Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[bitnami/contour] Sync upstream changes and chart standardization #3381

Merged
merged 36 commits into from
Sep 9, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
254da50
Sync back most significant upstream projectcontour changes
mkilchhofer Aug 10, 2020
7a006fb
Delete removed CRD ingressroutes.contour.heptio.com
mkilchhofer Aug 12, 2020
a8fe6f1
Sync HTTPProxy CRD
mkilchhofer Aug 12, 2020
613c4b7
Sync TLSCertificateDelegation CRD
mkilchhofer Aug 12, 2020
5f0166c
Drop old TLSCertificateDelegation CRD on API group contour.heptio.com
mkilchhofer Aug 13, 2020
effa8ed
Bump minor chart version as the change is no longer a patch
mkilchhofer Aug 13, 2020
253a8ec
Attempt to fix contour tests by upgrading to latest github actions
mkilchhofer Aug 13, 2020
8bab0b3
Override envoy service type to ClusterIP to make tests happy
mkilchhofer Aug 13, 2020
ca41277
Revert "Attempt to fix contour tests by upgrading to latest github ac…
mkilchhofer Aug 17, 2020
09d94d3
Add bitnami/common as a dependency
mkilchhofer Aug 19, 2020
1150497
Also use bitnami/common subchart for image
mkilchhofer Aug 20, 2020
93b40f8
Implement extraVolumes and extraVolumeMounts on contour and envoy
mkilchhofer Aug 21, 2020
ee19d0e
Implement extraEnvVars on contour and envoy
mkilchhofer Aug 22, 2020
435af3d
Implement extraEnvVarsConfigMap and extraEnvVarsSecret
mkilchhofer Aug 22, 2020
a3838da
Implement initContainers for contour and envoy
mkilchhofer Aug 22, 2020
dc82609
Implement service.extraPorts on contour and envoy
mkilchhofer Aug 22, 2020
676b003
Implement rolling tags helpers
mkilchhofer Aug 22, 2020
3189ed0
Sync rbac with upstream
mkilchhofer Aug 23, 2020
42f5275
Update README.md
mkilchhofer Aug 24, 2020
8bb6026
Also use bitnami/common subchart for pullSecrets
mkilchhofer Sep 1, 2020
d5cfe77
Use same tpl functions for job
mkilchhofer Sep 1, 2020
9ae5d37
Fix: affinity defined twice
mkilchhofer Sep 1, 2020
f9d1963
Use more specific keyword antiAffinity -> antiAffinityPolicy
mkilchhofer Sep 2, 2020
fc72d35
Bump chart major: 2.0.0
mkilchhofer Sep 2, 2020
194b9fb
Variant2: Implement certgen by using hooks (#2)
mkilchhofer Sep 2, 2020
1a4e6ee
Merge branch 'master' into sync_projectcontour_changes
mkilchhofer Sep 2, 2020
e6e1ca1
Replace colons with dashes (standardize even more)
mkilchhofer Sep 5, 2020
1f3456c
Clearify README regarding CRDs and helm v3
mkilchhofer Sep 5, 2020
d468dc8
Add small upgrading notes to README
mkilchhofer Sep 5, 2020
ccd9267
Merge branch 'master' into sync_projectcontour_changes
mkilchhofer Sep 5, 2020
d29dcd1
Fix helm2 incompatibility due to PR #2961
mkilchhofer Sep 6, 2020
cbc5fe7
Use consistent component labels on certgen resources
mkilchhofer Sep 6, 2020
6a113a5
Use bitnami/common for apiVersion of kind Deployment
mkilchhofer Sep 7, 2020
db8af4c
Rename parameter `contour.createCustomResource` to `contour.installCRDs`
mkilchhofer Sep 7, 2020
e03ebda
Do not allocate an IP address on metrics services
mkilchhofer Sep 7, 2020
e567750
Split into subfolders
mkilchhofer Sep 6, 2020
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion bitnami/contour/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v1
name: contour
description: Contour Ingress controller for Kubernetes
version: 1.2.2
version: 2.0.0
appVersion: 1.8.1
keywords:
- ingress
Expand Down
77 changes: 67 additions & 10 deletions bitnami/contour/README.md

Large diffs are not rendered by default.

4 changes: 4 additions & 0 deletions bitnami/contour/ci/ct-values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
envoy:
service:
type: ClusterIP
externalTrafficPolicy: null
301 changes: 275 additions & 26 deletions bitnami/contour/crds/httpproxies.yaml

Large diffs are not rendered by default.

373 changes: 0 additions & 373 deletions bitnami/contour/crds/ingressroutes.yaml

This file was deleted.

268 changes: 198 additions & 70 deletions bitnami/contour/crds/tlscertificatedeligations.yaml
Original file line number Diff line number Diff line change
@@ -1,18 +1,21 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.9
name: tlscertificatedelegations.contour.heptio.com
name: tlscertificatedelegations.projectcontour.io
spec:
group: contour.heptio.com
group: projectcontour.io
names:
kind: TLSCertificateDelegation
listKind: TLSCertificateDelegationList
plural: tlscertificatedelegations
shortNames:
- tlscerts
singular: tlscertificatedelegation
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
description: TLSCertificateDelegation is an TLS Certificate Delegation CRD specificiation.
Expand Down Expand Up @@ -58,82 +61,207 @@ spec:
required:
- delegations
type: object
required:
- metadata
- spec
type: object
version: v1beta1
versions:
- name: v1beta1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.9
name: tlscertificatedelegations.projectcontour.io
spec:
group: projectcontour.io
names:
kind: TLSCertificateDelegation
listKind: TLSCertificateDelegationList
plural: tlscertificatedelegations
shortNames:
- tlscerts
singular: tlscertificatedelegation
scope: Namespaced
validation:
openAPIV3Schema:
description: TLSCertificateDelegation is an TLS Certificate Delegation CRD specificiation.
See design/tls-certificate-delegation.md for details.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: TLSCertificateDelegationSpec defines the spec of the CRD
status:
description: TLSCertificateDelegationStatus allows for the status of the
delegation to be presented to the user.
properties:
delegations:
conditions:
description: "Conditions contains information about the current status
of the HTTPProxy, in an upstream-friendly container. \n Contour will
update a single condition, `Valid`, that is in normal-true polarity.
That is, when `currentStatus` is `valid`, the `Valid` condition will
be `status: true`, and vice versa. \n Contour will leave untouched
any other Conditions set in this block, in case some other controller
wants to add a Condition. \n If you are another controller owner and
wish to add a condition, you *should* namespace your condition with
a label, like `controller.domain.com\\ConditionName`."
items:
description: CertificateDelegation maps the authority to reference
a secret in the current namespace to a set of namespaces.
description: "DetailedCondition is an extension of the normal Kubernetes
conditions, with two extra fields to hold sub-conditions, which
provide more detailed reasons for the state (True or False) of the
condition. \n `errors` holds information about sub-conditions which
are fatal to that condition and render its state False. \n `warnings`
holds information about sub-conditions which are not fatal to that
condition and do not force the state to be False. \n Remember that
Conditions have a type, a status, and a reason. \n The type is the
type of the condition, the most important one in this CRD set is
`Valid`. \n In the case of `Valid`, `status: true` means that the
object is has been ingested into Contour with no errors. `warnings`
may still be present, and will be indicated in the Reason field.
\n `Valid`, `status: false` means that the object has had one or
more fatal errors during processing into Contour. The details of
the errors will be present under the `errors` field. \n There should
never be subconditions under `errors` when `status` is `true`."
properties:
secretName:
description: required, the name of a secret in the current namespace.
errors:
description: "Errors contains a slice of relevant error subconditions
for this object. \n Subconditions are expected to appear when
relevant (when there is a error), and disappear when not relevant.
An empty slice here indicates no errors."
items:
description: "SubCondition is a Condition-like type intended
for use as a subcondition inside a DetailedCondition. \n It
contains a subset of the Condition fields. \n It is intended
for warnings and errors, so `type` names should use abnormal-true
polarity, that is, they should be of the form \"ErrorPresent:
true\". \n The expected lifecycle for these errors is that
they should only be present when the error or warning is,
and should be removed when they are not relevant."
properties:
message:
description: "Message is a human readable message indicating
details about the transition. \n This may be an empty
string."
maxLength: 32768
type: string
reason:
description: "Reason contains a programmatic identifier
indicating the reason for the condition's last transition.
Producers of specific condition types may define expected
values and meanings for this field, and whether the values
are considered a guaranteed API. \n The value should be
a CamelCase string. \n This field may not be empty."
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: Status of the condition, one of True, False,
Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: "Type of condition in `CamelCase` or in `foo.example.com/CamelCase`.
\n This must be in abnormal-true polarity, that is, `ErrorFound`
or `controller.io/ErrorFound`. \n The regex it matches
is (dns1123SubdomainFmt/)?(qualifiedNameFmt)"
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- message
- reason
- status
- type
type: object
type: array
lastTransitionTime:
description: "lastTransitionTime is the last time the condition
transitioned from one status to another. \n This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable."
format: date-time
type: string
targetNamespaces:
description: required, the namespaces the authority to reference
the the secret will be delegated to. If TargetNamespaces is
nil or empty, the CertificateDelegation' is ignored. If the
TargetNamespace list contains the character, "*" the secret
will be delegated to all namespaces.
message:
description: "message is a human readable message indicating details
about the transition. \n This may be an empty string."
maxLength: 32768
type: string
observedGeneration:
description: "observedGeneration represents the .metadata.generation
that the condition was set based upon. \n For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance."
format: int64
minimum: 0
type: integer
reason:
description: "Reason contains a programmatic identifier indicating
the reason for the condition's last transition. \n Producers
of specific condition types may define expected values and meanings
for this field, and whether the values are considered a guaranteed
API. \n The value should be a CamelCase string. \n This field
may not be empty."
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: "Type of condition in CamelCase or in foo.example.com/CamelCase.
\n Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. \n The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)"
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
warnings:
description: "Warnings contains a slice of relevant warning subconditions
for this object. \n Subconditions are expected to appear when
relevant (when there is a warning), and disappear when not relevant.
An empty slice here indicates no warnings."
items:
type: string
description: "SubCondition is a Condition-like type intended
for use as a subcondition inside a DetailedCondition. \n It
contains a subset of the Condition fields. \n It is intended
for warnings and errors, so `type` names should use abnormal-true
polarity, that is, they should be of the form \"ErrorPresent:
true\". \n The expected lifecycle for these errors is that
they should only be present when the error or warning is,
and should be removed when they are not relevant."
properties:
message:
description: "Message is a human readable message indicating
details about the transition. \n This may be an empty
string."
maxLength: 32768
type: string
reason:
description: "Reason contains a programmatic identifier
indicating the reason for the condition's last transition.
Producers of specific condition types may define expected
values and meanings for this field, and whether the values
are considered a guaranteed API. \n The value should be
a CamelCase string. \n This field may not be empty."
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: Status of the condition, one of True, False,
Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: "Type of condition in `CamelCase` or in `foo.example.com/CamelCase`.
\n This must be in abnormal-true polarity, that is, `ErrorFound`
or `controller.io/ErrorFound`. \n The regex it matches
is (dns1123SubdomainFmt/)?(qualifiedNameFmt)"
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- message
- reason
- status
- type
type: object
type: array
required:
- secretName
- targetNamespaces
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
required:
- delegations
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
type: object
required:
- metadata
Expand Down
6 changes: 6 additions & 0 deletions bitnami/contour/requirements.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
dependencies:
- name: common
version: 0.x.x
repository: https://charts.bitnami.com/bitnami
tags:
- bitnami-common
11 changes: 7 additions & 4 deletions bitnami/contour/templates/NOTES.txt
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,11 @@

You can watch the status by running:

$ kubectl get svc {{ include "contour.fullname" . }} --namespace {{ .Release.Namespace }} -w
$ kubectl get svc {{ include "common.names.fullname" . }} --namespace {{ .Release.Namespace }} -w

Once 'EXTERNAL-IP' is no longer '<pending>':

$ kubectl describe svc {{ include "contour.fullname" . }} --namespace {{ .Release.Namespace }} | grep Ingress | awk '{print $3}'
$ kubectl describe svc {{ include "common.names.fullname" . }} --namespace {{ .Release.Namespace }} | grep Ingress | awk '{print $3}'

2. Configure DNS records corresponding to Kubernetes ingress resources to point to the load balancer IP/hostname found in step 1
{{- end }}
Expand All @@ -22,9 +22,12 @@
{{- else }}
1. Contour has been started. You can find out the port numbers being used by Contour by running:

$ kubectl describe svc {{ include "contour.fullname" . }} --namespace {{ .Release.Namespace }}
$ kubectl describe svc {{ include "common.names.fullname" . }} --namespace {{ .Release.Namespace }}

{{- end }}

2. Configure DNS records corresponding to Kubernetes ingress resources to point to the NODE_IP/NODE_HOST
{{- end }}
{{- end }}

{{ include "common.warnings.rollingTag" .Values.contour.image }}
{{ include "common.warnings.rollingTag" .Values.envoy.image }}
Loading