diff --git a/Dockerfile b/Dockerfile
index 94559f79d2ad6d8d386a58ec9738de697f18a4c0..415f484eccfc01b5e530b5d35f2052c1dc3640df 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,7 @@
FROM alpine:3.14
LABEL name="Stackspin management"
-LABEL version="4.4"
+LABEL version="4.5"
LABEL vendor1="Greenhost"
ENV TAIKO_SKIP_CHROMIUM_DOWNLOAD=true
@@ -10,11 +10,12 @@ ENV TAIKO_BROWSER_PATH=/usr/bin/chromium-browser
ENV TAIKO_BROWSER_ARGS=--no-sandbox,--start-maximized,--disable-dev-shm-usage,--ignore-certificate-errors
ADD https://github.com/fluxcd/flux2/releases/download/v0.20.1/flux_0.20.1_linux_amd64.tar.gz /tmp/
-# Download kubectl until it's packaged in alpine > 3.14
-ADD https://dl.k8s.io/release/v1.21.0/bin/linux/amd64/kubectl /usr/local/bin/
COPY ./test/pytest/le-staging-bundle.pem /usr/local/share/ca-certificates/le-staging-bundle.pem
COPY ./requirements.txt /requirements.txt
RUN \
+ # Install kubectl from alpine edge until 3.15 is released
+ apk --no-cache add kubectl=~1.22.3-r0 \
+ --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing && \
apk --no-cache add \
bash=~5.1.4-r0 \
cargo=~1.52.1-r1 \
@@ -39,7 +40,6 @@ RUN \
yq=4.6.3-r2 && \
rm -rf /var/cache/* && \
mkdir /var/cache/apk && \
- chmod a+x /usr/local/bin/* && \
update-ca-certificates && \
pip install --no-cache-dir --ignore-installed six -r /requirements.txt && \
ln -s /usr/bin/python3 /usr/bin/python && \
diff --git a/ansible/group_vars/all/stackspin.yml b/ansible/group_vars/all/stackspin.yml
index 8ee195e8ef6ba65b4bf18f3017f0424fe070b77d..db0c81d3c68f70228c2ebfc40e9fad5b7b280bef 100644
--- a/ansible/group_vars/all/stackspin.yml
+++ b/ansible/group_vars/all/stackspin.yml
@@ -20,18 +20,5 @@ k3s:
# https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/
server_args: "--disable traefik --disable local-storage --disable servicelb --kube-apiserver-arg=event-ttl=48h0m0s --tls-san {{ ip_address }}"
-helm:
- # helm snap 2.15.0 and 2.15.1 broke for us
- # (https://open.greenhost.net/stackspin/stackspin/issues/338), so we
- # use a pinned version for now.
- # We use the official helm install script for now which has no checksum.
- # https://github.com/helm/helm/releases
- version: 'v3.2.1'
-
-krew:
- # https://github.com/kubernetes-sigs/krew/releases
- version: 'v0.3.4'
- checksum: 'sha256:6629b1d7ad215322361f8dd270396fd1a23555fdbde8dcc1ba4ad860978b319a'
-
docker_mirror:
enabled: false
diff --git a/ansible/roles/configure/files/bashrc_stackspin b/ansible/roles/configure/files/bashrc_stackspin
index 8052b9b649b8f2a8385c9205cebb1b81fa36fa3d..71552b02768fc2983f7a5cce1488d51d99db612e 100644
--- a/ansible/roles/configure/files/bashrc_stackspin
+++ b/ansible/roles/configure/files/bashrc_stackspin
@@ -7,6 +7,3 @@
if [ -f /etc/bash_completion ] && ! shopt -oq posix; then
. /etc/bash_completion
fi
-
-# Enable krew plugin manager for kubectl
-export PATH="$HOME/.krew/bin:$PATH"
diff --git a/ansible/roles/configure/files/stackspin-version-info.sh b/ansible/roles/configure/files/stackspin-version-info.sh
index 9c36645a2a241d4ef1fef1f6e55c3a8112bf8037..29b4edcea7ff387c5c02f0342c9d8d38f6d67d5f 100755
--- a/ansible/roles/configure/files/stackspin-version-info.sh
+++ b/ansible/roles/configure/files/stackspin-version-info.sh
@@ -1,11 +1,12 @@
#!/bin/bash -x
cat /var/lib/Stackspin/version.txt
+
kubectl version
-kubectl krew version
-kubectl krew list
-helm version
-helm plugin list
+kubectl plugin list
+
k3s --version
+helm version
+helm plugin list
helm ls
diff --git a/ansible/roles/configure/tasks/main.yml b/ansible/roles/configure/tasks/main.yml
index 67b58e895ce92f5ec97d5e4247b4d996d4e2729d..39cee9d033cfe2dcd5d7f42285d74157eb9d9f89 100644
--- a/ansible/roles/configure/tasks/main.yml
+++ b/ansible/roles/configure/tasks/main.yml
@@ -45,7 +45,6 @@
- name: Deploy /root/.bashrc_stackspin
tags:
- bash
- - krew
copy:
dest: /root/.bashrc_stackspin
src: bashrc_stackspin
diff --git a/ansible/roles/pre-configure/tasks/main.yml b/ansible/roles/pre-configure/tasks/main.yml
index 530f814febc9de0f61f16120eb8d7c16343ebebe..9546ac2174f84226548bdde93e3f641c8309a62d 100644
--- a/ansible/roles/pre-configure/tasks/main.yml
+++ b/ansible/roles/pre-configure/tasks/main.yml
@@ -44,81 +44,28 @@
with_items:
- python3-pip
-# We work around a Debian Bullseye issue with installing snaps on Xen nodes:
-# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983357 (Debian link)
-# https://code.greenhost.net/greenhost/sysops/-/issues/915#note_108038 (GH # internal link)
-# Once the debian issue is solved and Greenhost has patched the kernel, these
-# three workaround commands can be removed.
-- name: Workaround debian bug 1/3
- shell: "journalctl -k | awk '/input: Xen Virtual Keyboard/ {print $11}'"
- args:
- # Only run this if kubectl snap has not been installed yet
- creates: /snap/bin/kubectl
- register: kbd_device
- failed_when: false
- changed_when: false
-
-- name: Workaround debian bug 2/3
- # kubectl needs to get installed as "classic" snap
- mount:
- opts: bind
- src: /dev/zero
- path: /sys/{{ kbd_device.stdout }}/uevent
- fstype: none
- state: mounted
- when: kbd_device.stdout != "" and kbd_device.stdout != "skipped, since /snap/bin/kubectl exists"
-
-- name: Install kubectl snap
- # kubectl needs to get installed as "classic" snap
- command: snap install --classic kubectl
- args:
- creates: /snap/bin/kubectl
-
-- name: Workaround debian bug 3/3
- # kubectl needs to get installed as "classic" snap
- mount:
- path: /sys/{{ kbd_device.stdout }}/uevent
- state: unmounted
- when: kbd_device.stdout != "" and kbd_device.stdout != "skipped, since /snap/bin/kubectl exists"
-
-- name: Create kubectl symlink to /usr/local/bin
- file:
- state: link
- src: /snap/bin/kubectl
- dest: /usr/local/bin/kubectl
-
-- name: Get current helm version
- tags:
- - helm
- # {{ '{{' }} escapes the curly braces needed by the `--template` argument
- shell: "helm version --template \"{{ '{{' }} .Version {{ '}}' }}\""
- failed_when: false
- register: helm_version
- changed_when: false
-
-- name: Show current helm version
- tags:
- - helm
- - debug
- debug:
- msg: 'Current helm version is: {{ helm_version.stdout }}'
-
-- name: Download helm install script
+- name: Install kubectl and helm snap
tags:
+ - snap
+ # kubectl and helm both need to get installed as "classic" snap
+ command: "snap install --classic {{ item }}"
+ args:
+ creates: "/snap/bin/{{ item }}"
+ with_items:
- helm
- get_url:
- url: https://raw.githubusercontent.com/helm/helm/master/scripts/get
- dest: /usr/local/bin/get-helm
- force: yes
- mode: '0755'
- become: true
- when: helm_version.stdout != helm.version
+ - kubectl
-- name: Install helm
+- name: Create kubectl and helm symlinks to /usr/local/bin
tags:
+ - snap
+ file:
+ state: link
+ src: "/snap/bin/{{ item }}"
+ dest: "/usr/local/bin/{{ item }}"
+ force: true
+ with_items:
- helm
- command: /usr/local/bin/get-helm --version {{ helm.version }}
- when: helm_version.stdout != helm.version
+ - kubectl
- name: Configure firewall
import_tasks: firewall.yml
diff --git a/ansible/roles/setup-kubernetes/tasks/krew.yml b/ansible/roles/setup-kubernetes/tasks/krew.yml
deleted file mode 100644
index 4b0f2fe694424981a9777c3f28c9253a10dffa6a..0000000000000000000000000000000000000000
--- a/ansible/roles/setup-kubernetes/tasks/krew.yml
+++ /dev/null
@@ -1,58 +0,0 @@
----
-- name: Get current krew version (plugin manager for kubectl)
- tags:
- - kubectl
- - plugin
- - krew
- shell: kubectl krew version | grep GitTag | awk {'print $2'}
- failed_when: false
- register: krew_version
- changed_when: false
-
-- name: Show current krew version
- tags:
- - kubectl
- - plugin
- - krew
- debug:
- msg: 'Show current krew version is: {{ krew_version.stdout }}'
-
-- name: Download krew archive
- tags:
- - kubectl
- - plugin
- - krew
- get_url:
- url: 'https://github.com/kubernetes-sigs/krew/releases/download/{{ krew.version }}/krew.tar.gz'
- dest: '/tmp/krew.{{ krew.version }}.tar.gz'
- checksum: '{{ krew.checksum }}'
- when: krew_version.stdout != krew.version
-
-- name: Download krew resource yaml
- tags:
- - kubectl
- - plugin
- - krew
- get_url:
- url: 'https://github.com/kubernetes-sigs/krew/releases/download/{{ krew.version }}/krew.yaml'
- dest: '/tmp/krew.{{ krew.version }}.yaml'
- when: krew_version.stdout != krew.version
-
-- name: Unarchive downloaded krew archive
- tags:
- - kubectl
- - plugin
- - krew
- unarchive:
- src: '/tmp/krew.{{ krew.version }}.tar.gz'
- dest: /tmp
- remote_src: yes
- when: krew_version.stdout != krew.version
-
-- name: Instal krew plugin manager for kubectl
- tags:
- - kubectl
- - plugin
- - krew
- command: "/tmp/krew-linux_amd64 install --manifest=/tmp/krew.{{ krew.version }}.yaml"
- when: krew_version.stdout != krew.version
diff --git a/ansible/roles/setup-kubernetes/tasks/main.yml b/ansible/roles/setup-kubernetes/tasks/main.yml
index 563e90aa4a01e9039f55c29dd8d42dbfad92b390..48bbcacf83d23a3af31fd91e110cde1199b63071 100644
--- a/ansible/roles/setup-kubernetes/tasks/main.yml
+++ b/ansible/roles/setup-kubernetes/tasks/main.yml
@@ -1,4 +1,3 @@
---
- import_tasks: k3s.yml
-- import_tasks: krew.yml
- import_tasks: flux.yml
diff --git a/requirements.txt b/requirements.txt
index 0053234caa3fa96f272544c2c98bd13c71a63fb5..3f8b0deedcc54e5388d1417ad388ba3968d5bd50 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -54,7 +54,7 @@ oauthlib==3.1.1
# via requests-oauthlib
orderedmultidict==1.0.1
# via htpasswd
-packaging==21.0
+packaging==21.2
# via pytest
paramiko==2.8.0
# via -r requirements.in
@@ -78,7 +78,7 @@ pynacl==1.4.0
# via paramiko
pyopenssl==21.0.0
# via -r requirements.in
-pyparsing==3.0.5
+pyparsing==2.4.7
# via packaging
pytest==6.2.5
# via
@@ -108,6 +108,7 @@ rsa==4.7.2
six==1.16.0
# via
# bcrypt
+ # google-auth
# kubernetes
# orderedmultidict
# pynacl