Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(updatecli) tracks karpenter helm release version #103

Merged
merged 7 commits into from
Feb 11, 2025
Merged

chore(updatecli) tracks karpenter helm release version #103

merged 7 commits into from
Feb 11, 2025

Conversation

jayfranco999
Copy link
Collaborator

As per jenkins-infra/helpdesk#4504

This PR tracks terraform aws module karpenter helm release version by using github-release as source

Tested locally with success:

TARGETS
========

updateChartVersion
------------------

**Dry Run enabled**

✔ - no changes detected:
        path "resource.helm_release.karpenter.version" already set to "1.1.1", from file "eks-cijenkinsio-agents-2.tf",

dduportal
dduportal reviewed Jan 21, 2025
View reviewed changes
updatecli/updatecli.d/karpenter-helm-release.yaml Outdated
Comment on lines 17 to 28
lastChartVersion:
name: Karpenter AWS Provider Helm Chart Latest Version
kind: githubrelease
spec:
owner: aws
repository: karpenter-provider-aws
token: "{{ requiredEnv .github.token }}"
username: "{{ .github.username }}"
versionFilter:
kind: latest
transformers:
- trimprefix: "v"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as https://github.com/jenkins-infra/terraform-aws-sponsorship/pull/104/files/def043a6c343e7479b42a3431d31186eb2014a9b#r1923504399 (you want the source to track an Helm chart, not a github release)

dduportal
dduportal requested changes Jan 21, 2025
View reviewed changes
Copy link
Contributor

@dduportal dduportal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code looks good, except for the source (same as https://github.com/jenkins-infra/terraform-aws-sponsorship/pull/104/files/def043a6c343e7479b42a3431d31186eb2014a9b#r1923504399)

@dduportal dduportal marked this pull request as draft January 22, 2025 14:35
@jayfranco999
Copy link
Collaborator Author

Update:

Unable to access the ECR repository helm chart

ERROR: ✗ unable to list versions for OCI Helm chart public.ecr.aws/karpenter/karpenter: error getting credentials - err: signal: killed, out: ``

@dduportal
Copy link
Contributor

Update:

Unable to access the ECR repository helm chart

ERROR: ✗ unable to list versions for OCI Helm chart public.ecr.aws/karpenter/karpenter: error getting credentials - err: signal: killed, out: ``

Oh I forgot I had this issue on my local machine: https://karpenter.sh/docs/getting-started/getting-started-with-karpenter/#4-install-karpenter states a logout is required (to ensure there are no credentials):

# Logout of helm registry to perform an unauthenticated pull against the public ECR
helm registry logout public.ecr.aws

This will be a tricky one: in order to run the logout command in a pipeline sh step just before the updatecli command, we'll have to rework the updatecli pipeline library.
As you can see in https://github.com/jenkins-infra/pipeline-library/blob/a8f4890ea296bf331246d6ce2d40c59b514883e0/vars/updatecli.groovy#L53, the updatecli command is executed inside a node() block command (https://github.com/jenkins-infra/pipeline-library/blob/a8f4890ea296bf331246d6ce2d40c59b514883e0/vars/updatecli.groovy#L32-L58).

It means we have no way to inject, today, any command: if you change the Jenkinsfile_updatecli calling pipeline, you won't be able to access the updatecli() pipeline library function's context.

Additionally, it might be an issue in updatecli CLI itself in the way it requests the helm charts: do you have the same issue on your machine?

@jayfranco999
Copy link
Collaborator Author

Yes I have the same issue while running locally.

@dduportal
Copy link
Contributor

Yes I have the same issue while running locally.

Then, it's worth opening an issue on updatecli as we're blocked by this

@jayfranco999
chore(updatecli) tracks karpenter helm release version
e421a05 
Signed-off-by: jayfranco999 <[email protected]>
@jayfranco999
fixup
794d226 
Signed-off-by: jayfranco999 <[email protected]>
@jayfranco999
fixup
ee0856c 
Signed-off-by: jayfranco999 <[email protected]>
@jayfranco999
fixup
60ffbac 
Signed-off-by: jayfranco999 <[email protected]>
@jayfranco999
fixup
4b2b3c4 
Signed-off-by: jayfranco999 <[email protected]>
@jayfranco999 jayfranco999 force-pushed the karpenter-helm-releasetracking branch from 26fcd22 to 4b2b3c4 Compare February 11, 2025 09:54
@jayfranco999
Copy link
Collaborator Author

Update:

We now use helm chart source to retrieve the latest helm release:

Tested successfully on infra.ci (https://infra.ci.jenkins.io/job/updatecli/job/terraform-aws-sponsorship/job/PR-103/18/pipeline-console/log?nodeId=18)

[2025-02-11T09:55:13.655Z] target: target#updateChartVersion
[2025-02-11T09:55:13.655Z] -------------------------
[2025-02-11T09:55:13.655Z] 
[2025-02-11T09:55:13.655Z] **Dry Run enabled**
[2025-02-11T09:55:13.655Z] 
[2025-02-11T09:55:13.655Z] ⚠ - changes detected:
[2025-02-11T09:55:13.655Z] 	path "resource.helm_release.cijenkinsio_agents_2_karpenter.version" updated from "1.1.1" to "1.2.1" in file "eks-cijenkinsio-agents-2.tf"

Noticed an unexpected behaviour on updatecli pipeline where jobs were failing since manifest to fetch aws provider version was failing (unrelated to PR but worth looking into)

[2025-02-11T09:55:13.656Z] ERROR: something went wrong in "target#updateTerraformLockFile" : something went wrong in target "updateTerraformLockFile" : "✗ failed to query provider locks for provider: \"hashicorp/aws\", version: \"5.86.1\", platforms: [\"linux_amd64\" \"linux_arm64\" \"darwin_amd64\" \"darwin_arm64\"]: unexpected HTTP Status Code: 404"
[2025-02-11T09:55:13.656Z] 
[2025-02-11T09:55:13.656Z] Pipeline "Bump Terraform `aws` provider version" failed
[2025-02-11T09:55:13.656Z] Skipping due to:
[2025-02-11T09:55:13.656Z] 	something went wrong during target execution

@jayfranco999 jayfranco999 marked this pull request as ready for review February 11, 2025 10:21
dduportal
dduportal approved these changes Feb 11, 2025
View reviewed changes
Copy link
Contributor

@dduportal dduportal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great job! LGTM

@dduportal
Copy link
Contributor

Merging as:

  • The failing updatecli check is unrelated (it also is present on the main branch)
  • The updatecli check maps to the tests run by @jayfranco999:
[2025-02-11T10:39:44.052Z] ⚠ - changes detected:
[2025-02-11T10:39:44.052Z] 	path "resource.helm_release.cijenkinsio_agents_2_karpenter.version" updated from "1.1.1" to "1.2.1" in file "eks-cijenkinsio-agents-2.tf"

LGTM

@dduportal dduportal merged commit 79a6da6 into jenkins-infra:main Feb 11, 2025
2 of 3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dduportal dduportal dduportal approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jayfranco999 @dduportal