Update gatekeeper to 3.6.0
update "chart" (https://github.com/open-policy-agent/gatekeeper) from "v3.5.2" (5733cf33442d2c9485f59c181117c09e588da6cb) to "v3.6.0" (9503ef2307225c5f6e8d97e312efb008a26e36bb)
https://repo1.dso.mil/platform-one/big-bang/bigbang/-/issues/747
Merge request reports
Activity
added statusreview label
added 6 commits
-
aec709cc...7323f416 - 2 commits from branch
main - 8ab384a7 - Updated chart
- e83af3d9 - update "chart" (https://github.com/open-policy-agent/gatekeeper) from "v3.5.2"...
- ae63ac49 - changelog updated
- 6784376b - space
Toggle commit list-
aec709cc...7323f416 - 2 commits from branch
-
One of the big changes for 3.6.0 is ConstraintTemplate CRD moved to v1. How hard would it be to upgrade our ConstraintTemplates to use the v1 API spec? If it is easy, lets include it in this MR. If not, I can open up a new issue for it.
I was able to move our ConstraintTemplates to v1(had to add type to fix validation error) so install works. For upgrade to work locally, I had to
k apply -f chart/crds. I believe the only missing piece for upgrade to work is mounting the crds togatekeeper-update-crds-hookcontainer. I can also take a look at this later today.
added 1 commit
- c25b51bb - Dependencies removed by kpt added back to chart
added 2 commits
added statusdoing label and removed statusreview label
added 1 commit
- d269fb71 - removed tag from crdRepository -wasnt working
Resolved by Jordan Olacheakubectl image and gatekeeeper-crd image output when "version" is passed
`[kubectl:v1.21.1] Client Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.1", GitCommit:"5e58841cce77d4bc13713ad2b91fa0d961e69192", GitTreeState:"archive", BuildDate:"2021-06-18T09:32:04Z", GoVersion:"go1.16.3", Compiler:"gc", Platform:"linux/amd64"} The connection to the server localhost:8080 was refused - did you specify the right host or port?
[Gatekeeper-crd] Client Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.1", GitCommit:"5e58841cce77d4bc13713ad2b91fa0d961e69192", GitTreeState:"clean", BuildDate:"2021-05-12T14:18:45Z", GoVersion:"go1.16.4", Compiler:"gc", Platform:"linux/amd64"} The connection to the server localhost:8080 was refused - did you specify the right host or port?`
- Last reply by Jordan Olachea
added 1 commit
- 071ab56e - Changed to full URL for docker crd to test paths
added 2 commits
added 1 commit
- b30bb4c5 - removed string and left value crd imagepullsec
added 1 commit
- 2ea00a19 - setting pullSecret "private-registry" for crd
added 1 commit
- 04ac90a3 - Removed upgrade-crds-hook secret added secret.yaml
added 1 commit
- bd6264de - updated secrets and workaround for crd upgrades
-
The upgrade test successfully passed. As a preliminary step, I made an MR to merge into BB. Once that is done, we can make a follow up MR from [bb-747-retry-test] or similar to close out the upgrade. Some of the changes made include;
- Updated selector and deployment strategy to fix this error
- Added configmap to load crd directory
mentioned in merge request !105 (merged)
added 75 commits
-
191c7db3...3a0aa0f4 - 2 commits from branch
main - f5311db8 - Updated chart
- b8997210 - update "chart" (https://github.com/open-policy-agent/gatekeeper) from "v3.5.2"...
- d0d451e0 - changelog updated
- 6739587d - Dependencies removed by kpt added back to chart
- aac9b706 - removed repeat appVersion line chart
- 23278382 - appVersion placement chart
- 54c6edd8 - testing crdRepo
- a4d78137 - crdHook test
- ae5527f0 - crdHook test replacement
- 3d0a9241 - Trying to create crdRepository image values
- 41bd2e6e - testing crdRepositoryversions with tag
- f7305c36 - removed tag from crdRepository -wasnt working
- 1b69e1fa - udpated crdHook to accept new tag
- 83c03bed - crdRepository tag test
- 480eef10 - crd change test
- dda3726e - crd release update again
- a6ecabd1 - extra tag removal
- b0d27720 - new kubectl version for crdRelease
- a5202c92 - testing original values with new syntax
- c571a6fc - crd change
- 3994c0f0 - Changed to full URL for docker crd to test paths
- 16be857a - removed library from crd
- c1464355 - set crdRepo back to reg1 kubectl
- 946f6a6c - added image pull secrets to crds
- d0a9505d - missing indentation fixed
- ef11a8c6 - added "end" to crds
- 8c9d81a1 - changed indent
- 3a0133d0 - removed end from crd
- bf387b5b - imagepullsecrets update
- b57e6a76 - retry
- db7f5b4b - imagePullSecrets update crd
- 8c1a2fa8 - Indent update
- 1b8c4633 - Uppdated indent crds
- 96b359bf - moved imagePullSecrets
- cdbb712f - removed string and left value crd imagepullsec
- 7e0a188d - imagePullSecrets CRD update
- a2536b74 - Reverted crds-hook
- afe0fb3c - added volumes/sec/imagepullsec for crd
- 5286694e - crd reset
- 5da72bcc - crd svcAcct
- 77747dae - crd reset
- 285bac58 - added imagePullSec to crd-hook
- ff6c3e82 - private-registry added to values
- ef2eb972 - updated pullSecret
- 83baa653 - imagepullSecrets crd update
- d56cb81d - reset crds
- 84431de8 - removed pullSecrets
- 037ed9eb - setting pullSecret "private-registry" for crd
- a316d7fc - Added image creddentials to values
- 4d099d19 - updated helpers ant upgrade-crds-hook with sec
- 4dd2b84f - Removed upgrade-crds-hook secret added secret.yaml
- d0da4648 - updated secrets and workaround for crd upgrades
- a76609a1 - updated k8sPSPCap to v1 - from v1beta
- f804323f - v1beta1 failed. Reverting
- 6e2814c0 - edited caps
- a0f24dad - Reset value for allowedCaps
- 80d0ae99 - changed allowedCaps to v1
- dd0a6ed6 - reset allowedCaps
- f2f00ffd - updated constraint template version
- 9e5e5d32 - Added volumes and enabled upgrade
- 387d93d2 - edited path to volumemount
- 3e58db94 - hooks added
- fd66ddbc - path change
- 02dcc804 - Changed pullsecret indent
- 54fcdff6 - volume path updated
- c82a3b8d - added configmap
- def4a9e5 - added hook to manager deployment
- e811f26c - remove annotation
- 2cd164d4 - addd configmap
- 6932aed9 - use target branch
- 9e3d749f - update service selector
- f7329a9c - revert to pipeline master
- 77b7b12e - updated deployment strategy to recreate
Toggle commit list-
191c7db3...3a0aa0f4 - 2 commits from branch
mentioned in merge request !104 (closed)
added statusreview label and removed statusdoing label
assigned to @michaelmcleroy
changed milestone to %1.18.0
assigned to @echuang
mentioned in commit 8276ee6a
