From 7942106ffe59d1579c33fff573dd20376e242887 Mon Sep 17 00:00:00 2001 From: t3mi Date: Mon, 8 Mar 2021 13:37:44 +0200 Subject: [PATCH 1/8] add global affinity,nodeSelector,podLabels and tolerations params to catalog chart (#2881) --- charts/catalog/Chart.yaml | 2 +- charts/catalog/README.md | 4 ++++ charts/catalog/templates/cleaner-job.yaml | 17 +++++++++++++++++ .../controller-manager-deployment.yaml | 18 ++++++++++++++---- charts/catalog/templates/migration-job.yaml | 17 +++++++++++++++++ .../catalog/templates/pre-migration-job.yaml | 17 +++++++++++++++++ .../catalog/templates/webhook-deployment.yaml | 18 ++++++++++++++---- charts/catalog/values.yaml | 13 +++++++++++-- 8 files changed, 95 insertions(+), 11 deletions(-) diff --git a/charts/catalog/Chart.yaml b/charts/catalog/Chart.yaml index cb0705a6fc1..72051d399d4 100644 --- a/charts/catalog/Chart.yaml +++ b/charts/catalog/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 name: catalog description: service-catalog webhook server and controller-manager helm chart -version: 0.3.1 +version: 0.3.2 diff --git a/charts/catalog/README.md b/charts/catalog/README.md index 32c79fca5ea..23c52a89d1c 100644 --- a/charts/catalog/README.md +++ b/charts/catalog/README.md @@ -76,9 +76,13 @@ chart and their default values. | `rbacEnable` | If true, create & use RBAC resources | `true` | | `originatingIdentityEnabled` | Whether the OriginatingIdentity feature should be enabled | `true` | | `persistence.storageClass` | Define the storageclass use by pvc | `null` | +| `affinity` | Affinity settings ([docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity)) | `{}` | | `asyncBindingOperationsEnabled` | Whether or not alpha support for async binding operations is enabled | `false` | | `namespacedServiceBrokerDisabled` | Whether or not alpha support for namespace scoped brokers is disabled | `false` | +| `nodeSelector` | Node labels for pod assignment (global parameter for all pods) | `{}` | +| `podLabels` | Additional pod labels to include for all pods | `{}` | | `priorityClassName` | Define PriorityClass for pods | "" | +| `tolerations` | Tolerations for pod assignment | `[]` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. diff --git a/charts/catalog/templates/cleaner-job.yaml b/charts/catalog/templates/cleaner-job.yaml index da173efbda7..329ac3e88c7 100644 --- a/charts/catalog/templates/cleaner-job.yaml +++ b/charts/catalog/templates/cleaner-job.yaml @@ -90,12 +90,18 @@ spec: template: metadata: labels: + {{- if .Values.podLabels }} + {{- tpl (toYaml .Values.podLabels) $ | nindent 8 }} + {{- end }} cleaner-job: "true" app: {{ template "fullname" . }}-clean-job chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" spec: + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName | quote }} + {{- end }} {{- with .Values.securityContext }} securityContext: {{ toYaml . | indent 8 }} @@ -118,3 +124,14 @@ spec: - {{ template "fullname" . }}-controller-manager - --webhook-configurations - {{ template "fullname" . }}-webhook {{ template "fullname" . }}-validating-webhook +{{- with .Values.affinity }} + affinity: {{- tpl (toYaml .) $ | nindent 8 }} +{{- end }} +{{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} diff --git a/charts/catalog/templates/controller-manager-deployment.yaml b/charts/catalog/templates/controller-manager-deployment.yaml index d91fa919498..8a438094719 100644 --- a/charts/catalog/templates/controller-manager-deployment.yaml +++ b/charts/catalog/templates/controller-manager-deployment.yaml @@ -18,10 +18,13 @@ spec: metadata: annotations: prometheus.io/scrape: "{{ .Values.controllerManager.enablePrometheusScrape }}" - {{ if .Values.controllerManager.annotations }} + {{- if .Values.controllerManager.annotations }} {{ toYaml .Values.controllerManager.annotations | indent 8 }} {{- end }} labels: + {{- if .Values.podLabels }} + {{- tpl (toYaml .Values.podLabels) $ | nindent 8 }} + {{- end }} app: {{ template "fullname" . }}-controller-manager chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" @@ -131,7 +134,14 @@ spec: successThreshold: 1 timeoutSeconds: 5 {{- end }} - {{ if .Values.controllerManager.nodeSelector }} +{{- with .Values.affinity }} + affinity: {{- tpl (toYaml .) $ | nindent 8 }} +{{- end }} + {{- if or .Values.controllerManager.nodeSelector .Values.nodeSelector }} nodeSelector: -{{ toYaml .Values.controllerManager.nodeSelector | indent 8 }} - {{ end }} +{{ toYaml (mustMerge .Values.controllerManager.nodeSelector .Values.nodeSelector) | indent 8 }} + {{- end }} +{{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} diff --git a/charts/catalog/templates/migration-job.yaml b/charts/catalog/templates/migration-job.yaml index f2d60cc67a5..c98d76c3881 100644 --- a/charts/catalog/templates/migration-job.yaml +++ b/charts/catalog/templates/migration-job.yaml @@ -106,12 +106,18 @@ spec: template: metadata: labels: + {{- if .Values.podLabels }} + {{- tpl (toYaml .Values.podLabels) $ | nindent 8 }} + {{- end }} migration-job: "true" app: {{ template "fullname" . }}-migration-job chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" spec: + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName | quote }} + {{- end }} {{- with .Values.securityContext }} securityContext: {{ toYaml . | indent 8 }} @@ -146,3 +152,14 @@ spec: volumeMounts: - name: storage mountPath: /data +{{- with .Values.affinity }} + affinity: {{- tpl (toYaml .) $ | nindent 8 }} +{{- end }} +{{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} diff --git a/charts/catalog/templates/pre-migration-job.yaml b/charts/catalog/templates/pre-migration-job.yaml index b42fa463c14..84f783f10f2 100644 --- a/charts/catalog/templates/pre-migration-job.yaml +++ b/charts/catalog/templates/pre-migration-job.yaml @@ -120,12 +120,18 @@ spec: template: metadata: labels: + {{- if .Values.podLabels }} + {{- tpl (toYaml .Values.podLabels) $ | nindent 8 }} + {{- end }} migration-job: "true" app: {{ template "fullname" . }}-pre-migration-job chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" spec: + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName | quote }} + {{- end }} {{- with .Values.securityContext }} securityContext: {{ toYaml . | indent 8 }} @@ -156,3 +162,14 @@ spec: volumeMounts: - name: storage mountPath: /data +{{- with .Values.affinity }} + affinity: {{- tpl (toYaml .) $ | nindent 8 }} +{{- end }} +{{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} diff --git a/charts/catalog/templates/webhook-deployment.yaml b/charts/catalog/templates/webhook-deployment.yaml index 10ee16070ef..60afdbec9d7 100644 --- a/charts/catalog/templates/webhook-deployment.yaml +++ b/charts/catalog/templates/webhook-deployment.yaml @@ -17,12 +17,15 @@ spec: template: metadata: labels: + {{- if .Values.podLabels }} + {{- tpl (toYaml .Values.podLabels) $ | nindent 8 }} + {{- end }} app: {{ template "fullname" . }}-webhook chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" releaseRevision: "{{ .Release.Revision }}" heritage: "{{ .Release.Service }}" - {{ if .Values.webhook.annotations }} + {{- if .Values.webhook.annotations }} annotations: {{ toYaml .Values.webhook.annotations | indent 8 }} {{- end }} @@ -87,10 +90,17 @@ spec: successThreshold: 1 timeoutSeconds: 5 {{- end }} - {{ if .Values.webhook.nodeSelector }} +{{- with .Values.affinity }} + affinity: {{- tpl (toYaml .) $ | nindent 8 }} +{{- end }} + {{- if or .Values.webhook.nodeSelector .Values.nodeSelector }} nodeSelector: -{{ toYaml .Values.webhook.nodeSelector | indent 8 }} - {{ end }} +{{ toYaml (mustMerge .Values.webhook.nodeSelector .Values.nodeSelector) | indent 8 }} + {{- end }} +{{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} volumes: - name: service-catalog-webhook-cert secret: diff --git a/charts/catalog/values.yaml b/charts/catalog/values.yaml index b83ef6a7647..50b1ee86333 100644 --- a/charts/catalog/values.yaml +++ b/charts/catalog/values.yaml @@ -20,7 +20,7 @@ webhook: # annotations is a collection of annotations to add to the webhook pods. annotations: {} # nodeSelector to apply to the webhook pods - nodeSelector: + nodeSelector: {} # healthcheck configures the readiness and liveliness probes for the webhook pod. healthcheck: enabled: true @@ -59,7 +59,7 @@ controllerManager: # annotations is a collection of annotations to add to the controllerManager pod. annotations: {} # nodeSelector to apply to the controllerManager pods - nodeSelector: + nodeSelector: {} # healthcheck configures the readiness and liveliness probes for the controllerManager pod. healthcheck: enabled: true @@ -108,6 +108,9 @@ controllerManager: # Available port in allowable range (e.g. 30000 - 32767 on minikube) # The TLS-enabled endpoint will be exposed here securePort: 30444 + +affinity: {} + # Whether the OriginatingIdentity feature should be enabled originatingIdentityEnabled: true # Whether the AsyncBindingOperations alpha feature should be enabled @@ -132,7 +135,13 @@ persistence: ## storageClass: +nodeSelector: {} + +podLabels: {} + # Leverage a PriorityClass to ensure your pods survive resource shortages # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ # PriorityClass: system-cluster-critical priorityClassName: "" + +tolerations: [] \ No newline at end of file From 880e4007005c6848c6720150f5269499071cfbad Mon Sep 17 00:00:00 2001 From: Michal Kempski Date: Wed, 28 Apr 2021 12:24:49 +0200 Subject: [PATCH 2/8] Handle panic with nil map on reconcile (#2884) --- pkg/controller/controller_instance.go | 3 +++ pkg/controller/controller_instance_test.go | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/pkg/controller/controller_instance.go b/pkg/controller/controller_instance.go index 36bd0e8ed30..37c88f0c9c4 100644 --- a/pkg/controller/controller_instance.go +++ b/pkg/controller/controller_instance.go @@ -3007,6 +3007,9 @@ func (c *controller) triggerServiceBindingReconciliation(instance *v1beta1.Servi } klog.V(4).Infof("ServiceBinding %s/%s triggered to reconciliation", binding.Namespace, binding.Name) toUpdate := binding.DeepCopy() + if toUpdate.Annotations == nil { + toUpdate.Annotations = make(map[string]string, 0) + } toUpdate.ObjectMeta.Annotations["reconciliationTriggered"] = metav1.Now().String() if _, err := c.serviceCatalogClient.ServiceBindings(toUpdate.Namespace).Update(context.Background(), toUpdate, metav1.UpdateOptions{}); err != nil { klog.Errorf("Couldn't update ServiceBinding %q status for instance %q. Bindings will be triggered after set delay. error: %v", binding.Name, binding.Spec.InstanceRef.Name, err) diff --git a/pkg/controller/controller_instance_test.go b/pkg/controller/controller_instance_test.go index 1b96566dd72..5c93df4e5e2 100644 --- a/pkg/controller/controller_instance_test.go +++ b/pkg/controller/controller_instance_test.go @@ -624,6 +624,8 @@ func TestReconcileServiceInstanceWithParameters(t *testing.T) { sharedInformers.ClusterServiceBrokers().Informer().GetStore().Add(getTestClusterServiceBroker()) sharedInformers.ClusterServiceClasses().Informer().GetStore().Add(getTestClusterServiceClass()) sharedInformers.ClusterServicePlans().Informer().GetStore().Add(getTestClusterServicePlan()) + credentials := getTestServiceBinding() + sharedInformers.ServiceBindings().Informer().GetStore().Add(credentials) for _, s := range tc.secrets { fakeKubeClient.PrependReactor("get", "secrets", func(action clientgotesting.Action) (bool, runtime.Object, error) { @@ -739,7 +741,8 @@ func TestReconcileServiceInstanceWithParameters(t *testing.T) { }) actions = fakeCatalogClient.Actions() - assertNumberOfActions(t, actions, 1) + assertNumberOfActions(t, actions, 2) + assertUpdate(t, actions[1], credentials) updatedServiceInstance = assertUpdateStatus(t, actions[0], instance) assertServiceInstanceOperationSuccessWithParameters(t, updatedServiceInstance, From 89ea2139efdc21793119f6f2b926e89b8fc8b580 Mon Sep 17 00:00:00 2001 From: David Gu Date: Tue, 31 Aug 2021 13:36:21 -0700 Subject: [PATCH 3/8] Update walkthrough.md (#2896) Provide extra instruction for using Helm v3 when installing and deleting mini broker. --- docs/walkthrough.md | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/docs/walkthrough.md b/docs/walkthrough.md index 7ffdb0614a8..4287399ef95 100644 --- a/docs/walkthrough.md +++ b/docs/walkthrough.md @@ -31,6 +31,13 @@ Otherwise, to install with sensible defaults, run the following command: ```console helm repo add minibroker https://minibroker.blob.core.windows.net/charts +``` +If you are using Helm v3, run this command: +```console +helm install minibroker minibroker/minibroker --namespace minibroker --create-namespace +``` +For older versions of Helm, use the --name option: +```console helm install --name minibroker --namespace minibroker minibroker/minibroker ``` @@ -459,7 +466,14 @@ No resources found. # Step 9 - Final Cleanup -To clean up minibroker deployment, delete the helm release: +To clean up minibroker deployment, delete the helm release. + +If you are using Helm v3, run this command: + +```console +helm delete minibroker +``` +For older versions of Helm, use the --purge option: ```console helm delete --purge minibroker From 03094167e4de72116cdfa246ef33b429db948941 Mon Sep 17 00:00:00 2001 From: Arthur Kelsch Date: Tue, 31 Aug 2021 23:59:54 +0200 Subject: [PATCH 4/8] Fix typo in service bindings deletion message (#2891) --- pkg/controller/controller_instance.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/controller/controller_instance.go b/pkg/controller/controller_instance.go index 37c88f0c9c4..4250634995b 100644 --- a/pkg/controller/controller_instance.go +++ b/pkg/controller/controller_instance.go @@ -89,7 +89,7 @@ const ( asyncDeprovisioningReason string = "Deprovisioning" asyncDeprovisioningMessage string = "The instance is being deprovisioned asynchronously" serviceBindingsDeletionReason string = "ServiceBindingsDeletion" - serviceBindingsDeletionMessage string = "The instance's service bindings is beaing deleted" + serviceBindingsDeletionMessage string = "The instance's service bindings are being deleted" provisioningInFlightReason string = "ProvisionRequestInFlight" provisioningInFlightMessage string = "Provision request for ServiceInstance in-flight to Broker" instanceUpdatingInFlightReason string = "UpdateInstanceRequestInFlight" From 6768d081c188831fbf5860827a83b51c4e519e3e Mon Sep 17 00:00:00 2001 From: Jonathan Berkhahn Date: Tue, 9 Nov 2021 12:40:31 -0800 Subject: [PATCH 5/8] Update OWNERS MHBauer has been gone for a while, removing this so he doesn't receive anymore notifications. --- OWNERS | 1 - 1 file changed, 1 deletion(-) diff --git a/OWNERS b/OWNERS index c149c5721d2..fad7f4a250c 100644 --- a/OWNERS +++ b/OWNERS @@ -1,5 +1,4 @@ approvers: - jberkhahn -- mhbauer - piotrmiskiewicz - jhvhs From b37daf589e7797e209028c087d072817934d5d7c Mon Sep 17 00:00:00 2001 From: Jonathan Berkhahn Date: Thu, 18 Nov 2021 11:12:09 -0800 Subject: [PATCH 6/8] remove jberkhahn as approver (#2904) --- OWNERS | 1 - 1 file changed, 1 deletion(-) diff --git a/OWNERS b/OWNERS index fad7f4a250c..616fc22aff0 100644 --- a/OWNERS +++ b/OWNERS @@ -1,4 +1,3 @@ approvers: -- jberkhahn - piotrmiskiewicz - jhvhs From 79547516232a5a4ecf742d5e91b05971ff9d3d29 Mon Sep 17 00:00:00 2001 From: HelloFresh Github Actions Bot Date: Mon, 17 Jul 2023 13:47:56 +0000 Subject: [PATCH 7/8] Update HelloFresh Organization Required Workflows [ci skip] --- .../hf_validate-tribe-squad-labels.yaml | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 .github/workflows/hf_validate-tribe-squad-labels.yaml diff --git a/.github/workflows/hf_validate-tribe-squad-labels.yaml b/.github/workflows/hf_validate-tribe-squad-labels.yaml new file mode 100644 index 00000000000..a3191bbf450 --- /dev/null +++ b/.github/workflows/hf_validate-tribe-squad-labels.yaml @@ -0,0 +1,32 @@ +# This workflow is centrally managed in +# https://github.com/hellofresh/github-automation/blob/master/modules/repository/required-workflows/validate-tribe-squad-labels.yaml +--- +name: "PR: Validate Tribe and Squad Labels" + +on: + pull_request: + types: + # Default triggers https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request + - opened + - reopened + - synchronize + # label changes should trigger the validation, too + - labeled + - unlabeled + + branches: + - master + +jobs: + validate: + name: Validate + runs-on: [ self-hosted, default ] + timeout-minutes: 2 + permissions: + # Allow action to comment within the PR + pull-requests: write + steps: + - name: Validate Labels + uses: docker://489198589229.dkr.ecr.eu-west-1.amazonaws.com/action-validate-comply-labels:latest + env: + GITHUB_TOKEN: ${{ github.token }} From 4b78a988ff6a9fd1fb9fed8daaa0fa2624250142 Mon Sep 17 00:00:00 2001 From: "gh-automation-app[bot]" <109592277+gh-automation-app[bot]@users.noreply.github.com> Date: Mon, 17 Jul 2023 16:44:09 +0000 Subject: [PATCH 8/8] Update HelloFresh Organization Required Workflows [ci skip] --- .../hf_validate-tribe-squad-labels.yaml | 32 ------------------- 1 file changed, 32 deletions(-) delete mode 100644 .github/workflows/hf_validate-tribe-squad-labels.yaml diff --git a/.github/workflows/hf_validate-tribe-squad-labels.yaml b/.github/workflows/hf_validate-tribe-squad-labels.yaml deleted file mode 100644 index a3191bbf450..00000000000 --- a/.github/workflows/hf_validate-tribe-squad-labels.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# This workflow is centrally managed in -# https://github.com/hellofresh/github-automation/blob/master/modules/repository/required-workflows/validate-tribe-squad-labels.yaml ---- -name: "PR: Validate Tribe and Squad Labels" - -on: - pull_request: - types: - # Default triggers https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request - - opened - - reopened - - synchronize - # label changes should trigger the validation, too - - labeled - - unlabeled - - branches: - - master - -jobs: - validate: - name: Validate - runs-on: [ self-hosted, default ] - timeout-minutes: 2 - permissions: - # Allow action to comment within the PR - pull-requests: write - steps: - - name: Validate Labels - uses: docker://489198589229.dkr.ecr.eu-west-1.amazonaws.com/action-validate-comply-labels:latest - env: - GITHUB_TOKEN: ${{ github.token }}