-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Add pre-upgrade jobs to run helm-mapkubeapis (#1439) (2.5) #1454
Conversation
This repo has @d2iq-mergebot integration. You can perform the following commands by submitting a comment. Submit a comment with content "@d2iq-mergebot help" to view more detailed help text and examples. Be sure the have a look at the mergebot documentation, too.For help using mergebot, please refer to the README file here: https://github.com/mesosphere/mergebot/blob/main/README.md |
* feat(kubecost): Add pre-upgrade to run helm-mapkubeapi * feat(kubecost): Use kommander chart version for kubetools image tag * feat(kubecost): Use force true on pre-upgrade job * feat(logging-operator): Add pre-upgrade job to run helm-mapkubeapis * feat(gatekeeper): Add pre-upgrade job to run helm-mapkubeapis * fix(gatekeeper): update release name * fix(gatekeeper): add dependsOn in HR kustomization * feat: Update release script to update the kubetools image tag * chore: clean up todos * refactor: typo * fix: check if HR exists in pre-upgrade scripts --------- Co-authored-by: Grace Do <xgrace@gmail.com>
I've tested:
The CI checks here fail because of the version agnostic CLI |
What problem does this PR solve?:
Add pre-upgrade jobs to kubecost, logging-operator, and gatekeeper to run helm-mapkubeapis tool that takes care of editing the helmrelease secret to remove the podsecuritypolicy manifest which is unsupported starting in k8s 1.25.
This affects clusters that were upgraded from 2.4, in which the PSP api was still supported and these 3 charts had deployed PSPs. Since kommander applications are upgraded prior to k8s, we saw this:
The following section https://helm.sh/docs/topics/kubernetes_apis/#updating-api-versions-of-a-release-manifest tells us how to recover from this error -- including using this tool https://github.com/helm/helm-mapkubeapis to help us do it easily via a single command. We have included this plugin into the kubetools image: https://github.com/mesosphere/kommander/pull/3657 and are using this image in these newly added pre-upgrade jobs.
Which issue(s) does this PR fix?:
https://d2iq.atlassian.net/browse/D2IQ-98509
Special notes for your reviewer:
Does this PR introduce a user-facing change?:
Checklist