress is the TCP address that the controller should bind to for serving prometheus metrics. It can be set to "0" to disable the metrics serving. +## @param lifecycleOperatorConfig.webhook.port setup port for the lifecycle operator admission webhook + +## @param lifecycleOperator.replicas customize number of installed lifecycle operator replicas + +## @extra lifecycleOperatorMetricsService Adjust settings here to change the k8s service for scraping Prometheus metrics +## @skip lifecycleOperatorMetricsService.ports[0].name +## @skip lifecycleOperatorMetricsService.ports[0].port +## @skip lifecycleOperatorMetricsService.ports[0].protocol +## @skip lifecycleOperatorMetricsService.ports[0].targetPort +## @skip lifecycleOperatorMetricsService.type + +## @extra lifecycleWebhookService Mutating Webhook Configurations for lifecycle Operator +## @param lifecycleWebhookService.ports[0].port +## @param lifecycleWebhookService.ports[0].protocol +## @param lifecycleWebhookService.ports[0].targetPort +## @param lifecycleWebhookService.type + +## @param lifecycleOperator.nodeSelector add custom nodes selector to lifecycle operator +## @param lifecycleOperator.tolerations add custom tolerations to lifecycle operator +## @param lifecycleOperator.topologySpreadConstraints add custom topology constraints to lifecycle operator + +## @section Keptn Lifecycle Operator controller +## @extra lifecycleOperator.containerSecurityContext Sets security context privileges +## @param lifecycleOperator.containerSecurityContext.allowPrivilegeEscalation +## @param lifecycleOperator.containerSecurityContext.capabilities.drop +## @param lifecycleOperator.containerSecurityContext.privileged +## @param lifecycleOperator.containerSecurityContext.runAsGroup +## @param lifecycleOperator.containerSecurityContext.runAsNonRoot +## @param lifecycleOperator.containerSecurityContext.runAsUser +## @param lifecycleOperator.containerSecurityContext.seccompProfile.type + +## @param lifecycleOperator.env.keptnAppControllerLogLevel sets the log level of Keptn App Controller +## @param lifecycleOperator.env.keptnAppCreationRequestControllerLogLevel sets the log level of Keptn App Creation Request Controller +## @param lifecycleOperator.env.keptnAppVersionControllerLogLevel sets the log level of Keptn AppVersion Controller +## @param lifecycleOperator.env.keptnEvaluationControllerLogLevel sets the log level of Keptn Evaluation Controller +## @param lifecycleOperator.env.keptnTaskControllerLogLevel sets the log level of Keptn Task Controller +## @param lifecycleOperator.env.keptnTaskDefinitionControllerLogLevel sets the log level of Keptn TaskDefinition Controller +## @param lifecycleOperator.env.keptnWorkloadControllerLogLevel sets the log level of Keptn Workload Controller +## @param lifecycleOperator.env.keptnWorkloadInstanceControllerLogLevel sets the log level of Keptn WorkloadInstance Controller +## @param lifecycleOperator.env.optionsControllerLogLevel sets the log level of Keptn Options Controller + +## @param lifecycleOperator.env.otelCollectorUrl Sets the URL for the open telemetry collector +## @param lifecycleOperator.env.functionRunnerImage specify image for deno task runtime +## @param lifecycleOperator.env.pythonRunnerImage specify image for python task runtime + +## @param lifecycleOperator.image.repository specify registry for manager image +## @param lifecycleOperator.image.tag select tag for manager image +## @param lifecycleOperator.imagePullPolicy specify pull policy for manager image + +## @extra lifecycleOperator.livenessProbe custom livenessprobe for manager container +## @skip lifecycleOperator.livenessProbe.httpGet.path +## @skip lifecycleOperator.livenessProbe.httpGet.port +## @skip lifecycleOperator.livenessProbe.initialDelaySeconds +## @skip lifecycleOperator.livenessProbe.periodSeconds + +## @extra lifecycleOperator.readinessProbe custom readinessprobe for manager container +## @skip lifecycleOperator.readinessProbe.httpGet.path +## @skip lifecycleOperator.readinessProbe.httpGet.port +## @skip lifecycleOperator.readinessProbe.initialDelaySeconds +## @skip lifecycleOperator.readinessProbe.periodSeconds + +## @extra lifecycleOperator.resources specify limits and requests for manager container +## @skip lifecycleOperator.resources.limits.cpu +## @skip lifecycleOperator.resources.limits.memory +## @skip lifecycleOperator.resources.requests.cpu +## @skip lifecycleOperator.resources.requests.memory + +## @section Global +## Current available parameters: kubernetesClusterDomain, imagePullSecrets, schedulingGatesEnabled +## @param kubernetesClusterDomain overrides domain.local +## @param imagePullSecrets global value for image registry secret +## @param schedulingGatesEnabled enables the scheduling gates in lifecycle-operator. This feature is available in alpha version from K8s 1.27 or 1.26 enabling the alpha version + +# yamllint disable rule:line-length +## @section Keptn Scheduler +## @extra scheduler.containerSecurityContext Sets security context +## @skip scheduler.containerSecurityContext.allowPrivilegeEscalation +## @skip scheduler.containerSecurityContext.capabilities.drop +## @skip scheduler.containerSecurityContext.privileged +## @skip scheduler.containerSecurityContext.readOnlyRootFilesystem +## @skip scheduler.containerSecurityContext.runAsNonRoot +## @skip scheduler.containerSecurityContext.runAsUser +## @skip scheduler.containerSecurityContext.seccompProfile.type + +## @param scheduler.env.otelCollectorUrl sets url for open telemetry collector + +## @param scheduler.image.repository set image repository for scheduler +## @param scheduler.image.tag set image tag for scheduler +## @param scheduler.imagePullPolicy set image pull policy for scheduler + +## @extra scheduler.livenessProbe customizable liveness probe for the scheduler +## @skip scheduler.livenessProbe.httpGet.path +## @skip scheduler.livenessProbe.httpGet.port +## @skip scheduler.livenessProbe.httpGet.scheme +## @skip scheduler.livenessProbe.initialDelaySeconds + +## @extra scheduler.readinessProbe customizable readiness probe for the scheduler +## @skip scheduler.readinessProbe.httpGet.path +## @skip scheduler.readinessProbe.httpGet.port +## @skip scheduler.readinessProbe.httpGet.scheme + +## @extra scheduler.resources sets cpu and memory resurces/limits for scheduler +## @skip scheduler.resources.limits.cpu +## @skip scheduler.resources.limits.memory +## @skip scheduler.resources.requests.cpu +## @skip scheduler.resources.requests.memory + +## @param schedulerConfig.leaderElection.leaderElect enables leader election for multiple replicas of the scheduler +## @param schedulerConfig.profiles[0].plugins.permit.enabled[0].name enables permit plugin +## @param schedulerConfig.profiles[0].schedulerName changes scheduler name + +## @param scheduler.nodeSelector adds node selectors for scheduler +## @param scheduler.replicas modifies replicas +## @param scheduler.tolerations adds tolerations for scheduler +## @param scheduler.topologySpreadConstraints add topology constraints for scheduler diff --git a/helm/chart/templates/_helpers.tpl b/lifecycle-operator/chart/templates/_helpers.tpl similarity index 100% rename from helm/chart/templates/_helpers.tpl rename to lifecycle-operator/chart/templates/_helpers.tpl diff --git a/helm/chart/templates/deployment.yaml b/lifecycle-operator/chart/templates/deployment.yaml similarity index 66% rename from helm/chart/templates/deployment.yaml rename to lifecycle-operator/chart/templates/deployment.yaml index 5d0bc2c745..3175f812a9 100644 --- a/helm/chart/templates/deployment.yaml +++ b/lifecycle-operator/chart/templates/deployment.yaml @@ -39,7 +39,7 @@ spec: control-plane: lifecycle-operator {{- include "chart.selectorLabels" . | nindent 8 }} annotations: - kubectl.kubernetes.io/default-container: manager + kubectl.kubernetes.io/default-container: lifecycle-operator metrics.dynatrace.com/port: "2222" metrics.dynatrace.com/scrape: "true" spec: @@ -58,47 +58,47 @@ spec: fieldRef: fieldPath: metadata.name - name: FUNCTION_RUNNER_IMAGE - value: {{ .Values.lifecycleOperator.manager.env.functionRunnerImage | quote }} + value: {{ .Values.lifecycleOperator.env.functionRunnerImage | quote }} - name: PYTHON_RUNNER_IMAGE - value: {{ .Values.lifecycleOperator.manager.env.pythonRunnerImage | quote }} + value: {{ .Values.lifecycleOperator.env.pythonRunnerImage | quote }} - name: OTEL_COLLECTOR_URL - value: {{ .Values.lifecycleOperator.manager.env.otelCollectorUrl | quote }} + value: {{ .Values.lifecycleOperator.env.otelCollectorUrl | quote }} - name: KEPTN_APP_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnAppControllerLogLevel | quote + value: {{ .Values.lifecycleOperator.env.keptnAppControllerLogLevel | quote }} - name: KEPTN_APP_CREATION_REQUEST_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnAppCreationRequestControllerLogLevel + value: {{ .Values.lifecycleOperator.env.keptnAppCreationRequestControllerLogLevel | quote }} - name: KEPTN_APP_VERSION_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnAppVersionControllerLogLevel + value: {{ .Values.lifecycleOperator.env.keptnAppVersionControllerLogLevel | quote }} - name: KEPTN_EVALUATION_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnEvaluationControllerLogLevel + value: {{ .Values.lifecycleOperator.env.keptnEvaluationControllerLogLevel | quote }} - name: KEPTN_TASK_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnTaskControllerLogLevel | quote + value: {{ .Values.lifecycleOperator.env.keptnTaskControllerLogLevel | quote }} - name: KEPTN_TASK_DEFINITION_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnTaskDefinitionControllerLogLevel + value: {{ .Values.lifecycleOperator.env.keptnTaskDefinitionControllerLogLevel | quote }} - name: KEPTN_WORKLOAD_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnWorkloadControllerLogLevel + value: {{ .Values.lifecycleOperator.env.keptnWorkloadControllerLogLevel | quote }} - name: KEPTN_WORKLOAD_INSTANCE_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnWorkloadInstanceControllerLogLevel + value: {{ .Values.lifecycleOperator.env.keptnWorkloadInstanceControllerLogLevel | quote }} - name: OPTIONS_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.optionsControllerLogLevel | quote + value: {{ .Values.lifecycleOperator.env.optionsControllerLogLevel | quote }} - name: SCHEDULING_GATES_ENABLED value: {{ .Values.schedulingGatesEnabled | quote }} - name: KUBERNETES_CLUSTER_DOMAIN value: {{ .Values.kubernetesClusterDomain }} - image: {{ .Values.lifecycleOperator.manager.image.repository }}:{{ .Values.lifecycleOperator.manager.image.tag + image: {{ .Values.lifecycleOperator.image.repository }}:{{ .Values.lifecycleOperator.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.lifecycleOperator.manager.imagePullPolicy }} - name: manager + imagePullPolicy: {{ .Values.lifecycleOperator.imagePullPolicy }} + name: lifecycle-operator ports: - containerPort: 9443 name: webhook-server @@ -106,29 +106,29 @@ spec: - containerPort: 2222 name: metrics protocol: TCP - resources: {{- toYaml .Values.lifecycleOperator.manager.resources | nindent 10 }} + resources: {{- toYaml .Values.lifecycleOperator.resources | nindent 10 }} securityContext: - allowPrivilegeEscalation: {{ .Values.lifecycleOperator.manager.containerSecurityContext.allowPrivilegeEscalation + allowPrivilegeEscalation: {{ .Values.lifecycleOperator.containerSecurityContext.allowPrivilegeEscalation }} - capabilities: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.manager.containerSecurityContext.capabilities + capabilities: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.containerSecurityContext.capabilities "context" $) | nindent 12 }} - privileged: {{ .Values.lifecycleOperator.manager.containerSecurityContext.privileged + privileged: {{ .Values.lifecycleOperator.containerSecurityContext.privileged }} - runAsGroup: {{ .Values.lifecycleOperator.manager.containerSecurityContext.runAsGroup + runAsGroup: {{ .Values.lifecycleOperator.containerSecurityContext.runAsGroup }} - runAsNonRoot: {{ .Values.lifecycleOperator.manager.containerSecurityContext.runAsNonRoot + runAsNonRoot: {{ .Values.lifecycleOperator.containerSecurityContext.runAsNonRoot }} - runAsUser: {{ .Values.lifecycleOperator.manager.containerSecurityContext.runAsUser + runAsUser: {{ .Values.lifecycleOperator.containerSecurityContext.runAsUser }} - seccompProfile: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.manager.containerSecurityContext.seccompProfile + seccompProfile: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.containerSecurityContext.seccompProfile "context" $) | nindent 12 }} volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs/ name: certs-dir - mountPath: /tmp/metrics-adapter/serving-certs name: adapter-certs-dir - {{- if .Values.lifecycleOperator.manager.livenessProbe }} - livenessProbe: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.manager.livenessProbe "context" $) | nindent 10 }} + {{- if .Values.lifecycleOperator.livenessProbe }} + livenessProbe: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.livenessProbe "context" $) | nindent 10 }} {{- else }} livenessProbe: httpGet: @@ -137,8 +137,8 @@ spec: initialDelaySeconds: 15 periodSeconds: 20 {{- end }} - {{- if .Values.lifecycleOperator.manager.readinessProbe }} - readinessProbe: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.manager.readinessProbe "context" $) | nindent 10 }} + {{- if .Values.lifecycleOperator.readinessProbe }} + readinessProbe: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.readinessProbe "context" $) | nindent 10 }} {{- else }} readinessProbe: httpGet: @@ -195,34 +195,34 @@ spec: - --config=/etc/kubernetes/scheduler-config.yaml env: - name: OTEL_COLLECTOR_URL - value: {{ .Values.scheduler.scheduler.env.otelCollectorUrl | quote }} + value: {{ .Values.scheduler.env.otelCollectorUrl | quote }} - name: KUBERNETES_CLUSTER_DOMAIN value: {{ .Values.kubernetesClusterDomain }} - image: {{ .Values.scheduler.scheduler.image.repository }}:{{ .Values.scheduler.scheduler.image.tag + image: {{ .Values.scheduler.image.repository }}:{{ .Values.scheduler.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.scheduler.scheduler.imagePullPolicy }} + imagePullPolicy: {{ .Values.scheduler.imagePullPolicy }} name: scheduler - resources: {{- toYaml .Values.scheduler.scheduler.resources | nindent 10 }} + resources: {{- toYaml .Values.scheduler.resources | nindent 10 }} securityContext: - allowPrivilegeEscalation: {{ .Values.scheduler.scheduler.containerSecurityContext.allowPrivilegeEscalation + allowPrivilegeEscalation: {{ .Values.scheduler.containerSecurityContext.allowPrivilegeEscalation }} - capabilities: {{- include "tplvalues.render" (dict "value" .Values.scheduler.scheduler.containerSecurityContext.capabilities + capabilities: {{- include "tplvalues.render" (dict "value" .Values.scheduler.containerSecurityContext.capabilities "context" $) | nindent 12 }} - privileged: {{ .Values.scheduler.scheduler.containerSecurityContext.privileged + privileged: {{ .Values.scheduler.containerSecurityContext.privileged }} - readOnlyRootFilesystem: {{ .Values.scheduler.scheduler.containerSecurityContext.readOnlyRootFilesystem + readOnlyRootFilesystem: {{ .Values.scheduler.containerSecurityContext.readOnlyRootFilesystem }} - runAsNonRoot: {{ .Values.scheduler.scheduler.containerSecurityContext.runAsNonRoot + runAsNonRoot: {{ .Values.scheduler.containerSecurityContext.runAsNonRoot }} - runAsUser: {{ .Values.scheduler.scheduler.containerSecurityContext.runAsUser }} - seccompProfile: {{- include "tplvalues.render" (dict "value" .Values.scheduler.scheduler.containerSecurityContext.seccompProfile + runAsUser: {{ .Values.scheduler.containerSecurityContext.runAsUser }} + seccompProfile: {{- include "tplvalues.render" (dict "value" .Values.scheduler.containerSecurityContext.seccompProfile "context" $) | nindent 12 }} volumeMounts: - mountPath: /etc/kubernetes name: scheduler-config readOnly: true - {{- if .Values.scheduler.scheduler.livenessProbe }} - livenessProbe: {{- include "tplvalues.render" (dict "value" .Values.scheduler.scheduler.livenessProbe "context" $) | nindent 10 }} + {{- if .Values.scheduler.livenessProbe }} + livenessProbe: {{- include "tplvalues.render" (dict "value" .Values.scheduler.livenessProbe "context" $) | nindent 10 }} {{- else }} livenessProbe: httpGet: @@ -231,8 +231,8 @@ spec: scheme: HTTPS initialDelaySeconds: 15 {{- end }} - {{- if .Values.scheduler.scheduler.readinessProbe }} - readinessProbe: {{- include "tplvalues.render" (dict "value" .Values.scheduler.scheduler.readinessProbe "context" $) | nindent 10 }} + {{- if .Values.scheduler.readinessProbe }} + readinessProbe: {{- include "tplvalues.render" (dict "value" .Values.scheduler.readinessProbe "context" $) | nindent 10 }} {{- else }} readinessProbe: httpGet: diff --git a/helm/chart/templates/extension-apiserver-authentication-reader-rbac.yaml b/lifecycle-operator/chart/templates/extension-apiserver-authentication-reader-rbac.yaml similarity index 100% rename from helm/chart/templates/extension-apiserver-authentication-reader-rbac.yaml rename to lifecycle-operator/chart/templates/extension-apiserver-authentication-reader-rbac.yaml diff --git a/helm/chart/templates/keptn-scheduler-rbac.yaml b/lifecycle-operator/chart/templates/keptn-scheduler-rbac.yaml similarity index 100% rename from helm/chart/templates/keptn-scheduler-rbac.yaml rename to lifecycle-operator/chart/templates/keptn-scheduler-rbac.yaml diff --git a/helm/chart/templates/keptnapp-crd.yaml b/lifecycle-operator/chart/templates/keptnapp-crd.yaml similarity index 100% rename from helm/chart/templates/keptnapp-crd.yaml rename to lifecycle-operator/chart/templates/keptnapp-crd.yaml diff --git a/helm/chart/templates/keptnappcreationrequest-crd.yaml b/lifecycle-operator/chart/templates/keptnappcreationrequest-crd.yaml similarity index 100% rename from helm/chart/templates/keptnappcreationrequest-crd.yaml rename to lifecycle-operator/chart/templates/keptnappcreationrequest-crd.yaml diff --git a/helm/chart/templates/keptnappversion-crd.yaml b/lifecycle-operator/chart/templates/keptnappversion-crd.yaml similarity index 100% rename from helm/chart/templates/keptnappversion-crd.yaml rename to lifecycle-operator/chart/templates/keptnappversion-crd.yaml diff --git a/helm/chart/templates/keptnconfig-crd.yaml b/lifecycle-operator/chart/templates/keptnconfig-crd.yaml similarity index 100% rename from helm/chart/templates/keptnconfig-crd.yaml rename to lifecycle-operator/chart/templates/keptnconfig-crd.yaml diff --git a/helm/chart/templates/keptnevaluation-crd.yaml b/lifecycle-operator/chart/templates/keptnevaluation-crd.yaml similarity index 100% rename from helm/chart/templates/keptnevaluation-crd.yaml rename to lifecycle-operator/chart/templates/keptnevaluation-crd.yaml diff --git a/helm/chart/templates/keptnevaluationdefinition-crd.yaml b/lifecycle-operator/chart/templates/keptnevaluationdefinition-crd.yaml similarity index 100% rename from helm/chart/templates/keptnevaluationdefinition-crd.yaml rename to lifecycle-operator/chart/templates/keptnevaluationdefinition-crd.yaml diff --git a/helm/chart/templates/keptnevaluationprovider-crd.yaml b/lifecycle-operator/chart/templates/keptnevaluationprovider-crd.yaml similarity index 100% rename from helm/chart/templates/keptnevaluationprovider-crd.yaml rename to lifecycle-operator/chart/templates/keptnevaluationprovider-crd.yaml diff --git a/helm/chart/templates/keptntask-crd.yaml b/lifecycle-operator/chart/templates/keptntask-crd.yaml similarity index 100% rename from helm/chart/templates/keptntask-crd.yaml rename to lifecycle-operator/chart/templates/keptntask-crd.yaml diff --git a/helm/chart/templates/keptntaskdefinition-crd.yaml b/lifecycle-operator/chart/templates/keptntaskdefinition-crd.yaml similarity index 100% rename from helm/chart/templates/keptntaskdefinition-crd.yaml rename to lifecycle-operator/chart/templates/keptntaskdefinition-crd.yaml diff --git a/helm/chart/templates/keptnworkload-crd.yaml b/lifecycle-operator/chart/templates/keptnworkload-crd.yaml similarity index 100% rename from helm/chart/templates/keptnworkload-crd.yaml rename to lifecycle-operator/chart/templates/keptnworkload-crd.yaml diff --git a/helm/chart/templates/keptnworkloadinstance-crd.yaml b/lifecycle-operator/chart/templates/keptnworkloadinstance-crd.yaml similarity index 100% rename from helm/chart/templates/keptnworkloadinstance-crd.yaml rename to lifecycle-operator/chart/templates/keptnworkloadinstance-crd.yaml diff --git a/helm/chart/templates/leader-election-rbac.yaml b/lifecycle-operator/chart/templates/leader-election-rbac.yaml similarity index 100% rename from helm/chart/templates/leader-election-rbac.yaml rename to lifecycle-operator/chart/templates/leader-election-rbac.yaml diff --git a/lifecycle-operator/chart/templates/lifecycle-manager-config.yaml b/lifecycle-operator/chart/templates/lifecycle-manager-config.yaml new file mode 100644 index 0000000000..36bc2650e8 --- /dev/null +++ b/lifecycle-operator/chart/templates/lifecycle-manager-config.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: lifecycle-manager-config + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "chart.labels" . | nindent 4 }} +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + health: + healthProbeBindAddress: {{ .Values.lifecycleOperatorConfig.health.healthProbeBindAddress + | quote }} + kind: ControllerManagerConfig + leaderElection: + leaderElect: {{ .Values.lifecycleOperatorConfig.leaderElection.leaderElect + }} + resourceName: {{ .Values.lifecycleOperatorConfig.leaderElection.resourceName + | quote }} + metrics: + bindAddress: {{ .Values.lifecycleOperatorConfig.metrics.bindAddress + | quote }} + webhook: + port: {{ .Values.lifecycleOperatorConfig.webhook.port + }} \ No newline at end of file diff --git a/helm/chart/templates/lifecycle-mutating-webhook-configuration.yaml b/lifecycle-operator/chart/templates/lifecycle-mutating-webhook-configuration.yaml similarity index 100% rename from helm/chart/templates/lifecycle-mutating-webhook-configuration.yaml rename to lifecycle-operator/chart/templates/lifecycle-mutating-webhook-configuration.yaml diff --git a/helm/chart/templates/lifecycle-operator-leader-election-rbac.yaml b/lifecycle-operator/chart/templates/lifecycle-operator-leader-election-rbac.yaml similarity index 100% rename from helm/chart/templates/lifecycle-operator-leader-election-rbac.yaml rename to lifecycle-operator/chart/templates/lifecycle-operator-leader-election-rbac.yaml diff --git a/helm/chart/templates/lifecycle-operator-metrics-service.yaml b/lifecycle-operator/chart/templates/lifecycle-operator-metrics-service.yaml similarity index 100% rename from helm/chart/templates/lifecycle-operator-metrics-service.yaml rename to lifecycle-operator/chart/templates/lifecycle-operator-metrics-service.yaml diff --git a/helm/chart/templates/lifecycle-operator-rbac.yaml b/lifecycle-operator/chart/templates/lifecycle-operator-rbac.yaml similarity index 100% rename from helm/chart/templates/lifecycle-operator-rbac.yaml rename to lifecycle-operator/chart/templates/lifecycle-operator-rbac.yaml diff --git a/helm/chart/templates/lifecycle-validating-webhook-configuration.yaml b/lifecycle-operator/chart/templates/lifecycle-validating-webhook-configuration.yaml similarity index 100% rename from helm/chart/templates/lifecycle-validating-webhook-configuration.yaml rename to lifecycle-operator/chart/templates/lifecycle-validating-webhook-configuration.yaml diff --git a/helm/chart/templates/lifecycle-webhook-service.yaml b/lifecycle-operator/chart/templates/lifecycle-webhook-service.yaml similarity index 100% rename from helm/chart/templates/lifecycle-webhook-service.yaml rename to lifecycle-operator/chart/templates/lifecycle-webhook-service.yaml diff --git a/helm/chart/templates/scheduler-config.yaml b/lifecycle-operator/chart/templates/scheduler-config.yaml similarity index 68% rename from helm/chart/templates/scheduler-config.yaml rename to lifecycle-operator/chart/templates/scheduler-config.yaml index 978b4391f8..c08f483792 100644 --- a/helm/chart/templates/scheduler-config.yaml +++ b/lifecycle-operator/chart/templates/scheduler-config.yaml @@ -11,8 +11,8 @@ data: apiVersion: kubescheduler.config.k8s.io/v1beta3 kind: KubeSchedulerConfiguration leaderElection: - leaderElect: {{ .Values.schedulerConfig.schedulerConfigYaml.leaderElection.leaderElect + leaderElect: {{ .Values.schedulerConfig.leaderElection.leaderElect }} - profiles: {{ toYaml .Values.schedulerConfig.schedulerConfigYaml.profiles | nindent + profiles: {{ toYaml .Values.schedulerConfig.profiles | nindent 6 }} {{- end }} \ No newline at end of file diff --git a/helm/chart/templates/server-resources-rbac.yaml b/lifecycle-operator/chart/templates/server-resources-rbac.yaml similarity index 100% rename from helm/chart/templates/server-resources-rbac.yaml rename to lifecycle-operator/chart/templates/server-resources-rbac.yaml diff --git a/lifecycle-operator/chart/values.yaml b/lifecycle-operator/chart/values.yaml new file mode 100644 index 0000000000..5da4d7a851 --- /dev/null +++ b/lifecycle-operator/chart/values.yaml @@ -0,0 +1,127 @@ +imagePullSecrets: [] +kubernetesClusterDomain: cluster.local +schedulingGatesEnabled: false +lifecycleOperatorConfig: + health: + healthProbeBindAddress: :8081 + leaderElection: + leaderElect: true + resourceName: 6b866dd9.keptn.sh + metrics: + bindAddress: 127.0.0.1:8080 + webhook: + port: 9443 +lifecycleOperator: + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + runAsGroup: 65532 + runAsNonRoot: true + runAsUser: 65532 + seccompProfile: + type: RuntimeDefault + env: + functionRunnerImage: ghcr.io/keptn/deno-runtime:v1.0.1 + keptnAppControllerLogLevel: "0" + keptnAppCreationRequestControllerLogLevel: "0" + keptnAppVersionControllerLogLevel: "0" + keptnEvaluationControllerLogLevel: "0" + keptnTaskControllerLogLevel: "0" + keptnTaskDefinitionControllerLogLevel: "0" + keptnWorkloadControllerLogLevel: "0" + keptnWorkloadInstanceControllerLogLevel: "0" + optionsControllerLogLevel: "0" + otelCollectorUrl: otel-collector:4317 + pythonRunnerImage: ghcr.io/keptn/python-runtime:v1.0.0 + image: + repository: ghcr.io/keptn/lifecycle-operator + tag: v0.8.2 + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + nodeSelector: {} + replicas: 1 + tolerations: [] + topologySpreadConstraints: [] +lifecycleOperatorMetricsService: + ports: + - name: metrics + port: 2222 + protocol: TCP + targetPort: metrics + type: ClusterIP +lifecycleWebhookService: + ports: + - port: 443 + protocol: TCP + targetPort: 9443 + type: ClusterIP +scheduler: + nodeSelector: {} + replicas: 1 + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 65532 + seccompProfile: + type: RuntimeDefault + env: + otelCollectorUrl: otel-collector:4317 + image: + repository: ghcr.io/keptn/scheduler + tag: v0.8.2 + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 10259 + scheme: HTTPS + initialDelaySeconds: 15 + readinessProbe: + httpGet: + path: /healthz + port: 10259 + scheme: HTTPS + resources: + limits: + cpu: 300m + memory: 100Mi + requests: + cpu: 100m + memory: 20Mi + tolerations: [] + topologySpreadConstraints: [] +schedulerConfig: + leaderElection: + leaderElect: false + profiles: + - plugins: + permit: + enabled: + - name: KLCPermit + schedulerName: keptn-scheduler diff --git a/lifecycle-operator/config/default/manager_webhook_patch.yaml b/lifecycle-operator/config/default/manager_webhook_patch.yaml index 8a96063a23..a36c017bae 100644 --- a/lifecycle-operator/config/default/manager_webhook_patch.yaml +++ b/lifecycle-operator/config/default/manager_webhook_patch.yaml @@ -7,7 +7,7 @@ spec: template: spec: containers: - - name: manager + - name: lifecycle-operator ports: - containerPort: 9443 name: webhook-server diff --git a/lifecycle-operator/config/manager/kustomization.yaml b/lifecycle-operator/config/manager/kustomization.yaml index de4a7590a2..8cf586afc3 100644 --- a/lifecycle-operator/config/manager/kustomization.yaml +++ b/lifecycle-operator/config/manager/kustomization.yaml @@ -6,7 +6,7 @@ generatorOptions: configMapGenerator: - files: - controller_manager_config.yaml - name: lifecycle-manager-config + name: lifecycle-operator-config apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization patches: diff --git a/lifecycle-operator/config/manager/manager.yaml b/lifecycle-operator/config/manager/manager.yaml index 5c7733f58e..3a1aa98a70 100644 --- a/lifecycle-operator/config/manager/manager.yaml +++ b/lifecycle-operator/config/manager/manager.yaml @@ -5,6 +5,7 @@ metadata: namespace: system labels: app.kubernetes.io/part-of: keptn-lifecycle-toolkit + app.kubernetes.io/component: lifecycle-operator control-plane: lifecycle-operator keptn.sh/inject-cert: "true" spec: @@ -15,7 +16,7 @@ spec: template: metadata: annotations: - kubectl.kubernetes.io/default-container: manager + kubectl.kubernetes.io/default-container: lifecycle-operator metrics.dynatrace.com/scrape: 'true' metrics.dynatrace.com/port: '2222' labels: @@ -41,7 +42,7 @@ spec: args: - --leader-elect image: controller:latest - name: manager + name: lifecycle-operator ports: - containerPort: 9443 name: webhook-server