From 681c4af166a5cbc684acf09d65dd3fa4386a7a71 Mon Sep 17 00:00:00 2001 From: lukasmetzner Date: Fri, 13 Dec 2024 15:36:28 +0100 Subject: [PATCH 1/9] ci: added pre-commit config --- .pre-commit-config.yaml | 48 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 .pre-commit-config.yaml diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 00000000..dec64688 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,48 @@ +--- +# See https://pre-commit.com for more information +# See https://pre-commit.com/hooks.html for more hooks +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v5.0.0 + hooks: + - id: check-added-large-files + - id: check-case-conflict + - id: check-executables-have-shebangs + - id: check-shebang-scripts-are-executable + - id: check-symlinks + - id: destroyed-symlinks + + - id: check-toml + - id: check-json + - id: check-yaml + args: [--allow-multiple-documents] + exclude: ^(deploy/.*|chart/templates/.*)$ + + - id: check-merge-conflict + - id: end-of-file-fixer + - id: mixed-line-ending + args: [--fix=lf] + - id: trailing-whitespace + exclude: ^(chart/.snapshots/.*)$ + + - repo: https://github.com/pre-commit/mirrors-prettier + rev: v3.1.0 + hooks: + - id: prettier + files: \.(md|ya?ml|json)$ + exclude: ^(CHANGELOG.md|chart/templates/.*|chart/.snapshots/.*)$ + + - repo: local + hooks: + - id: shfmt + name: shfmt + description: Format shell scripts with shfmt + language: golang + additional_dependencies: [mvdan.cc/sh/v3/cmd/shfmt@v3.7.0] + entry: shfmt -i 2 -ci -sr -kp -w + types: [shell] + + - repo: https://github.com/shellcheck-py/shellcheck-py + rev: v0.9.0.6 + hooks: + - id: shellcheck From df163194e976cfef880679cc2c590a959d393ab3 Mon Sep 17 00:00:00 2001 From: lukasmetzner Date: Mon, 16 Dec 2024 08:56:37 +0100 Subject: [PATCH 2/9] ci: added pre-commit action to linting ci --- .github/workflows/lint.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index ce7a9d1d..4c38c7aa 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -9,6 +9,17 @@ env: GOTOOLCHAIN: local jobs: + pre-commit: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-python@v5 + with: + python-version: 3.x + + - uses: pre-commit/action@v3.0.1 + lint: runs-on: ubuntu-latest steps: From 7c8431552f8a77b1672ad62a96631f632ede2a30 Mon Sep 17 00:00:00 2001 From: lukasmetzner Date: Mon, 16 Dec 2024 08:57:16 +0100 Subject: [PATCH 3/9] style: initial formatting after pre-commit install --- .goreleaser.yml | 15 +- chart/.helmignore | 2 +- chart/.snapshots/full.values.yaml | 1 - chart/README.md | 1 - chart/example-prod.values.yaml | 44 +- chart/templates/_common_images.tpl | 2 +- chart/templates/_common_labels.tpl | 2 +- chart/templates/_common_name.tpl | 2 +- chart/templates/_common_tplvalues.tpl | 2 +- chart/templates/controller/secret.yaml | 2 +- chart/templates/controller/service.yaml | 2 +- chart/templates/core/csidriver.yaml | 2 +- chart/templates/core/storageclass.yaml | 2 +- chart/templates/node/service.yaml | 2 +- chart/values.schema.json | 1392 ++++++++--------- chart/values.yaml | 5 +- cmd/aio/README.md | 2 +- deploy/docker-swarm/.gitignore | 2 +- deploy/docker-swarm/pkg/LICENSE | 2 +- deploy/docker-swarm/pkg/README.md | 2 +- deploy/docker-swarm/pkg/config.json | 27 +- deploy/kubernetes/hcloud-csi.yml | 159 +- deploy/kubernetes/kustomization.yaml | 2 +- .../service-monitor/kustomization.yaml | 2 +- .../service-monitor/service-monitor.yaml | 9 +- deploy/kustomization.yaml | 2 +- deploy/monitoring/grafana-dashboard.json | 35 +- docs/debug-logs.md | 26 +- docs/docker-swarm/README.md | 3 +- docs/kubernetes/README.md | 35 +- docs/monitoring.md | 5 +- docs/nomad/README.md | 6 +- .../fix-volumeattachments.sh | 19 +- .../fix-persistentvolume-topology.sh | 36 +- hack/release-generate-deployment-yamls.sh | 2 +- hack/update-deployment-yamls.sh | 8 +- hack/update-helm-snapshots.sh | 18 +- 37 files changed, 921 insertions(+), 959 deletions(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index ea63f04f..c255c8c3 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -32,20 +32,29 @@ dockers: - build_flag_templates: [--platform=linux/amd64] dockerfile: Dockerfile goarch: amd64 - image_templates: ["hetznercloud/hcloud-csi-driver:{{ if not .IsSnapshot }}v{{ end }}{{ .Version }}-amd64"] + image_templates: + [ + "hetznercloud/hcloud-csi-driver:{{ if not .IsSnapshot }}v{{ end }}{{ .Version }}-amd64", + ] use: buildx - build_flag_templates: [--platform=linux/arm64] dockerfile: Dockerfile goarch: arm64 - image_templates: ["hetznercloud/hcloud-csi-driver:{{ if not .IsSnapshot }}v{{ end }}{{ .Version }}-arm64v8"] + image_templates: + [ + "hetznercloud/hcloud-csi-driver:{{ if not .IsSnapshot }}v{{ end }}{{ .Version }}-arm64v8", + ] use: buildx - build_flag_templates: [--platform=linux/arm/v6] dockerfile: Dockerfile goarch: arm goarm: 6 - image_templates: ["hetznercloud/hcloud-csi-driver:{{ if not .IsSnapshot }}v{{ end }}{{ .Version }}-armv6"] + image_templates: + [ + "hetznercloud/hcloud-csi-driver:{{ if not .IsSnapshot }}v{{ end }}{{ .Version }}-armv6", + ] use: buildx docker_manifests: diff --git a/chart/.helmignore b/chart/.helmignore index 594a98f5..0757b37e 100644 --- a/chart/.helmignore +++ b/chart/.helmignore @@ -20,4 +20,4 @@ .idea/ *.tmproj -.snapshots \ No newline at end of file +.snapshots diff --git a/chart/.snapshots/full.values.yaml b/chart/.snapshots/full.values.yaml index 51ac7aa2..b9e85eb1 100644 --- a/chart/.snapshots/full.values.yaml +++ b/chart/.snapshots/full.values.yaml @@ -371,4 +371,3 @@ storageClasses: defaultStorageClass: false reclaimPolicy: Keep allowedTopologyCloudServer: false - diff --git a/chart/README.md b/chart/README.md index fb914f5b..989442ea 100644 --- a/chart/README.md +++ b/chart/README.md @@ -42,7 +42,6 @@ Then you can follow the Quickstart installation steps above. This chart aims to be highly flexible. Please review the [values.yaml](./values.yaml) for a full list of configuration options. There are additional recommendations for production deployments in [`example-prod.values.yaml`](./example-prod.values.yaml). - If you've already deployed csi-driver using the `helm install` command above, you can easily change configuration values: ```sh diff --git a/chart/example-prod.values.yaml b/chart/example-prod.values.yaml index 9461ba18..2735a931 100644 --- a/chart/example-prod.values.yaml +++ b/chart/example-prod.values.yaml @@ -7,70 +7,70 @@ controller: limits: memory: 80Mi cpu: 50m - requests: + requests: memory: 20Mi cpu: 10m csiResizer: limits: memory: 80Mi cpu: 50m - requests: + requests: memory: 20Mi cpu: 10m csiProvisioner: limits: memory: 80Mi cpu: 50m - requests: + requests: memory: 20Mi cpu: 10m livenessProbe: limits: memory: 80Mi cpu: 50m - requests: + requests: memory: 20Mi cpu: 10m hcloudCSIDriver: limits: memory: 80Mi cpu: 100m - requests: + requests: memory: 40Mi cpu: 10m affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: csi-hcloud - operator: In - values: - - controller - topologyKey: "kubernetes.io/hostname" + - labelSelector: + matchExpressions: + - key: csi-hcloud + operator: In + values: + - controller + topologyKey: "kubernetes.io/hostname" node: priorityClassName: "system-node-critical" resources: csiNodeDriverRegistrar: - limits: + limits: memory: 40Mi cpu: 50m - requests: + requests: memory: 20Mi cpu: 10m livenessProbe: - limits: + limits: memory: 40Mi cpu: 50m - requests: + requests: memory: 20Mi cpu: 10m hcloudCSIDriver: limits: memory: 80Mi cpu: 100m - requests: + requests: memory: 40Mi cpu: 10m hostNetwork: true @@ -78,11 +78,11 @@ node: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - - matchExpressions: - - key: "node-role.kubernetes.io/control-plane" - operator: NotIn - values: - - "" + - matchExpressions: + - key: "node-role.kubernetes.io/control-plane" + operator: NotIn + values: + - "" metrics: enabled: true diff --git a/chart/templates/_common_images.tpl b/chart/templates/_common_images.tpl index 5e29eecf..70353083 100644 --- a/chart/templates/_common_images.tpl +++ b/chart/templates/_common_images.tpl @@ -32,4 +32,4 @@ imagePullSecrets: - name: {{ . }} {{- end }} {{- end }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/chart/templates/_common_labels.tpl b/chart/templates/_common_labels.tpl index 40016fd2..6f3ff0db 100644 --- a/chart/templates/_common_labels.tpl +++ b/chart/templates/_common_labels.tpl @@ -14,4 +14,4 @@ Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector {{- define "common.labels.matchLabels" -}} app.kubernetes.io/name: {{ include "common.names.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/chart/templates/_common_name.tpl b/chart/templates/_common_name.tpl index a5d05744..6e360837 100644 --- a/chart/templates/_common_name.tpl +++ b/chart/templates/_common_name.tpl @@ -53,4 +53,4 @@ Create the name of the service account to use {{- else -}} {{ default "default" .Values.serviceAccount.name }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/chart/templates/_common_tplvalues.tpl b/chart/templates/_common_tplvalues.tpl index 50f1c914..096b29d5 100644 --- a/chart/templates/_common_tplvalues.tpl +++ b/chart/templates/_common_tplvalues.tpl @@ -9,4 +9,4 @@ Usage: {{- else }} {{- tpl (.value | toYaml) .context }} {{- end }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/chart/templates/controller/secret.yaml b/chart/templates/controller/secret.yaml index 963a9aed..cb74a80f 100644 --- a/chart/templates/controller/secret.yaml +++ b/chart/templates/controller/secret.yaml @@ -15,4 +15,4 @@ metadata: type: Opaque data: token: {{ .Values.controller.hcloudToken.value | b64enc }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/chart/templates/controller/service.yaml b/chart/templates/controller/service.yaml index 1b1aa8ef..0698a721 100644 --- a/chart/templates/controller/service.yaml +++ b/chart/templates/controller/service.yaml @@ -24,4 +24,4 @@ spec: port: {{ .Values.controller.service.ports.metrics }} selector: {{- include "common.labels.matchLabels" . | nindent 4 }} app.kubernetes.io/component: controller -{{- end }} \ No newline at end of file +{{- end }} diff --git a/chart/templates/core/csidriver.yaml b/chart/templates/core/csidriver.yaml index 9d3c6668..ce6f5237 100644 --- a/chart/templates/core/csidriver.yaml +++ b/chart/templates/core/csidriver.yaml @@ -8,4 +8,4 @@ spec: podInfoOnMount: true seLinuxMount: true volumeLifecycleModes: - - Persistent \ No newline at end of file + - Persistent diff --git a/chart/templates/core/storageclass.yaml b/chart/templates/core/storageclass.yaml index f5f282c8..cc1a79b1 100644 --- a/chart/templates/core/storageclass.yaml +++ b/chart/templates/core/storageclass.yaml @@ -20,4 +20,4 @@ allowedTopologies: {{- end}} --- {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/chart/templates/node/service.yaml b/chart/templates/node/service.yaml index ce7191f4..fc87271c 100644 --- a/chart/templates/node/service.yaml +++ b/chart/templates/node/service.yaml @@ -24,4 +24,4 @@ spec: port: {{ .Values.node.service.ports.metrics }} selector: {{- include "common.labels.matchLabels" . | nindent 4 }} app.kubernetes.io/component: node -{{- end }} \ No newline at end of file +{{- end }} diff --git a/chart/values.schema.json b/chart/values.schema.json index 1c77df5f..2d01f9c0 100644 --- a/chart/values.schema.json +++ b/chart/values.schema.json @@ -1,738 +1,738 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "properties": { - "commonAnnotations": { - "properties": {}, - "type": "object" - }, - "commonLabels": { - "properties": {}, - "type": "object" - }, - "controller": { - "properties": { - "affinity": { - "properties": {}, - "type": "object" - }, - "containerPorts": { - "properties": { - "healthz": { - "type": "integer" - }, - "metrics": { - "type": "integer" - } - }, - "type": "object" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "properties": { + "commonAnnotations": { + "properties": {}, + "type": "object" + }, + "commonLabels": { + "properties": {}, + "type": "object" + }, + "controller": { + "properties": { + "affinity": { + "properties": {}, + "type": "object" + }, + "containerPorts": { + "properties": { + "healthz": { + "type": "integer" + }, + "metrics": { + "type": "integer" + } + }, + "type": "object" + }, + "customLivenessProbe": { + "properties": {}, + "type": "object" + }, + "customReadinessProbe": { + "properties": {}, + "type": "object" + }, + "customStartupProbe": { + "properties": {}, + "type": "object" + }, + "extraEnvVars": { + "type": "array" + }, + "extraVolumeMounts": { + "type": "array" + }, + "extraVolumes": { + "type": "array" + }, + "hcloudToken": { + "properties": { + "existingSecret": { + "properties": { + "key": { + "type": "string" }, - "customLivenessProbe": { - "properties": {}, - "type": "object" + "name": { + "type": "string" + } + }, + "type": "object" + }, + "file": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object" + }, + "hcloudVolumeDefaultLocation": { + "type": "string" + }, + "image": { + "properties": { + "csiAttacher": { + "properties": { + "name": { + "type": "string" + }, + "pullPolicy": { + "type": "string" + }, + "pullSecrets": { + "type": "array" + }, + "tag": { + "type": "string" + } + }, + "type": "object" + }, + "csiProvisioner": { + "properties": { + "name": { + "type": "string" + }, + "pullPolicy": { + "type": "string" + }, + "pullSecrets": { + "type": "array" + }, + "tag": { + "type": "string" + } + }, + "type": "object" + }, + "csiResizer": { + "properties": { + "name": { + "type": "string" + }, + "pullPolicy": { + "type": "string" + }, + "pullSecrets": { + "type": "array" + }, + "tag": { + "type": "string" + } + }, + "type": "object" + }, + "hcloudCSIDriver": { + "properties": { + "name": { + "type": "string" }, - "customReadinessProbe": { - "properties": {}, - "type": "object" + "pullPolicy": { + "type": "string" }, - "customStartupProbe": { - "properties": {}, - "type": "object" + "pullSecrets": { + "type": "array" }, - "extraEnvVars": { - "type": "array" + "tag": { + "type": "string" + } + }, + "type": "object" + }, + "livenessProbe": { + "properties": { + "name": { + "type": "string" }, - "extraVolumeMounts": { - "type": "array" + "pullPolicy": { + "type": "string" }, - "extraVolumes": { - "type": "array" + "pullSecrets": { + "type": "array" }, - "hcloudToken": { - "properties": { - "existingSecret": { - "properties": { + "tag": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "initContainers": { + "type": "array" + }, + "lifecycleHooks": { + "properties": {}, + "type": "object" + }, + "livenessProbe": { + "properties": { + "enabled": { + "type": "boolean" + }, + "failureThreshold": { + "type": "integer" + }, + "initialDelaySeconds": { + "type": "integer" + }, + "periodSeconds": { + "type": "integer" + }, + "successThreshold": { + "type": "integer" + }, + "timeoutSeconds": { + "type": "integer" + } + }, + "type": "object" + }, + "nodeSelector": { + "properties": {}, + "type": "object" + }, + "podAnnotations": { + "properties": {}, + "type": "object" + }, + "podDisruptionBudget": { + "properties": { + "create": { + "type": "boolean" + }, + "maxUnavailable": { + "type": "string" + }, + "minAvailable": { + "type": "integer" + } + }, + "type": "object" + }, + "podLabels": { + "properties": {}, + "type": "object" + }, + "podSecurityContext": { + "properties": { + "enabled": { + "type": "boolean" + }, + "fsGroup": { + "type": "integer" + } + }, + "type": "object" + }, + "priorityClassName": { + "type": "string" + }, + "rbac": { + "properties": { + "create": { + "type": "boolean" + }, + "rules": { + "type": "array" + } + }, + "type": "object" + }, + "replicaCount": { + "type": "integer" + }, + "resources": { + "properties": { + "csiAttacher": { + "properties": { + "limits": { + "properties": {}, + "type": "object" + }, + "requests": { + "properties": {}, + "type": "object" + } + }, + "type": "object" + }, + "csiProvisioner": { + "properties": { + "limits": { + "properties": {}, + "type": "object" + }, + "requests": { + "properties": {}, + "type": "object" + } + }, + "type": "object" + }, + "csiResizer": { + "properties": { + "limits": { + "properties": {}, + "type": "object" + }, + "requests": { + "properties": {}, + "type": "object" + } + }, + "type": "object" + }, + "hcloudCSIDriver": { + "properties": { + "limits": { + "properties": {}, + "type": "object" + }, + "requests": { + "properties": {}, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "properties": { + "limits": { + "properties": {}, + "type": "object" + }, + "requests": { + "properties": {}, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "schedulerName": { + "type": "string" + }, + "service": { + "properties": { + "annotations": { + "properties": {}, + "type": "object" + }, + "ports": { + "properties": { + "metrics": { + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "sidecars": { + "type": "array" + }, + "tolerations": { + "type": "array" + }, + "topologySpreadConstraints": { + "type": "array" + }, + "updateStrategy": { + "properties": { + "type": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "fullnameOverride": { + "type": "string" + }, + "global": { + "properties": { + "imagePullSecrets": { + "type": "array" + } + }, + "type": "object" + }, + "metrics": { + "properties": { + "enabled": { + "type": "boolean" + }, + "serviceMonitor": { + "properties": { + "annotations": { + "properties": {}, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "honorLabels": { + "type": "boolean" + }, + "interval": { + "type": "string" + }, + "jobLabel": { + "type": "string" + }, + "labels": { + "properties": {}, + "type": "object" + }, + "metricRelabelings": { + "type": "array" + }, + "namespace": { + "type": "string" + }, + "relabelings": { + "type": "array" + }, + "scrapeTimeout": { + "type": "string" + }, + "selector": { + "properties": {}, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "nameOverride": { + "type": "string" + }, + "namespaceOverride": { + "type": "string" + }, + "node": { + "properties": { + "affinity": { + "properties": { + "nodeAffinity": { + "properties": { + "requiredDuringSchedulingIgnoredDuringExecution": { + "properties": { + "nodeSelectorTerms": { + "items": { + "properties": { + "matchExpressions": { + "items": { + "properties": { "key": { - "type": "string" - }, - "name": { - "type": "string" - } - }, - "type": "object" - }, - "file": { - "type": "string" - }, - "value": { - "type": "string" - } - }, - "type": "object" - }, - "hcloudVolumeDefaultLocation": { - "type": "string" - }, - "image": { - "properties": { - "csiAttacher": { - "properties": { - "name": { - "type": "string" - }, - "pullPolicy": { - "type": "string" - }, - "pullSecrets": { - "type": "array" - }, - "tag": { - "type": "string" - } - }, - "type": "object" - }, - "csiProvisioner": { - "properties": { - "name": { - "type": "string" + "type": "string" }, - "pullPolicy": { - "type": "string" - }, - "pullSecrets": { - "type": "array" + "operator": { + "type": "string" }, - "tag": { + "values": { + "items": { "type": "string" + }, + "type": "array" } + }, + "type": "object" }, - "type": "object" - }, - "csiResizer": { - "properties": { - "name": { - "type": "string" - }, - "pullPolicy": { - "type": "string" - }, - "pullSecrets": { - "type": "array" - }, - "tag": { - "type": "string" - } - }, - "type": "object" - }, - "hcloudCSIDriver": { - "properties": { - "name": { - "type": "string" - }, - "pullPolicy": { - "type": "string" - }, - "pullSecrets": { - "type": "array" - }, - "tag": { - "type": "string" - } - }, - "type": "object" - }, - "livenessProbe": { - "properties": { - "name": { - "type": "string" - }, - "pullPolicy": { - "type": "string" - }, - "pullSecrets": { - "type": "array" - }, - "tag": { - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "initContainers": { - "type": "array" - }, - "lifecycleHooks": { - "properties": {}, - "type": "object" - }, - "livenessProbe": { - "properties": { - "enabled": { - "type": "boolean" - }, - "failureThreshold": { - "type": "integer" - }, - "initialDelaySeconds": { - "type": "integer" - }, - "periodSeconds": { - "type": "integer" - }, - "successThreshold": { - "type": "integer" - }, - "timeoutSeconds": { - "type": "integer" - } - }, - "type": "object" - }, - "nodeSelector": { - "properties": {}, - "type": "object" - }, - "podAnnotations": { - "properties": {}, - "type": "object" - }, - "podDisruptionBudget": { - "properties": { - "create": { - "type": "boolean" - }, - "maxUnavailable": { - "type": "string" - }, - "minAvailable": { - "type": "integer" - } - }, - "type": "object" - }, - "podLabels": { - "properties": {}, - "type": "object" - }, - "podSecurityContext": { - "properties": { - "enabled": { - "type": "boolean" - }, - "fsGroup": { - "type": "integer" - } - }, - "type": "object" - }, - "priorityClassName": { - "type": "string" - }, - "rbac": { - "properties": { - "create": { - "type": "boolean" - }, - "rules": { "type": "array" - } - }, - "type": "object" - }, - "replicaCount": { - "type": "integer" - }, - "resources": { - "properties": { - "csiAttacher": { - "properties": { - "limits": { - "properties": {}, - "type": "object" - }, - "requests": { - "properties": {}, - "type": "object" - } - }, - "type": "object" + } }, - "csiProvisioner": { - "properties": { - "limits": { - "properties": {}, - "type": "object" - }, - "requests": { - "properties": {}, - "type": "object" - } - }, - "type": "object" - }, - "csiResizer": { - "properties": { - "limits": { - "properties": {}, - "type": "object" - }, - "requests": { - "properties": {}, - "type": "object" - } - }, - "type": "object" - }, - "hcloudCSIDriver": { - "properties": { - "limits": { - "properties": {}, - "type": "object" - }, - "requests": { - "properties": {}, - "type": "object" - } - }, - "type": "object" - }, - "livenessProbe": { - "properties": { - "limits": { - "properties": {}, - "type": "object" - }, - "requests": { - "properties": {}, - "type": "object" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "schedulerName": { - "type": "string" - }, - "service": { - "properties": { - "annotations": { - "properties": {}, - "type": "object" - }, - "ports": { - "properties": { - "metrics": { - "type": "integer" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "sidecars": { - "type": "array" - }, - "tolerations": { - "type": "array" - }, - "topologySpreadConstraints": { - "type": "array" - }, - "updateStrategy": { - "properties": { - "type": { - "type": "string" - } - }, - "type": "object" + "type": "object" + }, + "type": "array" + } + }, + "type": "object" } + }, + "type": "object" + } + }, + "type": "object" + }, + "containerPorts": { + "properties": { + "healthz": { + "type": "integer" }, - "type": "object" + "metrics": { + "type": "integer" + } + }, + "type": "object" }, - "fullnameOverride": { - "type": "string" + "customLivenessProbe": { + "properties": {}, + "type": "object" }, - "global": { - "properties": { - "imagePullSecrets": { - "type": "array" - } - }, - "type": "object" + "customReadinessProbe": { + "properties": {}, + "type": "object" }, - "metrics": { - "properties": { - "enabled": { - "type": "boolean" - }, - "serviceMonitor": { - "properties": { - "annotations": { - "properties": {}, - "type": "object" - }, - "enabled": { - "type": "boolean" - }, - "honorLabels": { - "type": "boolean" - }, - "interval": { - "type": "string" - }, - "jobLabel": { - "type": "string" - }, - "labels": { - "properties": {}, - "type": "object" - }, - "metricRelabelings": { - "type": "array" - }, - "namespace": { - "type": "string" - }, - "relabelings": { - "type": "array" - }, - "scrapeTimeout": { - "type": "string" - }, - "selector": { - "properties": {}, - "type": "object" - } - }, - "type": "object" - } - }, - "type": "object" + "customStartupProbe": { + "properties": {}, + "type": "object" }, - "nameOverride": { - "type": "string" + "extraEnvVars": { + "type": "array" }, - "namespaceOverride": { - "type": "string" + "extraVolumeMounts": { + "type": "array" }, - "node": { - "properties": { - "affinity": { - "properties": { - "nodeAffinity": { - "properties": { - "requiredDuringSchedulingIgnoredDuringExecution": { - "properties": { - "nodeSelectorTerms": { - "items": { - "properties": { - "matchExpressions": { - "items": { - "properties": { - "key": { - "type": "string" - }, - "operator": { - "type": "string" - }, - "values": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - }, - "type": "array" - } - }, - "type": "object" - }, - "type": "array" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "containerPorts": { - "properties": { - "healthz": { - "type": "integer" - }, - "metrics": { - "type": "integer" - } - }, - "type": "object" - }, - "customLivenessProbe": { - "properties": {}, - "type": "object" - }, - "customReadinessProbe": { - "properties": {}, - "type": "object" + "extraVolumes": { + "type": "array" + }, + "hostNetwork": { + "type": "boolean" + }, + "image": { + "properties": { + "csiNodeDriverRegistrar": { + "properties": { + "name": { + "type": "string" }, - "customStartupProbe": { - "properties": {}, - "type": "object" + "pullPolicy": { + "type": "string" }, - "extraEnvVars": { - "type": "array" + "pullSecrets": { + "type": "array" }, - "extraVolumeMounts": { - "type": "array" + "tag": { + "type": "string" + } + }, + "type": "object" + }, + "hcloudCSIDriver": { + "properties": { + "name": { + "type": "string" }, - "extraVolumes": { - "type": "array" + "pullPolicy": { + "type": "string" }, - "hostNetwork": { - "type": "boolean" + "pullSecrets": { + "type": "array" }, - "image": { - "properties": { - "csiNodeDriverRegistrar": { - "properties": { - "name": { - "type": "string" - }, - "pullPolicy": { - "type": "string" - }, - "pullSecrets": { - "type": "array" - }, - "tag": { - "type": "string" - } - }, - "type": "object" - }, - "hcloudCSIDriver": { - "properties": { - "name": { - "type": "string" - }, - "pullPolicy": { - "type": "string" - }, - "pullSecrets": { - "type": "array" - }, - "tag": { - "type": "string" - } - }, - "type": "object" - }, - "livenessProbe": { - "properties": { - "name": { - "type": "string" - }, - "pullPolicy": { - "type": "string" - }, - "pullSecrets": { - "type": "array" - }, - "tag": { - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "initContainers": { - "type": "array" + "tag": { + "type": "string" + } + }, + "type": "object" + }, + "livenessProbe": { + "properties": { + "name": { + "type": "string" }, - "kubeletDir": { - "type": "string" + "pullPolicy": { + "type": "string" }, - "lifecycleHooks": { - "properties": {}, - "type": "object" + "pullSecrets": { + "type": "array" }, - "livenessProbe": { - "properties": { - "enabled": { - "type": "boolean" - }, - "failureThreshold": { - "type": "integer" - }, - "initialDelaySeconds": { - "type": "integer" - }, - "periodSeconds": { - "type": "integer" - }, - "successThreshold": { - "type": "integer" - }, - "timeoutSeconds": { - "type": "integer" - } - }, - "type": "object" - }, - "nodeSelector": { - "properties": {}, - "type": "object" - }, - "podAnnotations": { - "properties": {}, - "type": "object" - }, - "podLabels": { - "properties": {}, - "type": "object" - }, - "podSecurityContext": { - "properties": { - "enabled": { - "type": "boolean" - }, - "fsGroup": { - "type": "integer" - } - }, - "type": "object" - }, - "priorityClassName": { - "type": "string" - }, - "resources": { - "properties": { - "csiNodeDriverRegistrar": { - "properties": { - "limits": { - "properties": {}, - "type": "object" - }, - "requests": { - "properties": {}, - "type": "object" - } - }, - "type": "object" - }, - "hcloudCSIDriver": { - "properties": { - "limits": { - "properties": {}, - "type": "object" - }, - "requests": { - "properties": {}, - "type": "object" - } - }, - "type": "object" - }, - "livenessProbe": { - "properties": { - "limits": { - "properties": {}, - "type": "object" - }, - "requests": { - "properties": {}, - "type": "object" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "schedulerName": { - "type": "string" - }, - "service": { - "properties": { - "annotations": { - "properties": {}, - "type": "object" - }, - "ports": { - "properties": { - "metrics": { - "type": "integer" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "sidecars": { - "type": "array" - }, - "tolerations": { - "type": "array" - }, - "updateStrategy": { - "properties": { - "type": { - "type": "string" - } - }, - "type": "object" + "tag": { + "type": "string" } + }, + "type": "object" + } + }, + "type": "object" + }, + "initContainers": { + "type": "array" + }, + "kubeletDir": { + "type": "string" + }, + "lifecycleHooks": { + "properties": {}, + "type": "object" + }, + "livenessProbe": { + "properties": { + "enabled": { + "type": "boolean" + }, + "failureThreshold": { + "type": "integer" + }, + "initialDelaySeconds": { + "type": "integer" }, - "type": "object" + "periodSeconds": { + "type": "integer" + }, + "successThreshold": { + "type": "integer" + }, + "timeoutSeconds": { + "type": "integer" + } + }, + "type": "object" }, - "serviceAccount": { - "properties": { - "annotations": { - "properties": {}, - "type": "object" - }, - "automountServiceAccountToken": { - "type": "boolean" - }, - "create": { - "type": "boolean" - }, - "name": { - "type": "string" + "nodeSelector": { + "properties": {}, + "type": "object" + }, + "podAnnotations": { + "properties": {}, + "type": "object" + }, + "podLabels": { + "properties": {}, + "type": "object" + }, + "podSecurityContext": { + "properties": { + "enabled": { + "type": "boolean" + }, + "fsGroup": { + "type": "integer" + } + }, + "type": "object" + }, + "priorityClassName": { + "type": "string" + }, + "resources": { + "properties": { + "csiNodeDriverRegistrar": { + "properties": { + "limits": { + "properties": {}, + "type": "object" + }, + "requests": { + "properties": {}, + "type": "object" } + }, + "type": "object" }, - "type": "object" - }, - "storageClasses": { - "items": { - "properties": { - "defaultStorageClass": { - "type": "boolean" - }, - "name": { - "type": "string" - }, - "reclaimPolicy": { - "type": "string" - } - }, - "type": "object" + "hcloudCSIDriver": { + "properties": { + "limits": { + "properties": {}, + "type": "object" + }, + "requests": { + "properties": {}, + "type": "object" + } + }, + "type": "object" }, - "type": "array" + "livenessProbe": { + "properties": { + "limits": { + "properties": {}, + "type": "object" + }, + "requests": { + "properties": {}, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "schedulerName": { + "type": "string" + }, + "service": { + "properties": { + "annotations": { + "properties": {}, + "type": "object" + }, + "ports": { + "properties": { + "metrics": { + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "sidecars": { + "type": "array" + }, + "tolerations": { + "type": "array" + }, + "updateStrategy": { + "properties": { + "type": { + "type": "string" + } + }, + "type": "object" } + }, + "type": "object" }, - "type": "object" + "serviceAccount": { + "properties": { + "annotations": { + "properties": {}, + "type": "object" + }, + "automountServiceAccountToken": { + "type": "boolean" + }, + "create": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "type": "object" + }, + "storageClasses": { + "items": { + "properties": { + "defaultStorageClass": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "reclaimPolicy": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" } diff --git a/chart/values.yaml b/chart/values.yaml index 11d0a5f7..a4981e75 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -465,7 +465,6 @@ node: ## pullSecrets: [] - ## @param node.containerPorts.metrics node Metrics container port ## @param node.containerPorts.healthz node Health container port ## @@ -485,7 +484,6 @@ node: ## annotations: {} - ## Configure extra options for node containers' liveness and readiness probes ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes ## @param node.livenessProbe.enabled Enable livenessProbe on node containers @@ -588,7 +586,8 @@ node: ## @param node.tolerations Tolerations for node pods assignment ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## - tolerations: [] + tolerations: + [] # - effect: NoExecute # operator: Exists # - effect: NoSchedule diff --git a/cmd/aio/README.md b/cmd/aio/README.md index 99852fb7..6991128a 100644 --- a/cmd/aio/README.md +++ b/cmd/aio/README.md @@ -1,3 +1,3 @@ This contains an all in one binary (aio). This is required for orchestrators such as Docker Swarm which need all endpoints in a single -API. \ No newline at end of file +API. diff --git a/deploy/docker-swarm/.gitignore b/deploy/docker-swarm/.gitignore index 2d8a3023..8cb205e9 100644 --- a/deploy/docker-swarm/.gitignore +++ b/deploy/docker-swarm/.gitignore @@ -1 +1 @@ -plugin \ No newline at end of file +plugin diff --git a/deploy/docker-swarm/pkg/LICENSE b/deploy/docker-swarm/pkg/LICENSE index 5dea4c0e..90b97f2c 100644 --- a/deploy/docker-swarm/pkg/LICENSE +++ b/deploy/docker-swarm/pkg/LICENSE @@ -18,4 +18,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. \ No newline at end of file +SOFTWARE. diff --git a/deploy/docker-swarm/pkg/README.md b/deploy/docker-swarm/pkg/README.md index 93880433..0ba4a0f4 100644 --- a/deploy/docker-swarm/pkg/README.md +++ b/deploy/docker-swarm/pkg/README.md @@ -3,4 +3,4 @@ by other awesome people. Before CSI support, Docker Swarm volumes were graciously supported by @costela over at: -https://github.com/costela/docker-volume-hetzner \ No newline at end of file +https://github.com/costela/docker-volume-hetzner diff --git a/deploy/docker-swarm/pkg/config.json b/deploy/docker-swarm/pkg/config.json index 2637c38f..eccb5eff 100644 --- a/deploy/docker-swarm/pkg/config.json +++ b/deploy/docker-swarm/pkg/config.json @@ -1,16 +1,12 @@ { "description": "Hetzner csi-driver plugin for Docker", "documentation": "https://github.com/hetznercloud/csi-driver", - "entrypoint": [ - "/plugin/aio.bin" - ], + "entrypoint": ["/plugin/aio.bin"], "env": [ { "name": "HCLOUD_TOKEN", "description": "authentication token to use when accessing the Hetzner Cloud API", - "settable": [ - "value" - ], + "settable": ["value"], "value": "" }, { @@ -22,34 +18,23 @@ { "name": "LOG_LEVEL", "description": "the log level to use", - "settable": [ - "value" - ], + "settable": ["value"], "value": "debug" } ], "interface": { "socket": "hetzner-csi.sock", - "types": [ - "docker.csicontroller/1.0", - "docker.csinode/1.0" - ] + "types": ["docker.csicontroller/1.0", "docker.csinode/1.0"] }, "linux": { "allowAllDevices": true, - "capabilities": [ - "CAP_SYS_ADMIN", - "CAP_CHOWN" - ] + "capabilities": ["CAP_SYS_ADMIN", "CAP_CHOWN"] }, "mounts": [ { "description": "used to access the dynamically attached block devices", "destination": "/dev", - "options": [ - "rbind", - "rshared" - ], + "options": ["rbind", "rshared"], "name": "dev", "source": "/dev/", "type": "bind" diff --git a/deploy/kubernetes/hcloud-csi.yml b/deploy/kubernetes/hcloud-csi.yml index 5269b354..6dccf1b7 100644 --- a/deploy/kubernetes/hcloud-csi.yml +++ b/deploy/kubernetes/hcloud-csi.yml @@ -33,55 +33,55 @@ metadata: app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/component: controller rules: -# attacher -- apiGroups: [""] - resources: [persistentvolumes] - verbs: [get, list, watch, update, patch] -- apiGroups: [""] - resources: [nodes] - verbs: [get, list, watch] -- apiGroups: [csi.storage.k8s.io] - resources: [csinodeinfos] - verbs: [get, list, watch] -- apiGroups: [storage.k8s.io] - resources: [csinodes] - verbs: [get, list, watch] -- apiGroups: [storage.k8s.io] - resources: [volumeattachments] - verbs: [get, list, watch, update, patch] -- apiGroups: [storage.k8s.io] - resources: [volumeattachments/status] - verbs: [patch] -# provisioner -- apiGroups: [""] - resources: [secrets] - verbs: [get, list] -- apiGroups: [""] - resources: [persistentvolumes] - verbs: [get, list, watch, create, delete, patch] -- apiGroups: [""] - resources: [persistentvolumeclaims, persistentvolumeclaims/status] - verbs: [get, list, watch, update, patch] -- apiGroups: [storage.k8s.io] - resources: [storageclasses] - verbs: [get, list, watch] -- apiGroups: [""] - resources: [events] - verbs: [list, watch, create, update, patch] -- apiGroups: [snapshot.storage.k8s.io] - resources: [volumesnapshots] - verbs: [get, list] -- apiGroups: [snapshot.storage.k8s.io] - resources: [volumesnapshotcontents] - verbs: [get, list] -# resizer -- apiGroups: [""] - resources: [pods] - verbs: [get, list, watch] -# node -- apiGroups: [""] - resources: [events] - verbs: [get, list, watch, create, update, patch] + # attacher + - apiGroups: [""] + resources: [persistentvolumes] + verbs: [get, list, watch, update, patch] + - apiGroups: [""] + resources: [nodes] + verbs: [get, list, watch] + - apiGroups: [csi.storage.k8s.io] + resources: [csinodeinfos] + verbs: [get, list, watch] + - apiGroups: [storage.k8s.io] + resources: [csinodes] + verbs: [get, list, watch] + - apiGroups: [storage.k8s.io] + resources: [volumeattachments] + verbs: [get, list, watch, update, patch] + - apiGroups: [storage.k8s.io] + resources: [volumeattachments/status] + verbs: [patch] + # provisioner + - apiGroups: [""] + resources: [secrets] + verbs: [get, list] + - apiGroups: [""] + resources: [persistentvolumes] + verbs: [get, list, watch, create, delete, patch] + - apiGroups: [""] + resources: [persistentvolumeclaims, persistentvolumeclaims/status] + verbs: [get, list, watch, update, patch] + - apiGroups: [storage.k8s.io] + resources: [storageclasses] + verbs: [get, list, watch] + - apiGroups: [""] + resources: [events] + verbs: [list, watch, create, update, patch] + - apiGroups: [snapshot.storage.k8s.io] + resources: [volumesnapshots] + verbs: [get, list] + - apiGroups: [snapshot.storage.k8s.io] + resources: [volumesnapshotcontents] + verbs: [get, list] + # resizer + - apiGroups: [""] + resources: [pods] + verbs: [get, list, watch] + # node + - apiGroups: [""] + resources: [events] + verbs: [get, list, watch, create, update, patch] --- # Source: hcloud-csi/templates/controller/clusterrolebinding.yaml kind: ClusterRoleBinding @@ -149,7 +149,7 @@ metadata: app.kubernetes.io/name: hcloud-csi app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/component: node - app: hcloud-csi + app: hcloud-csi spec: updateStrategy: type: RollingUpdate @@ -164,20 +164,19 @@ spec: app.kubernetes.io/component: node app: hcloud-csi spec: - affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - - matchExpressions: - - key: instance.hetzner.cloud/is-root-server - operator: NotIn - values: - - "true" - - key: instance.hetzner.cloud/provided-by - operator: NotIn - values: - - robot + - matchExpressions: + - key: instance.hetzner.cloud/is-root-server + operator: NotIn + values: + - "true" + - key: instance.hetzner.cloud/provided-by + operator: NotIn + values: + - robot tolerations: - effect: NoExecute operator: Exists @@ -206,8 +205,8 @@ spec: image: registry.k8s.io/sig-storage/livenessprobe:v2.14.0 imagePullPolicy: IfNotPresent volumeMounts: - - mountPath: /run/csi - name: plugin-dir + - mountPath: /run/csi + name: plugin-dir resources: limits: {} requests: {} @@ -278,7 +277,7 @@ metadata: app.kubernetes.io/name: hcloud-csi app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/component: controller - app: hcloud-csi-controller + app: hcloud-csi-controller spec: replicas: 1 strategy: @@ -295,17 +294,17 @@ spec: app: hcloud-csi-controller spec: serviceAccountName: hcloud-csi-controller - + affinity: nodeAffinity: preferredDuringSchedulingIgnoredDuringExecution: - - preference: - matchExpressions: - - key: instance.hetzner.cloud/provided-by - operator: In - values: - - cloud - weight: 1 + - preference: + matchExpressions: + - key: instance.hetzner.cloud/provided-by + operator: In + values: + - cloud + weight: 1 securityContext: fsGroup: 1001 initContainers: @@ -319,8 +318,8 @@ spec: args: - --default-fstype=ext4 volumeMounts: - - name: socket-dir - mountPath: /run/csi + - name: socket-dir + mountPath: /run/csi - name: csi-resizer image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 @@ -329,8 +328,8 @@ spec: limits: {} requests: {} volumeMounts: - - name: socket-dir - mountPath: /run/csi + - name: socket-dir + mountPath: /run/csi - name: csi-provisioner image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 @@ -342,8 +341,8 @@ spec: - --feature-gates=Topology=true - --default-fstype=ext4 volumeMounts: - - name: socket-dir - mountPath: /run/csi + - name: socket-dir + mountPath: /run/csi - name: liveness-probe image: registry.k8s.io/sig-storage/livenessprobe:v2.14.0 @@ -352,8 +351,8 @@ spec: limits: {} requests: {} volumeMounts: - - mountPath: /run/csi - name: socket-dir + - mountPath: /run/csi + name: socket-dir - name: hcloud-csi-driver image: docker.io/hetznercloud/hcloud-csi-driver:v2.11.0 # x-releaser-pleaser-version @@ -413,4 +412,4 @@ spec: podInfoOnMount: true seLinuxMount: true volumeLifecycleModes: - - Persistent + - Persistent diff --git a/deploy/kubernetes/kustomization.yaml b/deploy/kubernetes/kustomization.yaml index 6a66d23a..df966fcf 100644 --- a/deploy/kubernetes/kustomization.yaml +++ b/deploy/kubernetes/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization # If you use this, please switch to the Helm Chart if possible. resources: -- hcloud-csi.yml \ No newline at end of file + - hcloud-csi.yml diff --git a/deploy/kubernetes/service-monitor/kustomization.yaml b/deploy/kubernetes/service-monitor/kustomization.yaml index b66afb64..118cbb72 100644 --- a/deploy/kubernetes/service-monitor/kustomization.yaml +++ b/deploy/kubernetes/service-monitor/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization # If you use this, please switch to the Helm Chart if possible. resources: -- service-monitor.yaml + - service-monitor.yaml diff --git a/deploy/kubernetes/service-monitor/service-monitor.yaml b/deploy/kubernetes/service-monitor/service-monitor.yaml index b2383404..e2818c57 100644 --- a/deploy/kubernetes/service-monitor/service-monitor.yaml +++ b/deploy/kubernetes/service-monitor/service-monitor.yaml @@ -7,15 +7,14 @@ metadata: release: YOUR_RELEASE spec: endpoints: - - port: metrics - scheme: http + - port: metrics + scheme: http jobLabel: app selector: matchLabels: app: hcloud-csi-controller --- - apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -25,8 +24,8 @@ metadata: release: YOUR_RELEASE spec: endpoints: - - port: metrics - scheme: http + - port: metrics + scheme: http jobLabel: app selector: matchLabels: diff --git a/deploy/kustomization.yaml b/deploy/kustomization.yaml index bbeb1331..879434bd 100644 --- a/deploy/kustomization.yaml +++ b/deploy/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization # If you use this, please switch to the Helm Chart if possible. resources: - - kubernetes/hcloud-csi.yml \ No newline at end of file + - kubernetes/hcloud-csi.yml diff --git a/deploy/monitoring/grafana-dashboard.json b/deploy/monitoring/grafana-dashboard.json index 9a262a07..40ec3f6f 100644 --- a/deploy/monitoring/grafana-dashboard.json +++ b/deploy/monitoring/grafana-dashboard.json @@ -150,9 +150,7 @@ "options": { "orientation": "horizontal", "reduceOptions": { - "calcs": [ - "mean" - ], + "calcs": ["mean"], "fields": "", "values": false }, @@ -265,9 +263,7 @@ "justifyMode": "auto", "orientation": "horizontal", "reduceOptions": { - "calcs": [ - "mean" - ], + "calcs": ["mean"], "fields": "", "values": false }, @@ -346,9 +342,7 @@ "justifyMode": "auto", "orientation": "horizontal", "reduceOptions": { - "calcs": [ - "mean" - ], + "calcs": ["mean"], "fields": "", "values": false }, @@ -834,9 +828,7 @@ "links": [], "options": { "legend": { - "calcs": [ - "lastNotNull" - ], + "calcs": ["lastNotNull"], "displayMode": "table", "placement": "right", "showLegend": true @@ -1653,12 +1645,7 @@ "refresh": "10s", "schemaVersion": 37, "style": "dark", - "tags": [ - "hcloud", - "csi-driver", - "kubernetes", - "grpc" - ], + "tags": ["hcloud", "csi-driver", "kubernetes", "grpc"], "templating": { "list": [ { @@ -1750,17 +1737,7 @@ "2h", "1d" ], - "time_options": [ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] + "time_options": ["5m", "15m", "1h", "6h", "12h", "24h", "2d", "7d", "30d"] }, "timezone": "", "title": "hcloud-csi-driver", diff --git a/docs/debug-logs.md b/docs/debug-logs.md index b985a044..9cd04600 100644 --- a/docs/debug-logs.md +++ b/docs/debug-logs.md @@ -49,15 +49,14 @@ spec: template: spec: containers: - - name: hcloud-csi-driver - env: - - name: LOG_LEVEL - value: debug - - name: HCLOUD_DEBUG - value: "true" + - name: hcloud-csi-driver + env: + - name: LOG_LEVEL + value: debug + - name: HCLOUD_DEBUG + value: "true" --- - kind: DaemonSet apiVersion: apps/v1 metadata: @@ -67,12 +66,12 @@ spec: template: spec: containers: - - name: hcloud-csi-driver - env: - - name: LOG_LEVEL - value: debug - - name: HCLOUD_DEBUG - value: "true" + - name: hcloud-csi-driver + env: + - name: LOG_LEVEL + value: debug + - name: HCLOUD_DEBUG + value: "true" ``` Once the new pods with the environment variable have started, you should see messages like this in the logs. If you do not, check that you set the environment variables in the right location: @@ -132,4 +131,3 @@ X-Correlation-Id: 9e887c60182c28ad } } ``` - diff --git a/docs/docker-swarm/README.md b/docs/docker-swarm/README.md index 6ec7b915..6b436a86 100644 --- a/docs/docker-swarm/README.md +++ b/docs/docker-swarm/README.md @@ -12,7 +12,7 @@ The simplest way to achieve this 1. Create a read+write API token in the [Hetzner Cloud Console](https://console.hetzner.cloud/). -2. Install the plugin +2. Install the plugin Note that docker plugins without a tag in the alias currently get `:latest` appended. To prevent this from happening, we will use the fake tag `:swarm` instead. @@ -101,4 +101,3 @@ docker volume create --driver hetznercloud/hcloud-csi-driver:swarm --required-by ``` docker volume ls --cluster ``` - diff --git a/docs/kubernetes/README.md b/docs/kubernetes/README.md index 2414ba98..2f8a78d8 100644 --- a/docs/kubernetes/README.md +++ b/docs/kubernetes/README.md @@ -18,6 +18,7 @@ ``` and apply it: + ``` kubectl apply -f ``` @@ -41,6 +42,7 @@ ``` kubectl apply -f https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.5.1/deploy/kubernetes/hcloud-csi.yml ``` + 4. To verify everything is working, create a persistent volume claim and a pod @@ -128,6 +130,7 @@ Your nodes might need to have `cryptsetup` installed to mount the volumes with L You can specify extra formatting options which are passed directly to `mkfs.FSTYPE` via the `fsFormatOptions` parameter in the storage class. #### Example + ```yaml parameters: csi.storage.k8s.io/fstype: xfs @@ -223,31 +226,35 @@ Root servers can be part of the cluster, but the CSI plugin doesn't work there. ### Adding labels manually **Cloud Servers** + ```bash kubectl label nodes instance.hetzner.cloud/provided-by=cloud ``` **Root Servers** + ```bash kubectl label nodes instance.hetzner.cloud/provided-by=robot ``` - ### DEPRECATED: Old Label We prefer that you use our [new label](#new-label). The label `instance.hetzner.cloud/is-robot-server` will be deprecated in future releases. **Cloud Servers** + ```bash kubectl label nodes instance.hetzner.cloud/is-root-server=false ``` **Root Servers** + ```bash kubectl label nodes instance.hetzner.cloud/is-root-server=true ``` ### Pods stuck in pending + The current behavior of the scheduler can cause Pods to be stuck in `Pending` when using the integration with Robot servers. To address this behavior, you can set `enableProvidedByTopology` to `true` in the Helm Chart configuration. This setting prevents pods from being scheduled on nodes — specifically, Robot servers — where Hetzner volumes are unavailable. Enabling this option adds the `instance.hetzner.cloud/provided-by` label to the [allowed topologies](https://kubernetes.io/docs/concepts/storage/storage-classes/#allowed-topologies) section of the storage classes that are created. Additionally, this label is included in the `topologyKeys` section of `csinode` objects, and a node affinity is set up for each persistent volume. This workaround does not work with the [old label](#deprecated-old-label). @@ -275,17 +282,17 @@ not fix bugs related only to an unsupported version. Current Kubernetes Releases: https://kubernetes.io/releases/ -| Kubernetes | CSI Driver | Deployment File | -|------------|-----------:|---------------------------------------------------------------------------------------------------:| -| 1.31 | 2.9.0+ | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.9.0/deploy/kubernetes/hcloud-csi.yml | -| 1.30 | 2.9.0+ | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.9.0/deploy/kubernetes/hcloud-csi.yml | -| 1.29 | 2.9.0+ | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.9.0/deploy/kubernetes/hcloud-csi.yml | +| Kubernetes | CSI Driver | Deployment File | +| ---------- | ---------: | -------------------------------------------------------------------------------------------------: | +| 1.31 | 2.9.0+ | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.9.0/deploy/kubernetes/hcloud-csi.yml | +| 1.30 | 2.9.0+ | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.9.0/deploy/kubernetes/hcloud-csi.yml | +| 1.29 | 2.9.0+ | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.9.0/deploy/kubernetes/hcloud-csi.yml | | 1.28 | 2.10.1 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.10.1/deploy/kubernetes/hcloud-csi.yml | -| 1.27 | 2.9.0 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.9.0/deploy/kubernetes/hcloud-csi.yml | -| 1.26 | 2.7.1 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.7.1/deploy/kubernetes/hcloud-csi.yml | -| 1.25 | 2.6.0 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.6.0/deploy/kubernetes/hcloud-csi.yml | -| 1.24 | 2.4.0 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.4.0/deploy/kubernetes/hcloud-csi.yml | -| 1.23 | 2.2.0 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.2.0/deploy/kubernetes/hcloud-csi.yml | -| 1.22 | 1.6.0 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v1.6.0/deploy/kubernetes/hcloud-csi.yml | -| 1.21 | 1.6.0 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v1.6.0/deploy/kubernetes/hcloud-csi.yml | -| 1.20 | 1.6.0 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v1.6.0/deploy/kubernetes/hcloud-csi.yml | +| 1.27 | 2.9.0 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.9.0/deploy/kubernetes/hcloud-csi.yml | +| 1.26 | 2.7.1 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.7.1/deploy/kubernetes/hcloud-csi.yml | +| 1.25 | 2.6.0 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.6.0/deploy/kubernetes/hcloud-csi.yml | +| 1.24 | 2.4.0 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.4.0/deploy/kubernetes/hcloud-csi.yml | +| 1.23 | 2.2.0 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.2.0/deploy/kubernetes/hcloud-csi.yml | +| 1.22 | 1.6.0 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v1.6.0/deploy/kubernetes/hcloud-csi.yml | +| 1.21 | 1.6.0 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v1.6.0/deploy/kubernetes/hcloud-csi.yml | +| 1.20 | 1.6.0 | https://raw.githubusercontent.com/hetznercloud/csi-driver/v1.6.0/deploy/kubernetes/hcloud-csi.yml | diff --git a/docs/monitoring.md b/docs/monitoring.md index e5b19981..6430039e 100644 --- a/docs/monitoring.md +++ b/docs/monitoring.md @@ -24,6 +24,7 @@ labels.release: YOUR_RELEASE` with the value that you've configured in your `Pro This will ensure that the `ServiceMonitors` actually scrape the appropriate targets. > 💡 Learn more: +> > - https://prometheus-operator.dev/docs/prologue/quick-start/ > - https://prometheus-operator.dev/docs/operator/design/#servicemonitor @@ -41,6 +42,7 @@ annotations: With these annotations in place, Prometheus should be able to scrape metrics from the csi-driver components. > 💡 Learn more: +> > - https://prometheus.io/docs/prometheus/latest/getting_started/ > - https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config @@ -52,5 +54,6 @@ This dashboard has been confirmed to work with kube-prometheus-stack, but it may You can find the dashboard at [`deploy/monitoring/grafana-dashboard.json`](../deploy/monitoring/grafana-dashboard.json). > 💡 Learn more: +> > - https://grafana.com/docs/grafana/latest/dashboards/ -> - https://grafana.com/docs/grafana/latest/dashboards/manage-dashboards/#import-a-dashboard \ No newline at end of file +> - https://grafana.com/docs/grafana/latest/dashboards/manage-dashboards/#import-a-dashboard diff --git a/docs/nomad/README.md b/docs/nomad/README.md index 71eafcd7..f7201f7e 100644 --- a/docs/nomad/README.md +++ b/docs/nomad/README.md @@ -186,6 +186,7 @@ mount_options { mount_flags = ["discard", "defaults"] } ``` + > [!IMPORTANT] > The volume will be created in the same Hetzner Cloud Location as the controller is deployed into. @@ -207,7 +208,7 @@ nomad volume create db-vol.hcl ``` > [!NOTE] -> The hcloud cli provides a convenient way to verify if the volume was created: `hcloud volume list`. +> The hcloud cli provides a convenient way to verify if the volume was created: `hcloud volume list`. ### Make use of the Volume @@ -298,6 +299,5 @@ secrets { } ``` - > [!NOTE] -> Consider using HashiCorp Vault for secrets management, see https://developer.hashicorp.com/nomad/docs/job-specification/template#vault-kv-api-v2 \ No newline at end of file +> Consider using HashiCorp Vault for secrets management, see https://developer.hashicorp.com/nomad/docs/job-specification/template#vault-kv-api-v2 diff --git a/docs/v2-fix-volumeattachments/fix-volumeattachments.sh b/docs/v2-fix-volumeattachments/fix-volumeattachments.sh index 06d25431..4c34e1cd 100755 --- a/docs/v2-fix-volumeattachments/fix-volumeattachments.sh +++ b/docs/v2-fix-volumeattachments/fix-volumeattachments.sh @@ -1,8 +1,7 @@ #!/usr/bin/env bash set -e -o pipefail -if [ "$DEBUG" != "" ]; -then +if [ "$DEBUG" != "" ]; then set -x fi @@ -20,8 +19,7 @@ write_log() { # Verify dependencies verify_installed() { cmd="$1" - if ! command -v "$cmd" &> /dev/null - then + if ! command -v "$cmd" &> /dev/null; then write_log "[ERR] For the script to run successfully, \"${cmd}\" is required, but it could not be found. Please make sure it is installed." exit fi @@ -30,14 +28,14 @@ verify_installed() { verify_installed kubectl verify_installed grep -VOLUME_ATTACHMENTS=($( +mapfile -t VOLUME_ATTACHMENTS < <( kubectl get volumeattachment \ - -o custom-columns=NAME:.metadata.name,ATTACHER:.spec.attacher,DEVICEPATH:.status.attachmentMetadata.devicePath \ - | { grep -E 'csi\.hetzner\.cloud.*' --color=never || true; } \ - | cut -f 1 -d ' ' -)) + -o custom-columns=NAME:.metadata.name,ATTACHER:.spec.attacher,DEVICEPATH:.status.attachmentMetadata.devicePath | + { grep -E 'csi\.hetzner\.cloud.*' --color=never || true; } | + cut -f 1 -d ' ' +) -if [[ -z "$VOLUME_ATTACHMENTS" ]]; then +if [[ ${#VOLUME_ATTACHMENTS[@]} -eq 0 ]]; then write_log "[INFO] No affected VolumeAttachments found, exiting." exit 0 fi @@ -45,7 +43,6 @@ fi for VOLUME_ATTACHMENT in "${VOLUME_ATTACHMENTS[@]}"; do write_log "[INFO] Processing VolumeAttachment $VOLUME_ATTACHMENT" - PV_NAME=$( kubectl get volumeattachment \ -o=jsonpath="{.spec.source.persistentVolumeName}" \ diff --git a/docs/v2.0.0-fix-volume-topology/fix-persistentvolume-topology.sh b/docs/v2.0.0-fix-volume-topology/fix-persistentvolume-topology.sh index 5ea7f607..b7b04b28 100755 --- a/docs/v2.0.0-fix-volume-topology/fix-persistentvolume-topology.sh +++ b/docs/v2.0.0-fix-volume-topology/fix-persistentvolume-topology.sh @@ -1,8 +1,7 @@ #!/usr/bin/env bash set -e -o pipefail -if [ "$DEBUG" != "" ]; -then +if [ "$DEBUG" != "" ]; then set -x fi @@ -23,8 +22,7 @@ write_log() { # Verify dependencies verify_installed() { cmd="$1" - if ! command -v "$cmd" &> /dev/null - then + if ! command -v "$cmd" &> /dev/null; then write_log "[ERR] For the script to run successfully, \"${cmd}\" is required, but it could not be found. Please make sure it is installed." exit fi @@ -37,44 +35,40 @@ verify_installed hcloud PV_FILE_ORIG="${DIR}/persistentvolume.orig.json" kubectl get persistentvolume "${PV_NAME}" -o=json > "$PV_FILE_ORIG" -PV_INFO=( - $(kubectl get persistentvolume "${PV_NAME}" \ - -o=jsonpath='{.metadata.annotations.pv\.kubernetes\.io\/provisioned-by} {.spec.nodeAffinity.required.nodeSelectorTerms[*].matchExpressions[*].key} {.spec.csi.volumeHandle}' - )) +mapfile -t PV_INFO < <( + kubectl get persistentvolume "${PV_NAME}" \ + -o=jsonpath='{.metadata.annotations.pv\.kubernetes\.io\/provisioned-by} {.spec.nodeAffinity.required.nodeSelectorTerms[*].matchExpressions[*].key} {.spec.csi.volumeHandle}' +) PV_PROVISIONED_BY="${PV_INFO[0]}" PV_TOPOLOGY_LABEL="${PV_INFO[1]}" PV_VOLUME_ID="${PV_INFO[2]}" -if [ "${PV_PROVISIONED_BY}" != "csi.hetzner.cloud" ]; -then +if [ "${PV_PROVISIONED_BY}" != "csi.hetzner.cloud" ]; then write_log "[ERR] PersistentVolume with name \"${PV_NAME}\" was not provisioned by hcloud-csi-driver." exit 1 fi -if [ "${PV_TOPOLOGY_LABEL}" != "topology.kubernetes.io/region" ]; -then +if [ "${PV_TOPOLOGY_LABEL}" != "topology.kubernetes.io/region" ]; then write_log "[ERR] PersistentVolume with name \"${PV_NAME}\" does not use the invalid topology label." exit 1 fi # [kubectl] Verify that no volume attachment exists ATTACHMENTS=$(kubectl get volumeattachment -o jsonpath="{.items[?(@.spec.source.persistentVolumeName==\"${PV_NAME}\")].metadata.name}") -if [ "${ATTACHMENTS}" != "" ]; -then +if [ "${ATTACHMENTS}" != "" ]; then write_log "[ERR] PersistentVolume with name \"${PV_NAME}\" is still attached according to kubernetes VolumeAttachment: ${ATTACHMENTS}" exit 1 fi # [hcloud] Get Volume hcloud volume describe "${PV_VOLUME_ID}" -o=json > "${DIR}"/volume.orig.json -VOLUME_INFO=($(hcloud volume describe "${PV_VOLUME_ID}" -o=format='{{.Protection.Delete}} {{if .Server }}{{.Server.ID}}{{end}}')) +mapfile -t VOLUME_INFO < <(hcloud volume describe "${PV_VOLUME_ID}" -o=format='{{.Protection.Delete}} {{if .Server }}{{.Server.ID}}{{end}}') VOLUME_DELETION_PROTECTION="${VOLUME_INFO[0]}" VOLUME_SERVER="${VOLUME_INFO[1]}" # [hcloud] Verify that the Volume is not assigned to a server -if [ "${VOLUME_SERVER}" != "" ]; -then +if [ "${VOLUME_SERVER}" != "" ]; then write_log "[ERR] Hetzner Cloud Volume with ID \"${PV_VOLUME_ID}\" is still attached to server \"${VOLUME_SERVER}\" according to Hetzner Cloud API." exit 1 fi @@ -82,8 +76,7 @@ fi # [hcloud] Enable deletion protection write_log "[INFO] Current state of Volume deletion protection: ${VOLUME_DELETION_PROTECTION}" -if [ "${VOLUME_DELETION_PROTECTION}" != "true" ]; -then +if [ "${VOLUME_DELETION_PROTECTION}" != "true" ]; then write_log "[INFO] Enabling Volume deletion protection" hcloud volume enable-protection "${PV_VOLUME_ID}" delete fi @@ -116,8 +109,7 @@ write_log "[INFO] Creating new PersistentVolume" kubectl create --filename="${PV_FILE_FIXED}" # [hcloud] Disable deletion protection (if previously enabled) -if [ "${VOLUME_DELETION_PROTECTION}" != "true" ]; -then +if [ "${VOLUME_DELETION_PROTECTION}" != "true" ]; then write_log "[INFO] Disabling Volume deletion protection which was added for migration" hcloud volume disable-protection "${PV_VOLUME_ID}" delete -fi \ No newline at end of file +fi diff --git a/hack/release-generate-deployment-yamls.sh b/hack/release-generate-deployment-yamls.sh index 96c08ca0..f1a322d9 100755 --- a/hack/release-generate-deployment-yamls.sh +++ b/hack/release-generate-deployment-yamls.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash set -ueo pipefail -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" +SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}")" &> /dev/null && pwd)" : "${TEMPLATES_DIR:=./deploy}" diff --git a/hack/update-deployment-yamls.sh b/hack/update-deployment-yamls.sh index 09e14b85..dbf7914a 100755 --- a/hack/update-deployment-yamls.sh +++ b/hack/update-deployment-yamls.sh @@ -9,7 +9,7 @@ helm template hcloud-csi chart \ --set controller.matchLabelsOverride.app=hcloud-csi-controller \ --set controller.podLabels.app=hcloud-csi-controller \ --set node.matchLabelsOverride.app=hcloud-csi \ - --set node.podLabels.app=hcloud-csi \ - | grep -v helm.sh/chart \ - | grep -v app.kubernetes.io/managed-by \ - > deploy/kubernetes/hcloud-csi.yml + --set node.podLabels.app=hcloud-csi | + grep -v helm.sh/chart | + grep -v app.kubernetes.io/managed-by \ + > deploy/kubernetes/hcloud-csi.yml diff --git a/hack/update-helm-snapshots.sh b/hack/update-helm-snapshots.sh index 2c1bb396..de2865da 100755 --- a/hack/update-helm-snapshots.sh +++ b/hack/update-helm-snapshots.sh @@ -2,18 +2,18 @@ set -ueo pipefail helm template hcloud-csi chart \ - --namespace kube-system \ - | grep -v helm.sh/chart \ - > chart/.snapshots/default.yaml + --namespace kube-system | + grep -v helm.sh/chart \ + > chart/.snapshots/default.yaml helm template hcloud-csi chart \ --namespace kube-system \ - -f chart/example-prod.values.yaml \ - | grep -v helm.sh/chart \ - > chart/.snapshots/example-prod.yaml + -f chart/example-prod.values.yaml | + grep -v helm.sh/chart \ + > chart/.snapshots/example-prod.yaml helm template hcloud-csi chart \ --namespace kube-system \ - -f chart/.snapshots/full.values.yaml \ - | grep -v helm.sh/chart \ - > chart/.snapshots/full.yaml + -f chart/.snapshots/full.values.yaml | + grep -v helm.sh/chart \ + > chart/.snapshots/full.yaml From 20e228dad09e5d56feea11730409e7a00ccd5ce2 Mon Sep 17 00:00:00 2001 From: lukasmetzner Date: Mon, 16 Dec 2024 09:35:08 +0100 Subject: [PATCH 4/9] ci: fix conflicting scripts --- .pre-commit-config.yaml | 4 +- deploy/kubernetes/hcloud-csi.yml | 159 ++++++++++++++++--------------- 2 files changed, 82 insertions(+), 81 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index dec64688..f4a717c2 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -23,14 +23,14 @@ repos: - id: mixed-line-ending args: [--fix=lf] - id: trailing-whitespace - exclude: ^(chart/.snapshots/.*)$ + exclude: ^(chart/.snapshots/.*|deploy/.*)$ - repo: https://github.com/pre-commit/mirrors-prettier rev: v3.1.0 hooks: - id: prettier files: \.(md|ya?ml|json)$ - exclude: ^(CHANGELOG.md|chart/templates/.*|chart/.snapshots/.*)$ + exclude: ^(CHANGELOG.md|chart/templates/.*|chart/.snapshots/.*|deploy/.*)$ - repo: local hooks: diff --git a/deploy/kubernetes/hcloud-csi.yml b/deploy/kubernetes/hcloud-csi.yml index 6dccf1b7..5269b354 100644 --- a/deploy/kubernetes/hcloud-csi.yml +++ b/deploy/kubernetes/hcloud-csi.yml @@ -33,55 +33,55 @@ metadata: app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/component: controller rules: - # attacher - - apiGroups: [""] - resources: [persistentvolumes] - verbs: [get, list, watch, update, patch] - - apiGroups: [""] - resources: [nodes] - verbs: [get, list, watch] - - apiGroups: [csi.storage.k8s.io] - resources: [csinodeinfos] - verbs: [get, list, watch] - - apiGroups: [storage.k8s.io] - resources: [csinodes] - verbs: [get, list, watch] - - apiGroups: [storage.k8s.io] - resources: [volumeattachments] - verbs: [get, list, watch, update, patch] - - apiGroups: [storage.k8s.io] - resources: [volumeattachments/status] - verbs: [patch] - # provisioner - - apiGroups: [""] - resources: [secrets] - verbs: [get, list] - - apiGroups: [""] - resources: [persistentvolumes] - verbs: [get, list, watch, create, delete, patch] - - apiGroups: [""] - resources: [persistentvolumeclaims, persistentvolumeclaims/status] - verbs: [get, list, watch, update, patch] - - apiGroups: [storage.k8s.io] - resources: [storageclasses] - verbs: [get, list, watch] - - apiGroups: [""] - resources: [events] - verbs: [list, watch, create, update, patch] - - apiGroups: [snapshot.storage.k8s.io] - resources: [volumesnapshots] - verbs: [get, list] - - apiGroups: [snapshot.storage.k8s.io] - resources: [volumesnapshotcontents] - verbs: [get, list] - # resizer - - apiGroups: [""] - resources: [pods] - verbs: [get, list, watch] - # node - - apiGroups: [""] - resources: [events] - verbs: [get, list, watch, create, update, patch] +# attacher +- apiGroups: [""] + resources: [persistentvolumes] + verbs: [get, list, watch, update, patch] +- apiGroups: [""] + resources: [nodes] + verbs: [get, list, watch] +- apiGroups: [csi.storage.k8s.io] + resources: [csinodeinfos] + verbs: [get, list, watch] +- apiGroups: [storage.k8s.io] + resources: [csinodes] + verbs: [get, list, watch] +- apiGroups: [storage.k8s.io] + resources: [volumeattachments] + verbs: [get, list, watch, update, patch] +- apiGroups: [storage.k8s.io] + resources: [volumeattachments/status] + verbs: [patch] +# provisioner +- apiGroups: [""] + resources: [secrets] + verbs: [get, list] +- apiGroups: [""] + resources: [persistentvolumes] + verbs: [get, list, watch, create, delete, patch] +- apiGroups: [""] + resources: [persistentvolumeclaims, persistentvolumeclaims/status] + verbs: [get, list, watch, update, patch] +- apiGroups: [storage.k8s.io] + resources: [storageclasses] + verbs: [get, list, watch] +- apiGroups: [""] + resources: [events] + verbs: [list, watch, create, update, patch] +- apiGroups: [snapshot.storage.k8s.io] + resources: [volumesnapshots] + verbs: [get, list] +- apiGroups: [snapshot.storage.k8s.io] + resources: [volumesnapshotcontents] + verbs: [get, list] +# resizer +- apiGroups: [""] + resources: [pods] + verbs: [get, list, watch] +# node +- apiGroups: [""] + resources: [events] + verbs: [get, list, watch, create, update, patch] --- # Source: hcloud-csi/templates/controller/clusterrolebinding.yaml kind: ClusterRoleBinding @@ -149,7 +149,7 @@ metadata: app.kubernetes.io/name: hcloud-csi app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/component: node - app: hcloud-csi + app: hcloud-csi spec: updateStrategy: type: RollingUpdate @@ -164,19 +164,20 @@ spec: app.kubernetes.io/component: node app: hcloud-csi spec: + affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - - matchExpressions: - - key: instance.hetzner.cloud/is-root-server - operator: NotIn - values: - - "true" - - key: instance.hetzner.cloud/provided-by - operator: NotIn - values: - - robot + - matchExpressions: + - key: instance.hetzner.cloud/is-root-server + operator: NotIn + values: + - "true" + - key: instance.hetzner.cloud/provided-by + operator: NotIn + values: + - robot tolerations: - effect: NoExecute operator: Exists @@ -205,8 +206,8 @@ spec: image: registry.k8s.io/sig-storage/livenessprobe:v2.14.0 imagePullPolicy: IfNotPresent volumeMounts: - - mountPath: /run/csi - name: plugin-dir + - mountPath: /run/csi + name: plugin-dir resources: limits: {} requests: {} @@ -277,7 +278,7 @@ metadata: app.kubernetes.io/name: hcloud-csi app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/component: controller - app: hcloud-csi-controller + app: hcloud-csi-controller spec: replicas: 1 strategy: @@ -294,17 +295,17 @@ spec: app: hcloud-csi-controller spec: serviceAccountName: hcloud-csi-controller - + affinity: nodeAffinity: preferredDuringSchedulingIgnoredDuringExecution: - - preference: - matchExpressions: - - key: instance.hetzner.cloud/provided-by - operator: In - values: - - cloud - weight: 1 + - preference: + matchExpressions: + - key: instance.hetzner.cloud/provided-by + operator: In + values: + - cloud + weight: 1 securityContext: fsGroup: 1001 initContainers: @@ -318,8 +319,8 @@ spec: args: - --default-fstype=ext4 volumeMounts: - - name: socket-dir - mountPath: /run/csi + - name: socket-dir + mountPath: /run/csi - name: csi-resizer image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 @@ -328,8 +329,8 @@ spec: limits: {} requests: {} volumeMounts: - - name: socket-dir - mountPath: /run/csi + - name: socket-dir + mountPath: /run/csi - name: csi-provisioner image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 @@ -341,8 +342,8 @@ spec: - --feature-gates=Topology=true - --default-fstype=ext4 volumeMounts: - - name: socket-dir - mountPath: /run/csi + - name: socket-dir + mountPath: /run/csi - name: liveness-probe image: registry.k8s.io/sig-storage/livenessprobe:v2.14.0 @@ -351,8 +352,8 @@ spec: limits: {} requests: {} volumeMounts: - - mountPath: /run/csi - name: socket-dir + - mountPath: /run/csi + name: socket-dir - name: hcloud-csi-driver image: docker.io/hetznercloud/hcloud-csi-driver:v2.11.0 # x-releaser-pleaser-version @@ -412,4 +413,4 @@ spec: podInfoOnMount: true seLinuxMount: true volumeLifecycleModes: - - Persistent + - Persistent From ddb019517acae583560cca54d13b856da7d4a0bd Mon Sep 17 00:00:00 2001 From: Lukas Metzner Date: Mon, 16 Dec 2024 09:53:26 +0100 Subject: [PATCH 5/9] Update .goreleaser.yml Co-authored-by: Jonas L. --- .goreleaser.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index c255c8c3..49868de6 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -33,9 +33,7 @@ dockers: dockerfile: Dockerfile goarch: amd64 image_templates: - [ - "hetznercloud/hcloud-csi-driver:{{ if not .IsSnapshot }}v{{ end }}{{ .Version }}-amd64", - ] + - "hetznercloud/hcloud-csi-driver:{{ if not .IsSnapshot }}v{{ end }}{{ .Version }}-amd64" use: buildx - build_flag_templates: [--platform=linux/arm64] From 6737d7f6c7b51918b8697b32f751cc3f8625604c Mon Sep 17 00:00:00 2001 From: Lukas Metzner Date: Mon, 16 Dec 2024 09:53:31 +0100 Subject: [PATCH 6/9] Update .goreleaser.yml Co-authored-by: Jonas L. --- .goreleaser.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index 49868de6..3d91762d 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -40,9 +40,7 @@ dockers: dockerfile: Dockerfile goarch: arm64 image_templates: - [ - "hetznercloud/hcloud-csi-driver:{{ if not .IsSnapshot }}v{{ end }}{{ .Version }}-arm64v8", - ] + - "hetznercloud/hcloud-csi-driver:{{ if not .IsSnapshot }}v{{ end }}{{ .Version }}-arm64v8" use: buildx - build_flag_templates: [--platform=linux/arm/v6] From 8f6b7a577e25f5d58236513072f2f68d92d13a92 Mon Sep 17 00:00:00 2001 From: Lukas Metzner Date: Mon, 16 Dec 2024 09:53:36 +0100 Subject: [PATCH 7/9] Update .goreleaser.yml Co-authored-by: Jonas L. --- .goreleaser.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index 3d91762d..37772ed2 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -48,9 +48,7 @@ dockers: goarch: arm goarm: 6 image_templates: - [ - "hetznercloud/hcloud-csi-driver:{{ if not .IsSnapshot }}v{{ end }}{{ .Version }}-armv6", - ] + - "hetznercloud/hcloud-csi-driver:{{ if not .IsSnapshot }}v{{ end }}{{ .Version }}-armv6" use: buildx docker_manifests: From 1b7a1727a5aa9caae176d4144b76bf2559774504 Mon Sep 17 00:00:00 2001 From: lukasmetzner Date: Mon, 16 Dec 2024 10:44:19 +0100 Subject: [PATCH 8/9] deps: bumped shellcheck-py to v0.10.0.1 --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index f4a717c2..7393ab2a 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -43,6 +43,6 @@ repos: types: [shell] - repo: https://github.com/shellcheck-py/shellcheck-py - rev: v0.9.0.6 + rev: v0.10.0.1 hooks: - id: shellcheck From 4f003f29da0081cab6422fef4cc5ed0aab6df858 Mon Sep 17 00:00:00 2001 From: lukasmetzner Date: Mon, 16 Dec 2024 13:57:43 +0100 Subject: [PATCH 9/9] test: added pre-commit configuration We added the pre-commit configuration file and simplified our CI scripts. --- .github/workflows/lint.yml | 7 ++ .github/workflows/test.yml | 47 -------- .pre-commit-config.yaml | 16 +++ chart/.snapshots/default.yaml | 102 ++++++++-------- chart/.snapshots/example-prod.yaml | 110 ++++++++--------- chart/.snapshots/full.yaml | 124 ++++++++++---------- chart/templates/_common_images.tpl | 4 +- chart/templates/_common_labels.tpl | 4 +- chart/templates/_common_name.tpl | 12 +- chart/templates/_common_tplvalues.tpl | 2 +- chart/templates/controller/clusterrole.yaml | 108 ++++++++--------- chart/templates/controller/deployment.yaml | 2 +- chart/templates/node/daemonset.yaml | 2 +- deploy/kubernetes/hcloud-csi.yml | 102 ++++++++-------- 14 files changed, 309 insertions(+), 333 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 4c38c7aa..0099441b 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -18,6 +18,13 @@ jobs: with: python-version: 3.x + - uses: yokawasa/action-setup-kube-tools@v0.11.2 + with: + # helm is needed to generate chart snapshots + setup-tools: | + helm + helm: v3.16.3 # renovate: datasource=github-releases depName=helm/helm + - uses: pre-commit/action@v3.0.1 lint: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 9f0adb7a..83dc6512 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -115,50 +115,3 @@ jobs: if: always() continue-on-error: true run: make -C dev down - - deploy-manifests: - runs-on: ubuntu-latest - - steps: - - uses: yokawasa/action-setup-kube-tools@v0.11.2 - with: - setup-tools: | - helm - helm: v3.16.3 # renovate: datasource=github-releases depName=helm/helm - - - uses: actions/checkout@v4 - - - name: Generate manifests from helm chart - run: hack/update-deployment-yamls.sh - - - name: Check for diff - run: git diff --exit-code -- deploy/ - - - name: Show warning - if: failure() - run: echo "::error title=Deployment Manifests outdated::Please run hack/update-deployment-yamls.sh and commit the changes to deploy/" - - helm-chart: - runs-on: ubuntu-latest - - steps: - - uses: yokawasa/action-setup-kube-tools@v0.11.2 - with: - setup-tools: | - helm - helm: v3.16.3 # renovate: datasource=github-releases depName=helm/helm - - - uses: actions/checkout@v4 - - # This step also verifies that the chart builds - - name: Verify Snapshots - run: | - hack/update-helm-snapshots.sh - git diff --exit-code -- chart/.snapshots/ - - - name: Show warning - if: failure() - run: echo "::error title=Helm Snapshots outdated::Please run hack/update-helm-snapshots.sh and commit the changes to chart/.snapshots/" - - - name: Helm Lint - run: helm lint chart/ diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 7393ab2a..c9823f99 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -25,6 +25,22 @@ repos: - id: trailing-whitespace exclude: ^(chart/.snapshots/.*|deploy/.*)$ + - repo: local + hooks: + - id: update-helm-snapshots + name: update-helm-snapshots + language: system + entry: bash ./hack/update-helm-snapshots.sh + files: ^(charts/.*|hack/update-helm-snapshots.sh$) + pass_filenames: false + + - id: update-deployment-yamls + name: update-deployment-yamls + language: system + entry: bash ./hack/update-deployment-yamls.sh + files: ^(charts/.*|hack/update-deployment-yamls.sh$) + pass_filenames: false + - repo: https://github.com/pre-commit/mirrors-prettier rev: v3.1.0 hooks: diff --git a/chart/.snapshots/default.yaml b/chart/.snapshots/default.yaml index b454cf07..cccccbf2 100644 --- a/chart/.snapshots/default.yaml +++ b/chart/.snapshots/default.yaml @@ -35,55 +35,55 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: controller rules: -# attacher -- apiGroups: [""] - resources: [persistentvolumes] - verbs: [get, list, watch, update, patch] -- apiGroups: [""] - resources: [nodes] - verbs: [get, list, watch] -- apiGroups: [csi.storage.k8s.io] - resources: [csinodeinfos] - verbs: [get, list, watch] -- apiGroups: [storage.k8s.io] - resources: [csinodes] - verbs: [get, list, watch] -- apiGroups: [storage.k8s.io] - resources: [volumeattachments] - verbs: [get, list, watch, update, patch] -- apiGroups: [storage.k8s.io] - resources: [volumeattachments/status] - verbs: [patch] -# provisioner -- apiGroups: [""] - resources: [secrets] - verbs: [get, list] -- apiGroups: [""] - resources: [persistentvolumes] - verbs: [get, list, watch, create, delete, patch] -- apiGroups: [""] - resources: [persistentvolumeclaims, persistentvolumeclaims/status] - verbs: [get, list, watch, update, patch] -- apiGroups: [storage.k8s.io] - resources: [storageclasses] - verbs: [get, list, watch] -- apiGroups: [""] - resources: [events] - verbs: [list, watch, create, update, patch] -- apiGroups: [snapshot.storage.k8s.io] - resources: [volumesnapshots] - verbs: [get, list] -- apiGroups: [snapshot.storage.k8s.io] - resources: [volumesnapshotcontents] - verbs: [get, list] -# resizer -- apiGroups: [""] - resources: [pods] - verbs: [get, list, watch] -# node -- apiGroups: [""] - resources: [events] - verbs: [get, list, watch, create, update, patch] + # attacher + - apiGroups: [""] + resources: [persistentvolumes] + verbs: [get, list, watch, update, patch] + - apiGroups: [""] + resources: [nodes] + verbs: [get, list, watch] + - apiGroups: [csi.storage.k8s.io] + resources: [csinodeinfos] + verbs: [get, list, watch] + - apiGroups: [storage.k8s.io] + resources: [csinodes] + verbs: [get, list, watch] + - apiGroups: [storage.k8s.io] + resources: [volumeattachments] + verbs: [get, list, watch, update, patch] + - apiGroups: [storage.k8s.io] + resources: [volumeattachments/status] + verbs: [patch] + # provisioner + - apiGroups: [""] + resources: [secrets] + verbs: [get, list] + - apiGroups: [""] + resources: [persistentvolumes] + verbs: [get, list, watch, create, delete, patch] + - apiGroups: [""] + resources: [persistentvolumeclaims, persistentvolumeclaims/status] + verbs: [get, list, watch, update, patch] + - apiGroups: [storage.k8s.io] + resources: [storageclasses] + verbs: [get, list, watch] + - apiGroups: [""] + resources: [events] + verbs: [list, watch, create, update, patch] + - apiGroups: [snapshot.storage.k8s.io] + resources: [volumesnapshots] + verbs: [get, list] + - apiGroups: [snapshot.storage.k8s.io] + resources: [volumesnapshotcontents] + verbs: [get, list] + # resizer + - apiGroups: [""] + resources: [pods] + verbs: [get, list, watch] + # node + - apiGroups: [""] + resources: [events] + verbs: [get, list, watch, create, update, patch] --- # Source: hcloud-csi/templates/controller/clusterrolebinding.yaml kind: ClusterRoleBinding @@ -115,7 +115,7 @@ metadata: app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: node - app: hcloud-csi + app: hcloud-csi spec: updateStrategy: type: RollingUpdate @@ -243,7 +243,7 @@ metadata: app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: controller - app: hcloud-csi-controller + app: hcloud-csi-controller spec: replicas: 1 strategy: diff --git a/chart/.snapshots/example-prod.yaml b/chart/.snapshots/example-prod.yaml index 9af2ef95..772054c6 100644 --- a/chart/.snapshots/example-prod.yaml +++ b/chart/.snapshots/example-prod.yaml @@ -54,59 +54,59 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: controller rules: -# leader election -- apiGroups: [coordination.k8s.io] - resources: [leases] - verbs: [get, watch, list, delete, update, create] -# attacher -- apiGroups: [""] - resources: [persistentvolumes] - verbs: [get, list, watch, update, patch] -- apiGroups: [""] - resources: [nodes] - verbs: [get, list, watch] -- apiGroups: [csi.storage.k8s.io] - resources: [csinodeinfos] - verbs: [get, list, watch] -- apiGroups: [storage.k8s.io] - resources: [csinodes] - verbs: [get, list, watch] -- apiGroups: [storage.k8s.io] - resources: [volumeattachments] - verbs: [get, list, watch, update, patch] -- apiGroups: [storage.k8s.io] - resources: [volumeattachments/status] - verbs: [patch] -# provisioner -- apiGroups: [""] - resources: [secrets] - verbs: [get, list] -- apiGroups: [""] - resources: [persistentvolumes] - verbs: [get, list, watch, create, delete, patch] -- apiGroups: [""] - resources: [persistentvolumeclaims, persistentvolumeclaims/status] - verbs: [get, list, watch, update, patch] -- apiGroups: [storage.k8s.io] - resources: [storageclasses] - verbs: [get, list, watch] -- apiGroups: [""] - resources: [events] - verbs: [list, watch, create, update, patch] -- apiGroups: [snapshot.storage.k8s.io] - resources: [volumesnapshots] - verbs: [get, list] -- apiGroups: [snapshot.storage.k8s.io] - resources: [volumesnapshotcontents] - verbs: [get, list] -# resizer -- apiGroups: [""] - resources: [pods] - verbs: [get, list, watch] -# node -- apiGroups: [""] - resources: [events] - verbs: [get, list, watch, create, update, patch] + # leader election + - apiGroups: [coordination.k8s.io] + resources: [leases] + verbs: [get, watch, list, delete, update, create] + # attacher + - apiGroups: [""] + resources: [persistentvolumes] + verbs: [get, list, watch, update, patch] + - apiGroups: [""] + resources: [nodes] + verbs: [get, list, watch] + - apiGroups: [csi.storage.k8s.io] + resources: [csinodeinfos] + verbs: [get, list, watch] + - apiGroups: [storage.k8s.io] + resources: [csinodes] + verbs: [get, list, watch] + - apiGroups: [storage.k8s.io] + resources: [volumeattachments] + verbs: [get, list, watch, update, patch] + - apiGroups: [storage.k8s.io] + resources: [volumeattachments/status] + verbs: [patch] + # provisioner + - apiGroups: [""] + resources: [secrets] + verbs: [get, list] + - apiGroups: [""] + resources: [persistentvolumes] + verbs: [get, list, watch, create, delete, patch] + - apiGroups: [""] + resources: [persistentvolumeclaims, persistentvolumeclaims/status] + verbs: [get, list, watch, update, patch] + - apiGroups: [storage.k8s.io] + resources: [storageclasses] + verbs: [get, list, watch] + - apiGroups: [""] + resources: [events] + verbs: [list, watch, create, update, patch] + - apiGroups: [snapshot.storage.k8s.io] + resources: [volumesnapshots] + verbs: [get, list] + - apiGroups: [snapshot.storage.k8s.io] + resources: [volumesnapshotcontents] + verbs: [get, list] + # resizer + - apiGroups: [""] + resources: [pods] + verbs: [get, list, watch] + # node + - apiGroups: [""] + resources: [events] + verbs: [get, list, watch, create, update, patch] --- # Source: hcloud-csi/templates/controller/clusterrolebinding.yaml kind: ClusterRoleBinding @@ -178,7 +178,7 @@ metadata: app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: node - app: hcloud-csi + app: hcloud-csi spec: updateStrategy: type: RollingUpdate @@ -320,7 +320,7 @@ metadata: app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: controller - app: hcloud-csi-controller + app: hcloud-csi-controller spec: replicas: 2 strategy: diff --git a/chart/.snapshots/full.yaml b/chart/.snapshots/full.yaml index 17b24f90..610521b0 100644 --- a/chart/.snapshots/full.yaml +++ b/chart/.snapshots/full.yaml @@ -64,66 +64,66 @@ metadata: annotations: common-annotation: common-annotation rules: -# leader election -- apiGroups: [coordination.k8s.io] - resources: [leases] - verbs: [get, watch, list, delete, update, create] -# attacher -- apiGroups: [""] - resources: [persistentvolumes] - verbs: [get, list, watch, update, patch] -- apiGroups: [""] - resources: [nodes] - verbs: [get, list, watch] -- apiGroups: [csi.storage.k8s.io] - resources: [csinodeinfos] - verbs: [get, list, watch] -- apiGroups: [storage.k8s.io] - resources: [csinodes] - verbs: [get, list, watch] -- apiGroups: [storage.k8s.io] - resources: [volumeattachments] - verbs: [get, list, watch, update, patch] -- apiGroups: [storage.k8s.io] - resources: [volumeattachments/status] - verbs: [patch] -# provisioner -- apiGroups: [""] - resources: [secrets] - verbs: [get, list] -- apiGroups: [""] - resources: [persistentvolumes] - verbs: [get, list, watch, create, delete, patch] -- apiGroups: [""] - resources: [persistentvolumeclaims, persistentvolumeclaims/status] - verbs: [get, list, watch, update, patch] -- apiGroups: [storage.k8s.io] - resources: [storageclasses] - verbs: [get, list, watch] -- apiGroups: [""] - resources: [events] - verbs: [list, watch, create, update, patch] -- apiGroups: [snapshot.storage.k8s.io] - resources: [volumesnapshots] - verbs: [get, list] -- apiGroups: [snapshot.storage.k8s.io] - resources: [volumesnapshotcontents] - verbs: [get, list] -# resizer -- apiGroups: [""] - resources: [pods] - verbs: [get, list, watch] -# node -- apiGroups: [""] - resources: [events] - verbs: [get, list, watch, create, update, patch] -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list + # leader election + - apiGroups: [coordination.k8s.io] + resources: [leases] + verbs: [get, watch, list, delete, update, create] + # attacher + - apiGroups: [""] + resources: [persistentvolumes] + verbs: [get, list, watch, update, patch] + - apiGroups: [""] + resources: [nodes] + verbs: [get, list, watch] + - apiGroups: [csi.storage.k8s.io] + resources: [csinodeinfos] + verbs: [get, list, watch] + - apiGroups: [storage.k8s.io] + resources: [csinodes] + verbs: [get, list, watch] + - apiGroups: [storage.k8s.io] + resources: [volumeattachments] + verbs: [get, list, watch, update, patch] + - apiGroups: [storage.k8s.io] + resources: [volumeattachments/status] + verbs: [patch] + # provisioner + - apiGroups: [""] + resources: [secrets] + verbs: [get, list] + - apiGroups: [""] + resources: [persistentvolumes] + verbs: [get, list, watch, create, delete, patch] + - apiGroups: [""] + resources: [persistentvolumeclaims, persistentvolumeclaims/status] + verbs: [get, list, watch, update, patch] + - apiGroups: [storage.k8s.io] + resources: [storageclasses] + verbs: [get, list, watch] + - apiGroups: [""] + resources: [events] + verbs: [list, watch, create, update, patch] + - apiGroups: [snapshot.storage.k8s.io] + resources: [volumesnapshots] + verbs: [get, list] + - apiGroups: [snapshot.storage.k8s.io] + resources: [volumesnapshotcontents] + verbs: [get, list] + # resizer + - apiGroups: [""] + resources: [pods] + verbs: [get, list, watch] + # node + - apiGroups: [""] + resources: [events] + verbs: [get, list, watch, create, update, patch] + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list --- # Source: hcloud-csi/templates/controller/clusterrolebinding.yaml kind: ClusterRoleBinding @@ -206,7 +206,7 @@ metadata: app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: node - app: hcloud-csi + app: hcloud-csi common-label: common-label annotations: common-annotation: common-annotation @@ -407,7 +407,7 @@ metadata: app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: controller - app: hcloud-csi-controller + app: hcloud-csi-controller common-label: common-label annotations: common-annotation: common-annotation diff --git a/chart/templates/_common_images.tpl b/chart/templates/_common_images.tpl index 70353083..f4fe5779 100644 --- a/chart/templates/_common_images.tpl +++ b/chart/templates/_common_images.tpl @@ -1,4 +1,4 @@ -{{/* +{{- /* Return the Container Image Name {{ include "common.images.image" (dict "value" .Values.controller.image.hcloudCSIDriver "context" .) }} */}} @@ -6,7 +6,7 @@ Return the Container Image Name {{ tpl .value.name .context }}{{ if .value.tag }}:{{ tpl .value.tag .context }}{{ end }} {{- end -}} -{{/* +{{- /* Return the proper Container Image Registry Secret Names evaluating values as templates {{ include "common.images.pullSecrets" ( dict "images" (list .Values.path.to.the.image1 .Values.path.to.the.image2) "context" $) }} */}} diff --git a/chart/templates/_common_labels.tpl b/chart/templates/_common_labels.tpl index 6f3ff0db..b7adc6b4 100644 --- a/chart/templates/_common_labels.tpl +++ b/chart/templates/_common_labels.tpl @@ -1,4 +1,4 @@ -{{/* +{{- /* Kubernetes standard labels */}} {{- define "common.labels.standard" -}} @@ -8,7 +8,7 @@ app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end -}} -{{/* +{{- /* Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector */}} {{- define "common.labels.matchLabels" -}} diff --git a/chart/templates/_common_name.tpl b/chart/templates/_common_name.tpl index 6e360837..ed5b4c44 100644 --- a/chart/templates/_common_name.tpl +++ b/chart/templates/_common_name.tpl @@ -1,18 +1,18 @@ -{{/* +{{- /* Expand the name of the chart. */}} {{- define "common.names.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{/* +{{- /* Create chart name and version as used by the chart label. */}} {{- define "common.names.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{/* +{{- /* Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. @@ -30,21 +30,21 @@ If release name contains chart name it will be used as a full name. {{- end -}} {{- end -}} -{{/* +{{- /* Allow the release namespace to be overridden for multi-namespace deployments in combined charts. */}} {{- define "common.names.namespace" -}} {{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{/* +{{- /* Create a fully qualified app name adding the installation's namespace. */}} {{- define "common.names.fullname.namespace" -}} {{- printf "%s-%s" (include "common.names.fullname" .) (include "common.names.namespace" .) | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{/* +{{- /* Create the name of the service account to use */}} {{- define "common.names.serviceAccountName" -}} diff --git a/chart/templates/_common_tplvalues.tpl b/chart/templates/_common_tplvalues.tpl index 096b29d5..e6d82f80 100644 --- a/chart/templates/_common_tplvalues.tpl +++ b/chart/templates/_common_tplvalues.tpl @@ -1,4 +1,4 @@ -{{/* +{{- /* Renders a value that contains template. Usage: {{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $) }} diff --git a/chart/templates/controller/clusterrole.yaml b/chart/templates/controller/clusterrole.yaml index 472c892a..307cfa8f 100644 --- a/chart/templates/controller/clusterrole.yaml +++ b/chart/templates/controller/clusterrole.yaml @@ -15,61 +15,61 @@ metadata: {{- end }} rules: {{- if $enableLeaderElection}} -# leader election -- apiGroups: [coordination.k8s.io] - resources: [leases] - verbs: [get, watch, list, delete, update, create] + # leader election + - apiGroups: [coordination.k8s.io] + resources: [leases] + verbs: [get, watch, list, delete, update, create] {{- end}} -# attacher -- apiGroups: [""] - resources: [persistentvolumes] - verbs: [get, list, watch, update, patch] -- apiGroups: [""] - resources: [nodes] - verbs: [get, list, watch] -- apiGroups: [csi.storage.k8s.io] - resources: [csinodeinfos] - verbs: [get, list, watch] -- apiGroups: [storage.k8s.io] - resources: [csinodes] - verbs: [get, list, watch] -- apiGroups: [storage.k8s.io] - resources: [volumeattachments] - verbs: [get, list, watch, update, patch] -- apiGroups: [storage.k8s.io] - resources: [volumeattachments/status] - verbs: [patch] -# provisioner -- apiGroups: [""] - resources: [secrets] - verbs: [get, list] -- apiGroups: [""] - resources: [persistentvolumes] - verbs: [get, list, watch, create, delete, patch] -- apiGroups: [""] - resources: [persistentvolumeclaims, persistentvolumeclaims/status] - verbs: [get, list, watch, update, patch] -- apiGroups: [storage.k8s.io] - resources: [storageclasses] - verbs: [get, list, watch] -- apiGroups: [""] - resources: [events] - verbs: [list, watch, create, update, patch] -- apiGroups: [snapshot.storage.k8s.io] - resources: [volumesnapshots] - verbs: [get, list] -- apiGroups: [snapshot.storage.k8s.io] - resources: [volumesnapshotcontents] - verbs: [get, list] -# resizer -- apiGroups: [""] - resources: [pods] - verbs: [get, list, watch] -# node -- apiGroups: [""] - resources: [events] - verbs: [get, list, watch, create, update, patch] + # attacher + - apiGroups: [""] + resources: [persistentvolumes] + verbs: [get, list, watch, update, patch] + - apiGroups: [""] + resources: [nodes] + verbs: [get, list, watch] + - apiGroups: [csi.storage.k8s.io] + resources: [csinodeinfos] + verbs: [get, list, watch] + - apiGroups: [storage.k8s.io] + resources: [csinodes] + verbs: [get, list, watch] + - apiGroups: [storage.k8s.io] + resources: [volumeattachments] + verbs: [get, list, watch, update, patch] + - apiGroups: [storage.k8s.io] + resources: [volumeattachments/status] + verbs: [patch] + # provisioner + - apiGroups: [""] + resources: [secrets] + verbs: [get, list] + - apiGroups: [""] + resources: [persistentvolumes] + verbs: [get, list, watch, create, delete, patch] + - apiGroups: [""] + resources: [persistentvolumeclaims, persistentvolumeclaims/status] + verbs: [get, list, watch, update, patch] + - apiGroups: [storage.k8s.io] + resources: [storageclasses] + verbs: [get, list, watch] + - apiGroups: [""] + resources: [events] + verbs: [list, watch, create, update, patch] + - apiGroups: [snapshot.storage.k8s.io] + resources: [volumesnapshots] + verbs: [get, list] + - apiGroups: [snapshot.storage.k8s.io] + resources: [volumesnapshotcontents] + verbs: [get, list] + # resizer + - apiGroups: [""] + resources: [pods] + verbs: [get, list, watch] + # node + - apiGroups: [""] + resources: [events] + verbs: [get, list, watch, create, update, patch] {{- if .Values.controller.rbac.rules }} -{{- include "common.tplvalues.render" ( dict "value" .Values.controller.rbac.rules "context" $ ) | nindent 0 }} +{{- include "common.tplvalues.render" ( dict "value" .Values.controller.rbac.rules "context" $ ) | nindent 2 }} {{- end }} {{- end }} diff --git a/chart/templates/controller/deployment.yaml b/chart/templates/controller/deployment.yaml index f375d8c3..b8bf966e 100644 --- a/chart/templates/controller/deployment.yaml +++ b/chart/templates/controller/deployment.yaml @@ -7,7 +7,7 @@ metadata: namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "common.labels.standard" . | nindent 4 }} app.kubernetes.io/component: controller - app: hcloud-csi-controller {{/* Compatibility with old manifests */}} + app: hcloud-csi-controller {{- /* Compatibility with old manifests */}} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} diff --git a/chart/templates/node/daemonset.yaml b/chart/templates/node/daemonset.yaml index cde83e3b..bf27f6a7 100644 --- a/chart/templates/node/daemonset.yaml +++ b/chart/templates/node/daemonset.yaml @@ -5,7 +5,7 @@ metadata: namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "common.labels.standard" . | nindent 4 }} app.kubernetes.io/component: node - app: hcloud-csi {{/* Compatibility with old manifests */}} + app: hcloud-csi {{- /* Compatibility with old manifests */}} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} diff --git a/deploy/kubernetes/hcloud-csi.yml b/deploy/kubernetes/hcloud-csi.yml index 5269b354..b1982e82 100644 --- a/deploy/kubernetes/hcloud-csi.yml +++ b/deploy/kubernetes/hcloud-csi.yml @@ -33,55 +33,55 @@ metadata: app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/component: controller rules: -# attacher -- apiGroups: [""] - resources: [persistentvolumes] - verbs: [get, list, watch, update, patch] -- apiGroups: [""] - resources: [nodes] - verbs: [get, list, watch] -- apiGroups: [csi.storage.k8s.io] - resources: [csinodeinfos] - verbs: [get, list, watch] -- apiGroups: [storage.k8s.io] - resources: [csinodes] - verbs: [get, list, watch] -- apiGroups: [storage.k8s.io] - resources: [volumeattachments] - verbs: [get, list, watch, update, patch] -- apiGroups: [storage.k8s.io] - resources: [volumeattachments/status] - verbs: [patch] -# provisioner -- apiGroups: [""] - resources: [secrets] - verbs: [get, list] -- apiGroups: [""] - resources: [persistentvolumes] - verbs: [get, list, watch, create, delete, patch] -- apiGroups: [""] - resources: [persistentvolumeclaims, persistentvolumeclaims/status] - verbs: [get, list, watch, update, patch] -- apiGroups: [storage.k8s.io] - resources: [storageclasses] - verbs: [get, list, watch] -- apiGroups: [""] - resources: [events] - verbs: [list, watch, create, update, patch] -- apiGroups: [snapshot.storage.k8s.io] - resources: [volumesnapshots] - verbs: [get, list] -- apiGroups: [snapshot.storage.k8s.io] - resources: [volumesnapshotcontents] - verbs: [get, list] -# resizer -- apiGroups: [""] - resources: [pods] - verbs: [get, list, watch] -# node -- apiGroups: [""] - resources: [events] - verbs: [get, list, watch, create, update, patch] + # attacher + - apiGroups: [""] + resources: [persistentvolumes] + verbs: [get, list, watch, update, patch] + - apiGroups: [""] + resources: [nodes] + verbs: [get, list, watch] + - apiGroups: [csi.storage.k8s.io] + resources: [csinodeinfos] + verbs: [get, list, watch] + - apiGroups: [storage.k8s.io] + resources: [csinodes] + verbs: [get, list, watch] + - apiGroups: [storage.k8s.io] + resources: [volumeattachments] + verbs: [get, list, watch, update, patch] + - apiGroups: [storage.k8s.io] + resources: [volumeattachments/status] + verbs: [patch] + # provisioner + - apiGroups: [""] + resources: [secrets] + verbs: [get, list] + - apiGroups: [""] + resources: [persistentvolumes] + verbs: [get, list, watch, create, delete, patch] + - apiGroups: [""] + resources: [persistentvolumeclaims, persistentvolumeclaims/status] + verbs: [get, list, watch, update, patch] + - apiGroups: [storage.k8s.io] + resources: [storageclasses] + verbs: [get, list, watch] + - apiGroups: [""] + resources: [events] + verbs: [list, watch, create, update, patch] + - apiGroups: [snapshot.storage.k8s.io] + resources: [volumesnapshots] + verbs: [get, list] + - apiGroups: [snapshot.storage.k8s.io] + resources: [volumesnapshotcontents] + verbs: [get, list] + # resizer + - apiGroups: [""] + resources: [pods] + verbs: [get, list, watch] + # node + - apiGroups: [""] + resources: [events] + verbs: [get, list, watch, create, update, patch] --- # Source: hcloud-csi/templates/controller/clusterrolebinding.yaml kind: ClusterRoleBinding @@ -149,7 +149,7 @@ metadata: app.kubernetes.io/name: hcloud-csi app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/component: node - app: hcloud-csi + app: hcloud-csi spec: updateStrategy: type: RollingUpdate @@ -278,7 +278,7 @@ metadata: app.kubernetes.io/name: hcloud-csi app.kubernetes.io/instance: hcloud-csi app.kubernetes.io/component: controller - app: hcloud-csi-controller + app: hcloud-csi-controller spec: replicas: 1 strategy: