From 6a1c0846c0d2551c9bf4fadbf72f93788764235a Mon Sep 17 00:00:00 2001 From: TristanHoladay <40547442+TristanHoladay@users.noreply.github.com> Date: Tue, 23 Apr 2024 09:02:32 -0600 Subject: [PATCH 1/3] fix: loki s3 irsa annotation override --- .github/bundles/uds-bundle.yaml | 2 +- .github/bundles/uds-config.yaml | 2 +- tasks/iac.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/bundles/uds-bundle.yaml b/.github/bundles/uds-bundle.yaml index 1156216d2..b7c4d56a6 100644 --- a/.github/bundles/uds-bundle.yaml +++ b/.github/bundles/uds-bundle.yaml @@ -47,4 +47,4 @@ packages: path: loki.storage.s3.region - name: LOKI_IRSA_ANNOTATION description: "The irsa role annotation" - path: loki.serviceAccount.annotations + path: serviceAccount.annotations diff --git a/.github/bundles/uds-config.yaml b/.github/bundles/uds-config.yaml index eb2db3a58..521f47dd4 100644 --- a/.github/bundles/uds-config.yaml +++ b/.github/bundles/uds-config.yaml @@ -8,7 +8,7 @@ variables: loki_ruler_bucket: ${ZARF_VAR_LOKI_S3_BUCKET} loki_admin_bucket: ${ZARF_VAR_LOKI_S3_BUCKET} loki_s3_region: ${ZARF_VAR_LOKI_S3_AWS_REGION} - loki_s3-endpoint: "" + loki_s3_endpoint: "" loki_irsa_annotation: eks.amazonaws.com/role-arn: ${ZARF_VAR_LOKI_S3_ROLE_ARN} velero_use_secret: false diff --git a/tasks/iac.yaml b/tasks/iac.yaml index 031c0d7b4..e5eb16d6a 100644 --- a/tasks/iac.yaml +++ b/tasks/iac.yaml @@ -141,7 +141,7 @@ tasks: loki_ruler_bucket: ${LOKI_S3_BUCKET} loki_admin_bucket: ${LOKI_S3_BUCKET} loki_s3_region: ${LOKI_S3_AWS_REGION} - loki_s3-endpoint: "" + loki_s3_endpoint: "" loki_irsa_annotation: eks.amazonaws.com/role-arn: "${LOKI_S3_ROLE_ARN}" velero_use_secret: false From a2fc88c27a2c93bf9c2bc83e029626ebc261aa3e Mon Sep 17 00:00:00 2001 From: TristanHoladay <40547442+TristanHoladay@users.noreply.github.com> Date: Tue, 23 Apr 2024 09:20:13 -0600 Subject: [PATCH 2/3] add loki access key overrides to nightly testing bundle; refactor nightly testing irsa annotations. --- .github/bundles/uds-bundle.yaml | 11 +++++++++-- .github/bundles/uds-config.yaml | 7 ++----- tasks/iac.yaml | 7 ++----- 3 files changed, 13 insertions(+), 12 deletions(-) diff --git a/.github/bundles/uds-bundle.yaml b/.github/bundles/uds-bundle.yaml index b7c4d56a6..684a3223f 100644 --- a/.github/bundles/uds-bundle.yaml +++ b/.github/bundles/uds-bundle.yaml @@ -26,9 +26,16 @@ packages: path: credentials.useSecret - name: VELERO_IRSA_ANNOTATION description: "IRSA ARN annotation to use for Velero" - path: serviceAccount.server.annotations + path: serviceAccount.server.annotations.irsa/role-arn loki: loki: + values: + - path: loki.storage.s3.endpoint + value: "" + - path: loki.storage.s3.secretAccessKey + value: "" + - path: loki.storage.s3.accessKeyId + value: "" variables: - name: LOKI_CHUNKS_BUCKET description: "The object storage bucket for Loki chunks" @@ -47,4 +54,4 @@ packages: path: loki.storage.s3.region - name: LOKI_IRSA_ANNOTATION description: "The irsa role annotation" - path: serviceAccount.annotations + path: serviceAccount.annotations.irsa/role-arn diff --git a/.github/bundles/uds-config.yaml b/.github/bundles/uds-config.yaml index 521f47dd4..722dd3689 100644 --- a/.github/bundles/uds-config.yaml +++ b/.github/bundles/uds-config.yaml @@ -8,12 +8,9 @@ variables: loki_ruler_bucket: ${ZARF_VAR_LOKI_S3_BUCKET} loki_admin_bucket: ${ZARF_VAR_LOKI_S3_BUCKET} loki_s3_region: ${ZARF_VAR_LOKI_S3_AWS_REGION} - loki_s3_endpoint: "" - loki_irsa_annotation: - eks.amazonaws.com/role-arn: ${ZARF_VAR_LOKI_S3_ROLE_ARN} + loki_irsa_annotation: ${ZARF_VAR_LOKI_S3_ROLE_ARN} velero_use_secret: false - velero_irsa_annotation: - eks.amazonaws.com/role-arn: "${ZARF_VAR_VELERO_S3_ROLE_ARN}" + velero_irsa_annotation: "${ZARF_VAR_VELERO_S3_ROLE_ARN}" velero_bucket: ${ZARF_VAR_VELERO_S3_BUCKET} velero_bucket_region: ${ZARF_VAR_VELERO_S3_AWS_REGION} velero_bucket_provider_url: "" diff --git a/tasks/iac.yaml b/tasks/iac.yaml index e5eb16d6a..c29f8a068 100644 --- a/tasks/iac.yaml +++ b/tasks/iac.yaml @@ -141,12 +141,9 @@ tasks: loki_ruler_bucket: ${LOKI_S3_BUCKET} loki_admin_bucket: ${LOKI_S3_BUCKET} loki_s3_region: ${LOKI_S3_AWS_REGION} - loki_s3_endpoint: "" - loki_irsa_annotation: - eks.amazonaws.com/role-arn: "${LOKI_S3_ROLE_ARN}" + loki_irsa_annotation: "${LOKI_S3_ROLE_ARN}" velero_use_secret: false - velero_irsa_annotation: - eks.amazonaws.com/role-arn: "${VELERO_S3_ROLE_ARN}" + velero_irsa_annotation: ${VELERO_S3_ROLE_ARN}" velero_bucket: ${VELERO_S3_BUCKET} velero_bucket_region: ${VELERO_S3_AWS_REGION} velero_bucket_provider_url: "" From 67ca72b5fe8e9295975e991c40602a775e292b5a Mon Sep 17 00:00:00 2001 From: TristanHoladay <40547442+TristanHoladay@users.noreply.github.com> Date: Tue, 23 Apr 2024 09:48:48 -0600 Subject: [PATCH 3/3] remove loki.storage.s3.endpoint from loki variables overrides --- .github/bundles/uds-bundle.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/bundles/uds-bundle.yaml b/.github/bundles/uds-bundle.yaml index 684a3223f..fa0175a4a 100644 --- a/.github/bundles/uds-bundle.yaml +++ b/.github/bundles/uds-bundle.yaml @@ -46,9 +46,6 @@ packages: - name: LOKI_ADMIN_BUCKET description: "The object storage bucket for Loki admin" path: loki.storage.bucketNames.admin - - name: LOKI_S3_ENDPOINT - description: "The S3 endpoint" - path: loki.storage.s3.endpoint - name: LOKI_S3_REGION description: "The S3 region" path: loki.storage.s3.region