From 6e5e982d58708cdf07ec4d42df82adfc0795c14c Mon Sep 17 00:00:00 2001 From: Emil Natan Date: Tue, 24 Dec 2024 17:02:04 +0200 Subject: [PATCH] Update results prod internal Update Results prod internal. Updates kflux-ocp-p01 and stone-prod-p02. Update UI to match Results update. --- .../production/kflux-ocp-p01/deploy.yaml | 138 +++++++++++++++++- .../production/stone-prod-p02/deploy.yaml | 138 +++++++++++++++++- .../kflux-ocp-p01/kustomization.yaml | 2 +- .../stone-prod-p02/kustomization.yaml | 2 +- 4 files changed, 262 insertions(+), 18 deletions(-) diff --git a/components/pipeline-service/production/kflux-ocp-p01/deploy.yaml b/components/pipeline-service/production/kflux-ocp-p01/deploy.yaml index ddbe771bbe0..002d1bb8bd3 100644 --- a/components/pipeline-service/production/kflux-ocp-p01/deploy.yaml +++ b/components/pipeline-service/production/kflux-ocp-p01/deploy.yaml @@ -479,6 +479,18 @@ rules: - pods/log verbs: - get +- apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - create + - update + - delete + - patch + - watch - apiGroups: - tekton.dev resources: @@ -963,7 +975,7 @@ data: LOGS_API=false LOGS_TYPE=File LOGS_BUFFER_SIZE=5242880 - LOGS_PATH=/logs + LOGS_PATH=//logs S3_BUCKET_NAME= S3_ENDPOINT= S3_HOSTNAME_IMMUTABLE=false @@ -975,6 +987,18 @@ data: STORAGE_EMULATOR_HOST= PROFILING=true PROFILING_PORT=6060 + CONVERTER_ENABLE=false + CONVERTER_DB_LIMIT=50 + LOGGING_PLUGIN_PROXY_PATH=/api/logs/v1/application + LOGGING_PLUGIN_TOKEN_PATH=/var/run/secrets/kubernetes.io/serviceaccount/token + LOGGING_PLUGIN_NAMESPACE_KEY=kubernetes_namespace_name + LOGGING_PLUGIN_STATIC_LABELS='log_type=application' + LOGGING_PLUGIN_CA_CERT= + LOGGING_PLUGIN_QUERY_LIMIT=1700 + LOGGING_PLUGIN_TLS_VERIFICATION_DISABLE= + LOGGING_PLUGIN_FORWARDER_DELAY_DURATION=10 + LOGGING_PLUGIN_API_URL=s3://tekton-logs + LOGGING_PLUGIN_QUERY_PARAMS='v1alpha2LogType=true&use_path_style=true' kind: ConfigMap metadata: annotations: @@ -1116,6 +1140,21 @@ metadata: namespace: tekton-results --- apiVersion: v1 +data: + maxRetention: "30" + runAt: 5 5 * * 0 +kind: ConfigMap +metadata: + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + labels: + app.kubernetes.io/name: tekton-results-retention-policy + app.kubernetes.io/part-of: tekton-results + app.kubernetes.io/version: devel + name: tekton-results-config-results-retention-policy + namespace: tekton-results +--- +apiVersion: v1 data: version: devel kind: ConfigMap @@ -1336,20 +1375,20 @@ spec: - name: LOGS_API value: "true" - name: LOGS_TYPE - value: S3 + value: blob - name: S3_HOSTNAME_IMMUTABLE value: "true" - - name: S3_ACCESS_KEY_ID + - name: AWS_ACCESS_KEY_ID valueFrom: secretKeyRef: key: aws_access_key_id name: tekton-results-s3 - - name: S3_SECRET_ACCESS_KEY + - name: AWS_SECRET_ACCESS_KEY valueFrom: secretKeyRef: key: aws_secret_access_key name: tekton-results-s3 - - name: S3_REGION + - name: AWS_REGION valueFrom: secretKeyRef: key: aws_region @@ -1359,11 +1398,16 @@ spec: secretKeyRef: key: bucket name: tekton-results-s3 - - name: S3_ENDPOINT + - name: AWS_ENDPOINT_URL valueFrom: secretKeyRef: key: endpoint name: tekton-results-s3 + - name: LOGGING_PLUGIN_API_URL + valueFrom: + secretKeyRef: + key: s3_url + name: tekton-results-s3 - name: DB_USER valueFrom: secretKeyRef: @@ -1384,7 +1428,7 @@ spec: secretKeyRef: key: db.name name: tekton-results-database - image: quay.io/redhat-appstudio/tekton-results-api:ed360eccc021ad5eedf8ea9c0732912ef602b15a + image: quay.io/konflux-ci/tekton-results-api:cc0e0ecfe4cd88c9e7537e23e4a2b159e397d59a livenessProbe: httpGet: path: /healthz @@ -1448,6 +1492,83 @@ spec: --- apiVersion: apps/v1 kind: Deployment +metadata: + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + labels: + app.kubernetes.io/name: tekton-results-retention-policy-agent + app.kubernetes.io/part-of: tekton-results + app.kubernetes.io/version: devel + name: tekton-results-retention-policy-agent + namespace: tekton-results +spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/name: tekton-results-retention-policy-agent + template: + metadata: + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + cluster-autoscaler.kubernetes.io/safe-to-evict: "false" + labels: + app.kubernetes.io/name: tekton-results-retention-policy-agent + app.kubernetes.io/version: devel + spec: + containers: + - env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: tekton-results-config-logging + - name: DB_USER + valueFrom: + secretKeyRef: + key: POSTGRES_USER + name: tekton-results-postgres + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + key: POSTGRES_PASSWORD + name: tekton-results-postgres + image: quay.io/konflux-ci/tekton-results-retention-policy-agent:cc0e0ecfe4cd88c9e7537e23e4a2b159e397d59a + name: retention-policy-agent + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /etc/tekton/results + name: config + readOnly: true + - mountPath: /etc/tls + name: tls + readOnly: true + serviceAccountName: tekton-results-watcher + volumes: + - configMap: + name: tekton-results-api-config + name: config + - name: tls + secret: + secretName: tekton-results-tls +--- +apiVersion: apps/v1 +kind: Deployment metadata: annotations: argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true @@ -1526,6 +1647,7 @@ spec: - -completed_run_grace_period - 10m - -threadiness=32 + - -logs_api=true env: - name: SYSTEM_NAMESPACE valueFrom: @@ -1543,7 +1665,7 @@ spec: value: tekton-results-api-service.tekton-pipelines.svc.cluster.local:8080 - name: AUTH_MODE value: token - image: quay.io/redhat-appstudio/tekton-results-watcher:bae7851ff584423503af324200f52cd28ca99116 + image: quay.io/konflux-ci/tekton-results-watcher:cc0e0ecfe4cd88c9e7537e23e4a2b159e397d59a name: watcher ports: - containerPort: 9090 diff --git a/components/pipeline-service/production/stone-prod-p02/deploy.yaml b/components/pipeline-service/production/stone-prod-p02/deploy.yaml index 1f319601390..9b3c6685ac5 100644 --- a/components/pipeline-service/production/stone-prod-p02/deploy.yaml +++ b/components/pipeline-service/production/stone-prod-p02/deploy.yaml @@ -479,6 +479,18 @@ rules: - pods/log verbs: - get +- apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - create + - update + - delete + - patch + - watch - apiGroups: - tekton.dev resources: @@ -963,7 +975,7 @@ data: LOGS_API=false LOGS_TYPE=File LOGS_BUFFER_SIZE=5242880 - LOGS_PATH=/logs + LOGS_PATH=//logs S3_BUCKET_NAME= S3_ENDPOINT= S3_HOSTNAME_IMMUTABLE=false @@ -975,6 +987,18 @@ data: STORAGE_EMULATOR_HOST= PROFILING=true PROFILING_PORT=6060 + CONVERTER_ENABLE=false + CONVERTER_DB_LIMIT=50 + LOGGING_PLUGIN_PROXY_PATH=/api/logs/v1/application + LOGGING_PLUGIN_TOKEN_PATH=/var/run/secrets/kubernetes.io/serviceaccount/token + LOGGING_PLUGIN_NAMESPACE_KEY=kubernetes_namespace_name + LOGGING_PLUGIN_STATIC_LABELS='log_type=application' + LOGGING_PLUGIN_CA_CERT= + LOGGING_PLUGIN_QUERY_LIMIT=1700 + LOGGING_PLUGIN_TLS_VERIFICATION_DISABLE= + LOGGING_PLUGIN_FORWARDER_DELAY_DURATION=10 + LOGGING_PLUGIN_API_URL=s3://tekton-logs + LOGGING_PLUGIN_QUERY_PARAMS='v1alpha2LogType=true&use_path_style=true' kind: ConfigMap metadata: annotations: @@ -1116,6 +1140,21 @@ metadata: namespace: tekton-results --- apiVersion: v1 +data: + maxRetention: "30" + runAt: 5 5 * * 0 +kind: ConfigMap +metadata: + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + labels: + app.kubernetes.io/name: tekton-results-retention-policy + app.kubernetes.io/part-of: tekton-results + app.kubernetes.io/version: devel + name: tekton-results-config-results-retention-policy + namespace: tekton-results +--- +apiVersion: v1 data: version: devel kind: ConfigMap @@ -1336,20 +1375,20 @@ spec: - name: LOGS_API value: "true" - name: LOGS_TYPE - value: S3 + value: blob - name: S3_HOSTNAME_IMMUTABLE value: "true" - - name: S3_ACCESS_KEY_ID + - name: AWS_ACCESS_KEY_ID valueFrom: secretKeyRef: key: aws_access_key_id name: tekton-results-s3 - - name: S3_SECRET_ACCESS_KEY + - name: AWS_SECRET_ACCESS_KEY valueFrom: secretKeyRef: key: aws_secret_access_key name: tekton-results-s3 - - name: S3_REGION + - name: AWS_REGION valueFrom: secretKeyRef: key: aws_region @@ -1359,11 +1398,16 @@ spec: secretKeyRef: key: bucket name: tekton-results-s3 - - name: S3_ENDPOINT + - name: AWS_ENDPOINT_URL valueFrom: secretKeyRef: key: endpoint name: tekton-results-s3 + - name: LOGGING_PLUGIN_API_URL + valueFrom: + secretKeyRef: + key: s3_url + name: tekton-results-s3 - name: DB_USER valueFrom: secretKeyRef: @@ -1384,7 +1428,7 @@ spec: secretKeyRef: key: db.name name: tekton-results-database - image: quay.io/redhat-appstudio/tekton-results-api:ed360eccc021ad5eedf8ea9c0732912ef602b15a + image: quay.io/konflux-ci/tekton-results-api:cc0e0ecfe4cd88c9e7537e23e4a2b159e397d59a livenessProbe: httpGet: path: /healthz @@ -1448,6 +1492,83 @@ spec: --- apiVersion: apps/v1 kind: Deployment +metadata: + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + labels: + app.kubernetes.io/name: tekton-results-retention-policy-agent + app.kubernetes.io/part-of: tekton-results + app.kubernetes.io/version: devel + name: tekton-results-retention-policy-agent + namespace: tekton-results +spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/name: tekton-results-retention-policy-agent + template: + metadata: + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + cluster-autoscaler.kubernetes.io/safe-to-evict: "false" + labels: + app.kubernetes.io/name: tekton-results-retention-policy-agent + app.kubernetes.io/version: devel + spec: + containers: + - env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: tekton-results-config-logging + - name: DB_USER + valueFrom: + secretKeyRef: + key: POSTGRES_USER + name: tekton-results-postgres + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + key: POSTGRES_PASSWORD + name: tekton-results-postgres + image: quay.io/konflux-ci/tekton-results-retention-policy-agent:cc0e0ecfe4cd88c9e7537e23e4a2b159e397d59a + name: retention-policy-agent + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /etc/tekton/results + name: config + readOnly: true + - mountPath: /etc/tls + name: tls + readOnly: true + serviceAccountName: tekton-results-watcher + volumes: + - configMap: + name: tekton-results-api-config + name: config + - name: tls + secret: + secretName: tekton-results-tls +--- +apiVersion: apps/v1 +kind: Deployment metadata: annotations: argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true @@ -1526,6 +1647,7 @@ spec: - -completed_run_grace_period - 10m - -threadiness=32 + - -logs_api=true env: - name: SYSTEM_NAMESPACE valueFrom: @@ -1543,7 +1665,7 @@ spec: value: tekton-results-api-service.tekton-pipelines.svc.cluster.local:8080 - name: AUTH_MODE value: token - image: quay.io/redhat-appstudio/tekton-results-watcher:bae7851ff584423503af324200f52cd28ca99116 + image: quay.io/konflux-ci/tekton-results-watcher:cc0e0ecfe4cd88c9e7537e23e4a2b159e397d59a name: watcher ports: - containerPort: 9090 diff --git a/components/ui/production/kflux-ocp-p01/kustomization.yaml b/components/ui/production/kflux-ocp-p01/kustomization.yaml index 11af7e2e85b..bc9c149bb51 100644 --- a/components/ui/production/kflux-ocp-p01/kustomization.yaml +++ b/components/ui/production/kflux-ocp-p01/kustomization.yaml @@ -19,7 +19,7 @@ images: # hac-dev - name: quay.io/cloudservices/hac-dev-frontend newName: quay.io/cloudservices/hac-dev-frontend - newTag: 9522a36 + newTag: de23e42 configMapGenerator: - name: fed-modules diff --git a/components/ui/production/stone-prod-p02/kustomization.yaml b/components/ui/production/stone-prod-p02/kustomization.yaml index 11af7e2e85b..bc9c149bb51 100644 --- a/components/ui/production/stone-prod-p02/kustomization.yaml +++ b/components/ui/production/stone-prod-p02/kustomization.yaml @@ -19,7 +19,7 @@ images: # hac-dev - name: quay.io/cloudservices/hac-dev-frontend newName: quay.io/cloudservices/hac-dev-frontend - newTag: 9522a36 + newTag: de23e42 configMapGenerator: - name: fed-modules