From 1aa3022e62868a0310a45c6fe6401dbb014aaba4 Mon Sep 17 00:00:00 2001 From: Stavros Kontopoulos Date: Thu, 16 Jun 2022 14:59:17 +0300 Subject: [PATCH 1/4] inject images --- hack/generate/csv.sh | 33 ++++++++++----- olm-catalog/serverless-operator/project.yaml | 2 + .../hack/001-serving-namespace-deletion.patch | 31 -------------- .../hack/002-openshift-serving-role.patch | 32 --------------- .../hack/003-serving-pdb.patch | 40 ------------------- .../hack/update-manifests.sh | 34 ++++++++++------ 6 files changed, 47 insertions(+), 125 deletions(-) delete mode 100644 openshift-knative-operator/hack/001-serving-namespace-deletion.patch delete mode 100644 openshift-knative-operator/hack/002-openshift-serving-role.patch delete mode 100644 openshift-knative-operator/hack/003-serving-pdb.patch diff --git a/hack/generate/csv.sh b/hack/generate/csv.sh index 20f23dd4ed..2dc831ee10 100755 --- a/hack/generate/csv.sh +++ b/hack/generate/csv.sh @@ -15,6 +15,20 @@ client_version="$(metadata.get dependencies.cli)" kn_event="${registry_host}/knative/release-${client_version%.*}:client-plugin-event" rbac_proxy="registry.ci.openshift.org/origin/4.7:kube-rbac-proxy" +function default_knative_serving_images() { + local serving + serving="${registry}/knative-v$(metadata.get dependencies.serving):knative-serving" + export KNATIVE_SERVING_QUEUE=${KNATIVE_SERVING_QUEUE:-"${serving}-queue"} + export KNATIVE_SERVING_ACTIVATOR=${KNATIVE_SERVING_ACTIVATOR:-"${serving}-activator"} + export KNATIVE_SERVING_AUTOSCALER=${KNATIVE_SERVING_AUTOSCALER:-"${serving}-autoscaler"} + export KNATIVE_SERVING_AUTOSCALER_HPA=${KNATIVE_SERVING_AUTOSCALER_HPA:-"${serving}-autoscaler-hpa"} + export KNATIVE_SERVING_CONTROLLER=${KNATIVE_SERVING_CONTROLLER:-"${serving}-controller"} + export KNATIVE_SERVING_WEBHOOK=${KNATIVE_SERVING_WEBHOOK:-"${serving}-webhook"} + export KNATIVE_SERVING_DOMAIN_MAPPING=${KNATIVE_SERVING_DOMAIN_MAPPING:-"${serving}-domain-mapping"} + export KNATIVE_SERVING_DOMAIN_MAPPING_WEBHOOK=${KNATIVE_SERVING_DOMAIN_MAPPING_WEBHOOK:-"${serving}-domain-mapping-webhook"} + export KNATIVE_SERVING_STORAGE_VERSION_MIGRATION=${KNATIVE_SERVING_STORAGE_VERSION_MIGRATION:-"${serving}-storage-version-migration"} +} + function default_knative_eventing_images() { local eventing eventing="${registry}/knative-v$(metadata.get dependencies.eventing):knative-eventing" @@ -43,6 +57,7 @@ function default_knative_eventing_kafka_broker_images() { default_knative_eventing_images default_knative_eventing_kafka_broker_images +default_knative_serving_images declare -a images declare -A images_addresses @@ -66,15 +81,15 @@ function kafka_image { kafka_images_addresses["${name}"]="${address}" } -image "queue-proxy" "${serving}-queue" -image "activator" "${serving}-activator" -image "autoscaler" "${serving}-autoscaler" -image "autoscaler-hpa" "${serving}-autoscaler-hpa" -image "controller__controller" "${serving}-controller" -image "webhook__webhook" "${serving}-webhook" -image "domain-mapping" "${serving}-domain-mapping" -image "domainmapping-webhook" "${serving}-domain-mapping-webhook" -image "storage-version-migration-serving-serving-$(metadata.get dependencies.serving)__migrate" "${serving}-storage-version-migration" +image "queue-proxy" "${KNATIVE_SERVING_QUEUE}" +image "activator" "${KNATIVE_SERVING_ACTIVATOR}" +image "autoscaler" "${KNATIVE_SERVING_AUTOSCALER}" +image "autoscaler-hpa" "${KNATIVE_SERVING_AUTOSCALER_HPA}" +image "controller__controller" "${KNATIVE_SERVING_CONTROLLER}" +image "webhook__webhook" "${KNATIVE_SERVING_WEBHOOK}" +image "domain-mapping" "${KNATIVE_SERVING_DOMAIN_MAPPING}" +image "domainmapping-webhook" "${KNATIVE_SERVING_DOMAIN_MAPPING_WEBHOOK}" +image "storage-version-migration-serving-serving-$(metadata.get dependencies.serving)__migrate" "${KNATIVE_SERVING_STORAGE_VERSION_MIGRATION}" image "kourier-gateway" "quay.io/maistra/proxyv2-ubi8:$(metadata.get dependencies.maistra)" image "kourier-control" "${registry}/knative-v$(metadata.get dependencies.kourier):kourier" diff --git a/olm-catalog/serverless-operator/project.yaml b/olm-catalog/serverless-operator/project.yaml index 06122347ec..cb7e9d14fb 100644 --- a/olm-catalog/serverless-operator/project.yaml +++ b/olm-catalog/serverless-operator/project.yaml @@ -27,6 +27,8 @@ dependencies: net_istio: 1.3.0 maistra: 2.1.0 + serving_artifacts_branch: image_injection_1.3 + eventing: 1.3.2 # eventing core midstream branch name eventing_artifacts_branch: release-v1.3 diff --git a/openshift-knative-operator/hack/001-serving-namespace-deletion.patch b/openshift-knative-operator/hack/001-serving-namespace-deletion.patch deleted file mode 100644 index f9e6dcb802..0000000000 --- a/openshift-knative-operator/hack/001-serving-namespace-deletion.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff --git a/openshift-knative-operator/cmd/operator/kodata/knative-serving/1.3.0/2-serving-core.yaml b/openshift-knative-operator/cmd/operator/kodata/knative-serving/1.3.0/2-serving-core.yaml -index 218a3c7e..4f7af33d 100644 ---- a/openshift-knative-operator/cmd/operator/kodata/knative-serving/1.3.0/2-serving-core.yaml -+++ b/openshift-knative-operator/cmd/operator/kodata/knative-serving/1.3.0/2-serving-core.yaml -@@ -1,26 +1,3 @@ --# Copyright 2018 The Knative Authors --# --# Licensed under the Apache License, Version 2.0 (the "License"); --# you may not use this file except in compliance with the License. --# You may obtain a copy of the License at --# --# https://www.apache.org/licenses/LICENSE-2.0 --# --# Unless required by applicable law or agreed to in writing, software --# distributed under the License is distributed on an "AS IS" BASIS, --# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. --# See the License for the specific language governing permissions and --# limitations under the License. -- --apiVersion: v1 --kind: Namespace --metadata: -- name: knative-serving -- labels: -- app.kubernetes.io/name: knative-serving -- app.kubernetes.io/version: "1.3.0" -- serving.knative.dev/release: "v1.3.0" -- - --- - # Copyright 2019 The Knative Authors - # diff --git a/openshift-knative-operator/hack/002-openshift-serving-role.patch b/openshift-knative-operator/hack/002-openshift-serving-role.patch deleted file mode 100644 index d9ca0ebee6..0000000000 --- a/openshift-knative-operator/hack/002-openshift-serving-role.patch +++ /dev/null @@ -1,32 +0,0 @@ -diff --git a/openshift-knative-operator/cmd/operator/kodata/knative-serving/1.3.0/2-serving-core.yaml b/openshift-knative-operator/cmd/operator/kodata/knative-serving/1.3.0/2-serving-core.yaml -index 4f7af33d..4a5ce15f 100644 ---- a/openshift-knative-operator/cmd/operator/kodata/knative-serving/1.3.0/2-serving-core.yaml -+++ b/openshift-knative-operator/cmd/operator/kodata/knative-serving/1.3.0/2-serving-core.yaml -@@ -5935,3 +5935,27 @@ metadata: - # The data is populated at install time. - - --- -+kind: Role -+apiVersion: rbac.authorization.k8s.io/v1 -+metadata: -+ namespace: knative-serving -+ name: openshift-serverless-view-serving-configmaps -+rules: -+ - apiGroups: [""] -+ resources: ["configmaps"] -+ resourceNames: ["config-autoscaler"] -+ verbs: ["get", "list", "watch"] -+--- -+kind: RoleBinding -+apiVersion: rbac.authorization.k8s.io/v1 -+metadata: -+ name: openshift-serverless-view-serving-configmaps -+ namespace: knative-serving -+subjects: -+ - kind: Group -+ name: system:authenticated -+ apiGroup: rbac.authorization.k8s.io -+roleRef: -+ apiGroup: rbac.authorization.k8s.io -+ kind: Role -+ name: openshift-serverless-view-serving-configmaps diff --git a/openshift-knative-operator/hack/003-serving-pdb.patch b/openshift-knative-operator/hack/003-serving-pdb.patch deleted file mode 100644 index abf165afc2..0000000000 --- a/openshift-knative-operator/hack/003-serving-pdb.patch +++ /dev/null @@ -1,40 +0,0 @@ -diff --git a/openshift-knative-operator/cmd/operator/kodata/knative-serving/1.3.0/2-serving-core.yaml b/openshift-knative-operator/cmd/operator/kodata/knative-serving/1.3.0/2-serving-core.yaml -index dd7a139c..fef3b547 100644 ---- a/openshift-knative-operator/cmd/operator/kodata/knative-serving/1.3.0/2-serving-core.yaml -+++ b/openshift-knative-operator/cmd/operator/kodata/knative-serving/1.3.0/2-serving-core.yaml -@@ -4858,7 +4858,7 @@ spec: - # Activator PDB. Currently we permit unavailability of 20% of tasks at the same time. - # Given the subsetting and that the activators are partially stateful systems, we want - # a slow rollout of the new versions and slow migration during node upgrades. --apiVersion: policy/v1 -+apiVersion: policy/v1beta1 - kind: PodDisruptionBudget - metadata: - name: activator-pdb -@@ -4869,7 +4869,7 @@ metadata: - app.kubernetes.io/version: "1.3.0" - serving.knative.dev/release: "v1.3.0" - spec: -- minAvailable: 80% -+ minAvailable: 1 - selector: - matchLabels: - app: activator -@@ -5552,7 +5552,7 @@ spec: - averageUtilization: 100 - --- - # Webhook PDB. --apiVersion: policy/v1 -+apiVersion: policy/v1beta1 - kind: PodDisruptionBudget - metadata: - name: webhook-pdb -@@ -5563,7 +5563,7 @@ metadata: - app.kubernetes.io/version: "1.3.0" - serving.knative.dev/release: "v1.3.0" - spec: -- minAvailable: 80% -+ minAvailable: 1 - selector: - matchLabels: - app: webhook diff --git a/openshift-knative-operator/hack/update-manifests.sh b/openshift-knative-operator/hack/update-manifests.sh index 3c8c4b8c72..99d7b7d940 100755 --- a/openshift-knative-operator/hack/update-manifests.sh +++ b/openshift-knative-operator/hack/update-manifests.sh @@ -18,8 +18,10 @@ eventing_files=(eventing-crds.yaml eventing-core.yaml in-memory-channel.yaml mt- istio_files=(200-clusterrole 400-config-istio 500-controller 500-webhook-deployment 500-webhook-secret 500-webhook-service 600-mutating-webhook 600-validating-webhook) export KNATIVE_EVENTING_MANIFESTS_DIR=${KNATIVE_EVENTING_MANIFESTS_DIR:-""} +export KNATIVE_SERVING_MANIFESTS_DIR=${KNATIVE_SERVING_MANIFESTS_DIR:-""} +export KNATIVE_SERVING_TEST_MANIFESTS_DIR=${KNATIVE_SERVING_TEST_MANIFESTS_DIR:-""} -function download { +function download_serving { component=$1 version=$2 shift @@ -32,15 +34,19 @@ function download { rm -r "$component_dir" mkdir -p "$target_dir" + branch=$(metadata.get dependencies.serving_artifacts_branch) for (( i=0; i<${#files[@]}; i++ )); do index=$(( i+1 )) file="${files[$i]}.yaml" target_file="$target_dir/$index-$file" - url="https://github.com/knative/$component/releases/download/knative-$version/$file" - wget --no-check-certificate "$url" -O "$target_file" - + if [[ ${KNATIVE_SERVING_MANIFESTS_DIR} = "" ]]; then + url="https://raw.githubusercontent.com/skonto/serving/${branch}/openshift/release/artifacts/$index-$file" + wget --no-check-certificate "$url" -O "$target_file" + else + cp "${KNATIVE_SERVING_MANIFESTS_DIR}/${file}" "$target_file" + fi # Break all image references so we know our overrides work correctly. yaml.break_image_references "$target_file" done @@ -107,17 +113,19 @@ function download_ingress { # # DOWNLOAD SERVING # -download serving "${KNATIVE_SERVING_VERSION}" "${serving_files[@]}" -# Drop namespace from manifest. -git apply "$root/openshift-knative-operator/hack/001-serving-namespace-deletion.patch" +# When openshift-knative/serving uses this repo to run a job (eg. PR against openshift-knative/serving) it will use a minimum +# setup with net-kourier. Thus it will not use the release artifacts generated under openshift-knative-operator/cmd/kodata/knative-serving. +# Instead openshift-knative/serving uses its own generated ci manifests and sets KNATIVE_SERVING_TEST_MANIFESTS_DIR. +# Extensive Serving testing is done at this repo only. For the latter we do use manifests under openshift-knative-operator/cmd/kodata/knative-serving which are fetched from the midstream +# repo. TODO: unify the artifacts at the mid stream repo. +if [[ ${KNATIVE_SERVING_TEST_MANIFESTS_DIR} = "" ]]; then + download_serving serving "${KNATIVE_SERVING_VERSION}" "${serving_files[@]}" +fi -# Extra role for downstream, so that users can get the autoscaling CM to fetch defaults. -git apply "$root/openshift-knative-operator/hack/002-openshift-serving-role.patch" - -# TODO: Remove this once upstream fixed https://github.com/knative/operator/issues/376. -# See also https://issues.redhat.com/browse/SRVKS-670. -git apply "$root/openshift-knative-operator/hack/003-serving-pdb.patch" +# +# DOWNLOAD INGRESS +# download_ingress net-istio "v$(metadata.get dependencies.net_istio)" "${istio_files[@]}" From 2738ac4476bcbdf8c48cc4c4e6eeb7b74259f08e Mon Sep 17 00:00:00 2001 From: Stavros Kontopoulos Date: Fri, 1 Jul 2022 13:51:27 +0300 Subject: [PATCH 2/4] updates --- olm-catalog/serverless-operator/project.yaml | 6 ++++-- openshift-knative-operator/hack/update-manifests.sh | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/olm-catalog/serverless-operator/project.yaml b/olm-catalog/serverless-operator/project.yaml index cb7e9d14fb..27b4de7f06 100644 --- a/olm-catalog/serverless-operator/project.yaml +++ b/olm-catalog/serverless-operator/project.yaml @@ -23,12 +23,14 @@ requirements: dependencies: serving: 1.3.0 + # serving midstream branch name + serving_artifacts_branch: release-v1.3 + + # versions for networking components kourier: 1.3.0 net_istio: 1.3.0 maistra: 2.1.0 - serving_artifacts_branch: image_injection_1.3 - eventing: 1.3.2 # eventing core midstream branch name eventing_artifacts_branch: release-v1.3 diff --git a/openshift-knative-operator/hack/update-manifests.sh b/openshift-knative-operator/hack/update-manifests.sh index 99d7b7d940..6e8f682444 100755 --- a/openshift-knative-operator/hack/update-manifests.sh +++ b/openshift-knative-operator/hack/update-manifests.sh @@ -42,7 +42,7 @@ function download_serving { target_file="$target_dir/$index-$file" if [[ ${KNATIVE_SERVING_MANIFESTS_DIR} = "" ]]; then - url="https://raw.githubusercontent.com/skonto/serving/${branch}/openshift/release/artifacts/$index-$file" + url="https://raw.githubusercontent.com/openshift/serving/${branch}/openshift/release/artifacts/$index-$file" wget --no-check-certificate "$url" -O "$target_file" else cp "${KNATIVE_SERVING_MANIFESTS_DIR}/${file}" "$target_file" @@ -114,7 +114,7 @@ function download_ingress { # DOWNLOAD SERVING # -# When openshift-knative/serving uses this repo to run a job (eg. PR against openshift-knative/serving) it will use a minimum +# When openshift/knative-serving uses this repo to run a job (eg. PR against openshift-knative/serving) it will use a minimum # setup with net-kourier. Thus it will not use the release artifacts generated under openshift-knative-operator/cmd/kodata/knative-serving. # Instead openshift-knative/serving uses its own generated ci manifests and sets KNATIVE_SERVING_TEST_MANIFESTS_DIR. # Extensive Serving testing is done at this repo only. For the latter we do use manifests under openshift-knative-operator/cmd/kodata/knative-serving which are fetched from the midstream From e36450cf99fcca318aa0012770e3ad19b36ed491 Mon Sep 17 00:00:00 2001 From: Stavros Kontopoulos Date: Fri, 1 Jul 2022 16:45:09 +0300 Subject: [PATCH 3/4] remove todo --- openshift-knative-operator/hack/update-manifests.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift-knative-operator/hack/update-manifests.sh b/openshift-knative-operator/hack/update-manifests.sh index 6e8f682444..6a60430b01 100755 --- a/openshift-knative-operator/hack/update-manifests.sh +++ b/openshift-knative-operator/hack/update-manifests.sh @@ -118,7 +118,7 @@ function download_ingress { # setup with net-kourier. Thus it will not use the release artifacts generated under openshift-knative-operator/cmd/kodata/knative-serving. # Instead openshift-knative/serving uses its own generated ci manifests and sets KNATIVE_SERVING_TEST_MANIFESTS_DIR. # Extensive Serving testing is done at this repo only. For the latter we do use manifests under openshift-knative-operator/cmd/kodata/knative-serving which are fetched from the midstream -# repo. TODO: unify the artifacts at the mid stream repo. +# repo. if [[ ${KNATIVE_SERVING_TEST_MANIFESTS_DIR} = "" ]]; then download_serving serving "${KNATIVE_SERVING_VERSION}" "${serving_files[@]}" fi From c13ac177bab2dea7a1e6f189c3ede9b7ef7423c1 Mon Sep 17 00:00:00 2001 From: Stavros Kontopoulos Date: Fri, 1 Jul 2022 16:48:51 +0300 Subject: [PATCH 4/4] fix repo ref --- openshift-knative-operator/hack/update-manifests.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/openshift-knative-operator/hack/update-manifests.sh b/openshift-knative-operator/hack/update-manifests.sh index 6a60430b01..a252fe4217 100755 --- a/openshift-knative-operator/hack/update-manifests.sh +++ b/openshift-knative-operator/hack/update-manifests.sh @@ -114,9 +114,9 @@ function download_ingress { # DOWNLOAD SERVING # -# When openshift/knative-serving uses this repo to run a job (eg. PR against openshift-knative/serving) it will use a minimum +# When openshift/knative-serving uses this repo to run a job (eg. PR against openshift/knative-serving) it will use a minimum # setup with net-kourier. Thus it will not use the release artifacts generated under openshift-knative-operator/cmd/kodata/knative-serving. -# Instead openshift-knative/serving uses its own generated ci manifests and sets KNATIVE_SERVING_TEST_MANIFESTS_DIR. +# Instead openshift/knative-serving uses its own generated ci manifests and sets KNATIVE_SERVING_TEST_MANIFESTS_DIR. # Extensive Serving testing is done at this repo only. For the latter we do use manifests under openshift-knative-operator/cmd/kodata/knative-serving which are fetched from the midstream # repo. if [[ ${KNATIVE_SERVING_TEST_MANIFESTS_DIR} = "" ]]; then