From 879993080426733f1f901ce38ea5ddf938e86c42 Mon Sep 17 00:00:00 2001 From: Stefan Majer Date: Tue, 3 Sep 2024 13:27:43 +0200 Subject: [PATCH 1/2] Update metallb to v0.14.8 (#418) --- charts/images.yaml | 6 +++--- charts/internal/shoot-control-plane/templates/metallb.yaml | 5 +++++ 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/charts/images.yaml b/charts/images.yaml index 662b6327..1b47dec9 100644 --- a/charts/images.yaml +++ b/charts/images.yaml @@ -22,11 +22,11 @@ images: - name: metallb-speaker sourceRepository: https://github.com/metallb/metallb repository: quay.io/metallb/speaker - tag: "v0.14.3" + tag: "v0.14.8" - name: metallb-controller sourceRepository: https://github.com/metallb/metallb repository: quay.io/metallb/controller - tag: "v0.14.3" + tag: "v0.14.8" - name: duros-controller sourceRepository: https://github.com/metal-stack/duros-controller repository: ghcr.io/metal-stack/duros-controller @@ -38,7 +38,7 @@ images: - name: metallb-health-sidecar sourceRepository: https://github.com/metal-stack/metallb-health-sidecar repository: ghcr.io/metal-stack/metallb-health-sidecar - tag: "v0.1.1" + tag: "v0.1.2" - name: firewall-controller-manager sourceRepository: https://github.com/metal-stack/firewall-controller-manager repository: ghcr.io/metal-stack/firewall-controller-manager diff --git a/charts/internal/shoot-control-plane/templates/metallb.yaml b/charts/internal/shoot-control-plane/templates/metallb.yaml index 29b9e6a2..5efb2c7a 100644 --- a/charts/internal/shoot-control-plane/templates/metallb.yaml +++ b/charts/internal/shoot-control-plane/templates/metallb.yaml @@ -267,6 +267,7 @@ rules: - pods verbs: - list + - get - apiGroups: - "" resources: @@ -551,6 +552,10 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName + - name: METALLB_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name - name: METALLB_HOST valueFrom: fieldRef: From 74739b80ede1b6096dc93093acc10ccdd1df7b91 Mon Sep 17 00:00:00 2001 From: Stefan Majer Date: Tue, 3 Sep 2024 13:31:51 +0200 Subject: [PATCH 2/2] Remove old kubernetes defaultings (#419) --- .github/workflows/docker.yaml | 2 +- pkg/admission/mutator/config.go | 6 +----- pkg/admission/mutator/defaulter.go | 11 +---------- pkg/admission/mutator/defaulter_test.go | 3 +-- 4 files changed, 4 insertions(+), 18 deletions(-) diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 73f1642f..5c158fb4 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -38,7 +38,7 @@ jobs: [ "${GITHUB_EVENT_NAME}" == 'push' ] && echo "tag=latest" >> $GITHUB_ENV || true - name: Build and push image - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . push: true diff --git a/pkg/admission/mutator/config.go b/pkg/admission/mutator/config.go index d58f4e25..6e57c79c 100644 --- a/pkg/admission/mutator/config.go +++ b/pkg/admission/mutator/config.go @@ -11,10 +11,6 @@ import ( type config struct{} -func (c *config) allowedPrivilegedContainers() bool { - return c.bool("DEFAULTER_ALLOWEDPRIVILEGEDCONTAINERS", true) -} - func (c *config) maxPods() int32 { return c.int32("DEFAULTER_MAXPODS", 250) } @@ -126,5 +122,5 @@ func (c *config) int32(key string, fallback int32) int32 { return fallback } - return int32(parsed) + return int32(parsed) // nolint:gosec } diff --git a/pkg/admission/mutator/defaulter.go b/pkg/admission/mutator/defaulter.go index 9fa40c99..bcc53cf5 100644 --- a/pkg/admission/mutator/defaulter.go +++ b/pkg/admission/mutator/defaulter.go @@ -12,7 +12,6 @@ import ( "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal" "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal/helper" metalv1alpha1 "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal/v1alpha1" - "github.com/metal-stack/metal-lib/pkg/k8s" "github.com/metal-stack/metal-lib/pkg/pointer" "k8s.io/apimachinery/pkg/runtime" @@ -27,14 +26,6 @@ type defaulter struct { } func (d *defaulter) defaultShoot(shoot *gardenv1beta1.Shoot) error { - lessThan125, err := k8s.LessThan(shoot.Spec.Kubernetes.Version, k8s.KubernetesV125) - if err != nil { - return err - } - if shoot.Spec.Kubernetes.AllowPrivilegedContainers == nil && lessThan125 { - shoot.Spec.Kubernetes.AllowPrivilegedContainers = pointer.Pointer(d.c.allowedPrivilegedContainers()) - } - if shoot.Spec.Kubernetes.KubeControllerManager == nil { shoot.Spec.Kubernetes.KubeControllerManager = &gardenv1beta1.KubeControllerManagerConfig{} } @@ -51,7 +42,7 @@ func (d *defaulter) defaultShoot(shoot *gardenv1beta1.Shoot) error { shoot.Spec.Kubernetes.Kubelet.MaxPods = pointer.Pointer(d.c.maxPods()) } - err = d.defaultInfrastructureConfig(shoot) + err := d.defaultInfrastructureConfig(shoot) if err != nil { return err } diff --git a/pkg/admission/mutator/defaulter_test.go b/pkg/admission/mutator/defaulter_test.go index cd81cdfc..75b910fe 100644 --- a/pkg/admission/mutator/defaulter_test.go +++ b/pkg/admission/mutator/defaulter_test.go @@ -117,8 +117,7 @@ func Test_defaulter_defaultShoot(t *testing.T) { want: &gardenv1beta1.Shoot{ Spec: gardenv1beta1.ShootSpec{ Kubernetes: gardenv1beta1.Kubernetes{ - Version: "1.24.0", - AllowPrivilegedContainers: pointer.Pointer(true), + Version: "1.24.0", KubeControllerManager: &gardenv1beta1.KubeControllerManagerConfig{ NodeCIDRMaskSize: pointer.Pointer(int32(23)), },