diff --git a/README.md b/README.md index b8eceaa17ccc8..d99a767c6106f 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ _... managed with Flux, Renovate, and GitHub Actions_ 🤖
[![Discord](https://img.shields.io/discord/673534664354430999?style=for-the-badge&label&logo=discord&logoColor=white&color=blue)](https://discord.gg/home-operations)   -[![Kubernetes](https://img.shields.io/badge/dynamic/yaml?url=https%3A%2F%2Fraw.githubusercontent.com%2Fonedr0p%2Fhome-ops%2Fmain%2Fkubernetes%2Fmain%2Fapps%2Fsystem-upgrade%2Fsystem-upgrade-plans%2Fks.yaml&query=%24.spec.postBuild.substitute.KUBERNETES_VERSION&style=for-the-badge&logo=kubernetes&logoColor=white&label=%20)](https://k3s.io/)   +[![Kubernetes](https://img.shields.io/badge/dynamic/yaml?url=https%3A%2F%2Fraw.githubusercontent.com%2Fonedr0p%2Fhome-ops%2Fmain%2Fkubernetes%2Fmain%2Fapps%2Fsystem-upgrade%2Fsystem-upgrade-controller%2Fplans%2Fkubernetes.yaml&query=%24.spec.version&style=for-the-badge&logo=kubernetes&logoColor=white&label=%20)](https://k3s.io/)   [![Renovate](https://img.shields.io/github/actions/workflow/status/onedr0p/home-ops/renovate.yaml?branch=main&label=&logo=renovatebot&style=for-the-badge&color=blue)](https://github.com/onedr0p/home-ops/actions/workflows/renovate.yaml)
diff --git a/kubernetes/main/apps/system-upgrade/kustomization.yaml b/kubernetes/main/apps/system-upgrade/kustomization.yaml index 6f1fecf5b9ac7..005f94342008c 100644 --- a/kubernetes/main/apps/system-upgrade/kustomization.yaml +++ b/kubernetes/main/apps/system-upgrade/kustomization.yaml @@ -7,5 +7,4 @@ resources: - ./namespace.yaml - ./notifications.yaml # Flux-Kustomizations - # - ./system-upgrade-controller/ks.yaml - # - ./system-upgrade-plans/ks.yaml + - ./system-upgrade-controller/ks.yaml diff --git a/kubernetes/main/apps/system-upgrade/system-upgrade-controller/app/helmrelease.yaml b/kubernetes/main/apps/system-upgrade/system-upgrade-controller/app/helmrelease.yaml index 67c2e8fc97085..4350a847392d5 100644 --- a/kubernetes/main/apps/system-upgrade/system-upgrade-controller/app/helmrelease.yaml +++ b/kubernetes/main/apps/system-upgrade/system-upgrade-controller/app/helmrelease.yaml @@ -27,6 +27,8 @@ spec: controllers: main: strategy: RollingUpdate + annotations: + reloader.stakater.com/auto: "true" containers: main: image: @@ -83,8 +85,6 @@ spec: persistence: tmp: type: emptyDir - globalMounts: - - path: /tmp etc-ssl: type: hostPath hostPath: /etc/ssl diff --git a/kubernetes/main/apps/system-upgrade/system-upgrade-controller/ks.yaml b/kubernetes/main/apps/system-upgrade/system-upgrade-controller/ks.yaml index 4000fa05d0e48..f89dd03318a06 100644 --- a/kubernetes/main/apps/system-upgrade/system-upgrade-controller/ks.yaml +++ b/kubernetes/main/apps/system-upgrade/system-upgrade-controller/ks.yaml @@ -19,3 +19,26 @@ spec: interval: 30m retryInterval: 1m timeout: 5m +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app system-upgrade-controller-plans + namespace: flux-system +spec: + targetNamespace: system-upgrade + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: system-upgrade-controller + path: ./kubernetes/main/apps/system-upgrade/system-upgrade-controller/plans + prune: true + sourceRef: + kind: GitRepository + name: home-kubernetes + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/kubernetes/main/apps/system-upgrade/system-upgrade-controller/plans/kubernetes.yaml b/kubernetes/main/apps/system-upgrade/system-upgrade-controller/plans/kubernetes.yaml new file mode 100644 index 0000000000000..4ebd34530b244 --- /dev/null +++ b/kubernetes/main/apps/system-upgrade/system-upgrade-controller/plans/kubernetes.yaml @@ -0,0 +1,37 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/upgrade.cattle.io/plan_v1.json +apiVersion: upgrade.cattle.io/v1 +kind: Plan +metadata: + name: kubernetes +spec: + # renovate: datasource=docker depName=ghcr.io/siderolabs/kubelet + version: v1.29.1 + serviceAccountName: system-upgrade + secrets: + - name: talos + path: /var/run/secrets/talos.dev + ignoreUpdates: true + concurrency: 1 + exclusive: true + nodeSelector: + matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + prepare: &prepare + image: ghcr.io/siderolabs/talosctl:v1.6.4 + envs: + - name: NODE_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP + args: + - --nodes=$(NODE_IP) + - health + - --server=false + upgrade: + <<: *prepare + args: + - --nodes=$(NODE_IP) + - upgrade-k8s + - --to=$(SYSTEM_UPGRADE_PLAN_LATEST_VERSION) diff --git a/kubernetes/main/apps/system-upgrade/system-upgrade-plans/app/kustomization.yaml b/kubernetes/main/apps/system-upgrade/system-upgrade-controller/plans/kustomization.yaml similarity index 88% rename from kubernetes/main/apps/system-upgrade/system-upgrade-plans/app/kustomization.yaml rename to kubernetes/main/apps/system-upgrade/system-upgrade-controller/plans/kustomization.yaml index e71dc32a7585f..061d8ad0d0eb1 100644 --- a/kubernetes/main/apps/system-upgrade/system-upgrade-plans/app/kustomization.yaml +++ b/kubernetes/main/apps/system-upgrade/system-upgrade-controller/plans/kustomization.yaml @@ -3,4 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: + - ./kubernetes.yaml - ./talos.yaml diff --git a/kubernetes/main/apps/system-upgrade/system-upgrade-plans/app/talos.yaml b/kubernetes/main/apps/system-upgrade/system-upgrade-controller/plans/talos.yaml similarity index 63% rename from kubernetes/main/apps/system-upgrade/system-upgrade-plans/app/talos.yaml rename to kubernetes/main/apps/system-upgrade/system-upgrade-controller/plans/talos.yaml index 6ef653376e514..4f1d1fce42ae0 100644 --- a/kubernetes/main/apps/system-upgrade/system-upgrade-plans/app/talos.yaml +++ b/kubernetes/main/apps/system-upgrade/system-upgrade-controller/plans/talos.yaml @@ -1,45 +1,12 @@ --- -apiVersion: upgrade.cattle.io/v1 -kind: Plan -metadata: - name: kubernetes -spec: - version: "${KUBERNETES_VERSION}" - serviceAccountName: system-upgrade - secrets: - - name: talos - path: /var/run/secrets/talos.dev - ignoreUpdates: true - concurrency: 1 - exclusive: true - nodeSelector: - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists - prepare: &prepare - image: "ghcr.io/siderolabs/talosctl:${TALOS_VERSION}" - envs: - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.hostIP - args: - - --nodes=$(NODE_IP) - - health - - --server=false - upgrade: - <<: *prepare - args: - - --nodes=$(NODE_IP) - - upgrade-k8s - - --to=$(SYSTEM_UPGRADE_PLAN_LATEST_VERSION) ---- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/upgrade.cattle.io/plan_v1.json apiVersion: upgrade.cattle.io/v1 kind: Plan metadata: name: talos spec: - version: "${TALOS_VERSION}" + # renovate: datasource=docker depName=ghcr.io/siderolabs/installer + version: v1.6.4 serviceAccountName: system-upgrade secrets: - name: talos diff --git a/kubernetes/main/apps/system-upgrade/system-upgrade-plans/ks.yaml b/kubernetes/main/apps/system-upgrade/system-upgrade-plans/ks.yaml deleted file mode 100644 index a7b4f807aa093..0000000000000 --- a/kubernetes/main/apps/system-upgrade/system-upgrade-plans/ks.yaml +++ /dev/null @@ -1,29 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: &app system-upgrade-plans - namespace: flux-system -spec: - targetNamespace: system-upgrade - commonMetadata: - labels: - app.kubernetes.io/name: *app - dependsOn: - - name: system-upgrade-controller - path: ./kubernetes/main/apps/system-upgrade/system-upgrade-plans/app - prune: true - sourceRef: - kind: GitRepository - name: home-kubernetes - wait: false - interval: 30m - retryInterval: 1m - timeout: 5m - postBuild: - substitute: - # renovate: datasource=docker depName=ghcr.io/siderolabs/kubelet - KUBERNETES_VERSION: v1.29.1 - # renovate: datasource=docker depName=ghcr.io/siderolabs/installer - TALOS_VERSION: v1.6.4