From ead2b3ce085183a0bea49a13d99532c22ee69193 Mon Sep 17 00:00:00 2001 From: "Benjamin A. Petersen" Date: Thu, 31 Aug 2023 17:24:31 -0400 Subject: [PATCH] split up build.sh and deploy.sh --- deploy_carvel/build.sh | 310 +++++------------- deploy_carvel/deploy.sh | 139 ++++++++ .../package-repository/.imgpkg/images.yml | 2 +- deploy_carvel/supervisor/config/values.yaml | 2 +- 4 files changed, 214 insertions(+), 239 deletions(-) create mode 100755 deploy_carvel/deploy.sh diff --git a/deploy_carvel/build.sh b/deploy_carvel/build.sh index 1636b59f..e6d783cf 100755 --- a/deploy_carvel/build.sh +++ b/deploy_carvel/build.sh @@ -6,119 +6,111 @@ set -u # error if variables undefined set -o pipefail # prevent masking errors in a pipeline # set -x # print all executed commands to terminal - -RED='\033[0;31m' -GREEN='\033[0;32m' -YELLOW='\033[1;33m' -BLUE='\033[0;34m' -DEFAULT='\033[0m' - -echo_yellow() { - echo -e "${YELLOW}>> $@${DEFAULT}\n" - # printf "${GREEN}$@${DEFAULT}" +# +# Helper functions +# +function log_note() { + GREEN='\033[0;32m' + NC='\033[0m' + if [[ ${COLORTERM:-unknown} =~ ^(truecolor|24bit)$ ]]; then + echo -e "${GREEN}$*${NC}" + else + echo "$*" + fi } -echo_green() { - echo -e "${GREEN}>> $@${DEFAULT}\n" - # printf "${BLUE}$@${DEFAULT}" -} -echo_red() { - echo -e "${RED}>> $@${DEFAULT}\n" - # printf "${BLUE}$@${DEFAULT}" -} -echo_blue() { - echo -e "${BLUE}>> $@${DEFAULT}\n" - # printf "${BLUE}$@${DEFAULT}" +function log_error() { + RED='\033[0;31m' + NC='\033[0m' + if [[ ${COLORTERM:-unknown} =~ ^(truecolor|24bit)$ ]]; then + echo -e "🙁${RED} Error: $* ${NC}" + else + echo ":( Error: $*" + fi } -# got a cluster? -echo_yellow "Verify you have a functional kind cluster, otherwise this will fail....." -# ./kind-with-registry.sh -# got kapp-controller bits? -kubectl get customresourcedefinitions +function check_dependency() { + if ! command -v "$1" >/dev/null; then + log_error "Missing dependency..." + log_error "$2" + exit 1 + fi +} + + + +log_note "Deploying kapp-controller on kind cluster..." kapp deploy --app kapp-controller --file https://github.com/vmware-tanzu/carvel-kapp-controller/releases/latest/download/release.yml -y kubectl get customresourcedefinitions - -# this argument is given to kapp-controller by default -# in the above deployment manfiest: +# Global kapp-controller-namespace: # -packaging-global-namespace=kapp-controller-packaging-global -# which means, PackageRepos and Packages ought be installed in this -# namespace to be globally available by default, since -# PackageRepos and Packages are namespaced resources. +# kapp-controller resources like PackageRepository and Package are namepaced. +# However, this namespace, provided via flag to kapp-controller in the yaml above, +# defines a "global" namespace. That is, resources installed in this namespace +# can be installed in every namespace as kapp will always pay attention to its +# pseudo-global namespace. KAPP_CONTROLLER_GLOBAL_NAMESPACE="kapp-controller-packaging-global" -# TODO: since I removed the deployments there is not much in the ./imgpkg/images.yaml output -# -# build images found in these directories. -# make use of build.yaml files to specify how builds should work, -# if we need it to be done. -# kbld --file ./concierge/config --imgpkg-lock-output ./concierge/.imgpkg/images.yml -# this is used in the package-template.yml file for declaring where the package will live. -# we need to know where these package images should live :) -# REPO_HOST="1.2.3.4.fake.repo.host:5000" -# PACKAGE_REPO_HOST="projects.registry.vmware.com/pinniped/pinniped-server" -# PACKAGE_REPO_HOST="docker.io/benjaminapetersen/pinniped-package-repo" +# TODO: final resting place for these images (PackageRepository, Packge) will need to +# be in the same plate as our regular images: +# - https://github.com/vmware-tanzu/pinniped/releases/tag/v0.25.0 +# namely docker.io/getpinniped/ and projects.registry.vmware.com/pinniped/ +# PACKAGE_REPO_HOST="benjaminapetersen/pinniped-package-repo" +# TODO: this variable is currently a little quirky as our values.yaml files do NOT pin pinniped to a specific +# hard-coded version. Rather, Pinniped's values.yaml allows for a passed-in version. PINNIPED_PACKAGE_VERSION="0.25.0" -# TODO: cp ./deploy/supervisor.... into ./deploy_carvel/supervisor/config... -# TODO: cp ./deploy/concierge.... into ./deploy_carvel/concierge/config... -# -- we should copy this over, yeah? -# NOTE: I did make changes to values.yaml to turn it into a values schema.... +# TODO: should we copy these directories: +# - ../deploy/supervisor/config/* +# - ../deploy/concierge/config/* +# rather than duplicating the files? +# in this exercise, I have transformed the values.yaml into a "values schema" so this would have to be +# migrated up. There are some incompatibilities here, in that a values schema assesses the type of value +# by the default. currently many of the values have no actual default. -echo "" -echo_yellow "cleaning ./package-repository..." +log_note "Cleaning ./package-repository to generate new..." PACKAGE_REPOSITORY_DIR="package-repository" rm -rf "./${PACKAGE_REPOSITORY_DIR}" mkdir -p "./${PACKAGE_REPOSITORY_DIR}/.imgpkg" mkdir -p "./${PACKAGE_REPOSITORY_DIR}/packages/concierge.pinniped.dev" mkdir -p "./${PACKAGE_REPOSITORY_DIR}/packages/supervisor.pinniped.dev" -PACKAGE_INSTALL_DIR="temp_actual_deploy_resources" -rm -rf "./${PACKAGE_INSTALL_DIR}" -mkdir "./${PACKAGE_INSTALL_DIR}" -## TODO: -## "${resource_name}/deployment.yml" vs "${resource_name}/deployment-HACKED.yml" -## the real one has images. -## - CURRENTLY the deployment.yaml files don't work, there is some error with pushing images. -## come back to this later? +log_note "Generating PackageRepository and Packages for Pinniped version ${PINNIPED_PACKAGE_VERSION}" declare -a arr=("supervisor" "concierge") for resource_name in "${arr[@]}" do - echo "" - echo_yellow "handling ${resource_name}..." + log_note "Generating for ${resource_name}..." - # just simple templating - echo_yellow "generating ${resource_name}/.imgpkg/images.yaml" - # there are bits for image substitution in some of the ytt commands + log_note "Generating ${resource_name} imgpkg lock file... ${resource_name}/.imgpkg/images.yaml" kbld --file "./${resource_name}/config/" --imgpkg-lock-output "./${resource_name}/.imgpkg/images.yml" # generate a schema in each package directory - echo_yellow "generating ./${resource_name}/schema-openapi.yaml" + log_note "Generating ${resource_name} OpenAPIv3 Schema... ./${resource_name}/schema-openapi.yaml" ytt \ --file "${resource_name}/config/values.yaml" \ --data-values-schema-inspect --output openapi-v3 > "${resource_name}/schema-openapi.yml" - # TODO: - # push each package to the repository - # note that I am hacking at this pattern to just get them to my dockerhub - # this may or may not be the pattern we want when we push to a formal repository location - # package_push_repo_location="${PACKAGE_REPO_HOST}/packages/${resource_name}:${PINNIPED_PACKAGE_VERSION}" + # TODO: this is not the pattern we want. + # final resting place should be with our primary Pinniped image at: + # - projects.registry.vmware.com/pinniped/pinniped-server:v0.25.0 VMware Harbor + # - docker.io/getpinniped/pinniped-server:v0.25.0 DockerHub package_push_repo_location="${PACKAGE_REPO_HOST}-package-${resource_name}:${PINNIPED_PACKAGE_VERSION}" - echo_yellow "pushing package image: ${package_push_repo_location} ..." + log_note "Pushing ${resource_name} package image: ${package_push_repo_location} ..." imgpkg push --bundle "${package_push_repo_location}" --file "./${resource_name}" resource_package_version="${resource_name}.pinniped.dev" - echo_yellow "generating ./${PACKAGE_REPOSITORY_DIR}/packages/${resource_package_version}/${PINNIPED_PACKAGE_VERSION}.yml" + log_note "Generating ${resource_name} PackageRepository yaml..." + log_note "generating ./${PACKAGE_REPOSITORY_DIR}/packages/${resource_package_version}/${PINNIPED_PACKAGE_VERSION}.yml" ytt \ --file "${resource_name}/package-template.yml" \ --data-value-file openapi="$(pwd)/${resource_name}/schema-openapi.yml" \ --data-value package_version="${PINNIPED_PACKAGE_VERSION}" \ --data-value package_image_repo="${package_push_repo_location}" > "${PACKAGE_REPOSITORY_DIR}/packages/${resource_package_version}/${PINNIPED_PACKAGE_VERSION}.yml" - echo_yellow "generating ./${PACKAGE_REPOSITORY_DIR}/packages/${resource_package_version}/metadata.yml" + log_note "generating ./${PACKAGE_REPOSITORY_DIR}/packages/${resource_package_version}/metadata.yml" ytt \ --file "${resource_name}/metadata.yml" \ --data-value-file openapi="$(pwd)/${resource_name}/schema-openapi.yml" \ @@ -127,18 +119,20 @@ do done -echo_yellow "generating ./${PACKAGE_REPOSITORY_DIR}/.imgpkg/images.yml" +log_note "Generating Pinniped PackageRepository..." +log_note "Generating ./${PACKAGE_REPOSITORY_DIR}/.imgpkg/images.yml" kbld --file "./${PACKAGE_REPOSITORY_DIR}/packages/" --imgpkg-lock-output "${PACKAGE_REPOSITORY_DIR}/.imgpkg/images.yml" package_repository_push_repo_location="${PACKAGE_REPO_HOST}:${PINNIPED_PACKAGE_VERSION}" -echo_yellow "pushing package repository image: ${PACKAGE_REPO_HOST}:${PINNIPED_PACKAGE_VERSION}..." +log_note "Pushing Pinniped package repository image: ${PACKAGE_REPO_HOST}:${PINNIPED_PACKAGE_VERSION}..." imgpkg push --bundle "${package_repository_push_repo_location}" --file "./${PACKAGE_REPOSITORY_DIR}" -echo_yellow "validating imgpkg package bundle contents..." -imgpkg pull --bundle "${PACKAGE_REPO_HOST}:${PINNIPED_PACKAGE_VERSION}" --output "/tmp/${PACKAGE_REPO_HOST}:${PINNIPED_PACKAGE_VERSION}" -ls -la "/tmp/${PACKAGE_REPO_HOST}:${PINNIPED_PACKAGE_VERSION}" +# handy for a quick debug +# log_note "Validating imgpkg package bundle contents..." +# imgpkg pull --bundle "${PACKAGE_REPO_HOST}:${PINNIPED_PACKAGE_VERSION}" --output "/tmp/${PACKAGE_REPO_HOST}:${PINNIPED_PACKAGE_VERSION}" +# ls -la "/tmp/${PACKAGE_REPO_HOST}:${PINNIPED_PACKAGE_VERSION}" -echo_yellow "deploying PackageRepository..." +log_note "Generating PackageRepository yaml file..." PINNIPED_PACKGE_REPOSITORY_NAME="pinniped-package-repository" PINNIPED_PACKGE_REPOSITORY_FILE="packagerepository.${PINNIPED_PACKAGE_VERSION}.yml" echo -n "" > "${PINNIPED_PACKGE_REPOSITORY_FILE}" @@ -155,163 +149,5 @@ spec: image: "${PACKAGE_REPO_HOST}:${PINNIPED_PACKAGE_VERSION}" EOT - -# Now, gotta make this work. It'll be interesting if we can... -kapp deploy --app "${PINNIPED_PACKGE_REPOSITORY_NAME}" --file "${PINNIPED_PACKGE_REPOSITORY_FILE}" -y -kapp inspect --app "${PINNIPED_PACKGE_REPOSITORY_NAME}" --tree - -sleep 2 # TODO: remove - -# this is just a note to break this up, probably should use a separate ./deploy_stuff.sh file. -# at this point, we are "consumers". -# above we are packaging. -# this would be separated out into another script or potentially -# be on the user to craft (though we should likely provide something) -echo_green "Package Installation...." - -echo_yellow "deploying RBAC for use with pinniped PackageInstall..." - -# TODO: obviously a mega-role that can do everything is not good. we need to scope this down to appropriate things. -declare -a arr=("supervisor" "concierge") -for resource_name in "${arr[@]}" -do - -NAMESPACE="${resource_name}-ns" -PINNIPED_PACKAGE_RBAC_PREFIX="pinniped-package-rbac-${resource_name}" -PINNIPED_PACKAGE_RBAC_FILE="./${PACKAGE_INSTALL_DIR}/${PINNIPED_PACKAGE_RBAC_PREFIX}-${resource_name}-rbac.yml" - -echo -n "" > "${PINNIPED_PACKAGE_RBAC_FILE}" -cat <> "${PINNIPED_PACKAGE_RBAC_FILE}" -# --- -# apiVersion: v1 -# kind: Namespace -# metadata: -# name: "${NAMESPACE}" <--- "supervisor-ns" will cause other package install errors. ---- -# ServiceAccount details from the file linked above -apiVersion: v1 -kind: ServiceAccount -metadata: - name: "${PINNIPED_PACKAGE_RBAC_PREFIX}-sa-superadmin-dangerous" - # namespace: "${NAMESPACE}" - namespace: default # --> sticking to default for everything for now. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: "${PINNIPED_PACKAGE_RBAC_PREFIX}-role-superadmin-dangerous" -rules: -- apiGroups: ["*"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: "${PINNIPED_PACKAGE_RBAC_PREFIX}-role-binding-superadmin-dangerous" -subjects: -- kind: ServiceAccount - name: "${PINNIPED_PACKAGE_RBAC_PREFIX}-sa-superadmin-dangerous" - # namespace: "${NAMESPACE}" - namespace: default # --> sticking to default for everything for now. -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: "${PINNIPED_PACKAGE_RBAC_PREFIX}-role-superadmin-dangerous" - -EOF - -kapp deploy --app "${PINNIPED_PACKAGE_RBAC_PREFIX}" --file "${PINNIPED_PACKAGE_RBAC_FILE}" -y -done - - -#PINNIPED_PACKAGE_RBAC_FILE="./${PACKAGE_INSTALL_DIR}/${PINNIPED_PACKAGE_RBAC_PREFIX}-rbac.yml" -## TODO: obviously a mega-role that can do everything is not good. -#echo -n "" > "${PINNIPED_PACKAGE_RBAC_FILE}" -#cat <> "${PINNIPED_PACKAGE_RBAC_FILE}" -# -echo_yellow "deploying PackageInstall resources for pinniped supervisor and concierge packages..." -for resource_name in "${arr[@]}" -do - -NAMESPACE="${resource_name}-ns" -PINNIPED_PACKAGE_RBAC_PREFIX="pinniped-package-rbac-${resource_name}" -RESOURCE_PACKGE_VERSION="${resource_name}.pinniped.dev" -PACKAGE_INSTALL_FILE_NAME="./${PACKAGE_INSTALL_DIR}/${resource_name}-pkginstall.yml" -SECRET_NAME="${resource_name}-package-install-secret" -cat > "${PACKAGE_INSTALL_FILE_NAME}" << EOF ---- -apiVersion: packaging.carvel.dev/v1alpha1 -kind: PackageInstall -metadata: - # name, does not have to be versioned, versionSelection.constraints below will handle - name: "${resource_name}-package-install" - # namespace: "${NAMESPACE}" - namespace: default # --> sticking to default for everything for now. -spec: - serviceAccountName: "${PINNIPED_PACKAGE_RBAC_PREFIX}-sa-superadmin-dangerous" - packageRef: - refName: "${RESOURCE_PACKGE_VERSION}" - versionSelection: - constraints: "${PINNIPED_PACKAGE_VERSION}" - values: - - secretRef: - name: "${SECRET_NAME}" ---- -apiVersion: v1 -kind: Secret -metadata: - name: "${SECRET_NAME}" -stringData: - values.yml: | - --- - namespace: "${NAMESPACE}" - app_name: "${resource_name}-app-awesomeness" - replicas: 3 -EOF - -KAPP_CONTROLLER_APP_NAME="${resource_name}-pkginstall" -echo_yellow "deploying ${KAPP_CONTROLLER_APP_NAME}..." -kapp deploy --app "${KAPP_CONTROLLER_APP_NAME}" --file "${PACKAGE_INSTALL_FILE_NAME}" -y - -done - -echo_yellow "verifying PackageInstall resources..." -kubectl get PackageInstall -A | grep pinniped -kubectl get secret -A | grep pinniped - -echo_yellow "listing all package resources (PackageRepository, Package, PackageInstall)..." -kubectl get pkgi && kubectl get pkgr && kubectl get pkg - -echo_yellow "listing all kapp cli apps..." -# list again what is installed so we can ensure we have everything -kapp ls --all-namespaces - -# these are fundamentally different than what kapp cli understands, unfortunately. -# the term "app" is overloaded in Carvel and can mean two different things, based on -# the use of kapp cli and kapp-controller on cluster -echo_yellow "listing all kapp-controller apps..." -kubectl get app --all-namespaces - -# TODO: -# update the deployment.yaml and remove the deployment-HACKED.yaml files -# both are probably hacked a bit, so delete them and just get fresh from the ./deploy directory -# then make sure REAL PINNIPED actually deploys. - - -# In the end we should have: -# docker pull benjaminapetersen/pinniped-package-repo:latest -# docker pull benjaminapetersen/pinniped-package-repo-package-supervisor:0.25.0 -# docker pull benjaminapetersen/pinniped-package-repo-package-concierge:0.25.0 - -# echo_yellow "verifying RBAC resources created (namespace, serviceaccount, clusterrole, clusterrolebinding)..." -# kubectl get ns -A | grep pinniped -# kubectl get sa -A | grep pinniped -# kubectl get ClusterRole -A | grep pinniped -# kubectl get clusterrolebinding -A | grep pinniped - - -# stuff -kubectl get PackageRepository -A -kubectl get Package -A -kubectl get PackageInstall -A +log_note "To deploy the PackageRepository, run 'kapp deploy --app pinniped-repo --file ${PINNIPED_PACKGE_REPOSITORY_FILE}'" +log_note "Or use the sibling deploy.sh script" diff --git a/deploy_carvel/deploy.sh b/deploy_carvel/deploy.sh new file mode 100755 index 00000000..e8b22335 --- /dev/null +++ b/deploy_carvel/deploy.sh @@ -0,0 +1,139 @@ +#!/usr/bin/env bash + +# Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. +# SPDX-License-Identifier: Apache-2.0 + +# +# This script can be used to prepare a kind cluster and deploy the app. +# You can call this script again to redeploy the app. +# It will also output instructions on how to run the integration. +# + +set -euo pipefail + + +# deploy the Carvel packages for Pinniped & Supervisor. +# - Deploy the PackageRepository +# - Create PackageInstalls for Supervisor, Concierge +# - deploy these +# - then after, run hack/prepare-supervisor-on-kind.sh +# - ideally this configures the Supervisor + + +# need a directory for our yamls for deployment +echo "" +PACKAGE_INSTALL_DIR="temp_actual_deploy_resources" +rm -rf "./${PACKAGE_INSTALL_DIR}" +mkdir "./${PACKAGE_INSTALL_DIR}" + + +log_note "Deploying Pinniped PackageRepository on kind cluster..." +# Now, gotta make this work. It'll be interesting if we can... +kapp deploy --app "${PINNIPED_PACKGE_REPOSITORY_NAME}" --file "${PINNIPED_PACKGE_REPOSITORY_FILE}" -y +kapp inspect --app "${PINNIPED_PACKGE_REPOSITORY_NAME}" --tree + + + + +log_note "Generating RBAC for use with pinniped PackageInstall..." + +# TODO: obviously a mega-role that can do everything is not good. we need to scope this down to appropriate things. +declare -a arr=("supervisor" "concierge") +for resource_name in "${arr[@]}" +do + + NAMESPACE="${resource_name}-ns" + PINNIPED_PACKAGE_RBAC_PREFIX="pinniped-package-rbac-${resource_name}" + PINNIPED_PACKAGE_RBAC_FILE="./${PACKAGE_INSTALL_DIR}/${PINNIPED_PACKAGE_RBAC_PREFIX}-${resource_name}-rbac.yml" + + echo -n "" > "${PINNIPED_PACKAGE_RBAC_FILE}" + cat <> "${PINNIPED_PACKAGE_RBAC_FILE}" +# --- +# apiVersion: v1 +# kind: Namespace +# metadata: +# name: "${NAMESPACE}" <--- "supervisor-ns" will cause other package install errors. +--- +# ServiceAccount details from the file linked above +apiVersion: v1 +kind: ServiceAccount +metadata: + name: "${PINNIPED_PACKAGE_RBAC_PREFIX}-sa-superadmin-dangerous" + # namespace: "${NAMESPACE}" + namespace: default # --> sticking to default for everything for now. +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: "${PINNIPED_PACKAGE_RBAC_PREFIX}-role-superadmin-dangerous" +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: "${PINNIPED_PACKAGE_RBAC_PREFIX}-role-binding-superadmin-dangerous" +subjects: +- kind: ServiceAccount + name: "${PINNIPED_PACKAGE_RBAC_PREFIX}-sa-superadmin-dangerous" + # namespace: "${NAMESPACE}" + namespace: default # --> sticking to default for everything for now. +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: "${PINNIPED_PACKAGE_RBAC_PREFIX}-role-superadmin-dangerous" + +EOF + + kapp deploy --app "${PINNIPED_PACKAGE_RBAC_PREFIX}" --file "${PINNIPED_PACKAGE_RBAC_FILE}" -y +done + + + +log_note "Deploying PackageInstall resources for pinniped supervisor and concierge packages..." +for resource_name in "${arr[@]}" +do + + NAMESPACE="${resource_name}-ns" + PINNIPED_PACKAGE_RBAC_PREFIX="pinniped-package-rbac-${resource_name}" + RESOURCE_PACKGE_VERSION="${resource_name}.pinniped.dev" + PACKAGE_INSTALL_FILE_NAME="./${PACKAGE_INSTALL_DIR}/${resource_name}-pkginstall.yml" + SECRET_NAME="${resource_name}-package-install-secret" + cat > "${PACKAGE_INSTALL_FILE_NAME}" << EOF +--- +apiVersion: packaging.carvel.dev/v1alpha1 +kind: PackageInstall +metadata: + # name, does not have to be versioned, versionSelection.constraints below will handle + name: "${resource_name}-package-install" + # namespace: "${NAMESPACE}" + namespace: default # --> sticking to default for everything for now. +spec: + serviceAccountName: "${PINNIPED_PACKAGE_RBAC_PREFIX}-sa-superadmin-dangerous" + packageRef: + refName: "${RESOURCE_PACKGE_VERSION}" + versionSelection: + constraints: "${PINNIPED_PACKAGE_VERSION}" + values: + - secretRef: + name: "${SECRET_NAME}" +--- +apiVersion: v1 +kind: Secret +metadata: + name: "${SECRET_NAME}" +stringData: + values.yml: | + --- + namespace: "${NAMESPACE}" + app_name: "${resource_name}-app-awesomeness" + replicas: 3 +EOF + + KAPP_CONTROLLER_APP_NAME="${resource_name}-pkginstall" + log_note "deploying ${KAPP_CONTROLLER_APP_NAME}..." + kapp deploy --app "${KAPP_CONTROLLER_APP_NAME}" --file "${PACKAGE_INSTALL_FILE_NAME}" -y + +done diff --git a/deploy_carvel/package-repository/.imgpkg/images.yml b/deploy_carvel/package-repository/.imgpkg/images.yml index 62fc5bcf..f7bb42c8 100644 --- a/deploy_carvel/package-repository/.imgpkg/images.yml +++ b/deploy_carvel/package-repository/.imgpkg/images.yml @@ -14,5 +14,5 @@ images: - resolved: tag: 0.25.0 url: benjaminapetersen/pinniped-package-repo-package-supervisor:0.25.0 - image: index.docker.io/benjaminapetersen/pinniped-package-repo-package-supervisor@sha256:12577787d82b4f565be28c65c229c87dd8ac9890d0f44a690725fdb4ac7f4082 + image: index.docker.io/benjaminapetersen/pinniped-package-repo-package-supervisor@sha256:53b9a52d499492d372688198e0cf9c9598835047ec67684f908f512f8a28fc96 kind: ImagesLock diff --git a/deploy_carvel/supervisor/config/values.yaml b/deploy_carvel/supervisor/config/values.yaml index 686a4144..127efaa6 100644 --- a/deploy_carvel/supervisor/config/values.yaml +++ b/deploy_carvel/supervisor/config/values.yaml @@ -40,7 +40,7 @@ package_image_repo: docker.io/benjaminapetersen/some-pinniped-supervisor-package #@schema/nullable package_image_digest: sha256:123456 #@schema/nullable -package_image_tag: latest +package_image_tag: latest #! TODO; so since we allow the deployment to pass in the image tag, not sure the value in versions of packages? #! prob should not be nullable #@schema/nullable package_version: 1.2.3