From 9bd84005ef8262ada27d1abd6bc9aa7a5faace71 Mon Sep 17 00:00:00 2001 From: ks-ci-bot Date: Fri, 20 Dec 2024 06:37:26 +0000 Subject: [PATCH] update ks-core helm chart --- src/test/ks-core/Chart.yaml | 4 +- ...ion.kubesphere.io_applicationreleases.yaml | 2 +- .../crds/application.kubesphere.io_repos.yaml | 1 + .../extensions.kubesphere.io_apiservices.yaml | 19 +- ...nsions.kubesphere.io_extensionentries.yaml | 19 +- .../extensions.kubesphere.io_jsbundles.yaml | 222 ++++++++++++------ ...tensions.kubesphere.io_reverseproxies.yaml | 19 +- .../crds/iam.kubesphere.io_builtinroles.yaml | 2 + .../crds/iam.kubesphere.io_clusterroles.yaml | 7 + .../crds/iam.kubesphere.io_globalroles.yaml | 12 + .../ks-crds/crds/iam.kubesphere.io_roles.yaml | 7 + .../crds/iam.kubesphere.io_roletemplates.yaml | 5 + .../iam.kubesphere.io_workspaceroles.yaml | 12 + .../crds/kubesphere.io_extensions.yaml | 40 +--- .../crds/kubesphere.io_extensionversions.yaml | 5 +- .../crds/kubesphere.io_installplans.yaml | 42 +--- .../crds/kubesphere.io_repositories.yaml | 4 + .../crds/kubesphere.io_serviceaccounts.yaml | 21 +- .../quota.kubesphere.io_resourcequotas.yaml | 3 + ...nant.kubesphere.io_workspacetemplates.yaml | 4 + .../ks-core/templates/extension-museum.yaml | 2 +- .../ks-core/templates/kubesphere-config.yaml | 14 +- .../templates/platformconfig-telemetry.yaml | 12 + src/test/ks-core/templates/redis.yaml | 45 ++-- src/test/ks-core/templates/roletemplates.yaml | 59 +++++ src/test/ks-core/values.yaml | 13 +- 26 files changed, 347 insertions(+), 248 deletions(-) create mode 100644 src/test/ks-core/templates/platformconfig-telemetry.yaml diff --git a/src/test/ks-core/Chart.yaml b/src/test/ks-core/Chart.yaml index 2eb0efbb..3ef8f06c 100644 --- a/src/test/ks-core/Chart.yaml +++ b/src/test/ks-core/Chart.yaml @@ -7,12 +7,12 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.1.3 +version: 1.1.2 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: "v4.1.2" +appVersion: "v4.1.1" dependencies: - name: redis-ha diff --git a/src/test/ks-core/charts/ks-crds/crds/application.kubesphere.io_applicationreleases.yaml b/src/test/ks-core/charts/ks-crds/crds/application.kubesphere.io_applicationreleases.yaml index a13550b4..bf39d819 100644 --- a/src/test/ks-core/charts/ks-crds/crds/application.kubesphere.io_applicationreleases.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/application.kubesphere.io_applicationreleases.yaml @@ -96,7 +96,7 @@ spec: items: description: |- RawMessage is a raw encoded JSON value. - It implements Marshaler and Unmarshaler and can + It implements [Marshaler] and [Unmarshaler] and can be used to delay JSON decoding or precompute a JSON encoding. format: byte type: string diff --git a/src/test/ks-core/charts/ks-crds/crds/application.kubesphere.io_repos.yaml b/src/test/ks-core/charts/ks-crds/crds/application.kubesphere.io_repos.yaml index fd6054a4..cab3a3d5 100644 --- a/src/test/ks-core/charts/ks-crds/crds/application.kubesphere.io_repos.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/application.kubesphere.io_repos.yaml @@ -85,6 +85,7 @@ spec: url: type: string required: + - syncPeriod - url type: object status: diff --git a/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_apiservices.yaml b/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_apiservices.yaml index e3f933ec..db4f405a 100644 --- a/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_apiservices.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_apiservices.yaml @@ -92,16 +92,8 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -142,12 +134,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_extensionentries.yaml b/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_extensionentries.yaml index 911c2c0f..1b7a7ed1 100644 --- a/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_extensionentries.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_extensionentries.yaml @@ -49,16 +49,8 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -99,12 +91,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_jsbundles.yaml b/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_jsbundles.yaml index d855274c..cb0840a9 100644 --- a/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_jsbundles.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_jsbundles.yaml @@ -3,7 +3,8 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: (unknown) + controller-gen.kubebuilder.io/version: (devel) + creationTimestamp: null name: jsbundles.extensions.kubesphere.io spec: group: extensions.kubesphere.io @@ -17,29 +18,119 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: |- - JSBundle declares a js bundle that needs to be injected into ks-console, - the endpoint can be provided by a service or a static file. + description: JSBundle declares a js bundle that needs to be injected into + ks-console, the endpoint can be provided by a service or a static file. properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: properties: + assets: + properties: + files: + items: + properties: + caBundle: + format: byte + type: string + insecureSkipVerify: + type: boolean + link: + type: string + mimeType: + description: Set the MIME Type of the file, if not specified, + it will be provided by the content-type response header + in the upstream service by default. + type: string + name: + type: string + service: + description: service is a reference to the service for this + endpoint. Either service or url must be specified. the + scheme is default to HTTPS. + properties: + name: + description: name is the name of the service. Required + type: string + namespace: + description: namespace is the namespace of the service. + Required + type: string + path: + description: path is an optional URL path at which the + upstream will be contacted. + type: string + port: + description: port is an optional service port at which + the upstream will be contacted. `port` should be a + valid port number (1-65535, inclusive). Defaults to + 443 for backward compatibility. + format: int32 + type: integer + required: + - name + - namespace + type: object + url: + description: '`url` gives the location of the upstream, + in standard URL form (`scheme://host:port/path`). Exactly + one of `url` or `service` must be specified.' + type: string + type: object + type: array + style: + properties: + caBundle: + format: byte + type: string + insecureSkipVerify: + type: boolean + link: + type: string + service: + description: service is a reference to the service for this + endpoint. Either service or url must be specified. the scheme + is default to HTTPS. + properties: + name: + description: name is the name of the service. Required + type: string + namespace: + description: namespace is the namespace of the service. + Required + type: string + path: + description: path is an optional URL path at which the + upstream will be contacted. + type: string + port: + description: port is an optional service port at which + the upstream will be contacted. `port` should be a valid + port number (1-65535, inclusive). Defaults to 443 for + backward compatibility. + format: int32 + type: integer + required: + - name + - namespace + type: object + url: + description: '`url` gives the location of the upstream, in + standard URL form (`scheme://host:port/path`). Exactly one + of `url` or `service` must be specified.' + type: string + type: object + type: object raw: format: byte type: string @@ -55,10 +146,8 @@ spec: description: The key to select. type: string name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string namespace: type: string @@ -81,10 +170,8 @@ spec: a valid secret key. type: string name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string namespace: type: string @@ -98,30 +185,25 @@ spec: type: object x-kubernetes-map-type: atomic service: - description: |- - service is a reference to the service for this endpoint. Either - service or url must be specified. - the scheme is default to HTTPS. + description: service is a reference to the service for this endpoint. + Either service or url must be specified. the scheme is default + to HTTPS. properties: name: - description: |- - name is the name of the service. - Required + description: name is the name of the service. Required type: string namespace: - description: |- - namespace is the namespace of the service. - Required + description: namespace is the namespace of the service. Required type: string path: description: path is an optional URL path at which the upstream will be contacted. type: string port: - description: |- - port is an optional service port at which the upstream will be contacted. - `port` should be a valid port number (1-65535, inclusive). - Defaults to 443 for backward compatibility. + description: port is an optional service port at which the + upstream will be contacted. `port` should be a valid port + number (1-65535, inclusive). Defaults to 443 for backward + compatibility. format: int32 type: integer required: @@ -129,10 +211,9 @@ spec: - namespace type: object url: - description: |- - `url` gives the location of the upstream, in standard URL form - (`scheme://host:port/path`). Exactly one of `url` or `service` - must be specified. + description: '`url` gives the location of the upstream, in standard + URL form (`scheme://host:port/path`). Exactly one of `url` or + `service` must be specified.' type: string type: object type: object @@ -141,42 +222,42 @@ spec: conditions: items: description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. format: date-time type: string message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. + description: message is a human readable message indicating + details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. format: int64 minimum: 0 type: integer reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -190,12 +271,11 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_reverseproxies.yaml b/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_reverseproxies.yaml index 1c01aae6..93ce2912 100644 --- a/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_reverseproxies.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/extensions.kubesphere.io_reverseproxies.yaml @@ -149,16 +149,8 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -199,12 +191,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_builtinroles.yaml b/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_builtinroles.yaml index de3c3733..7ad0009e 100644 --- a/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_builtinroles.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_builtinroles.yaml @@ -73,11 +73,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string diff --git a/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_clusterroles.yaml b/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_clusterroles.yaml index 490c6455..d564d42b 100644 --- a/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_clusterroles.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_clusterroles.yaml @@ -55,11 +55,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -109,6 +111,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic nonResourceURLs: description: |- NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path @@ -117,24 +120,28 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic resourceNames: description: ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. items: type: string type: array + x-kubernetes-list-type: atomic resources: description: Resources is a list of resources this rule applies to. '*' represents all resources. items: type: string type: array + x-kubernetes-list-type: atomic verbs: description: Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs. items: type: string type: array + x-kubernetes-list-type: atomic required: - verbs type: object diff --git a/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_globalroles.yaml b/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_globalroles.yaml index e63aebbd..4408e7aa 100644 --- a/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_globalroles.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_globalroles.yaml @@ -52,6 +52,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic nonResourceURLs: description: |- NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path @@ -60,24 +61,28 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic resourceNames: description: ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. items: type: string type: array + x-kubernetes-list-type: atomic resources: description: Resources is a list of resources this rule applies to. '*' represents all resources. items: type: string type: array + x-kubernetes-list-type: atomic verbs: description: Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs. items: type: string type: array + x-kubernetes-list-type: atomic required: - verbs type: object @@ -124,11 +129,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -178,6 +185,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic nonResourceURLs: description: |- NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path @@ -186,24 +194,28 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic resourceNames: description: ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. items: type: string type: array + x-kubernetes-list-type: atomic resources: description: Resources is a list of resources this rule applies to. '*' represents all resources. items: type: string type: array + x-kubernetes-list-type: atomic verbs: description: Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs. items: type: string type: array + x-kubernetes-list-type: atomic required: - verbs type: object diff --git a/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_roles.yaml b/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_roles.yaml index 53828ec3..1543728a 100644 --- a/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_roles.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_roles.yaml @@ -55,11 +55,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -109,6 +111,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic nonResourceURLs: description: |- NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path @@ -117,24 +120,28 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic resourceNames: description: ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. items: type: string type: array + x-kubernetes-list-type: atomic resources: description: Resources is a list of resources this rule applies to. '*' represents all resources. items: type: string type: array + x-kubernetes-list-type: atomic verbs: description: Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs. items: type: string type: array + x-kubernetes-list-type: atomic required: - verbs type: object diff --git a/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_roletemplates.yaml b/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_roletemplates.yaml index 3b8bd6bf..11e51ab2 100644 --- a/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_roletemplates.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_roletemplates.yaml @@ -64,6 +64,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic nonResourceURLs: description: |- NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path @@ -72,6 +73,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic resourceNames: description: ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything @@ -79,18 +81,21 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic resources: description: Resources is a list of resources this rule applies to. '*' represents all resources. items: type: string type: array + x-kubernetes-list-type: atomic verbs: description: Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs. items: type: string type: array + x-kubernetes-list-type: atomic required: - verbs type: object diff --git a/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_workspaceroles.yaml b/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_workspaceroles.yaml index 1ab93a65..c511fae5 100644 --- a/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_workspaceroles.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/iam.kubesphere.io_workspaceroles.yaml @@ -59,6 +59,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic nonResourceURLs: description: |- NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path @@ -67,24 +68,28 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic resourceNames: description: ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. items: type: string type: array + x-kubernetes-list-type: atomic resources: description: Resources is a list of resources this rule applies to. '*' represents all resources. items: type: string type: array + x-kubernetes-list-type: atomic verbs: description: Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs. items: type: string type: array + x-kubernetes-list-type: atomic required: - verbs type: object @@ -139,11 +144,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -193,6 +200,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic nonResourceURLs: description: |- NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path @@ -201,24 +209,28 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic resourceNames: description: ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. items: type: string type: array + x-kubernetes-list-type: atomic resources: description: Resources is a list of resources this rule applies to. '*' represents all resources. items: type: string type: array + x-kubernetes-list-type: atomic verbs: description: Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs. items: type: string type: array + x-kubernetes-list-type: atomic required: - verbs type: object diff --git a/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_extensions.yaml b/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_extensions.yaml index 715bc687..f130e444 100644 --- a/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_extensions.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_extensions.yaml @@ -86,18 +86,8 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -139,12 +129,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -187,16 +172,8 @@ spec: type: object conditions: items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -237,12 +214,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_extensionversions.yaml b/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_extensionversions.yaml index 0ca41e9f..f64c6c59 100644 --- a/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_extensionversions.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_extensionversions.yaml @@ -51,10 +51,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string namespace: type: string diff --git a/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_installplans.yaml b/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_installplans.yaml index af0eb32f..967afb20 100644 --- a/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_installplans.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_installplans.yaml @@ -84,11 +84,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -134,18 +136,8 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -187,12 +179,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -235,16 +222,8 @@ spec: type: object conditions: items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -285,12 +264,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_repositories.yaml b/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_repositories.yaml index ddbff7cf..b2c43fd2 100644 --- a/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_repositories.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_repositories.yaml @@ -53,6 +53,10 @@ spec: description: The caBundle (base64 string) is used in helmExecutor to verify the helm server. type: string + depth: + description: The number of synchronized versions of each extension. + 0 means synchronized all versions, default is 3. + type: integer description: type: string image: diff --git a/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_serviceaccounts.yaml b/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_serviceaccounts.yaml index 6ee1b119..38b8a2df 100644 --- a/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_serviceaccounts.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/kubesphere.io_serviceaccounts.yaml @@ -37,24 +37,8 @@ spec: type: object secrets: items: - description: |- - ObjectReference contains enough information to let you inspect or modify the referred object. - --- - New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. - 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. - 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular - restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". - Those cannot be well described when embedded. - 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. - 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity - during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple - and the version of the actual struct is irrelevant. - 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type - will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. - - - Instead of using this type, create a locally provided and used type that is well-focused on your reference. - For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . + description: ObjectReference contains enough information to let you + inspect or modify the referred object. properties: apiVersion: description: API version of the referent. @@ -68,7 +52,6 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. - TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- diff --git a/src/test/ks-core/charts/ks-crds/crds/quota.kubesphere.io_resourcequotas.yaml b/src/test/ks-core/charts/ks-crds/crds/quota.kubesphere.io_resourcequotas.yaml index f449387c..1fdc986d 100644 --- a/src/test/ks-core/charts/ks-crds/crds/quota.kubesphere.io_resourcequotas.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/quota.kubesphere.io_resourcequotas.yaml @@ -88,11 +88,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - operator - scopeName type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic scopes: @@ -104,6 +106,7 @@ spec: match each object tracked by a quota type: string type: array + x-kubernetes-list-type: atomic type: object selector: additionalProperties: diff --git a/src/test/ks-core/charts/ks-crds/crds/tenant.kubesphere.io_workspacetemplates.yaml b/src/test/ks-core/charts/ks-crds/crds/tenant.kubesphere.io_workspacetemplates.yaml index 05b8af36..0efdf458 100644 --- a/src/test/ks-core/charts/ks-crds/crds/tenant.kubesphere.io_workspacetemplates.yaml +++ b/src/test/ks-core/charts/ks-crds/crds/tenant.kubesphere.io_workspacetemplates.yaml @@ -97,11 +97,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -201,11 +203,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string diff --git a/src/test/ks-core/templates/extension-museum.yaml b/src/test/ks-core/templates/extension-museum.yaml index 82aca08c..b6c2a5c6 100644 --- a/src/test/ks-core/templates/extension-museum.yaml +++ b/src/test/ks-core/templates/extension-museum.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ksExtensionRepository.enabled }} +{{- if and (eq (include "role" .) "host") .Values.ksExtensionRepository.enabled }} {{- $ca := genCA "self-signed-ca" 3650 }} {{- $cn := printf "%s-extensions-museum" .Release.Name }} diff --git a/src/test/ks-core/templates/kubesphere-config.yaml b/src/test/ks-core/templates/kubesphere-config.yaml index e29deace..af350f86 100644 --- a/src/test/ks-core/templates/kubesphere-config.yaml +++ b/src/test/ks-core/templates/kubesphere-config.yaml @@ -1,3 +1,8 @@ +{{- if ne .Release.Namespace "kubesphere-system" }} +{{- fail "This Helm release must be installed in the 'kubesphere-system' namespace." }} +{{- end }} + +--- apiVersion: v1 kind: ConfigMap metadata: @@ -46,6 +51,9 @@ data: {{- if .Values.helmExecutor.resources }} resources: {{- toYaml .Values.helmExecutor.resources | nindent 8 }} {{- end }} + {{- if .Values.helmExecutor.affinity }} + affinity: {{- toYaml .Values.helmExecutor.affinity | nindent 8 }} + {{- end }} extension: imageRegistry: {{ default .Values.extension.imageRegistry "" | quote }} {{- if .Values.extension.nodeSelector }} @@ -69,11 +77,7 @@ data: appSelector: {{ .Values.composedApp.appSelector | quote }} kubesphere: tls: {{ .Values.internalTLS }} - {{- if and .Values.telemetry.enabled (eq (include "role" .) "host") }} - telemetry: - ksCloudURL: "https://kubesphere.cloud" - {{- end }} - {{- if .Values.ha.enabled -}} + {{- if and (eq (include "role" .) "host") .Values.ha.enabled -}} {{- if .Values.ha.cache }} cache: {{- toYaml .Values.ha.cache | nindent 6}} {{- else }} diff --git a/src/test/ks-core/templates/platformconfig-telemetry.yaml b/src/test/ks-core/templates/platformconfig-telemetry.yaml new file mode 100644 index 00000000..05833aae --- /dev/null +++ b/src/test/ks-core/templates/platformconfig-telemetry.yaml @@ -0,0 +1,12 @@ +{{ if eq (include "role" .) "host" }} +apiVersion: v1 +kind: Secret +metadata: + name: io.kubesphere.config.platformconfig.telemetry + namespace: {{ .Release.Namespace | quote }} +type: config.kubesphere.io/platformconfig +stringData: + configuration.yaml: | + enabled: true + ksCloudURL: "https://kubesphere.cloud" +{{- end }} \ No newline at end of file diff --git a/src/test/ks-core/templates/redis.yaml b/src/test/ks-core/templates/redis.yaml index a77753aa..61348f01 100644 --- a/src/test/ks-core/templates/redis.yaml +++ b/src/test/ks-core/templates/redis.yaml @@ -1,15 +1,20 @@ +{{- if eq (include "role" .) "host" }} {{- if and .Values.ha.enabled (not .Values.ha.cache) }} {{- if lookup "v1" "Secret" "kubesphere-system" "redis-secret" }} {{- lookup "v1" "Secret" "kubesphere-system" "redis-secret" | toYaml }} {{- else }} +{{- $auth := randAlphaNum 15 }} apiVersion: v1 kind: Secret metadata: name: redis-secret - namespace: kubesphere-system type: Opaque -data: - auth: {{ randAlphaNum 15 | b64enc }} +stringData: + auth: {{ $auth | quote }} + redis.conf: | + requirepass {{ $auth }} + masterauth {{ $auth }} + port {{ .Values.redis.port | default 6379 }} {{- end }} {{- end }} @@ -20,27 +25,21 @@ kind: Deployment metadata: labels: app: redis - tier: database - version: redis-4.0 name: redis - namespace: kubesphere-system spec: replicas: {{ .Values.redis.replicaCount }} selector: matchLabels: app: redis - tier: database template: metadata: labels: app: redis - tier: database - version: redis-4.0 spec: containers: - image: {{ template "redis.image" . }} imagePullPolicy: {{ .Values.redis.image.pullPolicy }} - command: ['sh', '-c', 'cat /tmp/redis/redis.conf | sed "s/REDIS_PASSWORD/$KUBESPHERE_CACHE_OPTIONS_PASSWORD/" > /data/redis.conf | redis-server /data/redis.conf'] + command: ['sh', '-c', 'redis-server /etc/redis/redis.conf'] name: redis args: ["/data/redis.conf"] env: @@ -51,7 +50,8 @@ spec: key: auth volumeMounts: - name: redis-config - mountPath: "/tmp/redis" + mountPath: "/etc/redis/redis.conf" + subPath: redis.conf readOnly: true {{- if .Values.redis.persistentVolume.enabled }} - mountPath: /data @@ -70,8 +70,8 @@ spec: memory: 100Mi volumes: - name: redis-config - configMap: - name: redis-configmap + secret: + secretName: redis-secret {{- if .Values.redis.persistentVolume.enabled }} - name: redis-pvc persistentVolumeClaim: @@ -94,20 +94,6 @@ spec: {{- if .Values.tolerations }} tolerations: {{- toYaml .Values.tolerations | nindent 8 }}{{- end }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: redis-configmap - labels: - app: redis - tier: database - version: redis-4.0 -data: - redis.conf: | - requirepass REDIS_PASSWORD - masterauth REDIS_PASSWORD - port {{ .Values.redis.port | default 6379 }} --- apiVersion: v1 @@ -115,9 +101,7 @@ kind: Service metadata: labels: app: redis - tier: database name: redis - namespace: kubesphere-system spec: ports: - name: redis @@ -126,7 +110,6 @@ spec: targetPort: {{ .Values.redis.port | default 6379 }} selector: app: redis - tier: database sessionAffinity: None type: ClusterIP @@ -136,7 +119,6 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: name: redis-pvc - namespace: kubesphere-system spec: accessModes: - ReadWriteOnce @@ -146,3 +128,4 @@ spec: {{- end }} {{- end }} +{{- end }} \ No newline at end of file diff --git a/src/test/ks-core/templates/roletemplates.yaml b/src/test/ks-core/templates/roletemplates.yaml index 93a6031f..f1bcb67e 100644 --- a/src/test/ks-core/templates/roletemplates.yaml +++ b/src/test/ks-core/templates/roletemplates.yaml @@ -1565,6 +1565,64 @@ spec: --- apiVersion: iam.kubesphere.io/v1beta1 kind: RoleTemplate +metadata: + annotations: + iam.kubesphere.io/role-template-rules: '{"workloadtemplates": "view"}' + labels: + iam.kubesphere.io/aggregate-to-operator: "" + iam.kubesphere.io/aggregate-to-viewer: "" + iam.kubesphere.io/aggregate-to-regular: "" + iam.kubesphere.io/category: namespace-configuration-management + iam.kubesphere.io/scope: "namespace" + kubesphere.io/managed: "true" + name: namespace-view-workloadtemplates +spec: + description: + en: 'View workloadtemplates in the project.' + zh: '查看项目中的工作负载模板。' + displayName: + en: WorkloadTemplate Viewing + zh: '工作负载模板查看' + rules: + - apiGroups: + - 'workloadtemplate.kubesphere.io' + resources: + - "*" + verbs: + - get + - list + - watch + +--- +apiVersion: iam.kubesphere.io/v1beta1 +kind: RoleTemplate +metadata: + annotations: + iam.kubesphere.io/dependencies: '["namespace-view-workloadtemplates"]' + iam.kubesphere.io/role-template-rules: '{"workloadtemplates": "manage"}' + labels: + iam.kubesphere.io/aggregate-to-operator: "" + iam.kubesphere.io/category: namespace-configuration-management + iam.kubesphere.io/scope: "namespace" + kubesphere.io/managed: "true" + name: namespace-manage-workloadtemplates +spec: + description: + en: 'Create, edit, and delete workloadtemplates in the project.' + zh: '创建、编辑和删除项目中的工作负载模板。' + displayName: + en: WorkloadTemplate Management + zh: '工作负载模板管理' + rules: + - apiGroups: + - 'workloadtemplate.kubesphere.io' + resources: + - "*" + verbs: + - '*' +--- +apiVersion: iam.kubesphere.io/v1beta1 +kind: RoleTemplate metadata: annotations: iam.kubesphere.io/role-template-rules: '{"secrets": "view"}' @@ -1789,6 +1847,7 @@ metadata: iam.kubesphere.io/scope: workspace kubesphere.io/managed: "true" iam.kubesphere.io/aggregate-to-viewer: "" + iam.kubesphere.io/aggregate-to-regular: "" name: workspace-view-app-repos spec: description: diff --git a/src/test/ks-core/values.yaml b/src/test/ks-core/values.yaml index b23e935b..3c2c131a 100644 --- a/src/test/ks-core/values.yaml +++ b/src/test/ks-core/values.yaml @@ -2,7 +2,7 @@ ## @param global.tag Global Docker image tag global: imageRegistry: docker.io - tag: v4.1.2 + tag: v4.1.1 imagePullSecrets: [] ## @param nameOverride String to partially override common.names.fullname @@ -278,6 +278,17 @@ helmExecutor: requests: cpu: 100m memory: 100Mi + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app: ks-controller-manager + topologyKey: "kubernetes.io/hostname" + namespaces: + - kubesphere-system composedApp: # Selector to filter k8s applications to reconcile