Adds the cluster-bootstrap-controller chart as a dep #3461

foot · 2023-10-09T18:06:46Z

Instead of copy and pasting it into the WGE ("mccp") templates

What changed?

In Publish a private OCI helm chart and images to ghcr cluster-bootstrap-controller#30 we started building and publishing a proper helm-chart
Here we import and use it instead of having copies of a deployment etc in the mccp templates

Why was this change made?

Make it easier to update
Bring all controllers into a more consistent build / distribution model

How was this change implemented?

Lots of mucking around with helm and kustomize

How did you validate the change?

Comparing the diff of the final mccp chart:

smoke tests https://github.com/weaveworks/weave-gitops-enterprise/actions/runs/6826106024
git diff --no-index out-main-slice out-new-slice -M5%

diff --git a/out-main-slice/-.yaml b/out-next-slice/-.yaml
index 00ee054a3..073d21e7d 100644
--- a/out-main-slice/-.yaml
+++ b/out-next-slice/-.yaml
@@ -1,7 +1,3 @@
-# Source: crds/capi.weave.works_clusterbootstrapconfigs.yaml
----
-# Source: crds/capi.weave.works_secretsyncs.yaml
----
 # Source: crds/wego.weave.works_apps.yaml
 ---
 # Source: crds/pipelines.weave.works_pipelines.yaml
diff --git a/out-main-slice/clusterrole-cluster-bootstrap-controller-manager-role.yaml b/out-next-slice/clusterrole-cluster-bootstrap-manager-role.yaml
similarity index 77%
rename from out-main-slice/clusterrole-cluster-bootstrap-controller-manager-role.yaml
rename to out-next-slice/clusterrole-cluster-bootstrap-manager-role.yaml
index 710a7b3b4..79b811ff4 100644
--- a/out-main-slice/clusterrole-cluster-bootstrap-controller-manager-role.yaml
+++ b/out-next-slice/clusterrole-cluster-bootstrap-manager-role.yaml
@@ -1,8 +1,14 @@
-# Source: mccp/templates/cluster-bootstrap-controller/rbac.yaml
+# Source: mccp/charts/cluster-bootstrap-controller/templates/manager-rbac.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: cluster-bootstrap-controller-manager-role
+  name: cluster-bootstrap-manager-role
+  labels:
+    helm.sh/chart: cluster-bootstrap-controller-0.7.3
+    app.kubernetes.io/name: cluster-bootstrap-controller
+    app.kubernetes.io/instance: chart
+    app.kubernetes.io/version: "v0.7.3"
+    app.kubernetes.io/managed-by: Helm
 rules:
 - apiGroups:
   - ""
diff --git a/out-main-slice/clusterrole-cluster-bootstrap-controller-metrics-reader.yaml b/out-next-slice/clusterrole-cluster-bootstrap-metrics-reader.yaml
similarity index 25%
rename from out-main-slice/clusterrole-cluster-bootstrap-controller-metrics-reader.yaml
rename to out-next-slice/clusterrole-cluster-bootstrap-metrics-reader.yaml
index 3ce5fe00f..7bf71207d 100644
--- a/out-main-slice/clusterrole-cluster-bootstrap-controller-metrics-reader.yaml
+++ b/out-next-slice/clusterrole-cluster-bootstrap-metrics-reader.yaml
@@ -1,8 +1,14 @@
-# Source: mccp/templates/cluster-bootstrap-controller/rbac.yaml
+# Source: mccp/charts/cluster-bootstrap-controller/templates/metrics-reader-rbac.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: cluster-bootstrap-controller-metrics-reader
+  name: cluster-bootstrap-metrics-reader
+  labels:
+    helm.sh/chart: cluster-bootstrap-controller-0.7.3
+    app.kubernetes.io/name: cluster-bootstrap-controller
+    app.kubernetes.io/instance: chart
+    app.kubernetes.io/version: "v0.7.3"
+    app.kubernetes.io/managed-by: Helm
 rules:
 - nonResourceURLs:
   - /metrics
diff --git a/out-main-slice/clusterrole-cluster-bootstrap-controller-proxy-role.yaml b/out-next-slice/clusterrole-cluster-bootstrap-proxy-role.yaml
similarity index 42%
rename from out-main-slice/clusterrole-cluster-bootstrap-controller-proxy-role.yaml
rename to out-next-slice/clusterrole-cluster-bootstrap-proxy-role.yaml
index eb8ea1c0b..e9d681bc8 100644
--- a/out-main-slice/clusterrole-cluster-bootstrap-controller-proxy-role.yaml
+++ b/out-next-slice/clusterrole-cluster-bootstrap-proxy-role.yaml
@@ -1,8 +1,14 @@
-# Source: mccp/templates/cluster-bootstrap-controller/rbac.yaml
+# Source: mccp/charts/cluster-bootstrap-controller/templates/proxy-rbac.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: cluster-bootstrap-controller-proxy-role
+  name: cluster-bootstrap-proxy-role
+  labels:
+    helm.sh/chart: cluster-bootstrap-controller-0.7.3
+    app.kubernetes.io/name: cluster-bootstrap-controller
+    app.kubernetes.io/instance: chart
+    app.kubernetes.io/version: "v0.7.3"
+    app.kubernetes.io/managed-by: Helm
 rules:
 - apiGroups:
   - authentication.k8s.io
diff --git a/out-main-slice/clusterrolebinding-cluster-bootstrap-controller-manager-rolebinding.yaml b/out-next-slice/clusterrolebinding-cluster-bootstrap-manager-rolebinding.yaml
similarity index 27%
rename from out-main-slice/clusterrolebinding-cluster-bootstrap-controller-manager-rolebinding.yaml
rename to out-next-slice/clusterrolebinding-cluster-bootstrap-manager-rolebinding.yaml
index 3d0db7c99..0bd0174dc 100644
--- a/out-main-slice/clusterrolebinding-cluster-bootstrap-controller-manager-rolebinding.yaml
+++ b/out-next-slice/clusterrolebinding-cluster-bootstrap-manager-rolebinding.yaml
@@ -1,13 +1,19 @@
-# Source: mccp/templates/cluster-bootstrap-controller/rbac.yaml
+# Source: mccp/charts/cluster-bootstrap-controller/templates/manager-rbac.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: cluster-bootstrap-controller-manager-rolebinding
+  name: cluster-bootstrap-manager-rolebinding
+  labels:
+    helm.sh/chart: cluster-bootstrap-controller-0.7.3
+    app.kubernetes.io/name: cluster-bootstrap-controller
+    app.kubernetes.io/instance: chart
+    app.kubernetes.io/version: "v0.7.3"
+    app.kubernetes.io/managed-by: Helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: cluster-bootstrap-controller-manager-role
+  name: 'cluster-bootstrap-manager-role'
 subjects:
 - kind: ServiceAccount
-  name: cluster-bootstrap-controller
-  namespace: "default"
+  name: 'cluster-bootstrap-controller-manager'
+  namespace: 'default'
diff --git a/out-main-slice/clusterrolebinding-cluster-bootstrap-controller-proxy-rolebinding.yaml b/out-next-slice/clusterrolebinding-cluster-bootstrap-proxy-rolebinding.yaml
similarity index 27%
rename from out-main-slice/clusterrolebinding-cluster-bootstrap-controller-proxy-rolebinding.yaml
rename to out-next-slice/clusterrolebinding-cluster-bootstrap-proxy-rolebinding.yaml
index 8e82e5712..026a05bc2 100644
--- a/out-main-slice/clusterrolebinding-cluster-bootstrap-controller-proxy-rolebinding.yaml
+++ b/out-next-slice/clusterrolebinding-cluster-bootstrap-proxy-rolebinding.yaml
@@ -1,13 +1,19 @@
-# Source: mccp/templates/cluster-bootstrap-controller/rbac.yaml
+# Source: mccp/charts/cluster-bootstrap-controller/templates/proxy-rbac.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: cluster-bootstrap-controller-proxy-rolebinding
+  name: cluster-bootstrap-proxy-rolebinding
+  labels:
+    helm.sh/chart: cluster-bootstrap-controller-0.7.3
+    app.kubernetes.io/name: cluster-bootstrap-controller
+    app.kubernetes.io/instance: chart
+    app.kubernetes.io/version: "v0.7.3"
+    app.kubernetes.io/managed-by: Helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: cluster-bootstrap-controller-proxy-role
+  name: 'cluster-bootstrap-proxy-role'
 subjects:
 - kind: ServiceAccount
-  name: cluster-bootstrap-controller
-  namespace: "default"
+  name: 'cluster-bootstrap-controller-manager'
+  namespace: 'default'
diff --git a/out-main-slice/customresourcedefinition-clusterbootstrapconfigs.capi.weave.works.yaml b/out-next-slice/customresourcedefinition-clusterbootstrapconfigs.capi.weave.works.yaml
index 4bf2d3225..261ba157d 100644
--- a/out-main-slice/customresourcedefinition-clusterbootstrapconfigs.capi.weave.works.yaml
+++ b/out-next-slice/customresourcedefinition-clusterbootstrapconfigs.capi.weave.works.yaml
@@ -1,3 +1,4 @@
+# Source: crds/clusterbootstrapconfig-crd.yaml
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
diff --git a/out-main-slice/customresourcedefinition-secretsyncs.capi.weave.works.yaml b/out-next-slice/customresourcedefinition-secretsyncs.capi.weave.works.yaml
index b575c5066..92db7bc2f 100644
--- a/out-main-slice/customresourcedefinition-secretsyncs.capi.weave.works.yaml
+++ b/out-next-slice/customresourcedefinition-secretsyncs.capi.weave.works.yaml
@@ -1,3 +1,4 @@
+# Source: crds/secretsync-crd.yaml
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
diff --git a/out-main-slice/deployment-chart-mccp-cluster-bootstrap-controller.yaml b/out-next-slice/deployment-cluster-bootstrap-controller-manager.yaml
similarity index 63%
rename from out-main-slice/deployment-chart-mccp-cluster-bootstrap-controller.yaml
rename to out-next-slice/deployment-cluster-bootstrap-controller-manager.yaml
index 87e93ac3c..a632b6335 100644
--- a/out-main-slice/deployment-chart-mccp-cluster-bootstrap-controller.yaml
+++ b/out-next-slice/deployment-cluster-bootstrap-controller-manager.yaml
@@ -1,26 +1,28 @@
-# Source: mccp/templates/cluster-bootstrap-controller/deployment.yaml
+# Source: mccp/charts/cluster-bootstrap-controller/templates/deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
+  name: cluster-bootstrap-controller-manager
   labels:
-    app.kubernetes.io/name: mccp
-    app.kubernetes.io/component: cluster-bootstrap-controller
     control-plane: controller-manager
-  name: chart-mccp-cluster-bootstrap-controller
-  namespace: "default"
+    helm.sh/chart: cluster-bootstrap-controller-0.7.3
+    app.kubernetes.io/name: cluster-bootstrap-controller
+    app.kubernetes.io/instance: chart
+    app.kubernetes.io/version: "v0.7.3"
+    app.kubernetes.io/managed-by: Helm
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app.kubernetes.io/name: mccp
-      app.kubernetes.io/component: cluster-bootstrap-controller
       control-plane: controller-manager
+      app.kubernetes.io/name: cluster-bootstrap-controller
+      app.kubernetes.io/instance: chart
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: mccp
-        app.kubernetes.io/component: cluster-bootstrap-controller
         control-plane: controller-manager
+        app.kubernetes.io/name: cluster-bootstrap-controller
+        app.kubernetes.io/instance: chart
     spec:
       containers:
       - args:
@@ -28,19 +30,26 @@ spec:
         - --upstream=http://127.0.0.1:8080/
         - --logtostderr=true
         - --v=10
+        env:
+        - name: KUBERNETES_CLUSTER_DOMAIN
+          value: "cluster.local"
         image: gcr.io/kubebuilder/kube-rbac-proxy:v0.14.1
         name: kube-rbac-proxy
         ports:
         - containerPort: 8443
           name: https
           protocol: TCP
+        resources: {}
       - args:
         - --health-probe-bind-address=:8081
         - --metrics-bind-address=127.0.0.1:8080
         - --leader-elect
         command:
         - /manager
-        image: weaveworks/cluster-bootstrap-controller:v0.7.1
+        env:
+        - name: KUBERNETES_CLUSTER_DOMAIN
+          value: "cluster.local"
+        image: ghcr.io/weaveworks/cluster-bootstrap-controller:v0.7.3
         livenessProbe:
           httpGet:
             path: /healthz
@@ -63,13 +72,14 @@ spec:
             memory: 20Mi
         securityContext:
           allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+            - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
-          capabilities:
-            drop: [ "ALL" ]
           seccompProfile:
             type: RuntimeDefault
       securityContext:
         runAsNonRoot: true
-      serviceAccountName: cluster-bootstrap-controller
+      serviceAccountName: cluster-bootstrap-controller-manager
       terminationGracePeriodSeconds: 10
diff --git a/out-main-slice/role-cluster-bootstrap-controller-leader-election-role.yaml b/out-next-slice/role-cluster-bootstrap-leader-election-role.yaml
similarity index 52%
rename from out-main-slice/role-cluster-bootstrap-controller-leader-election-role.yaml
rename to out-next-slice/role-cluster-bootstrap-leader-election-role.yaml
index c94a63977..60319b133 100644
--- a/out-main-slice/role-cluster-bootstrap-controller-leader-election-role.yaml
+++ b/out-next-slice/role-cluster-bootstrap-leader-election-role.yaml
@@ -1,9 +1,14 @@
-# Source: mccp/templates/cluster-bootstrap-controller/rbac.yaml
+# Source: mccp/charts/cluster-bootstrap-controller/templates/leader-election-rbac.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: cluster-bootstrap-controller-leader-election-role
-  namespace: "default"
+  name: cluster-bootstrap-leader-election-role
+  labels:
+    helm.sh/chart: cluster-bootstrap-controller-0.7.3
+    app.kubernetes.io/name: cluster-bootstrap-controller
+    app.kubernetes.io/instance: chart
+    app.kubernetes.io/version: "v0.7.3"
+    app.kubernetes.io/managed-by: Helm
 rules:
 - apiGroups:
   - ""
diff --git a/out-main-slice/rolebinding-cluster-bootstrap-controller-leader-election-rolebinding.yaml b/out-next-slice/rolebinding-cluster-bootstrap-leader-election-rolebinding.yaml
similarity index 24%
rename from out-main-slice/rolebinding-cluster-bootstrap-controller-leader-election-rolebinding.yaml
rename to out-next-slice/rolebinding-cluster-bootstrap-leader-election-rolebinding.yaml
index 658607a61..edeef6364 100644
--- a/out-main-slice/rolebinding-cluster-bootstrap-controller-leader-election-rolebinding.yaml
+++ b/out-next-slice/rolebinding-cluster-bootstrap-leader-election-rolebinding.yaml
@@ -1,14 +1,19 @@
-# Source: mccp/templates/cluster-bootstrap-controller/rbac.yaml
+# Source: mccp/charts/cluster-bootstrap-controller/templates/leader-election-rbac.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: cluster-bootstrap-controller-leader-election-rolebinding
-  namespace: "default"
+  name: cluster-bootstrap-leader-election-rolebinding
+  labels:
+    helm.sh/chart: cluster-bootstrap-controller-0.7.3
+    app.kubernetes.io/name: cluster-bootstrap-controller
+    app.kubernetes.io/instance: chart
+    app.kubernetes.io/version: "v0.7.3"
+    app.kubernetes.io/managed-by: Helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
-  name: cluster-bootstrap-controller-leader-election-role
+  name: 'cluster-bootstrap-leader-election-role'
 subjects:
 - kind: ServiceAccount
-  name: cluster-bootstrap-controller
-  namespace: "default"
+  name: 'cluster-bootstrap-controller-manager'
+  namespace: 'default'
diff --git a/out-main-slice/service-cluster-bootstrap-controller-metrics-service.yaml b/out-next-slice/service-cluster-bootstrap-controller-manager-metrics-service.yaml
similarity index 31%
rename from out-main-slice/service-cluster-bootstrap-controller-metrics-service.yaml
rename to out-next-slice/service-cluster-bootstrap-controller-manager-metrics-service.yaml
index e8c1852fb..6f931ba98 100644
--- a/out-main-slice/service-cluster-bootstrap-controller-metrics-service.yaml
+++ b/out-next-slice/service-cluster-bootstrap-controller-manager-metrics-service.yaml
@@ -1,20 +1,23 @@
-# Source: mccp/templates/cluster-bootstrap-controller/service.yaml
+# Source: mccp/charts/cluster-bootstrap-controller/templates/metrics-service.yaml
 apiVersion: v1
 kind: Service
 metadata:
+  name: cluster-bootstrap-controller-manager-metrics-service
   labels:
-    app.kubernetes.io/name: mccp
-    app.kubernetes.io/component: cluster-bootstrap-controller
     control-plane: controller-manager
-  name: cluster-bootstrap-controller-metrics-service
-  namespace: "default"
+    helm.sh/chart: cluster-bootstrap-controller-0.7.3
+    app.kubernetes.io/name: cluster-bootstrap-controller
+    app.kubernetes.io/instance: chart
+    app.kubernetes.io/version: "v0.7.3"
+    app.kubernetes.io/managed-by: Helm
 spec:
+  type: ClusterIP
+  selector:
+    control-plane: controller-manager
+    app.kubernetes.io/name: cluster-bootstrap-controller
+    app.kubernetes.io/instance: chart
   ports:
   - name: https
     port: 8443
     protocol: TCP
     targetPort: https
-  selector:
-    app.kubernetes.io/name: mccp
-    app.kubernetes.io/component: cluster-bootstrap-controller
-    control-plane: controller-manager
diff --git a/out-main-slice/serviceaccount-cluster-bootstrap-controller.yaml b/out-next-slice/serviceaccount-cluster-bootstrap-controller-manager.yaml
similarity index 11%
rename from out-main-slice/serviceaccount-cluster-bootstrap-controller.yaml
rename to out-next-slice/serviceaccount-cluster-bootstrap-controller-manager.yaml
index ec54c3c77..293fa434e 100644
--- a/out-main-slice/serviceaccount-cluster-bootstrap-controller.yaml
+++ b/out-next-slice/serviceaccount-cluster-bootstrap-controller-manager.yaml
@@ -1,6 +1,11 @@
-# Source: mccp/templates/cluster-bootstrap-controller/serviceaccount.yaml
+# Source: mccp/charts/cluster-bootstrap-controller/templates/deployment.yaml
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: cluster-bootstrap-controller
-  namespace: "default"
+  name: cluster-bootstrap-controller-manager
+  labels:
+    helm.sh/chart: cluster-bootstrap-controller-0.7.3
+    app.kubernetes.io/name: cluster-bootstrap-controller
+    app.kubernetes.io/instance: chart
+    app.kubernetes.io/version: "v0.7.3"
+    app.kubernetes.io/managed-by: Helm

Release notes

Documentation Changes

Other follow ups

- Instead of copy and pasting it into the WGE ("mccp") templates

…troller-upgrade

bigkevmcd · 2023-11-10T15:12:27Z

charts/mccp/values.yaml

@@ -217,6 +206,17 @@ cluster-controller:
        repository: docker.io/weaveworks/cluster-controller
        tag: v1.5.2

+cluster-bootstrap-controller:
+  enabled: true


Maybe not by default?

This is just the good old cluster-bootstrap-controller, would leave it enabled for now.

Or in this PR at least.

Interesting thought to turn it off, not sure how many people use it.

Adds the cluster-bootstrap-controller chart as a dep

ed765b3

- Instead of copy and pasting it into the WGE ("mccp") templates

foot added the exclude from release notes Use this label to exclude a PR from the release notes label Oct 9, 2023

foot added 2 commits October 10, 2023 13:43

Correct cluster-bootstrap-controller manager name in tilt

b580211

use correct image

53ee1e5

foot mentioned this pull request Oct 9, 2023

Publish a private OCI helm chart and images to ghcr weaveworks/cluster-bootstrap-controller#30

Merged

foot added 3 commits November 10, 2023 15:18

bump to released version

a8519a2

Merge remote-tracking branch 'origin/main' into cluster-bootstrap-con…

ac70c46

…troller-upgrade

Move resources stuff into line after merge

5a2f427

foot marked this pull request as ready for review November 10, 2023 15:08

foot requested a review from bigkevmcd November 10, 2023 15:08

bigkevmcd reviewed Nov 10, 2023

View reviewed changes

bigkevmcd approved these changes Nov 10, 2023

View reviewed changes

foot merged commit 4aeb517 into main Nov 10, 2023
22 checks passed

foot deleted the cluster-bootstrap-controller-upgrade branch November 10, 2023 15:17

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Adds the cluster-bootstrap-controller chart as a dep #3461

Adds the cluster-bootstrap-controller chart as a dep #3461

foot commented Oct 9, 2023 •

edited

Loading

bigkevmcd Nov 10, 2023

foot Nov 10, 2023

bigkevmcd Nov 10, 2023

Adds the cluster-bootstrap-controller chart as a dep #3461

Adds the cluster-bootstrap-controller chart as a dep #3461

Conversation

foot commented Oct 9, 2023 • edited Loading

bigkevmcd Nov 10, 2023

Choose a reason for hiding this comment

foot Nov 10, 2023

Choose a reason for hiding this comment

bigkevmcd Nov 10, 2023

Choose a reason for hiding this comment

foot commented Oct 9, 2023 •

edited

Loading