Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update 1.12 addon manifests to use apps/v1, rbac v1 #6397

Merged
merged 4 commits into from
Feb 20, 2019
Merged

Update 1.12 addon manifests to use apps/v1, rbac v1 #6397

merged 4 commits into from
Feb 20, 2019

Conversation

liggitt
Copy link
Member

@liggitt liggitt commented Jan 25, 2019
edited
Loading

xref #6273

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Jan 25, 2019
@liggitt
Copy link
Member Author

liggitt commented Jan 25, 2019

cc @justinsb

@liggitt
Copy link
Member Author

liggitt commented Jan 25, 2019

/hold

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jan 25, 2019
@liggitt liggitt force-pushed the extensions-to-apps branch 2 times, most recently from a0a09d6 to a2e8368 Compare January 25, 2019 20:43
@liggitt liggitt mentioned this pull request Jan 27, 2019
Merged
@liggitt liggitt force-pushed the extensions-to-apps branch from a2e8368 to 94381c1 Compare January 29, 2019 05:59
@liggitt
Copy link
Member Author

liggitt commented Jan 29, 2019

/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jan 29, 2019
@liggitt
Copy link
Member Author

liggitt commented Jan 29, 2019

/retest

@liggitt
Copy link
Member Author

liggitt commented Jan 29, 2019

all other CI jobs on kubernetes/kubernetes#70672 are now green

@liggitt
Copy link
Member Author

liggitt commented Jan 30, 2019

/retest

@chrisz100
Copy link
Contributor

You being a member of the kubernetes project makes me trust you going least privilege principle with the serviceaccounts you create 👍

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jan 31, 2019
@liggitt
Copy link
Member Author

liggitt commented Jan 31, 2019

You being a member of the kubernetes project makes me trust you going least privilege principle with the serviceaccounts you create 👍

fyi, this didn't change any of the existing roles/bindings... just copied latest manifests and updated API versions

@liggitt
Copy link
Member Author

liggitt commented Jan 31, 2019

/assign @justinsb
for approval

/retest
(hope springs eternal)

@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 18, 2019
KashifSaadat
KashifSaadat reviewed Feb 20, 2019
View reviewed changes
upup/pkg/fi/cloudup/bootstrapchannelbuilder.go Outdated
@@ -668,7 +809,9 @@ func (b *BootstrapChannelBuilder) buildManifest() (*channelsapi.Addons, map[stri
"pre-k8s-1.6": "2.4.2-kops.1",
"k8s-1.6": "2.6.9-kops.1",
"k8s-1.7": "2.6.9-kops.1",
"k8s-1.12": "2.6.9-kops.1",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure whether there'd still be an explicit need to keep this / run on 1.12+ with calico v2.6.9? Maybe drop in favour of the new v3.4 manifest which applies with KubernetesVersion: ">=1.12.0", so Calico MajorVersion is effectively defaulted to v3 for k8s v1.12+.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not knowing the history behind having two versions available for 1.7, I wasn't sure if this was a python 2/3 sort of thing where it would make sense to keep both available for 1.12.

I'm happy to collapse onto the v3 version though

KashifSaadat
KashifSaadat reviewed Feb 20, 2019
View reviewed changes
upup/pkg/fi/cloudup/bootstrapchannelbuilder_test.go
if os.Getenv("UPDATE_CHANNEL_BUILDER_TEST_FIXTURES") == "true" {
ioutil.WriteFile(expectedManifestPath, []byte(actualManifest), 0755)
} else {
t.Logf("to update fixtures automatically, run with UPDATE_CHANNEL_BUILDER_TEST_FIXTURES=true")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice ;)

@KashifSaadat
Copy link
Contributor

All looks great thanks @liggitt ! :)

The E2E tests are fixed now, just needs a rebase and I've left a small comment around the Calico manifest update. As we don't have an official kops v1.12 release yet I think it would be sensible to have Calico v3 as the default for that version onwards.

/test pull-kops-e2e-kubernetes-aws

@k8s-ci-robot k8s-ci-robot removed lgtm "Looks good to me", indicates that a PR is ready to be merged. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. labels Feb 20, 2019
@liggitt
Copy link
Member Author

liggitt commented Feb 20, 2019

  • rebased on master
  • only included the v3 calico addon in 1.12
  • re-copied existing templates to 1.12 versions to pick up latest changes:
cp upup/models/cloudup/resources/addons/authentication.aws/k8s-1.10.yaml \
   upup/models/cloudup/resources/addons/authentication.aws/k8s-1.12.yaml
cp upup/models/cloudup/resources/addons/authentication.kope.io/k8s-1.8.yaml \
   upup/models/cloudup/resources/addons/authentication.kope.io/k8s-1.12.yaml
cp upup/models/cloudup/resources/addons/core.addons.k8s.io/k8s-1.7.yaml.template \
   upup/models/cloudup/resources/addons/core.addons.k8s.io/k8s-1.12.yaml.template
cp upup/models/cloudup/resources/addons/coredns.addons.k8s.io/k8s-1.6.yaml.template \
   upup/models/cloudup/resources/addons/coredns.addons.k8s.io/k8s-1.12.yaml.template
cp upup/models/cloudup/resources/addons/dns-controller.addons.k8s.io/k8s-1.6.yaml.template \
   upup/models/cloudup/resources/addons/dns-controller.addons.k8s.io/k8s-1.12.yaml.template
cp upup/models/cloudup/resources/addons/external-dns.addons.k8s.io/k8s-1.6.yaml.template \
   upup/models/cloudup/resources/addons/external-dns.addons.k8s.io/k8s-1.12.yaml.template
cp upup/models/cloudup/resources/addons/kube-dns.addons.k8s.io/k8s-1.6.yaml.template \
   upup/models/cloudup/resources/addons/kube-dns.addons.k8s.io/k8s-1.12.yaml.template
cp upup/models/cloudup/resources/addons/networking.amazon-vpc-routed-eni/k8s-1.10.yaml.template \
   upup/models/cloudup/resources/addons/networking.amazon-vpc-routed-eni/k8s-1.12.yaml.template
cp upup/models/cloudup/resources/addons/networking.cilium.io/k8s-1.7.yaml.template \
   upup/models/cloudup/resources/addons/networking.cilium.io/k8s-1.12.yaml.template
cp upup/models/cloudup/resources/addons/networking.flannel/k8s-1.6.yaml.template \
   upup/models/cloudup/resources/addons/networking.flannel/k8s-1.12.yaml.template
cp upup/models/cloudup/resources/addons/networking.kope.io/k8s-1.6.yaml \
   upup/models/cloudup/resources/addons/networking.kope.io/k8s-1.12.yaml
cp upup/models/cloudup/resources/addons/networking.kuberouter/k8s-1.6.yaml.template \
   upup/models/cloudup/resources/addons/networking.kuberouter/k8s-1.12.yaml.template
cp upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.7-v3.yaml.template \
   upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.12.yaml.template
cp upup/models/cloudup/resources/addons/networking.romana/k8s-1.7.yaml.template \
   upup/models/cloudup/resources/addons/networking.romana/k8s-1.12.yaml.template
cp upup/models/cloudup/resources/addons/networking.weave/k8s-1.8.yaml.template \
   upup/models/cloudup/resources/addons/networking.weave/k8s-1.12.yaml.template
cp upup/models/cloudup/resources/addons/node-authorizer.addons.k8s.io/k8s-1.10.yaml.template \
   upup/models/cloudup/resources/addons/node-authorizer.addons.k8s.io/k8s-1.12.yaml.template
cp upup/models/cloudup/resources/addons/podsecuritypolicy.addons.k8s.io/k8s-1.10.yaml.template \
   upup/models/cloudup/resources/addons/podsecuritypolicy.addons.k8s.io/k8s-1.12.yaml.template

@KashifSaadat
Copy link
Contributor

Awesome work, many thanks!!

/approve
/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 20, 2019
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: KashifSaadat, liggitt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 20, 2019
@KashifSaadat KashifSaadat mentioned this pull request Feb 20, 2019
Merged
@k8s-ci-robot k8s-ci-robot merged commit 6fecaf0 into kubernetes:master Feb 20, 2019
@liggitt liggitt mentioned this pull request Feb 20, 2019
Closed
@liggitt liggitt deleted the extensions-to-apps branch February 20, 2019 18:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@KashifSaadat KashifSaadat KashifSaadat left review comments

@chrisz100 chrisz100 Awaiting requested review from chrisz100

@robinpercy robinpercy Awaiting requested review from robinpercy

Assignees

@justinsb justinsb

@chrisz100 chrisz100

@KashifSaadat KashifSaadat

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@liggitt @chrisz100 @KashifSaadat @k8s-ci-robot @justinsb