diff --git a/admin/kubezero.sh b/admin/kubezero.sh index b6a5c7b5..f71ae346 100755 --- a/admin/kubezero.sh +++ b/admin/kubezero.sh @@ -134,9 +134,6 @@ control_plane_upgrade() { yq ".spec.source.helm.valuesObject |= load(\"$WORKDIR/kubezero-values.yaml\") | .spec.source.targetRevision = strenv(kubezero_chart_version)" \ > $WORKDIR/new-argocd-app.yaml kubectl replace -f $WORKDIR/new-argocd-app.yaml - - # finally remove annotation to allow argo to sync again - kubectl patch app kubezero -n argocd --type json -p='[{"op": "remove", "path": "/metadata/annotations"}]' || true fi pre_kubeadm diff --git a/admin/migrate_argo_values.py b/admin/migrate_argo_values.py index 04322bad..8ae9109d 100755 --- a/admin/migrate_argo_values.py +++ b/admin/migrate_argo_values.py @@ -8,6 +8,13 @@ import yaml def migrate(values): """Actual changes here""" + # remove syncOptions from root app + try: + if values["kubezero"]["syncPolicy"]: + values["kubezero"].pop("syncPolicy") + except KeyError: + pass + return values diff --git a/charts/kubezero-operators/templates/cloudnative-pg/ClusterImageCatalog-bookworm.yaml b/charts/kubezero-operators/templates/cloudnative-pg/ClusterImageCatalog-bookworm.yaml index cba8b2de..8da2985c 100644 --- a/charts/kubezero-operators/templates/cloudnative-pg/ClusterImageCatalog-bookworm.yaml +++ b/charts/kubezero-operators/templates/cloudnative-pg/ClusterImageCatalog-bookworm.yaml @@ -1,3 +1,4 @@ +{{- if index .Values "cloudnative-pg" "enabled" }} apiVersion: postgresql.cnpg.io/v1 kind: ClusterImageCatalog metadata: @@ -14,3 +15,4 @@ spec: image: ghcr.io/cloudnative-pg/postgresql:16.6-33-bookworm@sha256:7dfda49485274b61ada9bb347caffac01dee442ffd119eb19317a2692347657b - major: 17 image: ghcr.io/cloudnative-pg/postgresql:17.2-33-bookworm@sha256:52b78e8e4a297e268be168c7e107a2117072dc38f4a11d9d056ff0cc13d4007f +{{- end }} diff --git a/charts/kubezero/docs/app.yaml b/charts/kubezero/docs/app.yaml deleted file mode 100644 index ea7307d7..00000000 --- a/charts/kubezero/docs/app.yaml +++ /dev/null @@ -1,30 +0,0 @@ -# Skeleton template to put into each cluster git folder -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: kubezero - namespace: argocd -spec: - project: kubezero - source: - repoURL: https://cdn.zero-downtime.net/charts - chart: kubezero - targetRevision: {{ .Values.kubezero.version }} - - helm: - parameters: - # We use this to detect if we are called from ArgoCD - - name: argocdAppName - value: $ARGOCD_APP_NAME - # This breaks the recursion, otherwise we install another kubezero project and app - - name: installKubeZero - value: "false" - values: | - {{- toYaml .Values | nindent 8 }} - - destination: - server: https://kubernetes.default.svc - namespace: argocd - syncPolicy: - automated: - prune: true diff --git a/charts/kubezero/templates/_app.tpl b/charts/kubezero/templates/_app.tpl index 1d77a43e..39edbabf 100644 --- a/charts/kubezero/templates/_app.tpl +++ b/charts/kubezero/templates/_app.tpl @@ -33,14 +33,14 @@ spec: server: {{ .Values.kubezero.server }} namespace: {{ default "kube-system" ( index .Values $name "namespace" ) }} + revisionHistoryLimit: 2 syncPolicy: + automated: + prune: true syncOptions: - ServerSideApply=true - CreateNamespace=true - {{- with .Values.kubezero.syncPolicy }} - {{- toYaml . | nindent 4 }} - {{- end }} - + - ApplyOutOfSyncOnly=true {{- include (print $name "-argo") $ }} {{- end }} diff --git a/charts/kubezero/templates/argo.yaml b/charts/kubezero/templates/argo.yaml index c6a87ca8..4fd00d6d 100644 --- a/charts/kubezero/templates/argo.yaml +++ b/charts/kubezero/templates/argo.yaml @@ -61,7 +61,8 @@ argocd-apps: namespace: argocd syncPolicy: - {{- toYaml (default dict .Values.kubezero.syncPolicy) | nindent 8 }} + automated: + prune: true argocd-image-updater: enabled: {{ default "false" (index .Values "argo" "argocd-image-updater" "enabled") }} diff --git a/charts/kubezero/templates/cert-manager.yaml b/charts/kubezero/templates/cert-manager.yaml index fd60c99a..a0950fc5 100644 --- a/charts/kubezero/templates/cert-manager.yaml +++ b/charts/kubezero/templates/cert-manager.yaml @@ -49,7 +49,7 @@ cert-manager: {{- if eq .Values.global.platform "gke" }} serviceAccount: annotations: - iam.gke.io/gcp-service-account: "dns01-solver@{{ .Values.global.gcp.projectId }}.iam.gserviceaccount.com" + iam.gke.io/gcp-service-account: "dns01-solver-cert-manager@{{ .Values.global.gcp.projectId }}.iam.gserviceaccount.com" {{- end }} prometheus: