Draft: Manage k8s upgrade with renovate

Loic Nicollerequested to merge
manage_sylva_diskimagebuilder_images_with_renovate into main

What does this MR do and why?

this MR aim is to allow renovate to fully handle our K8S update when we update diskimage-builder tag.

To achieve it we'll need to use a post upgrade command to run: .gitlab/ci/scripts/generate-diskimage-builder-images.py script.

As it it will generate an output that looks like to this:

example: .gitlab/ci/scripts/generate-diskimage-builder-images.py 0.4.6

_internal:
  k8s_version_map:
  "1.28": '{{ .Values.cluster.capi_providers.bootstrap_provider | eq "cabpr" | ternary "v1.28.15+rke2r1" "v1.28.15" }}'
  "1.29": '{{ .Values.cluster.capi_providers.bootstrap_provider | eq "cabpr" | ternary "v1.29.13+rke2r1" "v1.29.13" }}'
  "1.30": '{{ .Values.cluster.capi_providers.bootstrap_provider | eq "cabpr" | ternary "v1.30.9+rke2r1" "v1.30.9" }}'
  "1.31": '{{ .Values.cluster.capi_providers.bootstrap_provider | eq "cabpr" | ternary "v1.31.5+rke2r1" "v1.31.5" }}'
units:
  calico:
    helm_chart_version:
      v3.28.200: '{{ include "k8s-version-match" (tuple ">=1.28.0,<1.29.0" .Values._internal.k8s_version)
        }}'
      v3.29.101: '{{ include "k8s-version-match" (tuple ">=1.29.0" .Values._internal.k8s_version)
        }}'
  calico-crd:
    helm_chart_version:
      v3.28.200: '{{ include "k8s-version-match" (tuple ">=1.28.0,<1.29.0" .Values._internal.k8s_version)
        }}'
      v3.29.101: '{{ include "k8s-version-match" (tuple ">=1.29.0" .Values._internal.k8s_version)
        }}'
  ingress-nginx:
    helm_chart_version:
      4.10.501: '{{ include "k8s-version-match" (tuple ">=1.28.0,<1.29.0" .Values._internal.k8s_version)
        }}'
      4.12.003: '{{ include "k8s-version-match" (tuple ">=1.29.0" .Values._internal.k8s_version)
        }}'

sylva_diskimagebuilder_images:
  ubuntu-noble-plain-rke2-1-31-5:
    os_images_oci_registry: sylva
  ubuntu-noble-plain-rke2-1-30-9:
    os_images_oci_registry: sylva
  ubuntu-noble-plain-rke2-1-29-13:
    os_images_oci_registry: sylva
  ubuntu-noble-plain-rke2-1-28-15:
    os_images_oci_registry: sylva
  ubuntu-noble-plain-kubeadm-1-31-5:
    os_images_oci_registry: sylva
  ubuntu-noble-plain-kubeadm-1-30-9:
    os_images_oci_registry: sylva
  ubuntu-noble-plain-kubeadm-1-29-13:
    os_images_oci_registry: sylva
  ubuntu-noble-plain-kubeadm-1-28-15:
    os_images_oci_registry: sylva
  opensuse-15-6-plain-rke2-1-31-5:
    os_images_oci_registry: sylva
  opensuse-15-6-plain-rke2-1-30-9:
    os_images_oci_registry: sylva
  opensuse-15-6-plain-rke2-1-29-13:
    os_images_oci_registry: sylva
  opensuse-15-6-plain-rke2-1-28-15:
    os_images_oci_registry: sylva
  opensuse-15-6-plain-kubeadm-1-31-5:
    os_images_oci_registry: sylva
  opensuse-15-6-plain-kubeadm-1-30-9:
    os_images_oci_registry: sylva
  opensuse-15-6-plain-kubeadm-1-29-13:
    os_images_oci_registry: sylva
  opensuse-15-6-plain-kubeadm-1-28-15:
    os_images_oci_registry: sylva
  opensuse-15-6-hardened-rke2-1-31-5:
    os_images_oci_registry: sylva
  opensuse-15-6-hardened-rke2-1-30-9:
    os_images_oci_registry: sylva
  opensuse-15-6-hardened-rke2-1-29-13:
    os_images_oci_registry: sylva
  opensuse-15-6-hardened-rke2-1-28-15:
    os_images_oci_registry: sylva

then we'll need to merge this file into charts/sylva-units/values.yaml

as it it's not easy because many lines of charts/sylva-units/values.yaml will be rewrite by YQ as they don't respect proper indentation etc..

Related reference(s)

Test coverage

CI configuration

Below you can choose test deployment variants to run in this MR's CI.

Click to open to CI configuration

Legend:

Icon Meaning Available values
☁️ Infra Provider capd, capo, capm3
🚀 Bootstrap Provider kubeadm (alias kadm), rke2
🐧 Node OS ubuntu, suse
🛠️ Deployment Options light-deploy, dev-sources, ha, misc, maxsurge-0
🎬 Pipeline Scenarios Available scenario list and description

  • 🎬 preview ☁️ capd 🚀 kadm 🐧 ubuntu

  • 🎬 preview ☁️ capo 🚀 rke2 🐧 suse

  • 🎬 preview ☁️ capm3 🚀 rke2 🐧 ubuntu

  • ☁️ capd 🚀 kadm 🛠️ light-deploy 🐧 ubuntu

  • ☁️ capd 🚀 rke2 🛠️ light-deploy 🐧 suse

  • ☁️ capo 🚀 rke2 🐧 suse

  • ☁️ capo 🚀 kadm 🐧 ubuntu

  • ☁️ capo 🚀 rke2 🎬 rolling-update 🛠️ ha 🐧 ubuntu

  • ☁️ capo 🚀 kadm 🎬 wkld-k8s-upgrade 🐧 ubuntu

  • ☁️ capo 🚀 rke2 🎬 rolling-update-no-wkld 🛠️ ha,misc 🐧 suse

  • ☁️ capo 🚀 rke2 🎬 sylva-upgrade-from-1.3.x 🛠️ ha,misc 🐧 ubuntu

  • ☁️ capm3 🚀 rke2 🐧 suse

  • ☁️ capm3 🚀 kadm 🐧 ubuntu

  • ☁️ capm3 🚀 kadm 🎬 rolling-update-no-wkld 🛠️ ha,misc 🐧 ubuntu

  • ☁️ capm3 🚀 rke2 🎬 wkld-k8s-upgrade 🛠️ ha 🐧 suse

  • ☁️ capm3 🚀 kadm 🎬 rolling-update 🛠️ ha 🐧 ubuntu

  • ☁️ capm3 🚀 rke2 🎬 sylva-upgrade-from-1.3.x 🛠️ misc,ha 🐧 suse

  • ☁️ capm3 🚀 kadm 🎬 rolling-update 🛠️ ha 🐧 suse

Global config for deployment pipelines

  • autorun pipelines
  • allow failure on pipelines
  • record sylvactl events

Notes:

  • Enabling autorun will make deployment pipelines to be run automatically without human interaction
  • Disabling allow failure will make deployment pipelines mandatory for pipeline success.
  • if both autorun and allow failure are disabled, deployment pipelines will need manual triggering but will be blocking the pipeline

Be aware: after configuration change, pipeline is not triggered automatically. Please run it manually (by clicking the run pipeline button in Pipelines tab) or push new code.

Edited by Loic Nicolle

Merge request reports