Skip to content

Commit

Permalink
Merge branch 'main' into bsoghigian/readme-nit
Browse files Browse the repository at this point in the history
  • Loading branch information
Bryce-Soghigian authored Jan 15, 2025
2 parents 66af75e + 55450a1 commit 52d1e89
Show file tree
Hide file tree
Showing 27 changed files with 241 additions and 159 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/approval-comment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
disable-telemetry: true
disable-sudo: true
Expand All @@ -30,7 +30,7 @@ jobs:
mkdir -p /tmp/artifacts
{ echo ${{ github.event.pull_request.number }}; echo ${{ github.event.review.commit_id }}; } >> /tmp/artifacts/metadata.txt
cat /tmp/artifacts/metadata.txt
- uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
- uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: artifacts
path: /tmp/artifacts
2 changes: 1 addition & 1 deletion .github/workflows/build-publish-mcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:
labels: [self-hosted, "1ES.Pool=${{ vars.RELEASE_1ES_POOL }}"]
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
egress-policy: audit

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/ci-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
K8S_VERSION: ${{ matrix.k8sVersion }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
disable-telemetry: true
egress-policy: block
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
disable-telemetry: true
egress-policy: block
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
disable-telemetry: true
egress-policy: block
Expand All @@ -46,8 +46,8 @@ jobs:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./.github/actions/install-deps
- run: make vulncheck
- uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
- uses: github/codeql-action/init@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
with:
languages: ${{ matrix.language }}
- uses: github/codeql-action/autobuild@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
- uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
- uses: github/codeql-action/autobuild@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
- uses: github/codeql-action/analyze@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
2 changes: 1 addition & 1 deletion .github/workflows/deflake.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
statuses: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
disable-telemetry: true
egress-policy: block
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
disable-telemetry: true
disable-sudo: true
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/e2e-matrix.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
E2E_HASH: ${{ steps.generate-e2e-run-hash.outputs.E2E_HASH }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
disable-telemetry: true
disable-sudo: true
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/e2e.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ jobs:
AZURE_SUBSCRIPTION_ID: ${{ secrets.E2E_SUBSCRIPTION_ID }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
disable-telemetry: true
egress-policy: block
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release-trigger.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
disable-telemetry: true
disable-sudo: true
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/resolve-args.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
steps:
# Download the artifact and resolve the GIT_REF
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
disable-sudo: true
disable-telemetry: true
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/scorecards.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
disable-sudo: true
disable-telemetry: true
Expand Down Expand Up @@ -82,14 +82,14 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
with:
sarif_file: results.sarif
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.17.0
controller-gen.kubebuilder.io/version: v0.17.1
name: aksnodeclasses.karpenter.azure.com
spec:
group: karpenter.azure.com
Expand Down
10 changes: 5 additions & 5 deletions karpenter-values-template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
replicas: 1 # for better debugging experience
controller:
env:
- name: LEADER_ELECT # disable leader election for better debugging / troubleshooting experience
value: "false"
- name: DISABLE_LEADER_ELECTION # disable leader election for better debugging / troubleshooting experience
value: "true"
# disable HTTP/2 to reduce ARM throttling on large-scale tests;
# with this in place write (and read) QPS can be increased too
#- name: GODEBUG
Expand Down Expand Up @@ -37,12 +37,12 @@ controller:
value: ""
- name: AZURE_NODE_RESOURCE_GROUP
value: ${AZURE_RESOURCE_GROUP_MC}
# managed karpenter settings

# managed karpenter settings
- name: USE_SIG
value: "false"
- name: SIG_SUBSCRIPTION_ID
value: ""
value: ""
serviceAccount:
name: ${KARPENTER_SERVICE_ACCOUNT_NAME}
annotations:
Expand Down
2 changes: 1 addition & 1 deletion pkg/apis/crds/karpenter.azure.com_aksnodeclasses.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.17.0
controller-gen.kubebuilder.io/version: v0.17.1
name: aksnodeclasses.karpenter.azure.com
spec:
group: karpenter.azure.com
Expand Down
12 changes: 1 addition & 11 deletions pkg/cloudprovider/cloudprovider.go
Original file line number Diff line number Diff line change
Expand Up @@ -328,11 +328,9 @@ func (c *CloudProvider) instanceToNodeClaim(ctx context.Context, vm *armcompute.
nodeClaim.Status.Allocatable = lo.PickBy(instanceType.Allocatable(), func(_ v1.ResourceName, v resource.Quantity) bool { return !resources.IsZero(v) })
}

// TODO: review logic for determining zone (AWS uses Zone from subnet resolved and aviailable from NodeClass conditions ...)
if zoneID, err := instance.GetZoneID(vm); err != nil {
if zone, err := utils.GetZone(vm); err != nil {
logging.FromContext(ctx).Warnf("Failed to get zone for VM %s, %v", *vm.Name, err)
} else {
zone := makeZone(*vm.Location, zoneID)
// aks-node-validating-webhook protects v1.LabelTopologyZone, will be set elsewhere, so we use a different label
labels[v1alpha2.AlternativeLabelTopologyZone] = zone
}
Expand Down Expand Up @@ -369,14 +367,6 @@ func GenerateNodeClaimName(vmName string) string {
return strings.TrimLeft("aks-", vmName)
}

// makeZone returns the zone value in format of <region>-<zone-id>.
func makeZone(location string, zoneID string) string {
if zoneID == "" {
return ""
}
return fmt.Sprintf("%s-%s", strings.ToLower(location), zoneID)
}

// newTerminatingNodeClassError returns a NotFound error for handling by
func newTerminatingNodeClassError(name string) *errors.StatusError {
qualifiedResource := schema.GroupResource{Group: apis.Group, Resource: "aksnodeclasses"}
Expand Down
7 changes: 3 additions & 4 deletions pkg/fake/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,13 +45,12 @@ func (m *MockedFunction[I, O]) Reset() {
}

func (m *MockedFunction[I, O]) Invoke(input *I, defaultTransformer func(*I) (O, error)) (O, error) {
m.CalledWithInput.Add(input)
err := m.Error.Get()
if err != nil {
m.failedCalls.Add(1)
return *new(O), err
}
m.CalledWithInput.Add(input)

if !m.Output.IsNil() {
m.successfulCalls.Add(1)
return *m.Output.Clone(), nil
Expand Down Expand Up @@ -94,6 +93,8 @@ func (m *MockedLRO[I, O]) Reset() {
}

func (m *MockedLRO[I, O]) Invoke(input *I, defaultTransformer func(*I) (*O, error)) (*runtime.Poller[O], error) {
m.CalledWithInput.Add(input)

if err := m.BeginError.Get(); err != nil {
m.failedCalls.Add(1)
return nil, err
Expand All @@ -103,8 +104,6 @@ func (m *MockedLRO[I, O]) Invoke(input *I, defaultTransformer func(*I) (*O, erro
return newMockPoller[O](nil, err)
}

m.CalledWithInput.Add(input)

if !m.Output.IsNil() {
m.successfulCalls.Add(1)
return newMockPoller(m.Output.Clone(), nil)
Expand Down
3 changes: 2 additions & 1 deletion pkg/providers/instance/armutils.go
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,8 @@ func deleteNicIfExists(ctx context.Context, client NetworkInterfacesAPI, rg, nic
func deleteVirtualMachineIfExists(ctx context.Context, client VirtualMachinesAPI, rg, vmName string) error {
_, err := client.Get(ctx, rg, vmName, nil)
if err != nil {
if sdkerrors.IsNotFoundErr(err) {
azErr := sdkerrors.IsResponseError(err)
if azErr != nil && (azErr.ErrorCode == "NotFound" || azErr.ErrorCode == "ResourceNotFound") {
return nil
}
return err
Expand Down
33 changes: 5 additions & 28 deletions pkg/providers/instance/instance.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ import (
"github.com/Azure/karpenter-provider-azure/pkg/providers/instancetype"
"github.com/Azure/karpenter-provider-azure/pkg/providers/launchtemplate"
"github.com/Azure/karpenter-provider-azure/pkg/providers/loadbalancer"
"github.com/Azure/karpenter-provider-azure/pkg/utils"

corecloudprovider "sigs.k8s.io/karpenter/pkg/cloudprovider"
"sigs.k8s.io/karpenter/pkg/scheduling"
Expand Down Expand Up @@ -140,7 +141,7 @@ func (p *DefaultProvider) Create(ctx context.Context, nodeClass *v1alpha2.AKSNod
}
return nil, err
}
zone, err := GetZoneID(vm)
zone, err := utils.GetZone(vm)
if err != nil {
logging.FromContext(ctx).Error(err)
}
Expand All @@ -163,7 +164,8 @@ func (p *DefaultProvider) Get(ctx context.Context, vmName string) (*armcompute.V
var err error

if vm, err = p.azClient.virtualMachinesClient.Get(ctx, p.resourceGroup, vmName, nil); err != nil {
if sdkerrors.IsNotFoundErr(err) {
azErr := sdkerrors.IsResponseError(err)
if azErr != nil && (azErr.ErrorCode == "NotFound" || azErr.ErrorCode == "ResourceNotFound") {
return nil, corecloudprovider.NewNodeClaimNotFoundError(err)
}
return nil, fmt.Errorf("failed to get VM instance, %w", err)
Expand Down Expand Up @@ -374,7 +376,7 @@ func newVMObject(
CapacityTypeToPriority[capacityType]),
),
},
Zones: lo.Ternary(len(zone) > 0, []*string{&zone}, []*string{}),
Zones: utils.MakeVMZone(zone),
Tags: launchTemplate.Tags,
}
setVMPropertiesOSDiskType(vm.Properties, launchTemplate.StorageProfile)
Expand Down Expand Up @@ -627,11 +629,6 @@ func (p *DefaultProvider) pickSkuSizePriorityAndZone(ctx context.Context, nodeCl
})
zonesWithPriority := lo.Map(priorityOfferings, func(o corecloudprovider.Offering, _ int) string { return getOfferingZone(o) })
if zone, ok := sets.New(zonesWithPriority...).PopAny(); ok {
if len(zone) > 0 {
// Zones in zonal Offerings have <region>-<number> format; the zone returned from here will be used for VM instantiation,
// which expects just the zone number, without region
zone = string(zone[len(zone)-1])
}
return instanceType, priority, zone
}
return nil, "", ""
Expand Down Expand Up @@ -751,26 +748,6 @@ func (p *DefaultProvider) getCSExtension(cse string, isWindows bool) *armcompute
}
}

// GetZoneID returns the zone ID for the given virtual machine, or an empty string if there is no zone specified
func GetZoneID(vm *armcompute.VirtualMachine) (string, error) {
if vm == nil {
return "", fmt.Errorf("cannot pass in a nil virtual machine")
}
if vm.Name == nil {
return "", fmt.Errorf("virtual machine is missing name")
}
if vm.Zones == nil {
return "", nil
}
if len(vm.Zones) == 1 {
return *(vm.Zones)[0], nil
}
if len(vm.Zones) > 1 {
return "", fmt.Errorf("virtual machine %v has multiple zones", *vm.Name)
}
return "", nil
}

func GetListQueryBuilder(rg string) *kql.Builder {
return kql.New(`Resources`).
AddLiteral(` | where type == "microsoft.compute/virtualmachines"`).
Expand Down
Loading

0 comments on commit 52d1e89

Please sign in to comment.