From 6d0e047c8bed00b9a85974b794bce77fb38421b0 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Sun, 13 Apr 2025 01:24:38 +0200
Subject: [PATCH] feat(system-upgrade-controller): Upgrade to version 0.15.2
---
bootstrap/system-upgrades/clusterrole.yaml | 27 ++++++++++++-
bootstrap/system-upgrades/crd.yaml | 44 +++++++++++++++++++++-
bootstrap/system-upgrades/deployment.yaml | 6 ++-
3 files changed, 73 insertions(+), 4 deletions(-)
diff --git a/bootstrap/system-upgrades/clusterrole.yaml b/bootstrap/system-upgrades/clusterrole.yaml
index 1346e31c4..3cb3cb530 100644
--- a/bootstrap/system-upgrades/clusterrole.yaml
+++ b/bootstrap/system-upgrades/clusterrole.yaml
@@ -39,6 +39,30 @@ rules:
- patch
- update
- delete
+- apiGroups:
+ - coordination.k8s.io
+ resourceNames:
+ - system-upgrade-controller
+ resources:
+ - leases
+ verbs:
+ - get
+ - update
+- apiGroups:
+ - coordination.k8s.io
+ resources:
+ - leases
+ verbs:
+ - create
+- apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - get
+ - create
+ - patch
+ - update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
@@ -88,6 +112,7 @@ rules:
verbs:
- "get"
- "list"
+ - "delete"
# Needed to cordon Nodes
- apiGroups:
- ""
@@ -95,8 +120,6 @@ rules:
- "nodes"
verbs:
- "get"
- - "list"
- - "watch"
- "patch"
# Needed to determine Pod owners
- apiGroups:
diff --git a/bootstrap/system-upgrades/crd.yaml b/bootstrap/system-upgrades/crd.yaml
index 6fb5343a1..f89b870ad 100644
--- a/bootstrap/system-upgrades/crd.yaml
+++ b/bootstrap/system-upgrades/crd.yaml
@@ -130,6 +130,9 @@ spec:
nullable: true
type: object
type: object
+ postCompleteDelay:
+ nullable: true
+ type: string
prepare:
nullable: true
properties:
@@ -248,6 +251,16 @@ spec:
allowPrivilegeEscalation:
nullable: true
type: boolean
+ appArmorProfile:
+ nullable: true
+ properties:
+ localhostProfile:
+ nullable: true
+ type: string
+ type:
+ nullable: true
+ type: string
+ type: object
capabilities:
nullable: true
properties:
@@ -497,6 +510,16 @@ spec:
allowPrivilegeEscalation:
nullable: true
type: boolean
+ appArmorProfile:
+ nullable: true
+ properties:
+ localhostProfile:
+ nullable: true
+ type: string
+ type:
+ nullable: true
+ type: string
+ type: object
capabilities:
nullable: true
properties:
@@ -593,6 +616,25 @@ spec:
version:
nullable: true
type: string
+ window:
+ nullable: true
+ properties:
+ days:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ endTime:
+ nullable: true
+ type: string
+ startTime:
+ nullable: true
+ type: string
+ timeZone:
+ nullable: true
+ type: string
+ type: object
required:
- upgrade
type: object
@@ -639,4 +681,4 @@ spec:
served: true
storage: true
subresources:
- status: {}
+ status: {}
\ No newline at end of file
diff --git a/bootstrap/system-upgrades/deployment.yaml b/bootstrap/system-upgrades/deployment.yaml
index 996a1a869..6e0479e6b 100644
--- a/bootstrap/system-upgrades/deployment.yaml
+++ b/bootstrap/system-upgrades/deployment.yaml
@@ -29,10 +29,14 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
+ - name: SYSTEM_UPGRADE_CONTROLLER_NODE_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
envFrom:
- configMapRef:
name: default-controller-env
- image: docker.io/rancher/system-upgrade-controller:v0.13.4@sha256:3df6d01b9eb583a78c309ce0b2cfeed98a9af97983e4ea96bf53410dd56c6f45
+ image: docker.io/rancher/system-upgrade-controller:v0.15.2
imagePullPolicy: IfNotPresent
name: system-upgrade-controller
securityContext:
--
GitLab