| *** uzumaki has quit IRC | 00:44 | |
| *** uzumaki has joined #airshipit | 01:22 | |
| *** uzumaki has quit IRC | 03:14 | |
| airship-irc-bot3 | <aodinokov> @sidney.shiba https://github.com/airshipit/airshipctl/commit/d82e04ea5e6f5933403961735c3205114ff7aad2#diff-3131527aa625efd9f156bd5[…]7b1aaebfcded7d109d0f92d013268 please refer to the description of this PR. it specifies that behavior. if you replace to secret.data it encodes... ```const ( secret = "Secret" secretData = "data" ) ... val := value // Encoding value before replacement if target is `kind: Secret` // an | 03:44 |
|---|---|---|
| airship-irc-bot3 | has fieldRef `data` if target.ObjRef.Gvk.Kind == secret && strings.Split(fieldRef, ".")[0] == secretData { val = encodeValue(val) }``` seems like it will do that always. you may try to make it a bit more sophisticated/explicit or vice-versa - remove that logic at all.. I'm not sure if it's really used in practice | 03:44 |
| airship-irc-bot3 | <aodinokov> In my opinion it's a good feature, but it should be done explicitly (using some flag) | 03:46 |
| airship-irc-bot3 | <aodinokov> to start discussion it would be a good idea to create a defect | 03:46 |
| *** raildo has quit IRC | 04:15 | |
| *** raildo has joined #airshipit | 04:16 | |
| *** lamt has joined #airshipit | 06:43 | |
| *** outbrito has joined #airshipit | 13:56 | |
| outbrito | Good morning folks! Just a quick question: is armada still being maintained? I heard that it is in the process of being abandoned... | 13:57 |
| airship-irc-bot3 | <sidney.shiba> Thanks Alexey. | 14:38 |
| airship-irc-bot3 | <sidney.shiba> Yes, it would give more control similar to `data` vs `stringData.` | 14:40 |
| *** raildo has quit IRC | 16:07 | |
| airship-irc-bot3 | <outbackdingo> so.... ive just been handed the task of deploying airship on bare metal, now knowing 2.0 is coming, and doing the newest virtual all-in-one dev, whats the likely hood theres a good doc that explains how to get through this :slightly_smiling_face: | 16:21 |
| airship-irc-bot3 | <outbackdingo> @sb464f any input ? heard your using the dev script to deploy bare metal possibly ? | 16:25 |
| airship-irc-bot3 | <sidney.shiba> Hi all, there is another use case that is not consistent between K8S declaration and `Replacement` transformer. In K8S it is possible to have a "field name" with a dot (.), e.g., `tls.crt`. See below: `apiVersion: v1` `kind: Secret` `...` `data:` `tls.crt: LS0tLS1CR...` The replacement syntax that I used creates a new field to the yaml file instead of replacing it. See below: `- source:` `objref:` `name: | 16:44 |
| airship-irc-bot3 | cluster-catalogue` `fieldref: dex.tls.crt` `target:` `objref:` `kind: Secret` `name: jarvis-ca-key-pair` `fieldrefs: ["data.tls.crt"]` In the example below, it adds a new field as shown below: `data:` `tls.crt: LS0tLS1CR...` `tls:` `crt: dafhad` Is there a way to replace a field that contains a dot in its name? | 16:44 |
| airship-irc-bot3 | <mattmceuen> @outbackdingo we actually as of yesterday have some folks that are going to focus on a deployment guide for bare metal :slightly_smiling_face: this doesn't help you now. In the meantime: | 16:44 |
| airship-irc-bot3 | <vetbijaya> Hello team, Can I get some reviews on these PS's related to phase validation: https://review.opendev.org/c/airship/airshipctl/+/763260 -> cmd changes https://review.opendev.org/c/airship/airshipctl/+/763304 -> pkg changes https://review.opendev.org/c/airship/airshipctl/+/763300 -> k8s applier pkg changes https://review.opendev.org/c/airship/airshipctl/+/763265 -> clusterctl pkg changes | 16:45 |
| airship-irc-bot3 | <steven.fitzpatrick> Hey All. I was working on addressing some feedback on of my PS, and I noticed there is some disparity between the phase document entrypoints in treasuremap test-site/target and in airshipctl test-site/target. I know there have been changes in treasuremap recently to bring things in line with airshipctl. Along those lines, do you think a PS like this is needed for treasuremap? | 16:46 |
| airship-irc-bot3 | https://review.opendev.org/c/airship/treasuremap/+/777115 | 16:46 |
| airship-irc-bot3 | <mattmceuen> @outbackdingo in the meantime, we are growing our bare metal deployment reference manifests here: https://review.opendev.org/c/airship/treasuremap/+/772737 | 16:46 |
| airship-irc-bot3 | <mattmceuen> You can copy and modify that site definition (which the deployment guide will eventually walk people through) | 16:47 |
| airship-irc-bot3 | <mattmceuen> Congrats on the opportunity to help blaze a trail with Airship 2 :) please let us know here whenever you hit issues | 16:48 |
| airship-irc-bot3 | <mattmceuen> @outbrito: Yes, Armada is not under active development any more, although critical fixes etc can still be made. With Airship 2 we are moving to the Helm Controller from the Flux project, which gives a k8s-native API for deploying charts via a YAML input | 16:49 |
| airship-irc-bot3 | <mattmceuen> @steven.fitzpatrick I kicked off an email on a similar topic, will add you to it. I don't think we want to short-circuit from a treasuremap site back to airshipctl site def'n; we'll need to get the types in treasuremap trued up anyway | 16:51 |
| airship-irc-bot3 | <mattmceuen> @sidney.shiba I'm not sure off the top of my head - there is probably some trick we can do, and if necessary can enhance the replacement transformer (e.g. with some escape sequence that encodes a dot literal in a key) | 16:58 |
| airship-irc-bot3 | <mattmceuen> Normally people avoid key names with dots in them for that very reason, but from your example it looks like changing the key name may not be an option? | 16:59 |
| airship-irc-bot3 | <sidney.shiba> It would be nice to have consistent behavior between k8s and replacement transformer syntaxes. I inherited the code and wanted to change as little as possible but if the "cure" is harder than the "patch", then will have to jump in and patch it. Btw, tried the escape (\) just in case but it didn't work. Is there a easy workaround? If not, than will go for the patch. | 17:14 |
| airship-irc-bot3 | <aodinokov> there is jsonpath syntax supported | 17:15 |
| airship-irc-bot3 | <sidney.shiba> Can you elaborate it? | 17:16 |
| airship-irc-bot3 | <aodinokov> but even though the syntax may handle dots in a right way - there is a bug in replacement plugin so it it works incorrectly | 17:19 |
| airship-irc-bot3 | <aodinokov> let me show couple of examples | 17:19 |
| airship-irc-bot3 | <aodinokov> from https://github.com/airshipit/airshipctl/commit/025c2172d61f3a7f24b17343b7a686b20a2af70d#diff-fefb78e404f1ff97392c078[…]d1fe270a106f94b85143100ee5e1f if you start path with { | 17:22 |
| airship-irc-bot3 | <aodinokov> replacement plugin thinks that it's jsonpath | 17:22 |
| airship-irc-bot3 | <aodinokov> and you can use something like "{.spec.path.to.some.scalar.value}" | 17:23 |
| airship-irc-bot3 | <aodinokov> "{.keyWith\\.dot}" | 17:23 |
| airship-irc-bot3 | <aodinokov> is supposed to work | 17:23 |
| airship-irc-bot3 | <sidney.shiba> So, something like this? `target:` `objref:` `kind: Secret` `name: jarvis-ca-key-pair` `fieldrefs: ["{data.tls\.crt}"]` | 17:26 |
| airship-irc-bot3 | <aodinokov> yes, please try.. | 17:26 |
| airship-irc-bot3 | <aodinokov> \\ | 17:26 |
| airship-irc-bot3 | <aodinokov> instead of \ | 17:26 |
| airship-irc-bot3 | <aodinokov> I think it's because you alredy in "" | 17:26 |
| airship-irc-bot3 | <aodinokov> and need to use extra \ :slightly_smiling_face: | 17:27 |
| airship-irc-bot3 | <aodinokov> `fieldrefs: ["{data.tls\\.crt}"]` | 17:27 |
| airship-irc-bot3 | <aodinokov> @sidney.shiba ^ | 17:27 |
| airship-irc-bot3 | <aodinokov> please try this | 17:27 |
| airship-irc-bot3 | <sidney.shiba> Will try. | 17:27 |
| airship-irc-bot3 | <aodinokov> but not sure 100% it will work... I think I tried something similar, but maybe it was fixed after that :slightly_smiling_face: | 17:28 |
| airship-irc-bot3 | <aodinokov> if not - we may create a bug | 17:28 |
| airship-irc-bot3 | <aodinokov> at least jsonpath syntax covers case with dot. and we just need to implement that case correctly | 17:29 |
| airship-irc-bot3 | <sidney.shiba> No, it didn't work. See below: `$ KUSTOMIZE_PLUGIN_HOME=$(pwd) kustomize build --enable-alpha-plugins .` `unsupported jsonpath expression {data.tls\.crt}unsupported jsonpath expression {data.tls\.crt}Error: couldn't execute function: exit status 1` | 17:33 |
| airship-irc-bot3 | <aodinokov> hmmm.. ok.. I think I got something better - it worked but incorrectly :slightly_smiling_face: .. ok, will try it .. I think we need to fix that anyway.. | 17:34 |
| airship-irc-bot3 | <aodinokov> BTW I workarounded similar case in a bit differnt way | 17:35 |
| airship-irc-bot3 | <aodinokov> let me show :slightly_smiling_face: | 17:35 |
| airship-irc-bot3 | <sidney.shiba> sure, go ahead. | 17:36 |
| airship-irc-bot3 | <aodinokov> I specifically create a structure in Variable catalogue with fields that contain dots: https://github.com/airshipit/airshipctl/blob/master/manifests/type/gating/target/generator/secret-template.yaml#L44 | 17:37 |
| airship-irc-bot3 | <aodinokov> and I copy the upper level targetClusterCa to the Secret | 17:37 |
| airship-irc-bot3 | <aodinokov> https://github.com/airshipit/airshipctl/blob/a252b248bcc9be2c8aca6f544f99541dce5012a3/manifests/function/k8scontrol/replacements/cluster.yaml | 17:37 |
| airship-irc-bot3 | <aodinokov> I'm avoiding dots in the path... and still I got it copied to the target place | 17:38 |
| airship-irc-bot3 | <aodinokov> not sure if it will work for you | 17:38 |
| airship-irc-bot3 | <sidney.shiba> No, I don't think so. Best is to clean up and remove any names with dots in my manifests. I think it will be cleaner. Thanks Alexey. I learned something today. | 17:39 |
| airship-irc-bot3 | <ratnopam.chakrabarti> Hi Team, I need some reviews on https://review.opendev.org/c/airship/airshipctl/+/773707, thanks in advance :slightly_smiling_face: | 17:47 |
| outbrito | mattmceuen, ok, I think starlingx isn't planning on moving out from armada in the short term, so I opened a bug on the armada bug and I'm on the process of fixing it myself (not very sure about how to unit test it yet though), I was just wondering if that would still get reviews | 17:49 |
| outbrito | on the armada storyboard* | 17:50 |
| airship-irc-bot3 | <mattmceuen> outbrito: yes, definitely! If you don't get review quickly, please share it here to get more eyeballs on it | 18:11 |
| airship-irc-bot3 | <aodinokov> just tried this ``` objref: kind: VariableCatalogue name: generated-secrets - fieldref: "{.targetClusterCa}" + #fieldref: "{.targetClusterCa}" + fieldref: "{.targetKubeconfig.certificate-authority-data}" target: objref: kind: Secret name: target-cluster-ca - fieldrefs: ["{.data}"] + #fieldrefs: ["{.data}"] + fieldrefs: + - "{.data.tls\\.crt}" + - | 18:16 |
| airship-irc-bot3 | "{.data.tls\\.key}"``` for my https://github.com/airshipit/airshipctl/blob/a252b248bcc9be2c8aca6f544f99541dce5012a3/manifests/function/k8scontrol/replacements/cluster.yaml it copied it correctly. (not sure why it hasn't worked out for you... may be 1 slash instead of 2?) btw.. when I use jsonpath - it doesn't do base64 :slightly_smiling_face: this is a good workaround for yesterdays' question how 'not-to-base64' :slightly_smiling_face: | 18:16 |
| outbrito | mattmceuen, will do as soon as I figure the tests, thanks! | 18:47 |
| airship-irc-bot3 | <sidney.shiba> The difference seems to be the dot in the beginning of the reference, just after the open curly brace. Is this dot required? | 19:11 |
| airship-irc-bot3 | <aodinokov> hmm I think yes. | 19:13 |
| airship-irc-bot3 | <aodinokov> just opened https://support.smartbear.com/alertsite/docs/monitors/api/endpoint/jsonpath.html | 19:13 |
| airship-irc-bot3 | <aodinokov> seems like first dot is important | 19:13 |
| airship-irc-bot3 | <sidney.shiba> ok, let me try with the first dot. | 19:14 |
| airship-irc-bot3 | <sidney.shiba> Yeah, it worked and as you said, it also "fixed" the issue with base64 encoding. Even though it worked, I think it is safer to avoid names with dots and not relying on the side effect "fix" that might not last long if `Replacement` transformer code changes. | 19:20 |
| airship-irc-bot3 | <aodinokov> > it is safer to avoid names with dots agree. But sometimes it's still needed, e.g. clusterApi expects us to create a Secret with tls.crt and tls.key :slightly_smiling_face: that was the reason I made that workaround > and not relying on the side effect "fix" that might not last long if... Replacement plugin is our plugin. we can do whatever we need. I agree in the sense - I don't like the inconsistency in behavior of jsonpath | 19:24 |
| airship-irc-bot3 | syntax and legacy syntax... it's not a good UX and something should be done here... | 19:24 |
| airship-irc-bot3 | <sidney.shiba> Just found another "side effect" (or may be by design) to avoid the transformer to base64 encode the Secret data. Just add the dot at beginning of fieldRef name (yaml form). See below: `target:` `objref:` `kind: Secret` `name: jarvis-ca-key-pair` `fieldrefs: [".data.tls-key"]` | 19:29 |
| airship-irc-bot3 | <sidney.shiba> I didn't check the code but it might not be a good idea relying on it if not intended. | 19:30 |
| airship-irc-bot3 | <rishabh.k.jain> Hi , I need one more core review on the ps. :slightly_smiling_face: Thank you https://review.opendev.org/c/airship/airshipctl/+/772425 | 20:20 |
| *** outbrito has quit IRC | 20:35 | |
| *** outbrito has joined #airshipit | 20:35 | |
| *** thansen has quit IRC | 21:02 | |
| *** thansen has joined #airshipit | 21:02 | |
| *** raildo has joined #airshipit | 21:20 | |
| *** roman_g has joined #airshipit | 23:35 | |
| *** roman_g has quit IRC | 23:45 | |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!