2930b099f2
This commit fixes two issues: 1 - In meta_data.yml the BASE_SRCREV was pointing to a stx.8.0 commit, not allowing the secret-observer helm-chart version to be automatically detected. 2 - During upgrade the new dex pod was stuck in a pending status and never been allow to be scheduled due a podAntiAffinity rule. This rule was ineffective because of a missing label issue fixed by this commit: https://review.opendev.org/c/starlingx/oidc-auth-armada-app/+/913336 The bug being fixed here is a side effect of the above commit. The dex deployment object rollingUpdate strategy was 25% on both maxUnavailable and maxSurge which for one replica would result in 0, not allowing any pod to be scheduled. The maxUnavailable of 1, allows the old pod to be terminated before being replaced by the new one. was: strategy: rollingUpdate: maxUnavailable: 25% maxSurge: 25% type: RollingUpdate now: strategy: rollingUpdate: maxUnavailable: 1 maxSurge: 1 type: RollingUpdate The strategy is similar to the what is done by cert-manager pods and this will allow the pod to be scheduled. Test Plan: PASS: Deploy a stx.8.0 AIO-SX, build the OIDC tarball bumped-up, perform the oidc-auth-app upgrade process manually. Check if oidc-auth-app was successfully upgraded and if its pods are running. PASS: Deploy a stx.8.0 AIO-SX, configure the OIDC app, built an ISO for stx.9.0, perform a full upgrade process from stx.8.0 to stx.9.0 Check if oidc-auth-app was successfully upgraded. Closes-Bug: 2067929 Change-Id: If432644e2781ad1dcbdf2b364203637b0329893c Signed-off-by: Joaci Morais <joaci.demorais@windriver.com> |
||
|---|---|---|
| helm-charts | ||
| oidc-auth-tools | ||
| python3-k8sapp-oidc | ||
| stx-oidc-auth-helm | ||
| stx-oidc-client/debian | ||
| .gitignore | ||
| .gitreview | ||
| .zuul.yaml | ||
| bindep.txt | ||
| debian_build_layer.cfg | ||
| debian_iso_image.inc | ||
| debian_pkg_dirs | ||
| debian_stable_docker_images.inc | ||
| requirements.txt | ||
| test-requirements.txt | ||
| tox.ini | ||