this PR fixes an error:
```spec.replicas: Invalid value: "string": spec.replicas in body must be of type integer```
---------
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
This PR refactors postgress configuration script:
- Added event trigger on creating new schemas for automatically set
owner
- Refactored logic for fixing permissions for all objects in all schemas
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
Developers ofthen forget to unsuspend helm releases after the local
development (I do!)
This change make ensure that all system helm charts are getting
reconciled by flux after cozystack container restart
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
This PR introduces change to allow upgrading existing node groups for
tenant Kubernetes cluster:
This fixes the error:
```
Status: Failed (UpgradeFailed: Helm upgrade failed for release tenant-test0/kubernetes-test0 with chart kubernetes@0.3.0: cannot patch "kubernetes-test0-md0" with kind KubevirtMachineTemplate: admission webhook "validation.kubevirtmachinetemplate.infrastructure.cluster.x-k8s.io" denied the request: KubevirtMachineTemplateSpec is immutable)
```
This is done by generating unique names for KubevirtMachineTemplate
based on hash from spec. Old KubevirtMachineTemplates keep existing in
the cluster until some MachineSet continues using them.
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
I don't understand why "true" value isn't accepted here, but I have seen
this before. The `--enable-ssl-passthrough` parameter is not supposed to
accept any value, it's a stand-alone argument.
With this change I get my traffic appropriately passed through to
backend ingress on a kubevirt cluster that enabled TLS
Without it (the change is made on the addon ingress, which is very
strange, because that one isn't even configured to use a passthrough
annotation... the root ingress controller doesn't seem to care) I get
this error:
> 400 Bad Request
> The plain HTTP request was sent to HTTPS port
> ---
> nginx
Signed-off-by: Kingdon Barrett <kingdon+github@tuesdaystudios.com>
The error manifests as:
W0705 16:07:35.694677 7 configmap.go:431] unexpected error merging
defaults: 2 error(s) decoding:
* cannot parse 'proxy-connect-timeout' as int: strconv.ParseInt: parsing
"10s": invalid syntax
* cannot parse 'proxy-read-timeout' as int: strconv.ParseInt: parsing
"10s": invalid syntax
I came across this trying to understand why my nginx ingress addon
config isn't working, (this didn't help, but at least the warning is
gone now.)
I'll continue to try to debug, but I think this can merge any time
Signed-off-by: Kingdon Barrett <kingdon+github@tuesdaystudios.com>
image to test:
```
ghcr.io/aenix-io/cozystack/cozystack:v0.8.0@sha256:48e9f676f4eca5f7036648a56767c31beb0aca8fdc6d6798bd65de74886ed1ef
```
this PR should fix a problem of upgrading from older cozystack version
```
make: Leaving directory '/cozystack/packages/core/platform'
deployment.apps/source-controller condition met
deployment.apps/helm-controller condition met
Error from server (NotFound): helmreleases.helm.toolkit.fluxcd.io "fluxcd" not found
NAME CREATED AT
helmreleases.helm.toolkit.fluxcd.io 2024-05-29T11:00:16Z
helmrepositories.source.toolkit.fluxcd.io 2024-05-29T11:00:17Z
make: Entering directory '/cozystack/packages/system/fluxcd-operator'
kubectl patch hr -n cozy-fluxcd fluxcd-operator -p '{"spec": {"suspend": true}}' --type=merge --field-manager=flux-client-side-apply
Error from server (NotFound): helmreleases.helm.toolkit.fluxcd.io "fluxcd-operator" not found
make: *** [../../../scripts/package-system.mk:20: suspend] Error 1
make: Leaving directory '/cozystack/packages/system/fluxcd-operator'
time="2024-07-04T12:50:05Z" level=fatal msg="failed to run" err="exit status 2"
```
Fix#195
Don't set the `interval` so short on HelmReleases, with this many
HelmReleases that really hamstrings the control plane.
Also, copy the install/upgrade remediation config from system packages
to the Kubernetes templates for addon packages (cilium, flux, ingress) -
in my testing the ingress-nginx chart fails every time the first time.
Maybe that should be filed as a separate issue, I haven't looked into
detail, it is some issue related to a secret not being created, I think
it said something related to an admission controller.
Looks as though it's a conflict with being installed at the same time as
the cert-manager addon.
Signed-off-by: Kingdon Barrett <kingdon+github@tuesdaystudios.com>
I am testing install with this PR #183 and I had some issues, these
should help
---------
Signed-off-by: Kingdon Barrett <kingdon+github@tuesdaystudios.com>
