Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Switch to repos to maintaned pkgs.k8s.io #657

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
54 changes: 43 additions & 11 deletions manifests/repos.pp
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@
# @param container_runtime
# This is the runtime that the Kubernetes cluster will use.
# It can only be set to "cri_containerd" or "docker". Defaults to cri_containerd
# @param kubernetes_version
# The kubernetes version used to determine major release version.
# @param kubernetes_apt_location
# The APT repo URL for the Kubernetes packages. Defaults to https://apt.kubernetes.io
# @param kubernetes_apt_release
Expand Down Expand Up @@ -40,6 +42,7 @@
#
class kubernetes::repos (
String $container_runtime = $kubernetes::container_runtime,
Optional[String] $kubernetes_version = $kubernetes::kubernetes_version,
Optional[String] $kubernetes_apt_location = $kubernetes::kubernetes_apt_location,
Optional[String] $kubernetes_apt_release = $kubernetes::kubernetes_apt_release,
Optional[String] $kubernetes_apt_repos = $kubernetes::kubernetes_apt_repos,
Expand All @@ -60,19 +63,47 @@

) {
if $create_repos {
$parts = split($kubernetes_version, '[.]')
$minor_version = "${parts[0]}.${parts[1]}"
$_repos = $kubernetes_apt_repos ? {
undef => '',
default => $kubernetes_apt_repos
}
case $facts['os']['family'] {
'Debian': {
$codename = fact('os.distro.codename')
apt::source { 'kubernetes':
location => pick($kubernetes_apt_location,'https://apt.kubernetes.io'),
repos => pick($kubernetes_apt_repos,'main'),
release => pick($kubernetes_apt_release,'kubernetes-xenial'),
key => {
'id' => pick($kubernetes_key_id,'A362B822F6DEDC652817EA46B53DC80D13EDEF05'),
'source' => pick($kubernetes_key_source,'https://packages.cloud.google.com/apt/doc/apt-key.gpg'),
},
location => pick($kubernetes_apt_location,"https://pkgs.k8s.io/core:/stable:/v${minor_version}/deb"),
release => pick($kubernetes_apt_release, '/'),
repos => $_repos,
}

if $kubernetes_apt_location =~ String[1] {
Apt::Source<| title == 'kubernetes' |> {
key => {
'id' => $kubernetes_key_id,
'source' => $kubernetes_key_source,
}
}
} else {
# For pkgs.k8s.io use GPG siging key
$_keyring = '/usr/share/keyrings/kubernetes-apt-keyring.gpg'
# TODO: Switch to apt::keyring once supported by puppetlabs-apt
# see: /~https://github.com/puppetlabs/puppetlabs-apt/pull/1128
archive { '/tmp/kubernetes-apt-keyring.gpg':
source => "https://pkgs.k8s.io/core:/stable:/v${minor_version}/deb/Release.key",
extract => true,
extract_path => '/usr/share/keyrings',
extract_command => 'gpg --dearmor < %s > kubernetes-apt-keyring.gpg',
creates => $_keyring,
}

Apt::Source<| title == 'kubernetes' |> {
keyring => $_keyring,
require => Archive['/tmp/kubernetes-apt-keyring.gpg'],
}
Comment on lines +88 to +103

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The support for modern keyrings has been released in puppetlabs-apt since three month now in version 9.2. Version 9.4 is also already out. To me, it would make sense to switch to apt::keyring, but if you would like to keep it like this for compatibility for now this would also be fine for me.

The most important for me would be that this PR finally get's merged and there is a release of puppetlabs-kubernetes that has useful, modern defaults and works with the newest version of Kubernetes out of the box.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As I wrote earlier, it would be very nice to switch to modern apt::keyring. But we should make incremental changes. Adding dependency on puppetlabs-apt >= 9.2.0 means effectively bumping dependency on puppetlabs-stdlib from >= 4.25.0 to >= 9.0.0. This is rather huge step for the mankind, especially done in a single innocent PR called "Swich repos...".

Depending on puppet code base setup this might mean upgrading many (10 or 40) modules just because of this minor change. I would prefer to release this "old but working version" as a 8.1.0 version. And then change module dependencies in separate PR, while bumping the module version e.g. to 9.0.0.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As mentioned in #681, the actual puppetlabs/stdlib requirement is currently >= 8.4.0. So the change wouldn't be that huge.

}

$codename = fact('os.distro.codename')
if ($container_runtime == 'docker' and $manage_docker == true) or
($container_runtime == 'cri_containerd' and $containerd_install_method == 'package') {
apt::source { 'docker':
Expand All @@ -99,9 +130,10 @@

yumrepo { 'kubernetes':
descr => 'Kubernetes',
baseurl => pick($kubernetes_yum_baseurl,'https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64'),
gpgkey => pick($kubernetes_yum_gpgkey,'https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg'),
gpgcheck => true,
baseurl => pick($kubernetes_yum_baseurl,"https://pkgs.k8s.io/core:/stable:/v${minor_version}/rpm/"),
gpgkey => pick($kubernetes_yum_gpgkey,"https://pkgs.k8s.io/core:/stable:/v${minor_version}/rpm/repodata/repomd.xml.key"),
enabled => 1,
gpgcheck => 1,
}
}

Expand Down
4 changes: 2 additions & 2 deletions spec/acceptance/kubernetes_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,8 @@
case $facts['os']['family'] {
'RedHat', 'CentOS': {
class {'kubernetes':
kubernetes_version => '1.22.0',
kubernetes_package_version => '1.22.0',
kubernetes_version => '1.28.2',
kubernetes_package_version => '1.28.2-1.1',
Comment on lines +19 to +20

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As 1.29.2 is already out by now this probably should get updated to that new version.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, this is just version for tests. The point was to update the version, that is available in the new repos. We should definitely update the default version, because the current value is 1.10.2.

controller_address => "#{int_ipaddr1}:6443",
container_runtime => 'docker',
manage_docker => false,
Expand Down
162 changes: 149 additions & 13 deletions spec/classes/repos_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,72 @@

require 'spec_helper'
describe 'kubernetes::repos', type: :class do
context 'with Debian and default params' do
let(:facts) do
{
osfamily: 'Debian', # needed to run dependent tests from fixtures puppetlabs-apt
kernel: 'Linux',
os: {
family: 'Debian',
name: 'Ubuntu',
release: {
full: '22.04'
},
distro: {
codename: 'jammy'
}
}
}
end
let(:params) do
{
'container_runtime' => 'docker',
'kubernetes_version' => '1.28.1',
'kubernetes_apt_location' => '',
'kubernetes_apt_release' => '',
'kubernetes_apt_repos' => '',
'kubernetes_key_id' => '',
'kubernetes_key_source' => '',
'kubernetes_yum_baseurl' => 'https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64',
'kubernetes_yum_gpgkey' => 'https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg',
'docker_apt_location' => 'https://download.docker.com/linux/ubuntu',
'docker_apt_release' => 'jammy',
'docker_apt_repos' => 'main',
'docker_yum_baseurl' => 'https://download.docker.com/linux/centos/7/x86_64/stable',
'docker_yum_gpgkey' => 'https://download.docker.com/linux/centos/gpg',
'docker_key_id' => '9DC858229FC7DD38854AE2D88D81803C0EBFCD88',
'docker_key_source' => 'https://download.docker.com/linux/ubuntu/gpg',
'containerd_install_method' => 'archive',
'create_repos' => true,
'manage_docker' => true
}
end

it {
expect(subject).to contain_apt__source('kubernetes').with(
ensure: 'present',
location: 'https://pkgs.k8s.io/core:/stable:/v1.28/deb',
release: '/',
keyring: '/usr/share/keyrings/kubernetes-apt-keyring.gpg',
)
}

it {
expect(subject).to contain_file('/etc/apt/sources.list.d/kubernetes.list')
.with_content(%r{^deb \[signed-by=/usr/share/keyrings/kubernetes-apt-keyring.gpg\] https://pkgs.k8s.io/core:/stable:/v1.28/deb /\s$})
}

it {
expect(subject).to contain_apt__source('docker').with(
ensure: 'present',
location: 'https://download.docker.com/linux/ubuntu',
repos: 'main',
release: 'jammy',
key: { 'id' => '9DC858229FC7DD38854AE2D88D81803C0EBFCD88', 'source' => 'https://download.docker.com/linux/ubuntu/gpg' },
)
}
end

context 'with osfamily => Ubuntu and manage_docker => true' do
let(:facts) do
{
Expand All @@ -11,26 +77,27 @@
family: 'Debian',
name: 'Ubuntu',
release: {
full: '16.04'
full: '22.04'
},
distro: {
codename: 'xenial'
codename: 'jammy'
}
}
}
end
let(:params) do
{
'container_runtime' => 'docker',
'kubernetes_apt_location' => 'http://apt.kubernetes.io',
'kubernetes_apt_release' => 'kubernetes-xenial',
'kubernetes_version' => '1.29.2',
'kubernetes_apt_location' => 'http://myapt.example.org',
'kubernetes_apt_release' => 'jammy',
'kubernetes_apt_repos' => 'main',
'kubernetes_key_id' => '54A647F9048D5688D7DA2ABE6A030B21BA07F4FB',
'kubernetes_key_source' => 'https://packages.cloud.google.com/apt/doc/apt-key.gpg',
'kubernetes_yum_baseurl' => 'https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64',
'kubernetes_yum_gpgkey' => 'https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg',
'docker_apt_location' => 'https://download.docker.com/linux/ubuntu',
'docker_apt_release' => 'xenial',
'docker_apt_release' => 'jammy',
'docker_apt_repos' => 'main',
'docker_yum_baseurl' => 'https://download.docker.com/linux/centos/7/x86_64/stable',
'docker_yum_gpgkey' => 'https://download.docker.com/linux/centos/gpg',
Expand All @@ -45,9 +112,9 @@
it {
expect(subject).to contain_apt__source('kubernetes').with(
ensure: 'present',
location: 'http://apt.kubernetes.io',
location: 'http://myapt.example.org',
repos: 'main',
release: 'kubernetes-xenial',
release: 'jammy',
key: { 'id' => '54A647F9048D5688D7DA2ABE6A030B21BA07F4FB', 'source' => 'https://packages.cloud.google.com/apt/doc/apt-key.gpg' },
)
}
Expand All @@ -57,7 +124,7 @@
ensure: 'present',
location: 'https://download.docker.com/linux/ubuntu',
repos: 'main',
release: 'xenial',
release: 'jammy',
key: { 'id' => '9DC858229FC7DD38854AE2D88D81803C0EBFCD88', 'source' => 'https://download.docker.com/linux/ubuntu/gpg' },
)
}
Expand All @@ -72,17 +139,18 @@
family: 'Debian',
name: 'Ubuntu',
release: {
full: '16.04'
full: '22.04'
},
distro: {
codename: 'xenial'
codename: 'jammy'
}
}
}
end
let(:params) do
{
'container_runtime' => 'cri_containerd',
'kubernetes_version' => '1.28.1',
'kubernetes_apt_location' => 'http://apt.kubernetes.io',
'kubernetes_apt_release' => 'kubernetes-xenial',
'kubernetes_apt_repos' => 'main',
Expand Down Expand Up @@ -124,6 +192,58 @@
}
end

context 'with RedHat and default params' do
let(:facts) do
{
operatingsystem: 'RedHat',
osfamily: 'RedHat',
operatingsystemrelease: '7.0',
kernel: 'Linux',
os: {
family: 'RedHat',
name: 'RedHat',
release: {
full: '7.0'
}
}
}
end

let(:params) do
{
'container_runtime' => 'docker',
'kubernetes_version' => '1.28.1',
'kubernetes_apt_location' => '',
'kubernetes_apt_release' => '',
'kubernetes_apt_repos' => '',
'kubernetes_key_id' => '',
'kubernetes_key_source' => '',
'kubernetes_yum_baseurl' => '',
'kubernetes_yum_gpgkey' => '',
'docker_apt_location' => 'https://download.docker.com/linux/ubuntu',
'docker_apt_release' => 'xenial',
'docker_apt_repos' => 'main',
'docker_yum_baseurl' => 'https://download.docker.com/linux/centos/7/x86_64/stable',
Comment on lines +200 to +226

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See above

'docker_yum_gpgkey' => 'https://download.docker.com/linux/centos/gpg',
'docker_key_id' => '9DC858229FC7DD38854AE2D88D81803C0EBFCD88',
'docker_key_source' => 'https://download.docker.com/linux/ubuntu/gpg',
'containerd_install_method' => 'archive',
'create_repos' => true,
'manage_docker' => false
}
end

it { is_expected.not_to contain_yumrepo('docker') }

it {
expect(subject).to contain_yumrepo('kubernetes').with(
'enabled' => '1',
'baseurl' => 'https://pkgs.k8s.io/core:/stable:/v1.28/rpm/',
'gpgkey' => 'https://pkgs.k8s.io/core:/stable:/v1.28/rpm/repodata/repomd.xml.key',
)
}
end

context 'with osfamily => RedHat and manage_epel => true and manage_docker => false' do
let(:facts) do
{
Expand All @@ -144,6 +264,7 @@
let(:params) do
{
'container_runtime' => 'docker',
'kubernetes_version' => '1.28.1',
'kubernetes_apt_location' => 'http://apt.kubernetes.io',
'kubernetes_apt_release' => 'kubernetes-xenial',
'kubernetes_apt_repos' => 'main',
Expand All @@ -165,7 +286,14 @@
end

it { is_expected.not_to contain_yumrepo('docker') }
it { is_expected.to contain_yumrepo('kubernetes') }

it {
expect(subject).to contain_yumrepo('kubernetes').with(
'enabled' => '1',
'baseurl' => 'https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64',
'gpgkey' => 'https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg',
)
}
end

context 'with osfamily => RedHat and container_runtime => cri_containerd and containerd_install_method => package' do
Expand All @@ -187,6 +315,7 @@

let(:params) do
{
'kubernetes_version' => '1.28.1',
'container_runtime' => 'cri_containerd',
'kubernetes_apt_location' => 'http://apt.kubernetes.io',
'kubernetes_apt_release' => 'kubernetes-xenial',
Expand All @@ -196,7 +325,7 @@
'kubernetes_yum_baseurl' => 'https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64',
'kubernetes_yum_gpgkey' => 'https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg',
'docker_apt_location' => 'https://download.docker.com/linux/ubuntu',
'docker_apt_release' => 'xenial',
'docker_apt_release' => 'jammy',
'docker_apt_repos' => 'main',
'docker_yum_baseurl' => 'https://download.docker.com/linux/centos/7/x86_64/stable',
'docker_yum_gpgkey' => 'https://download.docker.com/linux/centos/gpg',
Expand All @@ -209,6 +338,13 @@
end

it { is_expected.to contain_yumrepo('docker') }
it { is_expected.to contain_yumrepo('kubernetes') }

it {
expect(subject).to contain_yumrepo('kubernetes').with(
'enabled' => '1',
'baseurl' => 'https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64',
'gpgkey' => 'https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg',
)
}
end
end
Loading