Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add script for storage version migartion of crds #1646

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 6 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -47,21 +47,23 @@ Shipwright supports any tool that can build container images in Kubernetes clust
- Install the Shipwright deployment. To install the latest version, run:

```bash
kubectl apply --filename https://github.com/shipwright-io/build/releases/download/v0.12.0/release.yaml --server-side
curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/v0.12.0/hack/setup-webhook-cert.sh | bash
kubectl apply --filename https://github.com/shipwright-io/build/releases/download/v0.13.0/release.yaml --server-side
curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/v0.13.0/hack/setup-webhook-cert.sh | bash
curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/main/hack/storage-version-migration.sh | bash
```

To install the latest nightly release, run:

```bash
kubectl apply --filename "https://github.com/shipwright-io/build/releases/download/nightly/nightly-$(curl --silent --location https://github.com/shipwright-io/build/releases/download/nightly/latest.txt).yaml" --server-side
curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/main/hack/setup-webhook-cert.sh | bash
curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/main/hack/storage-version-migration.sh | bash
```

- Install the Shipwright strategies. To install the latest version, run:

```bash
kubectl apply --filename https://github.com/shipwright-io/build/releases/download/v0.12.0/sample-strategies.yaml --server-side
kubectl apply --filename https://github.com/shipwright-io/build/releases/download/v0.13.0/sample-strategies.yaml --server-side
```

To install the latest nightly release, run:
Expand Down Expand Up @@ -169,6 +171,7 @@ To find out more on what's the best strategy or what else can Shipwright do for
| Version | Docs | Examples |
|------------------------------------------------------------------------|----------------------------------------------------------------------------|-----------------------------------------------------------------------------------|
| HEAD | [Docs @ HEAD](docs/README.md) | [Examples @ HEAD](samples) |
| [v0.13.0](https://github.com/shipwright-io/build/releases/tag/v0.13.0) | [Docs @ v0.13.0](https://github.com/shipwright-io/build/tree/v0.12.0/docs) | [Examples @ v0.13.0](https://github.com/shipwright-io/build/tree/v0.13.0/samples) |
| [v0.12.0](https://github.com/shipwright-io/build/releases/tag/v0.12.0) | [Docs @ v0.12.0](https://github.com/shipwright-io/build/tree/v0.12.0/docs) | [Examples @ v0.12.0](https://github.com/shipwright-io/build/tree/v0.12.0/samples) |
| [v0.11.0](https://github.com/shipwright-io/build/releases/tag/v0.11.0) | [Docs @ v0.11.0](https://github.com/shipwright-io/build/tree/v0.11.0/docs) | [Examples @ v0.11.0](https://github.com/shipwright-io/build/tree/v0.11.0/samples) |
| [v0.10.0](https://github.com/shipwright-io/build/releases/tag/v0.10.0) | [Docs @ v0.10.0](https://github.com/shipwright-io/build/tree/v0.10.0/docs) | [Examples @ v0.10.0](https://github.com/shipwright-io/build/tree/v0.10.0/samples) |
Expand Down
12 changes: 8 additions & 4 deletions deploy/200-role.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ rules:
resources: ['buildruns']
# The build-run-deletion annotation sets an owner ref on BuildRun objects.
# With the OwnerReferencesPermissionEnforcement admission controller enabled, controllers need the "delete" permission on objects that they set owner references on.
verbs: ['get', 'list', 'watch', 'update', 'delete']
verbs: ['get', 'list', 'watch', 'update', 'delete', 'patch']

- apiGroups: ['shipwright.io']
# BuildRuns are set as the owners of Tekton TaskRuns.
Expand All @@ -41,7 +41,7 @@ rules:

- apiGroups: ['shipwright.io']
resources: ['builds']
verbs: ['get', 'list', 'watch']
verbs: ['get', 'list', 'watch', 'patch']

- apiGroups: ['shipwright.io']
# The build-run-deletion annotation makes Builds an owner of BuildRun objects.
Expand All @@ -55,11 +55,11 @@ rules:

- apiGroups: ['shipwright.io']
resources: ['buildstrategies']
verbs: ['get', 'list', 'watch']
verbs: ['get', 'list', 'watch', 'patch']

- apiGroups: ['shipwright.io']
resources: ['clusterbuildstrategies']
verbs: ['get', 'list', 'watch']
verbs: ['get', 'list', 'watch', 'patch']

- apiGroups: ['tekton.dev']
resources: ['taskruns']
Expand All @@ -82,3 +82,7 @@ rules:
- apiGroups: ['']
resources: ['serviceaccounts']
verbs: ['get', 'list', 'watch', 'create', 'update', 'delete']

- apiGroups: ['apiextensions.k8s.io']
resources: ['customresourcedefinitions', 'customresourcedefinitions/status']
verbs: ['get', 'patch']
83 changes: 83 additions & 0 deletions hack/storage-version-migration.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
#!/bin/bash

# Copyright The Shipwright Contributors
#
# SPDX-License-Identifier: Apache-2.0

set -euo pipefail

if ! hash jq >/dev/null 2>&1 ; then
echo "[ERROR] jq is not installed"
exit 1
fi

# Delete old job for storage version migration
kubectl -n shipwright-build delete job --selector app=storage-version-migration-shipwright --wait=true

# create new job for storage version migration
cat <<EOF | kubectl create -f -
apiVersion: batch/v1
kind: Job
metadata:
generateName: storage-version-migration-shipwright-
labels:
app: storage-version-migration-shipwright
app.kubernetes.io/component: storage-version-migration-job
app.kubernetes.io/name: shipwright-build
namespace: shipwright-build
spec:
backoffLimit: 10
template:
metadata:
annotations:
sidecar.istio.io/inject: "false"
labels:
app: storage-version-migration-shipwright
app.kubernetes.io/component: storage-version-migration-job
app.kubernetes.io/name: shipwright-build
spec:
serviceAccountName: shipwright-build-controller
containers:
- args:
- buildruns.shipwright.io
- builds.shipwright.io
- buildstrategies.shipwright.io
- clusterbuildstrategies.shipwright.io
image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate
name: migrate
resources:
limits:
cpu: 1000m
memory: 1000Mi
requests:
cpu: 100m
memory: 100Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
restartPolicy: OnFailure
ttlSecondsAfterFinished: 600
EOF

JOB_NAME=$(kubectl -n shipwright-build get job --selector app=storage-version-migration-shipwright -o jsonpath='{.items[0].metadata.name}')

while [ "$(kubectl -n shipwright-build get job "${JOB_NAME}" -o json | jq -r '.status.completionTime // ""')" == "" ]; do
echo "[INFO] Storage version migraton job is still running"
sleep 10
done

isFailed="$(kubectl -n shipwright-build get job "${JOB_NAME}" -o json | jq -r '.status.conditions[] | select(.type == "Failed") | .status')"

if [ "${isFailed}" == "True" ]; then
echo "[ERROR] Storage version migration failed"
kubectl -n shipwright-build logs "job/${JOB_NAME}"
exit 1
fi

echo "[DONE]"