Skip to content

Commit

Permalink
Merge pull request #85 from SolaceDev/v1.1.0
Browse files Browse the repository at this point in the history
Release v1.1.0
  • Loading branch information
LewisKSaint authored Jul 26, 2024
2 parents b7d061a + 0cf71d8 commit 48de1b5
Show file tree
Hide file tree
Showing 27 changed files with 740 additions and 284 deletions.
13 changes: 12 additions & 1 deletion .github/workflows/build-test-dev.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ on:
- main

env:
VERSION: 1.0.3
VERSION: 1.1.0
IMAGE_NAME: pubsubplus-eventbroker-operator
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
GCLOUD_PROJECT_ID_DEV: ${{ secrets.GCLOUD_PROJECT_ID }}
Expand Down Expand Up @@ -121,6 +121,11 @@ jobs:
exportToken: true
secrets: |
secret/data/development/gcp-gcr GCP_SERVICE_ACCOUNT | GCP_DEV_SERVICE_ACCOUNT
env:
VERSION: 1.1.0
IMAGE_NAME: pubsubplus-eventbroker-operator
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
GCLOUD_PROJECT_ID_DEV: ${{ secrets.GCLOUD_PROJECT_ID }}

- name: Log in to gcr development docker registry
uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
Expand All @@ -138,6 +143,12 @@ jobs:
tags: |
gcr.io/${{ env.GCLOUD_PROJECT_ID_DEV }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
push: true
env:
VERSION: 1.1.0
IMAGE_NAME: pubsubplus-eventbroker-operator
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
GCLOUD_PROJECT_ID_DEV: ${{ secrets.GCLOUD_PROJECT_ID }}


- name: Run Vulnerability PreCheck for Prisma
uses: ./maas-build-actions/.github/actions/prisma-vulnerability-checker
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/prep-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ on:
release_tag:
description: 'Release tag'
required: true
default: '1.0.3-dev'
default: '1.1.0'
prep_internal_release:
# Need to distinguish between internal and external releases
# Internal release: Will use default internal location for created images (ghcr.io) and will tag and push operator candidate there
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/test-broker-chaos-situation.yml
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ jobs:
kubectl create secret tls monitoring-tls --key="tls.private.pem" --cert="tls.public.pem"
kubectl apply -f ci/manifests/eventbroker-ha.yaml | grep "test-ha created"
sleep 10 ; kubectl get all
kubectl wait pods --selector app.kubernetes.io/instance=test-ha --for condition=Ready --timeout=300s
kubectl wait pods --selector app.kubernetes.io/instance=test-ha --for condition=Ready --timeout=500s
kubectl get po --show-labels -n $TESTNAMESPACE | grep test-ha | grep "1/1"
kubectl get po --show-labels -n $TESTNAMESPACE | grep test-ha | grep active=true
kubectl get sts -n $TESTNAMESPACE | grep test-ha
Expand All @@ -99,7 +99,7 @@ jobs:
run: |
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tlsupdated.key -out tlsupdated.crt -subj "/CN=*"
kubectl create secret tls test-tlsupdated --key="tlsupdated.key" --cert="tlsupdated.crt"
kubectl wait pods --selector node-type=message-routing-primary --for condition=Ready --timeout=300s
kubectl wait pods --selector node-type=message-routing-primary --for condition=Ready --timeout=400s
kubectl get all
kubectl apply -f ci/manifests/chaos-manifests/admin-secret-update.yaml | grep "configured"
kubectl get all
Expand All @@ -113,11 +113,11 @@ jobs:
- name: Testing the Operator - HA - Chaos Scenario 3 - Update Scaling Parameters and confirm recovery for message delivery
run: |
kubectl wait pods --selector node-type=message-routing-primary --for condition=Ready --timeout=300s
kubectl wait pods --selector node-type=message-routing-primary --for condition=Ready --timeout=400s
kubectl get all
kubectl apply -f ci/manifests/chaos-manifests/scaling-parameter-update.yaml | grep "configured"
kubectl get all
kubectl wait pods --selector node-type=message-routing-primary --for condition=Ready --timeout=300s
kubectl wait pods --selector node-type=message-routing-primary --for condition=Ready --timeout=400s
kubectl get all
kubectl port-forward svc/test-ha-pubsubplus -n $TESTNAMESPACE 55558:55555 &
sleep 5
Expand All @@ -127,7 +127,7 @@ jobs:
- name: Testing the Operator - HA - Chaos Scenario 4 - Kill 2 Nodes and confirm recovery for message delivery
run: |
kubectl wait pods --selector node-type=message-routing-primary --for condition=Ready --timeout=300s
kubectl wait pods --selector node-type=message-routing-primary --for condition=Ready --timeout=400s
kubectl get all
kubectl get pods -n $TESTNAMESPACE --selector node-type=message-routing-primary | grep Running | awk '{print $1}' | xargs kubectl delete pod
kubectl get pods -n $TESTNAMESPACE --selector node-type=message-routing-backup | grep Running | awk '{print $1}' | xargs kubectl delete pod
Expand All @@ -143,7 +143,7 @@ jobs:
run: |
kubectl get sts -n $TESTNAMESPACE | grep 1/1 | awk '{print $1}' | xargs kubectl delete sts
kubectl get all
kubectl wait pods --selector node-type=message-routing-primary --for condition=Ready --timeout=300s
kubectl wait pods --selector node-type=message-routing-primary --for condition=Ready --timeout=400s
sleep 120
kubectl get all
kubectl port-forward svc/test-ha-pubsubplus -n $TESTNAMESPACE 55552:55555 &
Expand Down
20 changes: 19 additions & 1 deletion .github/workflows/vulncheck_periodic.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,14 @@
name: Vuln check
on:
schedule:
- cron: '0 */6 * * *'
- cron: '0 */ * * *'

env:
VERSION: 1.1.0
IMAGE_NAME: pubsubplus-eventbroker-operator
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
GCLOUD_PROJECT_ID_DEV: ${{ secrets.GCLOUD_PROJECT_ID }}


permissions:
contents: read
Expand Down Expand Up @@ -57,6 +64,11 @@ jobs:
exportToken: true
secrets: |
secret/data/development/gcp-gcr GCP_SERVICE_ACCOUNT | GCP_DEV_SERVICE_ACCOUNT
env:
VERSION: 1.1.0
IMAGE_NAME: pubsubplus-eventbroker-operator
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
GCLOUD_PROJECT_ID_DEV: ${{ secrets.GCLOUD_PROJECT_ID }}

- name: Log in to gcr development docker registry
uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
Expand All @@ -72,6 +84,12 @@ jobs:
tags: |
gcr.io/${{ env.GCLOUD_PROJECT_ID_DEV }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
push: true
env:
VERSION: 1.1.0
IMAGE_NAME: pubsubplus-eventbroker-operator
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
GCLOUD_PROJECT_ID_DEV: ${{ secrets.GCLOUD_PROJECT_ID }}


- name: Run Vulnerability PreCheck for Prisma
uses: ./maas-build-actions/.github/actions/prisma-vulnerability-checker
Expand Down
6 changes: 3 additions & 3 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -19,12 +19,12 @@ RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go

# Use distroless as minimal base image to package the manager binary
# Refer to https://github.com/GoogleContainerTools/distroless for more details
FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
FROM registry.access.redhat.com/ubi9/ubi-minimal:9.4-1134

LABEL name="solace/pubsubplus-eventbroker-operator"
LABEL vendor="Solace Corporation"
LABEL version="1.0.3"
LABEL release="1.0.3"
LABEL version="1.1.0"
LABEL release="1.1.0"
LABEL summary="Solace PubSub+ Event Broker Kubernetes Operator"
LABEL description="The Solace PubSub+ Event Broker Kubernetes Operator deploys and manages the lifecycle of PubSub+ Event Brokers"

Expand Down
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# To re-generate a bundle for another specific version without changing the standard setup, you can:
# - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2)
# - use environment variables to overwrite this value (e.g export VERSION=0.0.2)
VERSION ?= 1.0.3
VERSION ?= 1.1.0

# API_VERSION defines the API version for the PubSubPlusEventBroker CRD
API_VERSION ?= v1beta1
Expand Down
4 changes: 3 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,9 @@ kubectl get pods --show-labels --watch
kubectl wait --for=condition=ServiceReady eventbroker non-ha-monitoring-enabled-example
kubectl wait --for=condition=MonitoringReady eventbroker non-ha-monitoring-enabled-example
```
For more information about Prometheus monitoring, see [Exposing Metrics to Prometheus](/docs/EventBrokerOperatorUserGuide.md#exposing-metrics-to-prometheus) in the detailed PubSub+ Operator documentation.
For more information about Prometheus monitoring, see [Exposing Metrics to Prometheus](/docs/EventBrokerOperatorUserGuide.md#exposing-metrics-to-prometheus) in the detailed PubSub+ Operator documentation.

> Solace Pubsub+ Prometheus Exporter End of Life Notice : Please note that Solace will end of life Pubsub+ Prometheus Exporter version 1.0.1 as of June ,2024. This means there will be no releases for Pubsub+ Prometheus Exporter after June ,2024, however, Solace will continue to provide technical support for it until June, 2025. Refer https://solace.com/legal/technical-product-support/ for support terminologies. If you have monitoring enabled, the operator will default to downloading the Solace version of Pubsub+ Prometheus Exporter 1.0.1. The community version of the Prometheus Exporter available at https://github.com/solacecommunity/solace-prometheus-exporter can be deployed with Pubsub+ Event Broker Operator. Note that Solace does not officially support the community version of the Prometheus Exporter.
### 4. Test the deployment

Expand Down
41 changes: 41 additions & 0 deletions api/v1beta1/eventbroker_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ import (
"encoding/json"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
)

// EventBrokerSpec defines the desired state of PubSubPlusEventBroker
Expand All @@ -39,6 +40,8 @@ type EventBrokerSpec struct {
Developer bool `json:"developer"`
//+optional
//+kubebuilder:validation:Type:=object
//+kubebuilder:pruning:PreserveUnknownFields
//+kubebuilder:validation:Schemaless
//+operator-sdk:csv:customresourcedefinitions:type=spec,order=3
// SystemScaling provides exact fine-grained specification of the event broker scaling parameters
// and the assigned CPU / memory resources to the Pod.
Expand Down Expand Up @@ -110,6 +113,15 @@ type EventBrokerSpec struct {
// SecurityContext defines the pod security context for the event broker.
SecurityContext SecurityContext `json:"securityContext,omitempty"`
//+kubebuilder:validation:Type:=object
// ContainerSecurityContext defines the container security context for the PubSubPlusEventBroker.
BrokerSecurityContext ContainerSecurityContext `json:"brokerContainerSecurity,omitempty"`
//+optional
//+kubebuilder:validation:Type:=boolean
//+kubebuilder:default:=false
// EnableServiceLinks indicates whether information about services should be injected into pod's environment
// variables, matching the syntax of Docker links. Optional: Defaults to false.
EnableServiceLinks bool `json:"enableServiceLinks,omitempty"`
//+kubebuilder:validation:Type:=object
// ServiceAccount defines a ServiceAccount dedicated to the PubSubPlusEventBroker
ServiceAccount BrokerServiceAccount `json:"serviceAccount,omitempty"`
//+kubebuilder:validation:Type:=object
Expand Down Expand Up @@ -214,6 +226,7 @@ type BrokerPersistentVolumeClaim struct {
ClaimName string `json:"claimName"`
}

// +kubebuilder:pruning:PreserveUnknownFields
type SystemScaling struct {
// +kubebuilder:default:=100
MaxConnections int `json:"maxConnections,omitempty"`
Expand All @@ -225,6 +238,8 @@ type SystemScaling struct {
MessagingNodeCpu string `json:"messagingNodeCpu,omitempty"`
// +kubebuilder:default:="4025Mi"
MessagingNodeMemory string `json:"messagingNodeMemory,omitempty"`
//+kubebuilder:pruning:PreserveUnknownFields
runtime.RawExtension `json:"-"`
}

// BrokerTLS defines TLS configuration for the PubSubPlusEventBroker
Expand Down Expand Up @@ -269,6 +284,16 @@ type ExtraEnvVar struct {
Value string `json:"value"`
}

// MonitoringExtraEnvVar defines environment variables to be added to the Prometheus Exporter container for Monitoring
type MonitoringExtraEnvVar struct {
//+kubebuilder:validation:Type:=string
// Specifies the Name of an environment variable to be added to the Prometheus Exporter container for Monitoring
Name string `json:"name"`
//+kubebuilder:validation:Type:=string
// Specifies the Value of an environment variable to be added to the Prometheus Exporter container for Monitoring
Value string `json:"value"`
}

// BrokerImage defines Image details and pulling configurations
type BrokerImage struct {
//+optional
Expand Down Expand Up @@ -333,6 +358,18 @@ type SecurityContext struct {
RunAsUser int64 `json:"runAsUser"`
}

// ContainerSecurityContext defines the container security context for the PubSubPlusEventBroker
type ContainerSecurityContext struct {
//+optional
//+kubebuilder:validation:Type:=number
// Specifies runAsGroup in container security context. 0 or unset defaults either to 1000002, or if OpenShift detected to unspecified (see documentation)
RunAsGroup int64 `json:"runAsGroup"`
//+optional
//+kubebuilder:validation:Type:=number
// Specifies runAsUser in container security context. 0 or unset defaults either to 1000001, or if OpenShift detected to unspecified (see documentation)
RunAsUser int64 `json:"runAsUser"`
}

// MonitoringImage defines Image details and pulling configurations for the Prometheus Exporter for Monitoring
type MonitoringImage struct {
//+kubebuilder:validation:Type:=string
Expand Down Expand Up @@ -360,6 +397,10 @@ type Monitoring struct {
// Enabled true enables the setup of the Prometheus Exporter.
Enabled bool `json:"enabled"`
//+optional
//+kubebuilder:validation:Type:=array
// List of extra environment variables to be added to the Prometheus Exporter container.
ExtraEnvVars []*MonitoringExtraEnvVar `json:"extraEnvVars"`
//+optional
//+kubebuilder:validation:Type:=object
// Image defines container image parameters for the Prometheus Exporter.
MonitoringImage *MonitoringImage `json:"image,omitempty"`
Expand Down
47 changes: 45 additions & 2 deletions api/v1beta1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -20,16 +20,16 @@ metadata:
certified: "true"
com.redhat.delivery.operator.bundle: "true"
com.redhat.openshift.versions: v4.10
containerImage: docker.io/solace/pubsubplus-eventbroker-operator:1.0.3
createdAt: "2024-04-23T16:09:41Z"
containerImage: docker.io/solace/pubsubplus-eventbroker-operator:1.1.0
createdAt: "2024-07-01T12:25:04Z"
description: The Solace PubSub+ Event Broker Operator deploys and manages the
lifecycle of PubSub+ Event Brokers
operators.openshift.io/valid-subscription: '[]'
operators.operatorframework.io/builder: operator-sdk-v1.27.0
operators.operatorframework.io/builder: operator-sdk-v1.34.1
operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
repository: https://github.com/SolaceProducts/pubsubplus-kubernetes-quickstart
support: Solace Products
name: pubsubplus-eventbroker-operator.v1.0.3
name: pubsubplus-eventbroker-operator.v1.1.0
namespace: placeholder
spec:
apiservicedefinitions: {}
Expand Down Expand Up @@ -296,7 +296,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.annotations['olm.targetNamespaces']
image: docker.io/solace/pubsubplus-eventbroker-operator:1.0.3
image: docker.io/solace/pubsubplus-eventbroker-operator:1.1.0
imagePullPolicy: Always
livenessProbe:
httpGet:
Expand Down Expand Up @@ -411,4 +411,4 @@ spec:
provider:
name: Solace Corporation
url: www.solace.com
version: 1.0.3
version: 1.1.0
Loading

0 comments on commit 48de1b5

Please sign in to comment.