Hit some patch conflict when updating console
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: tectonic-console
namespace: tectonic-system
labels:
k8s-app: tectonic-console
component: ui
tectonic-operators.coreos.com/managed-by: tectonic-utility-operator
annotations:
tectonic-operators.coreos.com/upgrade-strategy: Patch
tectonic-operators.coreos.com/upgrade-behaviour: UpgradeIfExists
spec:
replicas: 2
selector:
matchLabels:
k8s-app: tectonic-console
component: ui
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
k8s-app: tectonic-console
component: ui
tectonic-operators.coreos.com/managed-by: tectonic-utility-operator
name: tectonic-console
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchLabels:
k8s-app: tectonic-console
topologyKey: kubernetes.io/hostname
containers:
- command:
- /opt/bridge/bin/bridge
env:
- name: BRIDGE_K8S_MODE
value: in-cluster
- name: BRIDGE_K8S_AUTH
value: oidc
- name: BRIDGE_K8S_PUBLIC_ENDPOINT
valueFrom:
configMapKeyRef:
name: tectonic-config
key: kubeAPIServerURL
- name: BRIDGE_LISTEN
value: http://0.0.0.0:8080
- name: BRIDGE_BASE_ADDRESS
valueFrom:
configMapKeyRef:
name: tectonic-config
key: consoleBaseAddress
- name: BRIDGE_BASE_PATH
value: /
- name: BRIDGE_PUBLIC_DIR
value: /opt/bridge/static
- name: BRIDGE_USER_AUTH
value: oidc
- name: BRIDGE_USER_AUTH_OIDC_ISSUER_URL
valueFrom:
configMapKeyRef:
name: tectonic-identity
key: issuer
- name: BRIDGE_USER_AUTH_OIDC_CLIENT_ID
valueFrom:
configMapKeyRef:
name: tectonic-identity
key: consoleClientID
- name: BRIDGE_USER_AUTH_OIDC_CLIENT_SECRET
valueFrom:
configMapKeyRef:
name: tectonic-identity
key: consoleSecret
- name: BRIDGE_KUBECTL_CLIENT_ID
valueFrom:
configMapKeyRef:
name: tectonic-identity
key: kubectlClientID
- name: BRIDGE_KUBECTL_CLIENT_SECRET
valueFrom:
configMapKeyRef:
name: tectonic-identity
key: kubectlSecret
- name: BRIDGE_TECTONIC_CLUSTER_NAME
valueFrom:
configMapKeyRef:
name: tectonic-config
key: clusterName
- name: BRIDGE_TECTONIC_VERSION
valueFrom:
configMapKeyRef:
name: tectonic-config
key: tectonicVersion
- name: BRIDGE_CA_FILE
value: /etc/tectonic-ca-cert-secret/ca-cert
- name: BRIDGE_LICENSE_FILE
value: /etc/tectonic/licenses/license
- name: BRIDGE_DEX_CLIENT_CERT_FILE
value: /etc/tectonic-identity-grpc-client-secret/tls-cert
- name: BRIDGE_DEX_CLIENT_KEY_FILE
value: /etc/tectonic-identity-grpc-client-secret/tls-key
- name: BRIDGE_DEX_API_HOST
valueFrom:
configMapKeyRef:
name: tectonic-config
key: dexAPIHost
image: quay.io/coreos/tectonic-console:v1.9.3
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /health
port: 8080
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
name: tectonic-console
ports:
- containerPort: 8080
protocol: TCP
resources:
limits:
cpu: 100m
memory: 50Mi
requests:
cpu: 100m
memory: 50Mi
terminationMessagePath: /dev/termination-log
volumeMounts:
- mountPath: /etc/tectonic-ca-cert-secret
name: tectonic-ca-cert-secret
readOnly: true
- mountPath: /etc/ssl/certs
name: ssl-certs-host
readOnly: true
- mountPath: /usr/share/ca-certificates
name: ca-certs-host
readOnly: true
- mountPath: /etc/tectonic/licenses
name: tectonic-license-secret
readOnly: true
- mountPath: /etc/tectonic-identity-grpc-client-secret
name: tectonic-identity-grpc-client-secret
readOnly: true
dnsPolicy: ClusterFirst
imagePullSecrets:
- name: coreos-pull-secret
restartPolicy: Always
securityContext:
runAsNonRoot: true
runAsUser: 65534
terminationGracePeriodSeconds: 30
volumes:
- name: tectonic-ca-cert-secret
secret:
secretName: tectonic-ca-cert-secret
- hostPath:
path: /etc/ssl/certs
name: ssl-certs-host
- hostPath:
path: /usr/share/ca-certificates
name: ca-certs-host
- name: tectonic-license-secret
secret:
secretName: tectonic-license-secret
- name: tectonic-identity-grpc-client-secret
secret:
secretName: tectonic-identity-grpc-client-secret
nodeSelector:
node-role.kubernetes.io/master: ""
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: tectonic-console
namespace: tectonic-system
labels:
k8s-app: tectonic-console
component: ui
tectonic-operators.coreos.com/managed-by: tectonic-utility-operator
annotations:
tectonic-operators.coreos.com/upgrade-strategy: Patch
tectonic-operators.coreos.com/upgrade-behaviour: UpgradeIfExists
spec:
replicas: 2
selector:
matchLabels:
k8s-app: tectonic-console
component: ui
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
k8s-app: tectonic-console
component: ui
tectonic-operators.coreos.com/managed-by: tectonic-utility-operator
name: tectonic-console
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchLabels:
k8s-app: tectonic-console
topologyKey: kubernetes.io/hostname
containers:
- command:
- /opt/bridge/bin/bridge
env:
- name: BRIDGE_K8S_MODE
value: in-cluster
- name: BRIDGE_K8S_AUTH
value: oidc
- name: BRIDGE_K8S_PUBLIC_ENDPOINT
valueFrom:
configMapKeyRef:
name: tectonic-config
key: kubeAPIServerURL
- name: BRIDGE_LISTEN
value: http://0.0.0.0:8080
- name: BRIDGE_BASE_ADDRESS
valueFrom:
configMapKeyRef:
name: tectonic-config
key: consoleBaseAddress
- name: BRIDGE_BASE_PATH
value: /
- name: BRIDGE_PUBLIC_DIR
value: /opt/bridge/static
- name: BRIDGE_USER_AUTH
value: oidc
- name: BRIDGE_USER_AUTH_OIDC_ISSUER_URL
valueFrom:
configMapKeyRef:
name: tectonic-identity
key: issuer
- name: BRIDGE_USER_AUTH_OIDC_CLIENT_ID
valueFrom:
configMapKeyRef:
name: tectonic-identity
key: consoleClientID
- name: BRIDGE_USER_AUTH_OIDC_CLIENT_SECRET
valueFrom:
configMapKeyRef:
name: tectonic-identity
key: consoleSecret
- name: BRIDGE_KUBECTL_CLIENT_ID
valueFrom:
configMapKeyRef:
name: tectonic-identity
key: kubectlClientID
- name: BRIDGE_KUBECTL_CLIENT_SECRET
valueFrom:
configMapKeyRef:
name: tectonic-identity
key: kubectlSecret
- name: BRIDGE_TECTONIC_CLUSTER_NAME
valueFrom:
configMapKeyRef:
name: tectonic-config
key: clusterName
- name: BRIDGE_TECTONIC_VERSION
valueFrom:
configMapKeyRef:
name: tectonic-config
key: tectonicVersion
- name: BRIDGE_CA_FILE
value: /etc/tectonic-ca-cert-secret/ca-cert
- name: BRIDGE_LICENSE_FILE
value: /etc/tectonic/licenses/license
- name: BRIDGE_DEX_CLIENT_CERT_FILE
value: /etc/tectonic-identity-grpc-client-secret/tls-cert
- name: BRIDGE_DEX_CLIENT_KEY_FILE
value: /etc/tectonic-identity-grpc-client-secret/tls-key
- name: BRIDGE_DEX_API_HOST
valueFrom:
configMapKeyRef:
name: tectonic-config
key: dexAPIHost
- name: BRIDGE_DEX_CLIENT_CA_FILE
value: /etc/tectonic-identity-grpc-client-secret/ca-cert
image: quay.io/coreos/tectonic-console:v2.0.1
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /health
port: 8080
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
name: tectonic-console
ports:
- containerPort: 8080
protocol: TCP
resources:
limits:
cpu: 100m
memory: 50Mi
requests:
cpu: 100m
memory: 50Mi
terminationMessagePath: /dev/termination-log
volumeMounts:
- mountPath: /etc/tectonic-ca-cert-secret
name: tectonic-ca-cert-secret
readOnly: true
- mountPath: /etc/ssl/certs
name: ssl-certs-host
readOnly: true
- mountPath: /usr/share/ca-certificates
name: ca-certs-host
readOnly: true
- mountPath: /etc/tectonic/licenses
name: tectonic-license-secret
readOnly: true
- mountPath: /etc/tectonic-identity-grpc-client-secret
name: tectonic-identity-grpc-client-secret
readOnly: true
dnsPolicy: ClusterFirst
imagePullSecrets:
- name: coreos-pull-secret
restartPolicy: Always
securityContext:
runAsNonRoot: true
runAsUser: 65534
terminationGracePeriodSeconds: 30
volumes:
- name: tectonic-ca-cert-secret
secret:
secretName: tectonic-ca-cert-secret
- hostPath:
path: /etc/ssl/certs
name: ssl-certs-host
- hostPath:
path: /usr/share/ca-certificates
name: ca-certs-host
- name: tectonic-license-secret
secret:
secretName: tectonic-license-secret
- name: tectonic-identity-grpc-client-secret
secret:
secretName: tectonic-identity-grpc-client-secret
nodeSelector:
node-role.kubernetes.io/master: ""
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"apiVersion: extensions/v1beta1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
creationTimestamp: 2017-09-29T20:22:53Z
generation: 1
labels:
component: ui
k8s-app: tectonic-console
name: tectonic-console
namespace: tectonic-system
resourceVersion: "1361"
selfLink: /apis/extensions/v1beta1/namespaces/tectonic-system/deployments/tectonic-console
uid: f8c10f5a-a553-11e7-b1fa-064084116962
spec:
replicas: 2
selector:
matchLabels:
component: ui
k8s-app: tectonic-console
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
component: ui
k8s-app: tectonic-console
name: tectonic-console
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
k8s-app: tectonic-console
topologyKey: kubernetes.io/hostname
weight: 100
containers:
- command:
- /opt/bridge/bin/bridge
env:
- name: BRIDGE_K8S_MODE
value: in-cluster
- name: BRIDGE_K8S_AUTH
value: oidc
- name: BRIDGE_K8S_PUBLIC_ENDPOINT
valueFrom:
configMapKeyRef:
key: kubeAPIServerURL
name: tectonic-config
- name: BRIDGE_LISTEN
value: http://0.0.0.0:8080
- name: BRIDGE_BASE_ADDRESS
valueFrom:
configMapKeyRef:
key: consoleBaseAddress
name: tectonic-config
- name: BRIDGE_BASE_PATH
value: /
- name: BRIDGE_PUBLIC_DIR
value: /opt/bridge/static
- name: BRIDGE_USER_AUTH
value: oidc
- name: BRIDGE_USER_AUTH_OIDC_ISSUER_URL
valueFrom:
configMapKeyRef:
key: issuer
name: tectonic-identity
- name: BRIDGE_USER_AUTH_OIDC_CLIENT_ID
valueFrom:
configMapKeyRef:
key: consoleClientID
name: tectonic-identity
- name: BRIDGE_USER_AUTH_OIDC_CLIENT_SECRET
valueFrom:
configMapKeyRef:
key: consoleSecret
name: tectonic-identity
- name: BRIDGE_KUBECTL_CLIENT_ID
valueFrom:
configMapKeyRef:
key: kubectlClientID
name: tectonic-identity
- name: BRIDGE_KUBECTL_CLIENT_SECRET
valueFrom:
configMapKeyRef:
key: kubectlSecret
name: tectonic-identity
- name: BRIDGE_TECTONIC_CLUSTER_NAME
valueFrom:
configMapKeyRef:
key: clusterName
name: tectonic-config
- name: BRIDGE_TECTONIC_VERSION
valueFrom:
configMapKeyRef:
key: tectonicVersion
name: tectonic-config
- name: BRIDGE_CA_FILE
value: /etc/tectonic-ca-cert-secret/ca-cert
- name: BRIDGE_LICENSE_FILE
value: /etc/tectonic/licenses/license
- name: BRIDGE_DEX_CLIENT_CERT_FILE
value: /etc/tectonic-identity-grpc-client-secret/tls-cert
- name: BRIDGE_DEX_CLIENT_KEY_FILE
value: /etc/tectonic-identity-grpc-client-secret/tls-key
- name: BRIDGE_DEX_API_HOST
valueFrom:
configMapKeyRef:
key: dexAPIHost
name: tectonic-config
image: quay.io/coreos/tectonic-console:v1.9.3
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /health
port: 8080
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
name: tectonic-console
ports:
- containerPort: 8080
protocol: TCP
resources:
limits:
cpu: 100m
memory: 50Mi
requests:
cpu: 100m
memory: 50Mi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/tectonic-ca-cert-secret
name: tectonic-ca-cert-secret
readOnly: true
- mountPath: /etc/ssl/certs
name: ssl-certs-host
readOnly: true
- mountPath: /usr/share/ca-certificates
name: ca-certs-host
readOnly: true
- mountPath: /etc/tectonic/licenses
name: tectonic-license-secret
readOnly: true
- mountPath: /etc/tectonic-identity-grpc-client-secret
name: tectonic-identity-grpc-client-secret
readOnly: true
dnsPolicy: ClusterFirst
imagePullSecrets:
- name: coreos-pull-secret
nodeSelector:
node-role.kubernetes.io/master: ""
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
runAsNonRoot: true
runAsUser: 65534
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
volumes:
- name: tectonic-ca-cert-secret
secret:
defaultMode: 420
secretName: tectonic-ca-cert-secret
- hostPath:
path: /etc/ssl/certs
name: ssl-certs-host
- hostPath:
path: /usr/share/ca-certificates
name: ca-certs-host
- name: tectonic-license-secret
secret:
defaultMode: 420
secretName: tectonic-license-secret
- name: tectonic-identity-grpc-client-secret
secret:
defaultMode: 420
secretName: tectonic-identity-grpc-client-secret
status:
availableReplicas: 2
conditions:
- lastTransitionTime: 2017-09-29T20:23:32Z
lastUpdateTime: 2017-09-29T20:23:32Z
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
observedGeneration: 1
readyReplicas: 2
replicas: 2
updatedReplicas: 2
diff manifests/0.2.0/console/tectonic-console-deployment.yaml manifests/0.3.0/console/tectonic-console-deployment.yaml
115c115,117
< image: quay.io/coreos/tectonic-console:v1.9.3
---
> - name: BRIDGE_DEX_CLIENT_CA_FILE
> value: /etc/tectonic-identity-grpc-client-secret/ca-cert
> image: quay.io/coreos/tectonic-console:v2.0.1
Seems the changes in 0.3.0 is that:
- Image is updated.
- A new env is added.
- Also a
last-applied annotationis added automatically (not reflected in the diff).
The xoperator code calls for adding the patch is here: https://github.com/coreos-inc/tectonic-x-operator/blob/master/pkg/xoperator/components/deployments.go#L98
error creating patch: patch:
metadata:
annotations:
tectonic-operators.coreos.com/last-applied: '{"metadata":{"name":"tectonic-console","namespace":"tectonic-system","creationTimestamp":null,"labels":{"component":"ui","k8s-app":"tectonic-console","tectonic-operators.coreos.com/managed-by":"tectonic-utility-operator"},"annotations":{"tectonic-operators.coreos.com/upgrade-behaviour":"UpgradeIfExists","tectonic-operators.coreos.com/upgrade-strategy":"Patch"}},"spec":{"replicas":2,"selector":{"matchLabels":{"component":"ui","k8s-app":"tectonic-console"}},"template":{"metadata":{"name":"tectonic-console","creationTimestamp":null,"labels":{"component":"ui","k8s-app":"tectonic-console","tectonic-operators.coreos.com/managed-by":"tectonic-utility-operator"}},"spec":{"volumes":[{"name":"tectonic-ca-cert-secret","secret":{"secretName":"tectonic-ca-cert-secret"}},{"name":"ssl-certs-host","hostPath":{"path":"/etc/ssl/certs"}},{"name":"ca-certs-host","hostPath":{"path":"/usr/share/ca-certificates"}},{"name":"tectonic-license-secret","secret":{"secretName":"tectonic-license-secret"}},{"name":"tectonic-identity-grpc-client-secret","secret":{"secretName":"tectonic-identity-grpc-client-secret"}}],"containers":[{"name":"tectonic-console","image":"quay.io/coreos/tectonic-console:v2.0.1","command":["/opt/bridge/bin/bridge"],"ports":[{"containerPort":8080,"protocol":"TCP"}],"env":[{"name":"BRIDGE_K8S_MODE","value":"in-cluster"},{"name":"BRIDGE_K8S_AUTH","value":"oidc"},{"name":"BRIDGE_K8S_PUBLIC_ENDPOINT","valueFrom":{"configMapKeyRef":{"name":"tectonic-config","key":"kubeAPIServerURL"}}},{"name":"BRIDGE_LISTEN","value":"http://0.0.0.0:8080"},{"name":"BRIDGE_BASE_ADDRESS","valueFrom":{"configMapKeyRef":{"name":"tectonic-config","key":"consoleBaseAddress"}}},{"name":"BRIDGE_BASE_PATH","value":"/"},{"name":"BRIDGE_PUBLIC_DIR","value":"/opt/bridge/static"},{"name":"BRIDGE_USER_AUTH","value":"oidc"},{"name":"BRIDGE_USER_AUTH_OIDC_ISSUER_URL","valueFrom":{"configMapKeyRef":{"name":"tectonic-identity","key":"issuer"}}},{"name":"BRIDGE_USER_AUTH_OIDC_CLIENT_ID","valueFrom":{"configMapKeyRef":{"name":"tectonic-identity","key":"consoleClientID"}}},{"name":"BRIDGE_USER_AUTH_OIDC_CLIENT_SECRET","valueFrom":{"configMapKeyRef":{"name":"tectonic-identity","key":"consoleSecret"}}},{"name":"BRIDGE_KUBECTL_CLIENT_ID","valueFrom":{"configMapKeyRef":{"name":"tectonic-identity","key":"kubectlClientID"}}},{"name":"BRIDGE_KUBECTL_CLIENT_SECRET","valueFrom":{"configMapKeyRef":{"name":"tectonic-identity","key":"kubectlSecret"}}},{"name":"BRIDGE_TECTONIC_CLUSTER_NAME","valueFrom":{"configMapKeyRef":{"name":"tectonic-config","key":"clusterName"}}},{"name":"BRIDGE_TECTONIC_VERSION","valueFrom":{"configMapKeyRef":{"name":"tectonic-config","key":"tectonicVersion"}}},{"name":"BRIDGE_CA_FILE","value":"/etc/tectonic-ca-cert-secret/ca-cert"},{"name":"BRIDGE_LICENSE_FILE","value":"/etc/tectonic/licenses/license"},{"name":"BRIDGE_DEX_CLIENT_CERT_FILE","value":"/etc/tectonic-identity-grpc-client-secret/tls-cert"},{"name":"BRIDGE_DEX_CLIENT_KEY_FILE","value":"/etc/tectonic-identity-grpc-client-secret/tls-key"},{"name":"BRIDGE_DEX_API_HOST","valueFrom":{"configMapKeyRef":{"name":"tectonic-config","key":"dexAPIHost"}}},{"name":"BRIDGE_DEX_CLIENT_CA_FILE","value":"/etc/tectonic-identity-grpc-client-secret/ca-cert"}],"resources":{"limits":{"cpu":"100m","memory":"50Mi"},"requests":{"cpu":"100m","memory":"50Mi"}},"volumeMounts":[{"name":"tectonic-ca-cert-secret","readOnly":true,"mountPath":"/etc/tectonic-ca-cert-secret"},{"name":"ssl-certs-host","readOnly":true,"mountPath":"/etc/ssl/certs"},{"name":"ca-certs-host","readOnly":true,"mountPath":"/usr/share/ca-certificates"},{"name":"tectonic-license-secret","readOnly":true,"mountPath":"/etc/tectonic/licenses"},{"name":"tectonic-identity-grpc-client-secret","readOnly":true,"mountPath":"/etc/tectonic-identity-grpc-client-secret"}],"livenessProbe":{"httpGet":{"path":"/health","port":8080,"scheme":"HTTP"},"initialDelaySeconds":30,"timeoutSeconds":1,"periodSeconds":10,"successThreshold":1,"failureThreshold":3},"terminationMessagePath":"/dev/termination-log","imagePullPolicy":"IfNotPresent"}],"restartPolicy":"Always","terminationGracePeriodSeconds":30,"dnsPolicy":"ClusterFirst","nodeSelector":{"node-role.kubernetes.io/master":""},"securityContext":{"runAsUser":65534,"runAsNonRoot":true},"imagePullSecrets":[{"name":"coreos-pull-secret"}],"affinity":{"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"weight":100,"podAffinityTerm":{"labelSelector":{"matchLabels":{"k8s-app":"tectonic-console"}},"topologyKey":"kubernetes.io/hostname"}}]}},"tolerations":[{"key":"node-role.kubernetes.io/master","operator":"Exists","effect":"NoSchedule"}]}},"strategy":{"type":"RollingUpdate","rollingUpdate":{"maxUnavailable":1,"maxSurge":1}}},"status":{}}'
tectonic-operators.coreos.com/last-applied-hash: wTJAmKRgSg5PS+BE+syq08M3K1aJKtw5sJBjK71t3mimEJAtWKXrXev1QaGAfh379llcwXy0zBgXXmE/GYn/PKn3CXjRVhlw6OswYvk47sMpVVbqueS4pBLhUd+44kGs5B/N7e62h9Z5yu0TjIY/Eg==
tectonic-operators.coreos.com/upgrade-behaviour: UpgradeIfExists
tectonic-operators.coreos.com/upgrade-strategy: Patch
labels:
tectonic-operators.coreos.com/managed-by: tectonic-utility-operator
spec:
template:
metadata:
labels:
tectonic-operators.coreos.com/managed-by: tectonic-utility-operator
spec:
$setElementOrder/containers:
- name: tectonic-console
containers:
- $setElementOrder/env:
- name: BRIDGE_K8S_MODE
- name: BRIDGE_K8S_AUTH
- name: BRIDGE_K8S_PUBLIC_ENDPOINT
- name: BRIDGE_LISTEN
- name: BRIDGE_BASE_ADDRESS
- name: BRIDGE_BASE_PATH
- name: BRIDGE_PUBLIC_DIR
- name: BRIDGE_USER_AUTH
- name: BRIDGE_USER_AUTH_OIDC_ISSUER_URL
- name: BRIDGE_USER_AUTH_OIDC_CLIENT_ID
- name: BRIDGE_USER_AUTH_OIDC_CLIENT_SECRET
- name: BRIDGE_KUBECTL_CLIENT_ID
- name: BRIDGE_KUBECTL_CLIENT_SECRET
- name: BRIDGE_TECTONIC_CLUSTER_NAME
- name: BRIDGE_TECTONIC_VERSION
- name: BRIDGE_CA_FILE
- name: BRIDGE_LICENSE_FILE
- name: BRIDGE_DEX_CLIENT_CERT_FILE
- name: BRIDGE_DEX_CLIENT_KEY_FILE
- name: BRIDGE_DEX_API_HOST
- name: BRIDGE_DEX_CLIENT_CA_FILE
env:
- name: BRIDGE_DEX_CLIENT_CA_FILE
value: /etc/tectonic-identity-grpc-client-secret/ca-cert
image: quay.io/coreos/tectonic-console:v2.0.1
name: tectonic-console
conflicts with changes made from original to current:
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
tectonic-operators.coreos.com/upgrade-behaviour: null
tectonic-operators.coreos.com/upgrade-strategy: null
generation: 1
labels:
tectonic-operators.coreos.com/managed-by: null
selfLink: /apis/extensions/v1beta1/namespaces/tectonic-system/deployments/tectonic-console
uid: f8c10f5a-a553-11e7-b1fa-064084116962
spec:
template:
metadata:
labels:
tectonic-operators.coreos.com/managed-by: null
spec:
containers:
- name: tectonic-console
terminationMessagePolicy: File
schedulerName: default-scheduler
volumes:
- name: tectonic-ca-cert-secret
secret:
defaultMode: 420
- name: tectonic-license-secret
secret:
defaultMode: 420
- name: tectonic-identity-grpc-client-secret
secret:
defaultMode: 420