From ace9c1372aa0f2f55929c5307a6aca290df5b9f3 Mon Sep 17 00:00:00 2001 From: Charly Molter Date: Tue, 12 Sep 2023 13:34:47 +0200 Subject: [PATCH] fix(install): use bitnami/kubectl image for helm hooks (#7656) also remove tools/kubectl Fix #6326 Signed-off-by: Charly Molter --- .../install-control-plane.dump-values.yaml | 8 ++--- deployments/charts/kuma/README.md | 6 ++-- .../charts/kuma/templates/_helpers.tpl | 14 -------- .../kuma/templates/pre-delete-webhooks.yaml | 2 +- .../pre-install-patch-namespace-job.yaml | 2 +- .../pre-upgrade-install-crds-job.yaml | 2 +- deployments/charts/kuma/values.yaml | 8 ++--- docs/generated/raw/helm-values.yaml | 8 ++--- mk/k3d.mk | 8 ++--- tools/kubectl/Dockerfile | 12 ------- tools/kubectl/README.md | 17 ---------- tools/kubectl/docker-build-and-publish.sh | 33 ------------------- 12 files changed, 19 insertions(+), 101 deletions(-) delete mode 100644 tools/kubectl/Dockerfile delete mode 100644 tools/kubectl/README.md delete mode 100755 tools/kubectl/docker-build-and-publish.sh diff --git a/app/kumactl/cmd/install/testdata/install-control-plane.dump-values.yaml b/app/kumactl/cmd/install/testdata/install-control-plane.dump-values.yaml index 0e614861d7cb..426fc8fbda9e 100644 --- a/app/kumactl/cmd/install/testdata/install-control-plane.dump-values.yaml +++ b/app/kumactl/cmd/install/testdata/install-control-plane.dump-values.yaml @@ -606,15 +606,13 @@ kumactl: tag: kubectl: - # kuma image that support v1.20.15 image */ } } - # see: https://hub.docker.com/r/kumahq/kubectl */ } } image: # -- The kubectl image registry - registry: kumahq + registry: docker.io # -- The kubectl image repository - repository: kubectl + repository: bitnami/kubectl # -- The kubectl image tag - tag: "v1.20.15" + tag: "1.27.5" hooks: # -- Node selector for the HELM hooks nodeSelector: diff --git a/deployments/charts/kuma/README.md b/deployments/charts/kuma/README.md index d709e61cb391..50fb62eefe01 100644 --- a/deployments/charts/kuma/README.md +++ b/deployments/charts/kuma/README.md @@ -174,9 +174,9 @@ A Helm chart for the Kuma Control Plane | egress.containerSecurityContext | object | `{"readOnlyRootFilesystem":true}` | Security context at the container level for egress | | kumactl.image.repository | string | `"kumactl"` | The kumactl image repository | | kumactl.image.tag | string | `nil` | The kumactl image tag. When not specified, the value is copied from global.tag | -| kubectl.image.registry | string | `"kumahq"` | The kubectl image registry | -| kubectl.image.repository | string | `"kubectl"` | The kubectl image repository | -| kubectl.image.tag | string | `"v1.20.15"` | The kubectl image tag | +| kubectl.image.registry | string | `"docker.io"` | The kubectl image registry | +| kubectl.image.repository | string | `"bitnami/kubectl"` | The kubectl image repository | +| kubectl.image.tag | string | `"1.27.5"` | The kubectl image tag | | hooks.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node selector for the HELM hooks | | hooks.tolerations | list | `[]` | Tolerations for the HELM hooks | | hooks.podSecurityContext | object | `{"runAsNonRoot":true}` | Security context at the pod level for crd/webhook/ns | diff --git a/deployments/charts/kuma/templates/_helpers.tpl b/deployments/charts/kuma/templates/_helpers.tpl index 9b40b01dd4f0..06c06d9cbdcb 100644 --- a/deployments/charts/kuma/templates/_helpers.tpl +++ b/deployments/charts/kuma/templates/_helpers.tpl @@ -372,17 +372,3 @@ env: {{- end }} {{- end }} {{- end }} - -{{/* -params: { image: { registry?, repository, tag? }, root: $ } -returns: formatted image string -*/}} -{{- define "kubectl.formatImage" -}} -{{- $img := .image }} -{{- $tag := .tag }} -{{- $root := .root }} -{{- $registry := ($img.registry | default $root.Values.kubectl.image.registry) -}} -{{- $repo := ($img.repository | default $root.Values.kubectl.image.repository) -}} -{{- $imageTag := ($tag | default $root.Values.kubectl.image.tag) -}} -{{- printf "%s/%s:%s" $registry $repo $imageTag -}} -{{- end -}} diff --git a/deployments/charts/kuma/templates/pre-delete-webhooks.yaml b/deployments/charts/kuma/templates/pre-delete-webhooks.yaml index 0bc07be8e27f..928b7b2ee0b2 100644 --- a/deployments/charts/kuma/templates/pre-delete-webhooks.yaml +++ b/deployments/charts/kuma/templates/pre-delete-webhooks.yaml @@ -90,7 +90,7 @@ spec: {{- toYaml .Values.hooks.podSecurityContext | trim | nindent 8 }} containers: - name: pre-delete-job - image: {{ include "kubectl.formatImage" (dict "image" .Values.kubectl.image "root" $) | quote }} + image: "{{ .Values.kubectl.image.registry }}/{{ .Values.kubectl.image.repository }}:{{ .Values.kubectl.image.tag }}" command: - 'kubectl' - 'delete' diff --git a/deployments/charts/kuma/templates/pre-install-patch-namespace-job.yaml b/deployments/charts/kuma/templates/pre-install-patch-namespace-job.yaml index 87bcfd0ebefa..c7e492859f49 100644 --- a/deployments/charts/kuma/templates/pre-install-patch-namespace-job.yaml +++ b/deployments/charts/kuma/templates/pre-install-patch-namespace-job.yaml @@ -90,7 +90,7 @@ spec: {{- toYaml .Values.hooks.podSecurityContext | trim | nindent 8 }} containers: - name: pre-install-job - image: {{ include "kubectl.formatImage" (dict "image" .Values.kubectl.image "root" $) | quote }} + image: "{{ .Values.kubectl.image.registry }}/{{ .Values.kubectl.image.repository }}:{{ .Values.kubectl.image.tag }}" securityContext: {{- toYaml (mergeOverwrite (dict "runAsUser" 65534) .Values.hooks.containerSecurityContext) | trim | nindent 12 }} resources: diff --git a/deployments/charts/kuma/templates/pre-upgrade-install-crds-job.yaml b/deployments/charts/kuma/templates/pre-upgrade-install-crds-job.yaml index 162ee5e37845..89751b4c8296 100644 --- a/deployments/charts/kuma/templates/pre-upgrade-install-crds-job.yaml +++ b/deployments/charts/kuma/templates/pre-upgrade-install-crds-job.yaml @@ -123,7 +123,7 @@ spec: {{- toYaml .Values.hooks.podSecurityContext | trim | nindent 8 }} containers: - name: pre-upgrade-job - image: {{ include "kubectl.formatImage" (dict "image" .Values.kubectl.image "root" $) | quote }} + image: "{{ .Values.kubectl.image.registry }}/{{ .Values.kubectl.image.repository }}:{{ .Values.kubectl.image.tag }}" securityContext: {{- toYaml (mergeOverwrite (dict "runAsUser" 65534) .Values.hooks.containerSecurityContext) | trim | nindent 12 }} resources: diff --git a/deployments/charts/kuma/values.yaml b/deployments/charts/kuma/values.yaml index 0e614861d7cb..426fc8fbda9e 100644 --- a/deployments/charts/kuma/values.yaml +++ b/deployments/charts/kuma/values.yaml @@ -606,15 +606,13 @@ kumactl: tag: kubectl: - # kuma image that support v1.20.15 image */ } } - # see: https://hub.docker.com/r/kumahq/kubectl */ } } image: # -- The kubectl image registry - registry: kumahq + registry: docker.io # -- The kubectl image repository - repository: kubectl + repository: bitnami/kubectl # -- The kubectl image tag - tag: "v1.20.15" + tag: "1.27.5" hooks: # -- Node selector for the HELM hooks nodeSelector: diff --git a/docs/generated/raw/helm-values.yaml b/docs/generated/raw/helm-values.yaml index 0e614861d7cb..426fc8fbda9e 100644 --- a/docs/generated/raw/helm-values.yaml +++ b/docs/generated/raw/helm-values.yaml @@ -606,15 +606,13 @@ kumactl: tag: kubectl: - # kuma image that support v1.20.15 image */ } } - # see: https://hub.docker.com/r/kumahq/kubectl */ } } image: # -- The kubectl image registry - registry: kumahq + registry: docker.io # -- The kubectl image repository - repository: kubectl + repository: bitnami/kubectl # -- The kubectl image tag - tag: "v1.20.15" + tag: "1.27.5" hooks: # -- Node selector for the HELM hooks nodeSelector: diff --git a/mk/k3d.mk b/mk/k3d.mk index 6bee8c1a02e2..2839ea091024 100644 --- a/mk/k3d.mk +++ b/mk/k3d.mk @@ -147,11 +147,11 @@ k3d/deploy/kuma: build/kumactl k3d/load .PHONY: k3d/deploy/helm k3d/deploy/helm: k3d/load - @KUBECONFIG=$(KIND_KUBECONFIG) $(KUBECTL) delete namespace $(KUMA_NAMESPACE) | true - @KUBECONFIG=$(KIND_KUBECONFIG) $(KUBECTL) create namespace $(KUMA_NAMESPACE) - @KUBECONFIG=$(KIND_KUBECONFIG) helm install --namespace $(KUMA_NAMESPACE) \ + KUBECONFIG=$(KIND_KUBECONFIG) $(KUBECTL) delete namespace $(KUMA_NAMESPACE) --wait | true + KUBECONFIG=$(KIND_KUBECONFIG) $(KUBECTL) create namespace $(KUMA_NAMESPACE) + KUBECONFIG=$(KIND_KUBECONFIG) helm upgrade --install --namespace $(KUMA_NAMESPACE) \ --set global.image.registry="$(DOCKER_REGISTRY)" \ - --set global.image.tag="$(BUILD_INFO_VERSION)-${GOARCH}" \ + --set global.image.tag="$(BUILD_INFO_VERSION)" \ --set cni.enabled=true \ --set cni.chained=true \ --set cni.netDir=/var/lib/rancher/k3s/agent/etc/cni/net.d/ \ diff --git a/tools/kubectl/Dockerfile b/tools/kubectl/Dockerfile deleted file mode 100644 index 5316de9141ae..000000000000 --- a/tools/kubectl/Dockerfile +++ /dev/null @@ -1,12 +0,0 @@ -ARG BASE_IMAGE=alpine:latest -FROM ${BASE_IMAGE} -ARG ARCH -ARG KUBERNETES_RELEASE -RUN set -x \ - && wget -q -O /bin/kubectl https://storage.googleapis.com/kubernetes-release/release/${KUBERNETES_RELEASE}/bin/linux/${ARCH}/kubectl \ - && chmod +x /bin/kubectl - -USER 65534 - -ENTRYPOINT ["kubectl"] -CMD ["--help"] diff --git a/tools/kubectl/README.md b/tools/kubectl/README.md deleted file mode 100644 index e26e2f045562..000000000000 --- a/tools/kubectl/README.md +++ /dev/null @@ -1,17 +0,0 @@ -# kubectl - -Kubectl image based on alpine image. Contains default tools: sh, wget, ... - -## Build - -```bash -docker build --build-arg ARCH=amd64 --build-arg BASE_IMAGE=amd64/alpine:latest --tag kumahq/kubectl . -``` - -```bash -docker build --build-arg ARCH=arm64 --build-arg BASE_IMAGE=arm64v8/alpine:latest --tag kumahq/kubectl . -``` - -## How to push? - -Run `./docker-build-and-publish.sh` with parameter which is equal to kubernetes version that you want to release for. diff --git a/tools/kubectl/docker-build-and-publish.sh b/tools/kubectl/docker-build-and-publish.sh deleted file mode 100755 index 32fabd228c5f..000000000000 --- a/tools/kubectl/docker-build-and-publish.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/sh - -set -e - -: "${KUBERNETES_RELEASE:?must be set!}" - -build_docker_image(){ - docker build --build-arg ARCH="${1?required}" \ - --build-arg BASE_IMAGE="${2?required}" \ - --build-arg KUBERNETES_RELEASE="${3?required}" \ - --platform linux/"${1}" \ - --tag kumahq/kubectl:"${3}-${1}" . - docker image push kumahq/kubectl:"${3}-${1}" -} - -echo "Building docker image for amd64 and kubernetes ${KUBERNETES_RELEASE}" -build_docker_image amd64 amd64/alpine:latest "${KUBERNETES_RELEASE}" . -echo "Building docker image for arm64 and kubernetes ${KUBERNETES_RELEASE}" -build_docker_image arm64 arm64v8/alpine:latest "${KUBERNETES_RELEASE}" . -echo "Building docker image for arm and kubernetes ${KUBERNETES_RELEASE}" -build_docker_image arm arm32v7/alpine:latest "${KUBERNETES_RELEASE}" . - -docker manifest create "kumahq/kubectl:$KUBERNETES_RELEASE" \ - --amend "kumahq/kubectl:${KUBERNETES_RELEASE}-amd64" \ - --amend "kumahq/kubectl:${KUBERNETES_RELEASE}-arm64" \ - --amend "kumahq/kubectl:${KUBERNETES_RELEASE}-arm" - -docker manifest annotate "kumahq/kubectl:$KUBERNETES_RELEASE" "kumahq/kubectl:$KUBERNETES_RELEASE-arm64" --os linux --arch arm64 -docker manifest annotate "kumahq/kubectl:$KUBERNETES_RELEASE" "kumahq/kubectl:$KUBERNETES_RELEASE-amd64" --os linux --arch amd64 -docker manifest annotate "kumahq/kubectl:$KUBERNETES_RELEASE" "kumahq/kubectl:$KUBERNETES_RELEASE-arm" --os linux --arch arm - -echo "Publishing manifest" -docker manifest push "kumahq/kubectl:$KUBERNETES_RELEASE"