From 297d59641f2b341c871effbecba72c9a0d788d38 Mon Sep 17 00:00:00 2001 From: Juan Manuel Perez Date: Thu, 5 Sep 2024 10:31:43 +0200 Subject: [PATCH] Add cluster version probe on installation time --- .github/workflows/lint_test_charts.yaml | 17 +++++++++----- charts/super-agent/Chart.lock | 6 ++--- charts/super-agent/Chart.yaml | 10 ++++---- charts/super-agent/README.md | 9 ++++---- charts/super-agent/templates/_helpers.tpl | 10 ++++++++ .../templates/capabilities-tester.yaml | 1 + .../tests/cluster_capabilities_test.yaml | 23 +++++++++++++++++++ charts/super-agent/tests/placeholder | 1 - charts/super-agent/values.yaml | 11 +++++++++ 9 files changed, 69 insertions(+), 19 deletions(-) create mode 100644 charts/super-agent/templates/_helpers.tpl create mode 100644 charts/super-agent/templates/capabilities-tester.yaml create mode 100644 charts/super-agent/tests/cluster_capabilities_test.yaml delete mode 100644 charts/super-agent/tests/placeholder diff --git a/.github/workflows/lint_test_charts.yaml b/.github/workflows/lint_test_charts.yaml index 76ff8accb..61abd62ae 100644 --- a/.github/workflows/lint_test_charts.yaml +++ b/.github/workflows/lint_test_charts.yaml @@ -2,6 +2,11 @@ name: Lint and Test Charts on: pull_request +env: + MINIKUBE_VERSION: v1.33.1 + KUBERNETES_VERSION: v1.28.11 + HELM_VERSION: v3.14.4 + jobs: codespell: name: Check spelling @@ -32,7 +37,7 @@ jobs: - uses: helm/chart-testing-action@v2.6.1 - uses: azure/setup-helm@v4 with: - version: 'v3.0.0' + version: ${{ env.HELM_VERSION }} - name: Set up helm-unittest run: helm plugin install https://github.com/helm-unittest/helm-unittest @@ -76,13 +81,13 @@ jobs: - uses: helm/chart-testing-action@v2.6.1 - uses: azure/setup-helm@v4 with: - version: 'v3.0.0' + version: ${{ env.HELM_VERSION }} - name: Install Minikube uses: manusa/actions-setup-minikube@v2.11.0 with: - minikube version: v1.33.1 - kubernetes version: v1.28.11 + minikube version: ${{ env.MINIKUBE_VERSION }} + kubernetes version: ${{ env.KUBERNETES_VERSION }} github token: ${{ secrets.GITHUB_TOKEN }} driver: docker start args: "--container-runtime=containerd" @@ -109,7 +114,7 @@ jobs: - uses: actions/checkout@v4 - uses: azure/setup-helm@v4 with: - version: 'v3.0.0' + version: ${{ env.HELM_VERSION }} - name: Add helm repositories run: | @@ -157,7 +162,7 @@ jobs: - uses: actions/checkout@v4 - uses: azure/setup-helm@v4 with: - version: 'v3.0.0' + version: ${{ env.HELM_VERSION }} - name: Add helm repositories run: | diff --git a/charts/super-agent/Chart.lock b/charts/super-agent/Chart.lock index d1fad8d71..877f47ffe 100644 --- a/charts/super-agent/Chart.lock +++ b/charts/super-agent/Chart.lock @@ -4,9 +4,9 @@ dependencies: version: 2.13.0 - name: super-agent-deployment repository: "" - version: 0.0.22-beta + version: 0.0.23-beta - name: common-library repository: https://helm-charts.newrelic.com version: 1.2.0 -digest: sha256:b2770b12c9ff3f93eebbc745645f4026cf9b899b1fabc614b298a61dc4b4c9ed -generated: "2024-08-01T10:11:46.199593+02:00" +digest: sha256:2d08c8a6be0be9f173c1ddd88fc992e80515e7cc2cb6bb7f93922c4ec96be7c9 +generated: "2024-09-05T10:26:06.93056+02:00" diff --git a/charts/super-agent/Chart.yaml b/charts/super-agent/Chart.yaml index 46835a9e4..8060dbd7c 100644 --- a/charts/super-agent/Chart.yaml +++ b/charts/super-agent/Chart.yaml @@ -3,7 +3,11 @@ name: super-agent description: Bootstraps New Relic' Super Agent type: application -version: 0.0.18-beta +version: 0.0.19-beta + +# TODO: Can we set renovatebot here with a regex? +# Ref: https://github.com/fluxcd/flux2/blob/cc87ffd66e243fb85fc275792fa3708e44048048/cmd/flux/check.go#L62-L64 +kubeVersion: ">=1.28.0-0" dependencies: - name: flux2 @@ -11,7 +15,7 @@ dependencies: version: 2.13.0 condition: flux2.enabled - name: super-agent-deployment - version: 0.0.22-beta + version: 0.0.23-beta condition: super-agent-deployment.enabled # The following dependency is needed as sub-dependency of super-agent-deployment - name: common-library @@ -25,8 +29,6 @@ keywords: maintainers: - name: sigilioso url: https://github.com/sigilioso - - name: gsanchezgavier - url: https://github.com/gsanchezgavier - name: kang-makes url: https://github.com/kang-makes - name: paologallinaharbur diff --git a/charts/super-agent/README.md b/charts/super-agent/README.md index 05f84c58a..66419dd75 100644 --- a/charts/super-agent/README.md +++ b/charts/super-agent/README.md @@ -37,6 +37,7 @@ As of the creation of the chart, it has no particularities and this section can | Key | Type | Default | Description | |-----|------|---------|-------------| +| experimental | object | See `values.yaml` | Set of experimental configurations for super-agent chart. | | flux2 | object | See `values.yaml` | Values for the Flux chat. Ref.: https://github.com/fluxcd-community/helm-charts/blob/flux2-2.10.2/charts/flux2/values.yaml | | flux2.clusterDomain | string | `"cluster.local"` | This is the domain name of the cluster. | | flux2.enabled | bool | `true` | Enable or disable FluxCD installation. New Relic' Super Agent need Flux to work, but the user can use an already existing Flux deployment. With that use case, the use can disable Flux and use this chart to only install the CRs to deploy the Super Agent. | @@ -49,9 +50,9 @@ As of the creation of the chart, it has no particularities and this section can | nameOverride | string | `""` | Override the name of the chart | | super-agent-deployment | object | See `values.yaml` | Values related to the super agent's Helm chart release. | | super-agent-deployment.affinity | object | `{}` | Sets pod/node affinities. Can be configured also with `global.affinity` | -| super-agent-deployment.authSecret | object | `{"create":false}` | Settings controlling authentication secret creation. If `create` is true, a Kubernetes secret will be created containing a key named `auth_key`. This secret will be mounted in the deployment pod at the path `/etc/newrelic-super-agent/auth_key` for authentication purposes. | | super-agent-deployment.cleanupManagedResources | bool | `true` | Enable the cleanup of super-agent managed resources when the chart is uninstalled. If disabled, agents and / or agent configurations managed by the super-agent will not be deleted when the chart is uninstalled. | | super-agent-deployment.cluster | string | `""` | TODO: Name of the Kubernetes cluster monitored. Can be configured also with `global.cluster`. | +| super-agent-deployment.config.subAgents | object | See `values.yaml` for examples | Values that the fleet is going to have in the deployment. | | super-agent-deployment.config.superAgent | object | See `values.yaml` | Configuration for the Super Agent. | | super-agent-deployment.config.superAgent.content | object | See `values.yaml` for examples | Here you can set New Relic' Super Agent configuration. | | super-agent-deployment.config.superAgent.content.server | object | `{"enabled":true}` | And query it as `$ curl localhost:51200/status` | @@ -62,6 +63,7 @@ As of the creation of the chart, it has no particularities and this section can | super-agent-deployment.customSecretName | string | `""` | TODO: In case you don't want to have the license key in you values, this allows you to point to a user created secret to get the key from there. Can be configured also with `global.customSecretName` | | super-agent-deployment.dnsConfig | object | `{}` | Sets pod's dnsConfig. Can be configured also with `global.dnsConfig` | | super-agent-deployment.enabled | bool | `true` | Enable the installation of the Super Agent. This an advanced/debug flag. It should be always be true unless you know what you are going. | +| super-agent-deployment.euEndpoints | bool | `false` | Changes default endpoint to point to EU backend. | | super-agent-deployment.extraEnv | list | `[]` | Add user environment variables to the agent | | super-agent-deployment.extraEnvFrom | list | `[]` | Add user environment from configMaps or secrets as variables to the agent | | super-agent-deployment.extraVolumeMounts | list | `[]` | Defines where to mount volumes specified with `extraVolumes` | @@ -73,7 +75,7 @@ As of the creation of the chart, it has no particularities and this section can | super-agent-deployment.labels | object | `{}` | Additional labels for chart objects. Can be configured also with `global.labels` | | super-agent-deployment.licenseKey | string | `""` | TODO: This set this license key to use. Can be configured also with `global.licenseKey` | | super-agent-deployment.nodeSelector | object | `{}` | Sets pod's node selector. Can be configured also with `global.nodeSelector` | -| super-agent-deployment.nrStaging | bool | `false` | Send the metrics to the staging backend. Requires a valid staging license key. Can be configured also with `global.nrStaging` When enabled, in case `authSecret.create` is set to `true`, OpAMP `endpoint` and auth `token_url` need to be updated. | +| super-agent-deployment.nrStaging | bool | `false` | Send the metrics to the staging backend. Requires a valid staging license key. Can be configured also with `global.nrStaging` | | super-agent-deployment.podAnnotations | object | `{}` | Annotations to be added to all pods created by the integration. | | super-agent-deployment.podLabels | object | `{}` | Additional labels for chart pods. Can be configured also with `global.podLabels` | | super-agent-deployment.podSecurityContext | object | `{}` | Sets security context (at pod level). Can be configured also with `global.podSecurityContext` | @@ -83,14 +85,11 @@ As of the creation of the chart, it has no particularities and this section can | super-agent-deployment.resources | object | `{}` | Resource limits to be added to all pods created by the integration. | | super-agent-deployment.serviceAccount | object | See `values.yaml` | Settings controlling ServiceAccount creation. | | super-agent-deployment.serviceAccount.create | bool | `true` | Whether the chart should automatically create the ServiceAccount objects required to run. | -| super-agent-deployment.subAgents | object | See `values.yaml` for examples | Values that the fleet is going to have in the deployment. | | super-agent-deployment.tolerations | list | `[]` | Sets pod's tolerations to node taints. Can be configured also with `global.tolerations` | | super-agent-deployment.verboseLog | bool | `false` | TODO: Sets the debug logs to this integration or all integrations if it is set globally. Can be configured also with `global.verboseLog` | ## Maintainers * [sigilioso](https://github.com/sigilioso) -* [gsanchezgavier](https://github.com/gsanchezgavier) * [kang-makes](https://github.com/kang-makes) -* [marcsanmi](https://github.com/marcsanmi) * [paologallinaharbur](https://github.com/paologallinaharbur) diff --git a/charts/super-agent/templates/_helpers.tpl b/charts/super-agent/templates/_helpers.tpl new file mode 100644 index 000000000..e9d2c1ee1 --- /dev/null +++ b/charts/super-agent/templates/_helpers.tpl @@ -0,0 +1,10 @@ +{{- define "newrelic-super-agent.capabilites-tester" -}} +{{- $minimum_supported_version := (.Values.experimental).forceMinimumSupportedVersion | default .Chart.KubeVersion -}} + +{{- $cluster_version := (.Values.experimental).forceKubeVersion | default .Capabilities.KubeVersion.Version | toString -}} + +{{- if not (semverCompare $minimum_supported_version $cluster_version) -}} + {{- $error_message := printf "Kubernetes version is not supported. Cluster says its on version %s and does not meet %s" $cluster_version $minimum_supported_version -}} + {{- fail $error_message -}} +{{- end -}} +{{- end -}} diff --git a/charts/super-agent/templates/capabilities-tester.yaml b/charts/super-agent/templates/capabilities-tester.yaml new file mode 100644 index 000000000..dbbc048cc --- /dev/null +++ b/charts/super-agent/templates/capabilities-tester.yaml @@ -0,0 +1 @@ +{{- include "newrelic-super-agent.capabilites-tester" . -}} diff --git a/charts/super-agent/tests/cluster_capabilities_test.yaml b/charts/super-agent/tests/cluster_capabilities_test.yaml new file mode 100644 index 000000000..3320c1ecf --- /dev/null +++ b/charts/super-agent/tests/cluster_capabilities_test.yaml @@ -0,0 +1,23 @@ +suite: super agent is able to fail if it does not meet cluster version +templates: + - templates/capabilities-tester.yaml +release: + name: my-release + namespace: my-namespace + +tests: + - it: Cluster above the requirements + set: + experimental: + forceMinimumSupportedVersion: ">=1.28.0-0" + forceKubeVersion: v1.29 + asserts: + - notFailedTemplate: {} + + - it: Cluster below the requirements + set: + experimental: + forceMinimumSupportedVersion: ">=1.28.0-0" + forceKubeVersion: v1.27 + asserts: + - failedTemplate: {} diff --git a/charts/super-agent/tests/placeholder b/charts/super-agent/tests/placeholder deleted file mode 100644 index dc9b039ed..000000000 --- a/charts/super-agent/tests/placeholder +++ /dev/null @@ -1 +0,0 @@ -This file is a placeholder so the CI run the unittest command for the sub charts contained here. diff --git a/charts/super-agent/values.yaml b/charts/super-agent/values.yaml index ed762ac42..ad942468b 100644 --- a/charts/super-agent/values.yaml +++ b/charts/super-agent/values.yaml @@ -242,3 +242,14 @@ flux2: # user want to use Flux for other purposes besides the super agent, this toggle can be used to allow Flux to work on # the whole cluster. watchAllNamespaces: false + +# -- Set of experimental configurations for super-agent chart. +# @default -- See `values.yaml` +experimental: + # Forces which is the minimal supported Kubernetes version for this chart without failing. + # Useful for development, testing, or if the chart is being templated in a unsupported way. + forceMinimumSupportedVersion: "" + # In case use uses `helm template`, helm uses the latest version supported by `helm`. This allows to + # change that version. Useful for testing, developing and to change some templates from subcharts that + # change manifests depending on the version of the cluster. + forceKubeVersion: ""