Skip to content

Commit

Permalink
Upgrade cert-manager to v1.1.0
Browse files Browse the repository at this point in the history
  • Loading branch information
fabriziopandini committed Feb 8, 2021
1 parent da2fab9 commit 24926f6
Show file tree
Hide file tree
Showing 21 changed files with 12,407 additions and 5,394 deletions.
2 changes: 1 addition & 1 deletion Tiltfile
Original file line number Diff line number Diff line change
Expand Up @@ -236,6 +236,6 @@ load_provider_tiltfiles()
load("ext://cert_manager", "deploy_cert_manager")

if settings.get("deploy_cert_manager"):
deploy_cert_manager()
deploy_cert_manager(version = "v1.1.0")

enable_providers()
4 changes: 2 additions & 2 deletions bootstrap/kubeadm/config/certmanager/certificate.yaml
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
# The following manifests contain a self-signed issuer CR and a certificate CR.
# More document can be found at https://docs.cert-manager.io
# WARNING: Targets CertManager 0.11 check https://docs.cert-manager.io/en/latest/tasks/upgrading/index.html for breaking changes
apiVersion: cert-manager.io/v1alpha2
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: selfsigned-issuer
namespace: system
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1alpha2
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
Expand Down
4 changes: 2 additions & 2 deletions bootstrap/kubeadm/config/default/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,15 +34,15 @@ vars:
objref:
kind: Certificate
group: cert-manager.io
version: v1alpha2
version: v1
name: serving-cert # this name should match the one in certificate.yaml
fieldref:
fieldpath: metadata.namespace
- name: CERTIFICATE_NAME
objref:
kind: Certificate
group: cert-manager.io
version: v1alpha2
version: v1
name: serving-cert # this name should match the one in certificate.yaml
- name: SERVICE_NAMESPACE # namespace of the service
objref:
Expand Down
35 changes: 12 additions & 23 deletions cmd/clusterctl/client/cluster/cert_manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ import (
"context"
"crypto/sha256"
"fmt"
"strings"
"regexp"
"time"

"github.com/pkg/errors"
Expand Down Expand Up @@ -50,8 +50,6 @@ const (

certmanagerVersionAnnotation = "certmanager.clusterctl.cluster.x-k8s.io/version"
certmanagerHashAnnotation = "certmanager.clusterctl.cluster.x-k8s.io/hash"

certmanagerVersionLabel = "helm.sh/chart"
)

// CertManagerUpgradePlan defines the upgrade plan if cert-manager needs to be
Expand Down Expand Up @@ -101,30 +99,22 @@ func (cm *certManagerClient) setManifestHash() error {
}

func (cm *certManagerClient) setManifestVersion() error {
// Gets the cert-manager objects from the embedded assets.
objs, err := cm.getManifestObjs()
// Gets the cert-manager version from the image version in the raw yaml
yaml, err := manifests.Asset(embeddedCertManagerManifestPath)
if err != nil {
return err
}
found := false

for i := range objs {
o := objs[i]
if o.GetKind() == "CustomResourceDefinition" {
labels := o.GetLabels()
version, ok := labels[certmanagerVersionLabel]
if ok {
s := strings.Split(version, "-")
cm.embeddedCertManagerManifestVersion = s[2]
found = true
break
}
}
r, err := regexp.Compile("(?:quay.io/jetstack/cert-manager-controller:)(.*)")
if err != nil {
return err
}
if !found {
return errors.Errorf("Failed to detect cert-manager version by searching for label %s in all CRDs", certmanagerVersionLabel)

if match := r.FindStringSubmatch(string(yaml)); len(match) > 0 {
cm.embeddedCertManagerManifestVersion = match[1]
return nil
}
return nil
return errors.New("Failed to detect cert-manager version by searching for quay.io/jetstack/cert-manager-controller image version")
}

// newCertManagerClient returns a certManagerClient.
Expand Down Expand Up @@ -305,10 +295,9 @@ func (cm *certManagerClient) shouldUpgrade(objs []unstructured.Unstructured) (st
continue
}

// if no version then upgrade (v0.11.0)
// if there is no version annotation, this means the obj is cert-manager v0.11.0 (installed with older version of clusterctl)
objVersion, ok := obj.GetAnnotations()[certmanagerVersionAnnotation]
if !ok {
// if there is no version annotation, this means the obj is cert-manager v0.11.0 (installed with older version of clusterctl)
currentVersion = "v0.11.0"
needUpgrade = true
break
Expand Down
4 changes: 2 additions & 2 deletions cmd/clusterctl/client/cluster/cert_manager_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ import (
const (
// Those values are dummy for test only
expectedHash = "dummy-hash"
expectedVersion = "v0.11.2"
expectedVersion = "v1.1.0"
)

func Test_VersionMarkerUpToDate(t *testing.T) {
Expand Down Expand Up @@ -345,7 +345,7 @@ func Test_shouldUpgrade(t *testing.T) {
"kind": "Endpoints",
"metadata": map[string]interface{}{
"annotations": map[string]interface{}{
certmanagerVersionAnnotation: "v0.11.0",
certmanagerVersionAnnotation: expectedVersion,
},
},
},
Expand Down
30 changes: 15 additions & 15 deletions cmd/clusterctl/client/config/imagemeta_client_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,9 +46,9 @@ func Test_imageMetaClient_AlterImage(t *testing.T) {
},
args: args{
component: "any",
image: "quay.io/jetstack/cert-manager-cainjector:v0.11.0",
image: "quay.io/jetstack/cert-manager-cainjector:v1.1.0",
},
want: "quay.io/jetstack/cert-manager-cainjector:v0.11.0",
want: "quay.io/jetstack/cert-manager-cainjector:v1.1.0",
wantErr: false,
},
{
Expand All @@ -58,7 +58,7 @@ func Test_imageMetaClient_AlterImage(t *testing.T) {
},
args: args{
component: "cert-manager",
image: "quay.io/jetstack/cert-manager-cainjector:v0.11.0",
image: "quay.io/jetstack/cert-manager-cainjector:v1.1.0",
},
want: "foo-repository.io/cert-manager-cainjector:foo-tag",
wantErr: false,
Expand All @@ -70,9 +70,9 @@ func Test_imageMetaClient_AlterImage(t *testing.T) {
},
args: args{
component: "cert-manager",
image: "quay.io/jetstack/cert-manager-webhook:v0.11.0",
image: "quay.io/jetstack/cert-manager-webhook:v1.1.0",
},
want: "quay.io/jetstack/cert-manager-webhook:v0.11.0",
want: "quay.io/jetstack/cert-manager-webhook:v1.1.0",
wantErr: false,
},
{
Expand All @@ -82,7 +82,7 @@ func Test_imageMetaClient_AlterImage(t *testing.T) {
},
args: args{
component: "cert-manager",
image: "quay.io/jetstack/cert-manager-cainjector:v0.11.0",
image: "quay.io/jetstack/cert-manager-cainjector:v1.1.0",
},
want: "foo-repository.io/cert-manager-cainjector:foo-tag",
wantErr: false,
Expand All @@ -96,7 +96,7 @@ func Test_imageMetaClient_AlterImage(t *testing.T) {
},
args: args{
component: "cert-manager",
image: "quay.io/jetstack/cert-manager-cainjector:v0.11.0",
image: "quay.io/jetstack/cert-manager-cainjector:v1.1.0",
},
want: "foo-repository.io/cert-manager-cainjector:foo-tag",
wantErr: false,
Expand All @@ -110,7 +110,7 @@ func Test_imageMetaClient_AlterImage(t *testing.T) {
},
args: args{
component: "cert-manager",
image: "quay.io/jetstack/cert-manager-cainjector:v0.11.0",
image: "quay.io/jetstack/cert-manager-cainjector:v1.1.0",
},
want: "foo-repository.io/cert-manager-cainjector:bar-tag",
wantErr: false,
Expand All @@ -124,7 +124,7 @@ func Test_imageMetaClient_AlterImage(t *testing.T) {
},
args: args{
component: "cert-manager",
image: "quay.io/jetstack/cert-manager-webhook:v0.11.0",
image: "quay.io/jetstack/cert-manager-webhook:v1.1.0",
},
want: "bar-repository.io/cert-manager-webhook:bar-tag",
wantErr: false,
Expand All @@ -136,7 +136,7 @@ func Test_imageMetaClient_AlterImage(t *testing.T) {
},
args: args{
component: "cert-manager",
image: "quay.io/jetstack/cert-manager-cainjector:v0.11.0",
image: "quay.io/jetstack/cert-manager-cainjector:v1.1.0",
},
want: "foo-repository.io/cert-manager-cainjector:foo-tag",
wantErr: false,
Expand All @@ -150,7 +150,7 @@ func Test_imageMetaClient_AlterImage(t *testing.T) {
},
args: args{
component: "cert-manager",
image: "quay.io/jetstack/cert-manager-cainjector:v0.11.0",
image: "quay.io/jetstack/cert-manager-cainjector:v1.1.0",
},
want: "bar-repository.io/cert-manager-cainjector:bar-tag",
wantErr: false,
Expand All @@ -164,7 +164,7 @@ func Test_imageMetaClient_AlterImage(t *testing.T) {
},
args: args{
component: "cert-manager",
image: "quay.io/jetstack/cert-manager-cainjector:v0.11.0",
image: "quay.io/jetstack/cert-manager-cainjector:v1.1.0",
},
want: "foo-repository.io/cert-manager-cainjector:bar-tag",
wantErr: false,
Expand All @@ -179,7 +179,7 @@ func Test_imageMetaClient_AlterImage(t *testing.T) {
},
args: args{
component: "cert-manager",
image: "quay.io/jetstack/cert-manager-cainjector:v0.11.0",
image: "quay.io/jetstack/cert-manager-cainjector:v1.1.0",
},
want: "foo-repository.io/cert-manager-cainjector:foo-tag",
wantErr: false,
Expand All @@ -194,7 +194,7 @@ func Test_imageMetaClient_AlterImage(t *testing.T) {
},
args: args{
component: "cert-manager",
image: "quay.io/jetstack/cert-manager-cainjector:v0.11.0",
image: "quay.io/jetstack/cert-manager-cainjector:v1.1.0",
},
want: "foo-repository.io/cert-manager-cainjector:bar-tag",
wantErr: false,
Expand All @@ -209,7 +209,7 @@ func Test_imageMetaClient_AlterImage(t *testing.T) {
},
args: args{
component: "cert-manager",
image: "quay.io/jetstack/cert-manager-webhook:v0.11.0",
image: "quay.io/jetstack/cert-manager-webhook:v1.1.0",
},
want: "bar-repository.io/cert-manager-webhook:baz-tag",
wantErr: false,
Expand Down
4 changes: 2 additions & 2 deletions cmd/clusterctl/client/upgrade_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,8 @@ func Test_clusterctlClient_PlanCertUpgrade(t *testing.T) {
WithFile("v1.0", "components.yaml", []byte("content"))

certManagerPlan := CertManagerUpgradePlan{
From: "v0.16.0",
To: "v0.16.1",
From: "v0.16.1",
To: "v1.1.0",
ShouldUpgrade: true,
}
// create a fake cluster, with a cert manager client that has an upgrade
Expand Down
4 changes: 2 additions & 2 deletions cmd/clusterctl/config/assets/cert-manager-test-resources.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,15 @@ kind: Namespace
metadata:
name: cert-manager-test
---
apiVersion: cert-manager.io/v1alpha2
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: test-selfsigned
namespace: cert-manager-test
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1alpha2
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: selfsigned-cert
Expand Down
Loading

0 comments on commit 24926f6

Please sign in to comment.