krane 3.3.0 → 3.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/CODEOWNERS +1 -1
- data/.github/workflows/add-to-project.yml +18 -0
- data/.github/workflows/ci.yml +3 -0
- data/1.0-Upgrade.md +1 -1
- data/CHANGELOG.md +9 -1
- data/CONTRIBUTING.md +4 -4
- data/README.md +7 -6
- data/lib/krane/cli/deploy_command.rb +2 -0
- data/lib/krane/deploy_task.rb +5 -4
- data/lib/krane/global_deploy_task.rb +2 -2
- data/lib/krane/kubectl.rb +9 -0
- data/lib/krane/resource_deployer.rb +6 -5
- data/lib/krane/version.rb +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5d9fd3a2bdcd247f19399a1617e4b3d7c2534b78535a05fe2609e1770fbcb943
|
|
4
|
+
data.tar.gz: 58f419d984de460814ceb27212e577b26d81e243f5be9b3821a0b348e314b975
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: '0443799d9c0b820269127bedc5c2ee8ad7ef4de195bceb8b0cd65f46d55e169b19be24e50798901796ff33b46a34e21af5d2e2e5c3adfff2cf9464fd52899f27'
|
|
7
|
+
data.tar.gz: 81647888f3cca18356273f23802960d683830d68bb373da6031e64791374ef276a42f8161bf2f50b57dd46de6934d924dde85ddf70c6ac9930fb9f8163c0f452
|
data/.github/CODEOWNERS
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
* @Shopify/
|
|
1
|
+
* @Shopify/infrastructure-tooling
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
name: Project automations
|
|
2
|
+
on:
|
|
3
|
+
issues:
|
|
4
|
+
types:
|
|
5
|
+
- opened
|
|
6
|
+
- reopened
|
|
7
|
+
env:
|
|
8
|
+
PROJECT_URL: https://github.com/orgs/Shopify/projects/2279
|
|
9
|
+
|
|
10
|
+
jobs:
|
|
11
|
+
add-to-project:
|
|
12
|
+
name: Issue or PR opened
|
|
13
|
+
runs-on: shopify-ubuntu-latest
|
|
14
|
+
steps:
|
|
15
|
+
- uses: actions/add-to-project@v0.4.0 # https://github.com/actions/add-to-project/tree/v0.4.0
|
|
16
|
+
with:
|
|
17
|
+
project-url: ${{ env.PROJECT_URL }}
|
|
18
|
+
github-token: ${{ secrets.SHOPIFY_GH_ACCESS_TOKEN }}
|
data/.github/workflows/ci.yml
CHANGED
|
@@ -16,10 +16,13 @@ jobs:
|
|
|
16
16
|
- "3.0.4"
|
|
17
17
|
- "2.7.6"
|
|
18
18
|
kubernetes_version:
|
|
19
|
+
- "1.27.3"
|
|
19
20
|
- "1.26.4"
|
|
20
21
|
- "1.24.13"
|
|
21
22
|
- "1.23.17"
|
|
22
23
|
include:
|
|
24
|
+
- kubernetes_version: "1.27.3"
|
|
25
|
+
kind_image: "kindest/node:v1.27.3@sha256:9dd3392d79af1b084671b05bcf65b21de476256ad1dcc853d9f3b10b4ac52dde"
|
|
23
26
|
- kubernetes_version: "1.26.4"
|
|
24
27
|
kind_image: "kindest/node:v1.26.4@sha256:a539833d26264444ab3b8f5e56e23fa3361436445fa23c864e6dec622458858f"
|
|
25
28
|
- kubernetes_version: "1.24.13"
|
data/1.0-Upgrade.md
CHANGED
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
* There are breaking changes in the public API (such as the renaming of the `KubernetesDeploy` namespace to `Krane`, and the change in default values for different arguments of the public interface).
|
|
8
8
|
* StatsD metrics will now be generated with the `krane` prefix.
|
|
9
9
|
* `krane deploy` now considers all namespaced resources eligible for pruning, including
|
|
10
|
-
custom resources. See [blacklist](https://github.com/Shopify/krane/blob/
|
|
10
|
+
custom resources. See [blacklist](https://github.com/Shopify/krane/blob/main/lib/krane/cluster_resource_discovery.rb#L20) for exceptions.
|
|
11
11
|
* `kubernetes-deploy` (now `krane deploy`) / `DeployTask` can no longer deploy global (non-namespaced) resources. A new command called `krane global-deploy` and a related class called `GlobalDeployTask` were added to replace that feature.
|
|
12
12
|
* `krane deploy` will not render erb templates. Use `krane render | krane deploy --stdin` to reproduce this functionality.
|
|
13
13
|
* If you attempt to install two gems that have conflicting executables, `gem install` will warn you but the most recently installed one will win.
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,13 @@
|
|
|
1
1
|
## next
|
|
2
2
|
|
|
3
|
+
# 3.4.1
|
|
4
|
+
|
|
5
|
+
- Added flag `--skip-dry-run` to completely opt out of dry run validation.
|
|
6
|
+
|
|
7
|
+
# 3.4.0
|
|
8
|
+
|
|
9
|
+
- Use `prune-allowlist` instead of `prune-whitelist` for 1.26+ clusters. Clusters running 1.25 or less will continue to use `--prune-whitelist`. [#940](https://github.com/Shopify/krane/pull/940)
|
|
10
|
+
|
|
3
11
|
## 3.3.0
|
|
4
12
|
|
|
5
13
|
*Enhancements*
|
|
@@ -288,7 +296,7 @@ It seems an issue when too many pods are referencing the same secret/configmap h
|
|
|
288
296
|
# 1.0.0
|
|
289
297
|
|
|
290
298
|
We've renamed the gem and cli to Krane.
|
|
291
|
-
See our [migration guide](https://github.com/Shopify/krane/blob/
|
|
299
|
+
See our [migration guide](https://github.com/Shopify/krane/blob/main/1.0-Upgrade.md) to help navigate the breaking changes.
|
|
292
300
|
|
|
293
301
|
## 1.0.0.pre.2
|
|
294
302
|
|
data/CONTRIBUTING.md
CHANGED
|
@@ -22,7 +22,7 @@ The following is a set of guidelines for contributing to krane. Please take a mo
|
|
|
22
22
|
* [CI (External contributors)](#ci-external-contributors)
|
|
23
23
|
## Code of Conduct
|
|
24
24
|
|
|
25
|
-
This project and everyone participating in it are governed by the [Code of Conduct](https://github.com/Shopify/krane/blob/
|
|
25
|
+
This project and everyone participating in it are governed by the [Code of Conduct](https://github.com/Shopify/krane/blob/main/CODE_OF_CONDUCT.md).
|
|
26
26
|
By participating, you are expected to uphold this code. Please report unacceptable
|
|
27
27
|
behavior to [krane@shopify.com](mailto:krane@shopify.com).
|
|
28
28
|
|
|
@@ -95,9 +95,9 @@ This gem uses subclasses of `KubernetesResource` to implement custom success/fai
|
|
|
95
95
|
* `deploy_failed?`
|
|
96
96
|
3. Adjust the `TIMEOUT` constant to an appropriate value for this type.
|
|
97
97
|
4. Add the new class to list of resources in
|
|
98
|
-
[`deploy_task.rb`](https://github.com/Shopify/krane/blob/
|
|
99
|
-
5. Add the new resource to the [prune whitelist](https://github.com/Shopify/krane/blob/
|
|
100
|
-
6. Add a basic example of the type to the hello-cloud [fixture set](https://github.com/Shopify/krane/tree/
|
|
98
|
+
[`deploy_task.rb`](https://github.com/Shopify/krane/blob/main/lib/krane/deploy_task.rb#L8)
|
|
99
|
+
5. Add the new resource to the [prune whitelist](https://github.com/Shopify/krane/blob/main/lib/krane/deploy_task.rb#L81)
|
|
100
|
+
6. Add a basic example of the type to the hello-cloud [fixture set](https://github.com/Shopify/krane/tree/main/test/fixtures/hello-cloud) and appropriate assertions to `#assert_all_up` in [`hello_cloud.rb`](https://github.com/Shopify/krane/blob/main/test/helpers/fixture_sets/hello_cloud.rb). This will get you coverage in several existing tests, such as `test_full_hello_cloud_set_deploy_succeeds`.
|
|
101
101
|
7. Add tests for any edge cases you foresee.
|
|
102
102
|
|
|
103
103
|
### Contributor License Agreement
|
data/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
# krane [](https://buildkite.com/shopify/krane)
|
|
2
2
|
|
|
3
|
-
> This project used to be called `kubernetes-deploy`. Check out our [migration guide](https://github.com/Shopify/krane/blob/
|
|
3
|
+
> This project used to be called `kubernetes-deploy`. Check out our [migration guide](https://github.com/Shopify/krane/blob/main/1.0-Upgrade.md) for more information including details about breaking changes.
|
|
4
4
|
|
|
5
5
|
|
|
6
6
|
`krane` is a command line tool that helps you ship changes to a Kubernetes namespace and understand the result. At Shopify, we use it within our much-beloved, open-source [Shipit](https://github.com/Shopify/shipit-engine#kubernetes) deployment app.
|
|
@@ -93,6 +93,7 @@ Krane provides support for official upstream supported versions [Kubernetes](htt
|
|
|
93
93
|
| 1.24 | Yes | -- |
|
|
94
94
|
| 1.25 | No | -- |
|
|
95
95
|
| 1.26 | Yes | -- |
|
|
96
|
+
| 1.27 | Yes | -- |
|
|
96
97
|
|
|
97
98
|
## Installation
|
|
98
99
|
|
|
@@ -336,7 +337,7 @@ status:
|
|
|
336
337
|
|
|
337
338
|
### Deploy walkthrough
|
|
338
339
|
|
|
339
|
-
Let's walk through what happens when you run the `deploy` task with [this directory of templates](https://github.com/Shopify/krane/tree/
|
|
340
|
+
Let's walk through what happens when you run the `deploy` task with [this directory of templates](https://github.com/Shopify/krane/tree/main/test/fixtures/hello-cloud). This particular example uses ERB templates as well, so we'll use the [krane render](#krane-render) task to achieve that.
|
|
340
341
|
|
|
341
342
|
You can test this out for yourself by running the following command:
|
|
342
343
|
|
|
@@ -403,7 +404,7 @@ In this phase, we:
|
|
|
403
404
|
|
|
404
405
|
Just like in the previous phase, we essentially run `kubectl apply` on those templates and periodically check the cluster for the current status of each resource so we can display error or success information.
|
|
405
406
|
|
|
406
|
-
If pruning is enabled (which, again, is the default), any [kind not listed in the blacklist](https://github.com/Shopify/krane/blob/
|
|
407
|
+
If pruning is enabled (which, again, is the default), any [kind not listed in the blacklist](https://github.com/Shopify/krane/blob/main/lib/krane/cluster_resource_discovery.rb#L20) that we can find in the namespace but not in the templates will be removed. A particular message about pruning will be printed in the next phase if any resource matches this criteria.
|
|
407
408
|
|
|
408
409
|
#### Result
|
|
409
410
|
|
|
@@ -653,13 +654,13 @@ This is a limitation of the current implementation.
|
|
|
653
654
|
# Contributing
|
|
654
655
|
|
|
655
656
|
We :heart: contributors! To make it easier for you and us we've written a
|
|
656
|
-
[Contributing Guide](https://github.com/Shopify/krane/blob/
|
|
657
|
+
[Contributing Guide](https://github.com/Shopify/krane/blob/main/CONTRIBUTING.md)
|
|
657
658
|
|
|
658
659
|
|
|
659
660
|
You can also reach out to us on our slack channel, #krane, at https://kubernetes.slack.com. All are welcome!
|
|
660
661
|
|
|
661
662
|
## Code of Conduct
|
|
662
|
-
Everyone is expected to follow our [Code of Conduct](https://github.com/Shopify/krane/blob/
|
|
663
|
+
Everyone is expected to follow our [Code of Conduct](https://github.com/Shopify/krane/blob/main/CODE_OF_CONDUCT.md).
|
|
663
664
|
|
|
664
665
|
|
|
665
666
|
# License
|
|
@@ -33,6 +33,7 @@ module Krane
|
|
|
33
33
|
default: false },
|
|
34
34
|
"verify-result" => { type: :boolean, default: true,
|
|
35
35
|
desc: "Verify workloads correctly deployed" },
|
|
36
|
+
"skip-dry-run" => { type: :boolean, desc: "Enable skipping dry run", default: false},
|
|
36
37
|
}
|
|
37
38
|
|
|
38
39
|
def self.from_options(namespace, context, options)
|
|
@@ -71,6 +72,7 @@ module Krane
|
|
|
71
72
|
selector: selector,
|
|
72
73
|
selector_as_filter: selector_as_filter,
|
|
73
74
|
protected_namespaces: protected_namespaces,
|
|
75
|
+
skip_dry_run: options["skip-dry-run"]
|
|
74
76
|
)
|
|
75
77
|
|
|
76
78
|
deploy.run!(
|
data/lib/krane/deploy_task.rb
CHANGED
|
@@ -77,7 +77,7 @@ module Krane
|
|
|
77
77
|
Hash[before_crs + crs + after_crs]
|
|
78
78
|
end
|
|
79
79
|
|
|
80
|
-
def
|
|
80
|
+
def prune_allowlist
|
|
81
81
|
cluster_resource_discoverer.prunable_resources(namespaced: true)
|
|
82
82
|
end
|
|
83
83
|
|
|
@@ -106,7 +106,7 @@ module Krane
|
|
|
106
106
|
# @param render_erb [Boolean] Enable ERB rendering
|
|
107
107
|
def initialize(namespace:, context:, current_sha: nil, logger: nil, kubectl_instance: nil, bindings: {},
|
|
108
108
|
global_timeout: nil, selector: nil, selector_as_filter: false, filenames: [], protected_namespaces: nil,
|
|
109
|
-
render_erb: false, kubeconfig: nil)
|
|
109
|
+
render_erb: false, kubeconfig: nil, skip_dry_run: false)
|
|
110
110
|
@logger = logger || Krane::FormattedLogger.build(namespace, context)
|
|
111
111
|
@template_sets = TemplateSets.from_dirs_and_files(paths: filenames, logger: @logger, render_erb: render_erb)
|
|
112
112
|
@task_config = Krane::TaskConfig.new(context, namespace, @logger, kubeconfig)
|
|
@@ -121,6 +121,7 @@ module Krane
|
|
|
121
121
|
@selector_as_filter = selector_as_filter
|
|
122
122
|
@protected_namespaces = protected_namespaces || PROTECTED_NAMESPACES
|
|
123
123
|
@render_erb = render_erb
|
|
124
|
+
@skip_dry_run = skip_dry_run
|
|
124
125
|
end
|
|
125
126
|
|
|
126
127
|
# Runs the task, returning a boolean representing success or failure
|
|
@@ -192,7 +193,7 @@ module Krane
|
|
|
192
193
|
|
|
193
194
|
def resource_deployer
|
|
194
195
|
@resource_deployer ||= Krane::ResourceDeployer.new(task_config: @task_config,
|
|
195
|
-
|
|
196
|
+
prune_allowlist: prune_allowlist, global_timeout: @global_timeout,
|
|
196
197
|
selector: @selector, statsd_tags: statsd_tags, current_sha: @current_sha)
|
|
197
198
|
end
|
|
198
199
|
|
|
@@ -286,7 +287,7 @@ module Krane
|
|
|
286
287
|
|
|
287
288
|
def validate_resources(resources)
|
|
288
289
|
validate_globals(resources)
|
|
289
|
-
batch_dry_run_success = validate_dry_run(resources)
|
|
290
|
+
batch_dry_run_success = @skip_dry_run || validate_dry_run(resources)
|
|
290
291
|
resources.select! { |r| r.selected?(@selector) } if @selector_as_filter
|
|
291
292
|
Krane::Concurrency.split_across_threads(resources) do |r|
|
|
292
293
|
# No need to pass in kubectl (and do per-resource dry run apply) if batch dry run succeeded
|
|
@@ -108,7 +108,7 @@ module Krane
|
|
|
108
108
|
|
|
109
109
|
def deploy!(resources, verify_result, prune)
|
|
110
110
|
resource_deployer = ResourceDeployer.new(task_config: @task_config,
|
|
111
|
-
|
|
111
|
+
prune_allowlist: prune_allowlist, global_timeout: @global_timeout,
|
|
112
112
|
selector: @selector, statsd_tags: statsd_tags)
|
|
113
113
|
resource_deployer.deploy!(resources, verify_result, prune)
|
|
114
114
|
end
|
|
@@ -194,7 +194,7 @@ module Krane
|
|
|
194
194
|
@kubectl ||= Kubectl.new(task_config: @task_config, log_failure_by_default: true)
|
|
195
195
|
end
|
|
196
196
|
|
|
197
|
-
def
|
|
197
|
+
def prune_allowlist
|
|
198
198
|
cluster_resource_discoverer.prunable_resources(namespaced: false)
|
|
199
199
|
end
|
|
200
200
|
|
data/lib/krane/kubectl.rb
CHANGED
|
@@ -12,6 +12,7 @@ module Krane
|
|
|
12
12
|
DEFAULT_TIMEOUT = 15
|
|
13
13
|
MAX_RETRY_DELAY = 16
|
|
14
14
|
SERVER_DRY_RUN_MIN_VERSION = "1.13"
|
|
15
|
+
ALLOW_LIST_MIN_VERSION = "1.26"
|
|
15
16
|
|
|
16
17
|
class ResourceNotFoundError < StandardError; end
|
|
17
18
|
|
|
@@ -112,6 +113,14 @@ module Krane
|
|
|
112
113
|
"--dry-run=server"
|
|
113
114
|
end
|
|
114
115
|
|
|
116
|
+
def allowlist_flag
|
|
117
|
+
if client_version >= Gem::Version.new(ALLOW_LIST_MIN_VERSION)
|
|
118
|
+
"--prune-allowlist"
|
|
119
|
+
else
|
|
120
|
+
"--prune-whitelist"
|
|
121
|
+
end
|
|
122
|
+
end
|
|
123
|
+
|
|
115
124
|
private
|
|
116
125
|
|
|
117
126
|
def build_command_from_options(args, use_namespace, use_context, output)
|
|
@@ -11,9 +11,9 @@ module Krane
|
|
|
11
11
|
delegate :logger, to: :@task_config
|
|
12
12
|
attr_reader :statsd_tags
|
|
13
13
|
|
|
14
|
-
def initialize(task_config:,
|
|
14
|
+
def initialize(task_config:, prune_allowlist:, global_timeout:, current_sha: nil, selector:, statsd_tags:)
|
|
15
15
|
@task_config = task_config
|
|
16
|
-
@
|
|
16
|
+
@prune_allowlist = prune_allowlist
|
|
17
17
|
@global_timeout = global_timeout
|
|
18
18
|
@current_sha = current_sha
|
|
19
19
|
@selector = selector
|
|
@@ -102,7 +102,7 @@ module Krane
|
|
|
102
102
|
# Apply can be done in one large batch, the rest have to be done individually
|
|
103
103
|
applyables, individuals = resources.partition { |r| r.deploy_method == :apply }
|
|
104
104
|
# Prunable resources should also applied so that they can be pruned
|
|
105
|
-
pruneable_types = @
|
|
105
|
+
pruneable_types = @prune_allowlist.map { |t| t.split("/").last }
|
|
106
106
|
applyables += individuals.select { |r| pruneable_types.include?(r.type) && !r.deploy_method_override }
|
|
107
107
|
|
|
108
108
|
individuals.each do |individual_resource|
|
|
@@ -147,14 +147,15 @@ module Krane
|
|
|
147
147
|
r.deploy_started_at = Time.now.utc unless dry_run
|
|
148
148
|
end
|
|
149
149
|
command.push("-f", tmp_dir)
|
|
150
|
-
if prune && @
|
|
150
|
+
if prune && @prune_allowlist.present?
|
|
151
151
|
command.push("--prune")
|
|
152
152
|
if @selector
|
|
153
153
|
command.push("--selector", @selector.to_s)
|
|
154
154
|
else
|
|
155
155
|
command.push("--all")
|
|
156
156
|
end
|
|
157
|
-
|
|
157
|
+
allow_list_flag = kubectl.allowlist_flag
|
|
158
|
+
@prune_allowlist.each { |type| command.push("#{allow_list_flag}=#{type}") }
|
|
158
159
|
end
|
|
159
160
|
|
|
160
161
|
command.push(kubectl.dry_run_flag) if dry_run
|
data/lib/krane/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: krane
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.4.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Katrina Verey
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: exe
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date:
|
|
13
|
+
date: 2024-01-29 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: activesupport
|
|
@@ -414,6 +414,7 @@ files:
|
|
|
414
414
|
- ".github/CODEOWNERS"
|
|
415
415
|
- ".github/ISSUE_TEMPLATE.md"
|
|
416
416
|
- ".github/pull_request_template.md"
|
|
417
|
+
- ".github/workflows/add-to-project.yml"
|
|
417
418
|
- ".github/workflows/ci.yml"
|
|
418
419
|
- ".github/workflows/cla.yml"
|
|
419
420
|
- ".gitignore"
|
|
@@ -524,7 +525,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
524
525
|
- !ruby/object:Gem::Version
|
|
525
526
|
version: '0'
|
|
526
527
|
requirements: []
|
|
527
|
-
rubygems_version: 3.
|
|
528
|
+
rubygems_version: 3.5.5
|
|
528
529
|
signing_key:
|
|
529
530
|
specification_version: 4
|
|
530
531
|
summary: A command line tool that helps you ship changes to a Kubernetes namespace
|