fix: reconcile-runtime sidecar container drift

.gitignore

@@ -46,3 +46,6 @@ venona/venona
 
 # coverage
 **/cover
+
+# debug
+**/debug

charts/cf-runtime/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 description: A Helm chart for Codefresh Runner
 name: cf-runtime
-version: 6.3.25
+version: 6.3.26
 keywords:
   - codefresh
   - runner
@@ -17,10 +17,8 @@ annotations:
   artifacthub.io/containsSecurityUpdates: "false"
   # Supported kinds: `added`, `changed`, `deprecated`, `removed`, `fixed`, `security`:
   artifacthub.io/changes: |
-    - kind: changed
-      description: Upgrade the engine to v1.169.12
     - kind: fixed
-      description: Fix a bug introduced in the engine v1.169.11, which led to the output of logs in plaintext instead of JSON
+      description: Fix reconcile-runtime sidecar container drift in runner deployment
 dependencies:
   - name: cf-common
     repository: oci://quay.io/codefresh/charts

charts/cf-runtime/README.md

@@ -1,6 +1,6 @@
 ## Codefresh Runner
 
-![Version: 6.3.25](https://img.shields.io/badge/Version-6.3.25-informational?style=flat-square)
+![Version: 6.3.26](https://img.shields.io/badge/Version-6.3.26-informational?style=flat-square)
 
 Helm chart for deploying [Codefresh Runner](https://codefresh.io/docs/docs/installation/codefresh-runner/) to Kubernetes.
 
@@ -1034,13 +1034,13 @@ Go to [https://<YOUR_ONPREM_DOMAIN_HERE>/admin/runtime-environments/system](http
 | runtime.dind.userVolumeMounts | object | `{}` | Add extra volume mounts |
 | runtime.dind.userVolumes | object | `{}` | Add extra volumes |
 | runtime.dindDaemon | object | See below | DinD pod daemon config |
-| runtime.engine | object | `{"affinity":{},"command":["npm","run","start"],"env":{"CONTAINER_LOGGER_EXEC_CHECK_INTERVAL_MS":"1000","LOGGER_LEVEL":"debug","LOG_OUTGOING_HTTP_REQUESTS":"false"},"image":{"registry":"quay.io","repository":"codefresh/engine","tag":"1.169.12"},"nodeSelector":{},"podAnnotations":{},"podLabels":{},"resources":{"limits":{"cpu":"1000m","memory":"2048Mi"},"requests":{"cpu":"100m","memory":"128Mi"}},"runtimeImages":{"COMPOSE_IMAGE":"quay.io/codefresh/compose:v2.20.3-1.4.0","CONTAINER_LOGGER_IMAGE":"quay.io/codefresh/cf-container-logger:1.10.3","CR_6177_FIXER":"quay.io/codefresh/alpine:edge","DOCKER_BUILDER_IMAGE":"quay.io/codefresh/cf-docker-builder:1.3.11","DOCKER_PULLER_IMAGE":"quay.io/codefresh/cf-docker-puller:8.0.16","DOCKER_PUSHER_IMAGE":"quay.io/codefresh/cf-docker-pusher:6.0.15","DOCKER_TAG_PUSHER_IMAGE":"quay.io/codefresh/cf-docker-tag-pusher:1.3.13","FS_OPS_IMAGE":"quay.io/codefresh/fs-ops:1.2.3","GC_BUILDER_IMAGE":"quay.io/codefresh/cf-gc-builder:0.5.3","GIT_CLONE_IMAGE":"quay.io/codefresh/cf-git-cloner:10.1.26","KUBE_DEPLOY":"quay.io/codefresh/cf-deploy-kubernetes:16.1.11","PIPELINE_DEBUGGER_IMAGE":"quay.io/codefresh/cf-debugger:1.3.0","TEMPLATE_ENGINE":"quay.io/codefresh/pikolo:0.14.0"},"schedulerName":"","serviceAccount":"codefresh-engine","tolerations":[],"userEnvVars":[]}` | Parameters for Engine pod (aka "pipeline" orchestrator). |
+| runtime.engine | object | `{"affinity":{},"command":["npm","run","start"],"env":{"CONTAINER_LOGGER_EXEC_CHECK_INTERVAL_MS":1000,"LOGGER_LEVEL":"debug","LOG_OUTGOING_HTTP_REQUESTS":false},"image":{"registry":"quay.io","repository":"codefresh/engine","tag":"1.169.12"},"nodeSelector":{},"podAnnotations":{},"podLabels":{},"resources":{"limits":{"cpu":"1000m","memory":"2048Mi"},"requests":{"cpu":"100m","memory":"128Mi"}},"runtimeImages":{"COMPOSE_IMAGE":"quay.io/codefresh/compose:v2.20.3-1.4.0","CONTAINER_LOGGER_IMAGE":"quay.io/codefresh/cf-container-logger:1.10.3","CR_6177_FIXER":"quay.io/codefresh/alpine:edge","DOCKER_BUILDER_IMAGE":"quay.io/codefresh/cf-docker-builder:1.3.11","DOCKER_PULLER_IMAGE":"quay.io/codefresh/cf-docker-puller:8.0.16","DOCKER_PUSHER_IMAGE":"quay.io/codefresh/cf-docker-pusher:6.0.15","DOCKER_TAG_PUSHER_IMAGE":"quay.io/codefresh/cf-docker-tag-pusher:1.3.13","FS_OPS_IMAGE":"quay.io/codefresh/fs-ops:1.2.3","GC_BUILDER_IMAGE":"quay.io/codefresh/cf-gc-builder:0.5.3","GIT_CLONE_IMAGE":"quay.io/codefresh/cf-git-cloner:10.1.26","KUBE_DEPLOY":"quay.io/codefresh/cf-deploy-kubernetes:16.1.11","PIPELINE_DEBUGGER_IMAGE":"quay.io/codefresh/cf-debugger:1.3.0","TEMPLATE_ENGINE":"quay.io/codefresh/pikolo:0.14.0"},"schedulerName":"","serviceAccount":"codefresh-engine","tolerations":[],"userEnvVars":[]}` | Parameters for Engine pod (aka "pipeline" orchestrator). |
 | runtime.engine.affinity | object | `{}` | Set affinity |
 | runtime.engine.command | list | `["npm","run","start"]` | Set container command. |
-| runtime.engine.env | object | `{"CONTAINER_LOGGER_EXEC_CHECK_INTERVAL_MS":"1000","LOGGER_LEVEL":"debug","LOG_OUTGOING_HTTP_REQUESTS":"false"}` | Set additional env vars. |
-| runtime.engine.env.CONTAINER_LOGGER_EXEC_CHECK_INTERVAL_MS | string | `"1000"` | Interval to check the exec status in the container-logger |
+| runtime.engine.env | object | `{"CONTAINER_LOGGER_EXEC_CHECK_INTERVAL_MS":1000,"LOGGER_LEVEL":"debug","LOG_OUTGOING_HTTP_REQUESTS":false}` | Set additional env vars. |
+| runtime.engine.env.CONTAINER_LOGGER_EXEC_CHECK_INTERVAL_MS | int | `1000` | Interval to check the exec status in the container-logger |
 | runtime.engine.env.LOGGER_LEVEL | string | `"debug"` | Level of logging for engine |
-| runtime.engine.env.LOG_OUTGOING_HTTP_REQUESTS | string | `"false"` | Enable debug-level logging of outgoing HTTP/HTTPS requests |
+| runtime.engine.env.LOG_OUTGOING_HTTP_REQUESTS | bool | `false` | Enable debug-level logging of outgoing HTTP/HTTPS requests |
 | runtime.engine.image | object | `{"registry":"quay.io","repository":"codefresh/engine","tag":"1.169.12"}` | Set image. |
 | runtime.engine.nodeSelector | object | `{}` | Set node selector. |
 | runtime.engine.podAnnotations | object | `{}` | Set pod annotations. |

charts/cf-runtime/files/reconcile-runtime.sh

@@ -31,8 +31,6 @@ while true; do
       -o yaml \
       | yq 'del(.version, .metadata.changedBy, .metadata.creationTime)' > /tmp/runtime.yaml
 
-  sed -i "s/'/\"/g" /tmp/runtime.yaml
-
   kubectl get cm ${CONFIGMAP_NAME} -n ${KUBE_NAMESPACE} -o yaml \
   | yq 'del(.metadata.resourceVersion, .metadata.uid)' \
   | yq eval '.data["runtime.yaml"] = load_str("/tmp/runtime.yaml")' \

charts/cf-runtime/templates/runtime/runtime-env-spec-tmpl.yaml

@@ -11,26 +11,28 @@ metadata:
 runtimeScheduler:
   type: KubernetesPod
   {{- if $engineContext.image }}
-  image: {{ include (printf "%s.image.name" $cfCommonTplSemver ) (dict "image" $engineContext.image "context" .) | quote }}
+  image: {{ include (printf "%s.image.name" $cfCommonTplSemver ) (dict "image" $engineContext.image "context" .) | squote }}
   {{- end }}
   {{- with $engineContext.command }}
   command: {{- toYaml . | nindent 4 }}
   {{- end }}
   envVars:
   {{- with $engineContext.env }}
-   {{- toYaml . | nindent 4 }}
-  {{- end }}
-    COMPOSE_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.COMPOSE_IMAGE) | quote }}
-    CONTAINER_LOGGER_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.CONTAINER_LOGGER_IMAGE) | quote }}
-    DOCKER_BUILDER_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.DOCKER_BUILDER_IMAGE) | quote }}
-    DOCKER_PULLER_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.DOCKER_PULLER_IMAGE) | quote }}
-    DOCKER_PUSHER_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.DOCKER_PUSHER_IMAGE) | quote }}
-    DOCKER_TAG_PUSHER_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.DOCKER_TAG_PUSHER_IMAGE) | quote }}
-    FS_OPS_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.FS_OPS_IMAGE) | quote }}
-    GIT_CLONE_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.GIT_CLONE_IMAGE) | quote }}
-    KUBE_DEPLOY: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.KUBE_DEPLOY) | quote }}
-    PIPELINE_DEBUGGER_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.PIPELINE_DEBUGGER_IMAGE) | quote }}
-    TEMPLATE_ENGINE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.TEMPLATE_ENGINE) | quote }}
+    {{- range $key, $val := . }}
+    {{ $key }}: {{ $val | squote }}
+    {{- end }}
+  {{- end }}
+    COMPOSE_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.COMPOSE_IMAGE) | squote }}
+    CONTAINER_LOGGER_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.CONTAINER_LOGGER_IMAGE) | squote }}
+    DOCKER_BUILDER_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.DOCKER_BUILDER_IMAGE) | squote }}
+    DOCKER_PULLER_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.DOCKER_PULLER_IMAGE) | squote }}
+    DOCKER_PUSHER_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.DOCKER_PUSHER_IMAGE) | squote }}
+    DOCKER_TAG_PUSHER_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.DOCKER_TAG_PUSHER_IMAGE) | squote }}
+    FS_OPS_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.FS_OPS_IMAGE) | squote }}
+    GIT_CLONE_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.GIT_CLONE_IMAGE) | squote }}
+    KUBE_DEPLOY: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.KUBE_DEPLOY) | squote }}
+    PIPELINE_DEBUGGER_IMAGE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.PIPELINE_DEBUGGER_IMAGE) | squote }}
+    TEMPLATE_ENGINE: {{ include "runtime.runtimeImageName" (dict "registry" $imageRegistry "imageFullName" $engineContext.runtimeImages.TEMPLATE_ENGINE) | squote }}
   {{- with $engineContext.userEnvVars }}
   userEnvVars:  {{- toYaml . | nindent 4 }}
   {{- end }}
@@ -63,7 +65,10 @@ runtimeScheduler:
   tolerations:  {{- toYaml . | nindent 4 }}
   {{- end }}
   {{- with $engineContext.podAnnotations }}
-  annotations: {{- toYaml . | nindent 4 }}
+  annotations:
+    {{- range $key, $val := . }}
+    {{ $key }}: {{ $val | squote }}
+    {{- end }}
   {{- end }}
   {{- with $engineContext.podLabels }}
   labels: {{- toYaml . | nindent 4 }}
@@ -78,13 +83,16 @@ runtimeScheduler:
 dockerDaemonScheduler:
   type: DindKubernetesPod
   {{- if $dindContext.image }}
-  dindImage: {{ include (printf "%s.image.name" $cfCommonTplSemver ) (dict "image" $dindContext.image "context" .) | quote }}
+  dindImage: {{ include (printf "%s.image.name" $cfCommonTplSemver ) (dict "image" $dindContext.image "context" .) | squote }}
   {{- end }}
   {{- with $dindContext.userAccess }}
   userAccess: {{ . }}
   {{- end }}
   {{- with $dindContext.env }}
-  envVars: {{- toYaml . | nindent 4 }}
+  envVars:
+    {{- range $key, $val := . }}
+    {{ $key }}: {{ $val | squote }}
+    {{- end }}
   {{- end }}
   cluster:
     namespace: {{ .Release.Namespace }}
@@ -112,7 +120,10 @@ dockerDaemonScheduler:
   tolerations: {{- toYaml . | nindent 4 }}
   {{- end }}
   {{- with $dindContext.podAnnotations }}
-  annotations: {{- toYaml . | nindent 4 }}
+  annotations:
+    {{- range $key, $val := . }}
+    {{ $key }}: {{ $val | squote }}
+    {{- end }}
   {{- end }}
   {{- with $dindContext.podLabels }}
   labels: {{- toYaml . | nindent 4 }}
@@ -124,7 +135,7 @@ dockerDaemonScheduler:
   pvcs:
   {{- range $index, $pvc := $dindContext.pvcs }}
     - name: {{ $pvc.name }}
-      reuseVolumeSelector: {{ $pvc.reuseVolumeSelector | quote }}
+      reuseVolumeSelector: {{ $pvc.reuseVolumeSelector | squote }}
       reuseVolumeSortOrder: {{ $pvc.reuseVolumeSortOrder }}
       storageClassName: {{ include (printf "%v.tplrender" $cfCommonTplSemver) (dict "Values" $pvc.storageClassName "context" $) }}
       volumeSize: {{ $pvc.volumeSize }}

charts/cf-runtime/tests/private-registry/private_registry_test.yaml

@@ -31,26 +31,26 @@ tests:
               agent: true
             runtimeScheduler:
               type: KubernetesPod
-              image: "somedomain.io/codefresh/engine:tagoverride"
+              image: 'somedomain.io/codefresh/engine:tagoverride'
               command:
                 - npm
                 - run
                 - start
               envVars:
-                CONTAINER_LOGGER_EXEC_CHECK_INTERVAL_MS: "1000"
-                LOG_OUTGOING_HTTP_REQUESTS: "false"
-                LOGGER_LEVEL: debug
-                COMPOSE_IMAGE: "somedomain.io/codefresh/compose:tagoverride"
-                CONTAINER_LOGGER_IMAGE: "somedomain.io/codefresh/cf-container-logger:tagoverride"
-                DOCKER_BUILDER_IMAGE: "somedomain.io/codefresh/cf-docker-builder:tagoverride"
-                DOCKER_PULLER_IMAGE: "somedomain.io/codefresh/cf-docker-puller:tagoverride"
-                DOCKER_PUSHER_IMAGE: "somedomain.io/codefresh/cf-docker-pusher:tagoverride"
-                DOCKER_TAG_PUSHER_IMAGE: "somedomain.io/codefresh/cf-docker-tag-pusher:tagoverride"
-                FS_OPS_IMAGE: "somedomain.io/codefresh/fs-ops:tagoverride"
-                GIT_CLONE_IMAGE: "somedomain.io/codefresh/cf-git-cloner:tagoverride"
-                KUBE_DEPLOY: "somedomain.io/codefresh/cf-deploy-kubernetes:tagoverride"
-                PIPELINE_DEBUGGER_IMAGE: "somedomain.io/codefresh/cf-debugger:tagoverride"
-                TEMPLATE_ENGINE: "somedomain.io/codefresh/pikolo:tagoverride"
+                CONTAINER_LOGGER_EXEC_CHECK_INTERVAL_MS: '1000'
+                LOGGER_LEVEL: 'debug'
+                LOG_OUTGOING_HTTP_REQUESTS: 'false'
+                COMPOSE_IMAGE: 'somedomain.io/codefresh/compose:tagoverride'
+                CONTAINER_LOGGER_IMAGE: 'somedomain.io/codefresh/cf-container-logger:tagoverride'
+                DOCKER_BUILDER_IMAGE: 'somedomain.io/codefresh/cf-docker-builder:tagoverride'
+                DOCKER_PULLER_IMAGE: 'somedomain.io/codefresh/cf-docker-puller:tagoverride'
+                DOCKER_PUSHER_IMAGE: 'somedomain.io/codefresh/cf-docker-pusher:tagoverride'
+                DOCKER_TAG_PUSHER_IMAGE: 'somedomain.io/codefresh/cf-docker-tag-pusher:tagoverride'
+                FS_OPS_IMAGE: 'somedomain.io/codefresh/fs-ops:tagoverride'
+                GIT_CLONE_IMAGE: 'somedomain.io/codefresh/cf-git-cloner:tagoverride'
+                KUBE_DEPLOY: 'somedomain.io/codefresh/cf-deploy-kubernetes:tagoverride'
+                PIPELINE_DEBUGGER_IMAGE: 'somedomain.io/codefresh/cf-debugger:tagoverride'
+                TEMPLATE_ENGINE: 'somedomain.io/codefresh/pikolo:tagoverride'
               cluster:
                 namespace: codefresh
                 serviceAccount: codefresh-engine
@@ -66,10 +66,10 @@ tests:
                   memory: 128Mi
             dockerDaemonScheduler:
               type: DindKubernetesPod
-              dindImage: "somedomain.io/codefresh/dind:tagoverride"
+              dindImage: 'somedomain.io/codefresh/dind:tagoverride'
               userAccess: true
               envVars:
-                DOCKER_ENABLE_DEPRECATED_PULL_SCHEMA_1_IMAGE: "true"
+                DOCKER_ENABLE_DEPRECATED_PULL_SCHEMA_1_IMAGE: 'true'
               cluster:
                 namespace: codefresh
                 serviceAccount: codefresh-engine
@@ -78,7 +78,7 @@ tests:
                   selector: my-context
               pvcs:
                 - name: dind
-                  reuseVolumeSelector: "codefresh-app,io.codefresh.accountName"
+                  reuseVolumeSelector: 'codefresh-app,io.codefresh.accountName'
                   reuseVolumeSortOrder: pipeline_id
                   storageClassName: dind-local-volumes-runner-codefresh
                   volumeSize: 16Gi