From c1da2281f083d845b273e330137d6a2523e09cdd Mon Sep 17 00:00:00 2001 From: rohitagg2020 Date: Sun, 28 Jan 2024 12:58:07 +0530 Subject: [PATCH 1/6] Set seccompProfile to RuntimeDefault for kapp-controller and kapp-controller-sidecarexec containers Signed-off-by: rohitagg2020 Signed-off-by: dmitrynovik --- config/config/deployment.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/config/config/deployment.yml b/config/config/deployment.yml index 2aabfe770..3c0de90de 100644 --- a/config/config/deployment.yml +++ b/config/config/deployment.yml @@ -62,6 +62,8 @@ spec: capabilities: drop: - ALL + seccompProfile: + type: RuntimeDefault - name: kapp-controller-sidecarexec image: kapp-controller args: ["--sidecarexec"] @@ -89,6 +91,8 @@ spec: capabilities: drop: - ALL + seccompProfile: + type: RuntimeDefault volumes: - name: template-fs emptyDir: From 8c1504d464eb13fd714c8e137d4ba9b8a3103135 Mon Sep 17 00:00:00 2001 From: Soumik Majumder Date: Mon, 5 Feb 2024 16:47:41 +0530 Subject: [PATCH 2/6] Do not wait for App pause on package install pause if wait is disabled. Add wait flags to pkg i pause. Signed-off-by: Soumik Majumder Signed-off-by: dmitrynovik --- .../cmd/package/installed/create_or_update.go | 9 ++++++--- .../kctrl/cmd/package/installed/pause_or_kick.go | 14 +++++++++++--- 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/cli/pkg/kctrl/cmd/package/installed/create_or_update.go b/cli/pkg/kctrl/cmd/package/installed/create_or_update.go index 4eeabdf6b..e2eab1d7f 100644 --- a/cli/pkg/kctrl/cmd/package/installed/create_or_update.go +++ b/cli/pkg/kctrl/cmd/package/installed/create_or_update.go @@ -388,9 +388,12 @@ func (o CreateOrUpdateOptions) update(client kubernetes.Interface, kcClient kccl if err != nil { return err } - err = o.waitForAppPause(kcClient) - if err != nil { - return err + + if o.WaitFlags.Enabled { + err = o.waitForAppPause(kcClient) + if err != nil { + return err + } } reconciliationPaused = true diff --git a/cli/pkg/kctrl/cmd/package/installed/pause_or_kick.go b/cli/pkg/kctrl/cmd/package/installed/pause_or_kick.go index f42c83303..60f6ca174 100644 --- a/cli/pkg/kctrl/cmd/package/installed/pause_or_kick.go +++ b/cli/pkg/kctrl/cmd/package/installed/pause_or_kick.go @@ -65,6 +65,12 @@ func NewPauseCmd(o *PauseOrKickOptions, flagsFactory cmdcore.FlagsFactory) *cobr cmd.Use = "pause INSTALLED_PACKAGE_NAME" } + o.WaitFlags.Set(cmd, flagsFactory, &cmdcore.WaitFlagsOpts{ + AllowDisableWait: true, + DefaultInterval: 2 * time.Second, + DefaultTimeout: 5 * time.Minute, + }) + return cmd } @@ -165,9 +171,11 @@ func (o *PauseOrKickOptions) Kick(args []string) error { return err } - err = o.waitForAppPause(client) - if err != nil { - return err + if o.WaitFlags.Enabled { + err = o.waitForAppPause(client) + if err != nil { + return err + } } err = o.unpause(client) From ef2e4bf9aa26c3e821181be6915687c1cc7f3dcf Mon Sep 17 00:00:00 2001 From: Premkumar Bhaskal Date: Tue, 6 Feb 2024 13:58:22 +0530 Subject: [PATCH 3/6] adding new column message in kctrl pkg installed list command column will be visible when --wide flag is set to true Signed-off-by: Premkumar Bhaskal Signed-off-by: dmitrynovik --- cli/pkg/kctrl/cmd/package/installed/list.go | 18 ++++++++ cli/test/e2e/package_install_test.go | 46 +++++++++++++++++++++ 2 files changed, 64 insertions(+) diff --git a/cli/pkg/kctrl/cmd/package/installed/list.go b/cli/pkg/kctrl/cmd/package/installed/list.go index b04727d7b..d8a4cc252 100644 --- a/cli/pkg/kctrl/cmd/package/installed/list.go +++ b/cli/pkg/kctrl/cmd/package/installed/list.go @@ -12,6 +12,7 @@ import ( "github.com/spf13/cobra" cmdcore "github.com/vmware-tanzu/carvel-kapp-controller/cli/pkg/kctrl/cmd/core" "github.com/vmware-tanzu/carvel-kapp-controller/cli/pkg/kctrl/logger" + kcpkgv1alpha1 "github.com/vmware-tanzu/carvel-kapp-controller/pkg/apis/packaging/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -22,6 +23,7 @@ type ListOptions struct { NamespaceFlags cmdcore.NamespaceFlags AllNamespaces bool + Wide bool pkgCmdTreeOpts cmdcore.PackageCommandTreeOpts } @@ -49,6 +51,8 @@ func NewListCmd(o *ListOptions, flagsFactory cmdcore.FlagsFactory) *cobra.Comman } o.NamespaceFlags.SetWithPackageCommandTreeOpts(cmd, flagsFactory, o.pkgCmdTreeOpts) cmd.Flags().BoolVarP(&o.AllNamespaces, "all-namespaces", "A", false, "List installed packages in all namespaces") + + cmd.Flags().BoolVar(&o.Wide, "wide", false, "show additional info") return cmd } @@ -74,6 +78,9 @@ func (o *ListOptions) Run() error { return err } + messageHeader := uitable.NewHeader("Message") + messageHeader.Hidden = !o.Wide + table := uitable.Table{ Title: tableTitle, @@ -83,6 +90,7 @@ func (o *ListOptions) Run() error { uitable.NewHeader("Package Name"), uitable.NewHeader("Package Version"), uitable.NewHeader("Status"), + messageHeader, }, SortBy: []uitable.ColumnSort{ @@ -99,6 +107,7 @@ func (o *ListOptions) Run() error { uitable.NewValueString(pkgi.Spec.PackageRef.RefName), uitable.NewValueString(pkgi.Status.Version), uitable.ValueFmt{V: uitable.NewValueString(status), Error: isFailing}, + cmdcore.NewValueTruncated(uitable.NewValueString(o.getPkgiStatusMessage(&pkgi)), 50), }) } @@ -106,3 +115,12 @@ func (o *ListOptions) Run() error { return nil } + +func (o *ListOptions) getPkgiStatusMessage(pkgi *kcpkgv1alpha1.PackageInstall) string { + conditionsLen := len(pkgi.Status.Conditions) + if conditionsLen == 0 { + return "" + } + lastCondition := pkgi.Status.Conditions[conditionsLen-1] + return lastCondition.Message +} diff --git a/cli/test/e2e/package_install_test.go b/cli/test/e2e/package_install_test.go index 1fcb7cca7..4d479fbed 100644 --- a/cli/test/e2e/package_install_test.go +++ b/cli/test/e2e/package_install_test.go @@ -138,6 +138,22 @@ key2: value2 require.Exactly(t, expectedOutputRows, output.Tables[0].Rows) }) + logger.Section("package installed list with one package installed with wide option", func() { + out, err := kappCtrl.RunWithOpts([]string{"package", "installed", "list", "--wide", "--json"}, RunOpts{}) + require.NoError(t, err) + + output := uitest.JSONUIFromBytes(t, []byte(out)) + + expectedOutputRows := []map[string]string{{ + "message": "", + "name": "testpkgi", + "package_name": "test-pkg.carvel.dev", + "package_version": "1.0.0", + "status": "Reconcile succeeded", + }} + require.Exactly(t, expectedOutputRows, output.Tables[0].Rows) + }) + logger.Section("package installed get", func() { out, err := kappCtrl.RunWithOpts([]string{"package", "installed", "get", "--package-install", pkgiName, "--json"}, RunOpts{}) @@ -260,6 +276,36 @@ key2: value2 require.Contains(t, err.Error(), "not found") }) + logger.Section("Listing with error in package install", func() { + incorrectValuesFile := ` +key1: value1: +` + _, err := kappCtrl.RunWithOpts([]string{"package", "installed", "create", "--package-install", pkgiName, + "-p", packageMetadataName, "--version", packageVersion1, + "--values-file", "-"}, RunOpts{ + StdinReader: strings.NewReader(incorrectValuesFile), + AllowError: true, + }) + require.Error(t, err) + + out, err := kappCtrl.RunWithOpts([]string{"package", "installed", "list", "--wide", "--json"}, RunOpts{}) + require.NoError(t, err) + + output := uitest.JSONUIFromBytes(t, []byte(out)) + + expectedOutputRows := []map[string]string{{ + "message": "Error (see .status.usefulErrorMessage for details)", + "name": "testpkgi", + "package_name": "test-pkg.carvel.dev", + "package_version": "1.0.0", + "status": "Reconcile failed", + }} + require.Exactly(t, expectedOutputRows, output.Tables[0].Rows) + + _, err = kappCtrl.RunWithOpts([]string{"package", "installed", "delete", "--package-install", pkgiName}, RunOpts{}) + require.NoError(t, err) + }) + logger.Section("package installed update with missing old version", func() { kappCtrl.RunWithOpts([]string{"package", "installed", "create", "--package-install", pkgiName, "-p", packageMetadataName, "--version", packageVersion1, From 4b64fbc21fd097f40c585cb1b322145649df2ee6 Mon Sep 17 00:00:00 2001 From: dmitrynovik Date: Tue, 13 Feb 2024 23:43:18 +1100 Subject: [PATCH 4/6] fix: update-kind-example-to-containerd_1.5 Signed-off-by: dmitrynovik --- .../scripts/kind-with-registry.sh | 20 ++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/examples/local-kind-environment/scripts/kind-with-registry.sh b/examples/local-kind-environment/scripts/kind-with-registry.sh index f19cbeab2..1a7821c7b 100755 --- a/examples/local-kind-environment/scripts/kind-with-registry.sh +++ b/examples/local-kind-environment/scripts/kind-with-registry.sh @@ -2,6 +2,8 @@ set -o errexit # create registry container unless it already exists +# http://kind-registry.local:5000 +# curl -s -X GET kind-registry.local:5000/v2/_catalog | jq . reg_name='kind-registry.local' reg_port='5000' if [ "$(docker inspect -f '{{.State.Running}}' "${reg_name}" 2>/dev/null || true)" != 'true' ]; then @@ -16,10 +18,26 @@ kind: Cluster apiVersion: kind.x-k8s.io/v1alpha4 containerdConfigPatches: - |- - [plugins."io.containerd.grpc.v1.cri".registry.mirrors."localhost:${reg_port}"] + [plugins."io.containerd.grpc.v1.cri".registry.mirrors."${reg_name}:${reg_port}"] endpoint = ["http://${reg_name}:5000"] EOF +# 3. Add the registry config to the nodes +# +# This is necessary because localhost resolves to loopback addresses that are +# network-namespace local. +# In other words: localhost in the container is not localhost on the host. +# +# We want a consistent name that works from both ends, so we tell containerd to +# alias localhost:${reg_port} to the registry container when pulling images +REGISTRY_DIR="/etc/containerd/certs.d/${reg_name}:${reg_port}" +for node in $(sudo kind get nodes); do + sudo docker exec "${node}" mkdir -p "${REGISTRY_DIR}" + cat < Date: Wed, 14 Feb 2024 16:28:40 +1100 Subject: [PATCH 5/6] chore: comments removed Signed-off-by: dmitrynovik --- examples/local-kind-environment/scripts/kind-with-registry.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/examples/local-kind-environment/scripts/kind-with-registry.sh b/examples/local-kind-environment/scripts/kind-with-registry.sh index 1a7821c7b..d2b8295b2 100755 --- a/examples/local-kind-environment/scripts/kind-with-registry.sh +++ b/examples/local-kind-environment/scripts/kind-with-registry.sh @@ -2,8 +2,6 @@ set -o errexit # create registry container unless it already exists -# http://kind-registry.local:5000 -# curl -s -X GET kind-registry.local:5000/v2/_catalog | jq . reg_name='kind-registry.local' reg_port='5000' if [ "$(docker inspect -f '{{.State.Running}}' "${reg_name}" 2>/dev/null || true)" != 'true' ]; then From c8e3018a800fe469cf5f66dda51d542623e7a718 Mon Sep 17 00:00:00 2001 From: dmitrynovik Date: Thu, 15 Feb 2024 13:56:56 +1100 Subject: [PATCH 6/6] chore: removing 3. Signed-off-by: dmitrynovik --- examples/local-kind-environment/scripts/kind-with-registry.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/local-kind-environment/scripts/kind-with-registry.sh b/examples/local-kind-environment/scripts/kind-with-registry.sh index d2b8295b2..688457ed7 100755 --- a/examples/local-kind-environment/scripts/kind-with-registry.sh +++ b/examples/local-kind-environment/scripts/kind-with-registry.sh @@ -20,7 +20,7 @@ containerdConfigPatches: endpoint = ["http://${reg_name}:5000"] EOF -# 3. Add the registry config to the nodes +# Add the registry config to the nodes # # This is necessary because localhost resolves to loopback addresses that are # network-namespace local.