Skip to content

Commit

Permalink
versions: add k8s 1.31, remove k8s 1.28
Browse files Browse the repository at this point in the history
  • Loading branch information
@burgerdev
burgerdev committed Oct 8, 2024
1 parent 961fabb commit 0dd6325
Show file tree
Hide file tree
Showing 14 changed files with 247 additions and 126 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/e2e-test-daily.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ jobs:
fail-fast: false
max-parallel: 5
matrix:
kubernetesVersion: ["1.28"] # should be default
kubernetesVersion: ["1.29"] # should be default
attestationVariant: ["gcp-sev-es", "gcp-sev-snp", "azure-sev-snp", "azure-tdx", "aws-sev-snp"]
refStream: ["ref/main/stream/debug/?", "ref/release/stream/stable/?"]
test: ["sonobuoy quick"]
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/e2e-test-internal-lb.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ on:
required: true
kubernetesVersion:
description: "Kubernetes version to create the cluster from."
default: "1.28"
default: "1.29"
required: true
cliVersion:
description: "Version of a released CLI to download. Leave empty to build the CLI from the checked out ref."
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/e2e-test-marketplace-image.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ on:
required: true
kubernetesVersion:
description: "Kubernetes version to create the cluster from."
default: "1.28"
default: "1.29"
required: true
cliVersion:
description: "Version of a released CLI to download. Leave empty to build the CLI from the checked out ref."
Expand Down
20 changes: 10 additions & 10 deletions .github/workflows/e2e-test-release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,53 +73,53 @@ jobs:

- test: "sonobuoy full"
attestationVariant: "gcp-sev-es"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
runner: "ubuntu-22.04"
clusterCreation: "cli"
- test: "sonobuoy full"
attestationVariant: "gcp-sev-snp"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
runner: "ubuntu-22.04"
clusterCreation: "cli"
- test: "sonobuoy full"
attestationVariant: "azure-sev-snp"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
runner: "ubuntu-22.04"
clusterCreation: "cli"
- test: "sonobuoy full"
attestationVariant: "azure-tdx"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
runner: "ubuntu-22.04"
clusterCreation: "cli"
- test: "sonobuoy full"
attestationVariant: "aws-sev-snp"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
runner: "ubuntu-22.04"
clusterCreation: "cli"

- test: "sonobuoy full"
attestationVariant: "gcp-sev-es"
kubernetes-version: "v1.28"
kubernetes-version: "v1.29"
runner: "ubuntu-22.04"
clusterCreation: "cli"
- test: "sonobuoy full"
attestationVariant: "gcp-sev-snp"
kubernetes-version: "v1.28"
kubernetes-version: "v1.29"
runner: "ubuntu-22.04"
clusterCreation: "cli"
- test: "sonobuoy full"
attestationVariant: "azure-sev-snp"
kubernetes-version: "v1.28"
kubernetes-version: "v1.29"
runner: "ubuntu-22.04"
clusterCreation: "cli"
- test: "sonobuoy full"
attestationVariant: "azure-tdx"
kubernetes-version: "v1.28"
kubernetes-version: "v1.29"
runner: "ubuntu-22.04"
clusterCreation: "cli"
- test: "sonobuoy full"
attestationVariant: "aws-sev-snp"
kubernetes-version: "v1.28"
kubernetes-version: "v1.29"
runner: "ubuntu-22.04"
clusterCreation: "cli"

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/e2e-test-terraform-provider.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ on:
required: true
kubernetesVersion:
description: "Kubernetes version to create the cluster from."
default: "1.28"
default: "1.29"
required: true
releaseVersion:
description: "Version of a released provider to download. Leave empty to build the provider from the checked out ref."
Expand Down
30 changes: 15 additions & 15 deletions .github/workflows/e2e-test-weekly.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,53 +89,53 @@ jobs:
- test: "sonobuoy quick"
refStream: "ref/main/stream/debug/?"
attestationVariant: "gcp-sev-es"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
clusterCreation: "cli"
- test: "sonobuoy quick"
refStream: "ref/main/stream/debug/?"
attestationVariant: "gcp-sev-snp"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
clusterCreation: "cli"
- test: "sonobuoy quick"
refStream: "ref/main/stream/debug/?"
attestationVariant: "azure-sev-snp"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
clusterCreation: "cli"
- test: "sonobuoy quick"
refStream: "ref/main/stream/debug/?"
attestationVariant: "azure-tdx"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
clusterCreation: "cli"
- test: "sonobuoy quick"
refStream: "ref/main/stream/debug/?"
attestationVariant: "aws-sev-snp"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
clusterCreation: "cli"

- test: "sonobuoy quick"
refStream: "ref/main/stream/debug/?"
attestationVariant: "gcp-sev-es"
kubernetes-version: "v1.28"
kubernetes-version: "v1.29"
clusterCreation: "cli"
- test: "sonobuoy quick"
refStream: "ref/main/stream/debug/?"
attestationVariant: "gcp-sev-snp"
kubernetes-version: "v1.28"
kubernetes-version: "v1.29"
clusterCreation: "cli"
- test: "sonobuoy quick"
refStream: "ref/main/stream/debug/?"
attestationVariant: "azure-sev-snp"
kubernetes-version: "v1.28"
kubernetes-version: "v1.29"
clusterCreation: "cli"
- test: "sonobuoy quick"
refStream: "ref/main/stream/debug/?"
attestationVariant: "azure-tdx"
kubernetes-version: "v1.28"
kubernetes-version: "v1.29"
clusterCreation: "cli"
- test: "sonobuoy quick"
refStream: "ref/main/stream/debug/?"
attestationVariant: "aws-sev-snp"
kubernetes-version: "v1.28"
kubernetes-version: "v1.29"
clusterCreation: "cli"


Expand Down Expand Up @@ -290,27 +290,27 @@ jobs:
- test: "verify"
refStream: "ref/release/stream/stable/?"
attestationVariant: "gcp-sev-es"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
clusterCreation: "cli"
- test: "verify"
refStream: "ref/release/stream/stable/?"
attestationVariant: "gcp-sev-snp"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
clusterCreation: "cli"
- test: "verify"
refStream: "ref/release/stream/stable/?"
attestationVariant: "azure-sev-snp"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
clusterCreation: "cli"
- test: "verify"
refStream: "ref/release/stream/stable/?"
attestationVariant: "azure-tdx"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
clusterCreation: "cli"
- test: "verify"
refStream: "ref/release/stream/stable/?"
attestationVariant: "aws-sev-snp"
kubernetes-version: "v1.29"
kubernetes-version: "v1.30"
clusterCreation: "cli"

runs-on: ubuntu-22.04
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/e2e-test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ on:
required: true
kubernetesVersion:
description: "Kubernetes version to create the cluster from."
default: "1.29"
default: "1.30"
required: true
cliVersion:
description: "Version of a released CLI to download. Leave empty to build the CLI from the checked out ref."
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/architecture/versions.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,6 @@ Subsequent Constellation releases drop support for the oldest (and deprecated) K
The following Kubernetes versions are currently supported:
<!--AUTO_GENERATED_BY_BAZEL-->
<!--DO_NOT_EDIT-->
* v1.28.13
* v1.29.8
* v1.30.4
* v1.31.1
2 changes: 1 addition & 1 deletion docs/docs/reference/cli.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ constellation config generate {aws|azure|gcp|openstack|qemu|stackit} [flags]
```
-a, --attestation string attestation variant to use {aws-sev-snp|aws-nitro-tpm|azure-sev-snp|azure-tdx|azure-trustedlaunch|gcp-sev-snp|gcp-sev-es|qemu-vtpm}. If not specified, the default for the cloud provider is used
-h, --help help for generate
-k, --kubernetes string Kubernetes version to use in format MAJOR.MINOR (default "v1.29")
-k, --kubernetes string Kubernetes version to use in format MAJOR.MINOR (default "v1.30")
-t, --tags strings additional tags for created resources given a list of key=value
```

Expand Down
5 changes: 4 additions & 1 deletion internal/constellation/kubecmd/BUILD.bazel
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,11 @@ go_library(
"@io_k8s_apimachinery//pkg/apis/meta/v1/unstructured",
"@io_k8s_apimachinery//pkg/runtime",
"@io_k8s_apimachinery//pkg/runtime/schema",
"@io_k8s_apimachinery//pkg/runtime/serializer/json",
"@io_k8s_client_go//util/retry",
"@io_k8s_kubernetes//cmd/kubeadm/app/apis/kubeadm/v1beta3",
"@io_k8s_kubernetes//cmd/kubeadm/app/apis/kubeadm",
"@io_k8s_kubernetes//cmd/kubeadm/app/apis/kubeadm/scheme",
"@io_k8s_kubernetes//cmd/kubeadm/app/apis/kubeadm/v1beta4",
"@io_k8s_sigs_yaml//:yaml",
],
)
Expand Down
56 changes: 25 additions & 31 deletions internal/constellation/kubecmd/kubecmd.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,11 @@ import (
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/schema"
k8sjson "k8s.io/apimachinery/pkg/runtime/serializer/json"
"k8s.io/client-go/util/retry"
kubeadmv1beta3 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3"
"sigs.k8s.io/yaml"
"k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
kubeadmscheme "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/scheme"
kubeadmv1beta4 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta4"
)

// ErrInProgress signals that an upgrade is in progress inside the cluster.
Expand Down Expand Up @@ -234,9 +236,23 @@ func (k *KubeCmd) ApplyJoinConfig(ctx context.Context, newAttestConfig config.At
// ExtendClusterConfigCertSANs extends the ClusterConfig stored under "kube-system/kubeadm-config" with the given SANs.
// Empty strings are ignored, existing SANs are preserved.
func (k *KubeCmd) ExtendClusterConfigCertSANs(ctx context.Context, alternativeNames []string) error {
clusterConfiguration, kubeadmConfig, err := k.getClusterConfiguration(ctx)
if err != nil {
return fmt.Errorf("getting ClusterConfig: %w", err)
var kubeadmConfig *corev1.ConfigMap
if err := k.retryAction(ctx, func(ctx context.Context) error {
var err error
kubeadmConfig, err = k.kubectl.GetConfigMap(ctx, constants.ConstellationNamespace, constants.KubeadmConfigMap)
return err
}); err != nil {
return fmt.Errorf("retrieving current kubeadm-config: %w", err)
}

clusterConfigData, ok := kubeadmConfig.Data[constants.ClusterConfigurationKey]
if !ok {
return errors.New("ClusterConfiguration missing from kubeadm-config")
}

var clusterConfiguration kubeadm.ClusterConfiguration
if err := runtime.DecodeInto(kubeadmscheme.Codecs.UniversalDecoder(), []byte(clusterConfigData), &clusterConfiguration); err != nil {
return fmt.Errorf("decoding cluster configuration data: %w", err)
}

existingSANs := make(map[string]struct{})
Expand Down Expand Up @@ -264,7 +280,10 @@ func (k *KubeCmd) ExtendClusterConfigCertSANs(ctx context.Context, alternativeNa
clusterConfiguration.APIServer.CertSANs = append(clusterConfiguration.APIServer.CertSANs, missingSANs...)
sort.Strings(clusterConfiguration.APIServer.CertSANs)

newConfigYAML, err := yaml.Marshal(clusterConfiguration)
opt := k8sjson.SerializerOptions{Yaml: true}
serializer := k8sjson.NewSerializerWithOptions(k8sjson.DefaultMetaFactory, kubeadmscheme.Scheme, kubeadmscheme.Scheme, opt)
encoder := kubeadmscheme.Codecs.EncoderForVersion(serializer, kubeadmv1beta4.SchemeGroupVersion)
newConfigYAML, err := runtime.Encode(encoder, &clusterConfiguration)
if err != nil {
return fmt.Errorf("marshaling ClusterConfiguration: %w", err)
}
Expand Down Expand Up @@ -316,31 +335,6 @@ func (k *KubeCmd) getConstellationVersion(ctx context.Context) (updatev1alpha1.N
return nodeVersion, nil
}

// getClusterConfiguration fetches the kubeadm-config configmap from the cluster, extracts the config
// and returns both the full configmap and the ClusterConfiguration.
func (k *KubeCmd) getClusterConfiguration(ctx context.Context) (kubeadmv1beta3.ClusterConfiguration, *corev1.ConfigMap, error) {
var existingConf *corev1.ConfigMap
if err := k.retryAction(ctx, func(ctx context.Context) error {
var err error
existingConf, err = k.kubectl.GetConfigMap(ctx, constants.ConstellationNamespace, constants.KubeadmConfigMap)
return err
}); err != nil {
return kubeadmv1beta3.ClusterConfiguration{}, nil, fmt.Errorf("retrieving current kubeadm-config: %w", err)
}

clusterConf, ok := existingConf.Data[constants.ClusterConfigurationKey]
if !ok {
return kubeadmv1beta3.ClusterConfiguration{}, nil, errors.New("ClusterConfiguration missing from kubeadm-config")
}

var existingClusterConfig kubeadmv1beta3.ClusterConfiguration
if err := yaml.Unmarshal([]byte(clusterConf), &existingClusterConfig); err != nil {
return kubeadmv1beta3.ClusterConfiguration{}, nil, fmt.Errorf("unmarshaling ClusterConfiguration: %w", err)
}

return existingClusterConfig, existingConf, nil
}

// applyComponentsCM applies the k8s components ConfigMap to the cluster.
func (k *KubeCmd) applyComponentsCM(ctx context.Context, components *corev1.ConfigMap) error {
if err := k.retryAction(ctx, func(ctx context.Context) error {
Expand Down
Loading

0 comments on commit 0dd6325

Please sign in to comment.