From 86633d9e74ec07c9b0ff4f8fdbffb0393e651b72 Mon Sep 17 00:00:00 2001 From: ci-robot Date: Wed, 6 Mar 2024 21:37:19 +0000 Subject: [PATCH] Update to ACK runtime `v0.32.0`, code-generator `v0.32.1` --- apis/v1alpha1/ack-generate-metadata.yaml | 8 +++--- cmd/controller/main.go | 19 ++++++++++++++ config/controller/deployment.yaml | 16 ++++++++++++ config/controller/kustomization.yaml | 2 +- go.mod | 4 +-- go.sum | 8 +++--- helm/Chart.yaml | 4 +-- helm/templates/NOTES.txt | 2 +- helm/templates/_helpers.tpl | 3 ++- helm/templates/deployment.yaml | 32 ++++++++++++++++++++++-- helm/values.schema.json | 8 +++++- helm/values.yaml | 8 +++++- 12 files changed, 95 insertions(+), 19 deletions(-) diff --git a/apis/v1alpha1/ack-generate-metadata.yaml b/apis/v1alpha1/ack-generate-metadata.yaml index 4462cc7..cf96115 100755 --- a/apis/v1alpha1/ack-generate-metadata.yaml +++ b/apis/v1alpha1/ack-generate-metadata.yaml @@ -1,9 +1,9 @@ ack_generate_info: - build_date: "2024-02-14T04:01:39Z" - build_hash: 947081ffebdeefcf2c61c4ca6d7e68810bdf9d08 + build_date: "2024-03-06T21:37:09Z" + build_hash: a5ba3c851434263128a1464a2c41e528779eeefa go_version: go1.22.0 - version: v0.30.0 -api_directory_checksum: 0e934aceeaa57d5be4a44939b6d0ca997c6b1851 + version: v0.32.1 +api_directory_checksum: 679e5320c1786c482397c54c97a2bbe9054d2e5f api_version: v1alpha1 aws_sdk_go_version: v1.44.93 generator_config_info: diff --git a/cmd/controller/main.go b/cmd/controller/main.go index 12785c7..65e52c4 100644 --- a/cmd/controller/main.go +++ b/cmd/controller/main.go @@ -30,6 +30,7 @@ import ( clientgoscheme "k8s.io/client-go/kubernetes/scheme" ctrlrt "sigs.k8s.io/controller-runtime" ctrlrtcache "sigs.k8s.io/controller-runtime/pkg/cache" + ctrlrthealthz "sigs.k8s.io/controller-runtime/pkg/healthz" ctrlrtmetrics "sigs.k8s.io/controller-runtime/pkg/metrics" metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" ctrlrtwebhook "sigs.k8s.io/controller-runtime/pkg/webhook" @@ -117,6 +118,9 @@ func main() { LeaderElection: ackCfg.EnableLeaderElection, LeaderElectionID: "ack-" + awsServiceAPIGroup, LeaderElectionNamespace: ackCfg.LeaderElectionNamespace, + HealthProbeBindAddress: ackCfg.HealthzAddr, + LivenessEndpointName: "/healthz", + ReadinessEndpointName: "/readyz", }) if err != nil { setupLog.Error( @@ -167,6 +171,21 @@ func main() { os.Exit(1) } + if err = mgr.AddHealthzCheck("health", ctrlrthealthz.Ping); err != nil { + setupLog.Error( + err, "unable to set up health check", + "aws.service", awsServiceAlias, + ) + os.Exit(1) + } + if err = mgr.AddReadyzCheck("check", ctrlrthealthz.Ping); err != nil { + setupLog.Error( + err, "unable to set up ready check", + "aws.service", awsServiceAlias, + ) + os.Exit(1) + } + setupLog.Info( "starting manager", "aws.service", awsServiceAlias, diff --git a/config/controller/deployment.yaml b/config/controller/deployment.yaml index d22b758..65b9cce 100644 --- a/config/controller/deployment.yaml +++ b/config/controller/deployment.yaml @@ -39,6 +39,8 @@ spec: - --enable-leader-election=$(ENABLE_LEADER_ELECTION) - --leader-election-namespace - "$(LEADER_ELECTION_NAMESPACE)" + - --reconcile-default-max-concurrent-syncs + - "$(RECONCILE_DEFAULT_MAX_CONCURRENT_SYNCS)" image: controller:latest name: controller ports: @@ -72,6 +74,8 @@ spec: value: "false" - name: LEADER_ELECTION_NAMESPACE value: "ack-system" + - name: "RECONCILE_DEFAULT_MAX_CONCURRENT_SYNCS" + value: "1" securityContext: allowPrivilegeEscalation: false privileged: false @@ -79,6 +83,18 @@ spec: capabilities: drop: - ALL + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 securityContext: seccompProfile: type: RuntimeDefault diff --git a/config/controller/kustomization.yaml b/config/controller/kustomization.yaml index 51a4ef9..3eab9b7 100644 --- a/config/controller/kustomization.yaml +++ b/config/controller/kustomization.yaml @@ -6,4 +6,4 @@ kind: Kustomization images: - name: controller newName: public.ecr.aws/aws-controllers-k8s/sfn-controller - newTag: 1.0.8 + newTag: 1.0.9 diff --git a/go.mod b/go.mod index 7e0766b..b138c8f 100644 --- a/go.mod +++ b/go.mod @@ -5,14 +5,14 @@ go 1.21 toolchain go1.21.5 require ( - github.com/aws-controllers-k8s/runtime v0.30.0 + github.com/aws-controllers-k8s/runtime v0.32.0 github.com/aws/aws-sdk-go v1.49.0 github.com/go-logr/logr v1.4.1 github.com/spf13/pflag v1.0.5 k8s.io/api v0.29.0 k8s.io/apimachinery v0.29.0 k8s.io/client-go v0.29.0 - sigs.k8s.io/controller-runtime v0.17.0 + sigs.k8s.io/controller-runtime v0.17.2 ) require ( diff --git a/go.sum b/go.sum index 2528b62..0877638 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -github.com/aws-controllers-k8s/runtime v0.30.0 h1:AibYRdi/7xUA3t8BA0u8g+J+OioaTAT6R4Vq8hxLiYw= -github.com/aws-controllers-k8s/runtime v0.30.0/go.mod h1:Pv1ozlUaO11KO2mwPN/HzhAtZ70ZDE9UP24mjsbkul0= +github.com/aws-controllers-k8s/runtime v0.32.0 h1:R0dQs8vRlK50KZ7rgdExqExdlUgFSAzDT8q1HCxc1uc= +github.com/aws-controllers-k8s/runtime v0.32.0/go.mod h1:6qr9ULkjOHo0fTwEUkE+48IxHqNbHxvvf/9JzGoR8pM= github.com/aws/aws-sdk-go v1.49.0 h1:g9BkW1fo9GqKfwg2+zCD+TW/D36Ux+vtfJ8guF4AYmY= github.com/aws/aws-sdk-go v1.49.0/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= @@ -215,8 +215,8 @@ k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/A k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.17.0 h1:fjJQf8Ukya+VjogLO6/bNX9HE6Y2xpsO5+fyS26ur/s= -sigs.k8s.io/controller-runtime v0.17.0/go.mod h1:+MngTvIQQQhfXtwfdGw/UOQ/aIaqsYywfCINOtwMO/s= +sigs.k8s.io/controller-runtime v0.17.2 h1:FwHwD1CTUemg0pW2otk7/U5/i5m2ymzvOXdbeGOUvw0= +sigs.k8s.io/controller-runtime v0.17.2/go.mod h1:+MngTvIQQQhfXtwfdGw/UOQ/aIaqsYywfCINOtwMO/s= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= diff --git a/helm/Chart.yaml b/helm/Chart.yaml index 6ede055..7d877c0 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 name: sfn-chart description: A Helm chart for the ACK service controller for AWS Step Functions (Step-Functions) -version: 1.0.8 -appVersion: 1.0.8 +version: 1.0.9 +appVersion: 1.0.9 home: https://github.com/aws-controllers-k8s/sfn-controller icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png sources: diff --git a/helm/templates/NOTES.txt b/helm/templates/NOTES.txt index 720630b..b0a0fc2 100644 --- a/helm/templates/NOTES.txt +++ b/helm/templates/NOTES.txt @@ -1,5 +1,5 @@ {{ .Chart.Name }} has been installed. -This chart deploys "public.ecr.aws/aws-controllers-k8s/sfn-controller:1.0.8". +This chart deploys "public.ecr.aws/aws-controllers-k8s/sfn-controller:1.0.9". Check its status by running: kubectl --namespace {{ .Release.Namespace }} get pods -l "app.kubernetes.io/instance={{ .Release.Name }}" diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index d6d4cd9..419e188 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -44,7 +44,8 @@ If release name contains chart name it will be used as a full name. {{/* The path the shared credentials file is mounted */}} {{- define "ack-sfn-controller.aws.credentials.path" -}} -{{- printf "%s/%s" (include "aws.credentials.secret_mount_path" .) .Values.aws.credentials.secretKey -}} +{{ $secret_mount_path := include "ack-sfn-controller.aws.credentials.secret_mount_path" . }} +{{- printf "%s/%s" $secret_mount_path .Values.aws.credentials.secretKey -}} {{- end -}} {{/* The rules a of ClusterRole or Role */}} diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml index 5911fea..71a8a85 100644 --- a/helm/templates/deployment.yaml +++ b/helm/templates/deployment.yaml @@ -64,13 +64,21 @@ spec: - --leader-election-namespace - "$(LEADER_ELECTION_NAMESPACE)" {{- end }} -{{- if gt .Values.reconcile.defaultResyncPeriod 0.0 }} +{{- if gt (int .Values.reconcile.defaultResyncPeriod) 0 }} - --reconcile-default-resync-seconds - "$(RECONCILE_DEFAULT_RESYNC_SECONDS)" {{- end }} {{- range $key, $value := .Values.reconcile.resourceResyncPeriods }} - --reconcile-resource-resync-seconds - "$(RECONCILE_RESOURCE_RESYNC_SECONDS_{{ $key | upper }})" +{{- end }} +{{- if gt (int .Values.reconcile.defaultMaxConcurrentSyncs) 0 }} + - --reconcile-default-max-concurrent-syncs + - "$(RECONCILE_DEFAULT_MAX_CONCURRENT_SYNCS)" +{{- end }} +{{- range $key, $value := .Values.reconcile.resourceMaxConcurrentSyncs }} + - --reconcile-resource-max-concurrent-syncs + - "$(RECONCILE_RESOURCE_MAX_CONCURRENT_SYNCS_{{ $key | upper }})" {{- end }} image: {{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} @@ -99,13 +107,21 @@ spec: value: {{ .Values.log.level | quote }} - name: ACK_RESOURCE_TAGS value: {{ join "," .Values.resourceTags | quote }} -{{- if gt .Values.reconcile.defaultResyncPeriod 0.0 }} +{{- if gt (int .Values.reconcile.defaultResyncPeriod) 0 }} - name: RECONCILE_DEFAULT_RESYNC_SECONDS value: {{ .Values.reconcile.defaultResyncPeriod | quote }} {{- end }} {{- range $key, $value := .Values.reconcile.resourceResyncPeriods }} - name: RECONCILE_RESOURCE_RESYNC_SECONDS_{{ $key | upper }} value: {{ $key }}={{ $value }} +{{- end }} +{{- if gt (int .Values.reconcile.defaultMaxConcurrentSyncs) 0 }} + - name: RECONCILE_DEFAULT_MAX_CONCURRENT_SYNCS + value: {{ .Values.reconcile.defaultMaxConcurrentSyncs | quote }} +{{- end }} +{{- range $key, $value := .Values.reconcile.resourceMaxConcurrentSyncs }} + - name: RECONCILE_RESOURCE_MAX_CONCURRENT_SYNCS_{{ $key | upper }} + value: {{ $key }}={{ $value }} {{- end }} {{- if .Values.aws.credentials.secretName }} - name: AWS_SHARED_CREDENTIALS_FILE @@ -132,6 +148,18 @@ spec: capabilities: drop: - ALL + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 securityContext: seccompProfile: type: RuntimeDefault diff --git a/helm/values.schema.json b/helm/values.schema.json index ac28b68..742163e 100644 --- a/helm/values.schema.json +++ b/helm/values.schema.json @@ -223,13 +223,19 @@ "enum": ["delete", "retain"] }, "reconcile": { - "description": "Reconcile resync settings. Parameters to tune the controller's drift remediation period.", + "description": "Reconcile settings. This is used to configure the controller's reconciliation behavior. e.g resyncPeriod and maxConcurrentSyncs", "properties": { "defaultResyncPeriod": { "type": "number" }, "resourceResyncPeriods": { "type": "object" + }, + "defaultMaxConcurentSyncs": { + "type": "number" + }, + "resourceMaxConcurrentSyncs": { + "type": "object" } }, "type": "object" diff --git a/helm/values.yaml b/helm/values.yaml index d0d000e..ffe4eea 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -4,7 +4,7 @@ image: repository: public.ecr.aws/aws-controllers-k8s/sfn-controller - tag: 1.0.8 + tag: 1.0.9 pullPolicy: IfNotPresent pullSecrets: [] @@ -128,6 +128,12 @@ reconcile: # An object representing the reconcile resync configuration for each specific resource. resourceResyncPeriods: {} + # The default number of concurrent syncs that a reconciler can perform. + defaultMaxConcurrentSyncs: 1 + # An object representing the reconcile max concurrent syncs configuration for each specific + # resource. + resourceMaxConcurrentSyncs: {} + serviceAccount: # Specifies whether a service account should be created create: true