From 827be5882d14cfce8ad8b2e2919646a21383264c Mon Sep 17 00:00:00 2001 From: Zhenya Tikhonov Date: Tue, 17 Sep 2024 15:35:29 +0400 Subject: [PATCH 1/2] feat: support `terminationGracePeriodSeconds` configuration for `dind` and `engine` --- charts/cf-runtime/Chart.yaml | 6 +++--- charts/cf-runtime/README.md | 8 +++++--- .../templates/runtime/runtime-env-spec-tmpl.yaml | 3 +++ charts/cf-runtime/values.yaml | 4 ++++ 4 files changed, 15 insertions(+), 6 deletions(-) diff --git a/charts/cf-runtime/Chart.yaml b/charts/cf-runtime/Chart.yaml index 17ddb0cc..7bdff74b 100644 --- a/charts/cf-runtime/Chart.yaml +++ b/charts/cf-runtime/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart for Codefresh Runner name: cf-runtime -version: 6.3.61 +version: 6.4.0 keywords: - codefresh - runner @@ -17,8 +17,8 @@ annotations: artifacthub.io/containsSecurityUpdates: "false" # Supported kinds: `added`, `changed`, `deprecated`, `removed`, `fixed`, `security`: artifacthub.io/changes: | - - kind: fixed - description: "engine image upgraded to v1.174.12 with fix to codefresh run --local command" + - kind: added + description: "Added support for terminationGracePeriodSeconds configuration for dind and engine" dependencies: - name: cf-common repository: oci://quay.io/codefresh/charts diff --git a/charts/cf-runtime/README.md b/charts/cf-runtime/README.md index 06bef5a3..a3b9ea9c 100644 --- a/charts/cf-runtime/README.md +++ b/charts/cf-runtime/README.md @@ -1,6 +1,6 @@ ## Codefresh Runner -![Version: 6.3.61](https://img.shields.io/badge/Version-6.3.61-informational?style=flat-square) +![Version: 6.4.0](https://img.shields.io/badge/Version-6.4.0-informational?style=flat-square) Helm chart for deploying [Codefresh Runner](https://codefresh.io/docs/docs/installation/codefresh-runner/) to Kubernetes. @@ -1121,7 +1121,7 @@ Go to [https:///admin/runtime-environments/system](http | runtime.accounts | list | `[]` | (for On-Premise only) Assign accounts to runtime (list of account ids) | | runtime.agent | bool | `true` | (for On-Premise only) Enable agent | | runtime.description | string | `""` | Runtime description | -| runtime.dind | object | `{"affinity":{},"env":{"DOCKER_ENABLE_DEPRECATED_PULL_SCHEMA_1_IMAGE":true},"image":{"pullPolicy":"IfNotPresent","registry":"quay.io","repository":"codefresh/dind","tag":"26.1.4-1.28.7"},"nodeSelector":{},"podAnnotations":{},"podLabels":{},"pvcs":{"dind":{"annotations":{},"name":"dind","reuseVolumeSelector":"codefresh-app,io.codefresh.accountName","reuseVolumeSortOrder":"pipeline_id","storageClassName":"{{ include \"dind-volume-provisioner.storageClassName\" . }}","volumeSize":"16Gi"}},"resources":{"limits":{"cpu":"400m","memory":"800Mi"},"requests":null},"schedulerName":"","serviceAccount":"codefresh-engine","tolerations":[],"userAccess":true,"userVolumeMounts":{},"userVolumes":{}}` | Parameters for DinD (docker-in-docker) pod (aka "runtime" pod). | +| runtime.dind | object | `{"affinity":{},"env":{"DOCKER_ENABLE_DEPRECATED_PULL_SCHEMA_1_IMAGE":true},"image":{"pullPolicy":"IfNotPresent","registry":"quay.io","repository":"codefresh/dind","tag":"26.1.4-1.28.7"},"nodeSelector":{},"podAnnotations":{},"podLabels":{},"pvcs":{"dind":{"annotations":{},"name":"dind","reuseVolumeSelector":"codefresh-app,io.codefresh.accountName","reuseVolumeSortOrder":"pipeline_id","storageClassName":"{{ include \"dind-volume-provisioner.storageClassName\" . }}","volumeSize":"16Gi"}},"resources":{"limits":{"cpu":"400m","memory":"800Mi"},"requests":null},"schedulerName":"","serviceAccount":"codefresh-engine","terminationGracePeriodSeconds":30,"tolerations":[],"userAccess":true,"userVolumeMounts":{},"userVolumes":{}}` | Parameters for DinD (docker-in-docker) pod (aka "runtime" pod). | | runtime.dind.affinity | object | `{}` | Set affinity | | runtime.dind.env | object | `{"DOCKER_ENABLE_DEPRECATED_PULL_SCHEMA_1_IMAGE":true}` | Set additional env vars. | | runtime.dind.image | object | `{"pullPolicy":"IfNotPresent","registry":"quay.io","repository":"codefresh/dind","tag":"26.1.4-1.28.7"}` | Set dind image. | @@ -1138,12 +1138,13 @@ Go to [https:///admin/runtime-environments/system](http | runtime.dind.resources | object | `{"limits":{"cpu":"400m","memory":"800Mi"},"requests":null}` | Set dind resources. | | runtime.dind.schedulerName | string | `""` | Set scheduler name. | | runtime.dind.serviceAccount | string | `"codefresh-engine"` | Set service account for pod. | +| runtime.dind.terminationGracePeriodSeconds | int | `30` | Set termination grace period. | | runtime.dind.tolerations | list | `[]` | Set tolerations. | | runtime.dind.userAccess | bool | `true` | Keep `true` as default! | | runtime.dind.userVolumeMounts | object | `{}` | Add extra volume mounts | | runtime.dind.userVolumes | object | `{}` | Add extra volumes | | runtime.dindDaemon | object | See below | DinD pod daemon config | -| runtime.engine | object | `{"affinity":{},"command":["npm","run","start"],"env":{"CONTAINER_LOGGER_EXEC_CHECK_INTERVAL_MS":1000,"DOCKER_REQUEST_TIMEOUT_MS":30000,"FORCE_COMPOSE_SERIAL_PULL":false,"LOGGER_LEVEL":"debug","LOG_OUTGOING_HTTP_REQUESTS":false,"METRICS_PROMETHEUS_COLLECT_PROCESS_METRICS":false,"METRICS_PROMETHEUS_ENABLED":true,"METRICS_PROMETHEUS_ENABLE_LEGACY_METRICS":false,"METRICS_PROMETHEUS_HOST":"0.0.0.0","METRICS_PROMETHEUS_PORT":9100},"image":{"pullPolicy":"IfNotPresent","registry":"quay.io","repository":"codefresh/engine","tag":"1.174.12"},"nodeSelector":{},"podAnnotations":{},"podLabels":{},"resources":{"limits":{"cpu":"1000m","memory":"2048Mi"},"requests":{"cpu":"100m","memory":"128Mi"}},"runtimeImages":{"COMPOSE_IMAGE":"quay.io/codefresh/compose:v2.28.1-1.5.0","CONTAINER_LOGGER_IMAGE":"quay.io/codefresh/cf-container-logger:1.11.6","COSIGN_IMAGE_SIGNER_IMAGE":"quay.io/codefresh/cf-cosign-image-signer:2.4.0-cf.2","CR_6177_FIXER":"quay.io/codefresh/alpine:edge","DOCKER_BUILDER_IMAGE":"quay.io/codefresh/cf-docker-builder:1.3.13","DOCKER_PULLER_IMAGE":"quay.io/codefresh/cf-docker-puller:8.0.17","DOCKER_PUSHER_IMAGE":"quay.io/codefresh/cf-docker-pusher:6.0.16","DOCKER_TAG_PUSHER_IMAGE":"quay.io/codefresh/cf-docker-tag-pusher:1.3.14","FS_OPS_IMAGE":"quay.io/codefresh/fs-ops:1.2.3","GC_BUILDER_IMAGE":"quay.io/codefresh/cf-gc-builder:0.5.3","GIT_CLONE_IMAGE":"quay.io/codefresh/cf-git-cloner:10.1.28","KUBE_DEPLOY":"quay.io/codefresh/cf-deploy-kubernetes:16.1.11","PIPELINE_DEBUGGER_IMAGE":"quay.io/codefresh/cf-debugger:1.3.0","TEMPLATE_ENGINE":"quay.io/codefresh/pikolo:0.14.1"},"schedulerName":"","serviceAccount":"codefresh-engine","tolerations":[],"userEnvVars":[],"workflowLimits":{"MAXIMUM_ALLOWED_TIME_BEFORE_PRE_STEPS_SUCCESS":600,"MAXIMUM_ALLOWED_WORKFLOW_AGE_BEFORE_TERMINATION":86400,"MAXIMUM_ELECTED_STATE_AGE_ALLOWED":900,"MAXIMUM_RETRY_ATTEMPTS_ALLOWED":20,"MAXIMUM_TERMINATING_STATE_AGE_ALLOWED":900,"MAXIMUM_TERMINATING_STATE_AGE_ALLOWED_WITHOUT_UPDATE":300,"TIME_ENGINE_INACTIVE_UNTIL_TERMINATION":300,"TIME_ENGINE_INACTIVE_UNTIL_UNHEALTHY":60,"TIME_INACTIVE_UNTIL_TERMINATION":2700}}` | Parameters for Engine pod (aka "pipeline" orchestrator). | +| runtime.engine | object | `{"affinity":{},"command":["npm","run","start"],"env":{"CONTAINER_LOGGER_EXEC_CHECK_INTERVAL_MS":1000,"DOCKER_REQUEST_TIMEOUT_MS":30000,"FORCE_COMPOSE_SERIAL_PULL":false,"LOGGER_LEVEL":"debug","LOG_OUTGOING_HTTP_REQUESTS":false,"METRICS_PROMETHEUS_COLLECT_PROCESS_METRICS":false,"METRICS_PROMETHEUS_ENABLED":true,"METRICS_PROMETHEUS_ENABLE_LEGACY_METRICS":false,"METRICS_PROMETHEUS_HOST":"0.0.0.0","METRICS_PROMETHEUS_PORT":9100},"image":{"pullPolicy":"IfNotPresent","registry":"quay.io","repository":"codefresh/engine","tag":"1.174.12"},"nodeSelector":{},"podAnnotations":{},"podLabels":{},"resources":{"limits":{"cpu":"1000m","memory":"2048Mi"},"requests":{"cpu":"100m","memory":"128Mi"}},"runtimeImages":{"COMPOSE_IMAGE":"quay.io/codefresh/compose:v2.28.1-1.5.0","CONTAINER_LOGGER_IMAGE":"quay.io/codefresh/cf-container-logger:1.11.6","COSIGN_IMAGE_SIGNER_IMAGE":"quay.io/codefresh/cf-cosign-image-signer:2.4.0-cf.2","CR_6177_FIXER":"quay.io/codefresh/alpine:edge","DOCKER_BUILDER_IMAGE":"quay.io/codefresh/cf-docker-builder:1.3.13","DOCKER_PULLER_IMAGE":"quay.io/codefresh/cf-docker-puller:8.0.17","DOCKER_PUSHER_IMAGE":"quay.io/codefresh/cf-docker-pusher:6.0.16","DOCKER_TAG_PUSHER_IMAGE":"quay.io/codefresh/cf-docker-tag-pusher:1.3.14","FS_OPS_IMAGE":"quay.io/codefresh/fs-ops:1.2.3","GC_BUILDER_IMAGE":"quay.io/codefresh/cf-gc-builder:0.5.3","GIT_CLONE_IMAGE":"quay.io/codefresh/cf-git-cloner:10.1.28","KUBE_DEPLOY":"quay.io/codefresh/cf-deploy-kubernetes:16.1.11","PIPELINE_DEBUGGER_IMAGE":"quay.io/codefresh/cf-debugger:1.3.0","TEMPLATE_ENGINE":"quay.io/codefresh/pikolo:0.14.1"},"schedulerName":"","serviceAccount":"codefresh-engine","terminationGracePeriodSeconds":180,"tolerations":[],"userEnvVars":[],"workflowLimits":{"MAXIMUM_ALLOWED_TIME_BEFORE_PRE_STEPS_SUCCESS":600,"MAXIMUM_ALLOWED_WORKFLOW_AGE_BEFORE_TERMINATION":86400,"MAXIMUM_ELECTED_STATE_AGE_ALLOWED":900,"MAXIMUM_RETRY_ATTEMPTS_ALLOWED":20,"MAXIMUM_TERMINATING_STATE_AGE_ALLOWED":900,"MAXIMUM_TERMINATING_STATE_AGE_ALLOWED_WITHOUT_UPDATE":300,"TIME_ENGINE_INACTIVE_UNTIL_TERMINATION":300,"TIME_ENGINE_INACTIVE_UNTIL_UNHEALTHY":60,"TIME_INACTIVE_UNTIL_TERMINATION":2700}}` | Parameters for Engine pod (aka "pipeline" orchestrator). | | runtime.engine.affinity | object | `{}` | Set affinity | | runtime.engine.command | list | `["npm","run","start"]` | Set container command. | | runtime.engine.env | object | `{"CONTAINER_LOGGER_EXEC_CHECK_INTERVAL_MS":1000,"DOCKER_REQUEST_TIMEOUT_MS":30000,"FORCE_COMPOSE_SERIAL_PULL":false,"LOGGER_LEVEL":"debug","LOG_OUTGOING_HTTP_REQUESTS":false,"METRICS_PROMETHEUS_COLLECT_PROCESS_METRICS":false,"METRICS_PROMETHEUS_ENABLED":true,"METRICS_PROMETHEUS_ENABLE_LEGACY_METRICS":false,"METRICS_PROMETHEUS_HOST":"0.0.0.0","METRICS_PROMETHEUS_PORT":9100}` | Set additional env vars. | @@ -1165,6 +1166,7 @@ Go to [https:///admin/runtime-environments/system](http | runtime.engine.runtimeImages | object | See below. | Set system(base) runtime images. | | runtime.engine.schedulerName | string | `""` | Set scheduler name. | | runtime.engine.serviceAccount | string | `"codefresh-engine"` | Set service account for pod. | +| runtime.engine.terminationGracePeriodSeconds | int | `180` | Set termination grace period. | | runtime.engine.tolerations | list | `[]` | Set tolerations. | | runtime.engine.userEnvVars | list | `[]` | Set extra env vars | | runtime.engine.workflowLimits | object | `{"MAXIMUM_ALLOWED_TIME_BEFORE_PRE_STEPS_SUCCESS":600,"MAXIMUM_ALLOWED_WORKFLOW_AGE_BEFORE_TERMINATION":86400,"MAXIMUM_ELECTED_STATE_AGE_ALLOWED":900,"MAXIMUM_RETRY_ATTEMPTS_ALLOWED":20,"MAXIMUM_TERMINATING_STATE_AGE_ALLOWED":900,"MAXIMUM_TERMINATING_STATE_AGE_ALLOWED_WITHOUT_UPDATE":300,"TIME_ENGINE_INACTIVE_UNTIL_TERMINATION":300,"TIME_ENGINE_INACTIVE_UNTIL_UNHEALTHY":60,"TIME_INACTIVE_UNTIL_TERMINATION":2700}` | Set workflow limits. | diff --git a/charts/cf-runtime/templates/runtime/runtime-env-spec-tmpl.yaml b/charts/cf-runtime/templates/runtime/runtime-env-spec-tmpl.yaml index c0ae0ff8..baf72651 100644 --- a/charts/cf-runtime/templates/runtime/runtime-env-spec-tmpl.yaml +++ b/charts/cf-runtime/templates/runtime/runtime-env-spec-tmpl.yaml @@ -88,6 +88,9 @@ runtimeScheduler: {{- if $engineContext.resources}} {{- toYaml $engineContext.resources | nindent 4 }} {{- end }} + {{- with $engineContext.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ . }} + {{- end }} dockerDaemonScheduler: type: DindKubernetesPod {{- if $dindContext.image }} diff --git a/charts/cf-runtime/values.yaml b/charts/cf-runtime/values.yaml index 88ad3fac..15d7cc73 100644 --- a/charts/cf-runtime/values.yaml +++ b/charts/cf-runtime/values.yaml @@ -439,6 +439,8 @@ runtime: limits: cpu: 400m memory: 800Mi + # -- Set termination grace period. + terminationGracePeriodSeconds: 30 # -- PV claim spec parametes. pvcs: # -- Default dind PVC parameters @@ -521,6 +523,8 @@ runtime: limits: cpu: 1000m memory: 2048Mi + # -- Set termination grace period. + terminationGracePeriodSeconds: 180 # -- Set system(base) runtime images. # @default -- See below. runtimeImages: From ba4d09f59ab896e3869604023b8f9336001c183b Mon Sep 17 00:00:00 2001 From: Zhenya Tikhonov Date: Tue, 17 Sep 2024 15:45:21 +0400 Subject: [PATCH 2/2] test: add tests for `terminationGracePeriodSeconds` --- .../tests/private-registry/private_registry_test.yaml | 2 ++ charts/cf-runtime/tests/runtime/runtime_onprem_test.yaml | 2 ++ charts/cf-runtime/tests/runtime/runtime_test.yaml | 2 ++ 3 files changed, 6 insertions(+) diff --git a/charts/cf-runtime/tests/private-registry/private_registry_test.yaml b/charts/cf-runtime/tests/private-registry/private_registry_test.yaml index 78238979..54303871 100644 --- a/charts/cf-runtime/tests/private-registry/private_registry_test.yaml +++ b/charts/cf-runtime/tests/private-registry/private_registry_test.yaml @@ -85,6 +85,7 @@ tests: requests: cpu: 100m memory: 128Mi + terminationGracePeriodSeconds: 180 dockerDaemonScheduler: type: DindKubernetesPod dindImage: 'somedomain.io/codefresh/dind:tagoverride' @@ -109,6 +110,7 @@ tests: cpu: 400m memory: 800Mi requests: null + terminationGracePeriodSeconds: 30 extends: - system/default/hybrid/k8s_low_limits description: null diff --git a/charts/cf-runtime/tests/runtime/runtime_onprem_test.yaml b/charts/cf-runtime/tests/runtime/runtime_onprem_test.yaml index 9fcc9aa5..b1cf3520 100644 --- a/charts/cf-runtime/tests/runtime/runtime_onprem_test.yaml +++ b/charts/cf-runtime/tests/runtime/runtime_onprem_test.yaml @@ -110,6 +110,7 @@ tests: requests: cpu: 200m memory: 256Mi + terminationGracePeriodSeconds: 180 dockerDaemonScheduler: type: DindKubernetesPod dindImage: 'quay.io/codefresh/dind:tagoverride' @@ -152,6 +153,7 @@ tests: cpu: 1000m memory: 2048Mi requests: null + terminationGracePeriodSeconds: 30 userVolumeMounts: my-cert: mountPath: /etc/ssl/cert diff --git a/charts/cf-runtime/tests/runtime/runtime_test.yaml b/charts/cf-runtime/tests/runtime/runtime_test.yaml index 961237a7..45bf1466 100644 --- a/charts/cf-runtime/tests/runtime/runtime_test.yaml +++ b/charts/cf-runtime/tests/runtime/runtime_test.yaml @@ -120,6 +120,7 @@ tests: requests: cpu: 200m memory: 256Mi + terminationGracePeriodSeconds: 180 dockerDaemonScheduler: type: DindKubernetesPod dindImage: 'quay.io/codefresh/dind:tagoverride' @@ -165,6 +166,7 @@ tests: cpu: 1000m memory: 2048Mi requests: null + terminationGracePeriodSeconds: 30 userVolumeMounts: my-cert: mountPath: /etc/ssl/cert