steven.hardy/Factory
SHA256
1
0
Fork 0
forked from suse-edge/Factory
Code Pull Requests Activity

Compare commits

merge into: steven.hardy:turtles_providers_fix2
Branches Tags
steven.hardy:main steven.hardy:turtles_351 steven.hardy:rancher_nameoverride steven.hardy:turtles_providers_fix2 steven.hardy:pr_319 steven.hardy:kiwi_fix2 steven.hardy:jarndt/edge-1544 steven.hardy:arm_config steven.hardy:turtles_3.2 steven.hardy:turtles_fix_3.2 steven.hardy:turtles_upgrade_fix steven.hardy:cdi_fix steven.hardy:kubevirt_chart steven.hardy:sriov_update steven.hardy:capm3_downgrade steven.hardy:rm_capi_images steven.hardy:kiwi_fix steven.hardy:kiwi_builder steven.hardy:metal3_chart_090 steven.hardy:turtles_013 steven.hardy:rm_old_ipa steven.hardy:ipa-fix steven.hardy:kube-rbac-proxy-fix2 steven.hardy:turtles_fix steven.hardy:metal3_090 steven.hardy:metallb_rbac_proxy steven.hardy:kube-rbac-proxy-fix steven.hardy:kube_rbac_proxy steven.hardy:document-branch steven.hardy:supportlvl-macro steven.hardy:run-sync suse-edge:testing suse-edge:3.5 suse-edge:main suse-edge:3.3 suse-edge:3.4 suse-edge:amorgante-patch-1 suse-edge:3.2 suse-edge:devel
...
pull from: suse-edge:main
Branches Tags
suse-edge:testing suse-edge:3.5 suse-edge:main suse-edge:3.3 suse-edge:3.4 suse-edge:amorgante-patch-1 suse-edge:3.2 suse-edge:devel steven.hardy:main steven.hardy:turtles_351 steven.hardy:rancher_nameoverride steven.hardy:turtles_providers_fix2 steven.hardy:pr_319 steven.hardy:kiwi_fix2 steven.hardy:jarndt/edge-1544 steven.hardy:arm_config steven.hardy:turtles_3.2 steven.hardy:turtles_fix_3.2 steven.hardy:turtles_upgrade_fix steven.hardy:cdi_fix steven.hardy:kubevirt_chart steven.hardy:sriov_update steven.hardy:capm3_downgrade steven.hardy:rm_capi_images steven.hardy:kiwi_fix steven.hardy:kiwi_builder steven.hardy:metal3_chart_090 steven.hardy:turtles_013 steven.hardy:rm_old_ipa steven.hardy:ipa-fix steven.hardy:kube-rbac-proxy-fix2 steven.hardy:turtles_fix steven.hardy:metal3_090 steven.hardy:metallb_rbac_proxy steven.hardy:kube-rbac-proxy-fix steven.hardy:kube_rbac_proxy steven.hardy:document-branch steven.hardy:supportlvl-macro steven.hardy:run-sync

47 Commits
turtles_pr ... main

Author SHA256 Message Date
Denislav Prodanov
8265895273 Merge pull request 'added python-stevedore' (#392) from add-python-stevedore into main 
Reviewed-on: suse-edge/Factory#392
 2026-03-02 11:47:26 +01:00
dprodanov4
70d52b5989 added python-stevedore 2026-03-02 12:06:51 +02:00
dbw7
bfe48df6e5 update hauler from v1.2.5 to v1.4.1 (#388) 
Reviewed-on: suse-edge/Factory#388
Co-authored-by: dbw7 <danial.bekhit@suse.com>
Co-committed-by: dbw7 <danial.bekhit@suse.com>
 2026-02-26 08:39:41 +01:00
Denislav Prodanov
06490da104 Merge pull request 'Create release-manifest for 3.6.0' (#387) from dprodanov/Factory:rm-3.6.0 into main 
Reviewed-on: suse-edge/Factory#387
 2026-02-23 17:28:21 +01:00
Denislav Prodanov
e04fa2b02f Update release-manifest-image/Dockerfile 
Update release-manifest-image/release_manifest.yaml

Update release-manifest-image/release_manifest.yaml
 2026-02-23 18:09:15 +02:00
Nicolas Belouin
e317b9f6cb Merge pull request 'metal3: Fix mariadb subchart indent issue' (#383) from nbelouin/Factory:mariadb-fix into main 
Reviewed-on: suse-edge/Factory#383
Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>
 2026-02-20 13:01:51 +01:00
Nicolas Belouin
004bfd77bf Fix mariadb subchart indent issue 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
 2026-02-20 11:05:57 +01:00
Nicolas Belouin
07255b6b2e Merge pull request 'ipa-downloader-image: Fix arch specific tags' (#381) from steven.hardy/Factory:ipa_tag_fix into main 
Reviewed-on: suse-edge/Factory#381
Reviewed-by: Nicolas Belouin <nbelouin@noreply.src.opensuse.org>
 2026-02-06 14:52:21 +01:00
Steven Hardy
01896ea940 ipa-downloader-image: Fix arch specific tags 
This was missed in #373
 2026-02-06 10:41:56 +00:00
Steven Hardy
4b9c348c90 _config: prefer postgresql18-devel-mini 
To fix build issue for ironic-image
 2026-02-03 09:19:04 +00:00
Steven Hardy
b97c294a62 ironic-ipa-ramdisk: Disable MACAddressPolicy for bonds 
Related to https://gitlab.com/sylva-projects/sylva-core/-/issues/3376
 2026-02-03 09:18:38 +00:00
Alberto Morgante Medina
f2d89578ee Merge pull request 'fix-release-manifests-appsco' (#374) from amorgante/Factory:fix-release-manifests-appsco into main 
Reviewed-on: suse-edge/Factory#374
Reviewed-by: Nicolas Belouin <nbelouin@noreply.src.opensuse.org>
 2026-01-29 15:20:59 +01:00
alknopfler
b3ac01257c change the suse-storage release manifest formatting 2026-01-29 15:13:51 +01:00
alknopfler
f23f988f66 fix merge conflicts with upstream 2026-01-29 15:08:48 +01:00
Denislav Prodanov
d3f8968339 Merge pull request '[3.5.0] - test UC 0.1.3 rc1' (#365) from dprodanov/Factory:uc-0.1.3-rc1 into main 
Reviewed-on: suse-edge/Factory#365
 2026-01-20 16:09:55 +01:00
dprodanov4
805ec0a403 test rc2 2026-01-20 17:06:51 +02:00
Nicolas Belouin
9c97656992 Merge pull request 'Make wait_obs script more reliable' (#370) from nbelouin/Factory:improve_wait_obs into main 
Reviewed-on: suse-edge/Factory#370
Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>
 2026-01-19 16:25:22 +01:00
Nicolas Belouin
cee3c89e46 Merge pull request 'Update release images with 3.5 pre release run' (#369) from nbelouin/Factory:update_release_images into main 
Reviewed-on: suse-edge/Factory#369
Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>
 2026-01-19 16:24:33 +01:00
Nicolas Belouin
99a05ea424 Update release images with 3.5 pre release run 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
 2026-01-19 13:42:36 +01:00
Nicolas Belouin
0ae774cf9d Make wait_obs script more reliable 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
 2026-01-19 13:16:09 +01:00
dbw7
ccc1c66636 change to official tag 2026-01-19 10:43:37 +01:00
dbw7
90e12f7065 changes to EIB for v1.3.2-rc0 2026-01-19 10:43:37 +01:00
Steven Hardy
368609ca5c release-manifest: bump elemental-operator to 1.8.0 
The SCC elemental-register for SLM 6.2 is 1.8.0 so we should align the operator version
 2026-01-16 12:05:56 +00:00
dprodanov4
ed52d4c7a4 [3.5.0] - test UC 0.1.3 rc1 2026-01-16 13:51:56 +02:00
Denislav Prodanov
e3d2e39fa8 Merge pull request '[3.5.0] - test upgrade controller rc1' (#358) from dprodanov/Factory:upgrade-controller-rc1 into main 
Reviewed-on: suse-edge/Factory#358
 2026-01-15 13:58:45 +01:00
dprodanov4
a6b927e088 [3.5.0] - bump UC to final 0.1.2 tag 2026-01-15 14:03:14 +02:00
dprodanov4
d2da4d9a31 bump to rc2 2026-01-14 13:26:29 +02:00
Denislav Prodanov
980809a7d7 Merge pull request '[3.5.0] - update to new longhorn version' (#359) from dprodanov/Factory:appco-longhorn into main 
Reviewed-on: suse-edge/Factory#359
Reviewed-by: Nicolas Belouin <nbelouin@noreply.src.opensuse.org>
Reviewed-by: Kristian Zhelyazkov <kzhelyazkov@noreply.src.opensuse.org>
 2026-01-14 12:16:40 +01:00
Steven Hardy
eab4d9bbe3 metallb-chart: override frr-k8s kube-rbac-proxy tag 
The version we're building is 0.19.1 but the nested chart specifies
an older version
 2026-01-13 17:51:16 +00:00
dprodanov4
a2ef24e32a [3.5.0] - test upgrade controller rc1 2026-01-13 17:33:33 +02:00
dprodanov4
84e5420fad [3.5.0] - update to new longhorn version 2026-01-13 17:32:11 +02:00
Steven Hardy
1cd255c949 release-manifest: update cert-manager version 
According to https://cert-manager.io/docs/releases/ we need 1.19 for 1.34 support
 2026-01-12 11:02:37 +01:00
Steven Hardy
184c9f74fa rancher-turtles-providers: Add upstream version suffix 
Aligns with https://github.com/rancher/prime-charts/tree/dev-v2.13/charts/rancher-turtles-providers/108.0.1%2Bup0.25.1
 2026-01-09 14:30:17 +00:00
Steven Hardy
c0c01e7638 release-manifest: allow build on arm 
Although the upgrade controller flow isn't fully tested on ARM yet
it's useful to have the release manifest image available, for example
to enable developer automation which consumes the release manifest image.
 2026-01-08 14:18:40 +00:00
Steven Hardy
a6a3d2ac69 rancher-turtles: Remove rancher-turtles chart 
The rancher-turtles and rancher-turtles-airgap-resources charts
have been replaced by the rancher-integrated turtles in 2.13 and
the edge rancher-turtles-providers chart
 2026-01-07 17:19:07 +00:00
Steven Hardy
896f79e0f2 rancher-turtles-providers: tolerate existing namespaces 
On upgrade these namespaces may already exist as they are created by the
current rancher-turtles edge chart, so in this case skip namespace creation.
 2026-01-06 14:08:01 +02:00
Antonio Alonso Alarcon
a8221ba07f Merge pull request 'sriov webhooks to reload the renewed certificate.' (#348) from antaloala/Factory:edge-1759 into main 
Reviewed-on: suse-edge/Factory#348
Reviewed-by: Nicolas Belouin <nbelouin@noreply.src.opensuse.org>
 2025-12-24 00:52:05 +01:00
Antonio Alonso Alarcon
a164be3522 Adds operator-webhook-load-renewed-certs.patch to sriov-network-operator srpm 2025-12-24 00:04:52 +01:00
Antonio Alonso Alarcon
417601ec1d Adds injector-webhook-load-renewed-certs.patch to network-resources-injector srpm 2025-12-24 00:04:52 +01:00
Denislav Prodanov
e3c4a835a9 revert 70f027e7ee 
revert update to the new chart name for rancher
 2025-12-23 10:53:51 +01:00
Denislav Prodanov
3b513a60fe Merge pull request 'update to the new chart name for rancher' (#346) from dprodanov/Factory:rancher-prime into main 
Reviewed-on: suse-edge/Factory#346
 2025-12-19 12:32:23 +01:00
dprodanov4
70f027e7ee update to the new chart name for rancher 2025-12-19 13:31:49 +02:00
Denislav Prodanov
1c2f14e4d7 Merge pull request '[3.5.0] - update to prime release' (#345) from dprodanov/Factory:rancher-prime into main 
Reviewed-on: suse-edge/Factory#345
Reviewed-by: Nicolas Belouin <nbelouin@noreply.src.opensuse.org>
 2025-12-19 10:36:21 +01:00
dprodanov4
c7e34e9ae6 [3.5.0] - update to prime release 2025-12-19 11:25:54 +02:00
Denislav Prodanov
44e31d67fb Merge pull request 'update charts to use the new kubectl image' (#344) from dprodanov/Factory:kubectl-image into main 
Reviewed-on: suse-edge/Factory#344
 2025-12-19 09:46:32 +01:00
dprodanov4
6b6a65b3b0 update charts to use the new kubectl image 2025-12-19 10:43:03 +02:00
Alberto Morgante Medina
f497cf5996 add release images file to the release container 2025-07-22 09:11:55 +02:00
74 changed files with 946 additions and 20476 deletions
Expand all files Collapse all files

40
.obs/wait_obs.py
View File

@@ -6,6 +6,7 @@ import sys
from collections import Counter
def get_buildstatus(project: str) -> ET.Element:
for _ in range(5):
try:
@@ -17,8 +18,17 @@ def get_buildstatus(project: str) -> ET.Element:
continue
print("Failed to get buildstatus from OBS")
def do_wait(project:str, commit:str) -> ET.Element:
def do_wait(project: str, commit: str) -> ET.Element:
last_state = None
waiting_states = (
"blocked",
"scheduled",
"dispatching",
"building",
"signing",
"finished",
)
while True:
time.sleep(5)
status = get_buildstatus(project)
@@ -33,17 +43,25 @@ def do_wait(project:str, commit:str) -> ET.Element:
else:
last_state = status.get("state")
scminfo = { e.text for e in status.findall(".//scminfo") }
scminfo = {e.text for e in status.findall(".//scminfo")}
if len(scminfo) != 1 or scminfo.pop() != commit:
print("Waiting for OBS to sync with SCM")
continue
if not all([ e.get('state') == "published" and e.get('dirty') is None for e in status.findall("./result")]):
if not all(
[
e.get("state") == "published" # Only consider if all packages are published
and e.get("dirty") is None # Exclude states needing recalculation
and e.get("code") not in waiting_states # Exclude transient/waiting states
for e in status.findall("./result")
] + [ e.get("code") not in waiting_states for e in status.findall("./status") ]
):
print("Waiting for OBS to finish building")
continue
return status
def print_results(status: ET.Element) -> bool:
results = {}
failed = []
@@ -51,15 +69,15 @@ def print_results(status: ET.Element) -> bool:
repo = results.get(e.get("repository"), {})
repo[e.get("arch")] = e
results[e.get("repository")] = repo
for repo in results.keys():
print(f"{repo}:")
depth=1
depth = 1
for arch in results[repo].keys():
counts = Counter()
if repo != "charts":
print(f"\t{arch}:")
depth=2
depth = 2
for package in results[repo][arch].findall("./status"):
if package.get("code") in ["excluded", "disabled"]:
continue
@@ -70,9 +88,9 @@ def print_results(status: ET.Element) -> bool:
else:
failed.append(f"{package.get('package')} ({arch})")
counts[package.get("code")] += 1
for (code, count) in counts.items():
print("\t"*depth, f"{code}: {count}")
for code, count in counts.items():
print("\t" * depth, f"{code}: {count}")
failed.sort()
if failed:
print("\nPackages failing: ")
@@ -80,6 +98,7 @@ def print_results(status: ET.Element) -> bool:
print("\t", fail)
return len(failed)
def main():
project = os.environ.get("OBS_PROJECT")
sha = os.environ.get("GIT_SHA")
@@ -87,5 +106,6 @@ def main():
status = do_wait(project, sha)
sys.exit(print_results(status))
if __name__ == "__main__":
main()

7
_config
View File

@@ -1,7 +1,7 @@
Prefer: -libqpid-proton10 -python313-urllib3_1
Prefer: -cargo1.58 -cargo1.57 cargo1.89
Prefer: chrony-pool-suse
Prefer: -postgresql17-devel-mini
Prefer: -postgresql18-devel-mini
BuildFlags: excludebuild:python-pandas:test-py313
@@ -71,11 +71,10 @@ BuildFlags: onlybuild:release-manifest-image
BuildFlags: excludebuild:frr-image
BuildFlags: excludebuild:frr-k8s
BuildFlags: excludebuild:frr-k8s-image
# Upgrade controller
BuildFlags: excludebuild:release-manifest-image
BuildFlags: excludebuild:upgrade-controller
BuildFlags: excludebuild:upgrade-controller-image
BuildFlags: excludebuild:upgrade-controller-image
%endif
%endif

8
edge-image-builder-image/Dockerfile
View File

@@ -1,5 +1,5 @@
#!BuildTag: %%IMG_PREFIX%%edge-image-builder:1.3.1
#!BuildTag: %%IMG_PREFIX%%edge-image-builder:1.3.1-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%edge-image-builder:1.3.2
#!BuildTag: %%IMG_PREFIX%%edge-image-builder:1.3.2-%RELEASE%
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-base:$SLE_VERSION
MAINTAINER SUSE LLC (https://www.suse.com/)
@@ -14,11 +14,11 @@ RUN zypper --non-interactive install --no-recommends edge-image-builder qemu-x86
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE edge-image-builder Container Image"
LABEL org.opencontainers.image.description="edge-image-builder based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="1.3.1"
LABEL org.opencontainers.image.version="1.3.2"
LABEL org.opencontainers.image.url="https://www.suse.com/products/server/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%edge-image-builder:1.3.1-%RELEASE%"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%edge-image-builder:1.3.2-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
LABEL com.suse.eula="SUSE Combined EULA February 2024"

8
edge-image-builder/_service
View File

@@ -3,13 +3,17 @@
<param name="url">https://github.com/suse-edge/edge-image-builder.git</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
<param name="revision">v1.3.1</param>
<param name="revision">v1.3.2</param>
<!-- Uncomment and set this For Pre-Release Version -->
<!-- <param name="version">1.3.1</param> -->
<!-- <param name="version">1.3.2~rc0</param> -->
<!-- End Here -->
<!-- Uncomment and this for regular version -->
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(\d+).(\d+).(\d+)</param>
<param name="versionrewrite-replacement">\1.\2.\3</param>
<!-- End Here -->
<param name="changesgenerate">enable</param>
</service>
<service mode="buildtime" name="tar">

2
edge-image-builder/edge-image-builder.spec
View File

@@ -17,7 +17,7 @@
Name: edge-image-builder
Version: 1.3.1
Version: 1.3.2
Release: 0
Summary: Edge Image Builder
License: Apache-2.0

2
hauler/_service
View File

@@ -4,7 +4,7 @@
<param name="versionformat">@PARENT_TAG@</param>
<param name="scm">git</param>
<param name="exclude">.get</param>
<param name="revision">v1.2.5</param>
<param name="revision">v1.4.1</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
</service>

3
hauler/hauler.spec
View File

@@ -18,13 +18,14 @@
%define project github.com/hauler-dev/hauler
Name: hauler
Version: 1.2.5
Version: 1.4.1
Release: 0
Summary: Airgap Swiss Army Knife
License: Apache-2.0
URL: https://github.com/hauler-dev/hauler
Source: hauler-%{version}.tar
Source1: vendor.tar.gz
BuildRequires: golang(API) = 1.25
BuildRequires: golang-packaging
%description

8
ironic-ipa-downloader-image/Dockerfile
View File

@@ -1,6 +1,6 @@
# SPDX-License-Identifier: Apache-2.0
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.10
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.10-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.11
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader:3.0.11-%RELEASE%
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
@@ -16,11 +16,11 @@ FROM micro AS final
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE Based Ironic IPA Downloader Container Image"
LABEL org.opencontainers.image.description="ironic-ipa-downloader based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="3.0.10"
LABEL org.opencontainers.image.version="3.0.11"
LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.10-%RELEASE%"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.11-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
LABEL com.suse.eula="SUSE Combined EULA February 2024"

8
ironic-ipa-downloader-image/Dockerfile.aarch64
View File

@@ -1,6 +1,6 @@
# SPDX-License-Identifier: Apache-2.0
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-aarch64:3.0.10
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-aarch64:3.0.10-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-aarch64:3.0.11
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-aarch64:3.0.11-%RELEASE%
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
@@ -16,11 +16,11 @@ FROM micro AS final
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE Based Ironic IPA Downloader Container Image"
LABEL org.opencontainers.image.description="ironic-ipa-downloader based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="3.0.10"
LABEL org.opencontainers.image.version="3.0.11"
LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.10-%RELEASE%"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.11-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
LABEL com.suse.eula="SUSE Combined EULA February 2024"

8
ironic-ipa-downloader-image/Dockerfile.x86_64
View File

@@ -1,6 +1,6 @@
# SPDX-License-Identifier: Apache-2.0
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-x86_64:3.0.10
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-x86_64:3.0.10-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-x86_64:3.0.11
#!BuildTag: %%IMG_PREFIX%%ironic-ipa-downloader-x86_64:3.0.11-%RELEASE%
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
@@ -16,11 +16,11 @@ FROM micro AS final
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE Based Ironic IPA Downloader Container Image"
LABEL org.opencontainers.image.description="ironic-ipa-downloader based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="3.0.10"
LABEL org.opencontainers.image.version="3.0.11"
LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.10-%RELEASE%"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.11-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
LABEL com.suse.eula="SUSE Combined EULA February 2024"

2
ironic-ipa-ramdisk/ironic-ipa-ramdisk.spec
View File

@@ -19,7 +19,7 @@
Name: ironic-ipa-ramdisk
Version: 3.0.8
Version: 3.0.9
Release: 0
Summary: Kernel and ramdisk image for OpenStack Ironic
License: SUSE-EULA

5
ironic-ipa-ramdisk/root/etc/systemd/network/98-default.link Normal file
View File

@@ -0,0 +1,5 @@
[Match]
Driver=bonding bridge
[Link]
MACAddressPolicy=none

10
metal3-chart/Chart.yaml
View File

@@ -1,5 +1,5 @@
#!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.21_up0.13.0
#!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.21_up0.13.0-%RELEASE%
#!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.23_up0.13.1
#!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.23_up0.13.1-%RELEASE%
apiVersion: v2
appVersion: 0.13.0
dependencies:
@@ -10,12 +10,12 @@ dependencies:
- alias: metal3-ironic
name: ironic
repository: file://./charts/ironic
version: 0.12.1
version: 0.12.2
- alias: metal3-mariadb
condition: global.enable_mariadb
name: mariadb
repository: file://./charts/mariadb
version: 0.6.2
version: 0.6.3
- alias: metal3-media
condition: global.enable_metal3_media_server
name: media
@@ -25,4 +25,4 @@ description: A Helm chart that installs all of the dependencies needed for Metal
icon: https://github.com/cncf/artwork/raw/master/projects/metal3/icon/color/metal3-icon-color.svg
name: metal3
type: application
version: "%%CHART_MAJOR%%.0.21+up0.13.0"
version: "%%CHART_MAJOR%%.0.23+up0.13.1"

2
metal3-chart/charts/ironic/Chart.yaml
View File

@@ -3,4 +3,4 @@ appVersion: 32.0.0
description: A Helm chart for Ironic, used by Metal3
name: ironic
type: application
version: 0.12.1
version: 0.12.2

2
metal3-chart/charts/ironic/values.yaml
View File

@@ -68,7 +68,7 @@ images:
ironicIPADownloader:
repository: registry.opensuse.org/isv/suse/edge/metal3/containers/images/ironic-ipa-downloader
pullPolicy: IfNotPresent
tag: 3.0.10
tag: 3.0.11
nameOverride: ""
fullnameOverride: ""

2
metal3-chart/charts/mariadb/Chart.yaml
View File

@@ -3,4 +3,4 @@ appVersion: "11.8"
description: A Helm chart for MariaDB, used by Metal3
name: mariadb
type: application
version: 0.6.2
version: 0.6.3

12
metal3-chart/charts/mariadb/templates/deployment.yaml
View File

@@ -20,7 +20,7 @@ spec:
labels:
{{- include "mariadb.selectorLabels" . | nindent 8 }}
spec:
{{- $volmounts := toYaml .Values.volumeMounts | trim | nindent 12 }}
{{- $volmounts := toYaml .Values.volumeMounts | trim | nindent 10 }}
{{- $volumes := toYaml .Values.volumes | trim | nindent 8 }}
serviceAccountName: {{ include "mariadb.serviceAccountName" . }}
securityContext:
@@ -103,11 +103,11 @@ spec:
successThreshold: 1
timeoutSeconds: 10
volumeMounts:
- name: mariadb-conf
mountPath: /etc/mysql/conf.d
- name: mariadb-run
mountPath: /run/mysql
{{- $volmounts }}
- name: mariadb-conf
mountPath: /etc/mysql/conf.d
- name: mariadb-run
mountPath: /run/mysql
{{- $volmounts }}
{{- with .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}

1
metallb-chart/values.yaml
View File

@@ -384,6 +384,7 @@ metallb-frr-k8s:
prometheus:
rbacProxy:
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%kube-rbac-proxy"
tag: "0.19.1"
frrk8s:
image:
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%frr-k8s"

39
network-resources-injector/injector-webhook-load-renewed-certs.patch Normal file
View File

@@ -0,0 +1,39 @@
diff --git a/cmd/webhook/main.go b/cmd/webhook/main.go
index 1c8f418..b21de81 100644
--- a/cmd/webhook/main.go
+++ b/cmd/webhook/main.go
@@ -121,7 +121,7 @@ func main() {
// initialize webhook with controlSwitches
webhook.SetControlSwitches(controlSwitches)
- //initialize webhook with cache
+ // initialize webhook with cache
netAnnotationCache := netcache.Create()
netAnnotationCache.Start()
webhook.SetNetAttachDefCache(netAnnotationCache)
@@ -192,11 +192,10 @@ func main() {
certUpdated := false
keyUpdated := false
+ watcher.Add(*cert)
+ watcher.Add(*key)
for {
- watcher.Add(*cert)
- watcher.Add(*key)
-
select {
case event, ok := <-watcher.Events:
if !ok {
@@ -209,9 +208,11 @@ func main() {
glog.V(2).Infof("modified file: %v", event.Name)
if event.Name == *cert {
certUpdated = true
+ watcher.Add(*cert)
}
if event.Name == *key {
keyUpdated = true
+ watcher.Add(*key)
}
if keyUpdated && certUpdated {
if err := keyPair.Reload(); err != nil {

3
network-resources-injector/network-resources-injector.spec
View File

@@ -24,6 +24,9 @@ License: Apache-2.0
URL: https://github.com/k8snetworkplumbingwg/network-resources-injector
Source: %{name}-%{version}.tar
Source1: vendor.tar.gz
# Patch1 below backports changes from PR#187 (https://github.com/k8snetworkplumbingwg/network-resources-injector/pull/187);
# to be removed once bumping (>= v1.9.0 upstream)
Patch1: injector-webhook-load-renewed-certs.patch
BuildRequires: golang(API) = 1.24
ExcludeArch: s390
ExcludeArch: %{ix86}

589
python-stevedore/python-stevedore.changes Normal file
View File

@@ -0,0 +1,589 @@
-------------------------------------------------------------------
Thu Feb 26 08:29:25 UTC 2026 - Dirk Müller <dmueller@suse.com>
- update to 5.7.0:
* Add typing classifier
* Enable logging related ruff checks
* Run mypy from tox
* Delay string interpolations at logging calls
* Remove reference to tag framework
-------------------------------------------------------------------
Fri Nov 28 11:39:44 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to 5.6.0
* Deprecate warn_on_missing_entrypoint parameter
* Add py.typed file
* Unskip test
* Add conflict resolution support
* Make better use of super
* typing: Remove use of _init_attributes (2/2)
* typing: Remove use of _init_attributes (1/2)
* typing: Remove unnecessary method subclass
* docs: Update to use pyproject.toml
* tests: Trivial fixups
* Remove unnecessary type docstring field lists
* typing: Add hints to tests
* typing: Make better use of ParamSpec
* typing: Add initial type hints
* Deprecate verify_requirements flag
* Remove use of mutable default param
* trivial: Remove references to importlib_metadata
* Enable ruff, ruff-format
* Apply ruff, ruff-format
* docs: Remove cruft from configuration files
* pre-commit: Bump versions
* reno: Update master for unmaintained/2024.1
* Bump pyupgrade target to 3.10+
* Migrate bandit options to pyproject.toml
* pre-commit: Bump dependencies
* Migrate setup configuration to pyproject.toml
* Drop Python 3.9 support
* Update master for stable/2025.2
- Remove empty file stevedore/tests/extension_unimportable.py
-------------------------------------------------------------------
Fri Sep 26 08:53:06 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to 5.5.0
* Support for Python 3.9 has been removed. Now the minimum
python version supported is 3.10.
-------------------------------------------------------------------
Wed Mar 19 11:18:35 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to 5.4.1
* Skip installation to speed up pep8
* reno: Update master for unmaintained/2023.1
- Use Python 3.11 on SLE-15 by default
-------------------------------------------------------------------
Wed Nov 20 18:00:14 UTC 2024 - Dirk Müller <dmueller@suse.com>
- update to 5.4.0:
* Add note about requirements lower bounds
* Remove Python 3.8 support
* Run pyupgrade to clean up Python 2 syntaxes
* Declare Python 3.12 support
-------------------------------------------------------------------
Sun Sep 8 13:10:08 UTC 2024 - Dirk Müller <dmueller@suse.com>
- update to 5.3.0:
* reno: Update master for unmaintained/zed
* Remove old excludes
* Update master for stable/2024.1
* reno: Update master for unmaintained/xena
* reno: Update master for unmaintained/wallaby
* reno: Update master for unmaintained/victoria
-------------------------------------------------------------------
Thu Mar 14 08:58:07 UTC 2024 - Dirk Müller <dmueller@suse.com>
- update to 5.2.0:
* Update python classifier in setup.cfg
* Update master for stable/2023.2
-------------------------------------------------------------------
Thu Jan 4 22:44:54 UTC 2024 - Dirk Müller <dmueller@suse.com>
- switch to singlespec to get multipe flavors
-------------------------------------------------------------------
Thu Jun 15 20:17:05 UTC 2023 - cloud-devel@suse.de
- update to version 5.1.0
- Moves supported python runtimes from version 3.8 to 3.10
- Catch NotADirectoryError error
- Update master for stable/2023.1
- Revert "Moves supported python runtimes from version 3.8 to 3.10"
-------------------------------------------------------------------
Tue Mar 7 07:00:56 UTC 2023 - cloud-devel@suse.de
- update to version 5.0.0
- Remove Extension.extras
-------------------------------------------------------------------
Mon Jan 2 09:13:37 UTC 2023 - cloud-devel@suse.de
- update to version 4.1.1
- Update master for stable/yoga
- Fix remaining logic to support Python 3.6/7
- Fix compatibility with Python 3.12, importlib-metadata 5.0
- Order old importlib-metadata results by group
- Drop python3.6/3.7 support in testing runtime
- Add Python3 antelope unit tests
- Add Python3 zed unit tests
- Update master for stable/zed
- remove unicode from code
- Fix compatibility with Python 3.10, 3.9.11
-------------------------------------------------------------------
Tue Jun 7 11:05:28 UTC 2022 - cloud-devel@suse.de
- update to version 3.5.0
- Add Python3 yoga unit tests
- Rely on member access, the preferred access since importlib_metadata 4.8.
- Update master for stable/xena
-------------------------------------------------------------------
Tue May 24 21:43:19 UTC 2022 - Dirk Müller <dmueller@suse.com>
- remove unneeded dependencies
-------------------------------------------------------------------
Mon May 9 11:01:35 UTC 2022 - Dirk Müller <dmueller@suse.com>
- skip test that fails with python 3.10
-------------------------------------------------------------------
Mon Dec 6 09:24:24 UTC 2021 - cloud-devel@suse.de
- update to version 3.4.0
- Use TOX_CONSTRAINTS_FILE
- Update master for stable/wallaby
- setup.cfg: Replace dashes with underscores
- Add Python3 xena unit tests
- Move flake8 as a pre-commit local target.
- Remove lower-constraints remnants
- Dropping lower constraints testing
- Fix formatting of release list
-------------------------------------------------------------------
Sun May 2 17:26:02 UTC 2021 - cloud-devel@suse.de
- update to version 3.3.0
- Add Python3 wallaby unit tests
- Fix cache dir flooding when running from /tmp
- Use py3 as the default runtime for tox
- Adding pre-commit
- Update master for stable/victoria
-------------------------------------------------------------------
Fri Oct 9 19:19:31 UTC 2020 - cloud-devel@suse.de
- update to version 3.2.2
- Drop Python 2.7 support
- sphinxext: fix warning message for detailed list
- Switch to newer openstackdocstheme and reno versions
- Replace external mock with built-in unittest.mock
- Remove Travis CI config
- switch to importlib.metadata package
- fix supported python versions in documentation
- Add Python3 victoria unit tests
- add release note before major version update
- add property methods to extension for more entry point values
- Stop to use the __future__ module.
- Remove dead files
- Mark sphinx extensions thread safe
- Update master for stable/ussuri
- Fix the bug 1892610. There're some syntax errors in the comment of stevedore code.
-------------------------------------------------------------------
Tue May 12 10:04:04 UTC 2020 - cloud-devel@suse.de
- update to version 1.32.0
- Update the constraints url
- Update master for stable/train
- Blacklist sphinx 2.1.0 (autodoc bug)
- Switch to Ussuri jobs
-------------------------------------------------------------------
Sat Mar 14 12:03:03 UTC 2020 - Dirk Mueller <dmueller@suse.com>
- switch to python 3.x only builds
-------------------------------------------------------------------
Wed Oct 9 12:44:45 UTC 2019 - cloud-devel@suse.de
- update to version 1.31.0
- add python 3.7 unit test job
- Dropping the py35 testing
- Delete repeated param description.
- Update master for stable/stein
- Add local bindep.txt
- update git.openstack.org to opendev
- OpenDev Migration Patch
- Add Python 3 Train unit tests
- Cap Bandit below 1.6.0 and update Sphinx requirement
-------------------------------------------------------------------
Mon Apr 8 14:03:43 UTC 2019 - cloud-devel@suse.de
- update to version 1.30.1
- add lib-forward-testing-python3 test job
- Update doc/conf.py to avoid warnings with sphinx 1.8
- Removed older version of python added 3.5
- Change openstack-dev to openstack-discuss
- Update reno for stable/rocky
- Use template for lower-constraints
- add python 3.6 unit test job
- Update sphinx logging to not use app object
- fix wrong link
- import zuul job settings from project-config
-------------------------------------------------------------------
Tue Jan 22 09:30:35 UTC 2019 - Dirk Mueller <dmueller@suse.com>
- break build cycle with stestr (bsc#1121610)
------------------------------------------------------------------
Wed Sep 19 21:55:25 UTC 2018 - cloud-devel@suse.de
- update to version 1.29.0
- set default python to python3
- fix tox python3 overrides
- Remove unnecessary py27 testenv
- Update reno for stable/queens
- Update links in README
- Trivial: Update pypi url to new url
- Switch to stestr
- Follow the new PTI for document build
- Updated from global requirements
- add lower-constraints job
-------------------------------------------------------------------
Mon Jan 15 12:05:24 UTC 2018 - cloud-devel@suse.de
- update to version 1.28.0
- move doc requirements to doc/requirements.txt
- Remove -U from pip install
- add bandit to pep8 job
- Update reno for stable/pike
- Remove setting of version/release from releasenotes
- Add an ExtensionManager.items() method
- Make openstackdocstheme an optional doc dependency
- Avoid tox_install.sh for constraints support
- Move reno to optional docs requirements
- Remove duplicate optional requirement
- Remove Pillow from test-requirements
- Updated from global requirements
-------------------------------------------------------------------
Thu Oct 26 16:51:43 UTC 2017 - toddrme2178@gmail.com
- Provide python2-stevedore for compatibility with single-spec
macros.
-------------------------------------------------------------------
Tue Aug 22 11:14:05 UTC 2017 - cloud-devel@suse.de
- update to version 1.25.0
- move documentation into the new standard layout
- Remove 'run_sphinx' script
- Remove unused doc/requirements.txt
- turn on warning-is-error for doc build
- Mark as Production/Stable instead of Alpha
- Remove oslotest from test-requirements
- Update URLs in documents according to document migration
- fix setuptools url
- Remove support for py34
- Update reno for stable/ocata
- Updated from global requirements
- switch from oslosphinx to openstackdocstheme
-------------------------------------------------------------------
Tue Aug 22 11:11:52 UTC 2017 - cloud-devel@suse.de
- update to version 1.20.1
- Update UPPER_CONSTRAINTS_FILE for stable/ocata
- Updated from global requirements
- Update .gitreview for stable/ocata
-------------------------------------------------------------------
Fri Feb 10 14:23:46 UTC 2017 - cloud-devel@suse.de
- update to version 1.20.0:
- extension: add entry_point_names method
- Add Constraints support
- Fix typos in exception.py
- Updated from global requirements
- extension: expose _find_entry_points as list_entry_points
- Show team and repo badges on README
- Remove reference to non-existing page
- Allow suppression of warnings from DriverManager
- Add Apache 2.0 license to source file
- Add reno for release notes management
- Broken link at stevedore developer documentation
-------------------------------------------------------------------
Sun Oct 2 16:14:46 UTC 2016 - dmueller@suse.com
- add source service to rpm-packaging and refresh
-------------------------------------------------------------------
Tue Aug 30 19:26:08 UTC 2016 - tbechtold@suse.com
- update to 1.17.1:
* do not emit warnings for missing hooks
* Remove discover from test-requirements
* make error reporting for extension loading quieter
* Add Python 3.5 classifier and venv
* Replace assertEquals() with assertEqual()
-------------------------------------------------------------------
Wed Jul 20 10:14:11 UTC 2016 - tbechtold@suse.com
- update to 1.16.0:
* Fix NamedExtensionManager fails when loading failing extension in order
* Remove irrelated output item
* Fix broken link about setuptools entry points
* NamedExtensionManager: call a callback when some names cannot be found
* Updated from global requirements
* Trivial: ignore openstack/common in flake8 exclude list
* dont claim copyright for future years
- Use pypi.io for Source url
-------------------------------------------------------------------
Thu Apr 21 07:07:35 UTC 2016 - tbechtold@suse.com
- update to 1.12.0:
* Add a reference to entry_point_inspector
* Updated from global requirements
* Trival:Remove unused logging import
* Remove work around for NullHandler
* remove unnecessary dependency on argparse
* Use Stevedore exceptions for finding extensions
* Clean up Python 2.6 related stuff
* Updated from global requirements
* Remove Python 2.6 classifier
* cleanup tox.ini
* Updated from global requirements
* docs - Set pbr 'warnerrors' option for doc build
* Add clarifying language to description of scanning for plugins
* clean up default tox environment list
* Show how to add a plugin in a separate package
* replace the hard-coded history list with an auto-generated one
* Fix spelling typo for maunal
* Updated from global requirements
* Examples typo fix
- Enable tests during build
-------------------------------------------------------------------
Wed Mar 9 10:36:59 UTC 2016 - bwiedemann@suse.com
- use the year from changelog instead of current one
to make reproducible rpms
-------------------------------------------------------------------
Wed Sep 9 06:48:12 UTC 2015 - tbechtold@suse.com
- update to 1.8.0:
* Updated from global requirements
-------------------------------------------------------------------
Mon Aug 31 13:54:58 UTC 2015 - tbechtold@suse.com
- update to 1.7.0:
* Updated from global requirements
* Titlecase looks nicer sometimes in detailed mode
* Update homepage to openstack hosted docs page
-------------------------------------------------------------------
Fri Jul 17 05:48:21 UTC 2015 - tbechtold@suse.com
- update to 1.6.0:
* Document the signature for check_func
* Updated from global requirements
* Switch badges from 'pypip.in' to 'shields.io'
* Remove unnecessary openstack-common.conf
-------------------------------------------------------------------
Tue Jun 16 10:25:06 UTC 2015 - tbechtold@suse.com
- update to 1.5.0:
* Removed non-free color profile from .jpg
* Add sphinx integration
* Updated from global requirements
* Fix Python versions supported
* Remove run_cross_tests.sh
* fix author contact details
* re-raise exception with full traceback
* Uncap library requirements for liberty
* Add pypi download + version badges
* Updated from global requirements
-------------------------------------------------------------------
Mon Mar 30 06:16:47 UTC 2015 - tbechtold@suse.com
- update to 1.3.0:
* Updated from global requirements
* Fix test for finding multiple drivers
* ignore .testrepository directory created by testr
* clean up default environments run by tox
- Adjust Requires according to requirements.txt
-------------------------------------------------------------------
Tue Feb 24 13:32:03 UTC 2015 - tbechtold@suse.com
- update to 1.2.0:
* Use pkg_resources resolve(
* Fix the README.rst file format for pypi
* Workflow documentation is now in infra-manual
* Implement a __contains__ override for extension manager
* Update link to docs in README
* Bring doc build up to standard
-------------------------------------------------------------------
Tue Oct 28 09:09:50 UTC 2014 - dmueller@suse.com
- update to 1.1.0:
* Add pbr to dependency list
* Updated from global requirements
* Add more detail to the README
* Migrate tox to use testr
* Update repository location in docs
-------------------------------------------------------------------
Tue Sep 23 07:21:10 UTC 2014 - dmueller@suse.com
- add python-argparse dependency
-------------------------------------------------------------------
Sun Sep 21 20:03:38 UTC 2014 - tbechtold@suse.com
- Add missing python-six Requires
-------------------------------------------------------------------
Fri Sep 19 07:28:33 UTC 2014 - dmueller@suse.com
- update to 1.0:
* Updated from global requirements
* Fix incorrect image reference in documentation
* Fix requirement handling in tox
* Updated from global requirements
* use six.add_metaclass
* Updated from global requirements
* driver: raise by default on import failure
* Add doc requirements to venv environ
* Import run_cross_tests.sh from oslo-incubator
* fix link to entry point docs
-------------------------------------------------------------------
Fri Mar 28 08:27:45 UTC 2014 - speilicke@suse.com
- Update to version 0.15:
* Only log error when no load handler is set
* Update readme with links to bug tracker and source
* Update .gitreview after moving the repository
-------------------------------------------------------------------
Thu Feb 13 08:55:12 UTC 2014 - speilicke@suse.com
- Update to version 0.14.1:
+ Fix the test manager implementation
- Changes from version 0.14.0t
+ Make requirements checking optional
+ Update docstrings
+ Allow a on_load_failure_callback to be provided
+ deprecate TestExtensionManager
-------------------------------------------------------------------
Mon Dec 2 12:26:36 UTC 2013 - dmueller@suse.com
- update to 0.13:
* Update documentation to refer to setuptools instead of distribute.
* Add pypy to the list of default test configurations.
* Include a work-around to avoid a cpython bug with atexit
* Deprecate TestExtensionManager and replace with make_test_instance()
class method to provide test classes that behave more like the
production class, while still allowing the extensions to be injected
for testing
* Fixes an exception when reporting on an error where multiple
drivers have the same name
* Switch packaging to use pbr.
-------------------------------------------------------------------
Mon Sep 2 15:37:00 UTC 2013 - dmueller@suse.com
- update to 0.11:
* Fixes logging configuration under Python 2.6 with a NullHandler
-------------------------------------------------------------------
Thu Jul 11 14:15:40 UTC 2013 - dmueller@suse.com
- update to 0.10:
- Adds ``propagate_map_exceptions`` parameter to all of the extension
managers which specifies whether exceptions are propagated up
through the map call or logged and then ignored. The default is to
preserve the current behavior of logging and ignoring exceptions.
- remove python-2.6.x.diff
-------------------------------------------------------------------
Fri Jun 21 07:52:49 UTC 2013 - dmueller@suse.com
- add python-2.6.x.diff:
* fix build on python 2.6
-------------------------------------------------------------------
Mon Jun 17 13:48:35 UTC 2013 - speilicke@suse.com
- Update to version 0.9.1:
+ Add name_order parameter to NamedExtensionManager to coerce map() into
processing the extensions in the order they are named when the manager is
created, instead of the random order they may have been loaded.
+ Change the NamedDispatchExtensionManager to ignore missing extensions
(issue 14).
+ Add __getitem__ to ExtensionManager for looking up individual plugins by
name (issue 15).
+ Start working on the tutorial, Using Stevedore in Your Application.
- Drop semantic versioning hack
- Build HTML documentation
-------------------------------------------------------------------
Wed May 29 12:31:00 UTC 2013 - dmueller@suse.com
- add compatibility provides of 0.8.0 version
* needed for other packages that generate the version from
* PyPi (where this is fetched when fetching 0.8.0)
-------------------------------------------------------------------
Sat Jan 5 10:47:11 UTC 2013 - alexandre@exatati.com.br
- Update to 0.8:
- Ignore AssertionError exceptions generated when plugins are
loaded.
- Update :class:`~stevedore.named.NamedExtensionManager` to check
the name of a plugin before loading its code to avoid importing
anything we are not going to use.
-------------------------------------------------------------------
Tue Dec 4 00:44:32 UTC 2012 - alexandre@exatati.com.br
- Update to 0.7.2:
- Fix logging support for Python 2.6.
- Aditional changes from 0.7.1:
- Fix an issue with logging configuration.
- Aditional changes from 0.7:
- Add memoization to the entrypoint scanning code in
stevedore.extension.ExtensionManager to avoid performance issues
in situations where lots of managers are instantiated with the
same namespace argument.
-------------------------------------------------------------------
Wed Nov 21 14:31:50 UTC 2012 - saschpe@suse.de
- Install LICENSE, README.rst and HTML documentation
-------------------------------------------------------------------
Mon Oct 29 17:17:21 UTC 2012 - alexandre@exatati.com.br
- Update to 0.6:
- Change the stevedore.enabled.EnabledExtensionManager to load
the extension before calling the check function so the plugin
can be asked if it should be enabled.
- Aditional changes from 0.5:
- Add stevedore.tests.manager.TestExtensionManager for writing
tests for classes that use extension managers.
-------------------------------------------------------------------
Sun Sep 16 22:01:30 UTC 2012 - alexandre@exatati.com.br
- Update to 0.4:
- Removed the name argument to plugin constructors.
- Added driver property to stevedore.driver.DriverManager.
-------------------------------------------------------------------
Sun Aug 19 06:08:00 UTC 2012 - alexandre@exatati.com.br
- Initial package (0.3) for openSUSE.

79
python-stevedore/python-stevedore.spec Normal file
View File

@@ -0,0 +1,79 @@
#
# spec file for package python-stevedore
#
# Copyright (c) 2026 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%{?sle15_python_module_pythons}
Name: python-stevedore
Version: 5.7.0
Release: 0
Summary: Manage dynamic plugins for Python applications
License: Apache-2.0
URL: https://docs.openstack.org/stevedore/latest/
Source: https://files.pythonhosted.org/packages/source/s/stevedore/stevedore-%{version}.tar.gz
BuildRequires: %{python_module pbr >= 2.0.0}
BuildRequires: %{python_module pip}
BuildRequires: %{python_module setuptools}
BuildRequires: %{python_module wheel}
BuildRequires: python-rpm-macros
# SECTION test requirements
BuildRequires: %{python_module Sphinx >= 2.0.0}
BuildRequires: %{python_module pytest}
BuildRequires: %{python_module testtools}
# /SECTION
BuildRequires: fdupes
Requires: python-importlib-metadata
Requires: python-pbr
%if "%{?python_provides}" == "python3"
Provides: python3-stevedore = %{version}
Obsoletes: python3-stevedore < 5.6.0
%endif
BuildArch: noarch
%python_subpackages
%description
Python makes loading code dynamically easy, allowing you to configure
and extend your application by discovering and loading extensions
(plugins) at runtime. Many applications implement their own
library for doing this, using ``__import__`` or ``importlib``.
stevedore avoids creating yet another extension
mechanism by building on top of setuptools entry points. The code
for managing entry points tends to be repetitive, though, so stevedore
provides manager classes for implementing common patterns for using
dynamically loaded extensions.
%prep
%autosetup -p1 -n stevedore-%{version}
# Remove empty file stevedore/tests/extension_unimportable.py
rm stevedore/tests/extension_unimportable.py
%build
%pyproject_wheel
%install
%pyproject_install
%python_expand %fdupes %{buildroot}%{$python_sitelib}
%check
%pytest
%files %{python_files}
%doc AUTHORS ChangeLog README.rst
%license LICENSE
%{python_sitelib}/stevedore
%{python_sitelib}/stevedore-%{version}.dist-info
%changelog

BIN
python-stevedore/stevedore-5.7.0.tar.gz LFS Normal file
View File

Binary file not shown.

10
rancher-turtles-airgap-resources-chart/Chart.yaml
View File

@@ -1,10 +0,0 @@
#!BuildTag: %%CHART_PREFIX%%rancher-turtles-airgap-resources:%%CHART_MAJOR%%.0.7_up0.24.3
#!BuildTag: %%CHART_PREFIX%%rancher-turtles-airgap-resources:%%CHART_MAJOR%%.0.7_up0.24.3-%RELEASE%
apiVersion: v2
appVersion: 0.24.3
description: Rancher Turtles utility chart for airgap scenarios
home: https://github.com/rancher/turtles/
icon: https://raw.githubusercontent.com/rancher/turtles/main/logos/capi.svg
name: rancher-turtles-airgap-resources
type: application
version: "%%CHART_MAJOR%%.0.7+up0.24.3"

33
rancher-turtles-airgap-resources-chart/README.md
View File

@@ -1,33 +0,0 @@
# Deploy Rancher Turtles in airgapped scenarios
To simplify deployment of the suse-edge rancher-turtles wrapper chart in airgapped scenarios
this chart deploys the corresponding ConfigMap resources, as described in the
[Rancher Turtles Documentation](https://turtles.docs.rancher.com/getting-started/air-gapped-environment)
In addition to installing the chart, it will be necessary to adjust the rancher-turtles chart values:
```
cluster-api-operator:
cluster-api:
core:
fetchConfig:
selector: "{\"matchLabels\": {\"provider-components\": \"core\"}}"
rke2:
bootstrap:
fetchConfig:
selector: "{\"matchLabels\": {\"provider-components\": \"rke2-bootstrap\"}}"
controlPlane:
fetchConfig:
selector: "{\"matchLabels\": {\"provider-components\": \"rke2-control-plane\"}}"
metal3:
infrastructure:
fetchConfig:
selector: "{\"matchLabels\": {\"provider-components\": \"metal3\"}}"
ipam:
fetchConfig:
selector: "{\"matchLabels\": {\"provider-components\": \"metal3ipam\"}}"
fleet:
addon:
fetchConfig:
selector: "{\"matchLabels\": {\"provider-components\": \"fleet\"}}"
```

10
rancher-turtles-airgap-resources-chart/_service
View File

@@ -1,10 +0,0 @@
<services>
<service mode="buildtime" name="kiwi_metainfo_helper"/>
<service name="replace_using_env" mode="buildtime">
<param name="file">Chart.yaml</param>
<param name="eval">CHART_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?chart_prefix})</param>
<param name="var">CHART_PREFIX</param>
<param name="eval">CHART_MAJOR=$(rpm --macros=/root/.rpmmacros -E %{?chart_major})</param>
<param name="var">CHART_MAJOR</param>
</service>
</services>

65
rancher-turtles-airgap-resources-chart/templates/airgap-cm-core.yaml
View File

File diff suppressed because one or more lines are too long

899
rancher-turtles-airgap-resources-chart/templates/airgap-cm-fleet-addon.yaml
View File

@@ -1,899 +0,0 @@
apiVersion: v1
data:
components: |
apiVersion: v1
kind: Namespace
metadata:
labels:
cluster.x-k8s.io/provider: fleet
control-plane: controller-manager
name: caapf-system
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
labels:
cluster.x-k8s.io/provider: fleet
name: fleetaddonconfigs.addons.cluster.x-k8s.io
spec:
group: addons.cluster.x-k8s.io
names:
categories: []
kind: FleetAddonConfig
plural: fleetaddonconfigs
shortNames: []
singular: fleetaddonconfig
scope: Cluster
versions:
- additionalPrinterColumns: []
name: v1alpha1
schema:
openAPIV3Schema:
description: Auto-generated derived type for FleetAddonConfigSpec via `CustomResource`
properties:
spec:
description: This provides a config for fleet addon functionality
properties:
cluster:
description: |-
Enable Cluster config funtionality.
This will create Fleet Cluster for each Cluster with the same name. In case the cluster specifies topology.class, the name of the `ClusterClass` will be added to the Fleet Cluster labels.
nullable: true
properties:
agentEnvVars:
description: '`AgentEnvVars` are extra environment variables to
be added to the agent deployment.'
items:
description: EnvVar represents an environment variable present
in a Container.
properties:
name:
description: Name of the environment variable. Must be a
C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded
using the previously defined environment variables in
the container and any service environment variables. If
a variable cannot be resolved, the reference in the input
string will be unchanged. Double $$ are reduced to a single
$, which allows for escaping the $(VAR_NAME) syntax: i.e.
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
Escaped references will never be expanded, regardless
of whether the variable exists or not. Defaults to "".'
nullable: true
type: string
valueFrom:
description: Source for the environment variable's value.
Cannot be used if value is not empty.
nullable: true
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
nullable: true
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. This field is
effectively required, but due to backwards compatibility
is allowed to be empty. Instances of this type
with an empty value here are almost certainly
wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
nullable: true
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
nullable: true
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name,
metadata.namespace, `metadata.labels[''<KEY>'']`,
`metadata.annotations[''<KEY>'']`, spec.nodeName,
spec.serviceAccountName, status.hostIP, status.podIP,
status.podIPs.'
nullable: true
properties:
apiVersion:
description: Version of the schema the FieldPath
is written in terms of, defaults to "v1".
nullable: true
type: string
fieldPath:
description: Path of the field to select in the
specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only
resources limits and requests (limits.cpu, limits.memory,
limits.ephemeral-storage, requests.cpu, requests.memory
and requests.ephemeral-storage) are currently supported.'
nullable: true
properties:
containerName:
description: 'Container name: required for volumes,
optional for env vars'
nullable: true
type: string
divisor:
description: Specifies the output format of the
exposed resources, defaults to "1"
nullable: true
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's
namespace
nullable: true
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. This field is
effectively required, but due to backwards compatibility
is allowed to be empty. Instances of this type
with an empty value here are almost certainly
wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
nullable: true
type: string
optional:
description: Specify whether the Secret or its key
must be defined
nullable: true
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
nullable: true
type: array
agentNamespace:
description: Namespace selection for the fleet agent
nullable: true
type: string
agentTolerations:
description: Agent taint toleration settings for every cluster
items:
description: The pod this Toleration is attached to tolerates
any taint that matches the triple <key,value,effect> using
the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match.
Empty means match all taint effects. When specified, allowed
values are NoSchedule, PreferNoSchedule and NoExecute.
nullable: true
type: string
key:
description: Key is the taint key that the toleration applies
to. Empty means match all taint keys. If the key is empty,
operator must be Exists; this combination means to match
all values and all keys.
nullable: true
type: string
operator:
description: Operator represents a key's relationship to
the value. Valid operators are Exists and Equal. Defaults
to Equal. Exists is equivalent to wildcard for value,
so that a pod can tolerate all taints of a particular
category.
nullable: true
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of
time the toleration (which must be of effect NoExecute,
otherwise this field is ignored) tolerates the taint.
By default, it is not set, which means tolerate the taint
forever (do not evict). Zero and negative values will
be treated as 0 (evict immediately) by the system.
format: int64
nullable: true
type: integer
value:
description: Value is the taint value the toleration matches
to. If the operator is Exists, the value should be empty,
otherwise just a regular string.
nullable: true
type: string
type: object
nullable: true
type: array
applyClassGroup:
description: Apply a `ClusterGroup` for a `ClusterClass` referenced
from a different namespace.
nullable: true
type: boolean
hostNetwork:
description: 'Host network allows to deploy agent configuration
using hostNetwork: true setting which eludes dependency on the
CNI configuration for the cluster.'
nullable: true
type: boolean
namespaceSelector:
description: Namespace label selector. If set, only clusters in
the namespace matching label selector will be imported.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If
the operator is In or NotIn, the values array must
be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A
single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is "key",
the operator is "In", and the values array contains only
"value". The requirements are ANDed.
type: object
type: object
naming:
description: Naming settings for the fleet cluster
nullable: true
properties:
prefix:
description: Specify a prefix for the Cluster name, applied
to created Fleet cluster
nullable: true
type: string
suffix:
description: Specify a suffix for the Cluster name, applied
to created Fleet cluster
nullable: true
type: string
type: object
patchResource:
description: Allow to patch resources, maintaining the desired
state. If is not set, resources will only be re-created in case
of removal.
nullable: true
type: boolean
selector:
description: Cluster label selector. If set, only clusters matching
label selector will be imported.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If
the operator is In or NotIn, the values array must
be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A
single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is "key",
the operator is "In", and the values array contains only
"value". The requirements are ANDed.
type: object
type: object
setOwnerReferences:
description: Setting to disable setting owner references on the
created resources
nullable: true
type: boolean
required:
- namespaceSelector
- selector
type: object
clusterClass:
description: |-
Enable clusterClass controller functionality.
This will create Fleet `ClusterGroups` for each `ClusterClaster` with the same name.
nullable: true
properties:
patchResource:
description: Allow to patch resources, maintaining the desired
state. If is not set, resources will only be re-created in case
of removal.
nullable: true
type: boolean
setOwnerReferences:
description: Setting to disable setting owner references on the
created resources
nullable: true
type: boolean
type: object
config:
nullable: true
properties:
bootstrapLocalCluster:
description: Enable auto-installation of a fleet agent in the
local cluster.
nullable: true
type: boolean
featureGates:
description: feature gates controlling experimental features
nullable: true
properties:
configMap:
description: '`FeaturesConfigMap` references a `ConfigMap`
where to apply feature flags. If a `ConfigMap` is referenced,
the controller will update it instead of upgrading the Fleet
chart.'
nullable: true
properties:
ref:
description: ObjectReference contains enough information
to let you inspect or modify the referred object.
nullable: true
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object
instead of an entire object, this string should
contain a valid JSON/Go field access statement,
such as desiredState.manifest.containers[2]. For
example, if the object reference is to a container
within a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container
that triggered the event) or if no container name
is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only
to have some well-defined way of referencing a part
of an object.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this
reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
type: object
experimentalHelmOps:
description: Enables experimental Helm operations support.
type: boolean
experimentalOciStorage:
description: Enables experimental OCI storage support.
type: boolean
required:
- experimentalHelmOps
- experimentalOciStorage
type: object
server:
description: fleet server url configuration options
nullable: true
oneOf:
- required:
- inferLocal
- required:
- custom
properties:
custom:
properties:
apiServerCaConfigRef:
description: ObjectReference contains enough information
to let you inspect or modify the referred object.
nullable: true
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object
instead of an entire object, this string should
contain a valid JSON/Go field access statement,
such as desiredState.manifest.containers[2]. For
example, if the object reference is to a container
within a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container
that triggered the event) or if no container name
is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only
to have some well-defined way of referencing a part
of an object.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this
reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
apiServerUrl:
nullable: true
type: string
type: object
inferLocal:
type: boolean
type: object
type: object
install:
nullable: true
oneOf:
- required:
- followLatest
- required:
- version
properties:
followLatest:
description: Follow the latest version of the chart on install
type: boolean
version:
description: Use specific version to install
type: string
type: object
type: object
status:
nullable: true
properties:
conditions:
description: conditions represents the observations of a Fleet addon
current state.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
type: string
status:
description: status of the condition, one of True, False, Unknown.
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
installedVersion:
nullable: true
type: string
type: object
required:
- spec
title: FleetAddonConfigValidated
type: object
x-kubernetes-validations:
- rule: self.metadata.name == 'fleet-addon-config'
served: true
storage: true
subresources:
status: {}
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
cluster.x-k8s.io/provider: fleet
name: caapf-controller-manager
namespace: caapf-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
cluster.x-k8s.io/provider: fleet
name: caapf-helm-manager
namespace: caapf-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
cluster.x-k8s.io/provider: fleet
name: caapf-leader-election-role
namespace: caapf-system
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
cluster.x-k8s.io/provider: fleet
name: caapf-manager-role
rules:
- apiGroups:
- addons.cluster.x-k8s.io
resources:
- fleetaddonconfigs
- fleetaddonconfigs/status
verbs:
- '*'
- apiGroups:
- ""
resources:
- namespaces
verbs:
- list
- get
- watch
- create
- patch
- apiGroups:
- events.k8s.io
resources:
- events
verbs:
- create
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- patch
- list
- watch
- apiGroups:
- ""
resources:
- endpoints
verbs:
- get
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- get
- watch
- apiGroups:
- authentication.k8s.io
resources:
- tokenreviews
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
- apiGroups:
- bootstrap.cluster.x-k8s.io
- clusterctl.cluster.x-k8s.io
- controlplane.cluster.x-k8s.io
- infrastructure.cluster.x-k8s.io
resources:
- '*'
verbs:
- get
- list
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- clusters
- clusterclasses
verbs:
- get
- list
- watch
- patch
- apiGroups:
- fleet.cattle.io
resources:
- clusters
- clustergroups
- clusterregistrationtokens
- bundlenamespacemappings
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- fleet.cattle.io
resources:
- bundlenamespacemappings
verbs:
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
cluster.x-k8s.io/provider: fleet
name: caapf-helm-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: caapf-helm-manager
namespace: caapf-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
cluster.x-k8s.io/provider: fleet
name: caapf-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: caapf-manager-role
subjects:
- kind: ServiceAccount
name: caapf-controller-manager
namespace: caapf-system
---
apiVersion: v1
kind: Secret
metadata:
annotations:
kubernetes.io/service-account.name: caapf-helm-manager
labels:
cluster.x-k8s.io/fleet-addon-registration: "true"
cluster.x-k8s.io/provider: fleet
name: caapf-helm-manager
namespace: caapf-system
type: kubernetes.io/service-account-token
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
cluster.x-k8s.io/provider: fleet
control-plane: controller-manager
name: caapf-controller-manager
namespace: caapf-system
spec:
replicas: 1
selector:
matchLabels:
cluster.x-k8s.io/provider: fleet
control-plane: controller-manager
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: manager
labels:
cluster.x-k8s.io/provider: fleet
control-plane: controller-manager
spec:
containers:
- image: ghcr.io/rancher/cluster-api-addon-provider-fleet:v0.11.0
imagePullPolicy: IfNotPresent
name: manager
ports:
- containerPort: 8443
name: http
protocol: TCP
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 5
periodSeconds: 5
resources:
limits:
cpu: 100m
memory: 150Mi
requests:
cpu: 100m
memory: 100Mi
- args:
- --helm-install
image: ghcr.io/rancher/cluster-api-addon-provider-fleet:v0.11.0
name: helm-manager
resources:
limits:
cpu: 100m
memory: 150Mi
requests:
cpu: 100m
memory: 100Mi
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: helm-kubeconfig
readOnly: true
serviceAccountName: caapf-controller-manager
terminationGracePeriodSeconds: 10
volumes:
- name: helm-kubeconfig
secret:
secretName: caapf-helm-manager
metadata: |
apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3
releaseSeries:
- major: 0
minor: 1
contract: v1beta1
- major: 0
minor: 2
contract: v1beta1
- major: 0
minor: 3
contract: v1beta1
- major: 0
minor: 4
contract: v1beta1
- major: 0
minor: 5
contract: v1beta1
- major: 0
minor: 6
contract: v1beta1
- major: 0
minor: 7
contract: v1beta1
- major: 0
minor: 8
contract: v1beta1
- major: 0
minor: 9
contract: v1beta1
- major: 0
minor: 10
contract: v1beta1
- major: 0
minor: 11
contract: v1beta1
kind: ConfigMap
metadata:
creationTimestamp: null
name: v0.11.0
namespace: rancher-turtles-system
labels:
provider-components: fleet

1038
rancher-turtles-airgap-resources-chart/templates/airgap-cm-metal3-ipam.yaml
View File

File diff suppressed because it is too large Load Diff

3624
rancher-turtles-airgap-resources-chart/templates/airgap-cm-metal3.yaml
View File

File diff suppressed because it is too large Load Diff

2844
rancher-turtles-airgap-resources-chart/templates/airgap-cm-rke2-bootstrap.yaml
View File

File diff suppressed because it is too large Load Diff

4880
rancher-turtles-airgap-resources-chart/templates/airgap-cm-rke2-control-plane.yaml
View File

File diff suppressed because it is too large Load Diff

6
rancher-turtles-chart/Chart.lock
View File

@@ -1,6 +0,0 @@
dependencies:
- name: cluster-api-operator
repository: https://kubernetes-sigs.github.io/cluster-api-operator
version: 0.18.1
digest: sha256:7ad59ce8888c32723b4ef1ae5f334fdff00a8aba87e6f1de76d605f134bff354
generated: "2025-06-30T13:10:01.066923702Z"

27
rancher-turtles-chart/Chart.yaml
View File

@@ -1,27 +0,0 @@
#!BuildTag: %%CHART_PREFIX%%rancher-turtles:%%CHART_MAJOR%%.0.7_up0.24.3
#!BuildTag: %%CHART_PREFIX%%rancher-turtles:%%CHART_MAJOR%%.0.7_up0.24.3-%RELEASE%
annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/display-name: Rancher Turtles - the Cluster API Extension
catalog.cattle.io/kube-version: '>= 1.31.4-0 < 1.34.0-0'
catalog.cattle.io/namespace: rancher-turtles-system
catalog.cattle.io/os: linux
catalog.cattle.io/permits-os: linux
catalog.cattle.io/rancher-version: '>= 2.12.3-0 < 2.13.0-0'
catalog.cattle.io/release-name: rancher-turtles
catalog.cattle.io/scope: management
catalog.cattle.io/type: cluster-tool
apiVersion: v2
appVersion: 0.24.3
description: Rancher Turtles is an extension to Rancher that brings full Cluster API
integration to Rancher.
home: https://github.com/rancher/turtles/
icon: https://raw.githubusercontent.com/rancher/turtles/main/logos/capi.svg
keywords:
- rancher
- cluster-api
- capi
- provisioning
name: rancher-turtles
type: application
version: "%%CHART_MAJOR%%.0.7+up0.24.3"

5
rancher-turtles-chart/README.md
View File

@@ -1,5 +0,0 @@
# Rancher Turtles Chart
This chart installs Rancher Turtles using Helm.
Checkout the [documentation](https://turtles.docs.rancher.com) for further information.

120
rancher-turtles-chart/RELEASE_NOTES.md
View File

@@ -1,120 +0,0 @@
## Highlights
* REPLACE ME
## Deprecation Warning
REPLACE ME: A couple sentences describing the deprecation, including links to docs.
* [GitHub issue #REPLACE ME](REPLACE ME)
## Changes since v0.24.2
## :chart_with_upwards_trend: Overview
- 67 new commits merged
- 1 bug fixed 🐛
## :bug: Bug Fixes
- Build-and-release: Fix: wrong github token value in core capi workflow (#1829)
## :seedling: Others
- Build-and-release: Append target branch to backport PR title (#1768)
:book: Additionally, there have been 2 contributions to our documentation and book. (#1865, #1870)
## :question: Sort these by hand
- Build-and-release: [main] fix: org value not set in release workflow (#1758)
- Build-and-release: Add backport automation GitHub workflow (#1754)
- Build-and-release: Chore(deps): Bump actions/upload-artifact from 4 to 5 (#1839)
- Build-and-release: Chore(deps): Bump github/codeql-action from 3 to 4 (#1815)
- Build-and-release: Chore(deps): Bump rancher/aws-janitor from 0.2.0 to 0.3.0 (#1743)
- Build-and-release: Chore(deps): Bump rancherlabs/slsactl from 0.0.15 to 0.0.16 (#1833)
- Build-and-release: Chore(deps): Bump rancherlabs/slsactl from 0.0.16 to 0.0.18 (#1840)
- Build-and-release: Chore(deps): Bump rancherlabs/slsactl from 0.0.18 to 0.1.1 (#1856)
- Build-and-release: Chore(deps): Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 (#1834)
- Build-and-release: Ci: Add attestation (#1730)
- Build-and-release: Ci: Add new release workflow (#1721)
- Build-and-release: CI: Fix release workflow (#1729)
- Build-and-release: Ci: Use digests instead of tags when signing images (#1728)
- Build-and-release: Cleanup release workflow and build action (#1755)
- Build-and-release: Docs: Add document for new release process (#1761)
- Build-and-release: Feat: adapt chart to use system default registry (#1711)
- Build-and-release: Fix secret path for backport automation (#1757)
- Build-and-release: Fix: Bump Go version to 1.24.9 (#1838)
- Build-and-release: Fix: update nested imageVersion in values.yaml (#1747)
- Build-and-release: Use bash in release-against-rancher.sh for pushd/popd support (#1760)
- Build-and-release: Use proper path for backport secrets (#1765)
- Caprke2: Providers: update CAPRKE2 to v0.21.1 (#1869)
- Certificates: [feat] cert-manager to wrangler conversion (#1794)
- Chart: Bump rancher-version in chart.yaml (#1785)
- Chart: Chore: Drop CAPRKE2 and CAAPF templates from rancher-turtles chart (#1789)
- Chart: Correct Providers release-name (#1813)
- Chart: Fix: Change `capi-system` namespace to `cattle-capi-system` (#1837)
- Chart: Fix: Change Turtles namespace to `cattle-turtles-system` (#1818)
- Chart: Fix: Set `securityContext` field to Turtles controller and hooks manifests (#1850)
- Chart: Remove Extension mentions from chart (#1871)
- Chart: Set kube-version to actual version in Chart.yaml (#1722)
- CI: Bump e2e to k8s 1.34 (#1872)
- CI: Feat: Install Turtles as system chart in dev-env (#1836)
- CI: Fix gitea ingress template (#1860)
- CI: Use Rancher v2.13 for e2e (#1843)
- CI: Wait for rancher-webhook before installing providers (#1846)
- CI: Wait for rancher-webhook when testing charts (#1853)
- Dependency: Bump kubernetes version to v1.32.x series (#1787)
- Dependency: Chore(deps): Bump github.com/onsi/ginkgo/v2 from 2.25.3 to 2.26.0 in /test in the testing-dependencies group (#1801)
- Dependency: Chore(deps): Bump github.com/onsi/ginkgo/v2 from 2.25.3 to 2.26.0 in the testing-dependencies group (#1802)
- Dependency: Chore(deps): Bump github.com/onsi/ginkgo/v2 from 2.26.0 to 2.27.1 in /test in the testing-dependencies group (#1842)
- Dependency: Chore(deps): Bump github.com/onsi/ginkgo/v2 from 2.26.0 to 2.27.1 in the testing-dependencies group (#1841)
- Dependency: Chore(deps): Bump github.com/onsi/ginkgo/v2 from 2.27.1 to 2.27.2 in the testing-dependencies group (#1857)
- Dependency: Chore(deps): Bump golang.org/x/text from 0.29.0 to 0.30.0 in the other-dependencies group (#1814)
- Dependency: Chore(deps): Bump sigs.k8s.io/kind from 0.29.0 to 0.30.0 in /test in the other-dependencies group across 1 directory (#1751)
- Fleet: Chart: enable optional fetchConfig for fleet provider (#1734)
- Installation: Add cluster indexed label to all CRDs (#1749)
- Installation: Add helm policy keep to installed providers (#1725)
- Installation: Chore cleanup turtles chart provider refs (#1821)
- Installation: Feat: add fetch capi manifest workflow for air gapped (#1805)
- Installation: Feat: remove embedded capi (#1793)
- Installation: Revert "Enable no-cert-manager by default" (#1792)
- Installation: Standratize helm chart values with other system charts (#1769)
- MISSING_AREA: Add check for externalFleet annotation (#1868)
- MULTIPLE_AREAS[ClusterClass/Capa]: Add EKS ClusterClass example and e2e test (#1712)
- MULTIPLE_AREAS[Installation/Chart]: Enable no-cert-manager by default (#1784)
- MULTIPLE_AREAS[Testing/Capz]: Ci: bump k8s to 1.34 for Azure tests (#1863)
- Operator: [fix] Remove unnecessary finalizer wrapper from CAPIProvider (#1810)
- Operator: Remove clusterclass-operations from values.yaml (#1800)
- Operator: Remove day2 and clusterclass operations code (#1783)
- Testing: Add gitea helpers back to e2e setup (#1851)
- Testing: Fix: Drop CAPRKE2 from expected set of default deployments (#1798)
- Testing: Print error in artifacts collection instead of failing the suite (#1717)
## Dependencies
### Added
- github.com/gkampitakis/ciinfo: [v0.3.2](https://github.com/gkampitakis/ciinfo/tree/v0.3.2)
- github.com/gkampitakis/go-diff: [v1.3.2](https://github.com/gkampitakis/go-diff/tree/v1.3.2)
- github.com/gkampitakis/go-snaps: [v0.5.15](https://github.com/gkampitakis/go-snaps/tree/v0.5.15)
- github.com/goccy/go-yaml: [v1.18.0](https://github.com/goccy/go-yaml/tree/v1.18.0)
- github.com/joshdk/go-junit: [v1.0.0](https://github.com/joshdk/go-junit/tree/v1.0.0)
- github.com/maruel/natural: [v1.1.1](https://github.com/maruel/natural/tree/v1.1.1)
- github.com/mfridman/tparse: [v0.18.0](https://github.com/mfridman/tparse/tree/v0.18.0)
- github.com/tidwall/gjson: [v1.18.0](https://github.com/tidwall/gjson/tree/v1.18.0)
- github.com/tidwall/match: [v1.1.1](https://github.com/tidwall/match/tree/v1.1.1)
- github.com/tidwall/pretty: [v1.2.1](https://github.com/tidwall/pretty/tree/v1.2.1)
- github.com/tidwall/sjson: [v1.2.5](https://github.com/tidwall/sjson/tree/v1.2.5)
### Changed
- github.com/onsi/ginkgo/v2: [v2.25.3 → v2.27.2](https://github.com/onsi/ginkgo/compare/v2.25.3...v2.27.2)
- github.com/rogpeppe/go-internal: [v1.12.0 → v1.13.1](https://github.com/rogpeppe/go-internal/compare/v1.12.0...v1.13.1)
- golang.org/x/crypto: v0.41.0 → v0.42.0
- golang.org/x/mod: v0.27.0 → v0.28.0
- golang.org/x/net: v0.43.0 → v0.44.0
- golang.org/x/sys: v0.35.0 → v0.36.0
- golang.org/x/telemetry: 1a19826 → aef8a43
- golang.org/x/term: v0.34.0 → v0.35.0
- golang.org/x/text: v0.29.0 → v0.30.0
- golang.org/x/tools: v0.36.0 → v0.37.0
- sigs.k8s.io/cluster-api: v1.10.5 → v1.10.6
### Removed
- github.com/prashantv/gostub: [v1.1.0](https://github.com/prashantv/gostub/tree/v1.1.0)
_Thanks to all our contributors!_ 😊

17
rancher-turtles-chart/_service
View File

@@ -1,17 +0,0 @@
<services>
<service mode="buildtime" name="kiwi_metainfo_helper"/>
<service name="replace_using_env" mode="buildtime">
<param name="file">values.yaml</param>
<param name="eval">IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix})</param>
<param name="var">IMG_PREFIX</param>
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
<param name="var">IMG_REPO</param>
</service>
<service name="replace_using_env" mode="buildtime">
<param name="file">Chart.yaml</param>
<param name="eval">CHART_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?chart_prefix})</param>
<param name="var">CHART_PREFIX</param>
<param name="eval">CHART_MAJOR=$(rpm --macros=/root/.rpmmacros -E %{?chart_major})</param>
<param name="var">CHART_MAJOR</param>
</service>
</services>

5
rancher-turtles-chart/app-readme.md
View File

@@ -1,5 +0,0 @@
# Rancher Turtles - The Cluster API Extension for Rancher
Rancher Turtles brings enhanced integration of Cluster API with Rancher.
For more information, including a getting started guide, see the [official documentation](https://turtles.docs.rancher.com).

55
rancher-turtles-chart/questions.yml
View File

@@ -1,55 +0,0 @@
namespace: rancher-turtles-system
questions:
- variable: rancherTurtles.features.default
default: "false"
description: "Customize install settings"
label: Customize install settings
type: boolean
show_subquestion_if: true
group: "Rancher Turtles Extra Settings"
subquestions:
- variable: turtlesUI.enabled
default: false
type: boolean
description: "Flag to enable or disable installation of CAPI UI extension. If set to false then you will need to install CAPI UI extension manually."
label: "Install CAPI UI (Experimental)"
- variable: rancherTurtles.cluster-api-operator.cleanup
default: true
description: "Specify that the CAPI Operator post-delete cleanup job will be performed."
type: boolean
label: Cleanup CAPI Operator installation
group: "CAPI Operator cleanup settings"
- variable: cluster-api-operator.cluster-api.rke2.enabled
default: "true"
description: "Flag to enable or disable installation of the RKE2 provider for Cluster API. By default this is enabled."
label: "Enable RKE2 Provider"
type: boolean
- variable: rancherTurtles.features.agent-tls-mode.enabled
default: false
description: "[ALPHA] If enabled Turtles will use the agent-tls-mode setting to determine CA cert trust mode for importing clusters."
type: boolean
label: Enable Agent TLS Mode
group: "Rancher Turtles Features Settings"
- variable: rancherTurtles.features.no-cert-manager.enabled
default: false
description: "[ALPHA] If enabled Turtles will remove cert-manager."
type: boolean
label: Remove cert-manager
group: "Rancher Turtles Features Settings"
- variable: rancherTurtles.kubectlImage
default: "registry.suse.com/edge/3.3/kubectl:1.32.4"
description: "Specify the image to use when running kubectl in jobs."
type: string
label: Kubectl Image
group: "Rancher Turtles Features Settings"
- variable: rancherTurtles.features.day2operations.enabled
label: "Enable Day 2 Operations functionality in Rancher Turtles"
description: "Use this setting to configure Day 2 Operations functionality in Rancher Turtles, such as enabling ETCD Backup and Restore."
type: boolean
group: "Rancher Turtles Features Settings"
- variable: rancherTurtles.features.day2operations.etcdBackupRestore.enabled
label: "Enable ETCD Backup and Restore"
description: "[ALPHA] Enable ETCD Backup and Restore functionality in Rancher Turtles."
type: boolean
group: "ETCD Backup and Restore Settings"
show_if: "rancherTurtles.features.day2operations.enabled"

85
rancher-turtles-chart/templates/addon-provider-fleet.yaml
View File

@@ -1,85 +0,0 @@
apiVersion: turtles-capi.cattle.io/v1alpha1
kind: CAPIProvider
metadata:
name: fleet
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": "post-install, post-upgrade"
"helm.sh/hook-weight": "2"
"helm.sh/resource-policy": keep
spec:
enableAutomaticUpdate: true
type: addon
additionalManifests:
name: fleet-addon-config
namespace: '{{ .Values.rancherTurtles.namespace }}'
{{- if or (index .Values "cluster-api-operator" "cluster-api" "fleet" "addon" "fetchConfig" "url") (index .Values "cluster-api-operator" "cluster-api" "fleet" "addon" "fetchConfig" "selector") }}
fetchConfig:
{{- if index .Values "cluster-api-operator" "cluster-api" "fleet" "addon" "fetchConfig" "url" }}
url: {{ index .Values "cluster-api-operator" "cluster-api" "fleet" "addon" "fetchConfig" "url" }}
{{- end }}
{{- if index .Values "cluster-api-operator" "cluster-api" "fleet" "addon" "fetchConfig" "selector" }}
selector: {{ index .Values "cluster-api-operator" "cluster-api" "fleet" "addon" "fetchConfig" "selector" }}
{{- end }}
{{- end }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: fleet-addon-config
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": "post-install, post-upgrade"
"helm.sh/hook-weight": "2"
"helm.sh/resource-policy": keep
data:
manifests: |-
apiVersion: addons.cluster.x-k8s.io/v1alpha1
kind: FleetAddonConfig
metadata:
name: fleet-addon-config
spec:
config:
featureGates:
configMap:
ref:
kind: ConfigMap
apiVersion: v1
name: rancher-config
namespace: cattle-system
experimentalOciStorage: true
experimentalHelmOps: true
clusterClass:
patchResource: true
setOwnerReferences: true
cluster:
agentNamespace: cattle-fleet-system
applyClassGroup: true
patchResource: true
setOwnerReferences: true
hostNetwork: true
selector:
matchLabels:
cluster-api.cattle.io/rancher-auto-import: "true"
matchExpressions:
- key: cluster-api.cattle.io/disable-fleet-auto-import
operator: DoesNotExist
namespaceSelector:
matchLabels:
cluster-api.cattle.io/rancher-auto-import: "true"
matchExpressions:
- key: cluster-api.cattle.io/disable-fleet-auto-import
operator: DoesNotExist
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: cappf-controller-psa
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: fleet-controller-psa
subjects:
- kind: ServiceAccount
name: caapf-controller-manager
namespace: {{ .Values.rancherTurtles.namespace }}

19
rancher-turtles-chart/templates/azure-rbac.yaml
View File

@@ -1,19 +0,0 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: caprke2-azure-aggregated-role
labels:
cluster.x-k8s.io/aggregate-to-capz-manager: "true"
rules:
- apiGroups:
- bootstrap.cluster.x-k8s.io
resources:
- rke2configs
verbs:
- create
- update
- delete
- get
- list
- patch
- watch

66
rancher-turtles-chart/templates/clusterctl-cm-cleanup-job.yaml
View File

@@ -1,66 +0,0 @@
{{- if index .Values "rancherTurtles" "rancherInstalled" }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: pre-upgrade-job
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": "post-delete, pre-upgrade"
"helm.sh/hook-weight": "-2"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: pre-upgrade-job-delete-clusterctl-configmap
annotations:
"helm.sh/hook": "post-delete, pre-upgrade"
"helm.sh/hook-weight": "-2"
rules:
- apiGroups: [""]
resources:
- configmaps
verbs:
- list
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: pre-upgrade-job-clusterctl-configmap-cleanup
annotations:
"helm.sh/hook": "post-delete, pre-upgrade"
"helm.sh/hook-weight": "-2"
subjects:
- kind: ServiceAccount
name: pre-upgrade-job
namespace: '{{ .Values.rancherTurtles.namespace }}'
roleRef:
kind: ClusterRole
name: pre-upgrade-job-delete-clusterctl-configmap
apiGroup: rbac.authorization.k8s.io
---
apiVersion: batch/v1
kind: Job
metadata:
name: rancher-clusterctl-configmap-cleanup
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": "post-delete, pre-upgrade"
"helm.sh/hook-weight": "-1"
spec:
ttlSecondsAfterFinished: 300
template:
spec:
serviceAccountName: pre-upgrade-job
containers:
- name: rancher-clusterctl-configmap-cleanup
image: {{ index .Values "rancherTurtles" "kubectlImage" }}
args:
- delete
- configmap
- --namespace={{ .Values.rancherTurtles.namespace }}
- clusterctl-config
- --ignore-not-found=true
restartPolicy: Never
{{- end }}

5
rancher-turtles-chart/templates/clusterctl-config.yaml
View File

@@ -1,5 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: clusterctl-config
namespace: '{{ .Values.rancherTurtles.namespace }}'

85
rancher-turtles-chart/templates/core-provider.yaml
View File

@@ -1,85 +0,0 @@
{{- if index .Values "cluster-api-operator" "cluster-api" "enabled" }}
{{- $namespace := index .Values "cluster-api-operator" "cluster-api" "core" "namespace" }}
{{- if not (lookup "v1" "Namespace" "" $namespace) }}
---
apiVersion: v1
kind: Namespace
metadata:
annotations:
"helm.sh/hook": "post-install, post-upgrade"
"helm.sh/hook-weight": "1"
name: {{ index .Values "cluster-api-operator" "cluster-api" "core" "namespace" }}
{{- end }}
---
apiVersion: turtles-capi.cattle.io/v1alpha1
kind: CAPIProvider
metadata:
name: cluster-api
namespace: {{ index .Values "cluster-api-operator" "cluster-api" "core" "namespace" }}
annotations:
"helm.sh/hook": "post-install, post-upgrade"
"helm.sh/hook-weight": "2"
spec:
name: cluster-api
type: core
enableAutomaticUpdate: {{ index .Values "cluster-api-operator" "cluster-api" "core" "enableAutomaticUpdate" }}
{{- if index .Values "cluster-api-operator" "cluster-api" "core" "version" }}
version: {{ index .Values "cluster-api-operator" "cluster-api" "core" "version" }}
{{- end }}
additionalManifests:
name: capi-additional-rbac-roles
namespace: {{ index .Values "cluster-api-operator" "cluster-api" "core" "namespace" }}
configSecret:
{{- if index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }}
name: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }}
{{ else }}
name: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "defaultName" }}
{{- end }}
{{- if or (index .Values "cluster-api-operator" "cluster-api" "core" "fetchConfig" "url") (index .Values "cluster-api-operator" "cluster-api" "core" "fetchConfig" "selector") }}
fetchConfig:
{{- if index .Values "cluster-api-operator" "cluster-api" "core" "fetchConfig" "url" }}
url: {{ index .Values "cluster-api-operator" "cluster-api" "core" "fetchConfig" "url" }}
{{- end }}
{{- if index .Values "cluster-api-operator" "cluster-api" "core" "fetchConfig" "selector" }}
selector: {{ index .Values "cluster-api-operator" "cluster-api" "core" "fetchConfig" "selector" }}
{{- end }}
{{- end }}
{{- if index .Values "cluster-api-operator" "cluster-api" "core" "imageUrl" }}
deployment:
containers:
- name: manager
imageUrl: {{ index .Values "cluster-api-operator" "cluster-api" "core" "imageUrl" }}
{{- end }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: capi-additional-rbac-roles
namespace: {{ index .Values "cluster-api-operator" "cluster-api" "core" "namespace" }}
annotations:
"helm.sh/hook": "post-install, post-upgrade"
"helm.sh/hook-weight": "2"
data:
manifests: |-
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: provisioning-rke-cattle-io
labels:
cluster.x-k8s.io/aggregate-to-manager: "true"
rules:
- apiGroups: ["rke.cattle.io"]
resources: ["*"]
verbs: ["*"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: provisioning-rke-machine-cattle-io
labels:
cluster.x-k8s.io/aggregate-to-manager: "true"
rules:
- apiGroups: ["rke-machine.cattle.io"]
resources: ["*"]
verbs: ["*"]
{{- end }}

88
rancher-turtles-chart/templates/deployment.yaml
View File

@@ -1,88 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
control-plane: controller-manager
name: rancher-turtles-controller-manager
namespace: '{{ .Values.rancherTurtles.namespace }}'
spec:
replicas: 1
selector:
matchLabels:
control-plane: controller-manager
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: manager
labels:
control-plane: controller-manager
spec:
{{- if .Values.rancherTurtles.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.rancherTurtles.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
containers:
- args:
- --leader-elect
- --feature-gates=agent-tls-mode={{ index .Values "rancherTurtles" "features" "agent-tls-mode" "enabled"}},ui-plugin={{ index .Values "turtlesUI" "enabled"}},no-cert-manager={{ index .Values "rancherTurtles" "features" "no-cert-manager" "enabled"}}
{{- range .Values.rancherTurtles.managerArguments }}
- {{ . }}
{{- end }}
command:
- /manager
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_UID
valueFrom:
fieldRef:
fieldPath: metadata.uid
{{- if (contains "sha256:" .Values.rancherTurtles.imageVersion) }}
image: '{{ .Values.rancherTurtles.image }}@{{ .Values.rancherTurtles.imageVersion }}'
{{- else }}
image: '{{ .Values.rancherTurtles.image }}:{{ .Values.rancherTurtles.imageVersion }}'
{{- end}}
imagePullPolicy: '{{ .Values.rancherTurtles.imagePullPolicy }}'
livenessProbe:
httpGet:
path: /healthz
port: 9440
initialDelaySeconds: 15
periodSeconds: 20
name: manager
readinessProbe:
httpGet:
path: /readyz
port: 9440
initialDelaySeconds: 5
periodSeconds: 10
resources:
limits:
cpu: 500m
memory: 300Mi
requests:
cpu: 10m
memory: 128Mi
{{- with .Values.rancherTurtles.volumeMounts.manager }}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
serviceAccountName: rancher-turtles-manager
terminationGracePeriodSeconds: 10
{{- with .Values.rancherTurtles.volumes }}
volumes:
{{- toYaml . | nindent 8 }}
{{- end }}
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane

117
rancher-turtles-chart/templates/metal3-infrastructure.yaml
View File

@@ -1,117 +0,0 @@
{{- if and (index .Values "cluster-api-operator" "cluster-api" "enabled") (index .Values "cluster-api-operator" "cluster-api" "metal3" "enabled") }}
{{- $namespace := index .Values "cluster-api-operator" "cluster-api" "metal3" "infrastructure" "namespace" }}
{{- $ipamnamespace := index .Values "cluster-api-operator" "cluster-api" "metal3" "ipam" "namespace" }}
{{- if not (lookup "v1" "Namespace" "" $namespace) }}
---
apiVersion: v1
kind: Namespace
metadata:
annotations:
"helm.sh/hook": "post-install, post-upgrade"
"helm.sh/hook-weight": "1"
"helm.sh/resource-policy": keep
name: {{ index .Values "cluster-api-operator" "cluster-api" "metal3" "infrastructure" "namespace" }}
{{- end }}
{{- if not (lookup "v1" "Namespace" "" $ipamnamespace) }}
---
apiVersion: v1
kind: Namespace
metadata:
annotations:
"helm.sh/hook": "post-install, post-upgrade"
"helm.sh/hook-weight": "1"
"helm.sh/resource-policy": keep
name: {{ index .Values "cluster-api-operator" "cluster-api" "metal3" "ipam" "namespace" }}
{{- end }}
---
apiVersion: turtles-capi.cattle.io/v1alpha1
kind: ClusterctlConfig
metadata:
name: clusterctl-config
namespace: rancher-turtles-system
annotations:
"helm.sh/hook": "post-install, post-upgrade"
"helm.sh/hook-weight": "1"
spec:
providers:
- name: metal3
url: "https://github.com/rancher-sandbox/cluster-api-provider-metal3/releases/v1.10.2/infrastructure-components.yaml"
type: InfrastructureProvider
- name: metal3ipam
url: "https://github.com/rancher-sandbox/ip-address-manager/releases/v1.10.2/ipam-components.yaml"
type: IPAMProvider
---
apiVersion: turtles-capi.cattle.io/v1alpha1
kind: CAPIProvider
metadata:
name: metal3
namespace: {{ index .Values "cluster-api-operator" "cluster-api" "metal3" "infrastructure" "namespace" }}
annotations:
"helm.sh/hook": "post-install, post-upgrade"
"helm.sh/hook-weight": "2"
"helm.sh/resource-policy": keep
spec:
name: metal3
type: infrastructure
{{- if index .Values "cluster-api-operator" "cluster-api" "metal3" "version" }}
version: {{ index .Values "cluster-api-operator" "cluster-api" "metal3" "version" }}
{{- end }}
configSecret:
{{- if index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }}
name: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }}
{{ else }}
name: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "defaultName" }}
{{- end }}
{{- if or (index .Values "cluster-api-operator" "cluster-api" "metal3" "infrastructure" "fetchConfig" "url") (index .Values "cluster-api-operator" "cluster-api" "metal3" "infrastructure" "fetchConfig" "selector") }}
fetchConfig:
{{- if index .Values "cluster-api-operator" "cluster-api" "metal3" "infrastructure" "fetchConfig" "url" }}
url: {{ index .Values "cluster-api-operator" "cluster-api" "metal3" "infrastructure" "fetchConfig" "url" }}
{{- end }}
{{- if index .Values "cluster-api-operator" "cluster-api" "metal3" "infrastructure" "fetchConfig" "selector" }}
selector: {{ index .Values "cluster-api-operator" "cluster-api" "metal3" "infrastructure" "fetchConfig" "selector" }}
{{- end }}
{{- end }}
{{- if index .Values "cluster-api-operator" "cluster-api" "metal3" "infrastructure" "imageUrl" }}
deployment:
containers:
- name: manager
imageUrl: {{ index .Values "cluster-api-operator" "cluster-api" "metal3" "infrastructure" "imageUrl" }}
{{- end }}
---
apiVersion: turtles-capi.cattle.io/v1alpha1
kind: CAPIProvider
metadata:
name: metal3ipam
namespace: {{ index .Values "cluster-api-operator" "cluster-api" "metal3" "ipam" "namespace" }}
annotations:
"helm.sh/hook": "post-install, post-upgrade"
"helm.sh/hook-weight": "2"
"helm.sh/resource-policy": keep
spec:
name: metal3ipam
type: ipam
{{- if index .Values "cluster-api-operator" "cluster-api" "metal3" "ipam" "version" }}
version: {{ index .Values "cluster-api-operator" "cluster-api" "metal3" "ipam" "version" }}
{{- end }}
configSecret:
{{- if index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }}
name: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }}
{{ else }}
name: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "defaultName" }}
{{- end }}
{{- if or (index .Values "cluster-api-operator" "cluster-api" "metal3" "ipam" "fetchConfig" "url") (index .Values "cluster-api-operator" "cluster-api" "metal3" "ipam" "fetchConfig" "selector") }}
fetchConfig:
{{- if index .Values "cluster-api-operator" "cluster-api" "metal3" "ipam" "fetchConfig" "url" }}
url: {{ index .Values "cluster-api-operator" "cluster-api" "metal3" "ipam" "fetchConfig" "url" }}
{{- end }}
{{- if index .Values "cluster-api-operator" "cluster-api" "metal3" "ipam" "fetchConfig" "selector" }}
selector: {{ index .Values "cluster-api-operator" "cluster-api" "metal3" "ipam" "fetchConfig" "selector" }}
{{- end }}
{{- end }}
{{- if index .Values "cluster-api-operator" "cluster-api" "metal3" "ipam" "imageUrl" }}
deployment:
containers:
- name: manager
imageUrl: {{ index .Values "cluster-api-operator" "cluster-api" "metal3" "ipam" "imageUrl" }}
{{- end }}
{{- end }}

13
rancher-turtles-chart/templates/operator-crds.yaml
View File

@@ -1,13 +0,0 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
rancher-turtles/aggregate-to-manager: "true"
name: rancher-turtles-operator-admin
rules:
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'

166
rancher-turtles-chart/templates/post-delete-job.yaml
View File

@@ -1,166 +0,0 @@
{{- if index .Values "cluster-api-operator" "cleanup" }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: post-delete-job
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": post-delete
"helm.sh/hook-weight": "1"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: post-delete-job-delete-webhooks
annotations:
"helm.sh/hook": post-delete
"helm.sh/hook-weight": "1"
rules:
- apiGroups:
- admissionregistration.k8s.io
resources:
- validatingwebhookconfigurations
- mutatingwebhookconfigurations
verbs:
- delete
- apiGroups:
- apps
resources:
- deployments
verbs:
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: post-delete-job-webhook-cleanup
annotations:
"helm.sh/hook": post-delete
"helm.sh/hook-weight": "1"
subjects:
- kind: ServiceAccount
name: post-delete-job
namespace: '{{ .Values.rancherTurtles.namespace }}'
roleRef:
kind: ClusterRole
name: post-delete-job-delete-webhooks
apiGroup: rbac.authorization.k8s.io
---
apiVersion: batch/v1
kind: Job
metadata:
name: cluster-api-operator-mutatingwebhook-cleanup
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": post-delete
"helm.sh/hook-weight": "2"
spec:
ttlSecondsAfterFinished: 300
template:
spec:
serviceAccountName: post-delete-job
containers:
- name: cluster-api-operator-mutatingwebhook-cleanup
image: {{ index .Values "rancherTurtles" "kubectlImage" }}
command: ["kubectl"]
args:
- delete
- mutatingwebhookconfigurations.admissionregistration.k8s.io
- capi-mutating-webhook-configuration
- capi-kubeadm-bootstrap-mutating-webhook-configuration
- capi-kubeadm-control-plane-mutating-webhook-configuration
- rke2-bootstrap-mutating-webhook-configuration
- rke2-control-plane-mutating-webhook-configuration
- --ignore-not-found=true
restartPolicy: Never
---
apiVersion: batch/v1
kind: Job
metadata:
name: cluster-api-operator-validatingwebhook-cleanup
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": post-delete
"helm.sh/hook-weight": "2"
spec:
ttlSecondsAfterFinished: 300
template:
spec:
serviceAccountName: post-delete-job
containers:
- name: cluster-api-operator-validatingwebhook-cleanup
image: {{ index .Values "rancherTurtles" "kubectlImage" }}
command: ["kubectl"]
args:
- delete
- validatingwebhookconfigurations.admissionregistration.k8s.io
- capi-validating-webhook-configuration
- capi-kubeadm-bootstrap-validating-webhook-configuration
- capi-kubeadm-control-plane-validating-webhook-configuration
- rke2-bootstrap-validating-webhook-configuration
- rke2-control-plane-validating-webhook-configuration
- --ignore-not-found=true
restartPolicy: Never
---
apiVersion: batch/v1
kind: Job
metadata:
name: cluster-api-operator-deployment-cleanup
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": post-delete
"helm.sh/hook-weight": "2"
spec:
ttlSecondsAfterFinished: 300
template:
spec:
serviceAccountName: post-delete-job
restartPolicy: Never
containers:
- name: delete-capi-controller-manager
image: {{ index .Values "rancherTurtles" "kubectlImage" }}
command: ["kubectl"]
args:
- delete
- deployments.apps/capi-controller-manager
- -n
- {{ index .Values "cluster-api-operator" "cluster-api" "core" "namespace" }}
- --ignore-not-found=true
- name: delete-capi-kubeadm-bootstrap-controller-manager
image: {{ index .Values "rancherTurtles" "kubectlImage" }}
command: ["kubectl"]
args:
- delete
- deployments.apps/capi-kubeadm-bootstrap-controller-manager
- -n
- capi-kubeadm-bootstrap-system
- --ignore-not-found=true
- name: delete-capi-kubeadm-control-plane-controller-manager
image: {{ index .Values "rancherTurtles" "kubectlImage" }}
command: ["kubectl"]
args:
- delete
- deployments.apps/capi-kubeadm-control-plane-controller-manager
- -n
- capi-kubeadm-control-plane-system
- --ignore-not-found=true
- name: delete-rke2-kubeadm-bootstrap-controller-manager
image: {{ index .Values "rancherTurtles" "kubectlImage" }}
command: ["kubectl"]
args:
- delete
- deployments.apps/rke2-bootstrap-controller-manager
- -n
- {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "bootstrap" "namespace" }}
- --ignore-not-found=true
- name: delete-rke2-control-plane-controller-manager
image: {{ index .Values "rancherTurtles" "kubectlImage" }}
command: ["kubectl"]
args:
- delete
- deployments.apps/rke2-control-plane-controller-manager
- -n
- {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "controlPlane" "namespace" }}
- --ignore-not-found=true
{{- end }}

124
rancher-turtles-chart/templates/post-upgrade-job.yaml
View File

@@ -1,124 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: post-upgrade-job
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": post-upgrade
"helm.sh/hook-weight": "1"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: post-upgrade-job-delete-capi-operator-resources
annotations:
"helm.sh/hook": post-upgrade
"helm.sh/hook-weight": "1"
rules:
- apiGroups:
- operator.cluster.x-k8s.io
resources:
- addonproviders
- bootstrapproviders
- controlplaneproviders
- coreproviders
- infrastructureproviders
- ipamproviders
- runtimeextensionproviders
verbs:
- get
- watch
- list
- delete
- patch
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: post-upgrade-job-capi-operator-resources-cleanup
annotations:
"helm.sh/hook": post-upgrade
"helm.sh/hook-weight": "1"
subjects:
- kind: ServiceAccount
name: post-upgrade-job
namespace: '{{ .Values.rancherTurtles.namespace }}'
roleRef:
kind: ClusterRole
name: post-upgrade-job-delete-capi-operator-resources
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: ConfigMap
metadata:
name: cluster-api-operator-resources-cleanup-script
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": post-upgrade
"helm.sh/hook-weight": "1"
data:
cleanup.sh: |
#!/usr/bin/env bash
set -euo pipefail
remove_finalizers_and_delete() {
local resource_type="$1"
if kubectl get crd $resource_type > /dev/null 2>&1; then
kubectl get $resource_type --all-namespaces --no-headers --ignore-not-found | awk '{print $1 " " $2}' | xargs -r -n2 bash -c 'kubectl patch '"${resource_type}"' "$1" -n "$0" --type merge -p "{\"metadata\":{\"finalizers\":null}}"'
kubectl delete $resource_type --all --all-namespaces
else
echo "Resource type $resource_type does not exist, skipping cleanup."
fi
}
resource_types=(
"addonproviders.operator.cluster.x-k8s.io"
"bootstrapproviders.operator.cluster.x-k8s.io"
"controlplaneproviders.operator.cluster.x-k8s.io"
"coreproviders.operator.cluster.x-k8s.io"
"infrastructureproviders.operator.cluster.x-k8s.io"
"ipamproviders.operator.cluster.x-k8s.io"
"runtimeextensionproviders.operator.cluster.x-k8s.io"
)
for resource_type in "${resource_types[@]}"; do
remove_finalizers_and_delete "$resource_type"
done
---
apiVersion: batch/v1
kind: Job
metadata:
name: cluster-api-operator-resources-cleanup
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": post-upgrade
"helm.sh/hook-weight": "2"
spec:
ttlSecondsAfterFinished: 300
template:
spec:
serviceAccountName: post-upgrade-job
containers:
- name: cluster-api-operator-resources-cleanup
image: {{ index .Values "rancherTurtles" "shellImage" }}
command: ["/bin/bash"]
args:
- "-c"
- "/scripts/cleanup.sh"
volumeMounts:
- name: script
mountPath: /scripts
volumes:
- name: script
configMap:
name: cluster-api-operator-resources-cleanup-script
defaultMode: 0777
restartPolicy: Never
---

69
rancher-turtles-chart/templates/pre-delete-job.yaml
View File

@@ -1,69 +0,0 @@
{{- if index .Values "rancherTurtles" "rancherInstalled" }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: pre-delete-job
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": pre-delete
"helm.sh/hook-weight": "-2"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: pre-delete-job-delete-capiproviders
annotations:
"helm.sh/hook": pre-delete
"helm.sh/hook-weight": "-2"
rules:
- apiGroups:
- turtles-capi.cattle.io
resources:
- capiproviders
verbs:
- list
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: pre-delete-job-capiprovider-cleanup
annotations:
"helm.sh/hook": pre-delete
"helm.sh/hook-weight": "-2"
subjects:
- kind: ServiceAccount
name: pre-delete-job
namespace: '{{ .Values.rancherTurtles.namespace }}'
roleRef:
kind: ClusterRole
name: pre-delete-job-delete-capiproviders
apiGroup: rbac.authorization.k8s.io
---
apiVersion: batch/v1
kind: Job
metadata:
name: rancher-capiprovider-cleanup
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": pre-delete
"helm.sh/hook-weight": "-1"
spec:
ttlSecondsAfterFinished: 300
template:
spec:
serviceAccountName: pre-delete-job
containers:
- name: rancher-capiprovider-cleanup
image: {{ index .Values "rancherTurtles" "kubectlImage" }}
args:
- delete
- capiprovider
- cluster-api
- -n
- {{ index .Values "cluster-api-operator" "cluster-api" "core" "namespace" }}
- --ignore-not-found=true
- --cascade=foreground
restartPolicy: Never
{{- end }}

101
rancher-turtles-chart/templates/pre-install-job.yaml
View File

@@ -1,101 +0,0 @@
{{- if index .Values "rancherTurtles" "rancherInstalled"}}
---
apiVersion: management.cattle.io/v3
kind: Feature
metadata:
name: embedded-cluster-api
annotations:
"helm.sh/hook": pre-install
"helm.sh/hook-weight": "1"
spec:
value: false
{{- end }}
{{- if index .Values "rancherTurtles" "rancherInstalled" }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: pre-install-job
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": pre-install
"helm.sh/hook-weight": "1"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: pre-install-job-delete-webhooks
annotations:
"helm.sh/hook": pre-install
"helm.sh/hook-weight": "1"
rules:
- apiGroups:
- admissionregistration.k8s.io
resources:
- validatingwebhookconfigurations
- mutatingwebhookconfigurations
verbs:
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: pre-install-job-webhook-cleanup
annotations:
"helm.sh/hook": pre-install
"helm.sh/hook-weight": "1"
subjects:
- kind: ServiceAccount
name: pre-install-job
namespace: '{{ .Values.rancherTurtles.namespace }}'
roleRef:
kind: ClusterRole
name: pre-install-job-delete-webhooks
apiGroup: rbac.authorization.k8s.io
---
apiVersion: batch/v1
kind: Job
metadata:
name: rancher-mutatingwebhook-cleanup
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": pre-install
"helm.sh/hook-weight": "2"
spec:
ttlSecondsAfterFinished: 300
template:
spec:
serviceAccountName: pre-install-job
containers:
- name: rancher-mutatingwebhook-cleanup
image: {{ index .Values "rancherTurtles" "kubectlImage" }}
args:
- delete
- mutatingwebhookconfigurations.admissionregistration.k8s.io
- mutating-webhook-configuration
- --ignore-not-found=true
restartPolicy: Never
---
apiVersion: batch/v1
kind: Job
metadata:
name: rancher-validatingwebhook-cleanup
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": pre-install
"helm.sh/hook-weight": "2"
spec:
ttlSecondsAfterFinished: 300
template:
spec:
serviceAccountName: pre-install-job
containers:
- name: rancher-validatingwebhook-cleanup
image: {{ index .Values "rancherTurtles" "kubectlImage" }}
args:
- delete
- validatingwebhookconfigurations.admissionregistration.k8s.io
- validating-webhook-configuration
- --ignore-not-found=true
restartPolicy: Never
{{- end }}

3583
rancher-turtles-chart/templates/rancher-turtles-components.yaml
View File

File diff suppressed because it is too large Load Diff

793
rancher-turtles-chart/templates/rancher-turtles-exp-clusterclass-components.yaml
View File

@@ -1,793 +0,0 @@
{{- if index .Values "rancherTurtles" "features" "clusterclass-operations" "enabled" }}
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.1
labels:
turtles-capi.cattle.io: clusterclass
name: clusterupgradegroups.rollout.turtles-capi.cattle.io
spec:
group: rollout.turtles-capi.cattle.io
names:
kind: ClusterUpgradeGroup
listKind: ClusterUpgradeGroupList
plural: clusterupgradegroups
singular: clusterupgradegroup
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ClusterUpgradeGroup is the Schema for the clusterupgrades API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ClusterUpgradeGroupSpec defines the desired state of ClusterUpgradeGroup
properties:
className:
type: string
rolloutStrategy:
description: |-
RolloutStrategy controls the rollout of bundles, by defining
partitions, canaries and percentages for cluster availability.
properties:
rollingUpdate:
description: |-
Rolling update config params. Present only if
RolloutStrategyType = RollingUpdate.
properties:
maxFailures:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of failed attempts before skipping the update for a given
cluster.
x-kubernetes-int-or-string: true
maxRollouts:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of clusters that can be in update state (non-active) during a
rolling update.
x-kubernetes-int-or-string: true
rolloutDelay:
anyOf:
- type: integer
- type: string
description: The delay between subsequent cluster rollouts.
x-kubernetes-int-or-string: true
type: object
type:
description: |-
Type of rollout.
Default is RollingUpdate.
type: string
type: object
targets:
description: Targets refer to the clusters that should be upgraded.
items:
properties:
clusterGroup:
description: ClusterGroup to match a specific cluster group
by name.
nullable: true
type: string
clusterGroupSelector:
description: ClusterGroupSelector is a selector to match cluster
groups.
nullable: true
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
clusterName:
description: |-
ClusterName to match a specific cluster by name that will be
selected
nullable: true
type: string
clusterSelector:
description: |-
ClusterSelector is a selector to match clusters. The structure is
the standard metav1.LabelSelector format. If clusterGroupSelector or
clusterGroup is specified, clusterSelector will be used only to
further refine the selection after clusterGroupSelector and
clusterGroup is evaluated.
nullable: true
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
doNotDeploy:
description: DoNotDeploy if set to true, will not deploy to
this target.
type: boolean
name:
description: |-
Name of target. This value is largely for display and logging. If
not specified a default name of the format "target000" will be used
type: string
type: object
type: array
required:
- className
type: object
status:
description: ClusterUpgradeGroupStatus defines the observed state of ClusterUpgradeGroup
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
labels:
turtles-capi.cattle.io: clusterclass
name: clusterupgrades.rollout.turtles-capi.cattle.io
spec:
group: rollout.turtles-capi.cattle.io
names:
kind: ClusterUpgrade
listKind: ClusterUpgradeList
plural: clusterupgrades
singular: clusterupgrade
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ClusterUpgrade is the Schema for the clusterupgrades API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ClusterUpgradeSpec defines the desired state of ClusterUpgrade
properties:
className:
type: string
rolloutStrategy:
description: |-
RolloutStrategy controls the rollout of bundles, by defining
partitions, canaries and percentages for cluster availability.
properties:
autoPartitionSize:
anyOf:
- type: integer
- type: string
description: |-
A number or percentage of how to automatically partition clusters if no
specific partitioning strategy is configured.
default: 25%
x-kubernetes-int-or-string: true
maxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
A number or percentage of clusters that can be unavailable during an update
of a bundle. This follows the same basic approach as a deployment rollout
strategy. Once the number of clusters meets unavailable state update will be
paused. Default value is 100% which doesn't take effect on update.
default: 100%
x-kubernetes-int-or-string: true
maxUnavailablePartitions:
anyOf:
- type: integer
- type: string
description: |-
A number or percentage of cluster partitions that can be unavailable during
an update of a bundle.
default: 0
x-kubernetes-int-or-string: true
partitions:
description: |-
A list of definitions of partitions. If any target clusters do not match
the configuration they are added to partitions at the end following the
autoPartitionSize.
items:
description: Partition defines a separate rollout strategy for
a set of clusters.
properties:
clusterGroup:
description: A cluster group name to include in this partition
type: string
clusterGroupSelector:
description: Selector matching cluster group labels to include
in this partition
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
clusterName:
description: ClusterName is the name of a cluster to include
in this partition
type: string
clusterSelector:
description: Selector matching cluster labels to include
in this partition
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
maxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
A number or percentage of clusters that can be unavailable in this
partition before this partition is treated as done.
default: 10%
x-kubernetes-int-or-string: true
name:
description: A user-friendly name given to the partition
used for Display (optional).
type: string
type: object
type: array
type: object
targets:
description: Targets refer to the clusters that should be upgraded.
items:
properties:
clusterGroup:
description: ClusterGroup to match a specific cluster group
by name.
nullable: true
type: string
clusterGroupSelector:
description: ClusterGroupSelector is a selector to match cluster
groups.
nullable: true
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
clusterName:
description: |-
ClusterName to match a specific cluster by name that will be
selected
nullable: true
type: string
clusterSelector:
description: |-
ClusterSelector is a selector to match clusters. The structure is
the standard metav1.LabelSelector format. If clusterGroupSelector or
clusterGroup is specified, clusterSelector will be used only to
further refine the selection after clusterGroupSelector and
clusterGroup is evaluated.
nullable: true
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
doNotDeploy:
description: DoNotDeploy if set to true, will not deploy to
this target.
type: boolean
name:
description: |-
Name of target. This value is largely for display and logging. If
not specified a default name of the format "target000" will be used
type: string
type: object
type: array
required:
- className
type: object
status:
description: ClusterUpgradeStatus defines the observed state of ClusterUpgrade
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: turtles-rollout-poc
app.kubernetes.io/instance: controller-manager-sa
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: serviceaccount
app.kubernetes.io/part-of: turtles-rollout-poc
turtles-capi.cattle.io: clusterclass
name: rancher-turtles-clusterclass-manager
namespace: {{ index .Values "rancherTurtles" "namespace" }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: turtles-rollout-poc
app.kubernetes.io/instance: leader-election-role
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: role
app.kubernetes.io/part-of: turtles-rollout-poc
turtles-capi.cattle.io: clusterclass
name: rancher-turtles-clusterclass-leader-election-role
namespace: {{ index .Values "rancherTurtles" "namespace" }}
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
aggregationRule:
clusterRoleSelectors:
- matchLabels:
rancher-turtles/aggregate-to-manager: "true"
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
turtles-capi.cattle.io: clusterclass
name: rancher-turtles-clusterclass-aggregated-manager-role
rules: []
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
rancher-turtles/aggregate-to-manager: "true"
turtles-capi.cattle.io: clusterclass
name: rancher-turtles-clusterclass-manager-role
rules:
- apiGroups:
- cluster.x-k8s.io
resources:
- clusterclasses
- clusters
- clusters/status
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- rollout.turtles-capi.cattle.io
resources:
- clusterupgradegroups
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rollout.turtles-capi.cattle.io
resources:
- clusterupgradegroups/status
verbs:
- get
- patch
- update
- apiGroups:
- rollout.turtles-capi.cattle.io
resources:
- clusterupgradegroupss/finalizers
verbs:
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: turtles-rollout-poc
app.kubernetes.io/instance: leader-election-rolebinding
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: rolebinding
app.kubernetes.io/part-of: turtles-rollout-poc
turtles-capi.cattle.io: clusterclass
name: rancher-turtles-clusterclass-leader-election-rolebinding
namespace: {{ index .Values "rancherTurtles" "namespace" }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: rancher-turtles-clusterclass-leader-election-role
subjects:
- kind: ServiceAccount
name: rancher-turtles-clusterclass-manager
namespace: {{ index .Values "rancherTurtles" "namespace" }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: turtles-rollout-poc
app.kubernetes.io/instance: manager-rolebinding
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: clusterrolebinding
app.kubernetes.io/part-of: turtles-rollout-poc
turtles-capi.cattle.io: clusterclass
name: rancher-turtles-clusterclass-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: rancher-turtles-clusterclass-aggregated-manager-role
subjects:
- kind: ServiceAccount
name: rancher-turtles-clusterclass-manager
namespace: {{ index .Values "rancherTurtles" "namespace" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
control-plane: controller-manager
turtles-capi.cattle.io: clusterclass
name: rancher-turtles-clusterclass-controller-manager
namespace: {{ index .Values "rancherTurtles" "namespace" }}
spec:
replicas: 1
selector:
matchLabels:
control-plane: controller-manager
turtles-capi.cattle.io: clusterclass
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: manager
labels:
control-plane: controller-manager
turtles-capi.cattle.io: clusterclass
spec:
containers:
- args:
- --leader-elect
command:
- ./turtles-clusterclass-operations
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_UID
valueFrom:
fieldRef:
fieldPath: metadata.uid
{{- $imageVersion := index .Values "rancherTurtles" "features" "clusterclass-operations" "imageVersion" -}}
{{- if contains "sha256:" $imageVersion }}
image: {{ index .Values "rancherTurtles" "features" "clusterclass-operations" "image" }}@{{ index .Values "rancherTurtles" "features" "clusterclass-operations" "imageVersion" }}
{{- else }}
image: {{ index .Values "rancherTurtles" "features" "clusterclass-operations" "image" }}:{{ index .Values "rancherTurtles" "features" "clusterclass-operations" "imageVersion" }}
{{- end }}
imagePullPolicy: '{{ index .Values "rancherTurtles" "features" "clusterclass-operations" "imagePullPolicy" }}'
livenessProbe:
httpGet:
path: /healthz
port: 8081
initialDelaySeconds: 15
periodSeconds: 20
name: manager
readinessProbe:
httpGet:
path: /readyz
port: 8081
initialDelaySeconds: 5
periodSeconds: 10
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 10m
memory: 64Mi
serviceAccountName: rancher-turtles-clusterclass-manager
terminationGracePeriodSeconds: 10
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
{{- end }}

666
rancher-turtles-chart/templates/rancher-turtles-exp-day2-components.yaml
View File

@@ -1,666 +0,0 @@
{{- if index .Values "rancherTurtles" "features" "day2operations" "enabled" }}
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: {{ index .Values "rancherTurtles" "namespace" }}/rancher-turtles-day2-operations-serving-cert
controller-gen.kubebuilder.io/version: v0.16.1
labels:
turtles-capi.cattle.io: day2-operations
name: etcdmachinesnapshots.turtles-capi.cattle.io
spec:
group: turtles-capi.cattle.io
names:
kind: ETCDMachineSnapshot
listKind: ETCDMachineSnapshotList
plural: etcdmachinesnapshots
singular: etcdmachinesnapshot
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ETCDMachineSnapshot is the Schema for the ETCDMachineSnapshot
API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ETCDMachineSnapshotSpec defines the desired state of EtcdMachineSnapshot
properties:
clusterName:
type: string
location:
type: string
machineName:
type: string
required:
- clusterName
type: object
x-kubernetes-validations:
- message: ETCD snapshot location can't be empty.
rule: size(self.clusterName)>0
status:
default: {}
description: EtcdSnapshotRestoreStatus defines observed state of EtcdSnapshotRestore
properties:
error:
type: string
phase:
description: ETCDSnapshotPhase is a string representation of the phase
of the etcd snapshot
type: string
s3Snapshots:
items:
properties:
creationTime:
description: CreationTime is the timestamp when the snapshot
was taken by etcd.
format: date-time
type: string
location:
type: string
name:
type: string
required:
- location
- name
type: object
type: array
snapshotFileName:
type: string
snapshots:
items:
properties:
creationTime:
description: CreationTime is the timestamp when the snapshot
was taken by etcd.
format: date-time
type: string
location:
type: string
machineName:
type: string
name:
type: string
required:
- location
- machineName
- name
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: {{ index .Values "rancherTurtles" "namespace" }}/rancher-turtles-day2-operations-serving-cert
controller-gen.kubebuilder.io/version: v0.16.1
labels:
turtles-capi.cattle.io: day2-operations
name: etcdsnapshotrestores.turtles-capi.cattle.io
spec:
group: turtles-capi.cattle.io
names:
kind: ETCDSnapshotRestore
listKind: ETCDSnapshotRestoreList
plural: etcdsnapshotrestores
singular: etcdsnapshotrestore
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ETCDSnapshotRestore is the schema for the ETCDSnapshotRestore
API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ETCDSnapshotRestoreSpec defines the desired state of EtcdSnapshotRestore.
properties:
clusterName:
type: string
etcdMachineSnapshotName:
type: string
required:
- clusterName
- etcdMachineSnapshotName
type: object
x-kubernetes-validations:
- message: Cluster Name can't be empty.
rule: size(self.clusterName)>0
- message: ETCD machine snapshot name can't be empty.
rule: size(self.etcdMachineSnapshotName)>0
status:
default: {}
description: ETCDSnapshotRestoreStatus defines observed state of EtcdSnapshotRestore.
properties:
conditions:
description: Conditions provide observations of the operational state
of a Cluster API resource.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when
the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This field may be empty.
maxLength: 10240
minLength: 1
type: string
reason:
description: |-
reason is the reason for the condition's last transition in CamelCase.
The specific API may choose whether or not this field is considered a guaranteed API.
This field may be empty.
maxLength: 256
minLength: 1
type: string
severity:
description: |-
severity provides an explicit classification of Reason code, so the users or machines can immediately
understand the current situation and act accordingly.
The Severity field MUST be set only when Status=False.
maxLength: 32
type: string
status:
description: status of the condition, one of True, False, Unknown.
type: string
type:
description: |-
type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions
can be useful (see .node.status.conditions), the ability to deconflict is important.
maxLength: 256
minLength: 1
type: string
required:
- lastTransitionTime
- status
- type
type: object
type: array
phase:
default: Pending
description: ETCDSnapshotPhase is a string representation of the phase
of the etcd snapshot
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: {{ index .Values "rancherTurtles" "namespace" }}/rancher-turtles-day2-operations-serving-cert
controller-gen.kubebuilder.io/version: v0.16.1
labels:
turtles-capi.cattle.io: day2-operations
name: rke2etcdmachinesnapshotconfigs.turtles-capi.cattle.io
spec:
group: turtles-capi.cattle.io
names:
kind: RKE2EtcdMachineSnapshotConfig
listKind: RKE2EtcdMachineSnapshotConfigList
plural: rke2etcdmachinesnapshotconfigs
singular: rke2etcdmachinesnapshotconfig
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: RKE2EtcdMachineSnapshotConfig is the config for the RKE2EtcdMachineSnapshotConfig
API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: RKE2EtcdMachineSnapshotConfigSpec defines the desired state
of RKE2EtcdMachineSnapshotConfig
properties:
local:
properties:
dataDir:
type: string
required:
- dataDir
type: object
s3:
properties:
bucket:
type: string
endpoint:
type: string
endpointCAsecret:
type: string
folder:
type: string
insecure:
type: boolean
region:
type: string
s3CredentialSecret:
type: string
skipSSLVerify:
type: boolean
type: object
required:
- local
- s3
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: rancher-turtles
app.kubernetes.io/instance: leader-election-role
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: role
app.kubernetes.io/part-of: rancher-turtles
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-leader-election-role
namespace: {{ index .Values "rancherTurtles" "namespace" }}
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
aggregationRule:
clusterRoleSelectors:
- matchLabels:
rancher-turtles-exp/aggregate-to-manager: "true"
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-aggregated-manager-role
rules: []
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
rancher-turtles-exp/aggregate-to-manager: "true"
rancher-turtles/aggregate-to-manager: "true"
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-manager-role
rules:
- apiGroups:
- ""
resources:
- configmaps
- events
- secrets
- serviceaccounts
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- serviceaccounts/token
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
- get
- apiGroups:
- bootstrap.cluster.x-k8s.io
resources:
- rke2configs
- rke2configs/finalizers
- rke2configs/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- clusters
- clusters/status
- machines
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- management.cattle.io
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- rolebindings
- roles
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- turtles-capi.cattle.io
resources:
- etcdmachinesnapshots
- etcdsnapshotrestores
- rke2etcdmachinesnapshotconfigs
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- turtles-capi.cattle.io
resources:
- etcdmachinesnapshots/finalizers
- etcdsnapshotrestores/finalizers
- rke2etcdmachinesnapshotconfigs/finalizers
verbs:
- update
- apiGroups:
- turtles-capi.cattle.io
resources:
- etcdmachinesnapshots/status
- etcdsnapshotrestores/status
- rke2etcdmachinesnapshotconfigs/status
verbs:
- get
- patch
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: rancher-turtles
app.kubernetes.io/instance: leader-election-rolebinding
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: rolebinding
app.kubernetes.io/part-of: rancher-turtles
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-leader-election-rolebinding
namespace: {{ index .Values "rancherTurtles" "namespace" }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: rancher-turtles-day2-operations-leader-election-role
subjects:
- kind: ServiceAccount
name: rancher-turtles-day2-operations-manager
namespace: {{ index .Values "rancherTurtles" "namespace" }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: rancher-turtles
app.kubernetes.io/instance: manager-rolebinding
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: clusterrolebinding
app.kubernetes.io/part-of: rancher-turtles
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: rancher-turtles-day2-operations-aggregated-manager-role
subjects:
- kind: ServiceAccount
name: rancher-turtles-day2-operations-manager
namespace: {{ index .Values "rancherTurtles" "namespace" }}
---
apiVersion: v1
kind: Service
metadata:
labels:
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-webhook-service
namespace: {{ index .Values "rancherTurtles" "namespace" }}
spec:
ports:
- port: 443
targetPort: webhook-server
selector:
turtles-capi.cattle.io: day2-operations
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
labels:
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-serving-cert
namespace: {{ index .Values "rancherTurtles" "namespace" }}
spec:
dnsNames:
- rancher-turtles-day2-operations-webhook-service.{{ index .Values "rancherTurtles" "namespace" }}.svc
- rancher-turtles-day2-operations-webhook-service.{{ index .Values "rancherTurtles" "namespace" }}.svc.cluster.local
issuerRef:
kind: Issuer
name: rancher-turtles-day2-operations-selfsigned-issuer
secretName: rancher-turtles-day2-operations-webhook-service-cert
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
labels:
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-selfsigned-issuer
namespace: {{ index .Values "rancherTurtles" "namespace" }}
spec:
selfSigned: {}
---
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: {{ index .Values "rancherTurtles" "namespace" }}/rancher-turtles-day2-operations-serving-cert
labels:
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-mutating-webhook-configuration
webhooks:
- admissionReviewVersions:
- v1
clientConfig:
service:
name: rancher-turtles-day2-operations-webhook-service
namespace: {{ index .Values "rancherTurtles" "namespace" }}
path: /mutate-bootstrap-cluster-x-k8s-io-v1beta1-rke2config
failurePolicy: Fail
name: systemagentrke2config.kb.io
rules:
- apiGroups:
- bootstrap.cluster.x-k8s.io
apiVersions:
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- rke2configs
sideEffects: None
---
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: {{ index .Values "rancherTurtles" "namespace" }}/rancher-turtles-day2-operations-serving-cert
labels:
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-validating-webhook-configuration
webhooks:
- admissionReviewVersions:
- v1
clientConfig:
service:
name: rancher-turtles-day2-operations-webhook-service
namespace: {{ index .Values "rancherTurtles" "namespace" }}
path: /validate-turtles-capi-cattle-io-v1alpha1-etcdmachinesnapshot
failurePolicy: Fail
matchPolicy: Equivalent
name: etcdmachinesnapshot.kb.io
rules:
- apiGroups:
- turtles-capi.cattle.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- etcdmachinesnapshots
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: rancher-turtles-day2-operations-webhook-service
namespace: {{ index .Values "rancherTurtles" "namespace" }}
path: /validate-turtles-capi-cattle-io-v1alpha1-etcdsnapshotrestore
failurePolicy: Fail
matchPolicy: Equivalent
name: etcdsnapshotrestore.kb.io
rules:
- apiGroups:
- turtles-capi.cattle.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- etcdsnapshotrestores
sideEffects: None
{{- end }}

106
rancher-turtles-chart/templates/rancher-turtles-exp-day2-deployment.yaml
View File

@@ -1,106 +0,0 @@
{{- if index .Values "rancherTurtles" "features" "day2operations" "enabled" }}
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
control-plane: controller-manager
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-controller-manager
namespace: '{{ .Values.rancherTurtles.namespace }}'
spec:
replicas: 1
selector:
matchLabels:
control-plane: controller-manager
turtles-capi.cattle.io: day2-operations
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: manager
labels:
control-plane: controller-manager
turtles-capi.cattle.io: day2-operations
spec:
containers:
- args:
- --leader-elect
- --feature-gates=etcd-backup-restore={{ .Values.rancherTurtles.features.day2operations.etcdBackupRestore.enabled }}
command:
- ./turtles-day2-operations
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_UID
valueFrom:
fieldRef:
fieldPath: metadata.uid
{{- if (contains "sha256:" .Values.rancherTurtles.features.day2operations.imageVersion) }}
image: '{{ .Values.rancherTurtles.features.day2operations.image }}@{{ .Values.rancherTurtles.features.day2operations.imageVersion }}'
{{- else }}
image: '{{ .Values.rancherTurtles.features.day2operations.image }}:{{ .Values.rancherTurtles.features.day2operations.imageVersion }}'
{{- end }}
imagePullPolicy: '{{ .Values.rancherTurtles.features.day2operations.imagePullPolicy }}'
livenessProbe:
httpGet:
path: /healthz
port: 9440
initialDelaySeconds: 15
periodSeconds: 20
name: manager
ports:
- containerPort: 9443
name: webhook-server
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9440
initialDelaySeconds: 5
periodSeconds: 10
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 10m
memory: 64Mi
volumeMounts:
{{- if .Values.rancherTurtles.features.day2operations.etcdBackupRestore.enabled }}
- mountPath: /tmp/k8s-webhook-server/serving-certs
name: cert
readOnly: true
{{- end }}
serviceAccountName: rancher-turtles-day2-operations-manager
terminationGracePeriodSeconds: 10
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
volumes:
{{- if .Values.rancherTurtles.features.day2operations.etcdBackupRestore.enabled }}
- name: cert
secret:
secretName: rancher-turtles-day2-operations-webhook-service-cert
{{- end }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: rancher-turtles
app.kubernetes.io/instance: controller-manager-sa
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: serviceaccount
app.kubernetes.io/part-of: rancher-turtles
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-manager
namespace: '{{ .Values.rancherTurtles.namespace }}'
{{- end }}

52
rancher-turtles-chart/templates/rke2-bootstrap.yaml
View File

@@ -1,52 +0,0 @@
{{- if and (index .Values "cluster-api-operator" "cluster-api" "enabled") (index .Values "cluster-api-operator" "cluster-api" "rke2" "enabled") }}
{{- $namespace := index .Values "cluster-api-operator" "cluster-api" "rke2" "bootstrap" "namespace" }}
{{- if not (lookup "v1" "Namespace" "" $namespace) }}
---
apiVersion: v1
kind: Namespace
metadata:
annotations:
"helm.sh/hook": "post-install, post-upgrade"
"helm.sh/hook-weight": "1"
"helm.sh/resource-policy": keep
name: {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "bootstrap" "namespace" }}
{{- end }}
---
apiVersion: turtles-capi.cattle.io/v1alpha1
kind: CAPIProvider
metadata:
name: rke2-bootstrap
namespace: {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "bootstrap" "namespace" }}
annotations:
"helm.sh/hook": "post-install, post-upgrade"
"helm.sh/hook-weight": "2"
"helm.sh/resource-policy": keep
spec:
name: rke2
type: bootstrap
enableAutomaticUpdate: {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "enableAutomaticUpdate" }}
{{- if index .Values "cluster-api-operator" "cluster-api" "rke2" "version" }}
version: {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "version" }}
{{- end }}
configSecret:
{{- if index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }}
name: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }}
{{ else }}
name: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "defaultName" }}
{{- end }}
{{- if or (index .Values "cluster-api-operator" "cluster-api" "rke2" "bootstrap" "fetchConfig" "url") (index .Values "cluster-api-operator" "cluster-api" "rke2" "bootstrap" "fetchConfig" "selector") }}
fetchConfig:
{{- if index .Values "cluster-api-operator" "cluster-api" "rke2" "bootstrap" "fetchConfig" "url" }}
url: {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "bootstrap" "fetchConfig" "url" }}
{{- end }}
{{- if index .Values "cluster-api-operator" "cluster-api" "rke2" "bootstrap" "fetchConfig" "selector" }}
selector: {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "bootstrap" "fetchConfig" "selector" }}
{{- end }}
{{- end }}
{{- if index .Values "cluster-api-operator" "cluster-api" "rke2" "bootstrap" "imageUrl" }}
deployment:
containers:
- name: manager
imageUrl: {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "bootstrap" "imageUrl" }}
{{- end }}
{{- end }}

52
rancher-turtles-chart/templates/rke2-controlplane.yaml
View File

@@ -1,52 +0,0 @@
{{- if and (index .Values "cluster-api-operator" "cluster-api" "enabled") (index .Values "cluster-api-operator" "cluster-api" "rke2" "enabled") }}
{{- $namespace := index .Values "cluster-api-operator" "cluster-api" "rke2" "controlPlane" "namespace" }}
{{- if not (lookup "v1" "Namespace" "" $namespace) }}
---
apiVersion: v1
kind: Namespace
metadata:
annotations:
"helm.sh/hook": "post-install, post-upgrade"
"helm.sh/hook-weight": "1"
"helm.sh/resource-policy": keep
name: {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "controlPlane" "namespace" }}
{{- end }}
---
apiVersion: turtles-capi.cattle.io/v1alpha1
kind: CAPIProvider
metadata:
name: rke2-control-plane
namespace: {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "controlPlane" "namespace" }}
annotations:
"helm.sh/hook": "post-install, post-upgrade"
"helm.sh/hook-weight": "2"
"helm.sh/resource-policy": keep
spec:
name: rke2
type: controlPlane
enableAutomaticUpdate: {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "enableAutomaticUpdate" }}
{{- if index .Values "cluster-api-operator" "cluster-api" "rke2" "version" }}
version: {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "version" }}
{{- end }}
configSecret:
{{- if index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }}
name: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }}
{{ else }}
name: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "defaultName" }}
{{- end }}
{{- if or (index .Values "cluster-api-operator" "cluster-api" "rke2" "controlPlane" "fetchConfig" "url") (index .Values "cluster-api-operator" "cluster-api" "rke2" "controlPlane" "fetchConfig" "selector") }}
fetchConfig:
{{- if index .Values "cluster-api-operator" "cluster-api" "rke2" "controlPlane" "fetchConfig" "url" }}
url: {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "controlPlane" "fetchConfig" "url" }}
{{- end }}
{{- if index .Values "cluster-api-operator" "cluster-api" "rke2" "controlPlane" "fetchConfig" "selector" }}
selector: {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "controlPlane" "fetchConfig" "selector" }}
{{- end }}
{{- end }}
{{- if index .Values "cluster-api-operator" "cluster-api" "rke2" "controlPlane" "imageUrl" }}
deployment:
containers:
- name: manager
imageUrl: {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "controlPlane" "imageUrl" }}
{{- end }}
{{- end }}

16
rancher-turtles-chart/templates/ui-plugin.yaml
View File

@@ -1,16 +0,0 @@
{{- if and (index .Values "turtlesUI" "enabled") (index .Values "rancherTurtles" "rancherInstalled") }}
apiVersion: catalog.cattle.io/v1
kind: UIPlugin
metadata:
name: capi
namespace: '{{ .Values.rancherTurtles.namespace }}'
spec:
plugin:
endpoint: https://raw.githubusercontent.com/rancher/capi-ui-extension/gh-pages/extensions/capi/{{ index .Values "turtlesUI" "version" | toString }}
name: capi
version: {{ index .Values "turtlesUI" "version" }}
metadata:
catalog.cattle.io/display-name: CAPI UI
catalog.cattle.io/experimental: "true"
catalog.cattle.io/ui-extensions-version: ">= 3.0.0"
{{- end }}

332
rancher-turtles-chart/values.schema.json
View File

@@ -1,332 +0,0 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Helm Chart Values Schema",
"type": "object",
"properties": {
"turtlesUI": {
"type": "object",
"description": "Manages the UI component.",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"description": "Turn UI on or off."
},
"version": {
"type": "string",
"default": "0.8.2",
"description": "UI version to use."
}
}
},
"rancherTurtles": {
"type": "object",
"description": "Sets up the cluster management controller.",
"properties": {
"image": {
"type": "string",
"default": "controller",
"description": "Controller container image."
},
"imageVersion": {
"type": "string",
"default": "v0.0.0",
"description": "Image tag."
},
"imagePullPolicy": {
"type": "string",
"default": "IfNotPresent",
"description": "Specify image pull policy."
},
"namespace": {
"type": "string",
"default": "rancher-turtles-system",
"description": "Namespace for Turtles to run."
},
"managerArguments": {
"type": "array",
"default": [],
"description": "Extra args for the controller.",
"items": { "type": "string" }
},
"imagePullSecrets": {
"type": "array",
"default": [],
"description": "Secrets for private registries.",
"items": { "type": "string" }
},
"rancherInstalled": {
"type": "boolean",
"default": true,
"description": "True if Rancher is already installed in the cluster."
},
"kubectlImage": {
"type": "string",
"default": "registry.k8s.io/kubernetes/kubectl:v1.31.4",
"description": "Image for kubectl tasks."
},
"features": {
"type": "object",
"description": "Optional and experimental features.",
"properties": {
"day2operations": {
"type": "object",
"description": "Alpha feature.",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"description": "Turn on or off."
},
"image": {
"type": "string",
"default": "controller",
"description": "Image for day-2 ops."
},
"imageVersion": {
"type": "string",
"default": "v0.0.0",
"description": "Image tag."
},
"imagePullPolicy": {
"type": "string",
"default": "IfNotPresent",
"description": "Specify image pull policy."
},
"etcdBackupRestore": {
"type": "object",
"description": "Manages etcd backup/restore.",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"description": "Turn on (true) or off (false)."
}
}
}
}
},
"addon-provider-fleet": {
"type": "object",
"description": "Beta feature for fleet addons.",
"properties": {
"enabled": {
"type": "boolean",
"default": true,
"description": "Turn on or off."
}
}
},
"agent-tls-mode": {
"type": "object",
"description": "Alpha feature for agent TLS.",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"description": "Turn on or off."
}
}
},
"clusterclass-operations": {
"type": "object",
"description": "Alpha feature. Not ready for testing yet.",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"description": "Turn on or off."
},
"image": {
"type": "string",
"default": "controller",
"description": "Image for cluster class ops."
},
"imageVersion": {
"type": "string",
"default": "v0.0.0",
"description": "Image tag."
},
"imagePullPolicy": {
"type": "string",
"default": "IfNotPresent",
"description": "Pull policy."
}
}
}
}
},
"volumes": {
"type": "array",
"description": "Volumes for controller pods.",
"items": {
"type": "object",
"required": [
"name",
"configMap"
],
"properties": {
"name": {
"type": "string"
},
"configMap": {
"type": "object",
"properties": {
"name": {
"type": "string",
"default": "clusterctl-config",
"description": "ConfigMap for clusterctl."
}
}
}
}
}
},
"volumeMounts": {
"type": "object",
"properties": {
"manager": {
"type": "array",
"description": "Mount volumes to pods.",
"items": {
"type": "object",
"properties": {
"mountPath": { "type": "string" },
"name": { "type": "string" },
"readOnly": {
"type": "boolean",
"default": true,
"description": "Mount as read-only."
}
}
}
}
}
}
}
},
"cluster-api-operator": {
"type": "object",
"description": "Manages Cluster API components.",
"properties": {
"cleanup": {
"type": "boolean",
"default": true,
"description": "Enable cleanup tasks."
},
"cluster-api": {
"type": "object",
"description": "Cluster API component settings.",
"properties": {
"enabled": {
"type": "boolean",
"default": true,
"description": "Turn on or off."
},
"configSecret": {
"type": "object",
"properties": {
"name": {
"type": "string",
"default": "",
"description": "Custom secret name (if overriding)."
},
"defaultName": {
"type": "string",
"default": "capi-env-variables",
"description": "Default secret name."
}
}
},
"core": {
"type": "object",
"properties": {
"namespace": {
"type": "string",
"default": "capi-system",
"description": "Core component namespace."
},
"imageUrl": {
"type": "string",
"default": "",
"description": "Custom image URL."
},
"fetchConfig": {
"type": "object",
"properties": {
"url": { "type": "string", "default": "" },
"selector": { "type": "string", "default": "" }
}
},
"enableAutomaticUpdates": {
"type": "boolean",
"default": true,
"description": "Allow the provider to update automatically when a new Turtles version is installed."
},
"version": {
"type": "string",
"default": "",
"description": "CAPI core provider version."
}
}
},
"rke2": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"default": true,
"description": "Turn on or off."
},
"version": {
"type": "string",
"default": "",
"description": "RKE2 version."
},
"enableAutomaticUpdates": {
"type": "boolean",
"default": true,
"description": "Allow the provider to update automatically when a new Turtles version is installed."
},
"bootstrap": {
"type": "object",
"properties": {
"namespace": {
"type": "string",
"default": "rke2-bootstrap-system"
},
"imageUrl": { "type": "string", "default": "" },
"fetchConfig": {
"type": "object",
"properties": {
"url": { "type": "string", "default": "" },
"selector": { "type": "string", "default": "" }
}
}
}
},
"controlPlane": {
"type": "object",
"properties": {
"namespace": {
"type": "string",
"default": "rke2-control-plane-system"
},
"imageUrl": { "type": "string", "default": "" },
"fetchConfig": {
"type": "object",
"properties": {
"url": { "type": "string", "default": "" },
"selector": { "type": "string", "default": "" }
}
}
}
}
}
}
}
}
}
}
}
}

154
rancher-turtles-chart/values.yaml
View File

@@ -1,154 +0,0 @@
# turtlesUI: Manages the UI component.
turtlesUI:
# enabled: Turn UI on or off.
enabled: false
# version: UI version to use.
version: 0.8.2
# rancherTurtles: Sets up the cluster management controller.
rancherTurtles:
# image: registry.rancher.com/rancher/rancher/turtles
image: registry.rancher.com/rancher/rancher/turtles
# imageVersion: v0.24.3
imageVersion: v0.24.3
# imagePullPolicy: IfNotPresent
imagePullPolicy: IfNotPresent
# namespace: Select namespace for Turtles to run.
namespace: rancher-turtles-system
# managerArguments: Extra args for the controller.
managerArguments: []
# imagePullSecrets: Secrets for private registries.
imagePullSecrets: []
# rancherInstalled: True if Rancher already installed is in the cluster, this is the preferred installation way.
rancherInstalled: false
# kubectlImage: Image for kubectl tasks.
kubectlImage: "%%IMG_REPO%%/%%IMG_PREFIX%%kubectl:1.33.4"
# shellImage: Image for shell tasks.
shellImage: registry.rancher.com/rancher/kuberlr-kubectl:v5.0.0
# features: Optional and experimental features.
features:
# day2operations: Alpha feature.
day2operations:
# enabled: Turn on or off.
enabled: false
# image: registry.rancher.com/rancher/rancher/turtles
image: registry.rancher.com/rancher/rancher/turtles
# imageVersion: v0.24.3
imageVersion: v0.24.3
# imagePullPolicy: IfNotPresent
imagePullPolicy: IfNotPresent
# etcdBackupRestore: Alpha feature. Manages etcd backup/restore.
etcdBackupRestore:
# enabled: Turn on (true) or off (false).
enabled: false
# agent-tls-mode: Beta feature for agent TLS.
agent-tls-mode:
# enabled: Turn on or off.
enabled: true
# no-cert-manager: Alpha feature for cert-manager removal.
no-cert-manager:
# enabled: Turn on or off.
enabled: false
# clusterclass-operations: Alpha feature. Manages cluster class ops. Not ready for testing yet.
clusterclass-operations:
# enabled: Turn on or off.
enabled: false
# image: registry.rancher.com/rancher/rancher/turtles
image: registry.rancher.com/rancher/rancher/turtles
# imageVersion: v0.24.3
imageVersion: v0.24.3
# imagePullPolicy: IfNotPresent
imagePullPolicy: IfNotPresent
# volumes: Volumes for controller pods.
volumes:
- name: clusterctl-config
configMap:
name: clusterctl-config
# volumeMounts: Volume mounts for controller pods.
volumeMounts:
manager:
- mountPath: /config
name: clusterctl-config
# cluster-api-operator: Manages Cluster API components.
cluster-api-operator:
# cleanup: Enable cleanup tasks.
cleanup: true
# cluster-api: Cluster API component settings.
cluster-api:
# enabled: Turn on or off.
enabled: true
# configSecret: Secret for Cluster API config.
configSecret:
# name: Custom secret name (if overriding).
name: ""
# defaultName: Default secret name.
defaultName: capi-env-variables
# core: Core Cluster API settings.
core:
# namespace: Core component namespace.
namespace: capi-system
# version: Core ClusterAPI version.
version: ""
# enableAutomaticUpdate: Allow the provider to update automatically when a new Turtles version is installed.
enableAutomaticUpdate: true
# imageUrl: Custom image URL.
imageUrl: ""
# fetchConfig: Config fetching settings.
fetchConfig:
# url: Config fetch URL.
url: ""
# selector: Config selector.
selector: ""
# rke2: RKE2 provider settings.
rke2:
# enabled: Turn on or off.
enabled: true
# version: RKE2 version.
version: ""
# enableAutomaticUpdate: Allow the provider to update automatically when a new Turtles version is installed.
enableAutomaticUpdate: true
# bootstrap: RKE2 bootstrap provider.
bootstrap:
# namespace: Bootstrap namespace.
namespace: rke2-bootstrap-system
# imageUrl: Custom image URL.
imageUrl: ""
# fetchConfig: Config fetching settings.
fetchConfig:
# url: Config fetch URL.
url: ""
# selector: Config selector.
selector: ""
# controlPlane: RKE2 control plane provider.
controlPlane:
# namespace: Control plane namespace.
namespace: rke2-control-plane-system
# imageUrl: Custom image URL.
imageUrl: ""
# fetchConfig: Config fetching settings.
fetchConfig:
# url: Config fetch URL.
url: ""
# selector: Config selector.
selector: ""
metal3:
enabled: true
version: "v1.10.2"
infrastructure:
namespace: capm3-system
imageUrl: "registry.suse.com/rancher/cluster-api-provider-metal3:v1.10.2"
fetchConfig:
url: ""
selector: ""
ipam:
namespace: metal3-ipam-system
imageUrl: "registry.suse.com/rancher/ip-address-manager:v1.10.2"
fetchConfig:
url: ""
selector: ""
fleet:
addon:
fetchConfig:
url: ""
selector: ""

8
rancher-turtles-providers-chart/Chart.yaml
View File

@@ -1,5 +1,5 @@
#!BuildTag: %%CHART_PREFIX%%rancher-turtles-providers:%%CHART_MAJOR%%.0.3_up0.0.0
#!BuildTag: %%CHART_PREFIX%%rancher-turtles-providers:%%CHART_MAJOR%%.0.3_up0.0.0-%RELEASE%
#!BuildTag: %%CHART_PREFIX%%rancher-turtles-providers:%%CHART_MAJOR%%.0.4_up0.25.1
#!BuildTag: %%CHART_PREFIX%%rancher-turtles-providers:%%CHART_MAJOR%%.0.4_up0.25.1-%RELEASE%
annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/display-name: Rancher Turtles Providers for SUSE Edge
@@ -10,7 +10,7 @@ annotations:
catalog.cattle.io/scope: management
catalog.cattle.io/type: cluster-tool
apiVersion: v2
appVersion: 0.0.0
appVersion: 0.25.1
description: This chart installs the Rancher Turtles providers for SUSE Edge.
home: https://turtles.docs.rancher.com/turtles/stable/en/overview/certified.html
icon: https://raw.githubusercontent.com/rancher/turtles/main/logos/capi.svg
@@ -21,4 +21,4 @@ keywords:
- provisioning
- provider
name: rancher-turtles-providers
version: "%%CHART_MAJOR%%.0.3+up0.0.0"
version: "%%CHART_MAJOR%%.0.4+up0.25.1"

3
rancher-turtles-providers-chart/templates/addon-fleet.yaml
View File

@@ -1,9 +1,12 @@
{{- if index .Values "providers" "addonFleet" "enabled" }}
{{- $namespace := index .Values "providers" "addonFleet" "namespace" }}
{{- if not (lookup "v1" "Namespace" "" $namespace) }}
---
apiVersion: v1
kind: Namespace
metadata:
name: {{ index .Values "providers" "addonFleet" "namespace" }}
{{- end }}
---
apiVersion: v1
kind: ConfigMap

3
rancher-turtles-providers-chart/templates/bootstrap-rke2.yaml
View File

@@ -1,9 +1,12 @@
{{- if index .Values "providers" "bootstrapRKE2" "enabled" }}
{{- $namespace := index .Values "providers" "bootstrapRKE2" "namespace" }}
{{- if not (lookup "v1" "Namespace" "" $namespace) }}
---
apiVersion: v1
kind: Namespace
metadata:
name: {{ index .Values "providers" "bootstrapRKE2" "namespace" }}
{{- end }}
---
apiVersion: turtles-capi.cattle.io/v1alpha1
kind: CAPIProvider

3
rancher-turtles-providers-chart/templates/controlplane-rke2.yaml
View File

@@ -1,9 +1,12 @@
{{- if index .Values "providers" "controlplaneRKE2" "enabled" }}
{{- $namespace := index .Values "providers" "controlplaneRKE2" "namespace" }}
{{- if not (lookup "v1" "Namespace" "" $namespace) }}
---
apiVersion: v1
kind: Namespace
metadata:
name: {{ index .Values "providers" "controlplaneRKE2" "namespace" }}
{{- end }}
---
apiVersion: turtles-capi.cattle.io/v1alpha1
kind: CAPIProvider

6
release-manifest-image/Dockerfile
View File

@@ -1,4 +1,4 @@
#!BuildTag: %%IMG_PREFIX%%release-manifest:3.5.0
#!BuildTag: %%IMG_PREFIX%%release-manifest:3.6.0
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION
@@ -7,11 +7,11 @@ FROM registry.suse.com/bci/bci-micro:$SLE_VERSION
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SUSE Edge Release Manifest"
LABEL org.opencontainers.image.description="Release Manifest containing information about a specific SUSE Edge release"
LABEL org.opencontainers.image.version="3.5.0"
LABEL org.opencontainers.image.version="3.6.0"
LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%release-manifest:3.5.0"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%release-manifest:3.6.0"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
LABEL com.suse.eula="SUSE Combined EULA February 2024"

104
release-manifest-image/release_images.yaml
View File

@@ -1,66 +1,68 @@
images:
- name: quay.io/jetstack/cert-manager-cainjector:v1.18.2
- name: quay.io/jetstack/cert-manager-cainjector:v1.18.2
- name: quay.io/jetstack/cert-manager-controller:v1.18.2
- name: quay.io/jetstack/cert-manager-webhook:v1.18.2
- name: registry.k8s.io/e2e-test-images/agnhost:2.39
- name: %%IMG_REPO%%/%%IMG_PREFIX%%akri-agent:v0.12.20
- name: %%IMG_REPO%%/%%IMG_PREFIX%%akri-controller:v0.12.20
- name: %%IMG_REPO%%/%%IMG_PREFIX%%akri-webhook-configuration:v0.12.20
- name: %%IMG_REPO%%/%%IMG_PREFIX%%baremetal-operator:0.11.2.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%endpoint-copier-operator:0.3.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.10
- name: %%IMG_REPO%%/%%IMG_PREFIX%%ib-sriov-cni:v1.3.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader:3.0.11
- name: %%IMG_REPO%%/%%IMG_PREFIX%%ironic:32.0.0.1
- name: %%IMG_REPO%%/%%IMG_PREFIX%%metallb-controller:v0.15.2
- name: %%IMG_REPO%%/%%IMG_PREFIX%%metallb-speaker:v0.15.2
- name: %%IMG_REPO%%/%%IMG_PREFIX%%upgrade-controller:0.1.1
- name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-manager:v1.6.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-config-daemon:v1.6.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-webhook:v1.6.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-cni:v2.10.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%ib-sriov-cni:v1.3.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-device-plugin:v3.10.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%network-resources-injector:v1.8.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%node-feature-discovery:v0.18.2
- name: registry.rancher.com/rancher/fleet-agent:v0.13.1
- name: registry.rancher.com/rancher/fleet:v0.13.1
- name: registry.rancher.com/rancher/hardened-cluster-autoscaler:v1.10.2-build20250611
- name: registry.rancher.com/rancher/hardened-cni-plugins:v1.7.1-build20250611
- name: registry.rancher.com/rancher/hardened-coredns:v1.12.2-build20250611
- name: registry.rancher.com/rancher/hardened-etcd:v3.5.21-k3s1-build20250612
- name: registry.rancher.com/rancher/hardened-k8s-metrics-server:v0.8.0-build20250704
- name: registry.rancher.com/rancher/hardened-kubernetes:v1.33.3-rke2r1-build20250716
- name: registry.rancher.com/rancher/hardened-multus-cni:v4.2.1-build20250627
- name: registry.rancher.com/rancher/hardened-node-feature-discovery:v0.15.7-build20250425
- name: registry.rancher.com/rancher/klipper-helm:v0.9.8-build20250709
- name: registry.rancher.com/rancher/mirrored-cilium-cilium:v1.17.6
- name: registry.rancher.com/rancher/mirrored-cilium-operator-generic:v1.17.6
- name: registry.rancher.com/rancher/mirrored-longhornio-csi-attacher:v4.9.0-20250709
- name: registry.rancher.com/rancher/mirrored-longhornio-csi-node-driver-registrar:v2.14.0-20250709
- name: registry.rancher.com/rancher/mirrored-longhornio-csi-provisioner:v5.3.0-20250709
- name: registry.rancher.com/rancher/mirrored-longhornio-csi-resizer:v1.14.0-20250709
- name: registry.rancher.com/rancher/mirrored-longhornio-csi-snapshotter:v8.3.0-20250709
- name: registry.rancher.com/rancher/mirrored-longhornio-livenessprobe:v2.16.0-20250709
- name: registry.rancher.com/rancher/mirrored-longhornio-longhorn-engine:v1.9.2
- name: registry.rancher.com/rancher/mirrored-longhornio-longhorn-instance-manager:v1.9.2
- name: registry.rancher.com/rancher/mirrored-longhornio-longhorn-manager:v1.9.2
- name: registry.rancher.com/rancher/mirrored-longhornio-longhorn-share-manager:v1.9.2
- name: registry.rancher.com/rancher/mirrored-longhornio-longhorn-ui:v1.9.2
- name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-cni:v2.10.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-config-daemon:v1.6.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-device-plugin:v3.10.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-manager:v1.6.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-webhook:v1.6.0
- name: %%IMG_REPO%%/%%IMG_PREFIX%%upgrade-controller:0.1.2
- name: dp.apps.rancher.io/containers/kubernetes-csi-external-attacher:4.10.0-8.8
- name: dp.apps.rancher.io/containers/kubernetes-csi-external-provisioner:5.3.0-8.8
- name: dp.apps.rancher.io/containers/kubernetes-csi-external-resizer:1.14.0-8.8
- name: dp.apps.rancher.io/containers/kubernetes-csi-external-snapshotter:8.4.0-8.9
- name: dp.apps.rancher.io/containers/kubernetes-csi-livenessprobe:2.17.0-8.8
- name: dp.apps.rancher.io/containers/kubernetes-csi-node-driver-registrar:2.15.0-8.8
- name: dp.apps.rancher.io/containers/longhorn-engine:1.10.1-1.16
- name: dp.apps.rancher.io/containers/longhorn-instance-manager:1.10.1-1.17
- name: dp.apps.rancher.io/containers/longhorn-manager:1.10.1-1.9
- name: dp.apps.rancher.io/containers/longhorn-share-manager:1.10.1-1.8
- name: dp.apps.rancher.io/containers/longhorn-ui:1.10.1-1.8
- name: quay.io/jetstack/cert-manager-cainjector:v1.19.2
- name: quay.io/jetstack/cert-manager-controller:v1.19.2
- name: quay.io/jetstack/cert-manager-webhook:v1.19.2
- name: registry.k8s.io/e2e-test-images/agnhost:2.39
- name: registry.rancher.com/rancher/cluster-api-controller:v1.10.6
- name: registry.rancher.com/rancher/fleet-agent:v0.14.1
- name: registry.rancher.com/rancher/fleet:v0.14.1
- name: registry.rancher.com/rancher/hardened-cluster-autoscaler:v1.10.2-build20251015
- name: registry.rancher.com/rancher/hardened-cni-plugins:v1.8.0-build20251014
- name: registry.rancher.com/rancher/hardened-coredns:v1.13.1-build20251015
- name: registry.rancher.com/rancher/hardened-etcd:v3.6.5-k3s1-build20251017
- name: registry.rancher.com/rancher/hardened-k8s-metrics-server:v0.8.0-build20251015
- name: registry.rancher.com/rancher/hardened-kubernetes:v1.34.2-rke2r1-build20251112
- name: registry.rancher.com/rancher/hardened-multus-cni:v4.2.3-build20251031
- name: registry.rancher.com/rancher/ip-address-manager:v1.10.4
- name: registry.rancher.com/rancher/klipper-helm:v0.9.10-build20251111
- name: registry.rancher.com/rancher/mirrored-cilium-cilium:v1.18.3
- name: registry.rancher.com/rancher/mirrored-cilium-operator-generic:v1.18.3
- name: registry.rancher.com/rancher/mirrored-sig-storage-snapshot-controller:v8.2.0
- name: registry.rancher.com/rancher/neuvector-compliance-config:1.0.9
- name: registry.rancher.com/rancher/neuvector-controller:5.4.8
- name: registry.rancher.com/rancher/neuvector-enforcer:5.4.8
- name: registry.rancher.com/rancher/nginx-ingress-controller:v1.12.4-hardened2
- name: registry.rancher.com/rancher/rancher-webhook:v0.8.1
- name: registry.rancher.com/rancher/rancher/turtles:v0.24.3
- name: registry.rancher.com/rancher/rancher:v2.13.0
- name: registry.rancher.com/rancher/rke2-cloud-provider:v1.33.1-0.20250516163953-99d91538b132-build20250612
- name: registry.rancher.com/rancher/scc-operator:v0.1.1
- name: registry.rancher.com/rancher/system-upgrade-controller:v0.16.0
- name: registry.suse.com/rancher/cluster-api-addon-provider-fleet:v0.11.0
- name: registry.suse.com/rancher/cluster-api-controller:v1.10.5
- name: registry.suse.com/rancher/cluster-api-provider-metal3:v1.10.2
- name: registry.suse.com/rancher/cluster-api-provider-rke2-bootstrap:v0.20.1
- name: registry.suse.com/rancher/cluster-api-provider-rke2-controlplane:v0.20.1
- name: registry.suse.com/rancher/elemental-operator:1.7.3
- name: registry.suse.com/rancher/ip-address-manager:v1.10.2
- name: registry.rancher.com/rancher/nginx-ingress-controller:v1.13.4-hardened1
- name: registry.rancher.com/rancher/rancher-webhook:v0.9.1
- name: registry.rancher.com/rancher/rancher:v2.13.1
- name: registry.rancher.com/rancher/rke2-cloud-provider:v1.34.2-0.20251010190833-cf0d35a732d1-build20251017
- name: registry.rancher.com/rancher/scc-operator:v0.3.1
- name: registry.rancher.com/rancher/shell:v0.6.1
- name: registry.rancher.com/rancher/system-upgrade-controller:v0.17.0
- name: registry.rancher.com/rancher/turtles:v0.25.1
- name: registry.suse.com/rancher/cluster-api-addon-provider-fleet:v0.12.0
- name: registry.suse.com/rancher/cluster-api-provider-metal3:v1.10.4
- name: registry.suse.com/rancher/cluster-api-provider-rke2-bootstrap:v0.21.1
- name: registry.suse.com/rancher/cluster-api-provider-rke2-controlplane:v0.21.1
- name: registry.suse.com/rancher/elemental-operator:1.8.0
- name: registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1
- name: registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1
- name: registry.suse.com/suse/sles/15.7/cdi-operator:1.62.0-150700.9.3.1

39
release-manifest-image/release_manifest.yaml
View File

@@ -1,9 +1,9 @@
apiVersion: lifecycle.suse.com/v1alpha1
kind: ReleaseManifest
metadata:
name: release-manifest-3-5-0
name: release-manifest-3-6-0
spec:
releaseVersion: 3.5.0
releaseVersion: 3.6.0
components:
kubernetes:
k3s:
@@ -85,22 +85,15 @@ spec:
- prettyName: Rancher
releaseName: rancher
chart: rancher
# Temporary switch to rancher latest until prime is released
version: 2.13.0
repository: https://releases.rancher.com/server-charts/latest
version: 2.13.1
repository: https://charts.rancher.com/server-charts/prime
values:
postDelete:
enabled: false
- prettyName: Longhorn
releaseName: longhorn
chart: longhorn
version: 108.1.0+up1.9.2
repository: https://charts.rancher.io
dependencyCharts:
- releaseName: longhorn-crd
chart: longhorn-crd
version: 108.1.0+up1.9.2
repository: https://charts.rancher.io
chart: oci://dp.apps.rancher.io/charts/suse-storage
version: 1.10.1
- prettyName: MetalLB
releaseName: metallb
chart: '%%CHART_REPO%%/%%CHART_PREFIX%%metallb'
@@ -139,11 +132,11 @@ spec:
- prettyName: Elemental
releaseName: elemental-operator
chart: oci://registry.suse.com/rancher/elemental-operator-chart
version: 1.7.3
version: 1.8.0
dependencyCharts:
- releaseName: elemental-operator-crds
chart: oci://registry.suse.com/rancher/elemental-operator-crds-chart
version: 1.7.3
version: 1.8.0
addonCharts:
- releaseName: elemental
chart: elemental
@@ -168,17 +161,13 @@ spec:
- prettyName: Metal3
releaseName: metal3
chart: '%%CHART_REPO%%/%%CHART_PREFIX%%metal3'
version: '%%CHART_MAJOR%%.0.21+up0.13.0'
- prettyName: RancherTurtles
releaseName: rancher-turtles
chart: '%%CHART_REPO%%/%%CHART_PREFIX%%rancher-turtles'
version: '%%CHART_MAJOR%%.0.7+up0.24.3'
- prettyName: RancherTurtlesAirgapResources
releaseName: rancher-turtles-airgap-resources
chart: '%%CHART_REPO%%/%%CHART_PREFIX%%rancher-turtles-airgap-resources'
version: '%%CHART_MAJOR%%.0.7+up0.24.3'
version: '%%CHART_MAJOR%%.0.23+up0.13.1'
- prettyName: RancherTurtlesProviders
releaseName: rancher-turtles-providers
chart: '%%CHART_REPO%%/%%CHART_PREFIX%%rancher-turtles-providers'
version: '%%CHART_MAJOR%%.0.4+up0.25.1'
- prettyName: CertManager
releaseName: cert-manager
chart: cert-manager
version: 1.18.2
version: 1.19.2
repository: https://charts.jetstack.io

51
sriov-network-operator/operator-webhook-load-renewed-certs.patch Normal file
View File

@@ -0,0 +1,51 @@
diff --git a/cmd/webhook/start.go b/cmd/webhook/start.go
index c66d6c8b..23eaf928 100644
--- a/cmd/webhook/start.go
+++ b/cmd/webhook/start.go
@@ -25,14 +25,12 @@ var (
enableHTTP2 bool
)
-var (
- startCmd = &cobra.Command{
- Use: "start",
- Short: "Starts Webhook Daemon",
- Long: "Starts Webhook Daemon",
- Run: runStartCmd,
- }
-)
+var startCmd = &cobra.Command{
+ Use: "start",
+ Short: "Starts Webhook Daemon",
+ Long: "Starts Webhook Daemon",
+ Run: runStartCmd,
+}
// admitv1Func handles a v1 admission
type admitv1Func func(v1.AdmissionReview) *v1.AdmissionResponse
@@ -190,10 +188,10 @@ func runStartCmd(cmd *cobra.Command, args []string) {
certUpdated := false
keyUpdated := false
- for {
- watcher.Add(certFile)
- watcher.Add(keyFile)
+ watcher.Add(certFile)
+ watcher.Add(keyFile)
+ for {
select {
case event, ok := <-watcher.Events:
if !ok {
@@ -206,9 +204,11 @@ func runStartCmd(cmd *cobra.Command, args []string) {
setupLog.Info("modified file", "name", event.Name)
if event.Name == certFile {
certUpdated = true
+ watcher.Add(certFile)
}
if event.Name == keyFile {
keyUpdated = true
+ watcher.Add(keyFile)
}
if keyUpdated && certUpdated {
if err := keyPair.Reload(); err != nil {

3
sriov-network-operator/sriov-network-operator.spec
View File

@@ -24,6 +24,9 @@ License: Apache-2.0
URL: https://github.com/k8snetworkplumbingwg/sriov-network-operator
Source: sriov-network-operator-%{version}.tar
Source1: vendor.tar.gz
# Patch1 below backports changes from PR#946 (https://github.com/k8snetworkplumbingwg/sriov-network-operator/pull/946);
# to be removed once bumping (>= v1.7.0 upstrean)
Patch1: operator-webhook-load-renewed-certs.patch
BuildRequires: golang(API) = 1.23
ExcludeArch: s390
ExcludeArch: %{ix86}

10
upgrade-controller-chart/Chart.yaml
View File

@@ -1,13 +1,13 @@
#!BuildTag: %%CHART_PREFIX%%upgrade-controller:%%CHART_MAJOR%%.0.1_up0.1.1
#!BuildTag: %%CHART_PREFIX%%upgrade-controller:%%CHART_MAJOR%%.0.1_up0.1.1-%RELEASE%
#!BuildTag: %%CHART_PREFIX%%upgrade-controller:%%CHART_MAJOR%%.0.3_up0.1.3
#!BuildTag: %%CHART_PREFIX%%upgrade-controller:%%CHART_MAJOR%%.0.3_up0.1.3-%RELEASE%
apiVersion: v2
appVersion: 0.1.1
appVersion: 0.1.3
dependencies:
- condition: crds.enabled
name: lifecycle-crds
repository: file://./charts/lifecycle-crds
version: 0.1.1
version: 0.1.3
description: A Helm chart for Upgrade Controller
name: upgrade-controller
type: application
version: "%%CHART_MAJOR%%.0.1+up0.1.1"
version: "%%CHART_MAJOR%%.0.3+up0.1.3"

2
upgrade-controller-chart/values.yaml
View File

@@ -15,7 +15,7 @@ env:
image: %%MANIFEST_REPO%%/%%IMG_PREFIX%%release-manifest
kubectl:
image: %%IMG_REPO%%/%%IMG_PREFIX%%kubectl
version: 1.33.4
version: 1.34.2
imagePullSecrets: []
nameOverride: ""

8
upgrade-controller-image/Dockerfile
View File

@@ -1,6 +1,6 @@
# SPDX-License-Identifier: Apache-2.0
#!BuildTag: %%IMG_PREFIX%%upgrade-controller:0.1.1
#!BuildTag: %%IMG_PREFIX%%upgrade-controller:0.1.1-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%upgrade-controller:0.1.3
#!BuildTag: %%IMG_PREFIX%%upgrade-controller:0.1.3-%RELEASE%
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
@@ -15,11 +15,11 @@ FROM micro AS final
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE Edge Upgrade Controller Container Image"
LABEL org.opencontainers.image.description="Edge Update Controller Image based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="0.1.1"
LABEL org.opencontainers.image.version="0.1.3"
LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%upgrade-controller:0.1.1-%RELEASE%"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%upgrade-controller:0.1.3-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
LABEL com.suse.eula="SUSE Combined EULA February 2024"

5
upgrade-controller/_service
View File

@@ -1,10 +1,13 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/suse-edge/upgrade-controller.git</param>
<!-- Uncomment and set this for regular version -->
<param name="versionformat">@PARENT_TAG@</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
<param name="revision">v0.1.1</param>
<param name="revision">v0.1.3</param>
<!-- Uncomment and set this For Pre-Release Version -->
<!-- <param name="version">0.1.3~rc2</param> -->
<param name="versionrewrite-pattern">v(\d+).(\d+).(\d+)</param>
<param name="versionrewrite-replacement">\1.\2.\3</param>
<param name="changesgenerate">enable</param>

4
upgrade-controller/upgrade-controller.spec
View File

@@ -17,14 +17,14 @@
Name: upgrade-controller
Version: 0.1.1
Version: 0.1.3
Release: 0
Summary: Upgrade Controller
License: Apache-2.0
URL: https://github.com/suse-edge/upgrade-controller
Source: upgrade-controller-%{version}.tar
Source1: vendor.tar.gz
BuildRequires: golang(API) go1.22
BuildRequires: golang(API) go1.25
BuildRequires: golang-packaging
%description