diff --git a/pkg/config/templates/patch/rancher-logging/103.1.0+up4.4.0/configmap.yaml b/pkg/config/templates/patch/rancher-logging/105.2.0+up4.10.0/configmap.yaml similarity index 100% rename from pkg/config/templates/patch/rancher-logging/103.1.0+up4.4.0/configmap.yaml rename to pkg/config/templates/patch/rancher-logging/105.2.0+up4.10.0/configmap.yaml diff --git a/pkg/config/templates/patch/rancher-logging/103.1.0+up4.4.0/daemonset.yaml b/pkg/config/templates/patch/rancher-logging/105.2.0+up4.10.0/daemonset.yaml similarity index 100% rename from pkg/config/templates/patch/rancher-logging/103.1.0+up4.4.0/daemonset.yaml rename to pkg/config/templates/patch/rancher-logging/105.2.0+up4.10.0/daemonset.yaml diff --git a/pkg/config/templates/patch/rancher-logging/103.1.0+up4.4.0/eventtailer.yaml b/pkg/config/templates/patch/rancher-logging/105.2.0+up4.10.0/eventtailer.yaml similarity index 90% rename from pkg/config/templates/patch/rancher-logging/103.1.0+up4.4.0/eventtailer.yaml rename to pkg/config/templates/patch/rancher-logging/105.2.0+up4.10.0/eventtailer.yaml index f1f7fe40b..0a02a91f8 100644 --- a/pkg/config/templates/patch/rancher-logging/103.1.0+up4.4.0/eventtailer.yaml +++ b/pkg/config/templates/patch/rancher-logging/105.2.0+up4.10.0/eventtailer.yaml @@ -1,5 +1,5 @@ {{- with $.Values.eventTailer }} -# patch to ./templates/eventtailer.yaml +# patch to ./templates/logging/eventtailer.yaml # harvester-patch to import the event tailer feature apiVersion: logging-extensions.banzaicloud.io/v1alpha1 kind: EventTailer diff --git a/pkg/config/templates/patch/rancher-logging/105.2.0+up4.10.0/fluentbitagent.yaml b/pkg/config/templates/patch/rancher-logging/105.2.0+up4.10.0/fluentbitagent.yaml new file mode 100644 index 000000000..f374d9231 --- /dev/null +++ b/pkg/config/templates/patch/rancher-logging/105.2.0+up4.10.0/fluentbitagent.yaml @@ -0,0 +1,28 @@ +{{- define "logging-operator.fluentbitagent.kube-audit" -}} +# patch to ./templates/loggings/kube-audit/fluentbitagent.yaml +# when harvester-installer makes ISO, the original file is replaced +# harvester-patch to kube-audit fluentbitagent.yaml +# upsteam file lacks loggingRef +metadata: + name: {{ .Release.Name }}-kube-audit +spec: + {{- if .Values.additionalLoggingSources.kubeAudit.loggingRef }} + loggingRef: {{ .Values.additionalLoggingSources.kubeAudit.loggingRef }} + {{- end }} + disableKubernetesFilter: true + extraVolumeMounts: + - source: {{ template "kubeAuditPathPrefix" . }} + destination: "/kube-audit-logs" + readOnly: true + inputTail: + Tag: {{ .Values.additionalLoggingSources.kubeAudit.fluentbit.logTag }} + Path: /kube-audit-logs/{{ template "kubeAuditFilename" . }} + Parser: json + {{- with (concat (.Values.tolerations) (.Values.fluentbit.tolerations) (.Values.additionalLoggingSources.kubeAudit.fluentbit.tolerations)) }} + tolerations: {{- toYaml . | nindent 6 }} + {{- end }} + nodeSelector: {{ include "controlplaneSelector" . | nindent 6 }} +{{- end -}} +{{- if .Values.additionalLoggingSources.kubeAudit.enabled }} +{{- include "logging-operator.fluentbitagent" (list . "logging-operator.fluentbitagent.kube-audit") -}} +{{- end }} diff --git a/pkg/config/templates/patch/rancher-monitoring-crd/103.1.1+up45.31.1/patch-values-shell-version.diff b/pkg/config/templates/patch/rancher-monitoring-crd/105.1.2+up61.3.2/patch-values-shell-version.diff similarity index 76% rename from pkg/config/templates/patch/rancher-monitoring-crd/103.1.1+up45.31.1/patch-values-shell-version.diff rename to pkg/config/templates/patch/rancher-monitoring-crd/105.1.2+up61.3.2/patch-values-shell-version.diff index 4b3f7b4f1..f9beb5b30 100644 --- a/pkg/config/templates/patch/rancher-monitoring-crd/103.1.1+up45.31.1/patch-values-shell-version.diff +++ b/pkg/config/templates/patch/rancher-monitoring-crd/105.1.2+up61.3.2/patch-values-shell-version.diff @@ -4,8 +4,7 @@ image: repository: rancher/shell -- tag: v0.1.25 -+ tag: v0.1.26 +- tag: v0.2.1 ++ tag: v0.3.0 nodeSelector: {} - diff --git a/pkg/config/templates/patch/rancher-monitoring/103.1.1+up45.31.1/nginx-config.yaml b/pkg/config/templates/patch/rancher-monitoring/105.1.2+up61.3.2/nginx-config.yaml similarity index 100% rename from pkg/config/templates/patch/rancher-monitoring/103.1.1+up45.31.1/nginx-config.yaml rename to pkg/config/templates/patch/rancher-monitoring/105.1.2+up61.3.2/nginx-config.yaml diff --git a/pkg/config/templates/patch/rancher-monitoring/103.1.1+up45.31.1/patch-values-shell-version.diff b/pkg/config/templates/patch/rancher-monitoring/105.1.2+up61.3.2/patch-values-shell-version.diff similarity index 72% rename from pkg/config/templates/patch/rancher-monitoring/103.1.1+up45.31.1/patch-values-shell-version.diff rename to pkg/config/templates/patch/rancher-monitoring/105.1.2+up61.3.2/patch-values-shell-version.diff index 500eeb079..561e5fba3 100644 --- a/pkg/config/templates/patch/rancher-monitoring/103.1.1+up45.31.1/patch-values-shell-version.diff +++ b/pkg/config/templates/patch/rancher-monitoring/105.1.2+up61.3.2/patch-values-shell-version.diff @@ -1,11 +1,11 @@ --- values.yaml +++ values-new.yaml -@@ -560,7 +560,7 @@ +@@ -562,7 +562,7 @@ ## Image to use to run the scripts image: repository: rancher/shell -- tag: v0.1.25 -+ tag: v0.1.26 +- tag: v0.2.1 ++ tag: v0.3.0 ## Rancher Monitoring ## diff --git a/scripts/build b/scripts/build index 58ff3f734..47065d208 100755 --- a/scripts/build +++ b/scripts/build @@ -68,8 +68,11 @@ if [ "$(uname)" = "Linux" ]; then fi fi +source ${SCRIPTS_DIR}/patch-monitoring-logging + # render template files cd ${addons_path} +update_monitoring_logging_version version_info go run . -generateTemplates -path ${TOP_DIR}/pkg/config/templates cd ${TOP_DIR} diff --git a/scripts/build-bundle b/scripts/build-bundle index 39fdd8465..b36ada75a 100755 --- a/scripts/build-bundle +++ b/scripts/build-bundle @@ -9,59 +9,14 @@ PACKAGE_HARVESTER_REPO_DIR="${TOP_DIR}/package/harvester-repo" cd ${TOP_DIR} +source ${SCRIPTS_DIR}/patch-monitoring-logging + addons_path=../addons if [ ! -d ${addons_path} ];then echo "No existing addons source. Pulling..." git clone --branch v1.5 --single-branch --depth 1 https://github.com/harvester/addons.git ../addons fi -source ${SCRIPTS_DIR}/version-monitoring -source ${SCRIPTS_DIR}/version-logging - -update_monitoring_logging_version() { - # due to legacy code, monitoring and logging versions are first updated on installer - # then on addon - local target=$1 - local lnew="RANCHER_LOGGING_CHART_VERSION=\"${LOGGING_VERSION}\"" - local lcur=$(grep $lnew $target) || echo "logging chart version is not found from $target" - # if the file has no new line at end, append new ENV will be added to last line accidently - echo "" >> $target - if [ -z "${lcur}" ]; then - # remove possible existing values - sed -i '/RANCHER_LOGGING_CHART_VERSION/d' $target - echo "$lnew" >> $target - echo ""logging chart version is updated to ${LOGGING_VERSION}"" - else - echo "logging chart version is already set to ${LOGGING_VERSION}" - fi - - local mnew="RANCHER_MONITORING_CHART_VERSION=\"${MONITORING_VERSION}\"" - local mcur=$(grep $mnew $target) || echo "monitoring chart version is not found from $target" - if [ -z "${mcur}" ]; then - # remove possible existing values - sed -i '/RANCHER_MONITORING_CHART_VERSION/d' $target - echo "$mnew" >> $target - echo "monitoring chart version is updated to ${MONITORING_VERSION}" - else - echo "monitoring chart version is already set to ${MONITORING_VERSION}" - fi - - # the harvester-eventrouter image tag is first bumped on installer, then on addon, to decouple the PRs - # if ENV includes keyword `IMAGE` then `addon generateTemplates` will strip the image and only keep version - local HARVESTER_EVENTROUTER_FULL_TAG="rancher/harvester-eventrouter:v0.3.3" - local henew="HARVESTER_EVENTROUTER_FULL_TAG=\"${HARVESTER_EVENTROUTER_FULL_TAG}\"" - local hecur=$(grep $henew $target) || echo "harvester-eventrouter image tag is not found from $target" - if [ -z "${hecur}" ]; then - # remove possible existing values - sed -i '/HARVESTER_EVENTROUTER_FULL_TAG/d' $target - echo "$henew" >> $target - echo "harvester-eventrouter image tag is updated to ${HARVESTER_EVENTROUTER_FULL_TAG}" - else - echo "harvester-eventrouter image tag is already set to ${HARVESTER_EVENTROUTER_FULL_TAG}" - fi - cat $target -} - # will generate template file in ${addons_path}, and this is used for subsequent checks cd ${addons_path} update_monitoring_logging_version version_info diff --git a/scripts/hack/patch-rancher-logging b/scripts/hack/patch-rancher-logging index 147af516c..f781a01a0 100755 --- a/scripts/hack/patch-rancher-logging +++ b/scripts/hack/patch-rancher-logging @@ -22,22 +22,12 @@ patch_rancher_logging_chart() grep "harvester-patch" ./rancher-logging/templates/loggings/rke2/daemonset.yaml || true echo "patch rancher logging eventtailer" - cp -f ${pkg_logging_path}/${logging_version}/eventtailer.yaml ./rancher-logging/templates/eventtailer.yaml - grep "harvester-patch" ./rancher-logging/templates/eventtailer.yaml || true - - # replace fluentbit image version; yq can also work, but it strips all blank lines; use patch instead - local valuesfile="./rancher-logging/values.yaml" - local difffile="${pkg_logging_path}/${logging_version}/patch-vaues-fluentbit-image.diff" - echo "patch fluentbit image version" - echo "the current values.yaml has following fluentbit image version" - grep "rancher/mirrored-fluent-fluent-bit" $valuesfile -1 || true - if [ -f "$difffile" ]; then - patch $valuesfile $difffile - else - echo "diff file $difffile is not found" - fi - echo "the patched values.yaml has following fluentbit image version" - grep "rancher/mirrored-fluent-fluent-bit" $valuesfile -1 || true + cp -f ${pkg_logging_path}/${logging_version}/eventtailer.yaml ./rancher-logging/templates/logging/eventtailer.yaml + grep "harvester-patch" ./rancher-logging/templates/logging/eventtailer.yaml || true + + echo "patch rancher logging kube-audit fluentbitagent" + cp -f ${pkg_logging_path}/${logging_version}/fluentbitagent.yaml ./rancher-logging/templates/loggings/kube-audit/fluentbitagent.yaml + grep "harvester-patch" ./rancher-logging/templates/loggings/kube-audit/fluentbitagent.yaml || true # remove existing chart rm ${chart_dir}/rancher-logging-${logging_version}.tgz diff --git a/scripts/images/rancher-images.txt b/scripts/images/rancher-images.txt index 3683f5824..e1a1c7095 100644 --- a/scripts/images/rancher-images.txt +++ b/scripts/images/rancher-images.txt @@ -1,31 +1,29 @@ docker.io/rancher/fleet-agent:v0.11.2 docker.io/rancher/fleet:v0.11.2 docker.io/rancher/gitjob:v0.9.8 -docker.io/rancher/kubectl:v1.20.2 docker.io/rancher/kubectl:v1.21.5 docker.io/rancher/kubectl:v1.29.2 -docker.io/rancher/mirrored-grafana-grafana:9.1.5 -docker.io/rancher/mirrored-ingress-nginx-kube-webhook-certgen:v20221220-controller-v1.5.1-58-g787ea74b6 -docker.io/rancher/mirrored-kiwigrid-k8s-sidecar:1.24.6 -docker.io/rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.10.1 +docker.io/rancher/mirrored-grafana-grafana:11.1.0 +docker.io/rancher/mirrored-ingress-nginx-kube-webhook-certgen:v1.4.3 +docker.io/rancher/mirrored-kiwigrid-k8s-sidecar:1.27.4 +docker.io/rancher/mirrored-kube-state-metrics-kube-state-metrics:v2.12.0 docker.io/rancher/mirrored-library-busybox:1.31.1 docker.io/rancher/mirrored-library-nginx:1.24.0-alpine -docker.io/rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.10.0 -docker.io/rancher/mirrored-prometheus-node-exporter:v1.3.1 -docker.io/rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.65.1 -docker.io/rancher/mirrored-prometheus-operator-prometheus-operator:v0.65.1 -docker.io/rancher/mirrored-prometheus-prometheus:v2.45.0 -docker.io/rancher/mirrored-prometheus-alertmanager:v0.26.0 +docker.io/rancher/mirrored-prometheus-adapter-prometheus-adapter:v0.12.0 +docker.io/rancher/mirrored-prometheus-node-exporter:v1.8.2 +docker.io/rancher/mirrored-prometheus-operator-prometheus-config-reloader:v0.75.1 +docker.io/rancher/mirrored-prometheus-operator-prometheus-operator:v0.75.1 +docker.io/rancher/mirrored-prometheus-operator-admission-webhook:v0.75.1 +docker.io/rancher/mirrored-prometheus-prometheus:v2.53.1 +docker.io/rancher/mirrored-prometheus-alertmanager:v0.27.0 docker.io/rancher/rancher-webhook:v0.6.2 docker.io/rancher/rancher:v2.10.1 docker.io/rancher/rancher-agent:v2.10.1 -docker.io/rancher/shell:v0.1.26 -docker.io/rancher/shell:v0.1.24 docker.io/rancher/shell:v0.3.0 docker.io/rancher/system-agent:v0.3.11-suc docker.io/rancher/system-upgrade-controller:v0.14.2 -docker.io/rancher/mirrored-banzaicloud-fluentd:v1.14.6-alpine-5 -docker.io/rancher/mirrored-kube-logging-logging-operator:4.4.0 -docker.io/rancher/mirrored-fluent-fluent-bit:2.2.0 -docker.io/rancher/mirrored-jimmidyson-configmap-reload:v0.4.0 +docker.io/rancher/mirrored-kube-logging-fluentd:v1.16-4.10-full +docker.io/rancher/mirrored-kube-logging-logging-operator:4.10.0 +docker.io/rancher/mirrored-fluent-fluent-bit:3.1.8 +docker.io/rancher/mirrored-kube-logging-config-reloader:v0.0.6 docker.io/rancher/mirrored-cluster-api-controller:v1.8.3 diff --git a/scripts/patch-monitoring-logging b/scripts/patch-monitoring-logging new file mode 100644 index 000000000..d384b7b53 --- /dev/null +++ b/scripts/patch-monitoring-logging @@ -0,0 +1,54 @@ +#!/bin/bash +set -e + +if [ -z $SCRIPTS_DIR ]; then + TOP_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." &> /dev/null && pwd )" + SCRIPTS_DIR="${TOP_DIR}/scripts" +fi + +source ${SCRIPTS_DIR}/version-monitoring +source ${SCRIPTS_DIR}/version-logging + +update_monitoring_logging_version() { + # due to legacy code, monitoring and logging versions are first updated on installer + # then on addon + local target=$1 + local lnew="RANCHER_LOGGING_CHART_VERSION=\"${LOGGING_VERSION}\"" + local lcur=$(grep $lnew $target) || echo "logging chart version is not found from $target" + # if the file has no new line at end, append new ENV will be added to last line accidently + echo "" >> $target + if [ -z "${lcur}" ]; then + # remove possible existing values + sed -i '/RANCHER_LOGGING_CHART_VERSION/d' $target + echo "$lnew" >> $target + echo ""logging chart version is updated to ${LOGGING_VERSION}"" + else + echo "logging chart version is already set to ${LOGGING_VERSION}" + fi + + local mnew="RANCHER_MONITORING_CHART_VERSION=\"${MONITORING_VERSION}\"" + local mcur=$(grep $mnew $target) || echo "monitoring chart version is not found from $target" + if [ -z "${mcur}" ]; then + # remove possible existing values + sed -i '/RANCHER_MONITORING_CHART_VERSION/d' $target + echo "$mnew" >> $target + echo "monitoring chart version is updated to ${MONITORING_VERSION}" + else + echo "monitoring chart version is already set to ${MONITORING_VERSION}" + fi + + # the harvester-eventrouter image tag is first bumped on installer, then on addon, to decouple the PRs + # if ENV includes keyword `IMAGE` then `addon generateTemplates` will strip the image and only keep version + local HARVESTER_EVENTROUTER_FULL_TAG="rancher/harvester-eventrouter:v1.5.0-dev.0" + local henew="HARVESTER_EVENTROUTER_FULL_TAG=\"${HARVESTER_EVENTROUTER_FULL_TAG}\"" + local hecur=$(grep $henew $target) || echo "harvester-eventrouter image tag is not found from $target" + if [ -z "${hecur}" ]; then + # remove possible existing values + sed -i '/HARVESTER_EVENTROUTER_FULL_TAG/d' $target + echo "$henew" >> $target + echo "harvester-eventrouter image tag is updated to ${HARVESTER_EVENTROUTER_FULL_TAG}" + else + echo "harvester-eventrouter image tag is already set to ${HARVESTER_EVENTROUTER_FULL_TAG}" + fi + cat $target +} diff --git a/scripts/version-logging b/scripts/version-logging index ce55ff0b9..76ffddacf 100644 --- a/scripts/version-logging +++ b/scripts/version-logging @@ -1 +1 @@ -LOGGING_VERSION=103.1.0+up4.4.0 +LOGGING_VERSION=105.2.0+up4.10.0 diff --git a/scripts/version-monitoring b/scripts/version-monitoring index 4c1cf2638..eb0bd054c 100644 --- a/scripts/version-monitoring +++ b/scripts/version-monitoring @@ -1 +1 @@ -MONITORING_VERSION=103.1.1+up45.31.1 +MONITORING_VERSION=105.1.2+up61.3.2