jtomasek/Factory
SHA256
1
0
Fork 0
forked from suse-edge/Factory
Code Pull Requests Activity

Compare commits

base: jtomasek:kubevirt-dashboard-extension-chart-303.0.1+up1.3.1
Branches Tags
jtomasek:main jtomasek:remove-tags-extensions jtomasek:akri-dashboard-extension-chart-303.0.2+up1.3.1 jtomasek:kubevirt-dashboard-extension-chart-303.0.2+up1.3.2 jtomasek:kubevirt-extension-chart-ui-extension-version-fix jtomasek:kubevirt-dashboard-extension-chart-303.0.1+up1.3.1 jtomasek:akri-dashboard-extension-chart-303.0.1+up1.3.0 jtomasek:kubevirt-dashboard-extension-chart-303.0.1+up1.3.0 jtomasek:kubevirt-dashboard-extension-v1.2.0 jtomasek:akri-dashboard-extension-v1.2.0 suse-edge:main suse-edge:3.3 suse-edge:3.2 suse-edge:devel
..
compare: suse-edge:3.2
Branches Tags
suse-edge:main suse-edge:3.3 suse-edge:3.2 suse-edge:devel jtomasek:main jtomasek:remove-tags-extensions jtomasek:akri-dashboard-extension-chart-303.0.2+up1.3.1 jtomasek:kubevirt-dashboard-extension-chart-303.0.2+up1.3.2 jtomasek:kubevirt-extension-chart-ui-extension-version-fix jtomasek:kubevirt-dashboard-extension-chart-303.0.1+up1.3.1 jtomasek:akri-dashboard-extension-chart-303.0.1+up1.3.0 jtomasek:kubevirt-dashboard-extension-chart-303.0.1+up1.3.0 jtomasek:kubevirt-dashboard-extension-v1.2.0 jtomasek:akri-dashboard-extension-v1.2.0

94 Commits
kubevirt-d ... 3.2

Author SHA256 Message Date
Denislav Prodanov
3270c12d00 Merge pull request 'changed the entry point for pre-commit to call the script from the venv' (#250) from backport-pre-commit-fix-2 into 3.2 
Reviewed-on: suse-edge/Factory#250
Reviewed-by: Nicolas Belouin <nbelouin@noreply.src.opensuse.org>
 2025-08-29 11:38:27 +02:00
Denislav Prodanov
1627ee0d0d changed the entry point for pre-commit to call the script from the venv 2025-08-29 10:55:18 +02:00
Nicolas Belouin
e5d02732a8 Merge pull request '[3.2] Add pre-commit to update release manifest' (#220) from nbelouin/Factory:backport-precommit-3.2 into 3.2 
Reviewed-on: suse-edge/Factory#220
Reviewed-by: Denislav Prodanov <dprodanov@noreply.src.opensuse.org>
 2025-08-25 14:26:57 +02:00
Denislav Prodanov
df13448a90 Merge pull request 'create 3.2.2 release manifest' (#240) from dprodanov/Factory:3.2.2-rm into 3.2 
Reviewed-on: suse-edge/Factory#240
 2025-08-19 19:01:25 +02:00
Denislav Prodanov
6fd885aa56 create 3.2.2 release manifest 2025-08-19 16:50:57 +03:00
Danial Bekhit
873b7ca8d6 Merge pull request 'Changes for EIB v1.1.2' (#224) from dbekhit/Factory:3.2 into 3.2 
Reviewed-on: suse-edge/Factory#224
 2025-08-05 09:06:15 +02:00
dbw7
9e18ce3842 changes for EIB v1.1.2 2025-08-04 11:43:57 -04:00
Nicolas Belouin
9e14ce3cc2 Add pre-commit to update release manifest 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
(cherry picked from commit c3f1be5640)
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
 2025-07-30 09:33:48 +02:00
Nicolas Belouin
dcb31ca578 add a tool to check local charts version in release manifest 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
(cherry picked from commit cc8d3fe431)
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
 2025-07-30 09:29:28 +02:00
dbw7
9549266bdc Changes for EIB v1.1.1 (#127) 
Co-authored-by: Nicolas Belouin <nbelouin@noreply.src.opensuse.org>
Reviewed-on: suse-edge/Factory#127
Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>
Reviewed-by: Denislav Prodanov <dprodanov@noreply.src.opensuse.org>
Co-authored-by: dbw7 <danial.bekhit@suse.com>
Co-committed-by: dbw7 <danial.bekhit@suse.com>
 2025-05-02 10:43:15 +02:00
Nicolas Belouin
c839af5ce7 Merge pull request '[3.2] Fix some issue with dependency projects ordering, make _config only build wanted packages' (#138) from nbelouin/Factory:fix-meta-config-3.2 into 3.2 
Reviewed-on: suse-edge/Factory#138
 2025-04-30 15:31:30 +02:00
Nicolas Belouin
15a0932fc3 Fix some issue with dependency projects ordering, make _config only build wanted packages 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
(cherry picked from commit 6c1db68da8)
 2025-04-30 15:28:11 +02:00
Steven Hardy
0e99df3355 Merge pull request '[3.2] update kiwi-builder to use kiwi version as build macro (#129)' (#134) from dirkmueller/Factory:3.2 into 3.2 
Reviewed-on: suse-edge/Factory#134
Reviewed-by: Nicolas Belouin <nbelouin@noreply.src.opensuse.org>
Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>
 2025-04-28 17:03:04 +02:00
Dirk Müller
e4faea0759 Remove MAINTAINER statement 
this is deprecated and already in oci.authors
 2025-04-28 11:55:30 +02:00
Dirk Müller
76b5fe17d0 build the kiwi-image in an images_6.0 repository 2025-04-28 11:53:51 +02:00
Dirk Müller
9eba6bc6b4 make version mismatches fatal 2025-04-28 11:46:57 +02:00
Dirk Müller
baf71f063c update README as well 
Although this file seems to be unused?
 2025-04-28 11:46:43 +02:00
Dirk Müller
c913d6e401 Ensure kiwi versions and build tags actually align 2025-04-28 11:44:39 +02:00
Dirk Müller
2ba58603bb Remove no longer necessary workaround 2025-04-28 11:43:30 +02:00
Nicolas Belouin
210428c35d Merge pull request '[3.2] Enable aarch64 build for kiwi-builder-image' (#125) from nbelouin/Factory:backport-kiwi-aarch64 into 3.2 
Reviewed-on: suse-edge/Factory#125
 2025-04-22 13:37:09 +02:00
Nicolas Belouin
1ddffe1b99 Enable aarch64 build for kiwi-builder-image 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
(cherry picked from commit e3f36b74d9)
 2025-04-17 16:48:05 +02:00
Denislav Prodanov
de188dbf78 Merge pull request '[3.2.1] - bump k3s version' (#123) from dprodanov/Factory:k3s-bump into 3.2 
Reviewed-on: suse-edge/Factory#123
Reviewed-by: Nicolas Belouin <nbelouin@noreply.src.opensuse.org>
 2025-04-15 13:50:16 +02:00
Denislav Prodanov
c18be9138b [3.2.1] - bump k3s version 2025-04-15 11:33:46 +03:00
Denislav Prodanov
d35bf98093 Merge pull request '[3.2.1] - bump rke2 to latest version' (#119) from dprodanov/Factory:ingress-fix into 3.2 
Reviewed-on: suse-edge/Factory#119
Reviewed-by: Fatih Degirmenci <fdegirmenci@noreply.src.opensuse.org>
 2025-04-04 08:52:04 +02:00
Denislav Prodanov
2ad24ea18b [3.2.1] - bump rke2 to latest version 2025-04-03 21:07:41 +03:00
Denislav Prodanov
36fc92cdab Merge pull request '[3.2.1] - new eib image version' (#118) from dprodanov/Factory:eib-tag-fix into 3.2 
Reviewed-on: suse-edge/Factory#118
Reviewed-by: Nicolas Belouin <nbelouin@noreply.src.opensuse.org>
 2025-03-26 14:38:55 +01:00
Denislav Prodanov
75ed39ad43 [3.2.1] - new eib image version 2025-03-26 15:18:37 +02:00
Denislav Prodanov
ce1c54a27d Merge pull request '[3.2.1] - fix metal3 tag' (#117) from dprodanov/Factory:metal3-tag-fix into 3.2 
Reviewed-on: suse-edge/Factory#117
Reviewed-by: Nicolas Belouin <nbelouin@noreply.src.opensuse.org>
 2025-03-25 13:52:20 +01:00
Denislav Prodanov
7fba32e3c7 [3.2.1] - fix metal3 tag 2025-03-25 14:47:31 +02:00
Jiri Tomasek
221d73486b Update kubevirt-dashboard-extension-chart to v302.0.0+up1.2.1 2025-03-24 12:11:37 +01:00
Jiri Tomasek
cac6dd4b86 [3.2.1] akri-dashboard-extension-chart: Update to v302.0.0+up1.2.1 2025-03-24 12:10:17 +01:00
Denislav Prodanov
9e88e00e19 Merge pull request '[3.2.1] - bump metallb version' (#111) from dprodanov/Factory:metallb-0-14-9 into 3.2 
Reviewed-on: suse-edge/Factory#111
Reviewed-by: Kristian Zhelyazkov <kzhelyazkov@noreply.src.opensuse.org>
 2025-03-21 15:10:16 +01:00
Denislav Prodanov
6fdde33f5b [3.2.1] - bump metallb version 2025-03-21 16:07:52 +02:00
Denislav Prodanov
3b5b37b76d Merge pull request '[3.2.1] - Bump neuvector version to 2.8.4' (#109) from dprodanov/Factory:neuvector-2-8-4 into 3.2 
Reviewed-on: suse-edge/Factory#109
Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>
 2025-03-21 14:48:40 +01:00
Kristian Zhelyazkov
a96355f32a Merge pull request '[3.2] Bump MetalLB chart release version' (#108) from kzhelyazkov/Factory:bump-metallb-chart-version into 3.2 
Reviewed-on: suse-edge/Factory#108
Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>
Reviewed-by: Denislav Prodanov <dprodanov@noreply.src.opensuse.org>
 2025-03-21 14:38:57 +01:00
Denislav Prodanov
82164551ae [3.2.1] - Bump neuvector version to 2.8.4 2025-03-21 15:28:28 +02:00
Kristian-ZH
47e9ef98c1 Bump MetalLB chart release version 2025-03-21 15:10:26 +02:00
Kristian Zhelyazkov
1a21c64747 Merge pull request '[3.2] Backport MetalLB chart fix' (#106) from kzhelyazkov/Factory:backport-metallb-image-fix into 3.2 
Reviewed-on: suse-edge/Factory#106
Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>
 2025-03-21 08:55:38 +01:00
Kristian-ZH
df206f8fb9 Backport-metallb-image-fix 2025-03-20 16:57:52 +02:00
Denislav Prodanov
c6a40c532e Merge pull request 'update 3.2.1 release manifests' (#104) from dprodanov/Factory:3.2.1-release-manifest into 3.2 
Reviewed-on: suse-edge/Factory#104
Reviewed-by: Kristian Zhelyazkov <kzhelyazkov@noreply.src.opensuse.org>
 2025-03-20 15:31:56 +01:00
Denislav Prodanov
92d5b55269 update 3.2.1 release manifests 2025-03-20 16:27:20 +02:00
Denislav Prodanov
8fefb7311e Merge pull request 'update 3.2.1 release manifests' (#102) from dprodanov/Factory:3.2.1-release-manifest into 3.2 
Reviewed-on: suse-edge/Factory#102
Reviewed-by: Kristian Zhelyazkov <kzhelyazkov@noreply.src.opensuse.org>
 2025-03-20 12:32:11 +01:00
Denislav Prodanov
efefa20f5a update 3.2.1 release manifests 2025-03-20 12:39:50 +02:00
Denislav Prodanov
50d3ae722f Revert "create 3.2.1 release manifest" 
This reverts commit 189db31b7f.
 2025-03-20 11:43:48 +02:00
Denislav Prodanov
189db31b7f create 3.2.1 release manifest 2025-03-20 11:20:53 +02:00
Denislav Prodanov
af930ae49c Merge pull request '[3.2] update longhorn version to 1.7.3' (#90) from dprodanov/Factory:backport-3.2-main into 3.2 
Reviewed-on: suse-edge/Factory#90
Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>
 2025-03-14 13:08:29 +01:00
Denislav Prodanov
625b0da057 update longhorn version to 1.7.3 
remove accidental push of .idea
 2025-03-14 12:25:54 +02:00
Steven Hardy
17b108ef3d release-manifest: Update metal3 version 
Aligns with latest 0.9.4 version on this branch
 2025-03-13 12:04:28 +00:00
Steven Hardy
d0e1e065a5 metal3-chart: update to 0.9.4 
Aligns with https://github.com/suse-edge/charts/pull/192

(cherry picked from commit 6531575f1b)
 2025-03-13 12:00:39 +00:00
Steven Hardy
1d9ae4aa3d metal3-chart: update to 0.9.3 
Aligns with https://github.com/suse-edge/charts/pull/189

(cherry picked from commit d59f3540a2)
 2025-03-13 11:59:56 +00:00
Steven Hardy
2553da6659 ironic-image: update to 26.1.2.3 
Aligns with https://github.com/suse-edge/charts/pull/189
Also see:
https://build.opensuse.org/package/rdiff/isv:SUSE:Edge:Metal3:Ironic:2024.2/ironic-image?linkrev=base&rev=11

(cherry picked from commit 43c764e69c)
 2025-03-13 11:59:33 +00:00
Nicolas Belouin
3d6c9be9ed Merge pull request '[3.2] Backport workflows for prjconf and meta and fixes for tar_scm' (#78) from nbelouin/Factory:backport-workflows into 3.2 
Reviewed-on: suse-edge/Factory#78
Reviewed-by: Denislav Prodanov <dprodanov@noreply.src.opensuse.org>
Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>
 2025-02-25 15:34:57 +01:00
Steven Hardy
e6561f36ed Add metal3 images to ARM allowlist 
We need to ensure these build to enable usage of the metal3 chart on ARM

(cherry picked from commit f61bb1e0e6)

Add ipcalc, crudini and fakeroot for aarch64 build

Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
(cherry picked from commit 98c4be017d)
 2025-02-24 16:01:03 +01:00
Nicolas Belouin
fa1da01c29 Fix obsinfo tar issues 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
(cherry picked from commit dccf206a98)
(cherry picked from commit 7f93226cd3)
 2025-02-24 16:00:50 +01:00
Nicolas Belouin
cf3153e074 Sync metadata, revamp PR jobs 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
(cherry picked from commit d6d501ad99)
(cherry picked from commit 4d824b71cc)
(cherry picked from commit 0d3c83fca1)
(cherry picked from commit 5a73d61002)
(cherry picked from commit 34687fb5e9)
(cherry picked from commit 4a99805fde)
(cherry picked from commit 331f08255c)
(cherry picked from commit 3dea69443d)
(cherry picked from commit d97e434fce)
(cherry picked from commit 9e41ee25d9)
(cherry picked from commit 8f20b3433e)
 2025-02-24 16:00:18 +01:00
Nicolas Belouin
94d4faf0f9 Add project config to git 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
(cherry picked from commit c86d724e92)
(cherry picked from commit c04b2af72b)
(cherry picked from commit 54e0941879)
(cherry picked from commit a510134ed4)
 2025-02-24 15:59:45 +01:00
Steven Hardy
943fe7cda4 metal3-chart: Update to 0.9.2 
Align with https://github.com/suse-edge/charts/pull/182

(cherry picked from commit 9d97e8a56d)
 2025-02-13 14:26:56 +00:00
Steven Hardy
10757d70e3 ironic-image: update to 26.1.2.2 
Align with:
https://build.opensuse.org/package/rdiff/isv:SUSE:Edge:Metal3:Ironic:2024.2/ironic-image?linkrev=base&rev=10
https://github.com/suse-edge/charts/pull/182

Fixes a pod restart caused by the runlogwatch.sh script

(cherry picked from commit b912f9d68a)
 2025-02-13 14:26:37 +00:00
Steven Hardy
74a858e8dc ironic-ipa-downloader-image: remove unused _service entry 
This is hard-coded to x86_64 so won't work for ARM, aligns with:
https://build.opensuse.org/package/rdiff/isv:SUSE:Edge:Metal3:Ironic:2024.2/ironic-ipa-downloader-image?linkrev=base&rev=6

(cherry picked from commit 45443d5b5f)
 2025-02-13 14:26:22 +00:00
Steven Hardy
09f0242287 metal3-chart: update to 0.9.1 
Align with https://github.com/suse-edge/charts/pull/173 which
added some fixes to enable deployment on aarch64

(cherry picked from commit 5d20bc38e3)
 2025-02-13 14:25:51 +00:00
Steven Hardy
51ea0c0499 ironic-ipa-downloader-image: update to 3.0.1 
Update to the latest version from
https://build.opensuse.org/package/show/isv:SUSE:Edge:Metal3:Ironic:2024.2/ironic-ipa-downloader-image

(cherry picked from commit e085a97d98)
 2025-02-13 14:25:37 +00:00
Steven Hardy
e4363afaf9 Add ironic-ipa-ramdisk/root.tar.bz2 to lfs 2025-02-13 14:25:21 +00:00
Steven Hardy
4b20cf74d9 ironic-ipa-ramdisk: update to 3.0.1 
Update to the latest version from
https://build.opensuse.org/package/show/isv:SUSE:Edge:Metal3:Ironic:2024.2/ironic-ipa-ramdisk

(cherry picked from commit 58c8be887a)
 2025-02-13 14:24:34 +00:00
Steven Hardy
2b4c6c3cce ironic-image: update to 26.1.2.1 
Align with latest 26.1.2.1 version from
https://build.opensuse.org/package/show/isv:SUSE:Edge:Metal3:Ironic:2024.2/ironic-image

(cherry picked from commit 0d59ad920e)
 2025-02-13 14:24:12 +00:00
Nicolas Belouin
a223185628 Merge pull request 'Import missing package: frr-k8s-image' (#68) from nbelouin/Factory:import-frr-k8s-image-3.2 into 3.2 
Reviewed-on: suse-edge/Factory#68
Reviewed-by: Atanas Dinov <atanasdinov@noreply.src.opensuse.org>
Reviewed-by: Denislav Prodanov <dprodanov@noreply.src.opensuse.org>
 2025-01-17 10:18:39 +01:00
Nicolas Belouin
79dff5fce2 Add package to workflow 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
 2025-01-17 10:18:03 +01:00
Nicolas Belouin
f7a87ceaf0 Import missing package: frr-k8s-image 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
(cherry picked from commit 5490ffcde2)
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
 2025-01-17 10:16:00 +01:00
Nicolas Belouin
71e3e0b40a Merge pull request '[3.2] Add an additional tag without the _up suffix to please Rancher for dashboard extensions' (#66) from nbelouin/Factory:add-no-up-tag-extensions-3.2 into 3.2 
Reviewed-on: suse-edge/Factory#66
Reviewed-by: Atanas Dinov <atanasdinov@noreply.src.opensuse.org>
 2025-01-16 15:54:54 +01:00
Nicolas Belouin
4da1ed42d2 Add an additional tag without the _up suffix to please Rancher for dashboard extensions 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
 2025-01-16 15:47:55 +01:00
Nicolas Belouin
2ba0efdb93 Merge pull request '[3.2] Use manifest_repo var to allow for release manifest in separate repo' (#64) from nbelouin/Factory:backport-manifest-repo into 3.2 
Reviewed-on: suse-edge/Factory#64
Reviewed-by: Ivo Petrov <ipetrov117@noreply.src.opensuse.org>
Reviewed-by: Denislav Prodanov <dprodanov@noreply.src.opensuse.org>
 2025-01-10 15:15:31 +01:00
Nicolas Belouin
f0ec2699b4 Use manifest_repo var to allow for release manifest in separate repo 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>

(cherry picked from commit 2a993e342e)
 2024-12-23 14:15:00 +01:00
Nicolas Belouin
1390d88af7 IPA ramdisk git LFS fix 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
 2024-12-23 11:38:00 +01:00
Steven Hardy
9dfaedadf9 release-manifest: Update to Rancher prime 2.10.1 
2.10.1 was released so update to the prime version

(cherry picked from commit cab6fe1bcb)
 2024-12-20 09:40:33 +00:00
Ivo Petrov
81c1b981c2 Backport Release Manifest changes (#61) 
Backports [#60](suse-edge/Factory#60) to 3.2.

Reviewed-on: suse-edge/Factory#61
Reviewed-by: Atanas Dinov <atanasdinov@noreply.src.opensuse.org>
Co-authored-by: Ivo Petrov <ivo.petrov@suse.com>
Co-committed-by: Ivo Petrov <ivo.petrov@suse.com>
 2024-12-19 12:54:57 +01:00
Ivo Petrov
b71760b245 Backport K8s 1.31.3 release manifest version bump (#59) 
Backports [#58](suse-edge/Factory#58).

Reviewed-on: suse-edge/Factory#59
Reviewed-by: Denislav Prodanov <dprodanov@noreply.src.opensuse.org>
Reviewed-by: Atanas Dinov <atanasdinov@noreply.src.opensuse.org>
Co-authored-by: Ivo Petrov <ivo.petrov@suse.com>
Co-committed-by: Ivo Petrov <ivo.petrov@suse.com>
 2024-12-17 09:39:02 +01:00
Ivo Petrov
f5e4126dad Backport elemental dashboard release manifest change to 3.2 (#56) 
Backport: Add missing Elemental dashboard chart ([#55](suse-edge/Factory#55))
Reviewed-on: suse-edge/Factory#56
Reviewed-by: Atanas Dinov <atanasdinov@noreply.src.opensuse.org>
Co-authored-by: Ivo Petrov <ivo.petrov@suse.com>
Co-committed-by: Ivo Petrov <ivo.petrov@suse.com>
 2024-12-12 11:37:53 +01:00
Atanas Dinov
26e34cc386 [3.2] Bump Upgrade Controller and Release Manifest (#54) 
Co-authored-by: Ivo Petrov <ivo.petrov@suse.com>
Reviewed-on: suse-edge/Factory#54
Reviewed-by: Denislav Prodanov <dprodanov@noreply.src.opensuse.org>
 2024-12-12 09:39:30 +01:00
Jiří Tomášek
af59834eaf Merge pull request '[3.2] Update kubevirt-dashboard-extension-chart to v1.2.1' (#50) from jtomasek/Factory:kubevirt-extension-3.2-bkprt into 3.2 
Reviewed-on: suse-edge/Factory#50
Reviewed-by: Denislav Prodanov <dprodanov@noreply.src.opensuse.org>
 2024-12-06 11:03:10 +01:00
Jiří Tomášek
5ff222b69b Merge pull request '[3.2] Update akri-dashboard-extension-chart to v1.2.1' (#51) from jtomasek/Factory:akri-extension-3.2-bkprt into 3.2 
Reviewed-on: suse-edge/Factory#51
Reviewed-by: Denislav Prodanov <dprodanov@noreply.src.opensuse.org>
 2024-12-06 11:03:01 +01:00
Denislav Prodanov
14b56eabbe Merge pull request '[3.2] Backport rancher-turtles updates' (#47) from steven.hardy/Factory:turtles_3.2 into 3.2 
Reviewed-on: suse-edge/Factory#47
Reviewed-by: Denislav Prodanov <dprodanov@noreply.src.opensuse.org>
 2024-12-06 10:57:08 +01:00
Jiri Tomasek
d91b28fb5b Update akri-dashboard-extension-chart to v1.2.1 
(cherry picked from commit 87c7e1be88)
 2024-12-06 09:54:10 +01:00
Jiri Tomasek
4aa46388cf Update kubevirt-dashboard-extension-chart to v1.2.1 
(cherry picked from commit 568d5d1590)
 2024-12-06 09:52:36 +01:00
Steven Hardy
dfa68ba86e release-manifest: Update rancher-turtles chart 
Fix the rancher-turtles-chart version to align with #44

(cherry picked from commit fbd596290a)
 2024-12-05 17:46:29 +00:00
Steven Hardy
075e2a209c Remove CAPM3/IPAM images 
These are now provided by the rancher registry since #44

Conflicts:
	.obs/workflows.yml

(cherry picked from commit ec6c4745ea)
 2024-12-05 17:45:54 +00:00
Steven Hardy
2928b2076e rancher-turtles-airgap-resources-chart: Update to 0.14.1 upstream release 
Aligns with https://github.com/suse-edge/charts/pull/174 which
rebases to 0.14.1, which is marked as compatible with Rancher 2.10

(cherry picked from commit 856ec2ac8e)
 2024-12-05 17:43:56 +00:00
Steven Hardy
39338dd6ac rancher-turtles-chart: Update to 0.14.1 upstream release 
Aligns with https://github.com/suse-edge/charts/pull/174 which
rebases to 0.14.1, which is marked as compatible with Rancher 2.10

(cherry picked from commit 7721c66ab0)
 2024-12-05 17:43:43 +00:00
Denislav Prodanov
dfc8bb30d9 Merge pull request 'backport into 3.2 fixed versions in eib artifacts' (#43) from dprodanov/Factory:eib-3.2 into 3.2 
Reviewed-on: suse-edge/Factory#43
Reviewed-by: Nicolas Belouin <nbelouin@noreply.src.opensuse.org>
 2024-12-04 16:16:35 +01:00
Denislav Prodanov
33f56e8b23 fixed versions in eib artifacts 2024-12-04 17:12:03 +02:00
Steven Hardy
744d04b40a kiwi-builder-image: Align with OBS latest version 
Aligns with the latest fixes in isv:SUSE:Edge:KiwiBuilder/kiwi-builder-10

(cherry picked from commit 8a93aae7c5)
 2024-12-04 12:25:44 +00:00
Denislav Prodanov
5e098df843 Merge pull request 'updated longhorn and neuvector to latest 105 charts' (#39) from dprodanov/Factory:upstream-3.2 into 3.2 
Reviewed-on: suse-edge/Factory#39
Reviewed-by: Ivo Petrov <ipetrov117@noreply.src.opensuse.org>
 2024-11-28 16:23:41 +01:00
Denislav Prodanov
7555048917 updated longhorn and neuvector to latest 105 charts 2024-11-28 17:16:25 +02:00
Denislav Prodanov
e92a50d110 Merge pull request '[3.2 backport] rancher-turtles: Fix issue in 0.4.0 chart' (#37) from steven.hardy/Factory:turtles_fix_3.2 into 3.2 
Reviewed-on: suse-edge/Factory#37
Reviewed-by: Nicolas Belouin <nbelouin@noreply.src.opensuse.org>
Reviewed-by: Denislav Prodanov <dprodanov@noreply.src.opensuse.org>
 2024-11-27 14:08:45 +01:00
Steven Hardy
da2ad77951 rancher-turtles: Fix issue in 0.4.0 chart 
The previous import was based on a pre-merge copy of the following PR
- an issue was discovered during SV validation which required an
additional change to ensure CRDs are created before creating the
ClusterctlConfig CR

https://github.com/suse-edge/charts/pull/166
(cherry picked from commit 636493adba)
 2024-11-27 11:16:59 +00:00
Denislav Prodanov
be4fae4b18 3.2 branching 2024-11-25 15:59:33 +02:00
146 changed files with 3541 additions and 7254 deletions
Expand all files Collapse all files

23
.gitea/workflows/check_manifest.yaml Normal file
View File

@@ -0,0 +1,23 @@
name: Check Release Manifest Local Charts Versions
on:
pull_request:
branches-ignore:
- "devel"
jobs:
sync-pr-project:
name: "Check Release Manifest Local Charts Versions"
runs-on: tumbleweed
steps:
# Waiting on PR to get merged for support in upstream action/checkout action
- uses: 'https://github.com/yangskyboxlabs/action-checkout@sha256'
name: Checkout repository
with:
object-format: 'sha256'
- name: Setup dependencies
run: |
zypper in -y python3-ruamel.yaml
- name: Check release manifest
run: |
python3 .obs/manifest-check.py --check

31
.gitea/workflows/trigger_devel.yaml
View File

@@ -1,31 +0,0 @@
name: Trigger Devel Packages
on:
# NOTE (fdegir): Cron is set to run midday every weekday
schedule:
- cron: "0 12 * * 1-5
jobs:
sync-pr-project:
name: "Trigger source services for devel packages that changed"
runs-on: tumbleweed
steps:
- name: Setup OSC
run: |
mkdir -p ~/.config/osc
cat >~/.config/osc/oscrc <<'EOF'
[general]
apiurl = https://api.opensuse.org
[https://api.opensuse.org]
user=${{ vars.OBS_USERNAME }}
pass=${{ secrets.OBS_PASSWORD }}
EOF
# Waiting on PR to get merged for support in upstream action/checkout action
- uses: 'https://github.com/yangskyboxlabs/action-checkout@sha256'
name: Checkout repository
with:
object-format: 'sha256'
ref: 'devel'
- name: "Trigger packages"
run: |
python3 .obs/trigger_package.py

4
.obs/common.py
View File

@@ -1,3 +1,3 @@
PROJECT = "isv:SUSE:Edge:Factory"
PROJECT = "isv:SUSE:Edge:3.2"
REPOSITORY = "https://src.opensuse.org/suse-edge/Factory"
BRANCH = "main"
BRANCH = "3.2"

84
.obs/manifest-check.py Executable file
View File

@@ -0,0 +1,84 @@
#!/usr/bin/python3
import ruamel.yaml
import pathlib
import argparse
import sys
yaml = ruamel.yaml.YAML()
def get_chart_version(chart_name: str) -> str:
with open(f"./{chart_name}/Chart.yaml") as f:
chart = yaml.load(f)
return chart["version"]
def get_charts(chart):
if not chart["chart"].startswith("%%CHART_REPO%%"):
# Not a locally managed chart
return {}
chart_name = chart["chart"][len("%%CHART_REPO%%/%%IMG_PREFIX%%"):]
charts = { chart_name: chart["version"] }
for child_chart in chart.get("dependencyCharts", []) + chart.get("addonCharts", []):
charts.update(get_charts(child_chart))
return charts
def get_charts_list():
with open("./release-manifest-image/release_manifest.yaml") as f:
manifest = yaml.load(f)
charts = {}
for chart in manifest["spec"]["components"]["workloads"]["helm"]:
charts.update(get_charts(chart))
return charts
def check_charts(fix: bool) -> bool:
success = True
charts = get_charts_list()
to_fix = {}
for chart in charts:
expected_version = get_chart_version(chart)
if expected_version != charts[chart]:
success = False
to_fix[f'%%CHART_REPO%%/%%IMG_PREFIX%%{chart}'] = expected_version
print(f"{chart}: Expected: {expected_version}, Got: {charts[chart]}")
if fix and not success:
fix_charts(to_fix)
return True
return success
def fix_charts(to_fix):
manifest_path = pathlib.Path("./release-manifest-image/release_manifest.yaml")
manifest = yaml.load(manifest_path)
yaml.indent(mapping=2, sequence=4, offset=2)
yaml.width = 4096
for chart_index, chart in enumerate(manifest["spec"]["components"]["workloads"]["helm"]):
changed = False
if chart["chart"] in to_fix.keys():
changed = True
chart["version"] = to_fix[chart["chart"]]
for subchart_index, subchart in enumerate(chart.get("addonCharts", [])):
if subchart["chart"] in to_fix.keys():
changed = True
subchart["version"] = to_fix[subchart["chart"]]
chart["addonCharts"][subchart_index] = subchart
for subchart_index, subchart in enumerate(chart.get("dependencyCharts", [])):
if subchart["chart"] in to_fix.keys():
changed = True
subchart["version"] = to_fix[subchart["chart"]]
chart["dependencyCharts"][subchart_index] = subchart
if changed:
manifest["spec"]["components"]["workloads"]["helm"][chart_index] = chart
yaml.dump(manifest, manifest_path)
def main():
print("Checking charts versions in release manifest")
parser = argparse.ArgumentParser()
parser.add_argument('-c', '--check', action='store_true')
args = parser.parse_args()
if not check_charts(not args.check):
sys.exit(1)
else:
print("All local charts in release manifest are using the right version")
if __name__ == "__main__":
main()

1
.obs/render_meta.py
View File

@@ -8,7 +8,6 @@ def render(base_project, subproject, internal, scm_url=None):
context = {
"base_project": subproject == "",
"title": f"SUSE Edge {version} {subproject}".rstrip(),
"ironic_base": "ISV:SUSE:Edge:Ironic" if internal else "Cloud:OpenStack",
}
if subproject == "ToTest":
context["project"] = f"{base_project}:ToTest"

10
.pre-commit-config.yaml Normal file
View File

@@ -0,0 +1,10 @@
repos:
- repo: local
hooks:
- id: check-manifest
name: "Check release-manifest"
entry: python3 .obs/manifest-check.py
language: python
additional_dependencies: ['ruamel.yaml']
pass_filenames: false
always_run: true

37
_config
View File

@@ -58,7 +58,6 @@ BuildFlags: onlybuild:release-manifest-image
BuildFlags: excludebuild:endpoint-copier-operator-image
BuildFlags: excludebuild:ironic-image
BuildFlags: excludebuild:ironic-ipa-downloader-image
BuildFlags: excludebuild:kiwi-builder-image
BuildFlags: excludebuild:kube-rbac-proxy-image
BuildFlags: excludebuild:metallb-controller-image
BuildFlags: excludebuild:metallb-speaker-image
@@ -70,6 +69,7 @@ BuildFlags: onlybuild:release-manifest-image
BuildFlags: onlybuild:baremetal-operator
BuildFlags: onlybuild:baremetal-operator-image
BuildFlags: onlybuild:ca-certificates-suse
BuildFlags: onlybuild:cosign
BuildFlags: onlybuild:crudini
BuildFlags: onlybuild:edge-image-builder
BuildFlags: onlybuild:edge-image-builder-image
@@ -81,14 +81,12 @@ BuildFlags: onlybuild:release-manifest-image
BuildFlags: onlybuild:ironic-image
BuildFlags: onlybuild:ironic-ipa-downloader-image
BuildFlags: onlybuild:ironic-ipa-ramdisk
BuildFlags: onlybuild:kiwi-builder-image
BuildFlags: onlybuild:kube-rbac-proxy
BuildFlags: onlybuild:kube-rbac-proxy-image
BuildFlags: onlybuild:metallb
BuildFlags: onlybuild:metallb-controller-image
BuildFlags: onlybuild:metallb-speaker-image
BuildFlags: onlybuild:nm-configurator
BuildFlags: onlybuild:shim-noarch
%endif
%endif
@@ -105,6 +103,36 @@ BuildFlags: onlybuild:release-manifest-image
PublishFlags: archsync
%endif
%if "%_repository" == "images_6.0"
Prefer: container:sles15-image
Type: docker
BuildEngine: podman
Repotype: none
Patterntype: none
BuildFlags: dockerarg:SLE_VERSION=16.0
BuildFlags: onlybuild:kiwi-builder-image
# Publish multi-arch container images only once all archs have been built
PublishFlags: archsync
# Exclude the images selected by the aarch64 section
%ifarch aarch64
BuildFlags: excludebuild:baremetal-operator-image
BuildFlags: excludebuild:edge-image-builder-image
BuildFlags: excludebuild:endpoint-copier-operator-image
BuildFlags: excludebuild:ironic-image
BuildFlags: excludebuild:ironic-ipa-downloader-image
BuildFlags: excludebuild:kube-rbac-proxy-image
BuildFlags: excludebuild:metallb-controller-image
BuildFlags: excludebuild:metallb-speaker-image
%endif
%else
BuildFlags: excludebuild:kiwi-builder-image
%endif
%if "%_repository" == "charts" || "%_repository" == "phantomcharts" || "%_repository" == "releasecharts"
Type: helm
Repotype: helm
@@ -115,9 +143,6 @@ BuildFlags: onlybuild:release-manifest-image
%if "%_repository" == "standard"
# for build openstack-ironic-image
BuildFlags: allowrootforbuild
# ironic-ipa-ramdisk are noarch packages that need to be availble to both archs
ExportFilter: ^ironic-ipa-ramdisk-.*\.noarch\.rpm$ aarch64 x86_64
%endif
# Enable reproducible builds

15
_meta
View File

@@ -31,14 +31,19 @@
<arch>x86_64</arch>
</repository>
{%- endif %}
{%- for repository in ["images", "test_manifest_images"] %}
{%- for repository in ["images", "images_6.0", "test_manifest_images"] %}
<repository name="{{ repository }}">
{%- if release_project is defined and repository == "images" %}
{%- if release_project is defined and repository != "test_manifest_images" %}
<releasetarget project="{{ release_project }}" repository="images" trigger="manual"/>
{%- endif %}
<path project="SUSE:Registry" repository="standard"/>
<path project="SUSE:CA" repository="SLE_15_SP6"/>
<path project="{{ project }}" repository="standard"/>
{%- if repository == "images_6.0" %}
<path project="SUSE:CA" repository="16.0"/>
<path project="SUSE:ALP:Products:Marble:6.0" repository="standard"/>
{%- else %}
<path project="SUSE:CA" repository="SLE_15_SP6"/>
<path project="{{ project }}" repository="standard"/>
{%- endif %}
<arch>x86_64</arch>
<arch>aarch64</arch>
</repository>
@@ -47,7 +52,7 @@
{%- if release_project is defined and not for_release %}
<releasetarget project="{{ release_project }}" repository="standard" trigger="manual"/>
{%- endif %}
<path project="{{ ironic_base }}:2024.2" repository="15.6"/>
<path project="Cloud:OpenStack:2024.2" repository="15.6"/>
<path project="SUSE:SLE-15-SP6:Update" repository="standard"/>
<arch>x86_64</arch>
<arch>aarch64</arch>

2
baremetal-operator/_service
View File

@@ -2,7 +2,7 @@
<service name="obs_scm">
<param name="url">https://github.com/metal3-io/baremetal-operator</param>
<param name="scm">git</param>
<param name="revision">v0.9.1</param>
<param name="revision">v0.8.0</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>

6
baremetal-operator/baremetal-operator.spec
View File

@@ -17,14 +17,14 @@
Name: baremetal-operator
Version: 0.9.1
Release: 0
Version: 0.8.0
Release: 0.8.0
Summary: Implements a Kubernetes API for managing bare metal hosts
License: Apache-2.0
URL: https://github.com/metal3-io/baremetal-operator
Source: baremetal-operator-%{version}.tar
Source1: vendor.tar.gz
BuildRequires: golang(API) = 1.23
BuildRequires: golang(API) = 1.22
ExcludeArch: s390
ExcludeArch: %{ix86}

18
cosign/_service Normal file
View File

@@ -0,0 +1,18 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/rancher-government-carbide/cosign.git</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="scm">git</param>
<param name="exclude">.get</param>
<param name="revision">v2.2.3+carbide.2</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
</service>
<service mode="buildtime" name="tar">
<param name="obsinfo">cosign.obsinfo</param>
</service>
<service mode="buildtime" name="set_version" />
<service name="go_modules">
<param name="compression">gz</param>
</service>
</services>

55
cosign/cosign.spec Normal file
View File

@@ -0,0 +1,55 @@
#
# spec file for package cosign-rgs
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define project https://github.com/hauler-dev/cosign
%define revision 49542360ffb5de63f9d2f5856b658651d5538e40
Name: cosign
Version: 0
Release: 0
Summary: Container Signing, Verification and Storage in an OCI registry
License: Apache-2.0
URL: https://github.com/rancher-government-carbide/cosign
Source: cosign-%{version}.tar
Source1: vendor.tar.gz
BuildRequires: golang-packaging
%description
%prep
%setup -q -a1 -n cosign-%{version}
%build
%goprep %{project}
DATE_FMT="+%%Y-%%m-%%dT%%H:%%M:%%SZ"
BUILD_DATE=$(date -u -d "@${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u -r "${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u "${DATE_FMT}")
CLI_PKG=sigs.k8s.io/release-utils/version
CLI_LDFLAGS="-X ${CLI_PKG}.gitVersion=%{version} -X ${CLI_PKG}.gitCommit=%{revision} -X ${CLI_PKG}.gitTreeState=release -X ${CLI_PKG}.buildDate=${BUILD_DATE}"
CGO_ENABLED=0 go build -mod=vendor -buildmode=pie -trimpath -ldflags "${CLI_LDFLAGS}" -o cosign ./cmd/cosign
%install
install -D -m 0755 cosign %{buildroot}%{_bindir}/cosign
%files
%license LICENSE
%doc *.md
%{_bindir}/cosign
%changelog

8
edge-image-builder-image/Dockerfile
View File

@@ -1,5 +1,5 @@
#!BuildTag: %%IMG_PREFIX%%edge-image-builder:1.1.0
#!BuildTag: %%IMG_PREFIX%%edge-image-builder:1.1.0-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%edge-image-builder:1.1.2-rc1
#!BuildTag: %%IMG_PREFIX%%edge-image-builder:1.1.2-rc1-%RELEASE%
#!BuildVersion: 15.6
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-base:$SLE_VERSION
@@ -15,11 +15,11 @@ RUN zypper --non-interactive install --no-recommends edge-image-builder qemu-x86
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE edge-image-builder Container Image"
LABEL org.opencontainers.image.description="edge-image-builder based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="1.1.0"
LABEL org.opencontainers.image.version="1.1.2-rc1"
LABEL org.opencontainers.image.url="https://www.suse.com/products/server/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%edge-image-builder:1.1.0-%RELEASE%"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%edge-image-builder:1.1.2-rc1-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
LABEL com.suse.eula="SUSE Combined EULA February 2024"

2
edge-image-builder-image/artifacts.yaml
View File

@@ -1,7 +1,7 @@
metallb:
chart: metallb-chart
repository: "%%CHART_REPO%%/%%IMG_PREFIX%%"
version: "%%CHART_MAJOR%%.0.0+up0.14.9"
version: "%%CHART_MAJOR%%.0.1+up0.14.9"
endpoint-copier-operator:
chart: endpoint-copier-operator-chart
repository: "%%CHART_REPO%%/%%IMG_PREFIX%%"

7
edge-image-builder/_service
View File

@@ -1,10 +1,13 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/suse-edge/edge-image-builder.git</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
<param name="revision">v1.1.0</param>
<param name="revision">v1.1.2-rc1</param>
<!-- Uncomment and set this For Pre-Release Version -->
<param name="version">1.1.2~rc0</param>
<!-- Uncomment and this for regular version -->
<!-- <param name="versionformat">@PARENT_TAG@</param> -->
<param name="versionrewrite-pattern">v(\d+).(\d+).(\d+)</param>
<param name="versionrewrite-replacement">\1.\2.\3</param>
<param name="changesgenerate">enable</param>

2
edge-image-builder/edge-image-builder.spec
View File

@@ -17,7 +17,7 @@
Name: edge-image-builder
Version: 1.1.0
Version: 1.1.2~rc1
Release: 0
Summary: Edge Image Builder
License: Apache-2.0

10
frr-image/Dockerfile
View File

@@ -1,7 +1,7 @@
# SPDX-License-Identifier: MIT
#!BuildTag: %%IMG_PREFIX%%frr:8.5.6
#!BuildTag: %%IMG_PREFIX%%frr:8.5.6-%RELEASE%
#!BuildVersion: 15.6
#!BuildTag: %%IMG_PREFIX%%frr:8.4
#!BuildTag: %%IMG_PREFIX%%frr:8.4-%RELEASE%
#!BuildVersion: 15.5
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
@@ -15,11 +15,11 @@ FROM micro AS final
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="FRR Container Image"
LABEL org.opencontainers.image.description="frr based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="8.5.6"
LABEL org.opencontainers.image.version="8.4"
LABEL org.opencontainers.image.url="https://www.suse.com/products/server/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%frr:8.5.6-%RELEASE%"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%frr:8.4-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
LABEL com.suse.eula="SUSE Combined EULA February 2024"

2
frr-k8s/_service
View File

@@ -2,7 +2,7 @@
<service name="obs_scm">
<param name="url">https://github.com/metallb/frr-k8s</param>
<param name="scm">git</param>
<param name="revision">v0.0.16</param>
<param name="revision">v0.0.14</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>

4
frr-k8s/frr-k8s.spec
View File

@@ -17,8 +17,8 @@
Name: frr-k8s
Version: 0.0.16
Release: 0.0.16
Version: 0.0.14
Release: 0.0.14
Summary: A kubernetes based daemonset that exposes a subset of the FRR API in a kubernetes compliant manner.
License: Apache-2.0
URL: https://github.com/metallb/frr-k8s

11
hauler/_service
View File

@@ -4,7 +4,7 @@
<param name="versionformat">@PARENT_TAG@</param>
<param name="scm">git</param>
<param name="exclude">.get</param>
<param name="revision">v1.2.1</param>
<param name="revision">v1.0.7</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
</service>
@@ -15,13 +15,4 @@
<service name="go_modules">
<param name="compression">gz</param>
</service>
<service mode="buildtime" name="replace_using_env">
<param name="file">hauler.spec</param>
<param name="var">SOURCE_COMMIT</param>
<param name="eval">
SOURCE_COMMIT=$(grep commit hauler.obsinfo | cut -d" " -f2)
</param>
<param name="verbose">1</param>
</service>
<service mode="buildtime" name="set_version" />
</services>

17
hauler/hauler.spec
View File

@@ -18,7 +18,7 @@
%define project github.com/hauler-dev/hauler
Name: hauler
Version: 1.2.1
Version: 1.0.7
Release: 0
Summary: Airgap Swiss Army Knife
License: Apache-2.0
@@ -26,6 +26,7 @@ URL: https://github.com/hauler-dev/hauler
Source: hauler-%{version}.tar
Source1: vendor.tar.gz
BuildRequires: golang-packaging
BuildRequires: cosign
%description
@@ -37,18 +38,10 @@ BuildRequires: golang-packaging
tar -xf %{SOURCE1}
MODULE=hauler.dev/go/hauler
%define buildtime %(date +%%Y-%%m-%%dT%%H:%%M:%%S%%z)
%define buildcommit %%SOURCE_COMMIT%%
mkdir cmd/hauler/binaries
cp `which cosign` cmd/hauler/binaries/cosign-linux-%{go_arch}
go build \
-mod=vendor \
-buildmode=pie \
-o hauler \
-ldflags \
"-X $MODULE/internal/version.gitVersion=v%{version} -X $MODULE/internal/version.gitCommit=%{buildcommit} -X $MODULE/internal/version.buildDate=%{buildtime}" \
./cmd/hauler
go build -mod=vendor -buildmode=pie -o hauler ./cmd/hauler
%install

21
ironic-image/Dockerfile
View File

@@ -1,6 +1,6 @@
# SPDX-License-Identifier: Apache-2.0
#!BuildTag: %%IMG_PREFIX%%ironic:26.1.2.4
#!BuildTag: %%IMG_PREFIX%%ironic:26.1.2.4-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%ironic:26.1.2.3
#!BuildTag: %%IMG_PREFIX%%ironic:26.1.2.3-%RELEASE%
#!BuildVersion: 15.6
ARG SLE_VERSION
@@ -8,8 +8,14 @@ FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
RUN zypper -n in --no-recommends shim-x86_64 shim-aarch64 grub2-x86_64-efi grub2-arm64-efi dosfstools mtools
#!ArchExclusiveLine: x86_64
RUN if [ "$(uname -m)" = "x86_64" ];then \
zypper -n in --no-recommends gcc git make xz-devel shim dosfstools mtools glibc-extra grub2-x86_64-efi grub2; zypper -n clean; rm -rf /var/log/*; \
fi
#!ArchExclusiveLine: aarch64
RUN if [ "$(uname -m)" = "aarch64" ];then \
zypper -n rm kubic-locale-archive-2.31-10.36.noarch openssl-1_1-1.1.1l-150500.17.37.1.aarch64; zypper -n in --no-recommends gcc git make xz-devel openssl-3 mokutil shim dosfstools mtools glibc glibc-extra grub2 grub2-arm64-efi; zypper -n clean; rm -rf /var/log/* ;\
fi
WORKDIR /tmp
COPY prepare-efi.sh /bin/
RUN set -euo pipefail; chmod +x /bin/prepare-efi.sh
@@ -40,8 +46,8 @@ LABEL org.opencontainers.image.description="Openstack Ironic based on the SLE Ba
LABEL org.opencontainers.image.url="https://www.suse.com/products/server/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opencontainers.image.version="26.1.2.4"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic:26.1.2.4-%RELEASE%"
LABEL org.opencontainers.image.version="26.1.2.3"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic:26.1.2.3-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
LABEL com.suse.eula="SUSE Combined EULA February 2024"
@@ -82,8 +88,7 @@ RUN if [ "$(uname -m)" = "aarch64" ]; then\
cp /usr/share/ipxe/snp-arm64.efi /tftpboot/ipxe.efi; cp /usr/share/ipxe/snp-arm64.efi /tftpboot/snp-arm64.efi; cp /usr/share/ipxe/snp-arm64.efi /tftpboot/snp.efi ;\
fi
COPY --from=base /tmp/esp-x86_64.img /tmp/uefi_esp-x86_64.img
COPY --from=base /tmp/esp-aarch64.img /tmp/uefi_esp-arm64.img
COPY --from=base /tmp/esp.img /tmp/uefi_esp.img
COPY ironic.conf.j2 /etc/ironic/
COPY inspector.ipxe.j2 httpd-ironic-api.conf.j2 ipxe_config.template /tmp/

2
ironic-image/configure-ironic.sh
View File

@@ -68,7 +68,7 @@ if [[ -n "$IRONIC_EXTERNAL_IP" ]]; then
fi
fi
IMAGE_CACHE_PREFIX="/shared/html/images/ironic-python-agent-${DEPLOY_ARCHITECTURE}"
IMAGE_CACHE_PREFIX=/shared/html/images/ironic-python-agent
if [[ -f "${IMAGE_CACHE_PREFIX}.kernel" ]] && [[ -f "${IMAGE_CACHE_PREFIX}.initramfs" ]]; then
export IRONIC_DEFAULT_KERNEL="${IMAGE_CACHE_PREFIX}.kernel"
export IRONIC_DEFAULT_RAMDISK="${IMAGE_CACHE_PREFIX}.initramfs"

4
ironic-image/inspector.ipxe.j2
View File

@@ -5,6 +5,6 @@ echo In inspector.ipxe
imgfree
# NOTE(dtantsur): keep inspection kernel params in [mdns]params in
# ironic-inspector-image and configuration in configure-ironic.sh
kernel --timeout 60000 http://{{ env.IRONIC_URL_HOST }}:{{ env.HTTP_PORT }}/images/ironic-python-agent-${buildarch}.kernel ipa-insecure=1 ipa-inspection-collectors={{ env.IRONIC_IPA_COLLECTORS }} systemd.journald.forward_to_console=yes BOOTIF=${mac} ipa-debug=1 ipa-enable-vlan-interfaces={{ env.IRONIC_ENABLE_VLAN_INTERFACES }} ipa-inspection-dhcp-all-interfaces=1 ipa-collect-lldp=1 {{ env.INSPECTOR_EXTRA_ARGS }} initrd=ironic-python-agent.initramfs {% if env.IRONIC_RAMDISK_SSH_KEY %}sshkey="{{ env.IRONIC_RAMDISK_SSH_KEY|trim }}"{% endif %} {{ env.IRONIC_KERNEL_PARAMS|trim }} || goto retry_boot
initrd --timeout 60000 http://{{ env.IRONIC_URL_HOST }}:{{ env.HTTP_PORT }}/images/ironic-python-agent-${buildarch}.initramfs || goto retry_boot
kernel --timeout 60000 http://{{ env.IRONIC_URL_HOST }}:{{ env.HTTP_PORT }}/images/ironic-python-agent.kernel ipa-insecure=1 ipa-inspection-collectors={{ env.IRONIC_IPA_COLLECTORS }} systemd.journald.forward_to_console=yes BOOTIF=${mac} ipa-debug=1 ipa-enable-vlan-interfaces={{ env.IRONIC_ENABLE_VLAN_INTERFACES }} ipa-inspection-dhcp-all-interfaces=1 ipa-collect-lldp=1 {{ env.INSPECTOR_EXTRA_ARGS }} initrd=ironic-python-agent.initramfs {% if env.IRONIC_RAMDISK_SSH_KEY %}sshkey="{{ env.IRONIC_RAMDISK_SSH_KEY|trim }}"{% endif %} {{ env.IRONIC_KERNEL_PARAMS|trim }} || goto retry_boot
initrd --timeout 60000 http://{{ env.IRONIC_URL_HOST }}:{{ env.HTTP_PORT }}/images/ironic-python-agent.initramfs || goto retry_boot
boot

2
ironic-image/ironic.conf.j2
View File

@@ -83,7 +83,7 @@ send_sensor_data = {{ env.SEND_SENSOR_DATA }}
# Power state is checked every 60 seconds and BMC activity should
# be avoided more often than once every sixty seconds.
send_sensor_data_interval = 160
bootloader = {{ env.IRONIC_BOOT_BASE_URL }}/uefi_esp-{{ env.DEPLOY_ARCHITECTURE }}.img
bootloader = {{ env.IRONIC_BOOT_BASE_URL }}/uefi_esp.img
verify_step_priority_override = management.clear_job_queue:90
# We don't use this feature, and it creates an additional load on the database
node_history = False

51
ironic-image/prepare-efi.sh
View File

@@ -2,26 +2,41 @@
set -euxo pipefail
declare -A efi_arch=(
["x86_64"]="X64"
["aarch64"]="AA64"
)
ARCH=$(uname -m)
DEST=${2:-/tmp/esp.img}
OS=${1:-sles}
for arch in "${!efi_arch[@]}"; do
DEST=/tmp/esp-${arch}.img
if [ $ARCH = "aarch64" ]; then
BOOTEFI=BOOTAA64.EFI
GRUBEFI=grubaa64.efi
else
BOOTEFI=BOOTX64.efi
GRUBEFI=grubx64.efi
fi
dd bs=1024 count=6400 if=/dev/zero of=$DEST
mkfs.msdos -F 12 -n 'ESP_IMAGE' $DEST
mmd -i $DEST EFI
mmd -i $DEST EFI/BOOT
mcopy -i $DEST -v /usr/share/efi/${arch}/shim.efi ::EFI/BOOT/BOOT${efi_arch[$arch]}.EFI
mcopy -i $DEST -v /usr/share/efi/${arch}/grub.efi ::EFI/BOOT/GRUB.EFI
mdir -i $DEST ::EFI/BOOT;
done
dd bs=1024 count=6400 if=/dev/zero of=$DEST
mkfs.msdos -F 12 -n 'ESP_IMAGE' $DEST
mkdir -p /boot/efi/EFI/BOOT
mkdir -p /boot/efi/EFI/$OS
if [ $ARCH = "aarch64" ]; then
cp -L /usr/share/efi/aarch64/shim.efi /boot/efi/EFI/BOOT/$BOOTEFI
cp -L /usr/share/efi/aarch64/grub.efi /boot/efi/EFI/BOOT/grub.efi
cp /usr/share/grub2/arm64-efi/grub.efi /boot/efi/EFI/$OS/grubaa64.efi
else
cp -L /usr/lib64/efi/shim.efi /boot/efi/EFI/BOOT/$BOOTEFI
#cp /usr/share/grub2/x86_64-efi/grub.efi /boot/efi/EFI/$OS/$GRUBEFI
cp /usr/share/grub2/x86_64-efi/grub.efi /boot/efi/EFI/$OS/grub.efi
fi
mmd -i $DEST EFI
mmd -i $DEST EFI/BOOT
mcopy -i $DEST -v /boot/efi/EFI/BOOT/$BOOTEFI ::EFI/BOOT
if [ $ARCH = "aarch64" ]; then
mcopy -i $DEST -v /boot/efi/EFI/BOOT/grub.efi ::EFI/BOOT
mcopy -i $DEST -v /boot/efi/EFI/$OS/$GRUBEFI ::EFI/BOOT
else
mcopy -i $DEST -v /boot/efi/EFI/$OS/grub.efi ::EFI/BOOT
fi
mdir -i $DEST ::EFI/BOOT;

2
ironic-image/runhttpd
View File

@@ -39,7 +39,7 @@ export INSPECTOR_EXTRA_ARGS
# Copy files to shared mount
render_j2_config /tmp/inspector.ipxe.j2 /shared/html/inspector.ipxe
cp /tmp/uefi_esp*.img /shared/html/
cp /tmp/uefi_esp.img /shared/html/uefi_esp.img
# Render the core httpd config
render_j2_config /etc/httpd/conf/httpd.conf.j2 /etc/httpd/conf/httpd.conf

22
ironic-ipa-downloader-image/Dockerfile
View File

@@ -1,6 +1,6 @@
# SPDX-License-Identifier: Apache-2.0
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.3
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.3-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.1
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.1-%RELEASE%
#!BuildVersion: 15.6
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
@@ -8,8 +8,15 @@ FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
COPY --from=micro / /installroot/
RUN sed -i -e 's%^# rpm.install.excludedocs = no.*%rpm.install.excludedocs = yes%g' /etc/zypp/zypp.conf
RUN zypper --installroot /installroot --non-interactive install --no-recommends ironic-ipa-ramdisk-x86_64 ironic-ipa-ramdisk-aarch64 tar gawk curl xz zstd shadow cpio findutils
#!ArchExclusiveLine: x86_64
RUN if [ "$(uname -m)" = "x86_64" ];then \
zypper --installroot /installroot --non-interactive install --no-recommends ironic-ipa-ramdisk-x86_64 python311-devel python311 python311-pip tar gawk git curl xz fakeroot shadow sed cpio; zypper -n clean; rm -rf /var/log/*; \
fi
#!ArchExclusiveLine: aarch64
RUN if [ "$(uname -m)" = "aarch64" ];then \
zypper --installroot /installroot --non-interactive install --no-recommends ironic-ipa-ramdisk-aarch64 python311-devel python311 python311-pip tar gawk git curl xz fakeroot shadow sed cpio; zypper -n clean; rm -rf /var/log/*; \
fi
#RUN zypper --installroot /installroot --non-interactive install --no-recommends sles-release;
RUN cp /usr/bin/getopt /installroot/
FROM micro AS final
@@ -19,11 +26,11 @@ FROM micro AS final
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE Based Ironic IPA Downloader Container Image"
LABEL org.opencontainers.image.description="ironic-ipa-downloader based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="3.0.3"
LABEL org.opencontainers.image.version="3.0.1"
LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.3-%RELEASE%"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.1-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
LABEL com.suse.eula="SUSE Combined EULA February 2024"
@@ -34,9 +41,8 @@ LABEL com.suse.release-stage="released"
COPY --from=base /installroot /
RUN cp /getopt /usr/bin/
RUN cp /srv/tftpboot/openstack-ironic-image/initrd*.zst /tmp
RUN cp /srv/tftpboot/openstack-ironic-image/initrd.xz /tmp
RUN cp /srv/tftpboot/openstack-ironic-image/openstack-ironic-image*.kernel /tmp
RUN sha256sum /srv/tftpboot/openstack-ironic-image/initrd*.zst /srv/tftpboot/openstack-ironic-image/openstack-ironic-image*.kernel > /tmp/images.sha256
# configure non-root user
COPY configure-nonroot.sh /bin/
RUN set -euo pipefail; chmod +x /bin/configure-nonroot.sh

68
ironic-ipa-downloader-image/get-resource.sh
View File

@@ -6,33 +6,12 @@ export http_proxy=${http_proxy:-$HTTP_PROXY}
export https_proxy=${https_proxy:-$HTTPS_PROXY}
export no_proxy=${no_proxy:-$NO_PROXY}
if [ -d "/tmp/ironic-certificates" ]; then
sha256sum /tmp/ironic-certificates/* > /tmp/certificates.sha256
if cmp "/shared/certificates.sha256" "/tmp/certificates.sha256"; then
CERTS_CHANGED=0
else
CERTS_CHANGED=1
fi
fi
# Which image should we use
if [ -z "${IPA_BASEURI}" ]; then
if cmp "/shared/images.sha256" "/tmp/images.sha256"; then
if [ "${CERTS_CHANGED:-0}" = "0" ]; then
# everything is the same exit early
exit 0
fi
fi
IMAGE_CHANGED=1
# SLES BASED IPA - ironic-ipa-ramdisk-x86_64 and ironic-ipa-ramdisk-aarch64 packages
# SLES BASED IPA - ironic-ipa-ramdisk-x86_64 package
mkdir -p /shared/html/images
cp /tmp/initrd-x86_64.zst /shared/html/images/ironic-python-agent-x86_64.initramfs
cp /tmp/openstack-ironic-image.x86_64*.kernel /shared/html/images/ironic-python-agent-x86_64.kernel
# Use arm64 as destination for iPXE compatibility
cp /tmp/initrd-aarch64.zst /shared/html/images/ironic-python-agent-arm64.initramfs
cp /tmp/openstack-ironic-image.aarch64*.kernel /shared/html/images/ironic-python-agent-arm64.kernel
cp /tmp/images.sha256 /shared/images.sha256
cp /tmp/initrd.xz /shared/html/images/ironic-python-agent.initramfs
cp /tmp/openstack-ironic-image*.kernel /shared/html/images/ironic-python-agent.kernel
else
FILENAME=ironic-python-agent
FILENAME_EXT=.tar
@@ -46,56 +25,47 @@ else
# If we have a CACHEURL and nothing has yet been downloaded
# get header info from the cache
ls -l
if [ -n "$CACHEURL" ] && [ ! -e $FFILENAME.headers ] ; then
if [ -n "$CACHEURL" -a ! -e $FFILENAME.headers ] ; then
curl -g --verbose --fail -O "$CACHEURL/$FFILENAME.headers" || true
fi
# Download the most recent version of IPA
if [ -e $FFILENAME.headers ] ; then
ETAG=$(awk '/ETag:/ {print $2}' $FFILENAME.headers | tr -d "\r")
cd "$TMPDIR"
curl -g --verbose --dump-header $FFILENAME.headers -O "$IPA_BASEURI/$FFILENAME" --header "If-None-Match: $ETAG" || cp /shared/html/images/$FFILENAME.headers .
cd $TMPDIR
curl -g --verbose --dump-header $FFILENAME.headers -O $IPA_BASEURI/$FFILENAME --header "If-None-Match: $ETAG" || cp /shared/html/images/$FFILENAME.headers .
# curl didn't download anything because we have the ETag already
# but we don't have it in the images directory
# Its in the cache, go get it
ETAG=$(awk '/ETag:/ {print $2}' $FFILENAME.headers | tr -d "\"\r")
if [ ! -s $FFILENAME ] && [ ! -e "/shared/html/images/$FILENAME-$ETAG/$FFILENAME" ] ; then
if [ ! -s $FFILENAME -a ! -e /shared/html/images/$FILENAME-$ETAG/$FFILENAME ] ; then
mv /shared/html/images/$FFILENAME.headers .
curl -g --verbose -O "$CACHEURL/$FILENAME-$ETAG/$FFILENAME"
fi
else
cd "$TMPDIR"
curl -g --verbose --dump-header $FFILENAME.headers -O "$IPA_BASEURI/$FFILENAME"
cd $TMPDIR
curl -g --verbose --dump-header $FFILENAME.headers -O $IPA_BASEURI/$FFILENAME
fi
if [ -s $FFILENAME ] ; then
tar -xf $FFILENAME
xz -d -c -k --fast $FILENAME.initramfs | zstd -c > $FILENAME.initramfs.zstd
mv $FILENAME.initramfs.zstd $FILENAME.initramfs
ARCH=$(file -b ${FILENAME}.kernel | cut -d ' ' -f 3)
if [ "$ARCH" = "x86" ]; then
ARCH="x86_64"
fi
ETAG=$(awk '/ETag:/ {print $2}' $FFILENAME.headers | tr -d "\"\r")
cd -
chmod 755 "$TMPDIR"
mv "$TMPDIR" "$FILENAME-$ETAG"
ln -sf "$FILENAME-$ETAG/$FFILENAME.headers" "$FFILENAME.headers"
ln -sf "$FILENAME-$ETAG/$FILENAME.initramfs" "$FILENAME-${ARCH,,}.initramfs"
ln -sf "$FILENAME-$ETAG/$FILENAME.kernel" "$FILENAME-${ARCH,,}.kernel"
IMAGE_CHANGED=1
chmod 755 $TMPDIR
mv $TMPDIR $FILENAME-$ETAG
ln -sf $FILENAME-$ETAG/$FFILENAME.headers $FFILENAME.headers
ln -sf $FILENAME-$ETAG/$FILENAME.initramfs $FILENAME.initramfs
ln -sf $FILENAME-$ETAG/$FILENAME.kernel $FILENAME.kernel
else
rm -rf "$TMPDIR"
rm -rf $TMPDIR
fi
fi
if [ "${CERTS_CHANGED:-0}" = "1" ] || [ "${IMAGE_CHANGED:-0}" = "1" ]; then
if [ -d "/tmp/ironic-certificates" ]; then
mkdir -p /tmp/ca/tmp-initrd && cd /tmp/ca/tmp-initrd
xz -d -c -k --fast /shared/html/images/ironic-python-agent.initramfs | fakeroot -s ../initrd.fakeroot cpio -i
mkdir -p etc/ironic-python-agent.d/ca-certs
cp /tmp/ironic-certificates/* etc/ironic-python-agent.d/ca-certs/
for initramfs in /shared/html/images/ironic-python-agent-*.initramfs; do
find . | cpio -o -H newc --reproducible | zstd -c >> "${initramfs}"
done
cp /tmp/certificates.sha256 /shared/certificates.sha256
find . | fakeroot -i ../initrd.fakeroot cpio -o -H newc | xz --check=crc32 --x86 --lzma2 --fast > /shared/html/images/ironic-python-agent.initramfs
fi

2
ironic-ipa-ramdisk/ironic-ipa-ramdisk.kiwi
View File

@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="utf-8"?>
<image schemaversion="7.4" name="openstack-ironic-image">
<image schemaversion="7.4" name="openstack-ironic-image-301">
<description type="system">
<author>Cloud developers</author>
<contact>cloud-devel@suse.de</contact>

8
ironic-ipa-ramdisk/ironic-ipa-ramdisk.spec
View File

@@ -19,7 +19,7 @@
Name: ironic-ipa-ramdisk
Version: 3.0.3
Version: 3.0.1
Release: 0
Summary: Kernel and ramdisk image for OpenStack Ironic
License: SUSE-EULA
@@ -148,8 +148,10 @@ TDIR=`mktemp -d /tmp/openstack-ironic-image.XXXXX`
cd /tmp/openstack-ironic-image/img/build/image-root
find . | cpio --create --format=newc --quiet > $TDIR/initrdtmp
cd $TDIR
zstd initrdtmp -o initrd-%{_arch}.zst
INITRD=`ls *.zst | head -1`
gzip -9 -f initrdtmp
INITRDGZ=`ls *.gz | head -1`
gzip -cd $INITRDGZ | xz --check=crc32 -c9 > initrd.xz
INITRD=`ls *.xz | head -1`
ls /tmp/openstack-ironic-image/img/openstack-ironic-image*
KERNEL=`ls /tmp/openstack-ironic-image/img/openstack-ironic-image*default*kernel | head -1`

BIN
ironic-ipa-ramdisk/root.tar.bz2 (Stored with Git LFS)
View File

Binary file not shown.

18
kiwi-builder-image/Dockerfile
View File

@@ -1,18 +1,20 @@
#!BuildTag: %%IMG_PREFIX%%kiwi-builder:10.1.16.1
#!BuildTag: %%IMG_PREFIX%%kiwi-builder:10.1.16.1-%RELEASE%
FROM registry.suse.com/bci/kiwi:10.1.16
MAINTAINER SUSE LLC (https://www.suse.com/)
#!BuildTag: %%IMG_PREFIX%%kiwi-builder:%%kiwi_version%%.1-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%kiwi-builder:%%kiwi_version%%.1
ARG KIWIVERSION="10.2.12"
FROM registry.suse.com/bci/kiwi:${KIWIVERSION}
ARG KIWIVERSION
# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=com.suse.application.akri
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE Kiwi Builder Container Image"
LABEL org.opencontainers.image.description="kiwi-builder based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="%PACKAGE_VERSION%"
LABEL org.opencontainers.image.version="%%kiwi_version%%"
LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%kiwi-builder:10.1.16.1"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%kiwi-builder:%%kiwi_version%%.1-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
LABEL com.suse.eula="SUSE Combined EULA February 2024"
@@ -21,8 +23,8 @@ LABEL com.suse.image-type="application"
LABEL com.suse.release-stage="released"
# endlabelprefix
# Configure Kiwi to use kpartx
RUN echo -e "mapper:\n - part_mapper: kpartx" > /etc/kiwi.yml
# help the build service understand the need for python3-kiwi
RUN zypper -n install -d -D python3-kiwi; [ "%%kiwi_version%%" = "${KIWIVERSION}" ] || { echo "expected kiwi version ${KIWIVERSION}: version mismatch"; exit 1; }
# Copy build script into image and make it executable
ADD build-image.sh /usr/bin/build-image

26
kiwi-builder-image/README
View File

@@ -2,13 +2,13 @@
Kiwi SDK Image Instructions
###########################
Please ensure that you're running this on a registered SUSE Linux Micro 6.1 system, and make sure that SELinux is disabled:
Please ensure that you're running this on a registered SLE Micro 6.0 system, and make sure that SELinux is disabled:
# setenforce 0
Next, download the podman image:
# podman pull %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:10.1.16.1
# podman pull %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:%%kiwi_version%%.1
Make a local output directory (where the images will reside):
@@ -16,40 +16,40 @@ Make a local output directory (where the images will reside):
Then, to build a standard "Base" image, run the following in podman:
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:10.1.16.1 build-image
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:%%kiwi_version%%.1 build-image
To build a "Base" SelfInstall ISO, you can add additional flags, for example:
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:10.1.16.1 build-image -p Base-SelfInstall
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:%%kiwi_version%%.1 build-image -p Base-SelfInstall
Then, to build a standard "Default" image, run the following in podman:
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:10.1.16.1 build-image -p Default
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:%%kiwi_version%%.1 build-image -p Default
To build a "Default" SelfInstall ISO, you can add additional flags, for example:
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:10.1.16.1 build-image -p Default-SelfInstall
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:%%kiwi_version%%.1 build-image -p Default-SelfInstall
To build an image with a RealTime kernel, e.g. a RAW disk image ("Default"), use the following:
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:10.1.16.1 build-image -p Base-RT
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:%%kiwi_version%%.1 build-image -p Base-RT
To build an image that supports a large block/sectorsize (4096), use the "-b" flag, for example:
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:10.1.16.1 build-image -p Default-SelfInstall -b
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:%%kiwi_version%%.1 build-image -p Default-SelfInstall -b
# mkdir mydefs/
# cp /path/to/SL-Micro.kiwi mydefs/
# cp /path/to/config.sh mydefs/
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -v ./mydefs/:/micro-sdk/defs/ -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:10.1.16.1 build-image
# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -v ./mydefs/:/micro-sdk/defs/ -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:%%kiwi_version%%.1 build-image
All output will be in the local $(pwd)/output directory, for example:
# ls -1 output/
SLE-Micro.x86_64-6.1.changes
SLE-Micro.x86_64-6.1.packages
SLE-Micro.x86_64-6.1.raw
SLE-Micro.x86_64-6.1.verified
SL-Micro.x86_64-6.0.changes
SL-Micro.x86_64-6.0.packages
SL-Micro.x86_64-6.0.raw
SL-Micro.x86_64-6.0.verified
build
kiwi.result
kiwi.result.json

388
kiwi-builder-image/SL-Micro.kiwi
View File

@@ -33,12 +33,6 @@
<profile name="aarch64-self_install" description="Raw disk for aarch64" arch="aarch64">
<requires profile="bootloader"/>
</profile>
<profile name="aarch64-rt" description="Raw disk for aarch64 with RT kernel" arch="aarch64">
<requires profile="bootloader"/>
</profile>
<profile name="aarch64-rt-self_install" description="Raw disk for aarch64 with RT kernel" arch="aarch64">
<requires profile="bootloader"/>
</profile>
<profile name="x86-legacy" description="Raw disk for x86_64 - legacy boot" arch="x86_64">
<requires profile="bootloader"/>
</profile>
@@ -69,21 +63,6 @@
<profile name="s390-fba" description="Raw disk for s390 - DASD" arch="s390x">
<requires profile="bootloader"/>
</profile>
<profile name="s390-fcp" description="Raw disk for s390 - SCSI" arch="s390x">
<requires profile="bootloader"/>
</profile>
<profile name="ppc64le-512ss" description="Raw disk for PPc64 - 512 sector size" arch="ppc64le">
<requires profile="bootloader"/>
</profile>
<profile name="ppc64le-4096ss" description="Raw disk for PPc64 - 4096 sector size" arch="ppc64le">
<requires profile="bootloader"/>
</profile>
<profile name="ppc64le-512ss-self_install" description="Raw disk for PPc64 - 512 sector size" arch="ppc64le">
<requires profile="bootloader"/>
</profile>
<profile name="ppc64le-4096ss-self_install" description="Raw disk for PPc64 - 4096 sector size" arch="ppc64le">
<requires profile="bootloader"/>
</profile>
<!-- Images (flavor + platform) -->
<profile name="Default" description="SL Micro with Podman and KVM as raw image with uEFI boot" arch="x86_64">
<requires profile="full"/>
@@ -161,15 +140,6 @@
<requires profile="x86-rt-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Base-RT" description="SL Micro with Podman as raw image with uEFI boot" arch="aarch64">
<requires profile="container-host"/>
<requires profile="aarch64-rt"/>
</profile>
<profile name="Base-RT-SelfInstall" description="SL Micro with Podman as raw image with uEFI boot - SelfInstall" arch="aarch64">
<requires profile="container-host"/>
<requires profile="aarch64-rt-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Default-qcow" description="SL Micro with Podman and KVM as raw image for KVM on System z" arch="s390x">
<requires profile="full"/>
<requires profile="s390-kvm"/>
@@ -194,14 +164,6 @@
<requires profile="container-host"/>
<requires profile="s390-fba"/>
</profile>
<profile name="Default-fcp" description="SL Micro with Podman and KVM as raw image for zFCP on System z" arch="s390x">
<requires profile="full"/>
<requires profile="s390-fcp"/>
</profile>
<profile name="Base-fcp" description="SL Micro with Podman as raw image for zFCP on System z" arch="s390x">
<requires profile="container-host"/>
<requires profile="s390-fcp"/>
</profile>
<profile name="Default-legacy" description="SL Micro with Podman as raw image with legacy boot" arch="x86_64">
<requires profile="full"/>
<requires profile="x86-legacy"/>
@@ -222,47 +184,10 @@
<requires profile="container-host"/>
<requires profile="aarch64-qcow"/>
</profile>
<profile name="Base-512" description="SL Micro with Podman as raw image for ppc64le with 512b sector size" arch="ppc64le">
<requires profile="container-host"/>
<requires profile="ppc64le-512ss"/>
</profile>
<profile name="Base-4096" description="SL Micro with Podman as raw image for ppc64le with 4096b sector size" arch="ppc64le">
<requires profile="container-host"/>
<requires profile="ppc64le-4096ss"/>
</profile>
<profile name="Base-512-SelfInstall" description="SL Micro with Podman as self-install image for ppc64le with 512b sector size" arch="ppc64le">
<requires profile="container-host"/>
<requires profile="ppc64le-512ss-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Base-4096-SelfInstall" description="SL Micro with Podman as self-install image for ppc64le with 512b sector size" arch="ppc64le">
<requires profile="container-host"/>
<requires profile="ppc64le-4096ss-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Default-512" description="SL Micro with Podman and KVM as raw image for ppc64le with 512b sector size" arch="ppc64le">
<requires profile="full"/>
<requires profile="ppc64le-512ss"/>
</profile>
<profile name="Default-4096" description="SL Micro with Podman and KVM as raw image for ppc64le with 4096b sector size" arch="ppc64le">
<requires profile="full"/>
<requires profile="ppc64le-4096ss"/>
</profile>
<profile name="Default-512-SelfInstall" description="SL Micro with Podman and KVM as self-install image for ppc64le with 512b sector size" arch="ppc64le">
<requires profile="full"/>
<requires profile="ppc64le-512ss-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Default-4096-SelfInstall" description="SL Micro with Podman and KVM as self-install image for ppc64le with 512b sector size" arch="ppc64le">
<requires profile="full"/>
<requires profile="ppc64le-4096ss-self_install"/>
<requires profile="self_install"/>
</profile>
</profiles>
<preferences profiles="x86-encrypted,x86-rt-encrypted">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -273,7 +198,7 @@
initrd_system="dracut"
filesystem="btrfs"
firmware="uefi"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
@@ -286,7 +211,7 @@
luks_pbkdf="pbkdf2"
>
<luksformat>
<option name="--cipher" value="aes-xts-plain64"/>
<option name="--cipher" value="aes"/>
</luksformat>
<bootloader name="grub2" console="gfxterm" use_disk_password="true" />
<systemdisk>
@@ -305,7 +230,7 @@
</type>
</preferences>
<preferences profiles="x86,x86-rt">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -316,7 +241,7 @@
initrd_system="dracut"
filesystem="btrfs"
firmware="uefi"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
@@ -341,7 +266,7 @@
</preferences>
<preferences profiles="x86-self_install,x86-rt-self_install">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -351,12 +276,11 @@
image="oem"
initrd_system="dracut"
installiso="true"
installpxe="true"
filesystem="btrfs"
installboot="install"
install_continue_on_timeout="false"
firmware="uefi"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
@@ -380,8 +304,8 @@
</type>
</preferences>
<preferences profiles="rpi,aarch64-rt">
<version>6.1</version>
<preferences profiles="rpi">
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -396,11 +320,11 @@
install_continue_on_timeout="false"
fsmountoptions="noatime"
firmware="uefi"
kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
kernelcmdline="console=ttyS0,115200n8 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
efipartsize="128"
efipartsize="128"
editbootinstall="editbootinstall_rpi.sh"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="false"
@@ -420,8 +344,8 @@
</systemdisk>
</type>
</preferences>
<preferences profiles="aarch64-self_install,aarch64-rt-self_install">
<version>6.1</version>
<preferences profiles="aarch64-self_install">
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -431,13 +355,12 @@
image="oem"
initrd_system="dracut"
installiso="true"
installpxe="true"
filesystem="btrfs"
installboot="install"
install_continue_on_timeout="false"
firmware="uefi"
efipartsize="128"
kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
efipartsize="128"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
@@ -462,22 +385,22 @@
</preferences>
<preferences profiles="s390-kvm">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<!-- Use ignition.platform.id=metal to avoid bsc#1227689 -->
<type
image="oem"
filesystem="btrfs"
bootpartition="true"
bootpartsize="300"
bootfilesystem="ext4"
bootfilesystem="ext2"
initrd_system="dracut"
format="qcow2"
kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1 ignition.platform.id=metal"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
@@ -500,7 +423,7 @@
<preferences profiles="s390-dasd">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -511,9 +434,9 @@
filesystem="btrfs"
bootpartition="true"
bootpartsize="300"
bootfilesystem="ext4"
bootfilesystem="ext2"
initrd_system="dracut"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet systemd.show_status=1"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet"
devicepersistency="by-uuid"
target_blocksize="4096"
btrfs_root_is_snapshot="true"
@@ -538,7 +461,7 @@
<preferences profiles="s390-fba">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -549,9 +472,9 @@
filesystem="btrfs"
bootpartition="true"
bootpartsize="300"
bootfilesystem="ext4"
bootfilesystem="ext2"
initrd_system="dracut"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet systemd.show_status=1"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
@@ -572,47 +495,9 @@
</type>
</preferences>
<preferences profiles="s390-fcp">
<version>6.1</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<type
image="oem"
filesystem="btrfs"
installpxe="true"
bootpartition="true"
bootpartsize="300"
bootfilesystem="ext4"
initrd_system="dracut"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet systemd.show_status=1"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<oemconfig>
<oem-multipath-scan>true</oem-multipath-scan>
</oemconfig>
<bootloader name="grub2_s390x_emu" console="serial" timeout="3" targettype="SCSI"/>
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/s390x-emu" mountpoint="boot/grub2/s390x-emu"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
<size unit="G">5</size>
</type>
</preferences>
<preferences profiles="x86-vmware">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -647,7 +532,7 @@
</type>
</preferences>
<preferences profiles="x86-qcow">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -658,7 +543,7 @@
format="qcow2"
filesystem="btrfs"
firmware="uefi"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=qemu"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0 ignition.platform.id=qemu"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
@@ -682,9 +567,9 @@
<size unit="G">32</size>
</type>
</preferences>
<preferences profiles="aarch64-qcow">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -695,8 +580,8 @@
format="qcow2"
filesystem="btrfs"
firmware="uefi"
efipartsize="128"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=qemu"
efipartsize="128"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0 ignition.platform.id=qemu"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
@@ -707,7 +592,7 @@
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<volume name="opt"/>
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/arm64-efi" mountpoint="boot/grub2/arm64-efi"/>
<volume name="boot/writable"/>
@@ -718,161 +603,6 @@
</type>
</preferences>
<preferences profiles="ppc64le-512ss">
<version>6.1</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<!-- Use ignition.platform.id=metal to avoid bsc#1227689 -->
<type
image="oem"
filesystem="btrfs"
firmware="ofw"
kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=metal"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<!-- on tmpfs jsc#SMO-2 <volume name="tmp"/> -->
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/powerpc-ieee1275"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
</type>
</preferences>
<preferences profiles="ppc64le-4096ss">
<version>6.1</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<!-- TODO: supposedly this is needed as type attribute, but kiwi needs patching
disk_start_sector="256" -->
<!-- Use ignition.platform.id=metal to avoid bsc#1227689 -->
<type
image="oem"
target_blocksize="4096"
filesystem="btrfs"
firmware="ofw"
kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=metal"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<!-- on tmpfs jsc#SMO-2 <volume name="tmp"/> -->
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/powerpc-ieee1275"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
</type>
</preferences>
<preferences profiles="ppc64le-512ss-self_install">
<version>6.1</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<!-- Use ignition.platform.id=metal to avoid bsc#1227689 -->
<type
image="oem"
installiso="true"
installpxe="true"
filesystem="btrfs"
firmware="ofw"
kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet net.ifnames=0 ignition.platform.id=metal"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<installmedia>
<initrd action="omit">
<dracut module="drm"/>
</initrd>
</installmedia>
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<!-- on tmpfs jsc#SMO-2 <volume name="tmp"/> -->
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/powerpc-ieee1275"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
</type>
</preferences>
<preferences profiles="ppc64le-4096ss-self_install">
<version>6.1</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<!-- TODO: supposedly this is needed as type attribute, but kiwi needs patching
disk_start_sector="256" -->
<!-- Use ignition.platform.id=metal to avoid bsc#1227689 -->
<type
image="oem"
installiso="true"
installpxe="true"
target_blocksize="4096"
filesystem="btrfs"
firmware="ofw"
kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=metal"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<installmedia>
<initrd action="omit">
<dracut module="drm"/>
</initrd>
</installmedia>
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<!-- on tmpfs jsc#SMO-2 <volume name="tmp"/> -->
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/powerpc-ieee1275"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
</type>
</preferences>
<repository type="rpm-md" >
<source path='obsrepositories:/'/>
</repository>
@@ -886,7 +616,7 @@
<package name="patterns-base-kvm_host"/>
<package name="lzop"/>
<namedCollection name="container_runtime_podman"/>
<package name="patterns-container-runtime_podman"/>
<package name="patterns-container-runtime_podman"/>
<namedCollection name="cockpit"/>
<package name="patterns-base-cockpit"/>
<namedCollection name="selinux"/>
@@ -898,6 +628,7 @@
<package name="firewalld"/>
<package name="wpa_supplicant" arch="x86_64,aarch64"/>
<package name="libpwquality-tools"/>
<!-- <package name="k3s-install"/> -->
</packages>
<packages type="image" profiles="x86-encrypted,x86-rt-encrypted">
@@ -916,7 +647,9 @@
<namedCollection name="base_transactional"/>
<package name="patterns-base-transactional"/>
<namedCollection name="container_runtime_podman"/>
<package name="patterns-container-runtime_podman"/>
<package name="patterns-container-runtime_podman"/>
<namedCollection name="cockpit"/>
<package name="patterns-base-cockpit"/>
<namedCollection name="selinux"/>
<package name="patterns-base-selinux"/>
<package name="suseconnect-ng"/>
@@ -970,7 +703,7 @@
<package name="NetworkManager"/>
<package name="NetworkManager-branding-SLE"/>
<package name="ModemManager"/>
<!-- FIXME does not build without control file which is obsolete
<!-- FIXME does not build without control file which is obsolete
<package name="live-add-yast-repos"/> -->
<package name="parted"/> <!-- seems missing to deploy the image -->
</packages>
@@ -980,8 +713,7 @@
<package name="grub2-x86_64-efi" arch="x86_64"/>
<package name="grub2-arm64-efi" arch="aarch64"/>
<package name="grub2-s390x-emu" arch="s390x"/>
<package name="grub2-powerpc-ieee1275" arch="ppc64le"/>
<package name="grub2-branding-SLE" bootinclude="true" arch="x86_64,aarch64,ppc64le"/>
<package name="grub2-branding-SLE" bootinclude="true" arch="x86_64,aarch64"/>
<package name="grub2-snapper-plugin"/>
<package name="shim" arch="x86_64,aarch64"/>
<package name="mokutil" arch="x86_64,aarch64"/>
@@ -989,44 +721,46 @@
<package name="kpartx" arch="s390x"/>--> <!-- previous releases picked it always, now kiwi picks partx instead -->
</packages>
<!-- rpi kernel-default-base does not provide all necessary drivers -->
<packages type="image" profiles="rpi,aarch64-self_install,x86,x86-encrypted,x86-legacy,x86-self_install,x86-vmware,x86-qcow,aarch64-qcow,s390-kvm,s390-dasd,s390-fba,s390-fcp,ppc64le-512ss,ppc64le-4096ss,ppc64le-512ss-self_install,ppc64le-4096ss-self_install">
<packages type="image" profiles="x86,x86-encrypted,x86-legacy,x86-self_install,x86-vmware,x86-qcow,aarch64-qcow,s390-kvm,s390-dasd,s390-fba">
<package name="kernel-default"/>
<package name="kernel-firmware-all"/>
</packages>
<packages type="image" profiles="x86-rt,x86-rt-self_install,x86-rt-encrypted,aarch64-rt,aarch64-rt-self_install">
<packages type="image" profiles="x86-rt,x86-rt-self_install,x86-rt-encrypted">
<package name="kernel-rt"/>
<package name="kernel-firmware-all"/>
<!-- FIXME intentionally removed from ALP code stream
<package name="cpuset"/> -->
<package name="kernel-firmware-all"/>
<!-- FIXME intentionally removed from ALP code stream
<package name="cpuset"/> -->
</packages>
<packages type="image" profiles="s390-kvm,s390-dasd,s390-fba,s390-fcp">
<package name="dracut-kiwi-oem-dump"/>
<!-- makes the image build, but also include kernel-default
<packages type="image" profiles="x86-rt-encrypted">
<package name="kernel-default-extra"/>
</packages> -->
<packages type="image" profiles="s390-kvm,s390-dasd,s390-fba">
<package name="dracut-kiwi-oem-repart"/>
<package name="blog"/>
</packages>
<!-- FCP is usually used multipathed. -->
<packages type="image" profiles="s390-fcp">
<package name="multipath-tools"/>
</packages>
<packages type="image" profiles="x86,x86-encrypted,x86-rt-encrypted,x86-self_install,x86-legacy,x86-vmware,x86-rt,x86-rt-self_install,x86-qcow,aarch64-qcow,rpi,aarch64-self_install,aarch64-rt,aarch64-rt-self_install,ppc64le-512ss,ppc64le-4096ss,ppc64le-512ss-self_install,ppc64le-4096ss-self_install">
<packages type="image" profiles="x86,x86-encrypted,x86-rt-encrypted,x86-self_install,x86-legacy,x86-vmware,x86-rt,x86-rt-self_install,x86-qcow,aarch64-qcow,rpi,aarch64-self_install">
<package name="dracut-kiwi-oem-repart"/>
<package name="dracut-kiwi-oem-dump"/>
</packages>
<packages type="image" profiles="rpi,aarch64-self_install,aarch64-rt,aarch64-rt-self_install">
<packages type="image" profiles="rpi,aarch64-self_install">
<package name="raspberrypi-firmware" arch="aarch64"/>
<package name="raspberrypi-firmware-config" arch="aarch64"/>
<package name="raspberrypi-firmware-dt" arch="aarch64"/>
<package name="u-boot-rpiarm64" arch="aarch64"/>
<package name="dracut-kiwi-oem-repart"/>
<package name="bcm43xx-firmware"/>
<package name="kernel-firmware-all"/><!-- Fix choice between kernel-firmware and kernel-firmware-all -->
<package name="wireless-regdb"/>
<package name="wireless-tools"/>
<package name="wpa_supplicant"/>
<package name="grub2-arm64-efi"/>
<!-- kernel-default-base does not have all required drivers -->
<package name="kernel-default"/>
</packages>
<packages type="bootstrap">
<package name="filesystem"/>
<package name="coreutils"/>
<package name="filesystem"/>
<package name="ca-certificates"/>
<package name="ca-certificates-mozilla"/>
</packages>
@@ -1040,14 +774,4 @@
<packages type="image" profiles="x86-qcow,aarch64-qcow">
<package name="qemu-guest-agent"/>
</packages>
<!-- jsc#PED-8599 -->
<packages type="image" profiles="Base,Base-encrypted,Base-RT,Base-RT-encrypted,Base-fba,Base-dasd,Base-fcp,Base-512,Base-4096,Default,Default-encrypted,Default-fba,Default-dasd,Default-fcp,Default-512,Default-4096">
<package name="usbguard"/>
</packages>
<!-- jsc#PED-8788 -->
<packages type="image" profiles="Base-RT,Base-RT-encrypted,x86-rt-encrypted,x86-rt,x86-rt-self_install,aarch64-rt,aarch64-rt-self_install">
<package name="stalld"/>
</packages>
</image>

373
kiwi-builder-image/SL-Micro.kiwi.4096
View File

@@ -33,12 +33,6 @@
<profile name="aarch64-self_install" description="Raw disk for aarch64" arch="aarch64">
<requires profile="bootloader"/>
</profile>
<profile name="aarch64-rt" description="Raw disk for aarch64 with RT kernel" arch="aarch64">
<requires profile="bootloader"/>
</profile>
<profile name="aarch64-rt-self_install" description="Raw disk for aarch64 with RT kernel" arch="aarch64">
<requires profile="bootloader"/>
</profile>
<profile name="x86-legacy" description="Raw disk for x86_64 - legacy boot" arch="x86_64">
<requires profile="bootloader"/>
</profile>
@@ -69,21 +63,6 @@
<profile name="s390-fba" description="Raw disk for s390 - DASD" arch="s390x">
<requires profile="bootloader"/>
</profile>
<profile name="s390-fcp" description="Raw disk for s390 - SCSI" arch="s390x">
<requires profile="bootloader"/>
</profile>
<profile name="ppc64le-512ss" description="Raw disk for PPc64 - 512 sector size" arch="ppc64le">
<requires profile="bootloader"/>
</profile>
<profile name="ppc64le-4096ss" description="Raw disk for PPc64 - 4096 sector size" arch="ppc64le">
<requires profile="bootloader"/>
</profile>
<profile name="ppc64le-512ss-self_install" description="Raw disk for PPc64 - 512 sector size" arch="ppc64le">
<requires profile="bootloader"/>
</profile>
<profile name="ppc64le-4096ss-self_install" description="Raw disk for PPc64 - 4096 sector size" arch="ppc64le">
<requires profile="bootloader"/>
</profile>
<!-- Images (flavor + platform) -->
<profile name="Default" description="SL Micro with Podman and KVM as raw image with uEFI boot" arch="x86_64">
<requires profile="full"/>
@@ -161,15 +140,6 @@
<requires profile="x86-rt-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Base-RT" description="SL Micro with Podman as raw image with uEFI boot" arch="aarch64">
<requires profile="container-host"/>
<requires profile="aarch64-rt"/>
</profile>
<profile name="Base-RT-SelfInstall" description="SL Micro with Podman as raw image with uEFI boot - SelfInstall" arch="aarch64">
<requires profile="container-host"/>
<requires profile="aarch64-rt-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Default-qcow" description="SL Micro with Podman and KVM as raw image for KVM on System z" arch="s390x">
<requires profile="full"/>
<requires profile="s390-kvm"/>
@@ -194,14 +164,6 @@
<requires profile="container-host"/>
<requires profile="s390-fba"/>
</profile>
<profile name="Default-fcp" description="SL Micro with Podman and KVM as raw image for zFCP on System z" arch="s390x">
<requires profile="full"/>
<requires profile="s390-fcp"/>
</profile>
<profile name="Base-fcp" description="SL Micro with Podman as raw image for zFCP on System z" arch="s390x">
<requires profile="container-host"/>
<requires profile="s390-fcp"/>
</profile>
<profile name="Default-legacy" description="SL Micro with Podman as raw image with legacy boot" arch="x86_64">
<requires profile="full"/>
<requires profile="x86-legacy"/>
@@ -222,47 +184,10 @@
<requires profile="container-host"/>
<requires profile="aarch64-qcow"/>
</profile>
<profile name="Base-512" description="SL Micro with Podman as raw image for ppc64le with 512b sector size" arch="ppc64le">
<requires profile="container-host"/>
<requires profile="ppc64le-512ss"/>
</profile>
<profile name="Base-4096" description="SL Micro with Podman as raw image for ppc64le with 4096b sector size" arch="ppc64le">
<requires profile="container-host"/>
<requires profile="ppc64le-4096ss"/>
</profile>
<profile name="Base-512-SelfInstall" description="SL Micro with Podman as self-install image for ppc64le with 512b sector size" arch="ppc64le">
<requires profile="container-host"/>
<requires profile="ppc64le-512ss-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Base-4096-SelfInstall" description="SL Micro with Podman as self-install image for ppc64le with 512b sector size" arch="ppc64le">
<requires profile="container-host"/>
<requires profile="ppc64le-4096ss-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Default-512" description="SL Micro with Podman and KVM as raw image for ppc64le with 512b sector size" arch="ppc64le">
<requires profile="full"/>
<requires profile="ppc64le-512ss"/>
</profile>
<profile name="Default-4096" description="SL Micro with Podman and KVM as raw image for ppc64le with 4096b sector size" arch="ppc64le">
<requires profile="full"/>
<requires profile="ppc64le-4096ss"/>
</profile>
<profile name="Default-512-SelfInstall" description="SL Micro with Podman and KVM as self-install image for ppc64le with 512b sector size" arch="ppc64le">
<requires profile="full"/>
<requires profile="ppc64le-512ss-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Default-4096-SelfInstall" description="SL Micro with Podman and KVM as self-install image for ppc64le with 512b sector size" arch="ppc64le">
<requires profile="full"/>
<requires profile="ppc64le-4096ss-self_install"/>
<requires profile="self_install"/>
</profile>
</profiles>
<preferences profiles="x86-encrypted,x86-rt-encrypted">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -273,7 +198,7 @@
initrd_system="dracut"
filesystem="btrfs"
firmware="uefi"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
@@ -288,7 +213,7 @@
efipartsize="200"
>
<luksformat>
<option name="--cipher" value="aes-xts-plain64"/>
<option name="--cipher" value="aes"/>
</luksformat>
<bootloader name="grub2" console="gfxterm" use_disk_password="true" />
<systemdisk>
@@ -307,7 +232,7 @@
</type>
</preferences>
<preferences profiles="x86,x86-rt">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -318,7 +243,7 @@
initrd_system="dracut"
filesystem="btrfs"
firmware="uefi"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
@@ -345,7 +270,7 @@
</preferences>
<preferences profiles="x86-self_install,x86-rt-self_install">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -355,12 +280,11 @@
image="oem"
initrd_system="dracut"
installiso="true"
installpxe="true"
filesystem="btrfs"
installboot="install"
install_continue_on_timeout="false"
firmware="uefi"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
@@ -386,8 +310,8 @@
</type>
</preferences>
<preferences profiles="rpi,aarch64-rt">
<version>6.1</version>
<preferences profiles="rpi">
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -402,7 +326,7 @@
install_continue_on_timeout="false"
fsmountoptions="noatime"
firmware="uefi"
kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
kernelcmdline="console=ttyS0,115200n8 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
@@ -426,8 +350,8 @@
</systemdisk>
</type>
</preferences>
<preferences profiles="aarch64-self_install,aarch64-rt-self_install">
<version>6.1</version>
<preferences profiles="aarch64-self_install">
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -437,13 +361,12 @@
image="oem"
initrd_system="dracut"
installiso="true"
installpxe="true"
filesystem="btrfs"
installboot="install"
install_continue_on_timeout="false"
firmware="uefi"
efipartsize="128"
kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
@@ -468,22 +391,22 @@
</preferences>
<preferences profiles="s390-kvm">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<!-- Use ignition.platform.id=metal to avoid bsc#1227689 -->
<type
image="oem"
filesystem="btrfs"
bootpartition="true"
bootpartsize="300"
bootfilesystem="ext4"
bootfilesystem="ext2"
initrd_system="dracut"
format="qcow2"
kernelcmdline="security=selinux selinux=1 quiet systemd.show_status=1 ignition.platform.id=metal"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
@@ -506,7 +429,7 @@
<preferences profiles="s390-dasd">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -517,9 +440,9 @@
filesystem="btrfs"
bootpartition="true"
bootpartsize="300"
bootfilesystem="ext4"
bootfilesystem="ext2"
initrd_system="dracut"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet systemd.show_status=1"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet"
devicepersistency="by-uuid"
target_blocksize="4096"
btrfs_root_is_snapshot="true"
@@ -544,7 +467,7 @@
<preferences profiles="s390-fba">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -555,9 +478,9 @@
filesystem="btrfs"
bootpartition="true"
bootpartsize="300"
bootfilesystem="ext4"
bootfilesystem="ext2"
initrd_system="dracut"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet systemd.show_status=1"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
@@ -578,47 +501,9 @@
</type>
</preferences>
<preferences profiles="s390-fcp">
<version>6.1</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<type
image="oem"
filesystem="btrfs"
installpxe="true"
bootpartition="true"
bootpartsize="300"
bootfilesystem="ext4"
initrd_system="dracut"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet systemd.show_status=1"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<oemconfig>
<oem-multipath-scan>true</oem-multipath-scan>
</oemconfig>
<bootloader name="grub2_s390x_emu" console="serial" timeout="3" targettype="SCSI"/>
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/s390x-emu" mountpoint="boot/grub2/s390x-emu"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
<size unit="G">5</size>
</type>
</preferences>
<preferences profiles="x86-vmware">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -653,7 +538,7 @@
</type>
</preferences>
<preferences profiles="x86-qcow">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -664,7 +549,7 @@
format="qcow2"
filesystem="btrfs"
firmware="uefi"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=qemu"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0 ignition.platform.id=qemu"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
@@ -692,7 +577,7 @@
</preferences>
<preferences profiles="aarch64-qcow">
<version>6.1</version>
<version>6.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
@@ -704,7 +589,7 @@
filesystem="btrfs"
firmware="uefi"
efipartsize="128"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=qemu"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0 ignition.platform.id=qemu"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
@@ -715,7 +600,7 @@
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<volume name="opt"/>
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/arm64-efi" mountpoint="boot/grub2/arm64-efi"/>
<volume name="boot/writable"/>
@@ -726,161 +611,6 @@
</type>
</preferences>
<preferences profiles="ppc64le-512ss">
<version>6.1</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<!-- Use ignition.platform.id=metal to avoid bsc#1227689 -->
<type
image="oem"
filesystem="btrfs"
firmware="ofw"
kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=metal"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<!-- on tmpfs jsc#SMO-2 <volume name="tmp"/> -->
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/powerpc-ieee1275"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
</type>
</preferences>
<preferences profiles="ppc64le-4096ss">
<version>6.1</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<!-- TODO: supposedly this is needed as type attribute, but kiwi needs patching
disk_start_sector="256" -->
<!-- Use ignition.platform.id=metal to avoid bsc#1227689 -->
<type
image="oem"
target_blocksize="4096"
filesystem="btrfs"
firmware="ofw"
kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=metal"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<!-- on tmpfs jsc#SMO-2 <volume name="tmp"/> -->
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/powerpc-ieee1275"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
</type>
</preferences>
<preferences profiles="ppc64le-512ss-self_install">
<version>6.1</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<!-- Use ignition.platform.id=metal to avoid bsc#1227689 -->
<type
image="oem"
installiso="true"
installpxe="true"
filesystem="btrfs"
firmware="ofw"
kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet net.ifnames=0 ignition.platform.id=metal"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<installmedia>
<initrd action="omit">
<dracut module="drm"/>
</initrd>
</installmedia>
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<!-- on tmpfs jsc#SMO-2 <volume name="tmp"/> -->
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/powerpc-ieee1275"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
</type>
</preferences>
<preferences profiles="ppc64le-4096ss-self_install">
<version>6.1</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>SLE</bootsplash-theme>
<bootloader-theme>SLE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<!-- TODO: supposedly this is needed as type attribute, but kiwi needs patching
disk_start_sector="256" -->
<!-- Use ignition.platform.id=metal to avoid bsc#1227689 -->
<type
image="oem"
installiso="true"
installpxe="true"
target_blocksize="4096"
filesystem="btrfs"
firmware="ofw"
kernelcmdline="console=hvc0,115200 security=selinux selinux=1 quiet systemd.show_status=1 net.ifnames=0 ignition.platform.id=metal"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<installmedia>
<initrd action="omit">
<dracut module="drm"/>
</initrd>
</installmedia>
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<!-- on tmpfs jsc#SMO-2 <volume name="tmp"/> -->
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/powerpc-ieee1275"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
</type>
</preferences>
<repository type="rpm-md" >
<source path='obsrepositories:/'/>
</repository>
@@ -925,6 +655,8 @@
<package name="patterns-base-transactional"/>
<namedCollection name="container_runtime_podman"/>
<package name="patterns-container-runtime_podman"/>
<namedCollection name="cockpit"/>
<package name="patterns-base-cockpit"/>
<namedCollection name="selinux"/>
<package name="patterns-base-selinux"/>
<package name="suseconnect-ng"/>
@@ -988,8 +720,7 @@
<package name="grub2-x86_64-efi" arch="x86_64"/>
<package name="grub2-arm64-efi" arch="aarch64"/>
<package name="grub2-s390x-emu" arch="s390x"/>
<package name="grub2-powerpc-ieee1275" arch="ppc64le"/>
<package name="grub2-branding-SLE" bootinclude="true" arch="x86_64,aarch64,ppc64le"/>
<package name="grub2-branding-SLE" bootinclude="true" arch="x86_64,aarch64"/>
<package name="grub2-snapper-plugin"/>
<package name="shim" arch="x86_64,aarch64"/>
<package name="mokutil" arch="x86_64,aarch64"/>
@@ -997,44 +728,46 @@
<package name="kpartx" arch="s390x"/>--> <!-- previous releases picked it always, now kiwi picks partx instead -->
</packages>
<!-- rpi kernel-default-base does not provide all necessary drivers -->
<packages type="image" profiles="rpi,aarch64-self_install,x86,x86-encrypted,x86-legacy,x86-self_install,x86-vmware,x86-qcow,aarch64-qcow,s390-kvm,s390-dasd,s390-fba,s390-fcp,ppc64le-512ss,ppc64le-4096ss,ppc64le-512ss-self_install,ppc64le-4096ss-self_install">
<packages type="image" profiles="x86,x86-encrypted,x86-legacy,x86-self_install,x86-vmware,x86-qcow,aarch64-qcow,s390-kvm,s390-dasd,s390-fba">
<package name="kernel-default"/>
<package name="kernel-firmware-all"/>
</packages>
<packages type="image" profiles="x86-rt,x86-rt-self_install,x86-rt-encrypted,aarch64-rt,aarch64-rt-self_install">
<packages type="image" profiles="x86-rt,x86-rt-self_install,x86-rt-encrypted">
<package name="kernel-rt"/>
<package name="kernel-firmware-all"/>
<package name="kernel-firmware-all"/>
<!-- FIXME intentionally removed from ALP code stream
<package name="cpuset"/> -->
<package name="cpuset"/> -->
</packages>
<packages type="image" profiles="s390-kvm,s390-dasd,s390-fba,s390-fcp">
<package name="dracut-kiwi-oem-dump"/>
<!-- makes the image build, but also include kernel-default
<packages type="image" profiles="x86-rt-encrypted">
<package name="kernel-default-extra"/>
</packages> -->
<packages type="image" profiles="s390-kvm,s390-dasd,s390-fba">
<package name="dracut-kiwi-oem-repart"/>
<package name="blog"/>
</packages>
<!-- FCP is usually used multipathed. -->
<packages type="image" profiles="s390-fcp">
<package name="multipath-tools"/>
</packages>
<packages type="image" profiles="x86,x86-encrypted,x86-rt-encrypted,x86-self_install,x86-legacy,x86-vmware,x86-rt,x86-rt-self_install,x86-qcow,aarch64-qcow,rpi,aarch64-self_install,aarch64-rt,aarch64-rt-self_install,ppc64le-512ss,ppc64le-4096ss,ppc64le-512ss-self_install,ppc64le-4096ss-self_install">
<packages type="image" profiles="x86,x86-encrypted,x86-rt-encrypted,x86-self_install,x86-legacy,x86-vmware,x86-rt,x86-rt-self_install,x86-qcow,aarch64-qcow,rpi,aarch64-self_install">
<package name="dracut-kiwi-oem-repart"/>
<package name="dracut-kiwi-oem-dump"/>
</packages>
<packages type="image" profiles="rpi,aarch64-self_install,aarch64-rt,aarch64-rt-self_install">
<packages type="image" profiles="rpi,aarch64-self_install">
<package name="raspberrypi-firmware" arch="aarch64"/>
<package name="raspberrypi-firmware-config" arch="aarch64"/>
<package name="raspberrypi-firmware-dt" arch="aarch64"/>
<package name="u-boot-rpiarm64" arch="aarch64"/>
<package name="dracut-kiwi-oem-repart"/>
<package name="bcm43xx-firmware"/>
<package name="kernel-firmware-all"/><!-- Fix choice between kernel-firmware and kernel-firmware-all -->
<package name="wireless-regdb"/>
<package name="wireless-tools"/>
<package name="wpa_supplicant"/>
<package name="grub2-arm64-efi"/>
<!-- kernel-default-base does not have all required drivers -->
<package name="kernel-default"/>
</packages>
<packages type="bootstrap">
<package name="filesystem"/>
<package name="coreutils"/>
<package name="filesystem"/>
<package name="ca-certificates"/>
<package name="ca-certificates-mozilla"/>
</packages>
@@ -1048,14 +781,4 @@
<packages type="image" profiles="x86-qcow,aarch64-qcow">
<package name="qemu-guest-agent"/>
</packages>
<!-- jsc#PED-8599 -->
<packages type="image" profiles="Base,Base-encrypted,Base-RT,Base-RT-encrypted,Base-fba,Base-dasd,Base-fcp,Base-512,Base-4096,Default,Default-encrypted,Default-fba,Default-dasd,Default-fcp,Default-512,Default-4096">
<package name="usbguard"/>
</packages>
<!-- jsc#PED-8788 -->
<packages type="image" profiles="Base-RT,Base-RT-encrypted,x86-rt-encrypted,x86-rt,x86-rt-self_install,aarch64-rt,aarch64-rt-self_install">
<package name="stalld"/>
</packages>
</image>
</image>

10
kiwi-builder-image/_service
View File

@@ -16,4 +16,14 @@
<param name="eval">SUPPORT_LEVEL=$(rpm --macros=/root/.rpmmacros -E %support_level)</param>
<param name="var">SUPPORT_LEVEL</param>
</service>
<service mode="buildtime" name="replace_using_package_version">
<param name="file">Dockerfile</param>
<param name="regex">%%kiwi_version%%</param>
<param name="package">python3-kiwi</param>
</service>
<service mode="buildtime" name="replace_using_package_version">
<param name="file">README</param>
<param name="regex">%%kiwi_version%%</param>
<param name="package">python3-kiwi</param>
</service>
</services>

8
kiwi-builder-image/build-image.sh
View File

@@ -1,5 +1,5 @@
#!/usr/bin/env bash
# Copyright (c) 2025 SUSE LLC
# Copyright (c) 2024 SUSE LLC
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
@@ -27,9 +27,9 @@ LARGEBLOCK=false
# Print usage
usage(){
cat <<-EOF
=====================================
SUSE Linux Micro 6.1 Kiwi SDK Builder
=====================================
==============================
SLE Micro 6.0 Kiwi SDK Builder
==============================
Usage: ${0} [-p <profile>] [-b]

27
kiwi-builder-image/config.sh
View File

@@ -35,6 +35,14 @@ mkdir /var/lib/misc/reconfig_system
#--------------------------------------
echo "Configure image: [$kiwi_iname]-[$kiwi_profiles]..."
#======================================
# This is a workaround - someone,
# somewhere needs to load the xts crypto
# module, otherwise luksOpen will fail while
# creating the image.
#--------------------------------------
modprobe xts || true
#======================================
# add missing fonts
#--------------------------------------
@@ -131,6 +139,9 @@ for i in /usr/lib/rpm/gnupg/keys/gpg-pubkey*asc; do
rpm --import $i || true
done
# Temporary workaround for bsc#1212187
echo "techpreview.ZYPP_MEDIANETWORK=1" >> /etc/zypp/zypp.conf
#======================================
# Enable kubelet if installed
#--------------------------------------
@@ -159,18 +170,8 @@ if [ "${kiwi_btrfs_root_is_snapshot-false}" = 'true' ]; then
sed -i'' 's/^NUMBER_LIMIT_IMPORTANT=.*$/NUMBER_LIMIT_IMPORTANT="4-10"/g' /etc/snapper/configs/root
fi
# Enable multipathd for MP images
if [ "${kiwi_oemmultipath_scan-false}" = 'true' ]; then
systemctl enable multipathd.service
fi
# On those s390 targets the console is not capable of running jeos-firstboot,
# use systemd-firstboot as minimal alternative.
if [[ "$kiwi_profiles" =~ s390-(dasd|fba|fcp) ]]; then
systemctl enable systemd-firstboot
# Enable prompting for the root password
echo 'root:!unprovisioned' | chpasswd -e
elif rpm -q --whatprovides jeos-firstboot >/dev/null; then
# Enable jeos-firstboot if installed, disabled by combustion/ignition
if rpm -q --whatprovides jeos-firstboot >/dev/null; then
mkdir -p /var/lib/YaST2
touch /var/lib/YaST2/reconfig_system
systemctl enable jeos-firstboot.service
@@ -280,7 +281,7 @@ if [[ "$kiwi_profiles" == *"RaspberryPi"* ]]; then
options smsc95xx turbo_mode=N
EOF
cat > /etc/sysctl.d/50-rpi3.conf <<-EOF
cat > /usr/lib/sysctl.d/50-rpi3.conf <<-EOF
# Avoid running out of DMA pages for smsc95xx (bsc#1012449)
vm.min_free_kbytes = 2048
EOF

8
kubevirt-chart/Chart.yaml
View File

@@ -1,9 +1,9 @@
#!BuildTag: %%IMG_PREFIX%%kubevirt-chart:%%CHART_MAJOR%%.0.0_up0.5.0-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%kubevirt-chart:%%CHART_MAJOR%%.0.0_up0.5.0
#!BuildTag: %%IMG_PREFIX%%kubevirt-chart:%%CHART_MAJOR%%.0.0_up0.4.0-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%kubevirt-chart:%%CHART_MAJOR%%.0.0_up0.4.0
apiVersion: v2
appVersion: 1.4.0
appVersion: 1.3.1
description: A Helm chart for KubeVirt
icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/kubevirt/icon/color/kubevirt-icon-color.svg
name: kubevirt
type: application
version: "%%CHART_MAJOR%%.0.0+up0.5.0"
version: "%%CHART_MAJOR%%.0.0+up0.4.0"

280
kubevirt-chart/crds/kubevirt.yaml
View File

@@ -231,17 +231,6 @@ spec:
type: object
type: object
x-kubernetes-map-type: atomic
commonInstancetypesDeployment:
description: CommonInstancetypesDeployment controls the deployment
of common-instancetypes resources
nullable: true
properties:
enabled:
description: Enabled controls the deployment of common-instancetypes
resources, defaults to True.
nullable: true
type: boolean
type: object
controllerConfiguration:
description: |-
ReloadableComponentConfiguration holds all generic k8s configuration options which can
@@ -423,23 +412,6 @@ spec:
description: PullPolicy describes a policy for if/when to pull
a container image
type: string
instancetype:
description: Instancetype configuration
nullable: true
properties:
referencePolicy:
description: |-
ReferencePolicy defines how an instance type or preference should be referenced by the VM after submission, supported values are:
reference (default) - Where a copy of the original object is stashed in a ControllerRevision and referenced by the VM.
expand - Where the instance type or preference are expanded into the VM if no revisionNames have been populated.
expandAll - Where the instance type or preference are expanded into the VM regardless of revisionNames previously being populated.
enum:
- reference
- expand
- expandAll
nullable: true
type: string
type: object
ksmConfiguration:
description: KSMConfiguration holds the information regarding
the enabling the KSM in the nodes (if available).
@@ -498,9 +470,8 @@ spec:
features
properties:
maxCpuSockets:
description: |-
MaxCpuSockets provides a MaxSockets value for VMs that do not provide their own.
For VMs with more sockets than maximum the MaxSockets will be set to equal number of sockets.
description: MaxCpuSockets holds the maximum amount of sockets
that can be hotplugged
format: int32
type: integer
maxGuest:
@@ -606,7 +577,7 @@ spec:
description: |-
CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take.
If a live-migration takes longer to migrate than this value multiplied by the size of the VMI,
the migration will be cancelled, unless AllowPostCopy is true. Defaults to 150
the migration will be cancelled, unless AllowPostCopy is true. Defaults to 800
format: int64
type: integer
disableTLS:
@@ -669,6 +640,34 @@ spec:
ComputeResourceOverhead specifies the resource overhead that should be added to the compute container when using the binding.
version: v1alphav1
properties:
claims:
description: |-
Claims lists the names of resources, defined in spec.resourceClaims,
that are used by this container.
This is an alpha field and requires enabling the
DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers.
items:
description: ResourceClaim references one entry
in PodSpec.ResourceClaims.
properties:
name:
description: |-
Name must match the name of one entry in pod.spec.resourceClaims of
the Pod where this field is used. It makes that resource available
inside a container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -697,7 +696,7 @@ spec:
domainAttachmentType:
description: |-
DomainAttachmentType is a standard domain network attachment method kubevirt supports.
Supported values: "tap", "managedTap" (since v1.4).
Supported values: "tap".
The standard domain attachment can be used instead or in addition to the sidecarImage.
version: 1alphav1
type: string
@@ -875,10 +874,37 @@ spec:
usually idle and don't require a lot of memory or cpu.
properties:
resources:
description: |-
ResourceRequirementsWithoutClaims describes the compute resource requirements.
This struct was taken from the k8s.ResourceRequirements and cleaned up the 'Claims' field.
description: ResourceRequirements describes the compute
resource requirements.
properties:
claims:
description: |-
Claims lists the names of resources, defined in spec.resourceClaims,
that are used by this container.
This is an alpha field and requires enabling the
DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers.
items:
description: ResourceClaim references one entry in
PodSpec.ResourceClaims.
properties:
name:
description: |-
Name must match the name of one entry in pod.spec.resourceClaims of
the Pod where this field is used. It makes that resource available
inside a container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -932,8 +958,10 @@ spec:
MinTLSVersion is a way to specify the minimum protocol version that is acceptable for TLS connections.
Protocol versions are based on the following most common TLS configurations:
https://ssl-config.mozilla.org/
Note that SSLv3.0 is not a supported protocol version due to well known
vulnerabilities such as POODLE: https://en.wikipedia.org/wiki/POODLE
enum:
@@ -1063,13 +1091,10 @@ spec:
referenced object inside the same namespace.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@@ -1386,7 +1411,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -1401,7 +1426,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -1569,7 +1594,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -1584,7 +1609,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -1750,7 +1775,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -1765,7 +1790,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -1933,7 +1958,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -1948,7 +1973,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -2139,6 +2164,7 @@ spec:
BatchEvictionInterval Represents the interval to wait before issuing the next
batch of shutdowns
Defaults to 1 minute
type: string
batchEvictionSize:
@@ -2146,6 +2172,7 @@ spec:
BatchEvictionSize Represents the number of VMIs that can be forced updated per
the BatchShutdownInteral interval
Defaults to 10
type: integer
workloadUpdateMethods:
@@ -2156,6 +2183,7 @@ spec:
precedence over more disruptive methods. For example if both LiveMigrate and Shutdown
methods are listed, only VMs which are not live migratable will be restarted/shutdown
An empty list defaults to no automated workload updating
items:
type: string
@@ -2463,7 +2491,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -2478,7 +2506,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -2646,7 +2674,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -2661,7 +2689,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -2827,7 +2855,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -2842,7 +2870,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -3010,7 +3038,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -3025,7 +3053,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -3488,17 +3516,6 @@ spec:
type: object
type: object
x-kubernetes-map-type: atomic
commonInstancetypesDeployment:
description: CommonInstancetypesDeployment controls the deployment
of common-instancetypes resources
nullable: true
properties:
enabled:
description: Enabled controls the deployment of common-instancetypes
resources, defaults to True.
nullable: true
type: boolean
type: object
controllerConfiguration:
description: |-
ReloadableComponentConfiguration holds all generic k8s configuration options which can
@@ -3680,23 +3697,6 @@ spec:
description: PullPolicy describes a policy for if/when to pull
a container image
type: string
instancetype:
description: Instancetype configuration
nullable: true
properties:
referencePolicy:
description: |-
ReferencePolicy defines how an instance type or preference should be referenced by the VM after submission, supported values are:
reference (default) - Where a copy of the original object is stashed in a ControllerRevision and referenced by the VM.
expand - Where the instance type or preference are expanded into the VM if no revisionNames have been populated.
expandAll - Where the instance type or preference are expanded into the VM regardless of revisionNames previously being populated.
enum:
- reference
- expand
- expandAll
nullable: true
type: string
type: object
ksmConfiguration:
description: KSMConfiguration holds the information regarding
the enabling the KSM in the nodes (if available).
@@ -3755,9 +3755,8 @@ spec:
features
properties:
maxCpuSockets:
description: |-
MaxCpuSockets provides a MaxSockets value for VMs that do not provide their own.
For VMs with more sockets than maximum the MaxSockets will be set to equal number of sockets.
description: MaxCpuSockets holds the maximum amount of sockets
that can be hotplugged
format: int32
type: integer
maxGuest:
@@ -3863,7 +3862,7 @@ spec:
description: |-
CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take.
If a live-migration takes longer to migrate than this value multiplied by the size of the VMI,
the migration will be cancelled, unless AllowPostCopy is true. Defaults to 150
the migration will be cancelled, unless AllowPostCopy is true. Defaults to 800
format: int64
type: integer
disableTLS:
@@ -3926,6 +3925,34 @@ spec:
ComputeResourceOverhead specifies the resource overhead that should be added to the compute container when using the binding.
version: v1alphav1
properties:
claims:
description: |-
Claims lists the names of resources, defined in spec.resourceClaims,
that are used by this container.
This is an alpha field and requires enabling the
DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers.
items:
description: ResourceClaim references one entry
in PodSpec.ResourceClaims.
properties:
name:
description: |-
Name must match the name of one entry in pod.spec.resourceClaims of
the Pod where this field is used. It makes that resource available
inside a container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -3954,7 +3981,7 @@ spec:
domainAttachmentType:
description: |-
DomainAttachmentType is a standard domain network attachment method kubevirt supports.
Supported values: "tap", "managedTap" (since v1.4).
Supported values: "tap".
The standard domain attachment can be used instead or in addition to the sidecarImage.
version: 1alphav1
type: string
@@ -4132,10 +4159,37 @@ spec:
usually idle and don't require a lot of memory or cpu.
properties:
resources:
description: |-
ResourceRequirementsWithoutClaims describes the compute resource requirements.
This struct was taken from the k8s.ResourceRequirements and cleaned up the 'Claims' field.
description: ResourceRequirements describes the compute
resource requirements.
properties:
claims:
description: |-
Claims lists the names of resources, defined in spec.resourceClaims,
that are used by this container.
This is an alpha field and requires enabling the
DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers.
items:
description: ResourceClaim references one entry in
PodSpec.ResourceClaims.
properties:
name:
description: |-
Name must match the name of one entry in pod.spec.resourceClaims of
the Pod where this field is used. It makes that resource available
inside a container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -4189,8 +4243,10 @@ spec:
MinTLSVersion is a way to specify the minimum protocol version that is acceptable for TLS connections.
Protocol versions are based on the following most common TLS configurations:
https://ssl-config.mozilla.org/
Note that SSLv3.0 is not a supported protocol version due to well known
vulnerabilities such as POODLE: https://en.wikipedia.org/wiki/POODLE
enum:
@@ -4320,13 +4376,10 @@ spec:
referenced object inside the same namespace.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@@ -4643,7 +4696,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -4658,7 +4711,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -4826,7 +4879,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -4841,7 +4894,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -5007,7 +5060,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -5022,7 +5075,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -5190,7 +5243,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -5205,7 +5258,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -5396,6 +5449,7 @@ spec:
BatchEvictionInterval Represents the interval to wait before issuing the next
batch of shutdowns
Defaults to 1 minute
type: string
batchEvictionSize:
@@ -5403,6 +5457,7 @@ spec:
BatchEvictionSize Represents the number of VMIs that can be forced updated per
the BatchShutdownInteral interval
Defaults to 10
type: integer
workloadUpdateMethods:
@@ -5413,6 +5468,7 @@ spec:
precedence over more disruptive methods. For example if both LiveMigrate and Shutdown
methods are listed, only VMs which are not live migratable will be restarted/shutdown
An empty list defaults to no automated workload updating
items:
type: string
@@ -5720,7 +5776,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -5735,7 +5791,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -5903,7 +5959,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -5918,7 +5974,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -6084,7 +6140,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -6099,7 +6155,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -6267,7 +6323,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array
@@ -6282,7 +6338,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
items:
type: string
type: array

54
kubevirt-chart/templates/kubevirt-operator.yaml
View File

@@ -606,35 +606,15 @@ rules:
- apiGroups:
- snapshot.kubevirt.io
resources:
- virtualmachinesnapshots
- virtualmachinesnapshots/status
- virtualmachinesnapshotcontents
- virtualmachinesnapshotcontents/status
- virtualmachinesnapshotcontents/finalizers
- virtualmachinerestores
- virtualmachinerestores/status
- '*'
verbs:
- get
- list
- watch
- create
- update
- delete
- patch
- '*'
- apiGroups:
- export.kubevirt.io
resources:
- virtualmachineexports
- virtualmachineexports/status
- virtualmachineexports/finalizers
- '*'
verbs:
- get
- list
- watch
- create
- update
- delete
- patch
- '*'
- apiGroups:
- pool.kubevirt.io
resources:
@@ -656,12 +636,6 @@ rules:
- '*'
verbs:
- '*'
- apiGroups:
- kubevirt.io
resources:
- virtualmachines/finalizers
verbs:
- update
- apiGroups:
- subresources.kubevirt.io
resources:
@@ -870,7 +844,6 @@ rules:
- virtualmachineinstances/userlist
- virtualmachineinstances/sev/fetchcertchain
- virtualmachineinstances/sev/querylaunchmeasurement
- virtualmachineinstances/usbredir
verbs:
- get
- apiGroups:
@@ -1019,7 +992,6 @@ rules:
- virtualmachineinstances/userlist
- virtualmachineinstances/sev/fetchcertchain
- virtualmachineinstances/sev/querylaunchmeasurement
- virtualmachineinstances/usbredir
verbs:
- get
- apiGroups:
@@ -1292,7 +1264,7 @@ metadata:
name: virt-operator
namespace: {{ .Release.Namespace }}
spec:
replicas: {{ .Values.operator.replicas }}
replicas: 2
selector:
matchLabels:
kubevirt.io: virt-operator
@@ -1307,7 +1279,17 @@ spec:
name: virt-operator
spec:
affinity:
{{- .Values.operator.affinity | toYaml | nindent 8 }}
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: kubevirt.io
operator: In
values:
- virt-operator
topologyKey: kubernetes.io/hostname
weight: 1
containers:
- args:
- --port
@@ -1343,7 +1325,9 @@ spec:
initialDelaySeconds: 5
timeoutSeconds: 10
resources:
{{- .Values.operator.resources | toYaml | nindent 12 }}
requests:
cpu: 10m
memory: 450Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:

4
kubevirt-chart/templates/kubevirt.yaml
View File

@@ -20,10 +20,6 @@ spec:
{{- if .Values.kubevirt.uninstallStrategy }}
uninstallStrategy: {{ .Values.kubevirt.uninstallStrategy }}
{{- end }}
{{- with .Values.kubevirt.workloads }}
workloads:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.kubevirt.workloadUpdateStrategy }}
workloadUpdateStrategy:
{{- toYaml . | nindent 4 }}

21
kubevirt-chart/values.yaml
View File

@@ -1,24 +1,7 @@
operator:
image: registry.suse.com/suse/sles/15.6/virt-operator
version: 1.4.0-150600.5.15.1
replicas: 2
version: 1.3.1-150600.5.9.1
pullPolicy: IfNotPresent
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: kubevirt.io
operator: In
values:
- virt-operator
topologyKey: kubernetes.io/hostname
weight: 1
resources:
requests:
cpu: 10m
memory: 450Mi
kubevirt:
# Holds kubevirt configurations. Same as the virt-configMap.
@@ -31,8 +14,6 @@ kubevirt:
# Specifies if KubeVirt can be deleted if workloads are still present.
# This is mainly a precaution to avoid accidental data loss.
uninstallStrategy: ""
# Selectors and tolerations that should apply to KubeVirt workloads.
workloads: {}
# WorkloadUpdateStrategy defines at the cluster level how to handle automated workload updates.
workloadUpdateStrategy: {}
# Optionally enable ServiceMonitor for prometheus, see

18
kubevirt-dashboard-extension-chart/Chart.yaml
View File

@@ -1,22 +1,22 @@
#!BuildTag: %%IMG_PREFIX%%kubevirt-dashboard-extension-chart:%%CHART_MAJOR%%.0.1
#!BuildTag: %%IMG_PREFIX%%kubevirt-dashboard-extension-chart:%%CHART_MAJOR%%.0.1_up1.3.1
#!BuildTag: %%IMG_PREFIX%%kubevirt-dashboard-extension-chart:%%CHART_MAJOR%%.0.1_up1.3.1-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%kubevirt-dashboard-extension-chart:%%CHART_MAJOR%%.0.0
#!BuildTag: %%IMG_PREFIX%%kubevirt-dashboard-extension-chart:%%CHART_MAJOR%%.0.0_up1.2.1
#!BuildTag: %%IMG_PREFIX%%kubevirt-dashboard-extension-chart:%%CHART_MAJOR%%.0.0_up1.2.1-%RELEASE%
annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/display-name: KubeVirt
catalog.cattle.io/kube-version: '>= v1.26.0-0'
catalog.cattle.io/namespace: cattle-ui-plugin-system
catalog.cattle.io/os: linux
catalog.cattle.io/permits-os: linux, windows
catalog.cattle.io/rancher-version: '>= 2.10.0-0'
catalog.cattle.io/scope: management
catalog.cattle.io/ui-component: plugins
catalog.cattle.io/display-name: KubeVirt
catalog.cattle.io/rancher-version: '>= 2.11.0-0'
catalog.cattle.io/ui-extensions-version: '>= 3.0.4 < 4.0.0'
catalog.cattle.io/kube-version: '>= v1.26.0-0'
catalog.cattle.io/ui-extensions-version: ">= 3.0.0 < 4.0.0"
apiVersion: v2
appVersion: 303.0.1+up1.3.1
appVersion: 302.0.0+up1.2.1
description: 'SUSE Edge: KubeVirt extension for Rancher Dashboard'
name: kubevirt-dashboard-extension
type: application
version: "%%CHART_MAJOR%%.0.1+up1.3.1"
version: "%%CHART_MAJOR%%.0.0+up1.2.1"
icon: >-
https://raw.githubusercontent.com/cncf/artwork/master/projects/kubevirt/icon/color/kubevirt-icon-color.svg

4
kubevirt-dashboard-extension-chart/templates/cr.yaml
View File

@@ -8,7 +8,7 @@ spec:
plugin:
name: {{ include "extension-server.fullname" . }}
version: {{ (semver (default .Chart.AppVersion .Values.plugin.versionOverride)).Original }}
endpoint: https://raw.githubusercontent.com/suse-edge/dashboard-extensions/gh-pages/extensions/kubevirt-dashboard-extension/303.0.1+up1.3.1
endpoint: https://raw.githubusercontent.com/suse-edge/dashboard-extensions/gh-pages/extensions/kubevirt-dashboard-extension/302.0.0+up1.2.1
noCache: {{ .Values.plugin.noCache }}
noAuth: {{ .Values.plugin.noAuth }}
metadata: {{ include "extension-server.pluginMetadata" . | indent 6 }}
metadata: {{ include "extension-server.pluginMetadata" . | indent 6 }}

4
kubevirt-dashboard-extension-chart/values.yaml
View File

@@ -7,6 +7,6 @@ plugin:
noAuth: false
metadata:
catalog.cattle.io/display-name: KubeVirt
catalog.cattle.io/rancher-version: ">= 2.11.0-0"
catalog.cattle.io/ui-extensions-version: ">= 3.0.4 < 4.0.0"
catalog.cattle.io/rancher-version: ">= 2.10.0-0"
catalog.cattle.io/ui-extensions-version: ">= 3.0.0 < 4.0.0"
catalog.cattle.io/kube-version: ">= v1.26.0-0"

12
metal3-chart/Chart.yaml
View File

@@ -1,16 +1,16 @@
#!BuildTag: %%IMG_PREFIX%%metal3-chart:%%CHART_MAJOR%%.0.2_up0.11.0
#!BuildTag: %%IMG_PREFIX%%metal3-chart:%%CHART_MAJOR%%.0.2_up0.11.0-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%metal3-chart:%%CHART_MAJOR%%.0.1_up0.9.4
#!BuildTag: %%IMG_PREFIX%%metal3-chart:%%CHART_MAJOR%%.0.1_up0.9.4-%RELEASE%
apiVersion: v2
appVersion: 0.11.0
appVersion: 0.9.4
dependencies:
- alias: metal3-baremetal-operator
name: baremetal-operator
repository: file://./charts/baremetal-operator
version: 0.9.1
version: 0.6.1
- alias: metal3-ironic
name: ironic
repository: file://./charts/ironic
version: 0.10.0
version: 0.9.3
- alias: metal3-mariadb
condition: global.enable_mariadb
name: mariadb
@@ -25,4 +25,4 @@ description: A Helm chart that installs all of the dependencies needed for Metal
icon: https://github.com/cncf/artwork/raw/master/projects/metal3/icon/color/metal3-icon-color.svg
name: metal3
type: application
version: "%%CHART_MAJOR%%.0.2+up0.11.0"
version: "%%CHART_MAJOR%%.0.1+up0.9.4"

4
metal3-chart/charts/baremetal-operator/Chart.yaml
View File

@@ -1,6 +1,6 @@
apiVersion: v2
appVersion: 0.9.1
appVersion: 0.8.0
description: A Helm chart for baremetal-operator, used by Metal3
name: baremetal-operator
type: application
version: 0.9.1
version: 0.6.1

764
metal3-chart/charts/baremetal-operator/crds/customresource-baremetalhosts.yaml
View File

File diff suppressed because it is too large Load Diff

24
metal3-chart/charts/baremetal-operator/crds/customresource-bmceventsubscriptions.yaml
View File

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.5
controller-gen.kubebuilder.io/version: v0.12.1
labels:
clusterctl.cluster.x-k8s.io: ""
name: bmceventsubscriptions.metal3.io
@@ -34,19 +34,14 @@ spec:
description: BMCEventSubscription is the Schema for the fast eventing API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
@@ -62,9 +57,8 @@ spec:
description: A reference to a BareMetalHost
type: string
httpHeadersRef:
description: |-
A secret containing HTTP headers which should be passed along to the Destination
when making a request
description: A secret containing HTTP headers which should be passed
along to the Destination when making a request
properties:
name:
description: name is unique within a namespace to reference a

22
metal3-chart/charts/baremetal-operator/crds/customresource-dataimages.yaml
View File

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.5
controller-gen.kubebuilder.io/version: v0.12.1
name: dataimages.metal3.io
spec:
group: metal3.io
@@ -20,19 +20,14 @@ spec:
description: DataImage is the Schema for the dataimages API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
@@ -40,8 +35,7 @@ spec:
description: DataImageSpec defines the desired state of DataImage.
properties:
url:
description: |-
Url is the address of the dataImage that we want to attach
description: Url is the address of the dataImage that we want to attach
to a BareMetalHost
type: string
required:

24
metal3-chart/charts/baremetal-operator/crds/customresource-firmwareschemas.yaml
View File

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.5
controller-gen.kubebuilder.io/version: v0.12.1
labels:
clusterctl.cluster.x-k8s.io: ""
name: firmwareschemas.metal3.io
@@ -22,19 +22,14 @@ spec:
description: FirmwareSchema is the Schema for the firmwareschemas API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
@@ -78,9 +73,8 @@ spec:
description: Whether or not this setting is read only.
type: boolean
unique:
description: |-
Whether or not this setting's value is unique to this node, e.g.
a serial number.
description: Whether or not this setting's value is unique to
this node, e.g. a serial number.
type: boolean
upper_bound:
description: The highest value for an Integer type setting.

61
metal3-chart/charts/baremetal-operator/crds/customresource-hardwaredata.yaml
View File

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.5
controller-gen.kubebuilder.io/version: v0.12.1
labels:
clusterctl.cluster.x-k8s.io: ""
name: hardwaredata.metal3.io
@@ -29,19 +29,14 @@ spec:
description: HardwareData is the Schema for the hardwaredata API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
@@ -52,7 +47,7 @@ spec:
description: The hardware discovered on the host during its inspection.
properties:
cpu:
description: Details of the CPU(s) in the system.
description: CPU describes one processor on the host.
properties:
arch:
type: string
@@ -70,7 +65,7 @@ spec:
type: string
type: object
firmware:
description: System firmware information.
description: Firmware describes the firmware on the host.
properties:
bios:
description: The BIOS for this firmware
@@ -89,15 +84,14 @@ spec:
hostname:
type: string
nics:
description: List of network interfaces for the host.
items:
description: NIC describes one network interface on the host.
properties:
ip:
description: |-
The IP address of the interface. This will be an IPv4 or IPv6 address
if one is present. If both IPv4 and IPv6 addresses are present in a
dual-stack environment, two nics will be output, one with each IP.
description: The IP address of the interface. This will
be an IPv4 or IPv6 address if one is present. If both
IPv4 and IPv6 addresses are present in a dual-stack environment,
two nics will be output, one with each IP.
type: string
mac:
description: The device MAC address
@@ -140,20 +134,16 @@ spec:
type: object
type: array
ramMebibytes:
description: The host's amount of memory in Mebibytes.
type: integer
storage:
description: List of storage (disk, SSD, etc.) available to the
host.
items:
description: Storage describes one storage device (disk, SSD,
etc.) on the host.
properties:
alternateNames:
description: |-
A list of alternate Linux device names of the disk, e.g. "/dev/sda".
Note that this list is not exhaustive, and names may not be stable
across reboots.
description: A list of alternate Linux device names of the
disk, e.g. "/dev/sda". Note that this list is not exhaustive,
and names may not be stable across reboots.
items:
type: string
type: array
@@ -164,17 +154,15 @@ spec:
description: Hardware model
type: string
name:
description: |-
A Linux device name of the disk, e.g.
"/dev/disk/by-path/pci-0000:01:00.0-scsi-0:2:0:0". This will be a name
that is stable across reboots if one is available.
description: A Linux device name of the disk, e.g. "/dev/disk/by-path/pci-0000:01:00.0-scsi-0:2:0:0".
This will be a name that is stable across reboots if one
is available.
type: string
rotational:
description: |-
Whether this disk represents rotational storage.
This field is not recommended for usage, please
prefer using 'Type' field instead, this field
will be deprecated eventually.
description: Whether this disk represents rotational storage.
This field is not recommended for usage, please prefer
using 'Type' field instead, this field will be deprecated
eventually.
type: boolean
serialNumber:
description: The serial number of the device
@@ -205,7 +193,8 @@ spec:
type: object
type: array
systemVendor:
description: System vendor information.
description: HardwareSystemVendor stores details about the whole
hardware system.
properties:
manufacturer:
type: string

72
metal3-chart/charts/baremetal-operator/crds/customresource-hostfirmwarecomponents.yaml
View File

@@ -3,9 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.5
labels:
clusterctl.cluster.x-k8s.io: ""
controller-gen.kubebuilder.io/version: v0.12.1
name: hostfirmwarecomponents.metal3.io
spec:
group: metal3.io
@@ -23,19 +21,14 @@ spec:
API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
@@ -89,35 +82,43 @@ spec:
description: Track whether updates stored in the spec are valid based
on the schema
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
@@ -132,6 +133,10 @@ spec:
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
@@ -151,9 +156,8 @@ spec:
format: date-time
type: string
updates:
description: |-
Updates is the list of all firmware components that should be updated
they are specified via name and url fields.
description: Updates is the list of all firmware components that should
be updated they are specified via name and url fields.
items:
description: FirmwareUpdate defines a firmware update specification.
properties:

70
metal3-chart/charts/baremetal-operator/crds/customresource-hostfirmwaresettings.yaml
View File

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.5
controller-gen.kubebuilder.io/version: v0.12.1
labels:
clusterctl.cluster.x-k8s.io: ""
name: hostfirmwaresettings.metal3.io
@@ -25,19 +25,14 @@ spec:
API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
@@ -64,35 +59,43 @@ spec:
description: Track whether settings stored in the spec are valid based
on the schema
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
@@ -107,6 +110,10 @@ spec:
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
@@ -126,9 +133,8 @@ spec:
format: date-time
type: string
schema:
description: |-
FirmwareSchema is a reference to the Schema used to describe each
FirmwareSetting. By default, this will be a Schema in the same
description: FirmwareSchema is a reference to the Schema used to describe
each FirmwareSetting. By default, this will be a Schema in the same
Namespace as the settings but it can be overwritten in the Spec
properties:
name:

62
metal3-chart/charts/baremetal-operator/crds/customresource-hostupdatepolicies.yaml
View File

@@ -1,62 +0,0 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.5
labels:
clusterctl.cluster.x-k8s.io: ""
name: hostupdatepolicies.metal3.io
spec:
group: metal3.io
names:
kind: HostUpdatePolicy
listKind: HostUpdatePolicyList
plural: hostupdatepolicies
singular: hostupdatepolicy
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: HostUpdatePolicy is the Schema for the hostupdatepolicy API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: HostUpdatePolicySpec defines the desired state of HostUpdatePolicy.
properties:
firmwareSettings:
description: Defines policy for changing firmware settings
enum:
- onPreparing
- onReboot
type: string
firmwareUpdates:
description: Defines policy for updating firmware
enum:
- onPreparing
- onReboot
type: string
type: object
status:
description: HostUpdatePolicyStatus defines the observed state of HostUpdatePolicy.
type: object
type: object
served: true
storage: true

91
metal3-chart/charts/baremetal-operator/crds/customresource-preprovisioningimages.yaml
View File

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.5
controller-gen.kubebuilder.io/version: v0.12.1
labels:
clusterctl.cluster.x-k8s.io: ""
name: preprovisioningimages.metal3.io
@@ -34,19 +34,14 @@ spec:
API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
@@ -67,9 +62,8 @@ spec:
to build the image.
type: string
networkDataName:
description: |-
networkDataName is the name of a Secret in the local namespace that
contains network data to build in to the image.
description: networkDataName is the name of a Secret in the local
namespace that contains network data to build in to the image.
type: string
type: object
status:
@@ -83,35 +77,43 @@ spec:
conditions:
description: conditions describe the state of the built image
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
@@ -126,6 +128,10 @@ spec:
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
@@ -141,14 +147,13 @@ spec:
- type
x-kubernetes-list-type: map
extraKernelParams:
description: |-
extraKernelParams is a string with extra parameters to pass to the
kernel when booting the image over network. Only makes sense for initrd images.
description: extraKernelParams is a string with extra parameters to
pass to the kernel when booting the image over network. Only makes
sense for initrd images.
type: string
format:
description: |-
format is the type of image that is available at the download url:
either iso or initrd.
description: 'format is the type of image that is available at the
download url: either iso or initrd.'
enum:
- iso
- initrd
@@ -158,14 +163,12 @@ spec:
downloaded.
type: string
kernelUrl:
description: |-
kernelUrl is the URL from which the kernel of the image can be downloaded.
Only makes sense for initrd images.
description: kernelUrl is the URL from which the kernel of the image
can be downloaded. Only makes sense for initrd images.
type: string
networkData:
description: |-
networkData is a reference to the version of the Secret containing the
network data used to build the image.
description: networkData is a reference to the version of the Secret
containing the network data used to build the image.
properties:
name:
type: string

20
metal3-chart/charts/baremetal-operator/templates/clusterrole-manager.yaml
View File

@@ -184,23 +184,3 @@ rules:
- get
- patch
- update
- apiGroups:
- metal3.io
resources:
- hostupdatepolicies
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- metal3.io
resources:
- hostupdatepolicies/status
verbs:
- get
- patch
- update

2
metal3-chart/charts/baremetal-operator/templates/metrics_reader_role.yaml → metal3-chart/charts/baremetal-operator/templates/clusterrole-metrics-reader.yaml
View File

@@ -6,6 +6,6 @@ metadata:
{{- include "baremetal-operator.labels" . | nindent 4 }}
rules:
- nonResourceURLs:
- "/metrics"
- /metrics
verbs:
- get

2
metal3-chart/charts/baremetal-operator/templates/metrics_auth_role.yaml → metal3-chart/charts/baremetal-operator/templates/clusterrole-proxy.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "baremetal-operator.fullname" . }}-metrics-auth-role
name: {{ include "baremetal-operator.fullname" . }}-proxy-role
labels:
{{- include "baremetal-operator.labels" . | nindent 4 }}
rules:

4
metal3-chart/charts/baremetal-operator/templates/metrics_auth_role_binding.yaml → metal3-chart/charts/baremetal-operator/templates/clusterrolebinding-proxy.yaml
View File

@@ -1,13 +1,13 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "baremetal-operator.fullname" . }}-metrics-auth-rolebinding
name: {{ include "baremetal-operator.fullname" . }}-proxy-rolebinding
labels:
{{- include "baremetal-operator.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ include "baremetal-operator.fullname" . }}-metrics-auth-role
name: {{ include "baremetal-operator.fullname" . }}-proxy-role
subjects:
- kind: ServiceAccount
name: {{ include "baremetal-operator.serviceAccountName" . }}

6
metal3-chart/charts/baremetal-operator/templates/configmap-ironic.yaml
View File

@@ -5,7 +5,6 @@
{{- $ironicApiHost := print $ironicIP ":6385" }}
{{- $ironicBootHost := print $ironicIP ":6180" }}
{{- $ironicCacheHost := print $ironicIP ":6180" }}
{{- $deployArch := .Values.global.deployArchitecture }}
apiVersion: v1
data:
@@ -20,9 +19,8 @@ data:
{{- $protocol = "http" }}
{{- end }}
CACHEURL: "{{ $protocol }}://{{ $ironicCacheHost }}/images"
DEPLOY_KERNEL_URL: "{{ $protocol }}://{{ $ironicBootHost }}/images/ironic-python-agent-{{ $deployArch }}.kernel"
DEPLOY_RAMDISK_URL: "{{ $protocol }}://{{ $ironicBootHost }}/images/ironic-python-agent-{{ $deployArch }}.initramfs"
DEPLOY_ARCHITECTURE: "{{ $deployArch }}"
DEPLOY_KERNEL_URL: "{{ $protocol }}://{{ $ironicBootHost }}/images/ironic-python-agent.kernel"
DEPLOY_RAMDISK_URL: "{{ $protocol }}://{{ $ironicBootHost }}/images/ironic-python-agent.initramfs"
kind: ConfigMap
metadata:
name: baremetal-operator-ironic

18
metal3-chart/charts/baremetal-operator/templates/deployment.yaml
View File

@@ -24,8 +24,8 @@ spec:
spec:
containers:
- args:
- --metrics-addr=127.0.0.1:8085
- --enable-leader-election
- --tls-min-version=TLS13
env:
- name: POD_NAME
valueFrom:
@@ -56,9 +56,6 @@ spec:
- containerPort: 9443
name: webhook-server
protocol: TCP
- containerPort: 8443
protocol: TCP
name: https
readinessProbe:
failureThreshold: 10
httpGet:
@@ -87,6 +84,19 @@ spec:
mountPath: "/opt/metal3/certs/ca"
readOnly: true
{{- end }}
- args:
- --secure-listen-address=0.0.0.0:8443
- --upstream=http://127.0.0.1:8085/
- --logtostderr=true
- --v=10
image: "{{ .Values.images.rbacProxy.repository }}:{{ .Values.images.rbacProxy.tag }}"
imagePullPolicy: {{ .Values.images.rbacProxy.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 10 }}
name: kube-rbac-proxy
ports:
- containerPort: 8443
name: https
serviceAccountName: {{ include "baremetal-operator.serviceAccountName" . }}
terminationGracePeriodSeconds: 10
volumes:

0
metal3-chart/charts/baremetal-operator/templates/metrics_service.yaml → metal3-chart/charts/baremetal-operator/templates/service-controller-manager.yaml
View File

6
metal3-chart/charts/baremetal-operator/values.yaml
View File

@@ -28,7 +28,11 @@ images:
baremetalOperator:
repository: registry.opensuse.org/isv/suse/edge/metal3/containers/images/baremetal-operator
pullPolicy: IfNotPresent
tag: "0.9.1"
tag: "0.8.0"
rbacProxy:
repository: registry.opensuse.org/isv/suse/edge/metal3/containers/images/kube-rbac-proxy
pullPolicy: IfNotPresent
tag: "0.18.1"
imagePullSecrets: []
nameOverride: "manger"

2
metal3-chart/charts/ironic/Chart.yaml
View File

@@ -3,4 +3,4 @@ appVersion: 26.1.2
description: A Helm chart for Ironic, used by Metal3
name: ironic
type: application
version: 0.10.0
version: 0.9.3

6
metal3-chart/charts/ironic/templates/configmap.yaml
View File

@@ -12,7 +12,6 @@ data:
{{- $ironicApiHost := print $ironicIP ":6385" }}
{{- $ironicBootHost := print $ironicIP ":6180" }}
{{- $ironicCacheHost := print $ironicIP ":6180" }}
{{- $deployArch := .Values.global.deployArchitecture }}
{{- if ( .Values.global.enable_dnsmasq ) }}
DNSMASQ_BOOT_SERVER_ADDRESS: {{ $ironicBootHost }}
@@ -40,9 +39,8 @@ data:
{{- end }}
IRONIC_EXTERNAL_HTTP_URL: {{ $protocol }}://{{ $ironicCacheHost }}
CACHEURL: {{ $protocol }}://{{ $ironicCacheHost }}/images
DEPLOY_KERNEL_URL: {{ $protocol }}://{{ $ironicBootHost }}/images/ironic-python-agent-{{ $deployArch }}.kernel
DEPLOY_RAMDISK_URL: {{ $protocol }}://{{ $ironicBootHost }}/images/ironic-python-agent-{{ $deployArch }}.initramfs
DEPLOY_ARCHITECTURE: {{ $deployArch }}
DEPLOY_KERNEL_URL: {{ $protocol }}://{{ $ironicBootHost }}/images/ironic-python-agent.kernel
DEPLOY_RAMDISK_URL: {{ $protocol }}://{{ $ironicBootHost }}/images/ironic-python-agent.initramfs
IRONIC_BOOT_BASE_URL: {{ $protocol }}://{{ $ironicBootHost }}
IRONIC_VMEDIA_HTTPD_SERVER_NAME: {{ $ironicBootHost }}
ENABLE_PXE_BOOT: "{{ .Values.global.enable_pxe_boot }}"

4
metal3-chart/charts/ironic/values.yaml
View File

@@ -56,11 +56,11 @@ images:
ironic:
repository: registry.opensuse.org/isv/suse/edge/metal3/containers/images/ironic
pullPolicy: IfNotPresent
tag: 26.1.2.4
tag: 26.1.2.3
ironicIPADownloader:
repository: registry.opensuse.org/isv/suse/edge/metal3/containers/images/ironic-ipa-downloader
pullPolicy: IfNotPresent
tag: 3.0.3
tag: 3.0.1
nameOverride: ""
fullnameOverride: ""

3
metal3-chart/values.yaml
View File

@@ -63,9 +63,6 @@ global:
# Name for the MariaDB service
databaseServiceName: metal3-mariadb
# Architecture for deployed nodes (either x86_64 or arm64)
deployArchitecture: x86_64
# In a multi-node cluster use the node selector to ensure the pods
# all run on the same host where the dnsmasqDNSServer and provisioningIP
# and /opt/media exist. Uncomment the nodeSelector and update the

18
metallb-chart/Chart.yaml
View File

@@ -1,17 +1,17 @@
#!BuildTag: %%IMG_PREFIX%%metallb-chart:%%CHART_MAJOR%%.0.0_up0.14.9
#!BuildTag: %%IMG_PREFIX%%metallb-chart:%%CHART_MAJOR%%.0.0_up0.14.9-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%metallb-chart:%%CHART_MAJOR%%.0.1_up0.14.9
#!BuildTag: %%IMG_PREFIX%%metallb-chart:%%CHART_MAJOR%%.0.1_up0.14.9-%RELEASE%
apiVersion: v2
appVersion: v0.14.9
appVersion: v0.14.3
dependencies:
- condition: crds.enabled
name: crds
repository: file://./charts/crds
version: 0.14.9
- alias: metallb-frr-k8s
condition: frrk8s.enabled
name: frr-k8s
repository: file://./charts/frr-k8s
version: 0.0.16
version: 0.0.15
- condition: crds.enabled
name: metallb-crds
repository: file://./charts/metallb-crds
version: 0.14.8
description: A network load-balancer implementation for Kubernetes using standard
routing protocols
home: https://metallb.universe.tf
@@ -21,4 +21,4 @@ name: metallb
sources:
- https://github.com/metallb/metallb
type: application
version: "%%CHART_MAJOR%%.0.0+up0.14.9"
version: "%%CHART_MAJOR%%.0.1+up0.14.9"

16
metallb-chart/README.md
View File

@@ -1,6 +1,6 @@
# metallb
![Version: 0.14.9](https://img.shields.io/badge/Version-0.14.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.14.9](https://img.shields.io/badge/AppVersion-v0.14.9-informational?style=flat-square)
![Version: 0.14.8](https://img.shields.io/badge/Version-0.14.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.14.8](https://img.shields.io/badge/AppVersion-v0.14.8-informational?style=flat-square)
A network load-balancer implementation for Kubernetes using standard routing protocols
@@ -16,8 +16,8 @@ Kubernetes: `>= 1.19.0-0`
| Repository | Name | Version |
|------------|------|---------|
| | crds | 0.14.9 |
| https://metallb.github.io/frr-k8s | frr-k8s | 0.0.16 |
| | crds | 0.14.8 |
| https://metallb.github.io/frr-k8s | frr-k8s | 0.0.14 |
## Values
@@ -79,17 +79,17 @@ Kubernetes: `>= 1.19.0-0`
| prometheus.podMonitor.relabelings | list | `[]` | |
| prometheus.prometheusRule.additionalLabels | object | `{}` | |
| prometheus.prometheusRule.addressPoolExhausted.enabled | bool | `true` | |
| prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"critical"` | |
| prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"alert"` | |
| prometheus.prometheusRule.addressPoolUsage.enabled | bool | `true` | |
| prometheus.prometheusRule.addressPoolUsage.thresholds[0].labels.severity | string | `"warning"` | |
| prometheus.prometheusRule.addressPoolUsage.thresholds[0].percent | int | `75` | |
| prometheus.prometheusRule.addressPoolUsage.thresholds[1].labels.severity | string | `"warning"` | |
| prometheus.prometheusRule.addressPoolUsage.thresholds[1].percent | int | `85` | |
| prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"critical"` | |
| prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"alert"` | |
| prometheus.prometheusRule.addressPoolUsage.thresholds[2].percent | int | `95` | |
| prometheus.prometheusRule.annotations | object | `{}` | |
| prometheus.prometheusRule.bgpSessionDown.enabled | bool | `true` | |
| prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"critical"` | |
| prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"alert"` | |
| prometheus.prometheusRule.configNotLoaded.enabled | bool | `true` | |
| prometheus.prometheusRule.configNotLoaded.labels.severity | string | `"warning"` | |
| prometheus.prometheusRule.enabled | bool | `false` | |
@@ -99,7 +99,7 @@ Kubernetes: `>= 1.19.0-0`
| prometheus.rbacPrometheus | bool | `true` | |
| prometheus.rbacProxy.pullPolicy | string | `nil` | |
| prometheus.rbacProxy.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/kube-rbac-proxy"` | |
| prometheus.rbacProxy.tag | string | `"v0.18.0"` | |
| prometheus.rbacProxy.tag | string | `"v0.12.0"` | |
| prometheus.scrapeAnnotations | bool | `false` | |
| prometheus.serviceAccount | string | `""` | |
| prometheus.serviceMonitor.controller.additionalLabels | object | `{}` | |
@@ -122,7 +122,7 @@ Kubernetes: `>= 1.19.0-0`
| speaker.frr.enabled | bool | `true` | |
| speaker.frr.image.pullPolicy | string | `nil` | |
| speaker.frr.image.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/frr"` | |
| speaker.frr.image.tag | string | `"8.5.6"` | |
| speaker.frr.image.tag | string | `"8.4.2"` | |
| speaker.frr.metricsPort | int | `7473` | |
| speaker.frr.resources | object | `{}` | |
| speaker.frrMetrics.resources | object | `{}` | |

14
metallb-chart/charts/crds/README.md
View File

@@ -1,14 +0,0 @@
# crds
![Version: 0.0.0](https://img.shields.io/badge/Version-0.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.0](https://img.shields.io/badge/AppVersion-v0.0.0-informational?style=flat-square)
MetalLB CRDs
**Homepage:** <https://metallb.universe.tf>
## Source Code
* <https://github.com/metallb/metallb>
----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0)

23
metallb-chart/charts/frr-k8s/.helmignore
View File

@@ -1,23 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

6
metallb-chart/charts/frr-k8s/Chart.lock
View File

@@ -1,6 +0,0 @@
dependencies:
- name: crds
repository: ""
version: 0.0.16
digest: sha256:b54ee64c5e61f1dd38e89efc87ebd1e36cdb7c4dd7c897d9985040dccd713dba
generated: "2024-11-22T11:40:47.152053909+01:00"

9
metallb-chart/charts/frr-k8s/Chart.yaml
View File

@@ -1,10 +1,5 @@
apiVersion: v2
appVersion: v0.0.16
dependencies:
- condition: crds.enabled
name: crds
repository: file://./charts/crds
version: 0.0.16
appVersion: v0.0.14
description: A cloud native wrapper of FRR
home: https://metallb.universe.tf
icon: https://metallb.universe.tf/images/logo/metallb-white.png
@@ -13,4 +8,4 @@ name: frr-k8s
sources:
- https://github.com/metallb/frr-k8s
type: application
version: 0.0.16
version: 0.0.15

16
metallb-chart/charts/frr-k8s/README.md
View File

@@ -1,6 +1,6 @@
# frr-k8s
![Version: 0.0.16](https://img.shields.io/badge/Version-0.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.16](https://img.shields.io/badge/AppVersion-v0.0.16-informational?style=flat-square)
![Version: 0.0.14](https://img.shields.io/badge/Version-0.0.14-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.14](https://img.shields.io/badge/AppVersion-v0.0.14-informational?style=flat-square)
A cloud native wrapper of FRR
@@ -16,7 +16,7 @@ Kubernetes: `>= 1.19.0-0`
| Repository | Name | Version |
|------------|------|---------|
| | crds | 0.0.16 |
| | crds | 0.0.14 |
## Values
@@ -27,17 +27,17 @@ Kubernetes: `>= 1.19.0-0`
| frrk8s.affinity | object | `{}` | |
| frrk8s.alwaysBlock | string | `""` | |
| frrk8s.disableCertRotation | bool | `false` | |
| frrk8s.frr.acceptIncomingBGPConnections | bool | `false` | |
| frrk8s.frr.image.pullPolicy | string | `nil` | |
| frrk8s.frr.image.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/frr"` | |
| frrk8s.frr.image.tag | string | `"8.5.6"` | |
| frrk8s.frr.image.repository | string | `"quay.io/frrouting/frr"` | |
| frrk8s.frr.image.tag | string | `"9.1.0"` | |
| frrk8s.frr.metricsBindAddress | string | `"127.0.0.1"` | |
| frrk8s.frr.metricsPort | int | `7573` | |
| frrk8s.frr.resources | object | `{}` | |
| frrk8s.frr.secureMetricsPort | int | `9141` | |
| frrk8s.frrMetrics.resources | object | `{}` | |
| frrk8s.healthPort | int | `8081` | |
| frrk8s.image.pullPolicy | string | `nil` | |
| frrk8s.image.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/frr-k8s"` | |
| frrk8s.image.repository | string | `"quay.io/metallb/frr-k8s"` | |
| frrk8s.image.tag | string | `nil` | |
| frrk8s.labels.app | string | `"frr-k8s"` | |
| frrk8s.livenessProbe.enabled | bool | `true` | |
@@ -77,8 +77,8 @@ Kubernetes: `>= 1.19.0-0`
| prometheus.namespace | string | `""` | |
| prometheus.rbacPrometheus | bool | `false` | |
| prometheus.rbacProxy.pullPolicy | string | `nil` | |
| prometheus.rbacProxy.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/kube-rbac-proxy"` | |
| prometheus.rbacProxy.tag | string | `"v0.18.0"` | |
| prometheus.rbacProxy.repository | string | `"gcr.io/kubebuilder/kube-rbac-proxy"` | |
| prometheus.rbacProxy.tag | string | `"v0.12.0"` | |
| prometheus.scrapeAnnotations | bool | `false` | |
| prometheus.secureMetricsPort | int | `9140` | |
| prometheus.serviceAccount | string | `""` | |

23
metallb-chart/charts/frr-k8s/charts/crds/.helmignore
View File

@@ -1,23 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

10
metallb-chart/charts/frr-k8s/charts/crds/Chart.yaml
View File

@@ -1,10 +0,0 @@
apiVersion: v2
appVersion: v0.0.16
description: FRR K8s CRDs
home: https://metallb.universe.tf
icon: https://metallb.universe.tf/images/logo/metallb-white.png
name: crds
sources:
- https://github.com/metallb/frr-k8s
type: application
version: 0.0.16

14
metallb-chart/charts/frr-k8s/charts/crds/README.md
View File

@@ -1,14 +0,0 @@
# crds
![Version: 0.0.0](https://img.shields.io/badge/Version-0.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.0](https://img.shields.io/badge/AppVersion-v0.0.0-informational?style=flat-square)
FRR-K8s CRDs
**Homepage:** <https://metallb.universe.tf>
## Source Code
* <https://github.com/metallb/frr-k8s>
----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0)

17
metallb-chart/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml → metallb-chart/charts/frr-k8s/crds/frrk8s.metallb.io_frrconfigurations.yaml
View File

@@ -156,9 +156,8 @@ spec:
the session with.
type: string
asn:
description: |-
ASN is the AS number to use for the local end of the session.
ASN and DynamicASN are mutually exclusive and one of them must be specified.
description: ASN is the AS number to use for the local
end of the session.
format: int32
maximum: 4294967295
minimum: 0
@@ -188,17 +187,6 @@ spec:
will separate IPv4 and IPv6 route exchanges into
distinct BGP sessions.
type: boolean
dynamicASN:
description: |-
DynamicASN detects the AS number to use for the local end of the session
without explicitly setting it via the ASN field. Limited to:
internal - if the neighbor's ASN is different than the router's the connection is denied.
external - if the neighbor's ASN is the same as the router's the connection is denied.
ASN and DynamicASN are mutually exclusive and one of them must be specified.
enum:
- internal
- external
type: string
ebgpMultiHop:
description: EBGPMultiHop indicates if the BGPPeer
is multi-hops away.
@@ -378,6 +366,7 @@ spec:
type: object
required:
- address
- asn
type: object
type: array
prefixes:

0
metallb-chart/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrnodestates.yaml → metallb-chart/charts/frr-k8s/crds/frrk8s.metallb.io_frrnodestates.yaml
View File

11
metallb-chart/charts/frr-k8s/templates/controller.yaml
View File

@@ -50,7 +50,7 @@ data:
#
vtysh_enable=yes
zebra_options=" -A 127.0.0.1 -s 90000000"
bgpd_options=" -A 127.0.0.1 {{ if not .Values.frrk8s.frr.acceptIncomingBGPConnections }} -p 0 {{- end }}"
bgpd_options=" -A 127.0.0.1"
ospfd_options=" -A 127.0.0.1"
ospf6d_options=" -A ::1"
ripd_options=" -A 127.0.0.1"
@@ -199,6 +199,7 @@ spec:
{{- with .Values.frrk8s.logLevel }}
- --log-level={{ . }}
{{- end }}
- --health-probe-bind-address={{.Values.prometheus.metricsBindAddress}}:{{ .Values.frrk8s.healthPort }}
{{- if .Values.frrk8s.alwaysBlock }}
- --always-block={{ .Values.frrk8s.alwaysBlock }}
{{- end }}
@@ -221,8 +222,8 @@ spec:
{{- if .Values.frrk8s.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /metrics
port: monitoring
path: /healthz
port: {{ .Values.frrk8s.healthPort }}
host: {{ .Values.prometheus.metricsBindAddress }}
initialDelaySeconds: {{ .Values.frrk8s.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.frrk8s.livenessProbe.periodSeconds }}
@@ -233,8 +234,8 @@ spec:
{{- if .Values.frrk8s.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /metrics
port: monitoring
path: /healthz
port: {{ .Values.frrk8s.healthPort }}
host: {{ .Values.prometheus.metricsBindAddress }}
initialDelaySeconds: {{ .Values.frrk8s.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.frrk8s.readinessProbe.periodSeconds }}

13
metallb-chart/charts/frr-k8s/templates/webhooks.yaml
View File

@@ -46,7 +46,7 @@ spec:
- "--restart-on-rotator-secret-refresh=true"
{{- end }}
- "--namespace=$(NAMESPACE)"
- "--metrics-bind-address=:{{ .Values.prometheus.metricsPort }}"
- --health-probe-bind-address=:8081
env:
- name: NAMESPACE
valueFrom:
@@ -63,14 +63,11 @@ spec:
drop:
- ALL
readOnlyRootFilesystem: true
ports:
- containerPort: {{ .Values.prometheus.metricsPort }}
name: monitoring
{{- if .Values.frrk8s.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /metrics
port: monitoring
path: /healthz
port: 8081
initialDelaySeconds: {{ .Values.frrk8s.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.frrk8s.livenessProbe.periodSeconds }}
failureThreshold: {{ .Values.frrk8s.livenessProbe.failureThreshold }}
@@ -78,8 +75,8 @@ spec:
{{- if .Values.frrk8s.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /metrics
port: monitoring
path: /readyz
port: 8081
initialDelaySeconds: {{ .Values.frrk8s.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.frrk8s.readinessProbe.periodSeconds }}
failureThreshold: {{ .Values.frrk8s.readinessProbe.failureThreshold }}

7
metallb-chart/charts/frr-k8s/values.yaml
View File

@@ -98,7 +98,7 @@ frrk8s:
tolerateMaster: true
image:
repository: "registry.opensuse.org/isv/suse/edge/metallb/images/frr-k8s"
tag: "v0.0.16"
tag: "v0.0.14"
pullPolicy: IfNotPresent
## @param controller.updateStrategy.type FRR-K8s controller daemonset strategy type
## ref: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/
@@ -132,6 +132,7 @@ frrk8s:
podAnnotations: {}
labels:
app: frr-k8s
healthPort: 8081
livenessProbe:
enabled: true
failureThreshold: 3
@@ -161,17 +162,15 @@ frrk8s:
frr:
image:
repository: "registry.opensuse.org/isv/suse/edge/metallb/images/frr"
tag: "8.5.6"
tag: "8.4"
pullPolicy: IfNotPresent
metricsBindAddress: 127.0.0.1
metricsPort: 7573
resources: {}
secureMetricsPort: 9141
acceptIncomingBGPConnections: false
reloader:
resources: {}
frrMetrics:
resources: {}
crds:
enabled: true
validationFailurePolicy: Fail

0
metallb-chart/charts/crds/.helmignore → metallb-chart/charts/metallb-crds/.helmignore
View File

4
metallb-chart/charts/crds/Chart.yaml → metallb-chart/charts/metallb-crds/Chart.yaml
View File

@@ -3,8 +3,8 @@ appVersion: v0.14.9
description: MetalLB CRDs
home: https://metallb.universe.tf
icon: https://metallb.universe.tf/images/logo/metallb-white.png
name: crds
name: metallb-crds
sources:
- https://github.com/metallb/metallb
type: application
version: 0.14.9
version: 0.14.8

11
metallb-chart/charts/metallb-crds/README.md Normal file
View File

@@ -0,0 +1,11 @@
# crds
![Version: 0.14.3](https://img.shields.io/badge/Version-0.14.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.14.3](https://img.shields.io/badge/AppVersion-v0.14.3-informational?style=flat-square)
MetalLB CRDs
**Homepage:** <https://metallb.universe.tf>
## Source Code
* <https://github.com/metallb/metallb>

40
metallb-chart/charts/crds/templates/crds.yaml → metallb-chart/charts/metallb-crds/templates/crds.yaml
View File

@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.3
controller-gen.kubebuilder.io/version: v0.14.0
name: bfdprofiles.metallb.io
spec:
group: metallb.io
@@ -123,7 +123,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.3
controller-gen.kubebuilder.io/version: v0.14.0
name: bgpadvertisements.metallb.io
spec:
group: metallb.io
@@ -329,7 +329,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.3
controller-gen.kubebuilder.io/version: v0.14.0
name: bgppeers.metallb.io
spec:
conversion:
@@ -365,8 +365,6 @@ spec:
- jsonPath: .spec.ebgpMultiHop
name: Multi Hops
type: string
deprecated: true
deprecationWarning: v1beta1 is deprecated, please use v1beta2
name: v1beta1
schema:
openAPIV3Schema:
@@ -528,26 +526,15 @@ spec:
default: false
description: To set if we want to disable MP BGP that will separate IPv4 and IPv6 route exchanges into distinct BGP sessions.
type: boolean
dynamicASN:
description: |-
DynamicASN detects the AS number to use for the remote end of the session
without explicitly setting it via the ASN field. Limited to:
internal - if the neighbor's ASN is different than MyASN connection is denied.
external - if the neighbor's ASN is the same as MyASN the connection is denied.
ASN and DynamicASN are mutually exclusive and one of them must be specified.
enum:
- internal
- external
type: string
ebgpMultiHop:
description: To set if the BGPPeer is multi-hops away. Needed for FRR mode only.
type: boolean
enableGracefulRestart:
description: |-
EnableGracefulRestart allows BGP peer to continue to forward data packets
along known routes while the routing protocol information is being
restored. This field is immutable because it requires restart of the BGP
session. Supported for FRR mode only.
EnableGracefulRestart allows BGP peer to continue to forward data packets along
known routes while the routing protocol information is being restored.
This field is immutable because it requires restart of the BGP session
Supported for FRR mode only.
type: boolean
x-kubernetes-validations:
- message: EnableGracefulRestart cannot be changed after creation
@@ -635,9 +622,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
peerASN:
description: |-
AS number to expect from the remote end of the session.
ASN and DynamicASN are mutually exclusive and one of them must be specified.
description: AS number to expect from the remote end of the session.
format: int32
maximum: 4294967295
minimum: 0
@@ -664,6 +649,7 @@ spec:
type: string
required:
- myASN
- peerASN
- peerAddress
type: object
status:
@@ -679,7 +665,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.3
controller-gen.kubebuilder.io/version: v0.14.0
name: communities.metallb.io
spec:
group: metallb.io
@@ -744,7 +730,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.3
controller-gen.kubebuilder.io/version: v0.14.0
name: ipaddresspools.metallb.io
spec:
group: metallb.io
@@ -954,7 +940,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.3
controller-gen.kubebuilder.io/version: v0.14.0
name: l2advertisements.metallb.io
spec:
group: metallb.io
@@ -1134,7 +1120,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.3
controller-gen.kubebuilder.io/version: v0.14.0
name: servicel2statuses.metallb.io
spec:
group: metallb.io

1
metallb-chart/templates/_helpers.tpl
View File

@@ -111,4 +111,3 @@ Create the name of the settings Secret to use.
{{ .Values.speaker.frr.metricsPort }}
{{- end }}
{{- end }}

2
metallb-chart/templates/controller.yaml
View File

@@ -84,7 +84,7 @@ spec:
- name: METALLB_DEPLOYMENT
value: {{ template "metallb.fullname" . }}-controller
{{- end }}
{{- if and .Values.speaker.enabled .Values.speaker.frr.enabled }}
{{- if .Values.speaker.frr.enabled }}
- name: METALLB_BGP_TYPE
value: frr
{{- end }}

2
metallb-chart/templates/podmonitor.yaml
View File

@@ -36,7 +36,6 @@ spec:
relabelings:
{{- toYaml .Values.prometheus.podMonitor.relabelings | nindent 4 }}
{{- end }}
{{- if .Values.speaker.enabled }}
---
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
@@ -75,7 +74,6 @@ spec:
relabelings:
{{- toYaml .Values.prometheus.podMonitor.relabelings | nindent 4 }}
{{- end }}
{{- end }}
---
{{- if .Values.prometheus.rbacPrometheus }}
apiVersion: rbac.authorization.k8s.io/v1

20
metallb-chart/templates/prometheusrules.yaml
View File

@@ -19,8 +19,8 @@ spec:
{{- if .Values.prometheus.prometheusRule.staleConfig.enabled }}
- alert: MetalLBStaleConfig
annotations:
summary: {{`'Stale config on {{ $labels.pod }}'`}}
description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has a stale config for > 1 minute'`}}
message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod
}} has a stale config for > 1 minute'`}}
expr: metallb_k8s_client_config_stale_bool{job=~"{{ template "metallb.fullname" . }}.*"} == 1
for: 1m
{{- with .Values.prometheus.prometheusRule.staleConfig.labels }}
@@ -31,8 +31,8 @@ spec:
{{- if .Values.prometheus.prometheusRule.configNotLoaded.enabled }}
- alert: MetalLBConfigNotLoaded
annotations:
summary: {{`'Config on {{ $labels.pod }} has not been loaded'`}}
description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has not loaded for > 1 minute'`}}
message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod
}} has not loaded for > 1 minute'`}}
expr: metallb_k8s_client_config_loaded_bool{job=~"{{ template "metallb.fullname" . }}.*"} == 0
for: 1m
{{- with .Values.prometheus.prometheusRule.configNotLoaded.labels }}
@@ -43,8 +43,8 @@ spec:
{{- if .Values.prometheus.prometheusRule.addressPoolExhausted.enabled }}
- alert: MetalLBAddressPoolExhausted
annotations:
summary: {{`'Exhausted address pool on {{ $labels.pod }}'`}}
description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has exhausted address pool {{ $labels.pool }} for > 1 minute'`}}
message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod
}} has exhausted address pool {{ $labels.pool }} for > 1 minute'`}}
expr: metallb_allocator_addresses_in_use_total >= on(pool) metallb_allocator_addresses_total
for: 1m
{{- with .Values.prometheus.prometheusRule.addressPoolExhausted.labels }}
@@ -57,8 +57,8 @@ spec:
{{- range .Values.prometheus.prometheusRule.addressPoolUsage.thresholds }}
- alert: MetalLBAddressPoolUsage{{ .percent }}Percent
annotations:
summary: {{`'Exhausted address pool on {{ $labels.pod }}'`}}
message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has address pool {{ $labels.pool }} past `}}{{ .percent }}{{`% usage for > 1 minute'`}}
message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod
}} has address pool {{ $labels.pool }} past `}}{{ .percent }}{{`% usage for > 1 minute'`}}
expr: ( metallb_allocator_addresses_in_use_total / on(pool) metallb_allocator_addresses_total ) * 100 > {{ .percent }}
{{- with .labels }}
labels:
@@ -69,8 +69,8 @@ spec:
{{- if .Values.prometheus.prometheusRule.bgpSessionDown.enabled }}
- alert: MetalLBBGPSessionDown
annotations:
summary: {{`'BGP session down on {{ $labels.pod }}'`}}
message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has BGP session {{ $labels.peer }} down for > 1 minute'`}}
message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod
}} has BGP session {{ $labels.peer }} down for > 1 minute'`}}
expr: metallb_bgp_session_up{job=~"{{ template "metallb.fullname" . }}.*"} == 0
for: 1m
{{- with .Values.prometheus.prometheusRule.bgpSessionDown.labels }}

12
metallb-chart/templates/rbac.yaml
View File

@@ -19,11 +19,11 @@ rules:
resources: ["events"]
verbs: ["create", "patch"]
- apiGroups: ["admissionregistration.k8s.io"]
resources: ["validatingwebhookconfigurations"]
resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"]
resourceNames: ["metallb-webhook-configuration"]
verbs: ["create", "delete", "get", "list", "patch", "update", "watch"]
- apiGroups: ["admissionregistration.k8s.io"]
resources: ["validatingwebhookconfigurations"]
resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"]
verbs: ["list", "watch"]
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
@@ -41,7 +41,6 @@ rules:
resources: ["subjectaccessreviews"]
verbs: ["create"]
{{- end }}
{{- if .Values.speaker.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@@ -73,7 +72,7 @@ rules:
{{- if or .Values.frrk8s.enabled .Values.frrk8s.external }}
- apiGroups: ["frrk8s.metallb.io"]
resources: ["frrconfigurations"]
verbs: ["get", "list", "watch","create","update","delete"]
verbs: ["get", "list", "watch","create","update"]
{{- end }}
---
apiVersion: rbac.authorization.k8s.io/v1
@@ -110,7 +109,6 @@ rules:
- apiGroups: ["metallb.io"]
resources: ["communities"]
verbs: ["get", "list", "watch"]
{{- end }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
@@ -119,7 +117,7 @@ metadata:
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "metallb.labels" . | nindent 4 }}
rules:
{{- if and .Values.speaker.enabled .Values.speaker.memberlist.enabled }}
{{- if .Values.speaker.memberlist.enabled }}
- apiGroups: [""]
resources: ["secrets"]
verbs: ["create", "get", "list", "watch"]
@@ -168,7 +166,6 @@ roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "metallb.fullname" . }}:controller
{{- if .Values.speaker.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
@@ -198,7 +195,6 @@ roleRef:
subjects:
- kind: ServiceAccount
name: {{ include "metallb.speaker.serviceAccountName" . }}
{{- end }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding

2
metallb-chart/templates/service-accounts.yaml
View File

@@ -13,7 +13,7 @@ metadata:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
{{- if and .Values.speaker.enabled .Values.speaker.serviceAccount.create }}
{{- if .Values.speaker.serviceAccount.create }}
---
apiVersion: v1
kind: ServiceAccount

7
metallb-chart/templates/servicemonitor.yaml
View File

@@ -1,9 +1,4 @@
{{- if and .Values.prometheus.serviceMonitor.enabled .Values.prometheus.podMonitor.enabled }}
{{- fail "prometheus.serviceMonitor.enabled and prometheus.podMonitor.enabled cannot both be set" }}
{{- end }}
{{- if .Values.prometheus.serviceMonitor.enabled }}
{{- if .Values.speaker.enabled }}
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
@@ -94,7 +89,6 @@ spec:
{{- end }}
sessionAffinity: None
type: ClusterIP
{{- end }}
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
@@ -103,6 +97,7 @@ metadata:
namespace: {{ .Release.Namespace | quote }}
labels:
{{- include "metallb.labels" . | nindent 4 }}
app.kubernetes.io/component: speaker
{{- if .Values.prometheus.serviceMonitor.controller.additionalLabels }}
{{ toYaml .Values.prometheus.serviceMonitor.controller.additionalLabels | indent 4 }}
{{- end }}

20
metallb-chart/values.yaml
View File

@@ -45,7 +45,7 @@ prometheus:
# certificate to be used.
controllerMetricsTLSSecret: ""
# prometheus doesn't have the permission to scrape all namespaces so we give it permission to scrape metallb's one
# prometheus doens't have the permission to scrape all namespaces so we give it permission to scrape metallb's one
rbacPrometheus: true
# the service account used by prometheus
@@ -67,7 +67,7 @@ prometheus:
# enable support for Prometheus Operator
enabled: false
# optional additional labels for podMonitors
# optional additionnal labels for podMonitors
additionalLabels: {}
# optional annotations for podMonitors
@@ -146,7 +146,7 @@ prometheus:
# enable alertmanager alerts
enabled: false
# optional additional labels for prometheusRules
# optional additionnal labels for prometheusRules
additionalLabels: {}
# optional annotations for prometheusRules
@@ -168,7 +168,7 @@ prometheus:
addressPoolExhausted:
enabled: true
labels:
severity: critical
severity: alert
addressPoolUsage:
enabled: true
@@ -181,13 +181,13 @@ prometheus:
severity: warning
- percent: 95
labels:
severity: critical
severity: alert
# MetalLBBGPSessionDown
bgpSessionDown:
enabled: true
labels:
severity: critical
severity: alert
extraAlerts: []
@@ -201,7 +201,7 @@ controller:
# webhookMode: enabled
image:
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%metallb-controller"
tag: "v0.14.9"
tag: "v0.14.8"
pullPolicy: IfNotPresent
## @param controller.updateStrategy.type Metallb controller deployment strategy type.
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
@@ -282,7 +282,7 @@ speaker:
image:
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%metallb-speaker"
tag: "v0.14.9"
tag: "v0.14.8"
pullPolicy: IfNotPresent
## @param speaker.updateStrategy.type Speaker daemonset strategy type
## ref: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/
@@ -346,7 +346,7 @@ speaker:
enabled: false
image:
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%frr"
tag: "8.5.6"
tag: "8.4"
pullPolicy: IfNotPresent
metricsPort: 7473
resources: {}
@@ -389,4 +389,4 @@ metallb-frr-k8s:
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%frr-k8s"
frr:
image:
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%frr"
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%frr"

2
metallb/_service
View File

@@ -2,7 +2,7 @@
<service name="obs_scm">
<param name="url">https://github.com/metallb/metallb</param>
<param name="scm">git</param>
<param name="revision">v0.14.9</param>
<param name="revision">v0.14.8</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>

8
metallb/metallb.spec
View File

@@ -17,8 +17,8 @@
Name: metallb
Version: 0.14.9
Release: 0.14.9
Version: 0.14.8
Release: 0.14.8
Summary: Load Balancer for bare metal Kubernetes clusters
License: Apache-2.0
URL: https://github.com/metallb/metallb
@@ -54,7 +54,7 @@ This package contains the speaker binary.
cp ./frr-tools/reloader/frr-reloader.sh frr-reloader.sh
%build
go install -v -mod vendor -buildmode=pie ./controller ./speaker ./frr-tools/metrics ./frr-tools/cp-tool
go install -v -mod vendor -buildmode=pie ./controller ./speaker ./frr-tools/metrics
mv $HOME/go/bin/metrics $HOME/go/bin/frr-metrics
%install
@@ -63,7 +63,6 @@ mkdir -p %{buildroot}%{_sbindir}/
install -D -m 0755 $HOME/go/bin/controller %{buildroot}/
install -D -m 0755 $HOME/go/bin/speaker %{buildroot}/
install -D -m 0755 $HOME/go/bin/frr-metrics %{buildroot}/
install -D -m 0755 $HOME/go/bin/cp-tool %{buildroot}/
install -D -m 0755 frr-reloader.sh %{buildroot}/
%files controller
@@ -74,7 +73,6 @@ install -D -m 0755 frr-reloader.sh %{buildroot}/
%license LICENSE
/speaker
/frr-metrics
/cp-tool
/frr-reloader.sh
%changelog

1
nm-configurator/.gitattributes vendored Normal file
View File

@@ -0,0 +1 @@
*.obscpio filter=lfs diff=lfs merge=lfs -text

Some files were not shown because too many files have changed in this diff Show More