chore(deps): update kubezero-ci-dependencies

admin/dev_apply.sh

@@ -5,7 +5,7 @@ set -x
 
 ARTIFACTS=($(echo $1 | tr "," "\n"))
 ACTION="${2:-apply}"
-ARGOCD="${3:-true}"
+ARGOCD="${3:-false}"
 
 LOCAL_DEV=1
 
@@ -36,6 +36,46 @@ parse_version() {
 
 KUBE_VERSION=$(parse_version $KUBE_VERSION)
 
+### Various hooks for modules
+
+################
+# cert-manager #
+################
+function cert-manager-post() {
+  # If any error occurs, wait for initial webhook deployment and try again
+  # see: https://cert-manager.io/docs/concepts/webhook/#webhook-connection-problems-shortly-after-cert-manager-installation
+
+  if [ $rc -ne 0 ]; then
+    wait_for "kubectl get deployment -n $namespace cert-manager-webhook"
+    kubectl rollout status deployment -n $namespace cert-manager-webhook
+    wait_for 'kubectl get validatingwebhookconfigurations -o yaml | grep "caBundle: LS0"'
+  fi
+
+  wait_for "kubectl get ClusterIssuer -n $namespace kubezero-local-ca-issuer"
+  kubectl wait --timeout=180s --for=condition=Ready -n $namespace ClusterIssuer/kubezero-local-ca-issuer
+}
+
+
+###########
+# ArgoCD  #
+###########
+function argocd-pre() {
+  kubectl delete job argo-argocd-redis-secret-init -n argocd || true
+
+  for f in $CLUSTER/secrets/argocd-*.yaml; do
+    kubectl apply -f $f
+  done
+}
+
+
+###########
+# Metrics #
+###########
+# Cleanup patch jobs from previous runs , ArgoCD does this automatically
+function metrics-pre() {
+  kubectl delete jobs --field-selector status.successful=1 -n monitoring
+}
+
 
 ### Main
 get_kubezero_values $ARGOCD

admin/kubezero.sh

@@ -328,14 +328,10 @@ apply_module() {
   done
 
   for t in $MODULES; do
-    # apply/replace app of apps directly
-    if [ $t == "kubezero" ]; then
-      kubectl replace -f $WORKDIR/kubezero/templates $(field_manager $ARGOCD)
-    else
     #_helm apply $t
+
     # During 1.31 we change the ArgoCD tracking so replace
     _helm replace $t
-    fi
   done
 
   echo "Applied KubeZero modules: $MODULES"

admin/libhelm.sh

@@ -139,7 +139,7 @@ function delete_ns() {
 
 
 # Extract crds via helm calls
-function crds() {
+function _crds() {
   helm secrets --evaluate-templates template $(chart_location $chart) -n $namespace --name-template $module $targetRevision --include-crds -f $WORKDIR/values.yaml $API_VERSIONS --kube-version $KUBE_VERSION $@ | python3 -c '
 #!/usr/bin/python3
 import yaml
@@ -201,20 +201,9 @@ function _helm() {
 
   yq eval '.spec.source.helm.valuesObject' $WORKDIR/kubezero/templates/${module}.yaml > $WORKDIR/values.yaml
 
-  # extract remote chart or copy local to access hooks
-  rm -rf $WORKDIR/$chart $WORKDIR/${chart}*.tgz
-
-  if [ -z "$LOCAL_DEV" ]; then
-    helm pull $(chart_location $chart) --untar -d $WORKDIR
-  else
-    cp -r $(chart_location $chart) $WORKDIR
-  fi
-
   if [ $action == "crds" ]; then
-    # Pre-crd hook
+    # Allow custom CRD handling
-    [ -f $WORKDIR/$chart/hooks.d/pre-crds.sh ] && (cd $WORKDIR; bash ./$chart/hooks.d/pre-crds.sh)
+    declare -F ${module}-crds && ${module}-crds || _crds
-
-    crds
 
   elif [ $action == "apply" -o $action == "replace" ]; then
     echo "using values to $action of module $module: "
@@ -224,7 +213,7 @@ function _helm() {
     create_ns $namespace
 
     # Optional pre hook
-    [ -f $WORKDIR/$chart/hooks.d/pre-install.sh ] && (cd $WORKDIR; bash ./$chart/hooks.d/pre-install.sh)
+    declare -F ${module}-pre && ${module}-pre
 
     render
     [ $action == "replace" ] && kubectl replace -f $WORKDIR/helm.yaml $(field_manager $ARGOCD) && rc=$? || rc=$?
@@ -233,7 +222,7 @@ function _helm() {
     [ $action == "apply" -o $rc -ne 0 ] && kubectl apply -f $WORKDIR/helm.yaml --server-side --force-conflicts $(field_manager $ARGOCD) && rc=$? || rc=$?
 
     # Optional post hook
-    [ -f $WORKDIR/$chart/hooks.d/post-install.sh ] && (cd $WORKDIR; bash ./$chart/hooks.d/post-install.sh)
+    declare -F ${module}-post && ${module}-post
 
   elif [ $action == "delete" ]; then
     render

admin/migrate_argo_values.py

@@ -8,20 +8,12 @@ import yaml
 def migrate(values):
     """Actual changes here"""
 
-    # migrate kubezero root app of apps to Argo chart
+    # remove syncOptions from root app
-    try:
-        if values["kubezero"]:
     try:
+        if values["kubezero"]["syncPolicy"]:
             values["kubezero"].pop("syncPolicy")
     except KeyError:
         pass
-            values["kubezero"]["gitSync"]["repoUrl"] = values["kubezero"]["gitSync"].pop("repoURL")
-
-            values["argo"]["argo-cd"]["kubezero"] = values["kubezero"]["gitSync"]
-
-            values.pop("kubezero")
-    except KeyError:
-        pass
 
     return values
 

charts/kubezero-argo/.helmignore

@@ -1,27 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
-
-README.md.gotmpl
-dashboards.yaml
-jsonnet

charts/kubezero-argo/hooks.d/pre-install.sh

@@ -1,6 +0,0 @@
-#!/bin/sh
-
-# Bootstrap kubezero-git-sync app if it doenst exist
-kubectl get application kubezero-git-sync -n argocd && rc=$? || rc=$?
-
-[ $rc != 0 ] && yq -i '.argo-cd.kubezero.bootstrap=true' values.yaml

charts/kubezero-ci/Chart.yaml

@@ -22,7 +22,7 @@ dependencies:
     repository: https://dl.gitea.io/charts/
     condition: gitea.enabled
   - name: jenkins
-    version: 5.8.22
+    version: 5.8.21
     repository: https://charts.jenkins.io
     condition: jenkins.enabled
   - name: trivy
@@ -30,7 +30,7 @@ dependencies:
     repository: https://aquasecurity.github.io/helm-charts/
     condition: trivy.enabled
   - name: renovate
-    version: 39.207.3
+    version: 39.207.2
     repository: https://docs.renovatebot.com/helm-charts
     condition: renovate.enabled
 kubeVersion: ">= 1.25.0"