diff --git a/.github/workflows/deps.yml b/.github/workflows/deps.yml index 8612ad4068..c17655ce72 100644 --- a/.github/workflows/deps.yml +++ b/.github/workflows/deps.yml @@ -26,14 +26,14 @@ jobs: - id: govulncheck uses: ./.github/actions/govulncheck with: - go-version-input: 1.21.6 + go-version-input: 1.21.7 go-version-file: go.mod cache: false repo-checkout: false - id: govulncheck-tests-agent uses: ./.github/actions/govulncheck with: - go-version-input: 1.21.6 + go-version-input: 1.21.7 go-version-file: test/agent/go.mod cache: false repo-checkout: false diff --git a/Makefile b/Makefile index f94cf95aed..205ecd5dd4 100644 --- a/Makefile +++ b/Makefile @@ -22,7 +22,7 @@ # VERSION is the source revision that executables and images are built from. VERSION ?= $(shell git describe --tags --always --dirty || echo "unknown") # GOLANG_IMAGE is the building golang container image used. -GOLANG_IMAGE ?= public.ecr.aws/eks-distro-build-tooling/golang:1.21.6-7-gcc-al2 +GOLANG_IMAGE ?= public.ecr.aws/eks-distro-build-tooling/golang:1.21.7-8-gcc-al2 # BASE_IMAGE_CNI is the base layer image for the primary AWS VPC CNI plugin container BASE_IMAGE_CNI ?= public.ecr.aws/eks-distro-build-tooling/eks-distro-minimal-base-iptables:latest.2 # BASE_IMAGE_CNI_INIT is the base layer image for the AWS VPC CNI init container diff --git a/charts/aws-vpc-cni/README.md b/charts/aws-vpc-cni/README.md index b2202141e8..7bb38cbf5f 100644 --- a/charts/aws-vpc-cni/README.md +++ b/charts/aws-vpc-cni/README.md @@ -108,9 +108,8 @@ $ helm install aws-vpc-cni --namespace kube-system eks/aws-vpc-cni --values valu ## Adopting the existing aws-node resources in an EKS cluster -If you do not want to delete the existing aws-node resources in your cluster that run the aws-vpc-cni and then install this helm chart, you can adopt the resources into a release instead. Refer to the script below to import existing resources into helm. Once you have annotated and labeled all the resources this chart specifies, enable the `originalMatchLabels` flag. If you have been careful this should not diff and leave all the resources unmodified and now under management of helm. +If you do not want to delete the existing aws-node resources in your cluster that run the aws-vpc-cni and then install this helm chart, you can adopt the resources into a release instead. Refer to the script below to import existing resources into helm. Once you have annotated and labeled all the resources this chart specifies, enable the `originalMatchLabels` flag. If you have been careful, this should not diff and leave all the resources unmodified and now under management of helm. -WARNING: Substitute YOUR_HELM_RELEASE_NAME_HERE with the name of your helm release. ``` #!/usr/bin/env bash @@ -118,15 +117,18 @@ set -euo pipefail for kind in daemonSet clusterRole clusterRoleBinding serviceAccount; do echo "setting annotations and labels on $kind/aws-node" - kubectl -n kube-system annotate --overwrite $kind aws-node meta.helm.sh/release-name=YOUR_HELM_RELEASE_NAME_HERE + kubectl -n kube-system annotate --overwrite $kind aws-node meta.helm.sh/release-name=aws-vpc-cni kubectl -n kube-system annotate --overwrite $kind aws-node meta.helm.sh/release-namespace=kube-system kubectl -n kube-system label --overwrite $kind aws-node app.kubernetes.io/managed-by=Helm done -kubectl -n kube-system annotate --overwrite configmap amazon-vpc-cni meta.helm.sh/release-name=YOUR_HELM_RELEASE_NAME_HERE +kubectl -n kube-system annotate --overwrite configmap amazon-vpc-cni meta.helm.sh/release-name=aws-vpc-cni kubectl -n kube-system annotate --overwrite configmap amazon-vpc-cni meta.helm.sh/release-namespace=kube-system kubectl -n kube-system label --overwrite configmap amazon-vpc-cni app.kubernetes.io/managed-by=Helm +Kubernetes recommends using server-side apply for more control over the field manager. After adopting the chart resources, you can run the following command to apply the chart: +``` +helm template aws-vpc-cni --include-crds --namespace kube-system eks/aws-vpc-cni --set originalMatchLabels=true | kubectl apply --server-side --force-conflicts --field-manager Helm -f - ``` ## Migrate from Helm v2 to Helm v3 diff --git a/test/agent/Dockerfile b/test/agent/Dockerfile index 4b828713f6..6d65310070 100644 --- a/test/agent/Dockerfile +++ b/test/agent/Dockerfile @@ -1,4 +1,4 @@ -FROM public.ecr.aws/eks-distro-build-tooling/golang:1.21.6-7-gcc-al2 as builder +FROM public.ecr.aws/eks-distro-build-tooling/golang:1.21.7-8-gcc-al2 as builder WORKDIR /workspace ENV GOPROXY direct