diff --git a/docs/bundle.md b/docs/bundle.md index bf3ac17c..ea29489f 100644 --- a/docs/bundle.md +++ b/docs/bundle.md @@ -26,7 +26,7 @@ bundle: { } podinfo: { module: url: "oci://ghcr.io/stefanprodan/modules/podinfo" - module: version: "6.5.2" + module: version: "6.5.3" namespace: "podinfo" values: caching: { enabled: true @@ -84,8 +84,8 @@ Apply the Bundle on the cluster: waiting for 2 resource(s) to become ready... resources are ready applying instance podinfo - pulling oci://ghcr.io/stefanprodan/modules/podinfo:6.5.2 - using module timoni.sh/podinfo version 6.5.2 + pulling oci://ghcr.io/stefanprodan/modules/podinfo:6.5.3 + using module timoni.sh/podinfo version 6.5.3 installing podinfo in namespace podinfo ServiceAccount/podinfo/podinfo created Service/podinfo/podinfo created @@ -125,7 +125,7 @@ Build the Bundle and print the resulting Kubernetes resources for all the Bundle metadata: labels: app.kubernetes.io/name: podinfo - app.kubernetes.io/version: 6.5.2 + app.kubernetes.io/version: 6.5.3 name: podinfo namespace: podinfo --- @@ -145,7 +145,7 @@ List the managed resources from a bundle and their rollout status: ```text last applied 2023-10-08T20:21:19Z module oci://ghcr.io/stefanprodan/modules/redis:7.2.2 - digest: sha256:0e1f9cfbd020230e4e9f8c3b14bc728df932793d02d4f0a26512737af6df2dc8 + digest: sha256:22ab5f4f0158f02b353c168f21a54901a45b2a56865fcc470e5492120deb4111 ServiceAccount/podinfo/redis Current Resource is current ConfigMap/podinfo/redis Current Resource is always ready Service/podinfo/redis Current Service is ready @@ -155,8 +155,8 @@ List the managed resources from a bundle and their rollout status: PersistentVolumeClaim/podinfo/redis-master Current PVC is Bound last applied 2023-10-08T20:21:19Z - module oci://ghcr.io/stefanprodan/modules/podinfo:6.5.2 - digest: sha256:6feb340acfc8f566bad9d4fa1e71a3cd0feade41a00750428b4f1b0b5e3c86a0 + module oci://ghcr.io/stefanprodan/modules/podinfo:6.5.3 + digest: sha256:54d38b407012ccfb42badf0974ba70f9ae229ecd38f17e8a1f4e7189283b924f ServiceAccount/podinfo/podinfo Current Resource is always ready Service/podinfo/podinfo Current Service is ready Deployment/podinfo/podinfo Current Deployment is available. Replicas: 1 @@ -174,7 +174,7 @@ List the instances in Bundle `podinfo` across all namespaces: ```text NAME NAMESPACE MODULE VERSION LAST APPLIED BUNDLE - podinfo podinfo oci://ghcr.io/stefanprodan/modules/podinfo 6.5.2 2023-09-10T16:20:07Z podinfo + podinfo podinfo oci://ghcr.io/stefanprodan/modules/podinfo 6.5.3 2023-09-10T16:20:07Z podinfo redis podinfo oci://ghcr.io/stefanprodan/modules/redis 7.2.2 2023-09-10T16:20:00Z podinfo ``` @@ -254,7 +254,7 @@ When not specified, the version defaults to `latest`, which pulls the module OCI ```cue module: { url: "oci://ghcr.io/stefanprodan/modules/podinfo" - version: "6.5.2" + version: "6.5.3" } ``` @@ -270,7 +270,7 @@ The `instance.module.digest` is an optional field that specifies the OCI digest ```cue module: { url: "oci://ghcr.io/stefanprodan/modules/podinfo" - digest: "sha256:6feb340acfc8f566bad9d4fa1e71a3cd0feade41a00750428b4f1b0b5e3c86a0" + digest: "sha256:54d38b407012ccfb42badf0974ba70f9ae229ecd38f17e8a1f4e7189283b924f" } ``` @@ -280,8 +280,8 @@ upstream digest of the version matches the specified `instance.module.digest`. ```cue module: { url: "oci://ghcr.io/stefanprodan/modules/podinfo" - version: "6.5.2" - digest: "sha256:6feb340acfc8f566bad9d4fa1e71a3cd0feade41a00750428b4f1b0b5e3c86a0" + version: "6.5.3" + digest: "sha256:54d38b407012ccfb42badf0974ba70f9ae229ecd38f17e8a1f4e7189283b924f" } ``` diff --git a/docs/quickstart.md b/docs/quickstart.md index 21b423e3..455ea376 100644 --- a/docs/quickstart.md +++ b/docs/quickstart.md @@ -38,7 +38,7 @@ in a new namespace: ```console $ timoni -n test apply podinfo oci://ghcr.io/stefanprodan/modules/podinfo --version latest pulling oci://ghcr.io/stefanprodan/modules/podinfo:latest -using module timoni.sh/podinfo version 6.5.2 +using module timoni.sh/podinfo version 6.5.3 installing podinfo in namespace test Namespace/test created ServiceAccount/test/podinfo created @@ -57,9 +57,9 @@ To get more information on an instance, you can use the `timoni inspect` sub-com ```console $ timoni -n test inspect module podinfo name: timoni.sh/podinfo -version: 6.5.2 +version: 6.5.3 repository: oci://ghcr.io/stefanprodan/modules/podinfo -digest: sha256:0e1f9cfbd020230e4e9f8c3b14bc728df932793d02d4f0a26512737af6df2dc8 +digest: sha256:22ab5f4f0158f02b353c168f21a54901a45b2a56865fcc470e5492120deb4111 ``` To learn more about the available commands, use `timoni inspect --help`. @@ -134,7 +134,7 @@ bundle: { } podinfo: { module: url: "oci://ghcr.io/stefanprodan/modules/podinfo" - module: version: "6.5.2" + module: version: "6.5.3" namespace: "podinfo" values: caching: { enabled: true diff --git a/examples/bundles/podinfo.cue b/examples/bundles/podinfo.cue index f4111db2..608143fa 100644 --- a/examples/bundles/podinfo.cue +++ b/examples/bundles/podinfo.cue @@ -11,7 +11,7 @@ bundle: { module: { url: "oci://ghcr.io/stefanprodan/modules/redis" version: "7.2.2" - digest: "sha256:0e1f9cfbd020230e4e9f8c3b14bc728df932793d02d4f0a26512737af6df2dc8" + digest: "sha256:22ab5f4f0158f02b353c168f21a54901a45b2a56865fcc470e5492120deb4111" } namespace: "podinfo" values: { @@ -23,8 +23,8 @@ bundle: { podinfo: { module: { url: "oci://ghcr.io/stefanprodan/modules/podinfo" - version: "6.5.2" - digest: "sha256:6feb340acfc8f566bad9d4fa1e71a3cd0feade41a00750428b4f1b0b5e3c86a0" + version: "6.5.3" + digest: "sha256:54d38b407012ccfb42badf0974ba70f9ae229ecd38f17e8a1f4e7189283b924f" } namespace: "podinfo" values: caching: { diff --git a/examples/minimal/README.md b/examples/minimal/README.md index 2750f128..3b5e4ed0 100644 --- a/examples/minimal/README.md +++ b/examples/minimal/README.md @@ -59,6 +59,7 @@ timoni -n default delete minimal | `topologySpreadConstraints:` | `[...corev1.#TopologySpreadConstraint]` | `[]` | [Kubernetes pod topology spread constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints) | | `podSecurityContext:` | `corev1.#PodSecurityContext` | `{}` | [Kubernetes pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context) | | `securityContext:` | `corev1.#SecurityContext` | `{}` | [Kubernetes container security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context) | +| `test: enabled:` | `bool` | `false` | Run end-to-end tests at install and upgrades | #### Recommended values diff --git a/examples/minimal/debug_values.cue b/examples/minimal/debug_values.cue index 363e8059..d888c34f 100644 --- a/examples/minimal/debug_values.cue +++ b/examples/minimal/debug_values.cue @@ -20,4 +20,11 @@ values: { digest: "" } } + affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: [{ + matchExpressions: [{ + key: "kubernetes.io/os" + operator: "In" + values: ["linux"] + }] + }] } diff --git a/examples/minimal/templates/job.cue b/examples/minimal/templates/job.cue index 852c39c9..e19593ab 100644 --- a/examples/minimal/templates/job.cue +++ b/examples/minimal/templates/job.cue @@ -36,23 +36,23 @@ import ( ] }] restartPolicy: "Never" + if _config.podSecurityContext != _|_ { + securityContext: _config.podSecurityContext + } + if _config.topologySpreadConstraints != _|_ { + topologySpreadConstraints: _config.topologySpreadConstraints + } + if _config.affinity != _|_ { + affinity: _config.affinity + } + if _config.tolerations != _|_ { + tolerations: _config.tolerations + } + if _config.imagePullSecrets != _|_ { + imagePullSecrets: _config.imagePullSecrets + } } } backoffLimit: 1 - if _config.podSecurityContext != _|_ { - securityContext: _config.podSecurityContext - } - if _config.topologySpreadConstraints != _|_ { - topologySpreadConstraints: _config.topologySpreadConstraints - } - if _config.affinity != _|_ { - affinity: _config.affinity - } - if _config.tolerations != _|_ { - tolerations: _config.tolerations - } - if _config.imagePullSecrets != _|_ { - imagePullSecrets: _config.imagePullSecrets - } } } diff --git a/examples/redis/templates/config.cue b/examples/redis/templates/config.cue index 48823dc9..07ea1c9d 100644 --- a/examples/redis/templates/config.cue +++ b/examples/redis/templates/config.cue @@ -59,10 +59,19 @@ import ( seccompProfile: type: "RuntimeDefault" } | corev1.#SecurityContext + // Pod affinity settings (common to all deployments) + affinity: corev1.#Affinity + affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: [{ + matchExpressions: [{ + key: "kubernetes.io/os" + operator: "In" + values: ["linux"] + }] + }] + // Pod optional settings (common to all deployments) podAnnotations?: {[ string]: string} tolerations?: [ ...corev1.#Toleration] - affinity?: corev1.#Affinity topologySpreadConstraints?: [...corev1.#TopologySpreadConstraint] // Service diff --git a/examples/redis/values.cue b/examples/redis/values.cue index 46ad6a18..c538d3f9 100644 --- a/examples/redis/values.cue +++ b/examples/redis/values.cue @@ -6,6 +6,6 @@ values: { image: { repository: "cgr.dev/chainguard/redis" tag: "7.2.2" - digest: "sha256:8969ecdfa82ed7d0d10596163ba9b7063879e0b1ccb57d054d10aa9d99bd1ce5" + digest: "sha256:4622102d87353643c6fe0b9d6607e740aef7cdd59cc90e8f275a06c4642a584c" } }