From 2ce1bb434f01f514ecac3e90bbb980e255246fc3 Mon Sep 17 00:00:00 2001 From: Ryan Wallace Date: Tue, 21 Oct 2025 15:14:47 -0400 Subject: [PATCH] fix(openshift-deploys): move DVO annotations to Deployment (PROJQUAY-9586) (#4389) * fix(openshift-deploys): move DVO annotations to Deployment, add for anti affinity * chore: update default annotation values to be more specific --- deploy/openshift/clair-backfiller.yaml | 10 +++++++++- deploy/openshift/quay-py3-app.yaml | 12 +++++++++--- deploy/openshift/quay-py3-cloudflare-app.yaml | 13 +++++++++++-- deploy/openshift/quay-py3-deploy-template.yaml | 11 +++++++++-- deploy/openshift/quay-recovery-endpoint.yaml | 9 +++++++++ deploy/openshift/rosa/quay-py3-deploy-template.yaml | 11 +++++++++-- 6 files changed, 56 insertions(+), 10 deletions(-) diff --git a/deploy/openshift/clair-backfiller.yaml b/deploy/openshift/clair-backfiller.yaml index 1cad8366f..ec727b98a 100644 --- a/deploy/openshift/clair-backfiller.yaml +++ b/deploy/openshift/clair-backfiller.yaml @@ -76,6 +76,9 @@ objects: name: clair-backfiller-app labels: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} + annotations: + ignore-check.kube-linter.io/unset-cpu-requirements: "no cpu limits" + ${{QUAY_DISABLE_MIN_REPLICAS_CHECK}}: ${{QUAY_DISABLE_MIN_REPLICAS_REASON}} spec: replicas: ${{QUAY_APP_DEPLOYMENT_REPLICAS}} minReadySeconds: ${{QUAY_APP_DEPLOYMENT_MIN_READY_SECONDS}} @@ -322,6 +325,12 @@ parameters: - name: QUAY_APP_READINESS_PROBE_TIMEOUT_SECONDS value: "10" displayName: quay app readiness probe timeout + - name: QUAY_DISABLE_MIN_REPLICAS_CHECK + value: "min-replicas-check-not-disabled" + displayName: disable DVO check for minimum replicas + - name: QUAY_DISABLE_MIN_REPLICAS_REASON + value: "" + displayName: reason for disabling check - name: DEBUGLOG value: "false" displayName: debug log @@ -403,4 +412,3 @@ parameters: value: "true" - name: TICKER_TIME value: "200" - diff --git a/deploy/openshift/quay-py3-app.yaml b/deploy/openshift/quay-py3-app.yaml index 439e6abe3..1219682e0 100644 --- a/deploy/openshift/quay-py3-app.yaml +++ b/deploy/openshift/quay-py3-app.yaml @@ -131,6 +131,8 @@ objects: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} annotations: ignore-check.kube-linter.io/unset-cpu-requirements: "no cpu limits" + ${{QUAY_DISABLE_MIN_REPLICAS_CHECK}}: ${{QUAY_DISABLE_MIN_REPLICAS_REASON}} + ${{QUAY_DISABLE_ANTI_AFFINITY_CHECK}}: ${{QUAY_DISABLE_ANTI_AFFINITY_REASON}} spec: replicas: ${{QUAY_APP_DEPLOYMENT_REPLICAS}} minReadySeconds: ${{QUAY_APP_DEPLOYMENT_MIN_READY_SECONDS}} @@ -150,8 +152,6 @@ objects: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} annotations: ${{QUAY_APP_COMPONENT_ANNOTATIONS_KEY}}: ${{QUAY_APP_COMPONENT_ANNOTATIONS_VALUE}} - ${{QUAY_DISABLE_MIN_REPLICAS_CHECK}}: ${{QUAY_DISABLE_MIN_REPLICAS_REASON}} - spec: volumes: - name: configvolume @@ -423,11 +423,17 @@ parameters: value: "10" displayName: quay app readiness probe timeout - name: QUAY_DISABLE_MIN_REPLICAS_CHECK - value: "check_not_disabled" + value: "min-replicas-check-not-disabled" displayName: disable DVO check for minimum replicas - name: QUAY_DISABLE_MIN_REPLICAS_REASON value: "" displayName: reason for disabling check + - name: QUAY_DISABLE_ANTI_AFFINITY_CHECK + value: "anti-affinity-check-not-disabled" + displayName: disable DVO check for anti-affinity + - name: QUAY_DISABLE_ANTI_AFFINITY_REASON + value: "" + displayName: reason for disabling anti-affinity check - name: DEBUGLOG value: "false" displayName: debug log diff --git a/deploy/openshift/quay-py3-cloudflare-app.yaml b/deploy/openshift/quay-py3-cloudflare-app.yaml index 5311b876f..dac5683e1 100644 --- a/deploy/openshift/quay-py3-cloudflare-app.yaml +++ b/deploy/openshift/quay-py3-cloudflare-app.yaml @@ -129,6 +129,10 @@ objects: name: quay-py3-cloudflare-app labels: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} + annotations: + ignore-check.kube-linter.io/unset-cpu-requirements: "no cpu limits" + ${{QUAY_DISABLE_MIN_REPLICAS_CHECK}}: ${{QUAY_DISABLE_MIN_REPLICAS_REASON}} + ${{QUAY_DISABLE_ANTI_AFFINITY_CHECK}}: ${{QUAY_DISABLE_ANTI_AFFINITY_REASON}} spec: replicas: ${{QUAY_APP_DEPLOYMENT_REPLICAS}} minReadySeconds: ${{QUAY_APP_DEPLOYMENT_MIN_READY_SECONDS}} @@ -148,7 +152,6 @@ objects: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} annotations: ${{QUAY_APP_COMPONENT_ANNOTATIONS_KEY}}: ${{QUAY_APP_COMPONENT_ANNOTATIONS_VALUE}} - ${{QUAY_DISABLE_MIN_REPLICAS_CHECK}}: ${{QUAY_DISABLE_MIN_REPLICAS_REASON}} spec: volumes: - name: configvolume @@ -398,11 +401,17 @@ parameters: value: "false" displayName: debug log - name: QUAY_DISABLE_MIN_REPLICAS_CHECK - value: "check_not_disabled" + value: "min-replicas-check-not-disabled" displayName: disable DVO check for minimum replicas - name: QUAY_DISABLE_MIN_REPLICAS_REASON value: "" displayName: reason for disabling check + - name: QUAY_DISABLE_ANTI_AFFINITY_CHECK + value: "anti-affinity-check-not-disabled" + displayName: disable DVO check for anti-affinity + - name: QUAY_DISABLE_ANTI_AFFINITY_REASON + value: "" + displayName: reason for disabling anti-affinity check - name: QUAY_APP_COMPONENT_ANNOTATIONS_KEY value: "quay-py3-cloudflare-app-deployment" displayName: quay app annotation diff --git a/deploy/openshift/quay-py3-deploy-template.yaml b/deploy/openshift/quay-py3-deploy-template.yaml index 915416738..c749e9fe5 100644 --- a/deploy/openshift/quay-py3-deploy-template.yaml +++ b/deploy/openshift/quay-py3-deploy-template.yaml @@ -131,6 +131,8 @@ objects: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} annotations: ignore-check.kube-linter.io/unset-cpu-requirements: "no cpu limits" + ${{QUAY_DISABLE_MIN_REPLICAS_CHECK}}: ${{QUAY_DISABLE_MIN_REPLICAS_REASON}} + ${{QUAY_DISABLE_ANTI_AFFINITY_CHECK}}: ${{QUAY_DISABLE_ANTI_AFFINITY_REASON}} spec: replicas: ${{QUAY_APP_DEPLOYMENT_REPLICAS}} minReadySeconds: ${{QUAY_APP_DEPLOYMENT_MIN_READY_SECONDS}} @@ -150,7 +152,6 @@ objects: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} annotations: ${{QUAY_APP_COMPONENT_ANNOTATIONS_KEY}}: ${{QUAY_APP_COMPONENT_ANNOTATIONS_VALUE}} - ${{QUAY_DISABLE_MIN_REPLICAS_CHECK}}: ${{QUAY_DISABLE_MIN_REPLICAS_REASON}} spec: volumes: - name: configvolume @@ -418,11 +419,17 @@ parameters: value: "10" displayName: quay app readiness probe timeout - name: QUAY_DISABLE_MIN_REPLICAS_CHECK - value: "check_not_disabled" + value: "min-replicas-check-not-disabled" displayName: disable DVO check for minimum replicas - name: QUAY_DISABLE_MIN_REPLICAS_REASON value: "" displayName: reason for disabling check + - name: QUAY_DISABLE_ANTI_AFFINITY_CHECK + value: "anti-affinity-check-not-disabled" + displayName: disable DVO check for anti-affinity + - name: QUAY_DISABLE_ANTI_AFFINITY_REASON + value: "" + displayName: reason for disabling anti-affinity check - name: DEBUGLOG value: "false" displayName: debug log diff --git a/deploy/openshift/quay-recovery-endpoint.yaml b/deploy/openshift/quay-recovery-endpoint.yaml index 978c6e9e6..b3654b301 100644 --- a/deploy/openshift/quay-recovery-endpoint.yaml +++ b/deploy/openshift/quay-recovery-endpoint.yaml @@ -113,6 +113,9 @@ objects: name: quay-recovery-endpoint labels: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} + annotations: + ignore-check.kube-linter.io/unset-cpu-requirements: "no cpu limits" + ${{QUAY_DISABLE_MIN_REPLICAS_CHECK}}: ${{QUAY_DISABLE_MIN_REPLICAS_REASON}} spec: replicas: ${{QUAY_APP_DEPLOYMENT_REPLICAS}} minReadySeconds: ${{QUAY_APP_DEPLOYMENT_MIN_READY_SECONDS}} @@ -362,6 +365,12 @@ parameters: - name: QUAY_APP_READINESS_PROBE_TIMEOUT_SECONDS value: "10" displayName: quay app readiness probe timeout + - name: QUAY_DISABLE_MIN_REPLICAS_CHECK + value: "check_not_disabled" + displayName: disable DVO check for minimum replicas + - name: QUAY_DISABLE_MIN_REPLICAS_REASON + value: "" + displayName: reason for disabling check - name: DEBUGLOG value: "false" displayName: debug log diff --git a/deploy/openshift/rosa/quay-py3-deploy-template.yaml b/deploy/openshift/rosa/quay-py3-deploy-template.yaml index 3887a6199..615199c22 100644 --- a/deploy/openshift/rosa/quay-py3-deploy-template.yaml +++ b/deploy/openshift/rosa/quay-py3-deploy-template.yaml @@ -106,6 +106,8 @@ objects: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} annotations: ignore-check.kube-linter.io/unset-cpu-requirements: "no cpu limits" + ${{QUAY_DISABLE_MIN_REPLICAS_CHECK}}: ${{QUAY_DISABLE_MIN_REPLICAS_REASON}} + ${{QUAY_DISABLE_ANTI_AFFINITY_CHECK}}: ${{QUAY_DISABLE_ANTI_AFFINITY_REASON}} spec: replicas: ${{QUAY_APP_DEPLOYMENT_REPLICAS}} minReadySeconds: ${{QUAY_APP_DEPLOYMENT_MIN_READY_SECONDS}} @@ -125,7 +127,6 @@ objects: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} annotations: ${{QUAY_APP_COMPONENT_ANNOTATIONS_KEY}}: ${{QUAY_APP_COMPONENT_ANNOTATIONS_VALUE}} - ${{QUAY_DISABLE_MIN_REPLICAS_CHECK}}: ${{QUAY_DISABLE_MIN_REPLICAS_REASON}} spec: volumes: - name: configvolume @@ -382,11 +383,17 @@ parameters: value: "10" displayName: quay app readiness probe timeout - name: QUAY_DISABLE_MIN_REPLICAS_CHECK - value: "check_not_disabled" + value: "min-replicas-check-not-disabled" displayName: disable DVO check for minimum replicas - name: QUAY_DISABLE_MIN_REPLICAS_REASON value: "" displayName: reason for disabling check + - name: QUAY_DISABLE_ANTI_AFFINITY_CHECK + value: "anti-affinity-check-not-disabled" + displayName: disable DVO check for anti-affinity + - name: QUAY_DISABLE_ANTI_AFFINITY_REASON + value: "" + displayName: reason for disabling anti-affinity check - name: DEBUGLOG value: "false" displayName: debug log