From fc1c981555010fb2fbb50af8421128aa997ce98b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 28 Sep 2021 12:46:36 -0700 Subject: [PATCH] release: update manifest and helm charts for v0.5.0 (#183) * release: update manifest and helm charts for v0.5.0 * fix: install the latest released charts from gh-pages Signed-off-by: GitHub Co-authored-by: chewong Co-authored-by: Ernest Wong --- Makefile | 2 +- charts/workload-identity-webhook/Chart.yaml | 4 ++-- charts/workload-identity-webhook/README.md | 5 +++-- ...zure-wi-webhook-controller-manager-deployment.yaml | 1 + charts/workload-identity-webhook/values.yaml | 7 ++++--- config/manager/kustomization.yaml | 2 +- deploy/azure-wi-webhook.yaml | 4 ++-- .../charts/workload-identity-webhook/Chart.yaml | 4 ++-- .../charts/workload-identity-webhook/README.md | 2 +- .../charts/workload-identity-webhook/values.yaml | 2 +- manifest_staging/deploy/azure-wi-webhook.yaml | 2 +- scripts/ci-e2e.sh | 11 +++++++---- .../gatekeeper/helmify/static/Chart.yaml | 4 ++-- .../gatekeeper/helmify/static/README.md | 2 +- .../gatekeeper/helmify/static/values.yaml | 2 +- 15 files changed, 30 insertions(+), 24 deletions(-) diff --git a/Makefile b/Makefile index a023c0ec9..2f81c6039 100644 --- a/Makefile +++ b/Makefile @@ -2,7 +2,7 @@ REGISTRY ?= mcr.microsoft.com/oss/azure/workload-identity PROXY_IMAGE_NAME := proxy INIT_IMAGE_NAME := proxy-init WEBHOOK_IMAGE_NAME := webhook -IMAGE_VERSION ?= v0.4.0 +IMAGE_VERSION ?= v0.5.0 ORG_PATH := github.com/Azure PROJECT_NAME := azure-workload-identity diff --git a/charts/workload-identity-webhook/Chart.yaml b/charts/workload-identity-webhook/Chart.yaml index cbbe308c8..a6c3254d3 100644 --- a/charts/workload-identity-webhook/Chart.yaml +++ b/charts/workload-identity-webhook/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: workload-identity-webhook description: A Helm chart to install the azure-workload-identity webhook type: application -version: 0.4.0 -appVersion: v0.4.0 +version: 0.5.0 +appVersion: v0.5.0 home: https://github.com/Azure/azure-workload-identity sources: - https://github.com/Azure/azure-workload-identity diff --git a/charts/workload-identity-webhook/README.md b/charts/workload-identity-webhook/README.md index c026678b3..0e9e0b3b2 100644 --- a/charts/workload-identity-webhook/README.md +++ b/charts/workload-identity-webhook/README.md @@ -32,10 +32,10 @@ helm upgrade -n azure-workload-identity-system [RELEASE_NAME] azure-workload-ide | Parameter | Description | Default | | :----------------- | :----------------------------------------------------------------------- | :------------------------------------------------------ | | labels | The labels to add to the azure-workload-identity webhook pods | `azure-workload-identity.io/system: "true"` | -| replicaCount | The number of azure-workload-identity replicas to deploy for the webhook | `1` | +| replicaCount | The number of azure-workload-identity replicas to deploy for the webhook | `2` | | image.repository | Image repository | `mcr.microsoft.com/oss/azure/workload-identity/webhook` | | image.pullPolicy | Image pullPolicy | `IfNotPresent` | -| image.release | The image release tag to use | Current release version: `v0.4.0` | +| image.release | The image release tag to use | Current release version: `v0.5.0` | | nodeSelector | The node selector to use for pod scheduling | `kubernetes.io/os: linux` | | arcCluster | Specify if it runs on Arc cluster | `false` | | resources | The resource request/limits for the container image | limits: 100m CPU, 30Mi, requests: 100m CPU, 20Mi | @@ -46,6 +46,7 @@ helm upgrade -n azure-workload-identity-system [RELEASE_NAME] azure-workload-ide | service.targetPort | Service target port | `9443` | | azureTenantID | [**REQUIRED**] Azure tenant ID | `` | | azureEnvironment | Azure Environment | `AzurePublicCloud` | +| logEncoder | The log encoder to use for the webhook manager (`json`, `console`) | `console` | ## Contributing Changes diff --git a/charts/workload-identity-webhook/templates/azure-wi-webhook-controller-manager-deployment.yaml b/charts/workload-identity-webhook/templates/azure-wi-webhook-controller-manager-deployment.yaml index e51b7701d..d6b707f31 100644 --- a/charts/workload-identity-webhook/templates/azure-wi-webhook-controller-manager-deployment.yaml +++ b/charts/workload-identity-webhook/templates/azure-wi-webhook-controller-manager-deployment.yaml @@ -27,6 +27,7 @@ spec: containers: - args: - --arc-cluster={{ .Values.arcCluster }} + - --log-encoder={{ .Values.logEncoder }} command: - /manager env: diff --git a/charts/workload-identity-webhook/values.yaml b/charts/workload-identity-webhook/values.yaml index 112a9abfe..d00192aee 100644 --- a/charts/workload-identity-webhook/values.yaml +++ b/charts/workload-identity-webhook/values.yaml @@ -2,14 +2,14 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -labels: +labels: azure-workload-identity.io/system: "true" -replicaCount: 1 +replicaCount: 2 image: repository: mcr.microsoft.com/oss/azure/workload-identity/webhook pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - release: v0.4.0 + release: v0.5.0 nodeSelector: kubernetes.io/os: linux arcCluster: false @@ -28,3 +28,4 @@ service: targetPort: 9443 azureEnvironment: AzurePublicCloud azureTenantID: +logEncoder: console diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 341c5fe9d..a17ccee6b 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -5,7 +5,7 @@ kind: Kustomization images: - name: manager newName: mcr.microsoft.com/oss/azure/workload-identity/webhook - newTag: v0.4.0 + newTag: v0.5.0 configMapGenerator: - literals: - AZURE_TENANT_ID="${AZURE_TENANT_ID}" diff --git a/deploy/azure-wi-webhook.yaml b/deploy/azure-wi-webhook.yaml index 7e4426e2d..be85feb75 100644 --- a/deploy/azure-wi-webhook.yaml +++ b/deploy/azure-wi-webhook.yaml @@ -139,7 +139,7 @@ metadata: name: azure-wi-webhook-controller-manager namespace: azure-workload-identity-system spec: - replicas: 1 + replicas: 2 selector: matchLabels: azure-workload-identity.io/system: "true" @@ -162,7 +162,7 @@ spec: envFrom: - configMapRef: name: azure-wi-webhook-config - image: mcr.microsoft.com/oss/azure/workload-identity/webhook:v0.4.0 + image: mcr.microsoft.com/oss/azure/workload-identity/webhook:v0.5.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/manifest_staging/charts/workload-identity-webhook/Chart.yaml b/manifest_staging/charts/workload-identity-webhook/Chart.yaml index cbbe308c8..a6c3254d3 100644 --- a/manifest_staging/charts/workload-identity-webhook/Chart.yaml +++ b/manifest_staging/charts/workload-identity-webhook/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: workload-identity-webhook description: A Helm chart to install the azure-workload-identity webhook type: application -version: 0.4.0 -appVersion: v0.4.0 +version: 0.5.0 +appVersion: v0.5.0 home: https://github.com/Azure/azure-workload-identity sources: - https://github.com/Azure/azure-workload-identity diff --git a/manifest_staging/charts/workload-identity-webhook/README.md b/manifest_staging/charts/workload-identity-webhook/README.md index 2a4a8f2bf..0e9e0b3b2 100644 --- a/manifest_staging/charts/workload-identity-webhook/README.md +++ b/manifest_staging/charts/workload-identity-webhook/README.md @@ -35,7 +35,7 @@ helm upgrade -n azure-workload-identity-system [RELEASE_NAME] azure-workload-ide | replicaCount | The number of azure-workload-identity replicas to deploy for the webhook | `2` | | image.repository | Image repository | `mcr.microsoft.com/oss/azure/workload-identity/webhook` | | image.pullPolicy | Image pullPolicy | `IfNotPresent` | -| image.release | The image release tag to use | Current release version: `v0.4.0` | +| image.release | The image release tag to use | Current release version: `v0.5.0` | | nodeSelector | The node selector to use for pod scheduling | `kubernetes.io/os: linux` | | arcCluster | Specify if it runs on Arc cluster | `false` | | resources | The resource request/limits for the container image | limits: 100m CPU, 30Mi, requests: 100m CPU, 20Mi | diff --git a/manifest_staging/charts/workload-identity-webhook/values.yaml b/manifest_staging/charts/workload-identity-webhook/values.yaml index 27a8ab2a6..d00192aee 100644 --- a/manifest_staging/charts/workload-identity-webhook/values.yaml +++ b/manifest_staging/charts/workload-identity-webhook/values.yaml @@ -9,7 +9,7 @@ image: repository: mcr.microsoft.com/oss/azure/workload-identity/webhook pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - release: v0.4.0 + release: v0.5.0 nodeSelector: kubernetes.io/os: linux arcCluster: false diff --git a/manifest_staging/deploy/azure-wi-webhook.yaml b/manifest_staging/deploy/azure-wi-webhook.yaml index ce3ebdf97..be85feb75 100644 --- a/manifest_staging/deploy/azure-wi-webhook.yaml +++ b/manifest_staging/deploy/azure-wi-webhook.yaml @@ -162,7 +162,7 @@ spec: envFrom: - configMapRef: name: azure-wi-webhook-config - image: mcr.microsoft.com/oss/azure/workload-identity/webhook:v0.4.0 + image: mcr.microsoft.com/oss/azure/workload-identity/webhook:v0.5.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/scripts/ci-e2e.sh b/scripts/ci-e2e.sh index 80501b390..ec49865ab 100755 --- a/scripts/ci-e2e.sh +++ b/scripts/ci-e2e.sh @@ -98,13 +98,16 @@ main() { test_helm_chart() { readonly HELM="${REPO_ROOT}/hack/tools/bin/helm" - ${KUBECTL} create namespace azure-workload-identity-system - # test helm upgrade from chart to manifest_staging/chart - - ${HELM} install workload-identity-webhook "${REPO_ROOT}/charts/workload-identity-webhook" \ + # test helm upgrade from the latest released chart to manifest_staging/chart + # TODO(chewong) switch to https://azure.github.io/azure-workload-identity/charts once it is available + git checkout origin/gh-pages -- "${REPO_ROOT}/charts/" + # shellcheck disable=SC2086 + LATEST_CHART_TARBALL="$(find ${REPO_ROOT}/charts/workload-identity-webhook-*.tgz | sort | tail -n 1)" + ${HELM} install workload-identity-webhook "${LATEST_CHART_TARBALL}" \ --set azureTenantID="${AZURE_TENANT_ID}" \ --namespace azure-workload-identity-system \ + --create-namespace \ --wait poll_webhook_readiness # TODO(chewong): enable init containers test once v0.5.0 is released diff --git a/third_party/open-policy-agent/gatekeeper/helmify/static/Chart.yaml b/third_party/open-policy-agent/gatekeeper/helmify/static/Chart.yaml index cbbe308c8..a6c3254d3 100644 --- a/third_party/open-policy-agent/gatekeeper/helmify/static/Chart.yaml +++ b/third_party/open-policy-agent/gatekeeper/helmify/static/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: workload-identity-webhook description: A Helm chart to install the azure-workload-identity webhook type: application -version: 0.4.0 -appVersion: v0.4.0 +version: 0.5.0 +appVersion: v0.5.0 home: https://github.com/Azure/azure-workload-identity sources: - https://github.com/Azure/azure-workload-identity diff --git a/third_party/open-policy-agent/gatekeeper/helmify/static/README.md b/third_party/open-policy-agent/gatekeeper/helmify/static/README.md index 2a4a8f2bf..0e9e0b3b2 100644 --- a/third_party/open-policy-agent/gatekeeper/helmify/static/README.md +++ b/third_party/open-policy-agent/gatekeeper/helmify/static/README.md @@ -35,7 +35,7 @@ helm upgrade -n azure-workload-identity-system [RELEASE_NAME] azure-workload-ide | replicaCount | The number of azure-workload-identity replicas to deploy for the webhook | `2` | | image.repository | Image repository | `mcr.microsoft.com/oss/azure/workload-identity/webhook` | | image.pullPolicy | Image pullPolicy | `IfNotPresent` | -| image.release | The image release tag to use | Current release version: `v0.4.0` | +| image.release | The image release tag to use | Current release version: `v0.5.0` | | nodeSelector | The node selector to use for pod scheduling | `kubernetes.io/os: linux` | | arcCluster | Specify if it runs on Arc cluster | `false` | | resources | The resource request/limits for the container image | limits: 100m CPU, 30Mi, requests: 100m CPU, 20Mi | diff --git a/third_party/open-policy-agent/gatekeeper/helmify/static/values.yaml b/third_party/open-policy-agent/gatekeeper/helmify/static/values.yaml index 27a8ab2a6..d00192aee 100644 --- a/third_party/open-policy-agent/gatekeeper/helmify/static/values.yaml +++ b/third_party/open-policy-agent/gatekeeper/helmify/static/values.yaml @@ -9,7 +9,7 @@ image: repository: mcr.microsoft.com/oss/azure/workload-identity/webhook pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - release: v0.4.0 + release: v0.5.0 nodeSelector: kubernetes.io/os: linux arcCluster: false