generated from giantswarm/template-app
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
PSS + use kustomize from binary not from kubectl
Signed-off-by: Jirka Kremser <[email protected]>
- Loading branch information
Showing
10 changed files
with
351 additions
and
176 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
# binary | ||
/bin/* | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,24 +1,65 @@ | ||
##@ App | ||
|
||
OS ?= $(shell go env GOOS 2>/dev/null || echo linux) | ||
ARCH ?= $(shell go env GOARCH 2>/dev/null || echo amd64) | ||
KUSTOMIZE := ./bin/kustomize | ||
KUSTOMIZE_VERSION ?= v4.5.7 | ||
YQ = ./bin/yq | ||
YQ_VERSION := 4.31.2 | ||
|
||
.PHONY: all | ||
all: update-cpi-chart update-csi-chart update-kubevip-chart update-kubevip-cloud-provider-chart | ||
all: update-cpi-chart update-csi-chart apply-custom-patches-for-csi update-kubevip-chart update-kubevip-cloud-provider-chart | ||
@$(call say,Sync has been done ✓) | ||
|
||
.PHONY: update-cpi-chart | ||
update-cpi-chart: | ||
update-cpi-chart: | ||
@$(call say,CPI helm chart) | ||
./hack/update-cpi-chart.sh | ||
./hack/common-labels-injector.sh cloud-provider-for-vsphere | ||
|
||
.PHONY: update-csi-chart | ||
update-csi-chart: | ||
./hack/update-csi-chart.sh | ||
.PHONY: apply-custom-patches-for-csi | ||
apply-custom-patches-for-csi: $(YQ) ## apply giantswarm specific patches that are not possible via kustomize | ||
@$(call say,Custom yq magic for CSI) | ||
./hack/custom-patches.sh | ||
./hack/common-labels-injector.sh vsphere-csi-driver | ||
|
||
.PHONY: update-csi-chart | ||
update-csi-chart: $(KUSTOMIZE) | ||
@$(call say,CSI helm chart) | ||
./hack/update-csi-chart.sh $(KUSTOMIZE) | ||
|
||
.PHONY: update-kubevip-chart | ||
update-kubevip-chart: | ||
update-kubevip-chart: | ||
@$(call say,Kubevip helm chart) | ||
./hack/update-kubevip-chart.sh | ||
./hack/common-labels-injector.sh kube-vip | ||
|
||
.PHONY: update-kubevip-cloud-provider-chart | ||
update-kubevip-cloud-provider-chart: | ||
update-kubevip-cloud-provider-chart: | ||
@$(call say,Kubevip cloud provider helm chart) | ||
./hack/update-kubevip-cloud-provider-chart.sh | ||
./hack/common-labels-injector.sh kube-vip-cloud-provider | ||
|
||
$(KUSTOMIZE): ## Download kustomize locally if necessary. | ||
@$(call say,Download Kustomize) | ||
mkdir -p $(dir $@) | ||
curl -sfL "https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2F$(KUSTOMIZE_VERSION)/kustomize_$(KUSTOMIZE_VERSION)_$(OS)_$(ARCH).tar.gz" | tar zxv -C $(dir $@) | ||
chmod +x $@ | ||
@echo "kustomize downloaded" | ||
|
||
$(YQ): ## Download yq locally if necessary. | ||
@$(call say,Download yq) | ||
curl -sfL https://github.com/mikefarah/yq/releases/download/v$(YQ_VERSION)/yq_$(OS)_$(ARCH) > $@ | ||
chmod +x $@ | ||
@echo "yq downloaded" | ||
|
||
|
||
ifndef NO_COLOR | ||
YELLOW=\033[0;33m | ||
# no color | ||
NC=\033[0m | ||
endif | ||
|
||
define say | ||
echo "\n$(shell echo "$1 " | tr '[:rune:]' '=')\n $(YELLOW)$1$(NC)\n$(shell echo "$1 " | tr '[:rune:]' '=')" | ||
endef |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
#!/bin/bash | ||
|
||
set -o errexit | ||
set -o nounset | ||
set -o pipefail | ||
|
||
YQ="./bin/yq" | ||
|
||
f="helm/cloud-provider-vsphere/charts/vsphere-csi-driver/templates/apps_v1_deployment_vsphere-csi-controller.yaml" | ||
${YQ} e '.spec.template.spec.securityContext.remove-this-key="'" | ||
{{- with .Values.podSecurityContext }} | ||
{{- . | toYaml | nindent 8 }} | ||
{{- end }} | ||
"'" | .spec.template.spec.containers[].securityContext.remove-this-key="'" | ||
{{- with .Values.containerSecurityContext }} | ||
{{- . | toYaml | nindent 12 }} | ||
{{- end }} | ||
"'"' ${f} > ${f}.tmp | ||
cat ${f}.tmp | grep -v 'remove-this-key' > ${f} | ||
rm -rf ${f}.tmp |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.