This change contains only autoregenerated patches after the update of
Cilium to 1.9.6. Those patches had to be regenerated due to upstream
changes in Cilium Helm charts.
Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
This change updates the Cilium version from 1.9.4 to 1.9.6. This release
updates Envoy to 1.17.2 to address CVE-2021-28682, CVE-2021-28683 and
CVE-2021-29258.
Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
Cilium's default ipam mode does not honor the pod CIDR set in kube-controller-manager.
The benefits of that mode are not relevant when deploying with rke2
Fixes issue rke2/891
Signed-off-by: Manuel Buil <mbuil@suse.com>
The chart is organized in subcharts to clearly delimit supported vs
non-supported customization options, as follows:
- The main rke2-cilium chart which only supplies supported customization
options through its values.yaml.
- Cilium upstream chart is pulled in as a subchart dependency and is
patched to support a system default registry as a global variable.
- A rke2-cilium-hard-defaults subchart which supplies cilium options
that change from upstream defaults for which we don't intend to
support any customization.
All cilium options are scoped & accessible, for example:
`helm install rke2-cilium --set cilium.preflight.enabled=true`
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
Update flex volume plugin dir to match new RKE2 default; make it a Value
so that it can be changed by users to match the kubelet setting if
necessary.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
This reverts commit 7b92af17fd.
Context:
The purpose behind introducing the previous change was to run a `make validate`, which checks if the `make prepare`, `make charts`, and `make sync` workflows worked as expected against the fork we plan to migrate to. This worked, as seen below:
```bash
arvindiyengar: ~/Rancher/rke2-charts/src/github.com/rancher/rke2-charts
$ make validate
./bin/charts-build-scripts validate
INFO[0000] Validating against released charts in migrate-live
... (omitted for brevity) ...
INFO[0002] Successfully validated against migrate-live!
```
Why do we need to bump all the packageVersions?
The new charts-build-scripts treat Chart.yaml and requirements.yaml as "managed files", which means that the scripts themselves can make changes to those files.
When the scripts touch those files (e.g. to add a new dependency based on the contents of generated-changes/dependencies or to patch a rcVersion or packageVersion to the chart), dumping back out the YAML results in slight changes due to the unmarshalling process, such as the re-ordering of annotations.
Since these minor changes comprise a change introduced by Rancher and the scripts refuse changes that modify already released packages, the simple fix for this is just to universally bump the packageVersion as part of the migration process.
As part of creating this PR, I generated these minor changes in https://github.com/aiyengar2/charts-diff/tree/rke2-charts/diff so that we can sign off that these are indeed inconsequential to the migration. For context, the process used to generate these files was:
- Pull in the current branch. Run make charts with the old scripts
- Pull in the migration branch. Run make charts with the new scripts
- Dump the diff between them in a patch file
Signed-off-by: Arvind Iyengar <arvind.iyengar@rancher.com>
```bash
arvindiyengar: ~/Rancher/rke2-charts/src/github.com/rancher/rke2-charts
$ curl -s https://raw.githubusercontent.com/aiyengar2/charts-build-scripts/add_init_steps/init.sh > /dev/null | sh
Pulling in charts-build-scripts version v0.0.4
charts-build-scripts version v0.0.4 (567c991)
INFO[0000] Pulling rancher/charts-build-scripts[path=templates] from upstream into templates299650162
INFO[0002] Successfully pulled new updated docs into working directory.
Pulled in basic template for source into configuration.yaml and constructed charts directory
Next Steps:
1. Modify the configuration.yaml with your expected setup and re-run make docs to automatically update the repository.
2. Modify .github/workflows/pull-request.md and .github/workflows/push.md to set up automatic pushes to another branch.
```
Signed-off-by: Arvind Iyengar <arvind.iyengar@rancher.com>
Michal Rostecki
Jaime Caamaño Ruiz
Manuel Buil
Chris Kim
Chris Kim
Brian Downs
David Nuzik
Brad Davidson
Brad Davidson
Menna Elmasry
Arvind Iyengar
Erik Wilson
Jacob Blain Christen