From e738700c6056d1cca25202173e5ffaa1b703c62e Mon Sep 17 00:00:00 2001 From: Jimmi Dyson Date: Tue, 5 Nov 2024 15:42:01 +0000 Subject: [PATCH] fixup! refactor: Address review feedback --- .goreleaser.yml | 8 +-- .pre-commit-config.yaml | 2 +- .../README.md | 5 +- .../templates/helm-config.yaml | 22 +++---- .../values.schema.json | 3 + .../values.yaml | 5 +- hack/addons/add-warning-helm-configmap.sh | 2 + hack/addons/generate-mindthegap-repofile.sh | 5 +- .../Dockerfile | 2 +- hack/addons/helm-chart-bundler/repos.yaml | 8 +++ .../mindthegap-helm-registry/repos.yaml | 63 ------------------- make/addons.mk | 2 +- 12 files changed, 39 insertions(+), 88 deletions(-) rename hack/addons/{mindthegap-helm-registry => helm-chart-bundler}/Dockerfile (92%) create mode 100644 hack/addons/helm-chart-bundler/repos.yaml delete mode 100644 hack/addons/mindthegap-helm-registry/repos.yaml diff --git a/.goreleaser.yml b/.goreleaser.yml index c45105868..4d86014c7 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -103,9 +103,9 @@ dockers: - image_templates: - 'ghcr.io/nutanix-cloud-native/caren-helm-reg:v{{ trimprefix .Version "v" }}-amd64' use: buildx - dockerfile: ./hack/addons/mindthegap-helm-registry/Dockerfile + dockerfile: ./hack/addons/helm-chart-bundler/Dockerfile extra_files: - - hack/addons/mindthegap-helm-registry/repos.yaml + - hack/addons/helm-chart-bundler/repos.yaml build_flag_templates: - "--platform=linux/amd64" - "--pull" @@ -119,9 +119,9 @@ dockers: - image_templates: - 'ghcr.io/nutanix-cloud-native/caren-helm-reg:v{{ trimprefix .Version "v" }}-arm64' use: buildx - dockerfile: ./hack/addons/mindthegap-helm-registry/Dockerfile + dockerfile: ./hack/addons/helm-chart-bundler/Dockerfile extra_files: - - hack/addons/mindthegap-helm-registry/repos.yaml + - hack/addons/helm-chart-bundler/repos.yaml build_flag_templates: - "--platform=linux/arm64" - "--pull" diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 23b7f9139..8a233f758 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -55,7 +55,7 @@ repos: name: addons-repo-yaml entry: make template-helm-repository language: system - files: "hack/addons/mindthegap-helm-registry/repos.yaml" + files: "hack/addons/helm-chart-bundler/repos.yaml" pass_filenames: false - id: check-devbox-lock name: check-devbox-lock diff --git a/charts/cluster-api-runtime-extensions-nutanix/README.md b/charts/cluster-api-runtime-extensions-nutanix/README.md index bb1b04dab..7ccee8750 100644 --- a/charts/cluster-api-runtime-extensions-nutanix/README.md +++ b/charts/cluster-api-runtime-extensions-nutanix/README.md @@ -38,8 +38,9 @@ A Helm chart for cluster-api-runtime-extensions-nutanix | helmRepository.images.mindthegap.pullPolicy | string | `"IfNotPresent"` | | | helmRepository.images.mindthegap.repository | string | `"ghcr.io/mesosphere/mindthegap"` | | | helmRepository.images.mindthegap.tag | string | `"v1.16.0"` | | -| helmRepository.securityContext.fsGroup | int | `65534` | | -| helmRepository.securityContext.runAsUser | int | `65534` | | +| helmRepository.securityContext.fsGroup | int | `65532` | | +| helmRepository.securityContext.runAsGroup | int | `65532` | | +| helmRepository.securityContext.runAsUser | int | `65532` | | | hooks.ccm.aws.helmAddonStrategy.defaultValueTemplateConfigMap.create | bool | `true` | | | hooks.ccm.aws.helmAddonStrategy.defaultValueTemplateConfigMap.name | string | `"default-aws-ccm-helm-values-template"` | | | hooks.ccm.aws.k8sMinorVersionToCCMVersion."1.27" | string | `"v1.27.9"` | | diff --git a/charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml b/charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml index 6520f5e5e..b1e2666ff 100644 --- a/charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml +++ b/charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml @@ -10,47 +10,47 @@ data: aws-ccm: | ChartName: aws-cloud-controller-manager ChartVersion: 0.0.8 - RepositoryURL: {{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://kubernetes.github.io/cloud-provider-aws{{ end }} + RepositoryURL: "{{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://kubernetes.github.io/cloud-provider-aws{{ end }}" aws-ebs-csi: | ChartName: aws-ebs-csi-driver ChartVersion: 2.35.1 - RepositoryURL: {{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://kubernetes-sigs.github.io/aws-ebs-csi-driver{{ end }} + RepositoryURL: "{{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://kubernetes-sigs.github.io/aws-ebs-csi-driver{{ end }}" cilium: | ChartName: cilium ChartVersion: 1.16.2 - RepositoryURL: {{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://helm.cilium.io/{{ end }} + RepositoryURL: "{{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://helm.cilium.io/{{ end }}" cluster-autoscaler: | ChartName: cluster-autoscaler ChartVersion: 9.40.0 - RepositoryURL: {{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://kubernetes.github.io/autoscaler{{ end }} + RepositoryURL: "{{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://kubernetes.github.io/autoscaler{{ end }}" local-path-provisioner-csi: | ChartName: local-path-provisioner ChartVersion: 0.0.29 - RepositoryURL: {{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://charts.containeroo.ch{{ end }} + RepositoryURL: "{{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://charts.containeroo.ch{{ end }}" metallb: | ChartName: metallb ChartVersion: 0.14.8 - RepositoryURL: {{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://metallb.github.io/metallb{{ end }} + RepositoryURL: "{{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://metallb.github.io/metallb{{ end }}" nfd: | ChartName: node-feature-discovery ChartVersion: 0.16.4 - RepositoryURL: {{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://kubernetes-sigs.github.io/node-feature-discovery/charts{{ end }} + RepositoryURL: "{{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://kubernetes-sigs.github.io/node-feature-discovery/charts{{ end }}" nutanix-ccm: | ChartName: nutanix-cloud-provider ChartVersion: 0.4.1 - RepositoryURL: {{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://nutanix.github.io/helm/{{ end }} + RepositoryURL: "{{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://nutanix.github.io/helm/{{ end }}" nutanix-storage-csi: | ChartName: nutanix-csi-storage ChartVersion: 3.1.0 - RepositoryURL: {{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://nutanix.github.io/helm-releases/{{ end }} + RepositoryURL: "{{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://nutanix.github.io/helm-releases/{{ end }}" snapshot-controller: | ChartName: snapshot-controller ChartVersion: 3.0.6 - RepositoryURL: {{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://piraeus.io/helm-charts/{{ end }} + RepositoryURL: "{{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://piraeus.io/helm-charts/{{ end }}" tigera-operator: | ChartName: tigera-operator ChartVersion: v3.28.2 - RepositoryURL: {{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://docs.tigera.io/calico/charts{{ end }} + RepositoryURL: "{{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://docs.tigera.io/calico/charts{{ end }}" kind: ConfigMap metadata: creationTimestamp: null diff --git a/charts/cluster-api-runtime-extensions-nutanix/values.schema.json b/charts/cluster-api-runtime-extensions-nutanix/values.schema.json index 62baa732d..6f9e21cdc 100644 --- a/charts/cluster-api-runtime-extensions-nutanix/values.schema.json +++ b/charts/cluster-api-runtime-extensions-nutanix/values.schema.json @@ -78,6 +78,9 @@ "fsGroup": { "type": "integer" }, + "runAsGroup": { + "type": "integer" + }, "runAsUser": { "type": "integer" } diff --git a/charts/cluster-api-runtime-extensions-nutanix/values.yaml b/charts/cluster-api-runtime-extensions-nutanix/values.yaml index 6d4e43f2e..f770c3cba 100644 --- a/charts/cluster-api-runtime-extensions-nutanix/values.yaml +++ b/charts/cluster-api-runtime-extensions-nutanix/values.yaml @@ -143,8 +143,9 @@ helmRepository: tag: "v1.16.0" pullPolicy: IfNotPresent securityContext: - runAsUser: 65534 - fsGroup: 65534 + runAsUser: 65532 + runAsGroup: 65532 + fsGroup: 65532 # -- Optional secrets used for pulling the container image imagePullSecrets: [] diff --git a/hack/addons/add-warning-helm-configmap.sh b/hack/addons/add-warning-helm-configmap.sh index 484c229fc..c7319c5fa 100755 --- a/hack/addons/add-warning-helm-configmap.sh +++ b/hack/addons/add-warning-helm-configmap.sh @@ -8,6 +8,8 @@ readonly SCRIPT_DIR # shellcheck source=hack/common.sh source "${SCRIPT_DIR}/../common.sh" ASSETS_DIR="$(mktemp -d -p "${TMPDIR:-/tmp}")" +trap 'rm -rf "${ASSETS_DIR}"' EXIT + mv "${GIT_REPO_ROOT}/charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml" "${ASSETS_DIR}/helm-config.yaml" # add warning not to edit file directly cat <"${GIT_REPO_ROOT}/charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml" diff --git a/hack/addons/generate-mindthegap-repofile.sh b/hack/addons/generate-mindthegap-repofile.sh index dc5406603..c863321bf 100755 --- a/hack/addons/generate-mindthegap-repofile.sh +++ b/hack/addons/generate-mindthegap-repofile.sh @@ -9,15 +9,14 @@ readonly SCRIPT_DIR source "${SCRIPT_DIR}/../common.sh" ASSETS_DIR="$(mktemp -d -p "${TMPDIR:-/tmp}")" +trap 'rm -rf "${ASSETS_DIR}"' EXIT cp "${GIT_REPO_ROOT}/charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml" "${ASSETS_DIR}" -# this sed line is needed because the go library is unable to parse yaml with a template string. -sed -i s/"{{ .Values.helmAddonsConfigMap }}"/placeholder/g "${ASSETS_DIR}/helm-config.yaml" go run "${GIT_REPO_ROOT}/hack/tools/mindthegap-helm-reg/main.go" --input-configmap-file="${ASSETS_DIR}/helm-config.yaml" --output-file="${ASSETS_DIR}/repos.yaml" # add warning not to edit file directly -cat <"${GIT_REPO_ROOT}/hack/addons/mindthegap-helm-registry/repos.yaml" +cat <"${GIT_REPO_ROOT}/hack/addons/helm-chart-bundler/repos.yaml" $(cat "${GIT_REPO_ROOT}/hack/license-header.yaml.txt") #================================================================= diff --git a/hack/addons/mindthegap-helm-registry/Dockerfile b/hack/addons/helm-chart-bundler/Dockerfile similarity index 92% rename from hack/addons/mindthegap-helm-registry/Dockerfile rename to hack/addons/helm-chart-bundler/Dockerfile index 01e80998c..38c3ed2dd 100644 --- a/hack/addons/mindthegap-helm-registry/Dockerfile +++ b/hack/addons/helm-chart-bundler/Dockerfile @@ -2,7 +2,7 @@ ARG MINDTHEGAP_VERSION=v1.16.0 FROM --platform=${BUILDPLATFORM} ghcr.io/mesosphere/mindthegap:${MINDTHEGAP_VERSION} as bundle_builder # This gets called by goreleaser so the copy source has to be the path relative to the repo root. -RUN --mount=source=./hack/addons/mindthegap-helm-registry/repos.yaml,target=/repos.yaml \ +RUN --mount=source=./hack/addons/helm-chart-bundler/repos.yaml,target=/repos.yaml \ ["/ko-app/mindthegap", "create", "bundle", "--helm-charts-file=/repos.yaml", "--output-file=/tmp/helm-charts.tar"] FROM --platform=${TARGETPLATFORM} busybox:1.37.0-musl as static-busybox diff --git a/hack/addons/helm-chart-bundler/repos.yaml b/hack/addons/helm-chart-bundler/repos.yaml new file mode 100644 index 000000000..f6c762cee --- /dev/null +++ b/hack/addons/helm-chart-bundler/repos.yaml @@ -0,0 +1,8 @@ +# Copyright 2024 Nutanix. All rights reserved. +# SPDX-License-Identifier: Apache-2.0 + +#================================================================= +# DO NOT EDIT THIS FILE +# IT HAS BEEN GENERATED BY /hack/addons/generate-mindthegap-repofile.sh +#================================================================= +{} diff --git a/hack/addons/mindthegap-helm-registry/repos.yaml b/hack/addons/mindthegap-helm-registry/repos.yaml deleted file mode 100644 index 8f3be731f..000000000 --- a/hack/addons/mindthegap-helm-registry/repos.yaml +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright 2024 Nutanix. All rights reserved. -# SPDX-License-Identifier: Apache-2.0 - -#================================================================= -# DO NOT EDIT THIS FILE -# IT HAS BEEN GENERATED BY /hack/addons/generate-mindthegap-repofile.sh -#================================================================= -repositories: - aws-cloud-controller-manager: - repoURL: https://kubernetes.github.io/cloud-provider-aws - charts: - aws-cloud-controller-manager: - - 0.0.8 - aws-ebs-csi-driver: - repoURL: https://kubernetes-sigs.github.io/aws-ebs-csi-driver - charts: - aws-ebs-csi-driver: - - 2.35.1 - cilium: - repoURL: https://helm.cilium.io/ - charts: - cilium: - - 1.16.2 - cluster-autoscaler: - repoURL: https://kubernetes.github.io/autoscaler - charts: - cluster-autoscaler: - - 9.40.0 - local-path-provisioner: - repoURL: https://charts.containeroo.ch - charts: - local-path-provisioner: - - 0.0.29 - metallb: - repoURL: https://metallb.github.io/metallb - charts: - metallb: - - 0.14.8 - node-feature-discovery: - repoURL: https://kubernetes-sigs.github.io/node-feature-discovery/charts - charts: - node-feature-discovery: - - 0.16.4 - nutanix-cloud-provider: - repoURL: https://nutanix.github.io/helm/ - charts: - nutanix-cloud-provider: - - 0.4.1 - nutanix-csi-storage: - repoURL: https://nutanix.github.io/helm-releases/ - charts: - nutanix-csi-storage: - - 3.1.0 - snapshot-controller: - repoURL: https://piraeus.io/helm-charts/ - charts: - snapshot-controller: - - 3.0.6 - tigera-operator: - repoURL: https://docs.tigera.io/calico/charts - charts: - tigera-operator: - - v3.28.2 diff --git a/make/addons.mk b/make/addons.mk index 33b12f97b..a41a5a874 100644 --- a/make/addons.mk +++ b/make/addons.mk @@ -83,7 +83,7 @@ generate-mindthegap-repofile: generate-helm-configmap ; $(info $(M) generating h .PHONY: template-helm-repository template-helm-repository: generate-mindthegap-repofile ## this is used by gorealeaser to set the helm value to this. - sed -i '/RepositoryURL:/s#\(RepositoryURL: *\)\(.*\)#\1{{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}\2{{ end }}#' "./charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml" + sed -i 's#\(RepositoryURL: *\)\(.*\)#\1"{{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}\2{{ end }}"#' "./charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml" .PHONY: list-images list-images: