k8s-infra-cherrypick-robot
5ad38a4d0d
[release-2.26] Fix `debian11-custom-cni` failing test & upgrade `debian12-custom-cni-helm` chart version ( #11658 )
* Test: update custom_cni values
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
* Test: fix cilium require kube_owner set to root
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
* Test: update custom_cni render manifests
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
* Test: fix render template pre-commit
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
* Test: update debian12-custom-cni-helm chart version to 1.16.3
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
---------
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
Co-authored-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
1 month ago
Max Gautier
7f527f6195
Drop support for RHEL 7 / CentOS 7 ( #11246 )
* Simplify docker systemd unit
systemd handles missing unit by ignoring the dependency so we don't need
to template them.
* Remove RHEL 7/CentOS 7 support
- remove ref in kubespray roles
- move CI from centos 7 to 8
- remove docs related to centos7
* Remove container-storage-setup
Only used for RHEL 7 and CentOS 7
2 months ago
Max Gautier
b0be5f2dad
Print the name of faulty jinja templates in pre-commit ( #11484 )
2 months ago
Takuya Murakami
60b323b17f
[CI] Add a CI job to test cluster upgrading, and fix bug of testcases_run.sh ( #11458 )
* Fix: fix testcases_run.sh for upgrade tests
Need to git checkout ${CI_COMMIT_SHA} before running upgrade playbook (revert #11173 partially)
* feat: add CI job to test upgrade
Add a packet_ubuntu22-calico-all-in-one-upgrade job
2 months ago
Vlad Korolev
9a7b021eb8
Do not use ‘yes/no’ for boolean values ( #11472 )
Consistent boolean values in ansible playbooks
2 months ago
dependabot[bot]
1798989f99
Bump molecule from 24.7.0 to 24.8.0 ( #11460 )
Bumps [molecule](https://github.com/ansible-community/molecule ) from 24.7.0 to 24.8.0.
- [Release notes](https://github.com/ansible-community/molecule/releases )
- [Commits](https://github.com/ansible-community/molecule/compare/v24.7.0...v24.8.0 )
---
updated-dependencies:
- dependency-name: molecule
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2 months ago
dependabot[bot]
171b0e60aa
Bump tox from 4.17.1 to 4.18.0 ( #11461 )
Bumps [tox](https://github.com/tox-dev/tox ) from 4.17.1 to 4.18.0.
- [Release notes](https://github.com/tox-dev/tox/releases )
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst )
- [Commits](https://github.com/tox-dev/tox/compare/4.17.1...4.18.0 )
---
updated-dependencies:
- dependency-name: tox
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 months ago
dependabot[bot]
ce9ba9a8bf
Bump tox from 4.16.0 to 4.17.1 ( #11442 )
Bumps [tox](https://github.com/tox-dev/tox ) from 4.16.0 to 4.17.1.
- [Release notes](https://github.com/tox-dev/tox/releases )
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst )
- [Commits](https://github.com/tox-dev/tox/compare/4.16.0...4.17.1 )
---
updated-dependencies:
- dependency-name: tox
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 months ago
Bas
dd51ef6f96
Bugfix/code inspection. ( #11384 )
- Make ansible-galaxy collection dependencies explicit
- Reorganized requirements.yml
- Adding required collections to galaxy.yml
- Ansible 9.6.0 was yanked on Pypi
- Sync pre-commit requirements with requirements.txt
Signed-off-by: Bas Meijer <bas.meijer@enexis.nl>
3 months ago
dependabot[bot]
8022eddb55
Bump ansible-lint from 24.6.1 to 24.7.0 ( #11380 )
Bumps [ansible-lint](https://github.com/ansible/ansible-lint ) from 24.6.1 to 24.7.0.
- [Release notes](https://github.com/ansible/ansible-lint/releases )
- [Commits](https://github.com/ansible/ansible-lint/compare/v24.6.1...v24.7.0 )
---
updated-dependencies:
- dependency-name: ansible-lint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 months ago
Bas
8f5f75211f
Improving yamllint configuration ( #11389 )
Signed-off-by: Bas Meijer <bas.meijer@enexis.nl>
4 months ago
dependabot[bot]
d993b2b8cf
Bump molecule from 24.2.1 to 24.7.0 ( #11373 )
Bumps [molecule](https://github.com/ansible-community/molecule ) from 24.2.1 to 24.7.0.
- [Release notes](https://github.com/ansible-community/molecule/releases )
- [Commits](https://github.com/ansible-community/molecule/compare/v24.2.1...v24.7.0 )
---
updated-dependencies:
- dependency-name: molecule
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 months ago
dependabot[bot]
c89f901595
Bump tox from 4.15.0 to 4.16.0 ( #11363 )
Bumps [tox](https://github.com/tox-dev/tox ) from 4.15.0 to 4.16.0.
- [Release notes](https://github.com/tox-dev/tox/releases )
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst )
- [Commits](https://github.com/tox-dev/tox/compare/4.15.0...4.16.0 )
---
updated-dependencies:
- dependency-name: tox
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 months ago
ChengHao Yang
474b259cf8
CI: Remove Debian 10 support & macvlan test move to Debian 12 ( #11347 )
* CI: macvlan test switch to debian 11 & default job
Signed-off-by: tico88612 <17496418+tico88612@users.noreply.github.com>
* CI: cilium-svc-proxy test switch to debian 12
Signed-off-by: tico88612 <17496418+tico88612@users.noreply.github.com>
* CI: remove debian 10 test
Signed-off-by: tico88612 <17496418+tico88612@users.noreply.github.com>
* Docs: remove debian 10 support
Signed-off-by: tico88612 <17496418+tico88612@users.noreply.github.com>
---------
Signed-off-by: tico88612 <17496418+tico88612@users.noreply.github.com>
4 months ago
dependabot[bot]
0be525c76f
Bump ansible-lint from 24.5.0 to 24.6.1 ( #11320 )
Bumps [ansible-lint](https://github.com/ansible/ansible-lint ) from 24.5.0 to 24.6.1.
- [Release notes](https://github.com/ansible/ansible-lint/releases )
- [Commits](https://github.com/ansible/ansible-lint/compare/v24.5.0...v24.6.1 )
---
updated-dependencies:
- dependency-name: ansible-lint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 months ago
Antoine Legrand
a0587e0b8e
CI: rework pipeline: short/extended based on labels ( #11324 )
* CI: reduce VM resources requests to improve scheduling
* CI: Reduce default jobs; add labels(ci-full/extended) to run more test
* CI: use jobs dependencies instead of stages
* precommit one-job
* CI: Use Kubevirt VM to run Molecule and Vagrant jobs
4 months ago
dependabot[bot]
eff4eec8de
Bump pytest-testinfra from 10.1.0 to 10.1.1
Bumps [pytest-testinfra](https://github.com/pytest-dev/pytest-testinfra ) from 10.1.0 to 10.1.1.
- [Release notes](https://github.com/pytest-dev/pytest-testinfra/releases )
- [Changelog](https://github.com/pytest-dev/pytest-testinfra/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pytest-dev/pytest-testinfra/compare/10.1.0...10.1.1 )
---
updated-dependencies:
- dependency-name: pytest-testinfra
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
5 months ago
Max Gautier
19851bb07c
collection-build-install convert to pre-commit
6 months ago
Max Gautier
7f7b65d388
Convert check_typo to pre-commit + use maintained version
client9/misspell is unmaintained, and has been forked by the golangci
team, see https://github.com/client9/misspell/issues/197#issuecomment-1596318684 .
They haven't yet added a pre-commit config, so use my fork with the
pre-commit hook config until the pull request is merged.
6 months ago
Max Gautier
d50f61eae5
pre-commit: apply autofixes hooks and fix the rest manually
- markdownlint (manual fix)
- end-of-file-fixer
- requirements-txt-fixer
- trailing-whitespace
6 months ago
Max Gautier
77bfb53455
Fix ci-matrix pre-commit hook
- Remove dependency of pydblite which fails to setup on recent pythons
- Discard shell script and put everything into pre-commit
6 months ago
dependabot[bot]
e54e7c0e1d
Bump ansible-lint from 24.2.3 to 24.5.0
Bumps [ansible-lint](https://github.com/ansible/ansible-lint ) from 24.2.3 to 24.5.0.
- [Release notes](https://github.com/ansible/ansible-lint/releases )
- [Commits](https://github.com/ansible/ansible-lint/compare/v24.2.3...v24.5.0 )
---
updated-dependencies:
- dependency-name: ansible-lint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
6 months ago
tico88612
f85111f6d4
CI: add ubuntu 24.04 support ( #11132 )
Signed-off-by: tico88612 <17496418+tico88612@users.noreply.github.com>
6 months ago
Payback159
5d01dfa179
add auto generate documentation sidebar script, introduce script as pre-commit-hook, adapt existing scripts to work with documentation structure
6 months ago
dependabot[bot]
f47ad82991
Bump ara[server] from 1.7.0 to 1.7.1 ( #11178 )
Bumps [ara[server]](https://github.com/ansible-community/ara ) from 1.7.0 to 1.7.1.
- [Commits](https://github.com/ansible-community/ara/compare/1.7.0...1.7.1 )
---
updated-dependencies:
- dependency-name: ara[server]
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6 months ago
Max Gautier
0b2533143f
Don't force python interpreter on ubuntu ( #11183 )
This allows local override in tasks for using virtualenvs.
6 months ago
dependabot[bot]
a8f58c244b
Bump yamllint from 1.32.0 to 1.35.1 ( #11177 )
Bumps [yamllint](https://github.com/adrienverge/yamllint ) from 1.32.0 to 1.35.1.
- [Changelog](https://github.com/adrienverge/yamllint/blob/master/CHANGELOG.rst )
- [Commits](https://github.com/adrienverge/yamllint/compare/v1.32.0...v1.35.1 )
---
updated-dependencies:
- dependency-name: yamllint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6 months ago
dependabot[bot]
8a1ee990a2
Bump molecule from 6.0.2 to 24.2.1 ( #11150 )
Bumps [molecule](https://github.com/ansible-community/molecule ) from 6.0.2 to 24.2.1.
- [Release notes](https://github.com/ansible-community/molecule/releases )
- [Commits](https://github.com/ansible-community/molecule/compare/v6.0.2...v24.2.1 )
---
updated-dependencies:
- dependency-name: molecule
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6 months ago
dependabot[bot]
523d016767
Bump pytest-testinfra from 9.0.0 to 10.1.0 ( #11149 )
Bumps [pytest-testinfra](https://github.com/pytest-dev/pytest-testinfra ) from 9.0.0 to 10.1.0.
- [Release notes](https://github.com/pytest-dev/pytest-testinfra/releases )
- [Changelog](https://github.com/pytest-dev/pytest-testinfra/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pytest-dev/pytest-testinfra/compare/9.0.0...10.1.0 )
---
updated-dependencies:
- dependency-name: pytest-testinfra
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6 months ago
Max Gautier
d321e42d9e
CI: Factorize ansible-playbook flags ( #11173 )
We have inconsistent sets of options passed to the playbooks during our
CI runs.
Don't run ansible-playbook directly, instead factorize the execution in
a bash function using all the common flags.
Also remove various ENABLE_* variables and instead directly test for the
relevant conditions at execution time, as this makes it more obvious and
does not force one to go back and forth in the script.
6 months ago
dependabot[bot]
edc33888a3
Bump ansible-lint from 6.22.2 to 24.2.3 ( #11151 )
Bumps [ansible-lint](https://github.com/ansible/ansible-lint ) from 6.22.2 to 24.2.3.
- [Release notes](https://github.com/ansible/ansible-lint/releases )
- [Commits](https://github.com/ansible/ansible-lint/compare/v6.22.2...v24.2.3 )
---
updated-dependencies:
- dependency-name: ansible-lint
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6 months ago
dependabot[bot]
cf0de0904c
Bump tzdata from 2023.3 to 2024.1 ( #11121 )
Bumps [tzdata](https://github.com/python/tzdata ) from 2023.3 to 2024.1.
- [Release notes](https://github.com/python/tzdata/releases )
- [Changelog](https://github.com/python/tzdata/blob/master/NEWS.md )
- [Commits](https://github.com/python/tzdata/compare/2023.3...2024.1 )
---
updated-dependencies:
- dependency-name: tzdata
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6 months ago
dependabot[bot]
d772350b04
Bump molecule-plugins[vagrant] from 23.5.0 to 23.5.3 ( #11120 )
Bumps [molecule-plugins[vagrant]](https://github.com/ansible-community/molecule-plugins ) from 23.5.0 to 23.5.3.
- [Release notes](https://github.com/ansible-community/molecule-plugins/releases )
- [Commits](https://github.com/ansible-community/molecule-plugins/compare/v23.5.0...v23.5.3 )
---
updated-dependencies:
- dependency-name: molecule-plugins[vagrant]
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6 months ago
dependabot[bot]
ff4e572e0c
Bump tox from 4.11.3 to 4.15.0 ( #11133 )
Bumps [tox](https://github.com/tox-dev/tox ) from 4.11.3 to 4.15.0.
- [Release notes](https://github.com/tox-dev/tox/releases )
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst )
- [Commits](https://github.com/tox-dev/tox/compare/4.11.3...4.15.0 )
---
updated-dependencies:
- dependency-name: tox
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6 months ago
Nicolas Goudry
c6fcbf6ee0
Remove access to cluster from anonymous users ( #11016 )
* feat: add user facing variable with default
* feat: remove rolebinding to anonymous users after init and upgrade
* feat: use file discovery for secondary control plane nodes
* feat: use file discovery for nodes
* fix: do not fail if rolebinding does not exist
* docs: add warning about kube_api_anonymous_auth
* style: improve readability of delegate_to parameter
* refactor: rename discovery kubeconfig file
* test: enable new variable in hardening and upgrade test cases
* docs: add option to config parameters
* test: multiple instances and upgrade
7 months ago
Max Gautier
ef95eb078a
Cleanup unused CI tooling ( #11014 )
8 months ago
Max Gautier
7f6ca804a1
Upgrade ansible-core to 2.16.4 ( #10984 )
* upgrade ansible version
Needed for with_first_found to work correctly:
https://github.com/ansible/ansible/issues/70772 fixed in 2.16
* Remove unused google cloud cloud_playbook
* Fix dpkg_selection on non-existing packages
Needed since ansible-core>2.16, see:
f10d11bcdc
8 months ago
Kay Yan
90b0151caf
support node feature discovery ( #10861 )
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
8 months ago
Max Gautier
9648300994
Add test for coredns_dual in CI ( #10903 )
9 months ago
Takuya Murakami
785366c2de
[kubernetes] Support kubernetes 1.29 ( #10820 )
* [kubernetes] Make kubernetes 1.29.1 default
* [cri-o]: support cri-o 1.29
Use "crio status" instead of "crio-status" for cri-o >=1.29.0
* Remove GAed feature gates SecCompDefault
The SecCompDefault feature gate was removed since k8s 1.29
https://github.com/kubernetes/kubernetes/pull/121246
9 months ago
Louis Tu
a88bad7947
Add scheduler plugins support ( #10747 )
Signed-off-by: tu1h <lihai.tu@daocloud.io>
10 months ago
yun
13e1f33898
Correct the POLY1305 cipher suites by adding the suffix _SHA256 ( #10641 )
10 months ago
Max Gautier
a9e29a9eb2
Fix etcd client generation ( #10769 )
* ci: redefine multinode to node-etcd-client
This should allow to catch several class of problem rather than just
one -> from network plugin such as calico or cilium talking directly to
the etcd.
* Dynamically define etcd host range
This has two benefits:
- We don't play the etcd role twice for no reason
- We have access to the whole cluster (if needed) to use things like
group_by.
10 months ago
Max Gautier
e90cae9344
Refactor check_galaxy + fix version ( #10729 )
* Remove checks for docs using exact tags
Instead use a more generic documentation for installing kubespray as a
collection from git.
* Check that we upgraded galaxy.yml to next version
This is only intented to check for human error. The version in galaxy
should be the next (which does not mean the same if we're on master or a
release branch).
* Set collection version to KUBESPRAY_NEXT_VERSION
10 months ago
Kay Yan
565eab901b
remove containerd registries ( #10738 )
11 months ago
Max Gautier
243ca5d08f
Add test case for calico using etcd datastore ( #10722 )
* Add multinode ci layout
* Add test case for calico using etcd datastore
11 months ago
Max Gautier
7395c27932
CI: Document the 'all-in-one' layout + small refactoring ( #10725 )
* Rename aio to all-in-one and document it
ADTM.
Acronyms don't tell much.
* Refactor vm_count in tests provisioning
11 months ago
Max Gautier
51069223f5
Decouple kubespray-defaults from download ( #10626 )
* Decouple role kubespray-defaults from download
Avoids doing re-importing the download role on every invocation of
kubespray-defaults (and skipping everything).
This has a measurable effect on playbook performance.
* Update docs refering to moved download defaults
11 months ago
Max Gautier
b31afe235f
Final ipaddr deprecation cleanup ( #10675 )
Followup of #10518
11 months ago
Max Gautier
d2944d2813
Check jinja templates for syntax error ( #10667 )
Allow to fail early (pre-commit time) for jinja error, rather than
waiting until executing the playbook and the invalid template.
I could not find a simple jinja pre-commit hook in the wild.
11 months ago