diff --git a/.evergreen-functions.yml b/.evergreen-functions.yml index 929d6b366..6b184845b 100644 --- a/.evergreen-functions.yml +++ b/.evergreen-functions.yml @@ -46,6 +46,8 @@ variables: - RELEASE_INITIAL_VERSION - RELEASE_INITIAL_COMMIT_SHA - OPERATOR_VERSION + - READINESS_PROBE_VERSION + - VERSION_UPGRADE_HOOK_VERSION - BUILD_SCENARIO functions: diff --git a/.evergreen-release.yml b/.evergreen-release.yml index 4010c3240..56a24e274 100644 --- a/.evergreen-release.yml +++ b/.evergreen-release.yml @@ -70,6 +70,24 @@ tasks: vars: IMAGE_NAME: database + - name: release_readiness_probe + tags: [ "image_release" ] + allowed_requesters: [ "patch", "github_tag" ] + commands: + - func: clone + - func: setup_building_host + - func: quay_login + - func: pipeline_readiness_probe + + - name: release_version_upgrade_hook + tags: [ "image_release" ] + allowed_requesters: [ "patch", "github_tag" ] + commands: + - func: clone + - func: setup_building_host + - func: quay_login + - func: pipeline_version_upgrade_hook + - name: prepare_and_upload_openshift_bundles tags: [ "openshift_bundles" ] allowed_requesters: [ "patch", "github_tag" ] @@ -121,6 +139,8 @@ buildvariants: - name: release_init_database - name: release_init_ops_manager - name: release_database + - name: release_readiness_probe + - name: release_version_upgrade_hook - name: preflight_release_images display_name: preflight_release_images diff --git a/build_info.json b/build_info.json index e57265f84..3cabb12fe 100644 --- a/build_info.json +++ b/build_info.json @@ -221,6 +221,7 @@ "release": { "sign": true, "olm-tag": true, + "skip-if-exists": true, "repositories": [ "quay.io/mongodb/mongodb-kubernetes-readinessprobe" ], @@ -250,6 +251,7 @@ "release": { "sign": true, "olm-tag": true, + "skip-if-exists": true, "repositories": ["quay.io/mongodb/mongodb-kubernetes-operator-version-upgrade-post-start-hook"], "platforms": [ "linux/arm64", diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index e8e9e35e7..d30904121 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -112,9 +112,9 @@ spec: - name: MDB_COMMUNITY_AGENT_IMAGE value: "quay.io/mongodb/mongodb-agent:108.0.2.8729-1" - name: VERSION_UPGRADE_HOOK_IMAGE - value: "quay.io/mongodb/mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.9" + value: "quay.io/mongodb/mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.10" - name: READINESS_PROBE_IMAGE - value: "quay.io/mongodb/mongodb-kubernetes-readinessprobe:1.0.22" + value: "quay.io/mongodb/mongodb-kubernetes-readinessprobe:1.0.23" - name: MDB_COMMUNITY_IMAGE value: "mongodb-community-server" - name: MDB_COMMUNITY_REPO_URL diff --git a/helm_chart/values.yaml b/helm_chart/values.yaml index 61e109c24..6fdd8244f 100644 --- a/helm_chart/values.yaml +++ b/helm_chart/values.yaml @@ -149,10 +149,10 @@ agent: # This is only used by the MongoDBCommunity resource reconciler - START versionUpgradeHook: name: mongodb-kubernetes-operator-version-upgrade-post-start-hook - version: 1.0.9 + version: 1.0.10 readinessProbe: name: mongodb-kubernetes-readinessprobe - version: 1.0.22 + version: 1.0.23 # This is only used by the MongoDBCommunity resource reconciler - END # This is used by AppDB and by static containers to determine the image that the operator uses for databases. diff --git a/mongodb-community-operator/config/crd/bases/mongodbcommunity.mongodb.com_mongodbcommunity.yaml b/mongodb-community-operator/config/crd/bases/mongodbcommunity.mongodb.com_mongodbcommunity.yaml deleted file mode 100644 index 42c2258d0..000000000 --- a/mongodb-community-operator/config/crd/bases/mongodbcommunity.mongodb.com_mongodbcommunity.yaml +++ /dev/null @@ -1,672 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - service.binding: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret - service.binding/connectionString: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=connectionString.standardSrv - service.binding/password: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=password - service.binding/provider: community - service.binding/type: mongodb - service.binding/username: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=username - name: mongodbcommunity.mongodbcommunity.mongodb.com -spec: - group: mongodbcommunity.mongodb.com - names: - kind: MongoDBCommunity - listKind: MongoDBCommunityList - plural: mongodbcommunity - shortNames: - - mdbc - singular: mongodbcommunity - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Current state of the MongoDB deployment - jsonPath: .status.phase - name: Phase - type: string - - description: Version of MongoDB server - jsonPath: .status.version - name: Version - type: string - name: v1 - schema: - openAPIV3Schema: - description: MongoDBCommunity is the Schema for the mongodbs API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: MongoDBCommunitySpec defines the desired state of MongoDB - properties: - additionalConnectionStringConfig: - description: Additional options to be appended to the connection string. - These options apply to the entire resource and to each user. - nullable: true - type: object - x-kubernetes-preserve-unknown-fields: true - additionalMongodConfig: - description: |- - AdditionalMongodConfig is additional configuration that can be passed to - each data-bearing mongod at runtime. Uses the same structure as the mongod - configuration file: https://www.mongodb.com/docs/manual/reference/configuration-options/ - nullable: true - type: object - x-kubernetes-preserve-unknown-fields: true - agent: - description: AgentConfiguration sets options for the MongoDB automation - agent - properties: - auditLogRotate: - description: AuditLogRotate if enabled, will enable AuditLogRotate - for all processes. - properties: - includeAuditLogsWithMongoDBLogs: - description: |- - set to 'true' to have the Automation Agent rotate the audit files along - with mongodb log files - type: boolean - numTotal: - description: maximum number of log files to have total - type: integer - numUncompressed: - description: maximum number of log files to leave uncompressed - type: integer - percentOfDiskspace: - description: |- - Maximum percentage of the total disk space these log files should take up. - The string needs to be able to be converted to float64 - type: string - sizeThresholdMB: - description: |- - Maximum size for an individual log file before rotation. - The string needs to be able to be converted to float64. - Fractional values of MB are supported. - type: string - timeThresholdHrs: - description: maximum hours for an individual log file before - rotation - type: integer - required: - - sizeThresholdMB - - timeThresholdHrs - type: object - logFile: - type: string - logLevel: - type: string - logRotate: - description: LogRotate if enabled, will enable LogRotate for all - processes. - properties: - includeAuditLogsWithMongoDBLogs: - description: |- - set to 'true' to have the Automation Agent rotate the audit files along - with mongodb log files - type: boolean - numTotal: - description: maximum number of log files to have total - type: integer - numUncompressed: - description: maximum number of log files to leave uncompressed - type: integer - percentOfDiskspace: - description: |- - Maximum percentage of the total disk space these log files should take up. - The string needs to be able to be converted to float64 - type: string - sizeThresholdMB: - description: |- - Maximum size for an individual log file before rotation. - The string needs to be able to be converted to float64. - Fractional values of MB are supported. - type: string - timeThresholdHrs: - description: maximum hours for an individual log file before - rotation - type: integer - required: - - sizeThresholdMB - - timeThresholdHrs - type: object - maxLogFileDurationHours: - type: integer - systemLog: - description: SystemLog configures system log of mongod - properties: - destination: - type: string - logAppend: - type: boolean - path: - type: string - required: - - destination - - logAppend - - path - type: object - type: object - arbiters: - description: |- - Arbiters is the number of arbiters to add to the Replica Set. - It is not recommended to have more than one arbiter per Replica Set. - More info: https://www.mongodb.com/docs/manual/tutorial/add-replica-set-arbiter/ - type: integer - automationConfig: - description: |- - AutomationConfigOverride is merged on top of the operator created automation config. Processes are merged - by name. Currently Only the process.disabled field is supported. - properties: - processes: - items: - description: OverrideProcess contains fields that we can override - on the AutomationConfig processes. - properties: - disabled: - type: boolean - logRotate: - description: CrdLogRotate is the crd definition of LogRotate - including fields in strings while the agent supports them - as float64 - properties: - includeAuditLogsWithMongoDBLogs: - description: |- - set to 'true' to have the Automation Agent rotate the audit files along - with mongodb log files - type: boolean - numTotal: - description: maximum number of log files to have total - type: integer - numUncompressed: - description: maximum number of log files to leave uncompressed - type: integer - percentOfDiskspace: - description: |- - Maximum percentage of the total disk space these log files should take up. - The string needs to be able to be converted to float64 - type: string - sizeThresholdMB: - description: |- - Maximum size for an individual log file before rotation. - The string needs to be able to be converted to float64. - Fractional values of MB are supported. - type: string - timeThresholdHrs: - description: maximum hours for an individual log file - before rotation - type: integer - required: - - sizeThresholdMB - - timeThresholdHrs - type: object - name: - type: string - required: - - disabled - - name - type: object - type: array - replicaSet: - properties: - settings: - description: |- - MapWrapper is a wrapper for a map to be used by other structs. - The CRD generator does not support map[string]interface{} - on the top level and hence we need to work around this with - a wrapping struct. - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - featureCompatibilityVersion: - description: |- - FeatureCompatibilityVersion configures the feature compatibility version that will - be set for the deployment - type: string - memberConfig: - description: MemberConfig - items: - properties: - priority: - type: string - tags: - additionalProperties: - type: string - type: object - votes: - type: integer - type: object - type: array - members: - description: Members is the number of members in the replica set - type: integer - prometheus: - description: Prometheus configurations. - properties: - metricsPath: - description: Indicates path to the metrics endpoint. - pattern: ^\/[a-z0-9]+$ - type: string - passwordSecretRef: - description: Name of a Secret containing a HTTP Basic Auth Password. - properties: - key: - description: Key is the key in the secret storing this password. - Defaults to "password" - type: string - name: - description: Name is the name of the secret storing this user's - password - type: string - required: - - name - type: object - port: - description: Port where metrics endpoint will bind to. Defaults - to 9216. - type: integer - tlsSecretKeyRef: - description: |- - Name of a Secret (type kubernetes.io/tls) holding the certificates to use in the - Prometheus endpoint. - properties: - key: - description: Key is the key in the secret storing this password. - Defaults to "password" - type: string - name: - description: Name is the name of the secret storing this user's - password - type: string - required: - - name - type: object - username: - description: HTTP Basic Auth Username for metrics endpoint. - type: string - required: - - passwordSecretRef - - username - type: object - replicaSetHorizons: - description: |- - ReplicaSetHorizons Add this parameter and values if you need your database - to be accessed outside of Kubernetes. This setting allows you to - provide different DNS settings within the Kubernetes cluster and - to the Kubernetes cluster. The Kubernetes Operator uses split horizon - DNS for replica set members. This feature allows communication both - within the Kubernetes cluster and from outside Kubernetes. - items: - additionalProperties: - type: string - type: object - type: array - security: - description: Security configures security features, such as TLS, and - authentication settings for a deployment - properties: - authentication: - properties: - agentCertificateSecretRef: - description: |- - AgentCertificateSecret is a reference to a Secret containing the certificate and the key for the automation agent - The secret needs to have available: - - certificate under key: "tls.crt" - - private key under key: "tls.key" - If additionally, tls.pem is present, then it needs to be equal to the concatenation of tls.crt and tls.key - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - type: object - x-kubernetes-map-type: atomic - agentMode: - description: AgentMode contains the authentication mode used - by the automation agent. - enum: - - SCRAM - - SCRAM-SHA-256 - - SCRAM-SHA-1 - - X509 - type: string - ignoreUnknownUsers: - default: true - nullable: true - type: boolean - modes: - description: Modes is an array specifying which authentication - methods should be enabled. - items: - enum: - - SCRAM - - SCRAM-SHA-256 - - SCRAM-SHA-1 - - X509 - type: string - type: array - required: - - modes - type: object - roles: - description: User-specified custom MongoDB roles that should be - configured in the deployment. - items: - description: CustomRole defines a custom MongoDB role. - properties: - authenticationRestrictions: - description: The authentication restrictions the server - enforces on the role. - items: - description: |- - AuthenticationRestriction specifies a list of IP addresses and CIDR ranges users - are allowed to connect to or from. - properties: - clientSource: - items: - type: string - type: array - serverAddress: - items: - type: string - type: array - required: - - clientSource - - serverAddress - type: object - type: array - db: - description: The database of the role. - type: string - privileges: - description: The privileges to grant the role. - items: - description: Privilege defines the actions a role is allowed - to perform on a given resource. - properties: - actions: - items: - type: string - type: array - resource: - description: |- - Resource specifies specifies the resources upon which a privilege permits actions. - See https://www.mongodb.com/docs/manual/reference/resource-document for more. - properties: - anyResource: - type: boolean - cluster: - type: boolean - collection: - type: string - db: - type: string - type: object - required: - - actions - - resource - type: object - type: array - role: - description: The name of the role. - type: string - roles: - description: An array of roles from which this role inherits - privileges. - items: - description: Role is the database role this user should - have - properties: - db: - description: DB is the database the role can act on - type: string - name: - description: Name is the name of the role - type: string - required: - - db - - name - type: object - type: array - required: - - db - - privileges - - role - type: object - type: array - tls: - description: TLS configuration for both client-server and server-server - communication - properties: - caCertificateSecretRef: - description: |- - CaCertificateSecret is a reference to a Secret containing the certificate for the CA which signed the server certificates - The certificate is expected to be available under the key "ca.crt" - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - type: object - x-kubernetes-map-type: atomic - caConfigMapRef: - description: |- - CaConfigMap is a reference to a ConfigMap containing the certificate for the CA which signed the server certificates - The certificate is expected to be available under the key "ca.crt" - This field is ignored when CaCertificateSecretRef is configured - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - type: object - x-kubernetes-map-type: atomic - certificateKeySecretRef: - description: |- - CertificateKeySecret is a reference to a Secret containing a private key and certificate to use for TLS. - The key and cert are expected to be PEM encoded and available at "tls.key" and "tls.crt". - This is the same format used for the standard "kubernetes.io/tls" Secret type, but no specific type is required. - Alternatively, an entry tls.pem, containing the concatenation of cert and key, can be provided. - If all of tls.pem, tls.crt and tls.key are present, the tls.pem one needs to be equal to the concatenation of tls.crt and tls.key - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - type: object - x-kubernetes-map-type: atomic - enabled: - type: boolean - optional: - description: Optional configures if TLS should be required - or optional for connections - type: boolean - required: - - enabled - type: object - type: object - statefulSet: - description: |- - StatefulSetConfiguration holds the optional custom StatefulSet - that should be merged into the operator created one. - properties: - metadata: - description: StatefulSetMetadataWrapper is a wrapper around Labels - and Annotations - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - spec - type: object - type: - description: Type defines which type of MongoDB deployment the resource - should create - enum: - - ReplicaSet - type: string - users: - description: Users specifies the MongoDB users that should be configured - in your deployment - items: - properties: - additionalConnectionStringConfig: - description: |- - Additional options to be appended to the connection string. - These options apply only to this user and will override any existing options in the resource. - nullable: true - type: object - x-kubernetes-preserve-unknown-fields: true - connectionStringSecretName: - description: |- - ConnectionStringSecretName is the name of the secret object created by the operator which exposes the connection strings for the user. - If provided, this secret must be different for each user in a deployment. - type: string - connectionStringSecretNamespace: - description: ConnectionStringSecretNamespace is the namespace - of the secret object created by the operator which exposes - the connection strings for the user. - type: string - db: - default: admin - description: DB is the database the user is stored in. Defaults - to "admin" - type: string - name: - description: Name is the username of the user - type: string - passwordSecretRef: - description: PasswordSecretRef is a reference to the secret - containing this user's password - properties: - key: - description: Key is the key in the secret storing this password. - Defaults to "password" - type: string - name: - description: Name is the name of the secret storing this - user's password - type: string - required: - - name - type: object - roles: - description: Roles is an array of roles assigned to this user - items: - description: Role is the database role this user should have - properties: - db: - description: DB is the database the role can act on - type: string - name: - description: Name is the name of the role - type: string - required: - - db - - name - type: object - type: array - scramCredentialsSecretName: - description: |- - ScramCredentialsSecretName appended by string "scram-credentials" is the name of the secret object created by the mongoDB operator for storing SCRAM credentials - These secrets names must be different for each user in a deployment. - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - - roles - type: object - type: array - version: - description: Version defines which version of MongoDB will be used - type: string - required: - - security - - type - - users - type: object - status: - description: MongoDBCommunityStatus defines the observed state of MongoDB - properties: - currentMongoDBArbiters: - type: integer - currentMongoDBMembers: - type: integer - currentStatefulSetArbitersReplicas: - type: integer - currentStatefulSetReplicas: - type: integer - message: - type: string - mongoUri: - type: string - phase: - type: string - version: - type: string - required: - - currentMongoDBMembers - - currentStatefulSetReplicas - - mongoUri - - phase - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/mongodb-community-operator/config/crd/kustomization.yaml b/mongodb-community-operator/config/crd/kustomization.yaml deleted file mode 100644 index 25eecc05f..000000000 --- a/mongodb-community-operator/config/crd/kustomization.yaml +++ /dev/null @@ -1,10 +0,0 @@ -# This kustomization.yaml is not intended to be run by itself, -# since it depends on service name and namespace that are out of this kustomize package. -# It should be run by config/default -resources: -- bases/mongodbcommunity.mongodb.com_mongodbcommunity.yaml -# +kubebuilder:scaffold:crdkustomizeresource - -# the following config is for teaching kustomize how to do kustomization for CRDs. -configurations: -- kustomizeconfig.yaml diff --git a/mongodb-community-operator/config/crd/kustomizeconfig.yaml b/mongodb-community-operator/config/crd/kustomizeconfig.yaml deleted file mode 100644 index ec5c150a9..000000000 --- a/mongodb-community-operator/config/crd/kustomizeconfig.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# This file is for teaching kustomize how to substitute name and namespace reference in CRD -nameReference: -- kind: Service - version: v1 - fieldSpecs: - - kind: CustomResourceDefinition - version: v1 - group: apiextensions.k8s.io - path: spec/conversion/webhook/clientConfig/service/name - -namespace: -- kind: CustomResourceDefinition - version: v1 - group: apiextensions.k8s.io - path: spec/conversion/webhook/clientConfig/service/namespace - create: false - -varReference: -- path: metadata/annotations diff --git a/mongodb-community-operator/config/default/kustomization.yaml b/mongodb-community-operator/config/default/kustomization.yaml deleted file mode 100644 index bd972fd91..000000000 --- a/mongodb-community-operator/config/default/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ -namePrefix: "" - -resources: - - ../crd - - ../rbac - - ../manager diff --git a/mongodb-community-operator/config/local_run/kustomization.yaml b/mongodb-community-operator/config/local_run/kustomization.yaml deleted file mode 100644 index 0a33b94d2..000000000 --- a/mongodb-community-operator/config/local_run/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ -# used to run the operator locally -namePrefix: "" - -resources: - - ../crd - - ../rbac diff --git a/mongodb-community-operator/config/manager/kustomization.yaml b/mongodb-community-operator/config/manager/kustomization.yaml deleted file mode 100644 index cb74a8d0e..000000000 --- a/mongodb-community-operator/config/manager/kustomization.yaml +++ /dev/null @@ -1,11 +0,0 @@ -resources: -- manager.yaml - -generatorOptions: - disableNameSuffixHash: true - -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -images: -- name: mongodb-kubernetes-operator - newName: quay.io/mongodb/mongodb-kubernetes-operator:0.5.0 diff --git a/mongodb-community-operator/config/manager/manager.yaml b/mongodb-community-operator/config/manager/manager.yaml deleted file mode 100644 index 4f64da811..000000000 --- a/mongodb-community-operator/config/manager/manager.yaml +++ /dev/null @@ -1,74 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - annotations: - email: support@mongodb.com - labels: - owner: mongodb - name: mongodb-kubernetes-operator -spec: - replicas: 1 - selector: - matchLabels: - name: mongodb-kubernetes-operator - strategy: - rollingUpdate: - maxUnavailable: 1 - type: RollingUpdate - template: - metadata: - labels: - name: mongodb-kubernetes-operator - spec: - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: name - operator: In - values: - - mongodb-kubernetes-operator - topologyKey: kubernetes.io/hostname - containers: - - command: - - /usr/local/bin/entrypoint - env: - - name: WATCH_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: OPERATOR_NAME - value: mongodb-kubernetes-operator - - name: AGENT_IMAGE - value: quay.io/mongodb/mongodb-agent:108.0.2.8729-1 - - name: VERSION_UPGRADE_HOOK_IMAGE - value: quay.io/mongodb/mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.9 - - name: READINESS_PROBE_IMAGE - value: quay.io/mongodb/mongodb-kubernetes-readinessprobe:1.0.22 - - name: MONGODB_IMAGE - value: mongodb-community-server - - name: MONGODB_REPO_URL - value: quay.io/mongodb - image: quay.io/mongodb/mongodb-kubernetes-operator:0.12.0 - imagePullPolicy: Always - name: mongodb-kubernetes-operator - resources: - limits: - cpu: 1100m - memory: 1Gi - requests: - cpu: 500m - memory: 200Mi - securityContext: - readOnlyRootFilesystem: true - runAsUser: 2000 - allowPrivilegeEscalation: false - securityContext: - seccompProfile: - type: RuntimeDefault - serviceAccountName: mongodb-kubernetes-operator diff --git a/mongodb-community-operator/config/rbac/kustomization.yaml b/mongodb-community-operator/config/rbac/kustomization.yaml deleted file mode 100644 index f1fe88a33..000000000 --- a/mongodb-community-operator/config/rbac/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -resources: -- role.yaml -- role_binding.yaml -- service_account.yaml -- service_account_database.yaml -- role_binding_database.yaml -- role_database.yaml diff --git a/mongodb-community-operator/config/rbac/role.yaml b/mongodb-community-operator/config/rbac/role.yaml deleted file mode 100644 index 6a9c42070..000000000 --- a/mongodb-community-operator/config/rbac/role.yaml +++ /dev/null @@ -1,46 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: mongodb-kubernetes-operator -rules: -- apiGroups: - - "" - resources: - - pods - - services - - configmaps - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - apps - resources: - - statefulsets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - mongodbcommunity.mongodb.com - resources: - - mongodbcommunity - - mongodbcommunity/status - - mongodbcommunity/spec - - mongodbcommunity/finalizers - verbs: - - get - - patch - - list - - update - - watch diff --git a/mongodb-community-operator/config/rbac/role_binding.yaml b/mongodb-community-operator/config/rbac/role_binding.yaml deleted file mode 100644 index b444f2d67..000000000 --- a/mongodb-community-operator/config/rbac/role_binding.yaml +++ /dev/null @@ -1,11 +0,0 @@ -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: mongodb-kubernetes-operator -subjects: -- kind: ServiceAccount - name: mongodb-kubernetes-operator -roleRef: - kind: Role - name: mongodb-kubernetes-operator - apiGroup: rbac.authorization.k8s.io diff --git a/mongodb-community-operator/config/rbac/role_binding_database.yaml b/mongodb-community-operator/config/rbac/role_binding_database.yaml deleted file mode 100644 index b02a52db3..000000000 --- a/mongodb-community-operator/config/rbac/role_binding_database.yaml +++ /dev/null @@ -1,11 +0,0 @@ -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: mongodb-database -subjects: -- kind: ServiceAccount - name: mongodb-database -roleRef: - kind: Role - name: mongodb-database - apiGroup: rbac.authorization.k8s.io diff --git a/mongodb-community-operator/config/rbac/role_database.yaml b/mongodb-community-operator/config/rbac/role_database.yaml deleted file mode 100644 index eaeef740b..000000000 --- a/mongodb-community-operator/config/rbac/role_database.yaml +++ /dev/null @@ -1,19 +0,0 @@ -kind: Role -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: mongodb-database -rules: - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - apiGroups: - - "" - resources: - - pods - verbs: - - patch - - delete - - get diff --git a/mongodb-community-operator/config/rbac/service_account.yaml b/mongodb-community-operator/config/rbac/service_account.yaml deleted file mode 100644 index 2740f6caf..000000000 --- a/mongodb-community-operator/config/rbac/service_account.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mongodb-kubernetes-operator diff --git a/mongodb-community-operator/config/rbac/service_account_database.yaml b/mongodb-community-operator/config/rbac/service_account_database.yaml deleted file mode 100644 index b24ae9d58..000000000 --- a/mongodb-community-operator/config/rbac/service_account_database.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mongodb-database diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_cr.yaml b/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_cr.yaml deleted file mode 100644 index 89fe86096..000000000 --- a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_cr.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- -apiVersion: mongodbcommunity.mongodb.com/v1 -kind: MongoDBCommunity -metadata: - name: example-mongodb -spec: - members: 3 - type: ReplicaSet - version: "6.0.5" - security: - authentication: - modes: ["SCRAM"] - users: - - name: my-user - db: admin - passwordSecretRef: # a reference to the secret that will be used to generate the user's password - name: my-user-password - roles: - - name: clusterAdmin - db: admin - - name: userAdminAnyDatabase - db: admin - scramCredentialsSecretName: my-scram - additionalMongodConfig: - storage.wiredTiger.engineConfig.journalCompressor: zlib - -# the user credentials will be generated from this secret -# once the credentials are generated, this secret is no longer required ---- -apiVersion: v1 -kind: Secret -metadata: - name: my-user-password -type: Opaque -stringData: - password: diff --git a/public/mongodb-kubernetes-multi-cluster.yaml b/public/mongodb-kubernetes-multi-cluster.yaml index fdc348662..55292d334 100644 --- a/public/mongodb-kubernetes-multi-cluster.yaml +++ b/public/mongodb-kubernetes-multi-cluster.yaml @@ -421,9 +421,9 @@ spec: - name: MDB_COMMUNITY_AGENT_IMAGE value: "quay.io/mongodb/mongodb-agent:108.0.2.8729-1" - name: VERSION_UPGRADE_HOOK_IMAGE - value: "quay.io/mongodb/mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.9" + value: "quay.io/mongodb/mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.10" - name: READINESS_PROBE_IMAGE - value: "quay.io/mongodb/mongodb-kubernetes-readinessprobe:1.0.22" + value: "quay.io/mongodb/mongodb-kubernetes-readinessprobe:1.0.23" - name: MDB_COMMUNITY_IMAGE value: "mongodb-community-server" - name: MDB_COMMUNITY_REPO_URL diff --git a/public/mongodb-kubernetes-openshift.yaml b/public/mongodb-kubernetes-openshift.yaml index 8cd4c8d76..5ec4a4d49 100644 --- a/public/mongodb-kubernetes-openshift.yaml +++ b/public/mongodb-kubernetes-openshift.yaml @@ -416,9 +416,9 @@ spec: - name: MDB_COMMUNITY_AGENT_IMAGE value: "quay.io/mongodb/mongodb-agent:108.0.2.8729-1" - name: VERSION_UPGRADE_HOOK_IMAGE - value: "quay.io/mongodb/mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.9" + value: "quay.io/mongodb/mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.10" - name: READINESS_PROBE_IMAGE - value: "quay.io/mongodb/mongodb-kubernetes-readinessprobe:1.0.22" + value: "quay.io/mongodb/mongodb-kubernetes-readinessprobe:1.0.23" - name: MDB_COMMUNITY_IMAGE value: "mongodb-community-server" - name: MDB_COMMUNITY_REPO_URL diff --git a/public/mongodb-kubernetes.yaml b/public/mongodb-kubernetes.yaml index da283ac3c..6a97c0bcf 100644 --- a/public/mongodb-kubernetes.yaml +++ b/public/mongodb-kubernetes.yaml @@ -417,9 +417,9 @@ spec: - name: MDB_COMMUNITY_AGENT_IMAGE value: "quay.io/mongodb/mongodb-agent:108.0.2.8729-1" - name: VERSION_UPGRADE_HOOK_IMAGE - value: "quay.io/mongodb/mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.9" + value: "quay.io/mongodb/mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.10" - name: READINESS_PROBE_IMAGE - value: "quay.io/mongodb/mongodb-kubernetes-readinessprobe:1.0.22" + value: "quay.io/mongodb/mongodb-kubernetes-readinessprobe:1.0.23" - name: MDB_COMMUNITY_IMAGE value: "mongodb-community-server" - name: MDB_COMMUNITY_REPO_URL diff --git a/mongodb-community-operator/config/samples/arbitrary_statefulset_configuration/mongodb.com_v1_custom_volume_cr.yaml b/public/samples/community/arbitrary_statefulset_configuration/mongodb.com_v1_custom_volume_cr.yaml similarity index 100% rename from mongodb-community-operator/config/samples/arbitrary_statefulset_configuration/mongodb.com_v1_custom_volume_cr.yaml rename to public/samples/community/arbitrary_statefulset_configuration/mongodb.com_v1_custom_volume_cr.yaml diff --git a/mongodb-community-operator/config/samples/arbitrary_statefulset_configuration/mongodb.com_v1_hostpath.yaml b/public/samples/community/arbitrary_statefulset_configuration/mongodb.com_v1_hostpath.yaml similarity index 100% rename from mongodb-community-operator/config/samples/arbitrary_statefulset_configuration/mongodb.com_v1_hostpath.yaml rename to public/samples/community/arbitrary_statefulset_configuration/mongodb.com_v1_hostpath.yaml diff --git a/mongodb-community-operator/config/samples/arbitrary_statefulset_configuration/mongodb.com_v1_metadata.yaml b/public/samples/community/arbitrary_statefulset_configuration/mongodb.com_v1_metadata.yaml similarity index 100% rename from mongodb-community-operator/config/samples/arbitrary_statefulset_configuration/mongodb.com_v1_metadata.yaml rename to public/samples/community/arbitrary_statefulset_configuration/mongodb.com_v1_metadata.yaml diff --git a/mongodb-community-operator/config/samples/external_access/agent-certificate.yaml b/public/samples/community/external_access/agent-certificate.yaml similarity index 100% rename from mongodb-community-operator/config/samples/external_access/agent-certificate.yaml rename to public/samples/community/external_access/agent-certificate.yaml diff --git a/mongodb-community-operator/config/samples/external_access/cert-manager-certificate.yaml b/public/samples/community/external_access/cert-manager-certificate.yaml similarity index 100% rename from mongodb-community-operator/config/samples/external_access/cert-manager-certificate.yaml rename to public/samples/community/external_access/cert-manager-certificate.yaml diff --git a/mongodb-community-operator/config/samples/external_access/cert-manager-issuer.yaml b/public/samples/community/external_access/cert-manager-issuer.yaml similarity index 100% rename from mongodb-community-operator/config/samples/external_access/cert-manager-issuer.yaml rename to public/samples/community/external_access/cert-manager-issuer.yaml diff --git a/mongodb-community-operator/config/samples/external_access/cert-x509.yaml b/public/samples/community/external_access/cert-x509.yaml similarity index 100% rename from mongodb-community-operator/config/samples/external_access/cert-x509.yaml rename to public/samples/community/external_access/cert-x509.yaml diff --git a/mongodb-community-operator/config/samples/external_access/external_services.yaml b/public/samples/community/external_access/external_services.yaml similarity index 100% rename from mongodb-community-operator/config/samples/external_access/external_services.yaml rename to public/samples/community/external_access/external_services.yaml diff --git a/mongodb-community-operator/config/samples/external_access/mongodb.com_v1_mongodbcommunity_cr.yaml b/public/samples/community/external_access/mongodb.com_v1_mongodbcommunity_cr.yaml similarity index 100% rename from mongodb-community-operator/config/samples/external_access/mongodb.com_v1_mongodbcommunity_cr.yaml rename to public/samples/community/external_access/mongodb.com_v1_mongodbcommunity_cr.yaml diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_additional_connection_string_options.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_additional_connection_string_options.yaml similarity index 100% rename from mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_additional_connection_string_options.yaml rename to public/samples/community/mongodb.com_v1_mongodbcommunity_additional_connection_string_options.yaml diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_additional_mongod_config_cr.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_additional_mongod_config_cr.yaml similarity index 100% rename from mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_additional_mongod_config_cr.yaml rename to public/samples/community/mongodb.com_v1_mongodbcommunity_additional_mongod_config_cr.yaml diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_connection_string_secret_namespace.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_connection_string_secret_namespace.yaml similarity index 100% rename from mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_connection_string_secret_namespace.yaml rename to public/samples/community/mongodb.com_v1_mongodbcommunity_connection_string_secret_namespace.yaml diff --git a/public/samples/community/mongodb.com_v1_mongodbcommunity_cr.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_cr.yaml index 65d8e68c1..89fe86096 100644 --- a/public/samples/community/mongodb.com_v1_mongodbcommunity_cr.yaml +++ b/public/samples/community/mongodb.com_v1_mongodbcommunity_cr.yaml @@ -33,4 +33,4 @@ metadata: name: my-user-password type: Opaque stringData: - password: test123 + password: diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_cr_podantiaffinity.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_cr_podantiaffinity.yaml similarity index 100% rename from mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_cr_podantiaffinity.yaml rename to public/samples/community/mongodb.com_v1_mongodbcommunity_cr_podantiaffinity.yaml diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_custom_role.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_custom_role.yaml similarity index 100% rename from mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_custom_role.yaml rename to public/samples/community/mongodb.com_v1_mongodbcommunity_custom_role.yaml diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_disabled_process_cr.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_disabled_process_cr.yaml similarity index 100% rename from mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_disabled_process_cr.yaml rename to public/samples/community/mongodb.com_v1_mongodbcommunity_disabled_process_cr.yaml diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_ignore_unkown_users_cr.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_ignore_unkown_users_cr.yaml similarity index 100% rename from mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_ignore_unkown_users_cr.yaml rename to public/samples/community/mongodb.com_v1_mongodbcommunity_ignore_unkown_users_cr.yaml diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_openshift_cr.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_openshift_cr.yaml similarity index 100% rename from mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_openshift_cr.yaml rename to public/samples/community/mongodb.com_v1_mongodbcommunity_openshift_cr.yaml diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_override_ac_setting.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_override_ac_setting.yaml similarity index 100% rename from mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_override_ac_setting.yaml rename to public/samples/community/mongodb.com_v1_mongodbcommunity_override_ac_setting.yaml diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_prometheus.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_prometheus.yaml similarity index 100% rename from mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_prometheus.yaml rename to public/samples/community/mongodb.com_v1_mongodbcommunity_prometheus.yaml diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_readiness_probe_values.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_readiness_probe_values.yaml similarity index 100% rename from mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_readiness_probe_values.yaml rename to public/samples/community/mongodb.com_v1_mongodbcommunity_readiness_probe_values.yaml diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_specify_pod_resources.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_specify_pod_resources.yaml similarity index 100% rename from mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_specify_pod_resources.yaml rename to public/samples/community/mongodb.com_v1_mongodbcommunity_specify_pod_resources.yaml diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_tls_cr.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_tls_cr.yaml similarity index 100% rename from mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_tls_cr.yaml rename to public/samples/community/mongodb.com_v1_mongodbcommunity_tls_cr.yaml diff --git a/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_x509.yaml b/public/samples/community/mongodb.com_v1_mongodbcommunity_x509.yaml similarity index 100% rename from mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_x509.yaml rename to public/samples/community/mongodb.com_v1_mongodbcommunity_x509.yaml diff --git a/release.json b/release.json index a7ad646a4..828b0a4a3 100644 --- a/release.json +++ b/release.json @@ -8,6 +8,8 @@ "initAppDbVersion": "1.4.0", "databaseImageVersion": "1.4.0", "agentVersion": "108.0.12.8846-1", + "readinessProbeVersion": "1.0.23", + "versionUpgradeHookVersion": "1.0.10", "openshift": { "minimumSupportedVersion": "4.6" }, @@ -15,24 +17,6 @@ "version": "0.53.1" }, "supportedImages": { - "readinessprobe": { - "ssdlc_name": "MongoDB Controllers for Kubernetes Readiness Probe", - "versions": [ - "1.0.22" - ], - "variants": [ - "ubi" - ] - }, - "operator-version-upgrade-post-start-hook": { - "ssdlc_name": "MongoDB Controllers for Kubernetes Operator Version Upgrade Hook", - "versions": [ - "1.0.9" - ], - "variants": [ - "ubi" - ] - }, "ops-manager": { "ssdlc_name": "MongoDB Controllers for Kubernetes Enterprise Ops Manager", "versions": [ diff --git a/scripts/dev/contexts/evg-private-context b/scripts/dev/contexts/evg-private-context index 93374a409..2157a716e 100644 --- a/scripts/dev/contexts/evg-private-context +++ b/scripts/dev/contexts/evg-private-context @@ -116,8 +116,8 @@ fi echo "Setting BUILD_SCENARIO=${BUILD_SCENARIO}" export BUILD_SCENARIO="${BUILD_SCENARIO}" -# Set REGISTRY and OPERATOR_VERSION based on build scenario -# REGISTRY and OPERATOR_VERSION can be overridden externally if needed +# Set REGISTRY and OPERATOR_VERSION, READINESS_PROBE_VERSION, VERSION_UPGRADE_HOOK_VERSION based on build scenario +# REGISTRY and OPERATOR_VERSION, READINESS_PROBE_VERSION, VERSION_UPGRADE_HOOK_VERSION can be overridden externally if needed PATCH_REGISTRY="268558157000.dkr.ecr.us-east-1.amazonaws.com/dev" STAGING_REGISTRY="268558157000.dkr.ecr.us-east-1.amazonaws.com/staging" RELEASE_REGISTRY="quay.io/mongodb" @@ -125,17 +125,25 @@ case $BUILD_SCENARIO in "${BUILD_SCENARIO_RELEASE}") REGISTRY="${REGISTRY:-$RELEASE_REGISTRY}" OPERATOR_VERSION="${OPERATOR_VERSION:-$GIT_TAG}" + READINESS_PROBE_VERSION_FROM_RELEASE_JSON="$(jq -r '.readinessProbeVersion' "${PROJECT_DIR}/release.json")" + READINESS_PROBE_VERSION="${READINESS_PROBE_VERSION:-$READINESS_PROBE_VERSION_FROM_RELEASE_JSON}" + VERSION_UPGRADE_HOOK_VERSION_FROM_RELEASE_JSON="$(jq -r '.versionUpgradeHookVersion' "${PROJECT_DIR}/release.json")" + VERSION_UPGRADE_HOOK_VERSION="${VERSION_UPGRADE_HOOK_VERSION:-$VERSION_UPGRADE_HOOK_VERSION_FROM_RELEASE_JSON}" ;; "${BUILD_SCENARIO_STAGING}") COMMIT_SHA_SHORT=$(git rev-parse --short=8 HEAD) REGISTRY="${REGISTRY:-$STAGING_REGISTRY}" OPERATOR_VERSION="${OPERATOR_VERSION:-$COMMIT_SHA_SHORT}" + READINESS_PROBE_VERSION="${READINESS_PROBE_VERSION:-$COMMIT_SHA_SHORT}" + VERSION_UPGRADE_HOOK_VERSION="${VERSION_UPGRADE_HOOK_VERSION:-$COMMIT_SHA_SHORT}" ;; "${BUILD_SCENARIO_PATCH}") REGISTRY="${REGISTRY:-$PATCH_REGISTRY}" OPERATOR_VERSION="${OPERATOR_VERSION:-$VERSION_ID}" + READINESS_PROBE_VERSION="${READINESS_PROBE_VERSION:-$VERSION_ID}" + VERSION_UPGRADE_HOOK_VERSION="${VERSION_UPGRADE_HOOK_VERSION:-$VERSION_ID}" ;; *) @@ -143,6 +151,4 @@ case $BUILD_SCENARIO in exit 1 ;; esac -echo "Setting REGISTRY=${REGISTRY} and OPERATOR_VERSION=${OPERATOR_VERSION} for ${BUILD_SCENARIO} build scenario" -export OPERATOR_VERSION="${OPERATOR_VERSION}" -export REGISTRY="${REGISTRY}" +echo "Setting REGISTRY=${REGISTRY} and OPERATOR_VERSION=${OPERATOR_VERSION}, READINESS_PROBE_VERSION=${READINESS_PROBE_VERSION}, VERSION_UPGRADE_HOOK_VERSION=${VERSION_UPGRADE_HOOK_VERSION} for ${BUILD_SCENARIO} build scenario" diff --git a/scripts/dev/contexts/prerelease_kind_code_snippets b/scripts/dev/contexts/prerelease_kind_code_snippets index 4043785d8..ee8ad3601 100644 --- a/scripts/dev/contexts/prerelease_kind_code_snippets +++ b/scripts/dev/contexts/prerelease_kind_code_snippets @@ -13,6 +13,4 @@ export CODE_SNIPPETS_FLAVOR=e2e_prerelease export CODE_SNIPPETS_COMMIT_OUTPUT=true export ops_manager_version="cloud_qa" -export ops_manager_version="cloud_qa" - export PRERELEASE_IMAGE_PULLSECRET="${PRERELEASE_PULLSECRET_DOCKERCONFIGJSON}" diff --git a/scripts/dev/contexts/root-context b/scripts/dev/contexts/root-context index 714aa15cf..9869b277f 100644 --- a/scripts/dev/contexts/root-context +++ b/scripts/dev/contexts/root-context @@ -46,25 +46,24 @@ export OPS_MANAGER_NAMESPACE="operator-testing-50-current" # Moved from the old set_env_context.sh export LOCAL_RUN=true -OPERATOR_VERSION=${OPERATOR_VERSION:-"latest"} -READINESS_PROBE_VERSION=${READINESS_PROBE_VERSION:-"latest"} -VERSION_UPGRADE_HOOK_VERSION=${VERSION_UPGRADE_HOOK_VERSION:-"latest"} if [[ "${OVERRIDE_VERSION_ID:-}" != "" ]]; then + echo "Overriding operator related versions with ${OVERRIDE_VERSION_ID}" OPERATOR_VERSION="${OVERRIDE_VERSION_ID}" READINESS_PROBE_VERSION="${OVERRIDE_VERSION_ID}" VERSION_UPGRADE_HOOK_VERSION="${OVERRIDE_VERSION_ID}" fi -export OPERATOR_VERSION="${OPERATOR_VERSION}" +export OPERATOR_VERSION="${OPERATOR_VERSION:-"latest"}" export INIT_APPDB_VERSION="${INIT_APPDB_VERSION:-${OPERATOR_VERSION}}" export INIT_DATABASE_VERSION="${INIT_DATABASE_VERSION:-${OPERATOR_VERSION}}" export INIT_OPS_MANAGER_VERSION="${INIT_OPS_MANAGER_VERSION:-${OPERATOR_VERSION}}" export DATABASE_VERSION="${DATABASE_VERSION:-${OPERATOR_VERSION}}" -export READINESS_PROBE_VERSION -export VERSION_UPGRADE_HOOK_VERSION +export READINESS_PROBE_VERSION="${READINESS_PROBE_VERSION:-"latest"}" +export VERSION_UPGRADE_HOOK_VERSION="${VERSION_UPGRADE_HOOK_VERSION:-"latest"}" ### Registries and images export QUAY_REGISTRY="quay.io/mongodb" +export REGISTRY=${REGISTRY} export OPERATOR_REGISTRY=${OPERATOR_REGISTRY:-${REGISTRY}} export INIT_IMAGES_REGISTRY=${INIT_IMAGES_REGISTRY:-${REGISTRY}} diff --git a/scripts/evergreen/release/update_helm_values_files.py b/scripts/evergreen/release/update_helm_values_files.py index e9eeef938..216d74d4b 100755 --- a/scripts/evergreen/release/update_helm_values_files.py +++ b/scripts/evergreen/release/update_helm_values_files.py @@ -27,6 +27,8 @@ "initAppDbVersion": "initAppDb", "databaseImageVersion": "database", "agentVersion": "agent", + "readinessProbeVersion": "readinessProbe", + "versionUpgradeHookVersion": "versionUpgradeHook", } diff --git a/scripts/release/atomic_pipeline.py b/scripts/release/atomic_pipeline.py index 670269c46..78ed90baa 100755 --- a/scripts/release/atomic_pipeline.py +++ b/scripts/release/atomic_pipeline.py @@ -25,7 +25,10 @@ generate_tools_build_args, ) from scripts.release.build.image_build_configuration import ImageBuildConfiguration -from scripts.release.build.image_build_process import execute_docker_build +from scripts.release.build.image_build_process import ( + check_if_image_exists, + execute_docker_build, +) from scripts.release.build.image_signing import ( mongodb_artifactory_login, sign_image, @@ -74,12 +77,20 @@ def build_image( # Build the image once with all repository tags tags = [] for registry in registries: - tags.append(f"{registry}:{build_configuration.version}") - if build_configuration.latest_tag: - tags.append(f"{registry}:latest") - if build_configuration.olm_tag: - olm_tag = create_olm_version_tag(build_configuration.version) - tags.append(f"{registry}:{olm_tag}") + tag = f"{registry}:{build_configuration.version}" + if build_configuration.skip_if_exists and check_if_image_exists(tag): + logger.info(f"Image with tag {tag} already exists. Skipping it.") + else: + tags.append(tag) + if build_configuration.latest_tag: + tags.append(f"{registry}:latest") + if build_configuration.olm_tag: + olm_tag = create_olm_version_tag(build_configuration.version) + tags.append(f"{registry}:{olm_tag}") + + if not tags: + logger.info("All specified image tags already exist. Skipping build.") + return logger.info( f"Building image with tags {tags} for platforms={build_configuration.platforms}, dockerfile args: {build_args}" diff --git a/scripts/release/build/build_info.py b/scripts/release/build/build_info.py index a1cf8c60f..67367a0c1 100644 --- a/scripts/release/build/build_info.py +++ b/scripts/release/build/build_info.py @@ -26,6 +26,7 @@ class ImageInfo: sign: bool = False latest_tag: bool = False olm_tag: bool = False + skip_if_exists: bool = False @dataclass @@ -78,6 +79,7 @@ def load_build_info(scenario: BuildScenario) -> BuildInfo: sign=scenario_data.get("sign", False), latest_tag=scenario_data.get("latest-tag", False), olm_tag=scenario_data.get("olm-tag", False), + skip_if_exists=scenario_data.get("skip-if-exists", False), ) binaries = {} diff --git a/scripts/release/build/image_build_configuration.py b/scripts/release/build/image_build_configuration.py index b62718276..8951299ea 100644 --- a/scripts/release/build/image_build_configuration.py +++ b/scripts/release/build/image_build_configuration.py @@ -14,11 +14,13 @@ class ImageBuildConfiguration: olm_tag: bool registries: List[str] dockerfile_path: str + platforms: Optional[List[str]] = None + sign: bool = False + skip_if_exists: bool = False + # Agent specific parallel: bool = False parallel_factor: int = 0 - platforms: Optional[List[str]] = None - sign: bool = False all_agents: bool = False currently_used_agents: bool = False diff --git a/scripts/release/build/image_build_process.py b/scripts/release/build/image_build_process.py index 02084a84a..3ad006de2 100644 --- a/scripts/release/build/image_build_process.py +++ b/scripts/release/build/image_build_process.py @@ -40,6 +40,21 @@ def ecr_login_boto3(region: str, account_id: str): logger.debug(f"ECR login succeeded: {status}") +def check_if_image_exists(image_tag: str) -> bool: + docker_cmd = python_on_whales.docker + + try: + docker_cmd.buildx.imagetools.inspect(image_tag) + except DockerException as e: + decoded_stderr = e.stderr.lower() + if any(str(error) in decoded_stderr for error in ["no such image", "image not known", "not found"]): + return False + else: + raise e + else: + return True + + def ensure_buildx_builder(builder_name: str = DEFAULT_BUILDER_NAME) -> str: """ Ensures a Docker Buildx builder exists for multi-platform builds. @@ -73,13 +88,13 @@ def ensure_buildx_builder(builder_name: str = DEFAULT_BUILDER_NAME) -> str: def execute_docker_build( - tags: list[str], - dockerfile: str, - path: str, args: - Dict[str, str], - push: bool, - platforms: list[str], - builder_name: str = DEFAULT_BUILDER_NAME, + tags: list[str], + dockerfile: str, + path: str, args: + Dict[str, str], + push: bool, + platforms: list[str], + builder_name: str = DEFAULT_BUILDER_NAME, ): """ Build a Docker image using python_on_whales and Docker Buildx for multi-architecture support. diff --git a/scripts/release/pipeline.py b/scripts/release/pipeline.py index 254122283..55c107953 100644 --- a/scripts/release/pipeline.py +++ b/scripts/release/pipeline.py @@ -118,6 +118,7 @@ def image_build_config_from_args(args) -> ImageBuildConfiguration: platforms = get_platforms_from_arg(args.platform) or image_build_info.platforms sign = args.sign or image_build_info.sign dockerfile_path = image_build_info.dockerfile_path + skip_if_exists = image_build_info.skip_if_exists # Validate version - only agent can have None version as the versions are managed by the agent # which are externally retrieved from release.json @@ -131,9 +132,10 @@ def image_build_config_from_args(args) -> ImageBuildConfiguration: olm_tag=olm_tag, registries=registries, dockerfile_path=dockerfile_path, - parallel=args.parallel, platforms=platforms, sign=sign, + skip_if_exists=skip_if_exists, + parallel=args.parallel, parallel_factor=args.parallel_factor, all_agents=args.all_agents, currently_used_agents=args.current_agents, diff --git a/scripts/release/tests/build_info_test.py b/scripts/release/tests/build_info_test.py index d5f169f5e..f46039b7e 100644 --- a/scripts/release/tests/build_info_test.py +++ b/scripts/release/tests/build_info_test.py @@ -330,6 +330,7 @@ def test_load_build_info_release(): repositories=["quay.io/mongodb/mongodb-kubernetes-readinessprobe"], platforms=["linux/arm64", "linux/amd64"], dockerfile_path="docker/mongodb-kubernetes-readinessprobe/Dockerfile", + skip_if_exists=True, olm_tag=True, sign=True, ), @@ -337,6 +338,7 @@ def test_load_build_info_release(): repositories=["quay.io/mongodb/mongodb-kubernetes-operator-version-upgrade-post-start-hook"], platforms=["linux/arm64", "linux/amd64"], dockerfile_path="docker/mongodb-kubernetes-upgrade-hook/Dockerfile", + skip_if_exists=True, olm_tag=True, sign=True, ),