Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
cac43a1dd0
constellation/cli/internal/helm
History
Otto Bittner cac43a1dd0 ci: add e2e-upgrade test 
The test is implemented as a go test.
It can be executed as a bazel target.
The general workflow is to setup a cluster,
point the test to the workspace in which to
find the kubeconfig and the constellation config
and specify a target image, k8s and
service version. The test will succeed
if it detects all target versions in the cluster
within the configured timeout.
The CI automates the above steps.
A separate workflow is introduced as there
are multiple input fields to the test.
Adding all of these to the manual e2e test
seemed confusing.

Co-authored-by: Fabian Kammel <fk@edgeless.systems>
2023-03-23 14:57:38 +01:00
..
charts ci: add e2e-upgrade test 2023-03-23 14:57:38 +01:00
testdata attestation: add option for MAA fallback to verify azure's snp-sev id key digest (#1257) 2023-03-21 12:46:49 +01:00
backup_test.go go: remove unused parameters 2023-03-20 08:41:01 -04:00
backup.go cli: create backups for CRDs and their resources 2023-01-05 16:52:06 +01:00
BUILD.bazel attestation: add option for MAA fallback to verify azure's snp-sev id key digest (#1257) 2023-03-21 12:46:49 +01:00
cilium.patch deploy cilium via helmchart (#321) 2022-08-12 10:20:19 +02:00
client_test.go cli: only create resource backups if upgrade is executed (#1437) 2023-03-20 14:49:04 +01:00
client.go ci: add e2e-upgrade test 2023-03-23 14:57:38 +01:00
generateCertManager.sh AB#2589: Deploy operators via Helm (#575) 2022-11-21 10:35:40 +01:00
generateCilium.sh AB#2554 GCP CSI driver deployment (#532) 2022-11-18 10:05:02 +01:00
helm.go cli: add doc comments for helm 2023-03-03 15:02:22 +01:00
loader_test.go measurements: refactor validation option (#1462) 2023-03-22 11:47:39 +01:00
loader.go ci: add e2e-upgrade test 2023-03-23 14:57:38 +01:00
README.md Microservice upgrades (#729) 2022-12-19 16:52:15 +01:00
update-csi-charts.sh keyservice: use dash in container name (#1016) 2023-01-20 18:51:06 +01:00
values.go helm: add OpenStack charts 2023-03-21 10:51:09 +01:00

README.md

Chart upgrades

All services that are installed via helm-install are upgraded via helm-upgrade. Two aspects are not full covered by running helm-upgrade: CRDs and values. While helm-install can install CRDs if they are contained in a chart's crds folder, upgrade won't change any installed CRDs. Furthermore, new values introduced with a new version of a chart will not be installed into the cluster if the --reuse-values flag is set. Nevertheless, we have to rely on the values already present in the cluster because some of the values are set by the bootstrapper during installation. Because upgrades should be a CLI-only operation and we want to avoid the behaviour of --reuse-values, we fetch the cluster values and merge them with any new values.

Here is how we manage CRD upgrades for each chart.

Cilium

  • CRDs are updated by cilium-operator.

cert-manager

  • installCRDs flag is set during upgrade. This flag is managed by cert-manager. cert-manager is in charge of correctly upgrading the CRDs.
  • WARNING: upgrading cert-manager might break other installations of cert-manager in the cluster, if those other installation are not on the same version as the Constellation-manager installation. This is due to the cluster-wide CRDs.

Operators

  • Manually update CRDs before upgrading the chart. Update by running applying the CRDs found in the operators/crds/ folder.

Constellation-services

  • There currently are no CRDs in this chart.