chore: add support bundle spec to registry addon (#5040)

* chore: add support bundle spec to registry addon * Fix correct paths to get template
replicatedhq · Jan 18, 2024 · 2178475 · 2178475
1 parent 82ac613
commit 2178475
Show file tree

Hide file tree

Showing 7 changed files with 146 additions and 15 deletions.
diff --git a/addons/registry/2.8.1/install.sh b/addons/registry/2.8.1/install.sh
@@ -49,19 +49,22 @@ function registry_install() {
     if registry_will_migrate_pvc; then
         logWarn "Registry migration in progres......"
 
-        # Object store credentials already live in the previously created secret 
+        # Object store credentials already live in the previously created secret
         render_yaml_file "$DIR/addons/registry/2.8.1/tmpl-configmap-migrate-s3.yaml" > "$DIR/kustomize/registry/configmap-migrate-s3.yaml"
         insert_resources "$DIR/kustomize/registry/kustomization.yaml" configmap-migrate-s3.yaml
         cp "$DIR/addons/registry/2.8.1/patch-deployment-migrate-s3.yaml" "$DIR/kustomize/registry/patch-deployment-migrate-s3.yaml"
         insert_patches_strategic_merge "$DIR/kustomize/registry/kustomization.yaml" patch-deployment-migrate-s3.yaml
     fi
+
+    render_yaml_file "$DIR/addons/registry/2.8.1/tmpl-troubleshoot.yaml" > "$DIR/kustomize/registry/troubleshoot.yaml"
+    insert_resources "$DIR/kustomize/registry/kustomization.yaml" troubleshoot.yaml
 }
 
 # The regsitry will migrate from object store to pvc is there isn't already a PVC, the object store was remove from the installer, BUT
 # it is still detected as running in the cluster. The latter 2 conditions happen during a CSI migration.
 function registry_will_migrate_pvc() {
     # If KOTSADM_DISABLE_S3 is not set, don't allow the migration
-    if [ "$KOTSADM_DISABLE_S3" != 1 ]; then 
+    if [ "$KOTSADM_DISABLE_S3" != 1 ]; then
         return 1
     fi
     if ! registry_pvc_exists && ! object_store_exists && object_store_running ; then
@@ -98,7 +101,7 @@ function registry_pre_init() {
 function registry_init() {
 
     DOCKER_REGISTRY_IP=$(kubectl -n kurl get service registry -o=jsonpath='{@.spec.clusterIP}' 2>/dev/null || echo "")
-  
+
     regsitry_init_service
 
     kubectl apply -k "$DIR/kustomize/registry"
@@ -109,7 +112,7 @@ function registry_init() {
 function regsitry_init_service() {
     mkdir -p "$DIR/kustomize/registry"
     cp "$DIR/addons/registry/2.8.1/kustomization.yaml" "$DIR/kustomize/registry/kustomization.yaml"
-    
+
     cp "$DIR/addons/registry/2.8.1/service.yaml" "$DIR/kustomize/registry/service.yaml"
     insert_resources "$DIR/kustomize/registry/kustomization.yaml" service.yaml
 

diff --git a/addons/registry/2.8.1/tmpl-troubleshoot.yaml b/addons/registry/2.8.1/tmpl-troubleshoot.yaml
@@ -0,0 +1,38 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: kurl-registry-supportbundle-spec
+  labels:
+    troubleshoot.io/kind: support-bundle
+data:
+  support-bundle-spec: |
+    apiVersion: troubleshoot.sh/v1beta2
+    kind: SupportBundle
+    spec:
+      collectors:
+        - configMap:
+            collectorName: registry-config
+            name: registry-config
+            namespace: kurl
+            includeAllData: true
+        - configMap:
+            collectorName: registry-velero-config
+            name: registry-velero-config
+            namespace: kurl
+            includeAllData: true
+        - configMap:
+            collectorName: registry-migrate-s3-config
+            name: registry-migrate-s3-config
+            namespace: kurl
+            includeAllData: true
+        - secret:
+            collectorName: registry-pki
+            namespace: kurl
+            name: registry-pki
+            includeValue: true
+            key: registry.crt
+        - logs:
+            name: kurl/registry/logs
+            namespace: kurl
+            selector:
+              - app=registry
diff --git a/addons/registry/2.8.3/install.sh b/addons/registry/2.8.3/install.sh
@@ -56,20 +56,24 @@ function registry_install() {
     if registry_will_migrate_pvc; then
         logWarn "Registry migration in progres......"
 
-        # Object store credentials already live in the previously created secret 
+        # Object store credentials already live in the previously created secret
         render_yaml_file "$DIR/addons/registry/2.8.3/tmpl-configmap-migrate-s3.yaml" > "$DIR/kustomize/registry/configmap-migrate-s3.yaml"
         insert_resources "$DIR/kustomize/registry/kustomization.yaml" configmap-migrate-s3.yaml
         cp "$DIR/addons/registry/2.8.3/patch-deployment-migrate-s3.yaml" "$DIR/kustomize/registry/patch-deployment-migrate-s3.yaml"
         insert_patches_strategic_merge "$DIR/kustomize/registry/kustomization.yaml" patch-deployment-migrate-s3.yaml
     fi
+
+    render_yaml_file "$DIR/addons/registry/2.8.3/tmpl-troubleshoot.yaml" > "$DIR/kustomize/registry/troubleshoot.yaml"
+    insert_resources "$DIR/kustomize/registry/kustomization.yaml" troubleshoot.yaml
+
     logSuccess "Registry installed successfully"
 }
 
 # The regsitry will migrate from object store to pvc is there isn't already a PVC, the object store was remove from the installer, BUT
 # it is still detected as running in the cluster. The latter 2 conditions happen during a CSI migration.
 function registry_will_migrate_pvc() {
     # If KOTSADM_DISABLE_S3 is not set, don't allow the migration
-    if [ "$KOTSADM_DISABLE_S3" != 1 ]; then 
+    if [ "$KOTSADM_DISABLE_S3" != 1 ]; then
         return 1
     fi
     if ! registry_pvc_exists && ! object_store_exists && object_store_running ; then
@@ -106,7 +110,7 @@ function registry_pre_init() {
 function registry_init() {
 
     DOCKER_REGISTRY_IP=$(kubectl -n kurl get service registry -o=jsonpath='{@.spec.clusterIP}' 2>/dev/null || echo "")
-  
+
     regsitry_init_service
 
     kubectl apply -k "$DIR/kustomize/registry"
@@ -118,7 +122,7 @@ function regsitry_init_service() {
     log "Applying resources"
     mkdir -p "$DIR/kustomize/registry"
     cp "$DIR/addons/registry/2.8.3/kustomization.yaml" "$DIR/kustomize/registry/kustomization.yaml"
-    
+
     cp "$DIR/addons/registry/2.8.3/service.yaml" "$DIR/kustomize/registry/service.yaml"
     insert_resources "$DIR/kustomize/registry/kustomization.yaml" service.yaml
 
@@ -268,7 +272,7 @@ EOF
 
     log "Generating a private key and a corresponding Certificate Signing Request (CSR) using OpenSSL"
     openssl req -newkey rsa:2048 -nodes -keyout registry.key -out registry.csr -sha256 -config registry.cnf
-    
+
     log "Generating a self-signed X.509 certificate using OpenSSL"
     openssl x509 -req -days 365 -in registry.csr -CA "${ca_crt}" -CAkey "${ca_key}" -CAcreateserial -out registry.crt -extensions v3_ext -extfile registry.cnf -sha256
 

diff --git a/addons/registry/2.8.3/tmpl-troubleshoot.yaml b/addons/registry/2.8.3/tmpl-troubleshoot.yaml
@@ -0,0 +1,38 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: kurl-registry-supportbundle-spec
+  labels:
+    troubleshoot.io/kind: support-bundle
+data:
+  support-bundle-spec: |
+    apiVersion: troubleshoot.sh/v1beta2
+    kind: SupportBundle
+    spec:
+      collectors:
+        - configMap:
+            collectorName: registry-config
+            name: registry-config
+            namespace: kurl
+            includeAllData: true
+        - configMap:
+            collectorName: registry-velero-config
+            name: registry-velero-config
+            namespace: kurl
+            includeAllData: true
+        - configMap:
+            collectorName: registry-migrate-s3-config
+            name: registry-migrate-s3-config
+            namespace: kurl
+            includeAllData: true
+        - secret:
+            collectorName: registry-pki
+            namespace: kurl
+            name: registry-pki
+            includeValue: true
+            key: registry.crt
+        - logs:
+            name: kurl/registry/logs
+            namespace: kurl
+            selector:
+              - app=registry
diff --git a/addons/registry/template/base/install.sh b/addons/registry/template/base/install.sh
@@ -56,20 +56,24 @@ function registry_install() {
     if registry_will_migrate_pvc; then
         logWarn "Registry migration in progres......"
 
-        # Object store credentials already live in the previously created secret 
+        # Object store credentials already live in the previously created secret
         render_yaml_file "$DIR/addons/registry/__registry_version__/tmpl-configmap-migrate-s3.yaml" > "$DIR/kustomize/registry/configmap-migrate-s3.yaml"
         insert_resources "$DIR/kustomize/registry/kustomization.yaml" configmap-migrate-s3.yaml
         cp "$DIR/addons/registry/__registry_version__/patch-deployment-migrate-s3.yaml" "$DIR/kustomize/registry/patch-deployment-migrate-s3.yaml"
         insert_patches_strategic_merge "$DIR/kustomize/registry/kustomization.yaml" patch-deployment-migrate-s3.yaml
     fi
+
+    render_yaml_file "$DIR/addons/registry/__registry_version__/tmpl-troubleshoot.yaml" > "$DIR/kustomize/registry/troubleshoot.yaml"
+    insert_resources "$DIR/kustomize/registry/kustomization.yaml" troubleshoot.yaml
+
     logSuccess "Registry installed successfully"
 }
 
 # The regsitry will migrate from object store to pvc is there isn't already a PVC, the object store was remove from the installer, BUT
 # it is still detected as running in the cluster. The latter 2 conditions happen during a CSI migration.
 function registry_will_migrate_pvc() {
     # If KOTSADM_DISABLE_S3 is not set, don't allow the migration
-    if [ "$KOTSADM_DISABLE_S3" != 1 ]; then 
+    if [ "$KOTSADM_DISABLE_S3" != 1 ]; then
         return 1
     fi
     if ! registry_pvc_exists && ! object_store_exists && object_store_running ; then
@@ -106,7 +110,7 @@ function registry_pre_init() {
 function registry_init() {
 
     DOCKER_REGISTRY_IP=$(kubectl -n kurl get service registry -o=jsonpath='{@.spec.clusterIP}' 2>/dev/null || echo "")
-  
+
     regsitry_init_service
 
     kubectl apply -k "$DIR/kustomize/registry"
@@ -118,7 +122,7 @@ function regsitry_init_service() {
     log "Applying resources"
     mkdir -p "$DIR/kustomize/registry"
     cp "$DIR/addons/registry/__registry_version__/kustomization.yaml" "$DIR/kustomize/registry/kustomization.yaml"
-    
+
     cp "$DIR/addons/registry/__registry_version__/service.yaml" "$DIR/kustomize/registry/service.yaml"
     insert_resources "$DIR/kustomize/registry/kustomization.yaml" service.yaml
 
@@ -268,7 +272,7 @@ EOF
 
     log "Generating a private key and a corresponding Certificate Signing Request (CSR) using OpenSSL"
     openssl req -newkey rsa:2048 -nodes -keyout registry.key -out registry.csr -sha256 -config registry.cnf
-    
+
     log "Generating a self-signed X.509 certificate using OpenSSL"
     openssl x509 -req -days 365 -in registry.csr -CA "${ca_crt}" -CAkey "${ca_key}" -CAcreateserial -out registry.crt -extensions v3_ext -extfile registry.cnf -sha256
 

diff --git a/addons/registry/template/base/tmpl-troubleshoot.yaml b/addons/registry/template/base/tmpl-troubleshoot.yaml
@@ -0,0 +1,38 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: kurl-registry-supportbundle-spec
+  labels:
+    troubleshoot.io/kind: support-bundle
+data:
+  support-bundle-spec: |
+    apiVersion: troubleshoot.sh/v1beta2
+    kind: SupportBundle
+    spec:
+      collectors:
+        - configMap:
+            collectorName: registry-config
+            name: registry-config
+            namespace: kurl
+            includeAllData: true
+        - configMap:
+            collectorName: registry-velero-config
+            name: registry-velero-config
+            namespace: kurl
+            includeAllData: true
+        - configMap:
+            collectorName: registry-migrate-s3-config
+            name: registry-migrate-s3-config
+            namespace: kurl
+            includeAllData: true
+        - secret:
+            collectorName: registry-pki
+            namespace: kurl
+            name: registry-pki
+            includeValue: true
+            key: registry.crt
+        - logs:
+            name: kurl/registry/logs
+            namespace: kurl
+            selector:
+              - app=registry
diff --git a/addons/registry/template/testgrid/k8s-docker.yaml b/addons/registry/template/testgrid/k8s-docker.yaml
@@ -14,7 +14,6 @@
   unsupportedOSIDs:
     - centos-74 # Rook 1.8+ not supported on 3.10.0-693.el7.x86_64 kernel
   postInstallScript: |
-
     # get the registry address and credentials
     DOCKER_REGISTRY_IP=$(kubectl -n kurl get service registry -o=jsonpath='{@.spec.clusterIP}' 2>/dev/null || echo "")
     DOCKER_AUTH=$(kubectl get secret registry-creds -o jsonpath='{.data.\.dockerconfigjson}' | base64 --decode | sed 's|.*"auth":"\([^"]*\)".*|\1|')
@@ -32,6 +31,13 @@
     # pull it from the registry
     ctr -n k8s.io images pull --tlscacert /etc/kubernetes/pki/ca.crt --user "$(echo $DOCKER_AUTH | base64 -d)" $DOCKER_REGISTRY_IP/registry:testtag
 
+    # Check if the support bundle spec was installed
+    echo "test whether the registry support bundle spec was installed"
+    supportBundle=$(kubectl get cm -n kurl kurl-registry-supportbundle-spec -ojsonpath='{.data.support-bundle-spec}')
+    echo "$supportBundle"
+    echo "test if the support bundle has 'troubleshoot.io/kind: support-bundle' label"
+    kubectl get cm -n kurl kurl-registry-supportbundle-spec -oyaml | grep 'troubleshoot.io/kind: support-bundle'
+
 - name: registry_latest_longhorn
   installerSpec:
     kubernetes: