From 8d247d66dd64230d4534d726f5a2f31bfca25286 Mon Sep 17 00:00:00 2001 From: Christian Simon Date: Tue, 7 Aug 2018 11:24:09 +0100 Subject: [PATCH 1/4] Update k8s versions used in tests --- pkg/apis/cluster/v1alpha1/defaults.go | 2 +- puppet/modules/tarmak/Makefile | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/pkg/apis/cluster/v1alpha1/defaults.go b/pkg/apis/cluster/v1alpha1/defaults.go index ae7c7f51a5..b36ec6983c 100644 --- a/pkg/apis/cluster/v1alpha1/defaults.go +++ b/pkg/apis/cluster/v1alpha1/defaults.go @@ -38,7 +38,7 @@ func SetDefaults_Cluster(obj *Cluster) { // set default kubernetes version if obj.Kubernetes.Version == "" { - obj.Kubernetes.Version = "1.9.7" + obj.Kubernetes.Version = "1.9.10" } // zone diff --git a/puppet/modules/tarmak/Makefile b/puppet/modules/tarmak/Makefile index aa035c2fa3..c30d9311f0 100644 --- a/puppet/modules/tarmak/Makefile +++ b/puppet/modules/tarmak/Makefile @@ -1,8 +1,8 @@ BUNDLE_DIR ?= .bundle -VERSION_1_11 := 1.11.0 -VERSION_1_10 := 1.10.5 -VERSION_1_9 := 1.9.9 +VERSION_1_11 := 1.11.1 +VERSION_1_10 := 1.10.6 +VERSION_1_9 := 1.9.10 VERSION_1_8 := 1.8.15 VERSION_1_7 := 1.7.16 VERSION_1_6 := 1.6.13 From 6f2aa42bf8b29e525bd1929e8ec3881f54b03f5c Mon Sep 17 00:00:00 2001 From: Christian Simon Date: Tue, 7 Aug 2018 14:15:49 +0100 Subject: [PATCH 2/4] Fix typo in struct annotations for Labels --- pkg/apis/cluster/v1alpha1/instancepool.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/apis/cluster/v1alpha1/instancepool.go b/pkg/apis/cluster/v1alpha1/instancepool.go index bb6bbc083a..50a7256b7f 100644 --- a/pkg/apis/cluster/v1alpha1/instancepool.go +++ b/pkg/apis/cluster/v1alpha1/instancepool.go @@ -56,7 +56,7 @@ type InstancePool struct { Volumes []Volume `json:"volumes,omitempty"` Kubernetes *InstancePoolKubernetes `json:"kubernetes,omitempty"` AllowCIDRs []string `json:"allowCIDRs,omitempty"` - Labels []*Label `json:"labels,omityempty"` + Labels []*Label `json:"labels,omitempty"` Taints []*Taint `json:"taints,omitempty"` // Amazon specific settings for that instance pool From aeaab0cef25c8a62a4e6ddadef43024b4def71dd Mon Sep 17 00:00:00 2001 From: Christian Simon Date: Tue, 7 Aug 2018 16:12:06 +0100 Subject: [PATCH 3/4] Fix PSP check for 1.11 --- puppet/modules/tarmak/spec/acceptance/single_node_spec.rb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/puppet/modules/tarmak/spec/acceptance/single_node_spec.rb b/puppet/modules/tarmak/spec/acceptance/single_node_spec.rb index 7548e1a33a..f2f393ba39 100644 --- a/puppet/modules/tarmak/spec/acceptance/single_node_spec.rb +++ b/puppet/modules/tarmak/spec/acceptance/single_node_spec.rb @@ -156,6 +156,11 @@ end end + it 'should have a service account ready', :retry => 20, :retry_wait => 1 do + result = shell('kubectl get serviceaccount --namespace developer default') + expect(result.exit_code).to eq(0) + end + it 'allows developer to run unprivileged pods in namespace developer' do result = shell('kubectl --as=developer run busybox --image=busybox --restart=Never -n developer --rm --attach -- uname -a') expect(result.exit_code).to eq(0) From 9f6be32a4285adb6121d53e9777eefc7b4b19765 Mon Sep 17 00:00:00 2001 From: Christian Simon Date: Tue, 7 Aug 2018 17:52:50 +0100 Subject: [PATCH 4/4] Use class as dependency reference --- puppet/modules/tarmak/manifests/master.pp | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/puppet/modules/tarmak/manifests/master.pp b/puppet/modules/tarmak/manifests/master.pp index 8d31cdd2d3..a59dd3d9e4 100644 --- a/puppet/modules/tarmak/manifests/master.pp +++ b/puppet/modules/tarmak/manifests/master.pp @@ -165,12 +165,12 @@ cert_file => "${admin_base_path}.pem", } - Service['kube-scheduler-cert.service'] -> Service['kube-scheduler.service'] - Service['kube-controller-manager-cert.service'] -> Service['kube-controller-manager.service'] - Service['kube-apiserver-cert.service'] -> Service['kube-apiserver.service'] - Service['kube-admin-cert.service'] -> Service['kube-apiserver.service'] - Service['kube-service-account-key-secret.service'] -> Service['kube-controller-manager.service'] - Service['kube-service-account-key-secret.service'] -> Service['kube-apiserver.service'] + Vault_Client::Cert_Service['kube-scheduler'] -> Service['kube-scheduler.service'] + Vault_Client::Cert_Service['kube-controller-manager'] -> Service['kube-controller-manager.service'] + Vault_Client::Cert_Service['kube-apiserver'] -> Service['kube-apiserver.service'] + Vault_Client::Cert_Service['kube-admin'] -> Service['kube-apiserver.service'] + Vault_Client::Secret_Service['kube-service-account-key'] -> Service['kube-controller-manager.service'] + Vault_Client::Secret_Service['kube-service-account-key'] -> Service['kube-apiserver.service'] Service['kube-admin-cert.service'] -> Kubernetes::Apply <||> class { 'kubernetes::master':