Skip to content

Commit

Permalink
feat: remove kube-rbac-proxy image (#863)
Browse files Browse the repository at this point in the history
* feat: remove kube-rbac-proxy image

* f

* f

* f

* f

* f
  • Loading branch information
emosbaugh authored Jul 29, 2024
1 parent 380cf43 commit 79cdc2c
Show file tree
Hide file tree
Showing 11 changed files with 193 additions and 100 deletions.
14 changes: 0 additions & 14 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -71,18 +71,6 @@ jobs:
make build-and-push-local-artifact-mirror-image VERSION="${SHORT_SHA}-previous-k0s"
make build-and-push-local-artifact-mirror-image VERSION="${SHORT_SHA}-upgrade"
- name: Build and push utils image
run: |
export SHORT_SHA=dev-${GITHUB_SHA::7}
export EMBEDDED_OPERATOR_UTILS_IMAGE=replicated/embedded-cluster-utils-staging
export REGISTRY=docker.io
export USERNAME=${{ secrets.DOCKERHUB_USER }}
export PASSWORD=${{ secrets.DOCKERHUB_PASSWORD }}
make apko
make build-and-push-utils-image VERSION="${SHORT_SHA}"
make build-and-push-utils-image VERSION="${SHORT_SHA}-previous-k0s"
make build-and-push-utils-image VERSION="${SHORT_SHA}-upgrade"
buildtools:
name: Build Buildtools
runs-on: ubuntu-latest
Expand Down Expand Up @@ -119,7 +107,6 @@ jobs:
run: |
export SHORT_SHA=dev-${GITHUB_SHA::7}
export LOCAL_ARTIFACT_MIRROR_IMAGE=replicated/embedded-cluster-local-artifact-mirror-staging
export EMBEDDED_OPERATOR_UTILS_IMAGE=replicated/embedded-cluster-utils-staging
make -B embedded-cluster-linux-amd64 K0S_VERSION=$(make print-PREVIOUS_K0S_VERSION) K0S_BINARY_SOURCE_OVERRIDE=$(make print-PREVIOUS_K0S_BINARY_SOURCE_OVERRIDE) VERSION="${SHORT_SHA}-previous-k0s"
tar -C output/bin -czvf embedded-cluster-linux-amd64-previous-k0s.tgz embedded-cluster
./output/bin/embedded-cluster version metadata > metadata-previous-k0s.json
Expand Down Expand Up @@ -150,7 +137,6 @@ jobs:
run: |
export SHORT_SHA=dev-${GITHUB_SHA::7}
export LOCAL_ARTIFACT_MIRROR_IMAGE=replicated/embedded-cluster-local-artifact-mirror-staging
export EMBEDDED_OPERATOR_UTILS_IMAGE=replicated/embedded-cluster-utils-staging
echo "# channel release object" > e2e/kots-release-install/release.yaml
echo 'channelID: "2cHXb1RCttzpR0xvnNWyaZCgDBP"' >> e2e/kots-release-install/release.yaml
echo 'channelSlug: "ci"' >> e2e/kots-release-install/release.yaml
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/image-deps-updater.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,7 @@ jobs:
- k0s
- openebs
- velero
- embeddedclusteroperator
- seaweedfs
steps:
- name: Checkout
Expand Down
16 changes: 0 additions & 16 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,6 @@ ADMIN_CONSOLE_MIGRATIONS_IMAGE_OVERRIDE =
ADMIN_CONSOLE_KURL_PROXY_IMAGE_OVERRIDE =
EMBEDDED_OPERATOR_IMAGE_OVERRIDE =
EMBEDDED_OPERATOR_BINARY_URL_OVERRIDE =
EMBEDDED_OPERATOR_UTILS_IMAGE ?= replicated/embedded-cluster-utils
EMBEDDED_OPERATOR_UTILS_IMAGE_VERSION ?= $(subst +,-,$(VERSION))
EMBEDDED_OPERATOR_UTILS_IMAGE_LOCATION = proxy.replicated.com/anonymous/$(EMBEDDED_OPERATOR_UTILS_IMAGE):$(EMBEDDED_OPERATOR_UTILS_IMAGE_VERSION)
KUBECTL_VERSION = v1.30.1
K0S_VERSION = v1.29.6+k0s.0
K0S_GO_VERSION = v1.29.6+k0s.0
Expand All @@ -36,7 +33,6 @@ LD_FLAGS = \
-X github.com/replicatedhq/embedded-cluster/pkg/addons/adminconsole.AdminConsoleImageOverride=$(ADMIN_CONSOLE_IMAGE_OVERRIDE) \
-X github.com/replicatedhq/embedded-cluster/pkg/addons/adminconsole.AdminConsoleMigrationsImageOverride=$(ADMIN_CONSOLE_MIGRATIONS_IMAGE_OVERRIDE) \
-X github.com/replicatedhq/embedded-cluster/pkg/addons/adminconsole.AdminConsoleKurlProxyImageOverride=$(ADMIN_CONSOLE_KURL_PROXY_IMAGE_OVERRIDE) \
-X github.com/replicatedhq/embedded-cluster/pkg/addons/embeddedclusteroperator.UtilsImage=$(EMBEDDED_OPERATOR_UTILS_IMAGE_LOCATION) \
-X github.com/replicatedhq/embedded-cluster/pkg/addons/embeddedclusteroperator.EmbeddedOperatorImageOverride=$(EMBEDDED_OPERATOR_IMAGE_OVERRIDE)

export PATH := $(shell pwd)/bin:$(PATH)
Expand Down Expand Up @@ -187,18 +183,6 @@ scan:
--ignore-unfixed \
./

.PHONY: build-utils-image
build-utils-image: export IMAGE ?= $(EMBEDDED_OPERATOR_UTILS_IMAGE):$(EMBEDDED_OPERATOR_UTILS_IMAGE_VERSION)
build-utils-image: export PACKAGE_VERSION ?= $(EMBEDDED_OPERATOR_UTILS_IMAGE_VERSION)
build-utils-image: export APKO_CONFIG = deploy/images/utils/apko.tmpl.yaml
build-utils-image: apko-build

.PHONY: build-and-push-utils-image
build-and-push-utils-image: export IMAGE ?= $(EMBEDDED_OPERATOR_UTILS_IMAGE):$(EMBEDDED_OPERATOR_UTILS_IMAGE_VERSION)
build-and-push-utils-image: export PACKAGE_VERSION ?= $(EMBEDDED_OPERATOR_UTILS_IMAGE_VERSION)
build-and-push-utils-image: export APKO_CONFIG = deploy/images/utils/apko.tmpl.yaml
build-and-push-utils-image: apko-login apko-build-and-publish

.PHONY: build-local-artifact-mirror-image
build-local-artifact-mirror-image: export IMAGE ?= $(LOCAL_ARTIFACT_MIRROR_IMAGE):$(LOCAL_ARTIFACT_MIRROR_IMAGE_VERSION)
build-local-artifact-mirror-image: export PACKAGE_VERSION ?= $(LOCAL_ARTIFACT_MIRROR_IMAGE_VERSION)
Expand Down
4 changes: 3 additions & 1 deletion cmd/buildtools/addon.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package main

import (
"fmt"
"strings"

"github.com/Masterminds/semver/v3"
)
Expand All @@ -10,6 +11,7 @@ type addonComponent struct {
getWolfiPackageName func(opts addonComponentOptions) string
getWolfiPackageVersionComparison func(opts addonComponentOptions) string
upstreamVersionInputOverride string
useUpstreamImage bool
}

type addonComponentOptions struct {
Expand All @@ -21,7 +23,7 @@ type addonComponentOptions struct {
func (c *addonComponent) getPackageNameAndVersion(wolfiAPKIndex []byte, upstreamVersion string) (string, string, error) {
packageName := ""
if c.getWolfiPackageName == nil {
return packageName, upstreamVersion, nil
return packageName, strings.TrimPrefix(upstreamVersion, "v"), nil
}

k0sVersion, err := getK0sVersion()
Expand Down
191 changes: 150 additions & 41 deletions cmd/buildtools/embeddedclusteroperator.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,10 @@
package main

import (
"context"
"fmt"
"os"
"os/exec"
"strings"

"github.com/replicatedhq/embedded-cluster/pkg/addons/embeddedclusteroperator"
Expand All @@ -10,72 +13,178 @@ import (
"github.com/urfave/cli/v2"
)

var operatorImageComponents = map[string]string{
"docker.io/replicated/embedded-cluster-operator-image": "embedded-cluster-operator",
"docker.io/library/busybox": "utils",
}

var operatorComponents = map[string]addonComponent{
"embedded-cluster-operator": {
useUpstreamImage: true,
},
"utils": {},
}

var updateOperatorAddonCommand = &cli.Command{
Name: "embeddedclusteroperator",
Usage: "Updates the Embedded Cluster Operator addon",
UsageText: environmentUsageText,
Action: func(c *cli.Context) error {
logrus.Infof("updating operator addon")

logrus.Infof("getting embedded cluster operator release")
latest, err := GetGitHubRelease(
c.Context, "replicatedhq", "embedded-cluster-operator",
func(tag string) bool {
return !strings.Contains(tag, "build")
},
)
if err != nil {
return fmt.Errorf("failed to get embedded cluster operator release: %w", err)
}
latest = strings.TrimPrefix(latest, "v")
logrus.Infof("embedded cluster operator release found: %s", latest)
logrus.Infof("updating embedded cluster operator addon")

current := embeddedclusteroperator.Metadata
if current.Version == latest && !c.Bool("force") {
logrus.Infof("operator chart version is already up-to-date")
return nil
nextChartVersion := os.Getenv("INPUT_OPERATOR_CHART_VERSION")
if nextChartVersion != "" {
logrus.Infof("using input override from INPUT_OPERATOR_CHART_VERSION: %s", nextChartVersion)
} else {
logrus.Infof("fetching the latest embedded cluster operator release")
latest, err := GetGitHubRelease(
c.Context, "replicatedhq", "embedded-cluster-operator",
func(tag string) bool {
return !strings.Contains(tag, "build")
},
)
if err != nil {
return fmt.Errorf("failed to get embedded cluster operator release: %w", err)
}
nextChartVersion = strings.TrimPrefix(latest, "v")
logrus.Printf("latest embedded cluster operator release: %s", latest)
}
nextChartVersion = strings.TrimPrefix(nextChartVersion, "v")

upstream := "registry.replicated.com/library/embedded-cluster-operator"
newmeta := release.AddonMetadata{
Version: latest,
Location: fmt.Sprintf("oci://proxy.replicated.com/anonymous/%s", upstream),
Images: make(map[string]string),
}
withproto := fmt.Sprintf("oci://proxy.replicated.com/anonymous/%s", upstream)

values, err := release.GetValuesWithOriginalImages("embeddedclusteroperator")
logrus.Infof("updating embedded cluster operator images")

err := updateOperatorAddonImages(c.Context, withproto, nextChartVersion)
if err != nil {
return fmt.Errorf("unable to get openebs values: %v", err)
return fmt.Errorf("failed to update embedded cluster operator images: %w", err)
}

logrus.Infof("extracting images from chart")
withproto := fmt.Sprintf("oci://%s", upstream)
images, err := GetImagesFromOCIChart(withproto, "embeddedclusteroperator", latest, values)
logrus.Infof("successfully updated embedded cluster operator addon")

return nil
},
}

var updateOperatorImagesCommand = &cli.Command{
Name: "embeddedclusteroperator",
Usage: "Updates the embedded cluster operator images",
UsageText: environmentUsageText,
Action: func(c *cli.Context) error {
logrus.Infof("updating embedded cluster operator images")

current := embeddedclusteroperator.Metadata

err := updateOperatorAddonImages(c.Context, current.Location, current.Version)
if err != nil {
return fmt.Errorf("failed to get images from embedded cluster operator chart: %w", err)
return fmt.Errorf("failed to update embedded cluster operator images: %w", err)
}

logrus.Infof("successfully updated embedded cluster operator images")

return nil
},
}

func updateOperatorAddonImages(ctx context.Context, chartURL string, chartVersion string) error {
newmeta := release.AddonMetadata{
Version: chartVersion,
Location: chartURL,
Images: make(map[string]string),
}

logrus.Infof("fetching wolfi apk index")
wolfiAPKIndex, err := GetWolfiAPKIndex()
if err != nil {
return fmt.Errorf("failed to get APK index: %w", err)
}

values, err := release.GetValuesWithOriginalImages("embeddedclusteroperator")
if err != nil {
return fmt.Errorf("failed to get embedded cluster operator values: %v", err)
}

logrus.Infof("extracting images from chart version %s", chartVersion)
images, err := GetImagesFromOCIChart(chartURL, "embeddedclusteroperator", chartVersion, values)
if err != nil {
return fmt.Errorf("failed to get images from embedded cluster operator chart: %w", err)
}

// make sure we include the operator util image as it does not show up when rendering the helm
// chart.
images = append(images, "docker.io/library/busybox:latest")

if err := ApkoLogin(); err != nil {
return fmt.Errorf("failed to apko login: %w", err)
}

for _, image := range images {
logrus.Infof("updating image %s", image)

upstreamVersion := TagFromImage(image)
imageNoTag := RemoveTagFromImage(image)

componentName, ok := operatorImageComponents[imageNoTag]
if !ok {
return fmt.Errorf("no component found for image %s", imageNoTag)
}

// make sure we include the operator util image as it does not show up
// when rendering the helm chart.
images = append(images, "docker.io/library/busybox:1.36")
component, ok := operatorComponents[componentName]
if !ok {
return fmt.Errorf("no component found for component name %s", componentName)
}

logrus.Infof("fetching digest for images")
for _, image := range images {
sha, err := GetImageDigest(c.Context, image)
if component.useUpstreamImage {
logrus.Infof("fetching digest for image %s", image)
sha, err := GetImageDigest(ctx, image)
if err != nil {
return fmt.Errorf("failed to get image %s digest: %w", image, err)
}
logrus.Infof("image %s digest: %s", image, sha)
tag := TagFromImage(image)
image = RemoveTagFromImage(image)
newmeta.Images[FamiliarImageName(image)] = fmt.Sprintf("%s@%s", tag, sha)
continue
}

logrus.Infof("saving addon manifest")
newmeta.ReplaceImages = true
if err := newmeta.Save("embeddedclusteroperator"); err != nil {
return fmt.Errorf("failed to save embedded cluster operator metadata: %w", err)
if component.upstreamVersionInputOverride != "" {
v := os.Getenv(component.upstreamVersionInputOverride)
if v != "" {
logrus.Infof("using input override from %s: %s", component.upstreamVersionInputOverride, v)
upstreamVersion = v
}
}
return nil
},

packageName, packageVersion, err := component.getPackageNameAndVersion(wolfiAPKIndex, upstreamVersion)
if err != nil {
return fmt.Errorf("failed to get package name and version for %s: %w", componentName, err)
}

logrus.Infof("building and publishing %s, %s=%s", componentName, packageName, packageVersion)

if err := ApkoBuildAndPublish(componentName, packageName, packageVersion, upstreamVersion); err != nil {
return fmt.Errorf("failed to apko build and publish for %s: %w", componentName, err)
}

digest, err := GetDigestFromBuildFile()
if err != nil {
return fmt.Errorf("failed to get digest from build file: %w", err)
}

newmeta.Images[componentName] = fmt.Sprintf("%s@%s", packageVersion, digest)
}

logrus.Infof("saving addon manifest")
newmeta.ReplaceImages = true
if err := newmeta.Save("embeddedclusteroperator"); err != nil {
return fmt.Errorf("failed to save metadata: %w", err)
}

return nil
}

func getGitCommitHash() (string, error) {
out, err := exec.Command("git", "rev-parse", "HEAD").Output()
return string(out), err
}
1 change: 1 addition & 0 deletions cmd/buildtools/update.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ var updateImagesCommand = &cli.Command{
updateK0sImagesCommand,
updateOpenEBSImagesCommand,
updateVeleroImagesCommand,
updateOperatorImagesCommand,
updateSeaweedFSImagesCommand,
},
}
Loading

0 comments on commit 79cdc2c

Please sign in to comment.