From 5c7b2dfe028442a1c8da7339c76a623f3513e91a Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Tue, 8 Mar 2022 16:55:07 +0100
Subject: [PATCH] feature(system-upgrade): Setup automated kubernetes upgrades

This patch enables kubernetes upgrades for all clusters, this might
needs some adjustments in the future to allow different clusters in
different versions.

In order to ensure updates, there is currently a copr fork of the
upstream kubernetes.

References:
https://git.shivering-isles.com/sheogorath/kubernetes-fedora
---
 .../system-upgrades/kubernetes.yaml           | 62 +++++++++++++++++++
 1 file changed, 62 insertions(+)
 create mode 100644 infrastructure/system-upgrades/kubernetes.yaml

diff --git a/infrastructure/system-upgrades/kubernetes.yaml b/infrastructure/system-upgrades/kubernetes.yaml
new file mode 100644
index 000000000..5bfd9268c
--- /dev/null
+++ b/infrastructure/system-upgrades/kubernetes.yaml
@@ -0,0 +1,62 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kubernetes-upgrade
+  namespace: system-upgrade
+type: Opaque
+stringData:
+  kubernetes-version: "1.21"
+  setup-copr.sh: |
+    #!/bin/bash
+    set -e
+    set -x
+    secrets="$(dirname "$0")"
+    systemd-run --same-dir --wait --collect --service-type=exec dnf install -y dnf-plugins-core
+    systemd-run --same-dir --wait --collect --service-type=exec dnf copr enable -y "sheogorath/kubernetes-$(cat $secrets/kubernetes-version)"
+  kubernetes-upgrade.sh: |
+    #!/bin/bash
+    set -e
+    set -x
+    secrets="$(dirname "$0")"
+    systemd-run --same-dir --wait --collect --service-type=exec dnf upgrade -y kubernetes kubernetes-kubeadm
+    kubeadm upgrade apply --yes
+  upgrade.sh: |
+    #!/bin/bash
+    set -e
+    set -x
+    secrets="$(dirname "$0")"
+    $secrets/setup-copr.sh
+    $secrets/kubernetes-upgrade.sh
+---
+apiVersion: upgrade.cattle.io/v1
+kind: Plan
+metadata:
+  name: kubernetes-upgrade
+  namespace: system-upgrade
+spec:
+  concurrency: 1
+  nodeSelector:
+    matchExpressions:
+      - key: feature.node.kubernetes.io/system-os_release.ID
+        operator: In
+        values:
+          - fedora
+      - key: feature.node.kubernetes.io/system-os_release.VERSION_ID.major
+        operator: In
+        values:
+          - "35"
+  serviceAccountName: system-upgrade
+  secrets:
+    - name: kubernetes-upgrade
+      path: /host/run/system-upgrade/secrets/kubernetes-upgrade
+  drain:
+    deleteLocalData: true
+    ignoreDaemonSets: true
+    force: false
+  version: "1.21"
+  upgrade:
+    image: docker.io/library/fedora:35
+    command: ["chroot", "/host"]
+    args: ["sh", "/run/system-upgrade/secrets/kubernetes-upgrade/upgrade.sh"]
+
-- 
GitLab