Skip to content

kubectl: update to 1.24.7 (go1.18.7)

Mitchell Nielsen requested to merge kubectl-bump-1-24 into master

What does this MR do?

Bump kubectl to version 1.24.7

Bumps the kubectl version to 1.24.7.

This version is built on go 1.18.7:

```
$ kubectl version --client --output=json | jq .clientVersion.goVersion
"go1.18.7"
```

From the changelog, no significant changes jump out to me as causing potential problems based on our implementation.

Related issues

Related to https://gitlab.com/gitlab-org/charts/gitlab/-/issues/3663

Previous, related MR: !1130 (merged)

Testing

(Downstream charts pipeline: https://gitlab.com/gitlab-org/charts/gitlab/-/pipelines/682788835)

Created image has correct kubectl version

$ docker run --rm -i registry.gitlab.com/gitlab-org/build/cng/kubectl:kubectl-bump-1-24 kubectl version --client
WARNING: This version information is deprecated and will be replaced with the output from kubectl version --short.  Use --output=yaml|json to get the full version.
Client Version: version.Info{Major:"1", Minor:"24", GitVersion:"v1.24.7", GitCommit:"e6f35974b08862a23e7f4aad8e5d7f7f2de26c15", GitTreeState:"clean", BuildDate:"2022-10-12T10:57:14Z", GoVersion:"go1.18.7", Compiler:"gc", Platform:"linux/amd64"}
Kustomize Version: v4.5.4

shared-secrets does not overwrite secrets on subsequent run

$ stern -l release=rvw-682766156-master-trigger-b,app=gitlab
+ rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 › gitlab
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab /tmp/tmp.lMk8MDCQHl /
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret "rvw-682766156-master-trigger-b-gitlab-initial-root-password" already exists.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-gitlab-initial-root-password labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-gitlab-initial-root-password labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret "rvw-682766156-master-trigger-b-redis-secret" already exists.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-redis-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-redis-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret "rvw-682766156-master-trigger-b-postgresql-password" already exists.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-postgresql-password not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-postgresql-password not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret "rvw-682766156-master-trigger-b-gitlab-shell-secret" already exists.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-gitlab-shell-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-gitlab-shell-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret "rvw-682766156-master-trigger-b-gitaly-secret" already exists.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-gitaly-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-gitaly-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret "rvw-682766156-master-trigger-b-minio-secret" already exists.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-minio-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-minio-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret "rvw-682766156-master-trigger-b-gitlab-runner-secret" already exists.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-gitlab-runner-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-gitlab-runner-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret "rvw-682766156-master-trigger-b-gitlab-kas-secret" already exists.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-gitlab-kas-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-gitlab-kas-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret "rvw-682766156-master-trigger-b-kas-private-api" already exists.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-kas-private-api not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-kas-private-api not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab Generating a RSA private key
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab ....++++
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab .....................................................................++++
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab writing new private key to 'certs/registry-example-com.key'
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab -----
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret "rvw-682766156-master-trigger-b-registry-secret" already exists.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-registry-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-registry-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-rails-secret configured
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-rails-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-rails-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab ssh-keygen: generating new host keys: RSA DSA ECDSA ED25519
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret "rvw-682766156-master-trigger-b-gitlab-shell-host-keys" already exists.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-gitlab-shell-host-keys not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-gitlab-shell-host-keys not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret "rvw-682766156-master-trigger-b-gitlab-workhorse-secret" already exists.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-gitlab-workhorse-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-gitlab-workhorse-secret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret "rvw-682766156-master-trigger-b-registry-httpsecret" already exists.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-registry-httpsecret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-registry-httpsecret not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret "rvw-682766156-master-trigger-b-registry-notification" already exists.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab label "app.kubernetes.io/name" not found.
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-registry-notification not labeled
rvw-682766156-master-trigger-b-shared-secrets-3-uqs-lmnz8 gitlab secret/rvw-682766156-master-trigger-b-registry-notification not labeled

Confirmed this by checking Secret content directly as well:

$ kubectl get secret rvw-682766156-master-trigger-b-rails-secret -oyaml | yq .data > secret-v1.yaml
$ # retry review_gke job to redeploy chart and another shared-secrets Job run
$ kubectl get secret rvw-682766156-master-trigger-b-rails-secret -oyaml | yq .data > secret-v2.yaml
$ diff secret-v{1,2}.yaml
(nothing)

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion

Required

  • Merge Request Title, and Description are up to date, accurate, and descriptive
  • MR targeting the appropriate branch
  • MR has a green pipeline on GitLab.com

Expected (please provide an explanation if not completing)

  • Test plan indicating conditions for success has been posted and passes
  • Documentation created/updated
  • Integration tests added to GitLab QA
  • The impact any change in container size has should be evaluated
Edited by Mitchell Nielsen

Merge request reports