airship
/
promenade
Code Issues Proposed changes

k8s upgrade to 1.26.0 

upgrades kubernetes client to v1.26.0
remove installation of containerd during genesis.sh to prevent containerd downgrade
update bitnami kubectl image to image with curl installed for readiness check

Change-Id: I3afd5a7e7211bae3f52263167a62a012da0619a0
This commit is contained in:
SPEARS, DUSTIN (ds443n) 2022-12-29 16:43:47 -05:00
parent 8ce937a9f7
commit 27a8b0d798
34 changed files with 118 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
charts/apiserver-webhook/values.yaml
View File

@ -17,7 +17,7 @@ release_uuid: null
images: images:
tags: tags:
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.24.4 apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.26.0
kubernetes_keystone_webhook: docker.io/k8scloudprovider/k8s-keystone-auth:latest kubernetes_keystone_webhook: docker.io/k8scloudprovider/k8s-keystone-auth:latest
scripted_test: docker.io/openstackhelm/heat:newton scripted_test: docker.io/openstackhelm/heat:newton
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1

6
charts/apiserver/values.yaml
View File

@ -58,9 +58,9 @@ const:
images: images:
tags: tags:
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.24.4 apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.26.0
key_rotate: bitnami/kubectl:1.24.4 key_rotate: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
pull_policy: "IfNotPresent" pull_policy: "IfNotPresent"
local_registry: local_registry:
active: false active: false

4
charts/controller_manager/values.yaml
View File

@ -16,8 +16,8 @@ release_group: null
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.24.4 controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.26.0
pull_policy: "IfNotPresent" pull_policy: "IfNotPresent"
labels: labels:

2
charts/haproxy/values.yaml
View File

@ -64,7 +64,7 @@ conf:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
haproxy: haproxy:1.8.25 haproxy: haproxy:1.8.25
test: python:3.6 test: python:3.6
pull_policy: "IfNotPresent" pull_policy: "IfNotPresent"

2
charts/proxy/values.yaml
View File

@ -68,7 +68,7 @@ pod:
images: images:
tags: tags:
proxy: k8s.gcr.io/kube-proxy-amd64:v1.24.4 proxy: k8s.gcr.io/kube-proxy-amd64:v1.26.0
pull_policy: "IfNotPresent" pull_policy: "IfNotPresent"
proxy: proxy:

4
charts/scheduler/values.yaml
View File

@ -85,8 +85,8 @@ secrets:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.24.4 scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.26.0
pull_policy: "IfNotPresent" pull_policy: "IfNotPresent"
network: network:

6
doc/source/configuration/genesis.rst
View File

@ -42,10 +42,10 @@ Here is a complete sample document:
images: images:
armada: quay.io/airshipit/armada:latest armada: quay.io/airshipit/armada:latest
kubernetes: kubernetes:
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.24.4 apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.26.0
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.24.4 controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.26.0
etcd: quay.io/coreos/etcd:v3.5.4 etcd: quay.io/coreos/etcd:v3.5.4
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.24.4 scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.26.0
files: files:
- path: /var/lib/anchor/calico-etcd-bootstrap - path: /var/lib/anchor/calico-etcd-bootstrap
content: "" content: ""

8
doc/source/configuration/host-system.rst
View File

@ -16,13 +16,13 @@ Sample Document to run containers in Docker runtime
data: data:
files: files:
- path: /opt/kubernetes/bin/kubelet - path: /opt/kubernetes/bin/kubelet
tar_url: https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz tar_url: https://dl.k8s.io/v1.26.0/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet tar_path: kubernetes/node/bin/kubelet
mode: 0555 mode: 0555
images: images:
haproxy: haproxy:1.8.3 haproxy: haproxy:1.8.3
helm: helm:
helm: lachlanevenson/k8s-helm:v3.9.4 helm: lachlanevenson/k8s-helm:v3.10.2
monitoring_image: busybox:1.28.3 monitoring_image: busybox:1.28.3
packages: packages:
repositories: repositories:
@ -115,13 +115,13 @@ Sample Document to run containers in Containerd runtime
data: data:
files: files:
- path: /opt/kubernetes/bin/kubelet - path: /opt/kubernetes/bin/kubelet
tar_url: https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz tar_url: https://dl.k8s.io/v1.26.0/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet tar_path: kubernetes/node/bin/kubelet
mode: 0555 mode: 0555
images: images:
haproxy: haproxy:1.8.3 haproxy: haproxy:1.8.3
helm: helm:
helm: lachlanevenson/k8s-helm:v3.9.4 helm: lachlanevenson/k8s-helm:v3.10.2
monitoring_image: busybox:1.28.3 monitoring_image: busybox:1.28.3
packages: packages:
additional: additional:

6
examples/basic/Genesis.yaml
View File

@ -46,10 +46,10 @@ data:
images: images:
armada: quay.io/airshipit/armada:master-ubuntu_bionic armada: quay.io/airshipit/armada:master-ubuntu_bionic
kubernetes: kubernetes:
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.24.4 apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.26.0
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.24.4 controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.26.0
etcd: quay.io/coreos/etcd:v3.5.4 etcd: quay.io/coreos/etcd:v3.5.4
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.24.4 scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.26.0
files: files:
- path: /var/lib/anchor/calico-etcd-bootstrap - path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping" content: "# placeholder for triggering calico etcd bootstrapping"

4
examples/basic/HostSystem.yaml
View File

@ -13,11 +13,11 @@ data:
enable: true enable: true
files: files:
- path: /opt/kubernetes/bin/kubelet - path: /opt/kubernetes/bin/kubelet
tar_url: https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz tar_url: https://dl.k8s.io/v1.26.0/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet tar_path: kubernetes/node/bin/kubelet
mode: 0555 mode: 0555
- path: /usr/local/bin/kubectl - path: /usr/local/bin/kubectl
tar_url: https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz tar_url: https://dl.k8s.io/v1.26.0/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubectl tar_path: kubernetes/node/bin/kubectl
mode: 0555 mode: 0555
- path: /etc/systemd/system/kube-cgroup.service - path: /etc/systemd/system/kube-cgroup.service

16
examples/basic/armada-resources.yaml
View File

@ -159,7 +159,7 @@ data:
values: values:
images: images:
tags: tags:
proxy: k8s.gcr.io/kube-proxy-amd64:v1.24.4 proxy: k8s.gcr.io/kube-proxy-amd64:v1.26.0
network: network:
kubernetes_netloc: 127.0.0.1:6553 kubernetes_netloc: 127.0.0.1:6553
source: source:
@ -626,7 +626,7 @@ data:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
haproxy: haproxy:1.8.3 haproxy: haproxy:1.8.3
test: python:3.6 test: python:3.6
@ -734,8 +734,8 @@ data:
endpoints: https://127.0.0.1:2378 endpoints: https://127.0.0.1:2378
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.24.4 apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.26.0
network: network:
kubernetes_service_ip: 10.96.0.1 kubernetes_service_ip: 10.96.0.1
pod_cidr: 10.97.0.0/16 pod_cidr: 10.97.0.0/16
@ -800,8 +800,8 @@ data:
values: values:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.24.4 controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.26.0
secrets: secrets:
service_account: service_account:
private_key: placeholder private_key: placeholder
@ -874,8 +874,8 @@ data:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.24.4 scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.26.0
source: source:
type: local type: local

6
examples/complete/Genesis.yaml
View File

@ -35,10 +35,10 @@ data:
images: images:
armada: quay.io/airshipit/armada:master-ubuntu_bionic armada: quay.io/airshipit/armada:master-ubuntu_bionic
kubernetes: kubernetes:
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.24.4 apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.26.0
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.24.4 controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.26.0
etcd: quay.io/coreos/etcd:v3.5.4 etcd: quay.io/coreos/etcd:v3.5.4
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.24.4 scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.26.0
files: files:
- path: /var/lib/anchor/calico-etcd-bootstrap - path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping" content: "# placeholder for triggering calico etcd bootstrapping"

4
examples/complete/HostSystem.yaml
View File

@ -13,11 +13,11 @@ data:
enable: true enable: true
files: files:
- path: /opt/kubernetes/bin/kubelet - path: /opt/kubernetes/bin/kubelet
tar_url: https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz tar_url: https://dl.k8s.io/v1.26.0/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet tar_path: kubernetes/node/bin/kubelet
mode: 0555 mode: 0555
- path: /usr/local/bin/kubectl - path: /usr/local/bin/kubectl
tar_url: https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz tar_url: https://dl.k8s.io/v1.26.0/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubectl tar_path: kubernetes/node/bin/kubectl
mode: 0555 mode: 0555
- path: /etc/systemd/system/kube-cgroup.service - path: /etc/systemd/system/kube-cgroup.service

16
examples/complete/armada-resources.yaml
View File

@ -200,7 +200,7 @@ data:
values: values:
images: images:
tags: tags:
proxy: k8s.gcr.io/kube-proxy-amd64:v1.24.4 proxy: k8s.gcr.io/kube-proxy-amd64:v1.26.0
network: network:
kubernetes_netloc: 127.0.0.1:6553 kubernetes_netloc: 127.0.0.1:6553
source: source:
@ -642,7 +642,7 @@ data:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
haproxy: haproxy:1.8.3 haproxy: haproxy:1.8.3
test: python:3.6 test: python:3.6
@ -735,8 +735,8 @@ data:
endpoints: https://127.0.0.1:2378 endpoints: https://127.0.0.1:2378
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.24.4 apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.26.0
secrets: secrets:
service_account: service_account:
public_key: placeholder public_key: placeholder
@ -812,8 +812,8 @@ data:
values: values:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.24.4 controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.26.0
secrets: secrets:
service_account: service_account:
private_key: placeholder private_key: placeholder
@ -885,8 +885,8 @@ data:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.24.4 scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.26.0
source: source:
type: local type: local

6
examples/containerd/Genesis.yaml
View File

@ -46,10 +46,10 @@ data:
images: images:
armada: quay.io/airshipit/armada:master-ubuntu_bionic armada: quay.io/airshipit/armada:master-ubuntu_bionic
kubernetes: kubernetes:
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.24.4 apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.26.0
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.24.4 controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.26.0
etcd: quay.io/coreos/etcd:v3.5.4 etcd: quay.io/coreos/etcd:v3.5.4
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.24.4 scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.26.0
files: files:
- path: /var/lib/anchor/calico-etcd-bootstrap - path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping" content: "# placeholder for triggering calico etcd bootstrapping"

7
examples/containerd/HostSystem.yaml
View File

@ -13,11 +13,11 @@ data:
enable: true enable: true
files: files:
- path: /opt/kubernetes/bin/kubelet - path: /opt/kubernetes/bin/kubelet
tar_url: https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz tar_url: https://dl.k8s.io/v1.26.0/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet tar_path: kubernetes/node/bin/kubelet
mode: 0555 mode: 0555
- path: /usr/local/bin/kubectl - path: /usr/local/bin/kubectl
tar_url: https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz tar_url: https://dl.k8s.io/v1.26.0/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubectl tar_path: kubernetes/node/bin/kubectl
mode: 0555 mode: 0555
- path: /etc/systemd/system/kube-cgroup.service - path: /etc/systemd/system/kube-cgroup.service
@ -94,7 +94,6 @@ data:
- jq - jq
- chrony - chrony
required: required:
runtime: containerd
socat: socat socat: socat
genesis: genesis:
additional: additional:
@ -103,7 +102,6 @@ data:
- jq - jq
- chrony - chrony
required: required:
runtime: containerd
socat: socat socat: socat
join: join:
additional: additional:
@ -112,7 +110,6 @@ data:
- jq - jq
- chrony - chrony
required: required:
runtime: containerd
socat: socat socat: socat
validation: validation:
pod_logs: pod_logs:

16
examples/containerd/armada-resources.yaml
View File

@ -159,7 +159,7 @@ data:
values: values:
images: images:
tags: tags:
proxy: k8s.gcr.io/kube-proxy-amd64:v1.24.4 proxy: k8s.gcr.io/kube-proxy-amd64:v1.26.0
network: network:
kubernetes_netloc: 127.0.0.1:6553 kubernetes_netloc: 127.0.0.1:6553
source: source:
@ -523,7 +523,7 @@ data:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
haproxy: haproxy:1.8.3 haproxy: haproxy:1.8.3
test: python:3.6 test: python:3.6
@ -632,8 +632,8 @@ data:
endpoints: https://127.0.0.1:2378 endpoints: https://127.0.0.1:2378
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.24.4 apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.26.0
network: network:
kubernetes_service_ip: 10.96.0.1 kubernetes_service_ip: 10.96.0.1
pod_cidr: 10.97.0.0/16 pod_cidr: 10.97.0.0/16
@ -698,8 +698,8 @@ data:
values: values:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.24.4 controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.26.0
secrets: secrets:
service_account: service_account:
private_key: placeholder private_key: placeholder
@ -772,8 +772,8 @@ data:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.24.4 scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.26.0
source: source:
type: local type: local

6
examples/gate/Genesis.yaml
View File

@ -46,10 +46,10 @@ data:
images: images:
armada: quay.io/airshipit/armada:master-ubuntu_bionic armada: quay.io/airshipit/armada:master-ubuntu_bionic
kubernetes: kubernetes:
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.24.4 apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.26.0
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.24.4 controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.26.0
etcd: quay.io/coreos/etcd:v3.5.4 etcd: quay.io/coreos/etcd:v3.5.4
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.24.4 scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.26.0
files: files:
- path: /var/lib/anchor/calico-etcd-bootstrap - path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping" content: "# placeholder for triggering calico etcd bootstrapping"

4
examples/gate/HostSystem.yaml
View File

@ -13,11 +13,11 @@ data:
enable: true enable: true
files: files:
- path: /opt/kubernetes/bin/kubelet - path: /opt/kubernetes/bin/kubelet
tar_url: https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz tar_url: https://dl.k8s.io/v1.26.0/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet tar_path: kubernetes/node/bin/kubelet
mode: 0555 mode: 0555
- path: /usr/local/bin/kubectl - path: /usr/local/bin/kubectl
tar_url: https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz tar_url: https://dl.k8s.io/v1.26.0/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubectl tar_path: kubernetes/node/bin/kubectl
mode: 0555 mode: 0555
- path: /etc/systemd/system/kube-cgroup.service - path: /etc/systemd/system/kube-cgroup.service

16
examples/gate/armada-resources.yaml
View File

@ -159,7 +159,7 @@ data:
values: values:
images: images:
tags: tags:
proxy: k8s.gcr.io/kube-proxy-amd64:v1.24.4 proxy: k8s.gcr.io/kube-proxy-amd64:v1.26.0
network: network:
kubernetes_netloc: 127.0.0.1:6553 kubernetes_netloc: 127.0.0.1:6553
source: source:
@ -529,7 +529,7 @@ data:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
haproxy: haproxy:1.8.3 haproxy: haproxy:1.8.3
test: python:3.6 test: python:3.6
@ -638,8 +638,8 @@ data:
endpoints: https://127.0.0.1:2378 endpoints: https://127.0.0.1:2378
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.24.4 apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.26.0
network: network:
kubernetes_service_ip: 10.96.0.1 kubernetes_service_ip: 10.96.0.1
pod_cidr: 10.97.0.0/16 pod_cidr: 10.97.0.0/16
@ -704,8 +704,8 @@ data:
values: values:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.24.4 controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.26.0
secrets: secrets:
service_account: service_account:
private_key: placeholder private_key: placeholder
@ -778,8 +778,8 @@ data:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.24.4 scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.26.0
source: source:
type: local type: local

2
promenade/builder.py
View File

@ -191,7 +191,7 @@ def _fetch_tar_url(url):
# by a timeout. # by a timeout.
for attempt in itertools.count(): for attempt in itertools.count():
try: try:
response = requests.get(url) response = requests.get(url, timeout=5)
response.raise_for_status() response.raise_for_status()
break break
except requests.exceptions.RequestException: except requests.exceptions.RequestException:

2
promenade/design_ref.py
View File

@ -30,7 +30,7 @@ def get_documents(design_ref, ctx=None):
def _get_from_basic_web(design_ref): def _get_from_basic_web(design_ref):
return requests.get(design_ref) return requests.get(design_ref, timeout=5)
def _get_from_deckhand(design_ref, ctx=None): def _get_from_deckhand(design_ref, ctx=None):

23
promenade/encryption_method.py
View File

@ -167,16 +167,17 @@ def _detect_gpg_version():
def _generate_key(): def _generate_key():
# Ignore bandit false positive: with tempfile.TemporaryDirectory() as tmp:
# B603:subprocess_without_shell_equals_true # Ignore bandit false positive:
# This method takes no input and generates random output. # B603:subprocess_without_shell_equals_true
result = subprocess.run( # nosec # This method takes no input and generates random output.
['/usr/bin/openssl', 'rand', '-hex', '48'], result = subprocess.run( # nosec
check=True, ['/usr/bin/openssl', 'rand', '-hex', '48'],
env={ check=True,
'RANDFILE': '/tmp/rnd', env={
}, 'RANDFILE': tmp,
stdout=subprocess.PIPE, },
) stdout=subprocess.PIPE,
)
return result.stdout.decode().strip() return result.stdout.decode().strip()

4
promenade/tar_bundler.py
View File

@ -31,9 +31,11 @@ class TarBundler:
if tar_info.size > 0: if tar_info.size > 0:
# Ignore bandit false positive: B303:blacklist # Ignore bandit false positive: B303:blacklist
# This is a basic checksum for debugging not a secure hash. # This is a basic checksum for debugging not a secure hash.
checksum = hashlib.new('md5', usedforsecurity=False)
checksum.update(data_bytes)
LOG.debug( # nosec LOG.debug( # nosec
'Adding file path=%s size=%s md5=%s', path, tar_info.size, 'Adding file path=%s size=%s md5=%s', path, tar_info.size,
hashlib.md5(data_bytes).hexdigest()) checksum.hexdigest())
else: else:
LOG.warning('Zero length file added to path=%s', path) LOG.warning('Zero length file added to path=%s', path)

2
requirements-direct.txt
View File

@ -7,7 +7,7 @@ jsonschema==3.2.0
keystoneauth1==5.1.1 keystoneauth1==5.1.1
keystonemiddleware==10.2.0 keystonemiddleware==10.2.0
setuptools==67.0.0 setuptools==67.0.0
kubernetes==24.2.0 kubernetes==26.1.0
oslo.context==5.0.0 oslo.context==5.0.0
oslo.policy==4.0.0 oslo.policy==4.0.0
PasteDeploy==3.0.1 PasteDeploy==3.0.1

2
requirements-frozen.txt
View File

@ -45,7 +45,7 @@ jsonschema==3.2.0
keystoneauth1==5.1.1 keystoneauth1==5.1.1
keystonemiddleware==10.2.0 keystonemiddleware==10.2.0
kombu==5.1.0 kombu==5.1.0
kubernetes==24.2.0 kubernetes==26.1.0
Mako==1.2.4 Mako==1.2.4
MarkupSafe==2.1.2 MarkupSafe==2.1.2
mccabe==0.6.1 mccabe==0.6.1

8
tests/unit/api/test_validatedesign.py
View File

@ -104,13 +104,13 @@ VALID_DOCS = [
'armada': 'quay.io/airshipit/armada:master-ubuntu_bionic', 'armada': 'quay.io/airshipit/armada:master-ubuntu_bionic',
'kubernetes': { 'kubernetes': {
'apiserver': 'apiserver':
'k8s.gcr.io/kube-apiserver-amd64:v1.24.4', 'k8s.gcr.io/kube-apiserver-amd64:v1.26.0',
'controller-manager': 'controller-manager':
'k8s.gcr.io/kube-controller-manager-amd64:v1.24.4', 'k8s.gcr.io/kube-controller-manager-amd64:v1.26.0',
'etcd': 'etcd':
'quay.io/coreos/etcd:v3.5.4', 'quay.io/coreos/etcd:v3.5.4',
'scheduler': 'scheduler':
'k8s.gcr.io/kube-scheduler-amd64:v1.24.4' 'k8s.gcr.io/kube-scheduler-amd64:v1.26.0'
} }
}, },
'ip': 'ip':
@ -146,7 +146,7 @@ VALID_DOCS = [
'tar_path': 'tar_path':
'kubernetes/node/bin/kubelet', 'kubernetes/node/bin/kubelet',
'tar_url': 'tar_url':
'https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz' 'https://dl.k8s.io/v1.26.0/kubernetes-node-linux-amd64.tar.gz'
}, },
{ {
'content': 'content':

6
tests/unit/builder_data/simple/Genesis.yaml
View File

@ -32,10 +32,10 @@ data:
images: images:
armada: quay.io/airshipit/armada:master-ubuntu_bionic armada: quay.io/airshipit/armada:master-ubuntu_bionic
kubernetes: kubernetes:
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.24.4 apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.26.0
controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.24.4 controller-manager: k8s.gcr.io/kube-controller-manager-amd64:v1.26.0
etcd: quay.io/coreos/etcd:v3.5.4 etcd: quay.io/coreos/etcd:v3.5.4
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.24.4 scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.26.0
files: files:
- path: /var/lib/anchor/calico-etcd-bootstrap - path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping" content: "# placeholder for triggering calico etcd bootstrapping"

2
tests/unit/builder_data/simple/HostSystem.yaml
View File

@ -14,7 +14,7 @@ data:
# attempt to actually run Kubernetes, only to construct the genesis and # attempt to actually run Kubernetes, only to construct the genesis and
# join scripts. # join scripts.
# - path: /opt/kubernetes/bin/kubelet # - path: /opt/kubernetes/bin/kubelet
# tar_url: https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz # tar_url: https://dl.k8s.io/v1.26.0/kubernetes-node-linux-amd64.tar.gz
# tar_path: kubernetes/node/bin/kubelet # tar_path: kubernetes/node/bin/kubelet
# mode: 0555 # mode: 0555
- path: /etc/logrotate.d/json-logrotate - path: /etc/logrotate.d/json-logrotate

16
tests/unit/builder_data/simple/armada-resources.yaml
View File

@ -160,7 +160,7 @@ data:
values: values:
images: images:
tags: tags:
proxy: k8s.gcr.io/kube-proxy-amd64:v1.24.4 proxy: k8s.gcr.io/kube-proxy-amd64:v1.26.0
network: network:
kubernetes_netloc: 127.0.0.1:6553 kubernetes_netloc: 127.0.0.1:6553
source: source:
@ -535,7 +535,7 @@ data:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
haproxy: haproxy:1.8.3 haproxy: haproxy:1.8.3
test: python:3.6 test: python:3.6
@ -634,8 +634,8 @@ data:
endpoints: https://127.0.0.1:2378 endpoints: https://127.0.0.1:2378
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.24.4 apiserver: k8s.gcr.io/kube-apiserver-amd64:v1.26.0
secrets: secrets:
service_account: service_account:
public_key: placeholder public_key: placeholder
@ -711,8 +711,8 @@ data:
values: values:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.24.4 controller_manager: k8s.gcr.io/kube-controller-manager-amd64:v1.26.0
secrets: secrets:
service_account: service_account:
private_key: placeholder private_key: placeholder
@ -784,8 +784,8 @@ data:
images: images:
tags: tags:
anchor: bitnami/kubectl:1.24.4 anchor: quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.24.4 scheduler: k8s.gcr.io/kube-scheduler-amd64:v1.26.0
source: source:
type: local type: local

12
tools/gate/default-config-env
View File

@ -8,9 +8,9 @@ IMAGE_DEP_CHECK=quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
IMAGE_ETCD=quay.io/coreos/etcd:v3.5.4 IMAGE_ETCD=quay.io/coreos/etcd:v3.5.4
IMAGE_HAPROXY=haproxy:1.8.3 IMAGE_HAPROXY=haproxy:1.8.3
IMAGE_HELM=lachlanevenson/k8s-helm:v3.9.4 IMAGE_HELM=lachlanevenson/k8s-helm:v3.9.4
IMAGE_APISERVER=k8s.gcr.io/kube-apiserver-amd64:v1.24.4 IMAGE_APISERVER=k8s.gcr.io/kube-apiserver-amd64:v1.26.0
IMAGE_CONTROLLER_MANAGER=k8s.gcr.io/kube-controller-manager-amd64:v1.24.4 IMAGE_CONTROLLER_MANAGER=k8s.gcr.io/kube-controller-manager-amd64:v1.26.0
IMAGE_SCHEDULER=k8s.gcr.io/kube-scheduler-amd64:v1.24.4 IMAGE_SCHEDULER=k8s.gcr.io/kube-scheduler-amd64:v1.26.0
IMAGE_PROXY=k8s.gcr.io/kube-proxy-amd64:v1.24.4 IMAGE_PROXY=k8s.gcr.io/kube-proxy-amd64:v1.26.0
IMAGE_ANCHOR=bitnami/kubectl:1.24.4 IMAGE_ANCHOR=quay.io/airshipit/porthole-compute-utility:master-ubuntu_focal
KUBELET_URL=https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz KUBELET_URL=https://dl.k8s.io/v1.26.0/kubernetes-node-linux-amd64.tar.gz

10
tools/registry/IMAGES
View File

@ -1,10 +1,10 @@
# source_name, tag, cache_name # source_name, tag, cache_name
coredns/coredns,1.9.4,coredns coredns/coredns,1.9.4,coredns
bitnami/kubectl,1.24.4,kubectl quay.io/airshipit/porthole-compute-utility,master-ubuntu_focal,kubectl
k8s.gcr.io/kube-apiserver-amd64,v1.24.4,apiserver k8s.gcr.io/kube-apiserver-amd64,v1.26.0,apiserver
k8s.gcr.io/kube-controller-manager-amd64,v1.24.4,controller-manager k8s.gcr.io/kube-controller-manager-amd64,v1.26.0,controller-manager
k8s.gcr.io/kube-scheduler-amd64,v1.24.4,scheduler k8s.gcr.io/kube-scheduler-amd64,v1.26.0,scheduler
k8s.gcr.io/kube-proxy-amd64,v1.24.4,proxy k8s.gcr.io/kube-proxy-amd64,v1.26.0,proxy
lachlanevenson/k8s-helm,v3.9.4,helm lachlanevenson/k8s-helm,v3.9.4,helm
quay.io/airshipit/armada,master,armada quay.io/airshipit/armada,master,armada
quay.io/calico/cni,v3.4.0,calico-cni quay.io/calico/cni,v3.4.0,calico-cni

1
tools/setup_gate.sh
View File

@ -23,6 +23,7 @@ sudo apt-get install -q -y --no-install-recommends --allow-downgrades \
apt-transport-https \ apt-transport-https \
build-essential \ build-essential \
ca-certificates \ ca-certificates \
apt-utils \
curl \ curl \
fio \ fio \
genisoimage \ genisoimage \

4
tox.ini
View File

@ -25,7 +25,7 @@ commands =
deps = deps =
-r{toxinidir}/test-requirements.txt -r{toxinidir}/test-requirements.txt
commands = commands =
bandit -r promenade bandit --skip B324 -r promenade
[testenv:docs] [testenv:docs]
pass_env = {[pkgenv]pass_env} pass_env = {[pkgenv]pass_env}
@ -64,7 +64,7 @@ deps =
commands = commands =
yapf -rd {toxinidir}/promenade {toxinidir}/tests {toxinidir}/tools/image_tags.py yapf -rd {toxinidir}/promenade {toxinidir}/tests {toxinidir}/tools/image_tags.py
flake8 {toxinidir}/promenade flake8 {toxinidir}/promenade
bandit -r promenade bandit --skip B324 -r promenade
[flake8] [flake8]
# [H106] Don't put vim configuration in source files. # [H106] Don't put vim configuration in source files.