From c2e0026de16c2622ddf4c95d0311c321ebd51f3a Mon Sep 17 00:00:00 2001 From: Gergely Czuczy Date: Fri, 10 Mar 2023 18:31:20 +0100 Subject: [PATCH] feat: tini as ENTRYPOINT and related cosmetics (#12707) * Use tini as the ENTRYPOINT implicitly Signed-off-by: Gergely Czuczy * Explicitly call /bin/cp instead of relying on PATH Signed-off-by: Gergely Czuczy * POSIX sh is sufficient for entrypoint.sh Signed-off-by: Gergely Czuczy * Add 2.6-2.7 to docs indexes Signed-off-by: Gergely Czuczy * Add note on tini on entry to 2.6-2.7 upgrade notes Signed-off-by: Gergely Czuczy * Added note to 2.7-2.8 notes on tini as entry Signed-off-by: Gergely Czuczy --------- Signed-off-by: Gergely Czuczy --- Dockerfile | 1 + docs/2.7-2.8.md | 5 ++++ docs/operator-manual/upgrading/2.6-2.7.md | 6 ++++ docs/operator-manual/upgrading/overview.md | 1 + entrypoint.sh | 2 +- ...cd-application-controller-statefulset.yaml | 4 +-- ...-applicationset-controller-deployment.yaml | 5 ++-- .../dex/argocd-dex-server-deployment.yaml | 2 +- ...d-notifications-controller-deployment.yaml | 4 +-- .../argocd-repo-server-deployment.yaml | 7 +++-- .../base/server/argocd-server-deployment.yaml | 3 +- manifests/core-install.yaml | 19 ++++++------ ...cd-application-controller-statefulset.yaml | 4 +-- .../argocd-repo-server-deployment.yaml | 5 ++-- .../overlays/argocd-server-deployment.yaml | 4 +-- manifests/ha/install.yaml | 26 ++++++++--------- manifests/ha/namespace-install.yaml | 26 ++++++++--------- manifests/install.yaml | 29 +++++++++---------- manifests/namespace-install.yaml | 29 +++++++++---------- mkdocs.yml | 1 + 20 files changed, 96 insertions(+), 87 deletions(-) create mode 100644 docs/2.7-2.8.md diff --git a/Dockerfile b/Dockerfile index bbc2717dd526b..b8087011e01d7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -132,3 +132,4 @@ RUN ln -s /usr/local/bin/argocd /usr/local/bin/argocd-server && \ ln -s /usr/local/bin/argocd /usr/local/bin/argocd-k8s-auth USER $ARGOCD_USER_ID +ENTRYPOINT ["/usr/bin/tini", "--"] diff --git a/docs/2.7-2.8.md b/docs/2.7-2.8.md new file mode 100644 index 0000000000000..32f9e4cf1759c --- /dev/null +++ b/docs/2.7-2.8.md @@ -0,0 +1,5 @@ +# 2.7 to 2.8 + +## Tini as entrypoint + +With the 2.8 release `entrypoint.sh` will be removed from the containers, because starting with 2.7, the implicit entrypoint is set to `tini` in the `Dockerfile` explicitly, and the kubernetes manifests has been updated to use it. Simply updating the containers without updating the deployment manifests will result in pod startup failures, as the old manifests are relying on `entrypoint.sh` instead of `tini`. Please make sure the manifests are updated properly before moving to 2.8. diff --git a/docs/operator-manual/upgrading/2.6-2.7.md b/docs/operator-manual/upgrading/2.6-2.7.md index fa5e9ea9f7841..c4cc64ede6774 100644 --- a/docs/operator-manual/upgrading/2.6-2.7.md +++ b/docs/operator-manual/upgrading/2.6-2.7.md @@ -45,3 +45,9 @@ Note that bundled Helm version has been upgraded from 3.10.3 to 3.11.1. Argo CD 2.7 upgrades Sprig templating specifically within Argo CD notifications to v3. That upgrade includes an upgrade of [Masterminds/semver](https://github.com/Masterminds/semver/releases) to v3. Masterminds/semver v3 changed the behavior of the `^` prefix in semantic version constraints. If you are using sprig template functions in your notifications templates which include references to [Sprig's semver functions](https://masterminds.github.io/sprig/semver.html) and use the `^` prefix, read the [Masterminds/semver changelog](https://github.com/Masterminds/semver/releases/tag/v3.0.0) to understand how your notifications' behavior may change. + +## Tini as entrypoint + +The manifests are now using [`tini` as entrypoint][1], instead of `entrypoint.sh`. Until 2.8, `entrypoint.sh` is retained for upgrade compatibility. This means that the deployment manifests have to be updated after upgrading to 2.7, and before upgrading to 2.8 later. In case the manifests are updated before moving to 2.8, the containers will not be able to start. + +[1]: https://github.com/argoproj/argo-cd/pull/12707 diff --git a/docs/operator-manual/upgrading/overview.md b/docs/operator-manual/upgrading/overview.md index 736f84c911e22..0c1ede757c324 100644 --- a/docs/operator-manual/upgrading/overview.md +++ b/docs/operator-manual/upgrading/overview.md @@ -37,6 +37,7 @@ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/ +* [v2.6 to v2.7](./2.6-2.7.md) * [v2.5 to v2.6](./2.5-2.6.md) * [v2.4 to v2.5](./2.4-2.5.md) * [v2.3 to v2.4](./2.3-2.4.md) diff --git a/entrypoint.sh b/entrypoint.sh index 88515e217e4be..24862aca2172d 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh # If we're started as PID 1, we should wrap command execution through tini to # prevent leakage of orphaned processes ("zombies"). diff --git a/manifests/base/application-controller/argocd-application-controller-statefulset.yaml b/manifests/base/application-controller/argocd-application-controller-statefulset.yaml index d0c9ed68d7f1a..286a1d19126df 100644 --- a/manifests/base/application-controller/argocd-application-controller-statefulset.yaml +++ b/manifests/base/application-controller/argocd-application-controller-statefulset.yaml @@ -18,8 +18,8 @@ spec: app.kubernetes.io/name: argocd-application-controller spec: containers: - - command: - - argocd-application-controller + - args: + - /usr/local/bin/argocd-application-controller env: - name: ARGOCD_CONTROLLER_REPLICAS value: "1" diff --git a/manifests/base/applicationset-controller/argocd-applicationset-controller-deployment.yaml b/manifests/base/applicationset-controller/argocd-applicationset-controller-deployment.yaml index ed796dcf0a774..de42229ba5df6 100644 --- a/manifests/base/applicationset-controller/argocd-applicationset-controller-deployment.yaml +++ b/manifests/base/applicationset-controller/argocd-applicationset-controller-deployment.yaml @@ -16,9 +16,8 @@ spec: app.kubernetes.io/name: argocd-applicationset-controller spec: containers: - - command: - - entrypoint.sh - - argocd-applicationset-controller + - args: + - /usr/local/bin/argocd-applicationset-controller image: quay.io/argoproj/argocd:latest imagePullPolicy: Always name: argocd-applicationset-controller diff --git a/manifests/base/dex/argocd-dex-server-deployment.yaml b/manifests/base/dex/argocd-dex-server-deployment.yaml index dd2d37fea62e8..e2fd51d4ae5b2 100644 --- a/manifests/base/dex/argocd-dex-server-deployment.yaml +++ b/manifests/base/dex/argocd-dex-server-deployment.yaml @@ -20,7 +20,7 @@ spec: - name: copyutil image: quay.io/argoproj/argocd:latest imagePullPolicy: Always - command: [cp, -n, /usr/local/bin/argocd, /shared/argocd-dex] + command: [/bin/cp, -n, /usr/local/bin/argocd, /shared/argocd-dex] volumeMounts: - mountPath: /shared name: static-files diff --git a/manifests/base/notification/argocd-notifications-controller-deployment.yaml b/manifests/base/notification/argocd-notifications-controller-deployment.yaml index 94d01e7343f8a..8cdb55f11ce0e 100644 --- a/manifests/base/notification/argocd-notifications-controller-deployment.yaml +++ b/manifests/base/notification/argocd-notifications-controller-deployment.yaml @@ -29,8 +29,8 @@ spec: - key: ca.crt path: ca.crt containers: - - command: - - argocd-notifications + - args: + - /usr/local/bin/argocd-notifications workingDir: /app livenessProbe: tcpSocket: diff --git a/manifests/base/repo-server/argocd-repo-server-deployment.yaml b/manifests/base/repo-server/argocd-repo-server-deployment.yaml index 4966ff9e65ae8..1f1b4f2c2ef5e 100644 --- a/manifests/base/repo-server/argocd-repo-server-deployment.yaml +++ b/manifests/base/repo-server/argocd-repo-server-deployment.yaml @@ -21,7 +21,10 @@ spec: - name: argocd-repo-server image: quay.io/argoproj/argocd:latest imagePullPolicy: Always - command: [ "sh", "-c", "entrypoint.sh argocd-repo-server --redis $(ARGOCD_REDIS_SERVICE):6379"] + args: + - /usr/local/bin/argocd-repo-server + - "--redis" + - "$(ARGOCD_REDIS_SERVICE):6379" env: - name: ARGOCD_RECONCILIATION_TIMEOUT valueFrom: @@ -194,7 +197,7 @@ spec: name: plugins initContainers: - command: - - cp + - /bin/cp - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server diff --git a/manifests/base/server/argocd-server-deployment.yaml b/manifests/base/server/argocd-server-deployment.yaml index b5a9e405bd4d0..6cfd2c1aa5522 100644 --- a/manifests/base/server/argocd-server-deployment.yaml +++ b/manifests/base/server/argocd-server-deployment.yaml @@ -20,7 +20,8 @@ spec: - name: argocd-server image: quay.io/argoproj/argocd:latest imagePullPolicy: Always - command: [argocd-server] + args: + - /usr/local/bin/argocd-server env: - name: ARGOCD_SERVER_INSECURE valueFrom: diff --git a/manifests/core-install.yaml b/manifests/core-install.yaml index 55edbcf61ab29..bc4e6a3bee0e5 100644 --- a/manifests/core-install.yaml +++ b/manifests/core-install.yaml @@ -15628,9 +15628,8 @@ spec: app.kubernetes.io/name: argocd-applicationset-controller spec: containers: - - command: - - entrypoint.sh - - argocd-applicationset-controller + - args: + - /usr/local/bin/argocd-applicationset-controller env: - name: NAMESPACE valueFrom: @@ -15829,10 +15828,10 @@ spec: weight: 5 automountServiceAccountToken: false containers: - - command: - - sh - - -c - - entrypoint.sh argocd-repo-server --redis argocd-redis:6379 + - args: + - /usr/local/bin/argocd-repo-server + - --redis + - argocd-redis:6379 env: - name: ARGOCD_RECONCILIATION_TIMEOUT valueFrom: @@ -16008,7 +16007,7 @@ spec: name: plugins initContainers: - command: - - cp + - /bin/cp - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server @@ -16094,8 +16093,8 @@ spec: topologyKey: kubernetes.io/hostname weight: 5 containers: - - command: - - argocd-application-controller + - args: + - /usr/local/bin/argocd-application-controller env: - name: ARGOCD_CONTROLLER_REPLICAS value: "1" diff --git a/manifests/ha/base/overlays/argocd-application-controller-statefulset.yaml b/manifests/ha/base/overlays/argocd-application-controller-statefulset.yaml index 07b5c252c29cd..52300eb18a121 100644 --- a/manifests/ha/base/overlays/argocd-application-controller-statefulset.yaml +++ b/manifests/ha/base/overlays/argocd-application-controller-statefulset.yaml @@ -7,7 +7,7 @@ spec: spec: containers: - name: argocd-application-controller - command: - - argocd-application-controller + args: + - /usr/local/bin/argocd-application-controller - --redis - "argocd-redis-ha-haproxy:6379" diff --git a/manifests/ha/base/overlays/argocd-repo-server-deployment.yaml b/manifests/ha/base/overlays/argocd-repo-server-deployment.yaml index bcaadd2d1ea97..cb6c1cc05556d 100644 --- a/manifests/ha/base/overlays/argocd-repo-server-deployment.yaml +++ b/manifests/ha/base/overlays/argocd-repo-server-deployment.yaml @@ -22,8 +22,7 @@ spec: topologyKey: topology.kubernetes.io/zone containers: - name: argocd-repo-server - command: - - entrypoint.sh - - argocd-repo-server + args: + - /usr/local/bin/argocd-repo-server - --redis - "argocd-redis-ha-haproxy:6379" diff --git a/manifests/ha/base/overlays/argocd-server-deployment.yaml b/manifests/ha/base/overlays/argocd-server-deployment.yaml index 923b425f318c1..19ad165e81f68 100644 --- a/manifests/ha/base/overlays/argocd-server-deployment.yaml +++ b/manifests/ha/base/overlays/argocd-server-deployment.yaml @@ -25,7 +25,7 @@ spec: env: - name: ARGOCD_API_SERVER_REPLICAS value: '2' - command: - - argocd-server + args: + - /usr/local/bin/argocd-server - --redis - "argocd-redis-ha-haproxy:6379" diff --git a/manifests/ha/install.yaml b/manifests/ha/install.yaml index 50aef3ea5b871..3c96fca84af3b 100644 --- a/manifests/ha/install.yaml +++ b/manifests/ha/install.yaml @@ -16829,9 +16829,8 @@ spec: app.kubernetes.io/name: argocd-applicationset-controller spec: containers: - - command: - - entrypoint.sh - - argocd-applicationset-controller + - args: + - /usr/local/bin/argocd-applicationset-controller env: - name: NAMESPACE valueFrom: @@ -17003,7 +17002,7 @@ spec: name: argocd-dex-server-tls initContainers: - command: - - cp + - /bin/cp - -n - /usr/local/bin/argocd - /shared/argocd-dex @@ -17058,8 +17057,8 @@ spec: app.kubernetes.io/name: argocd-notifications-controller spec: containers: - - command: - - argocd-notifications + - args: + - /usr/local/bin/argocd-notifications image: quay.io/argoproj/argocd:latest imagePullPolicy: Always livenessProbe: @@ -17231,9 +17230,8 @@ spec: topologyKey: kubernetes.io/hostname automountServiceAccountToken: false containers: - - command: - - entrypoint.sh - - argocd-repo-server + - args: + - /usr/local/bin/argocd-repo-server - --redis - argocd-redis-ha-haproxy:6379 env: @@ -17411,7 +17409,7 @@ spec: name: plugins initContainers: - command: - - cp + - /bin/cp - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server @@ -17495,8 +17493,8 @@ spec: app.kubernetes.io/name: argocd-server topologyKey: kubernetes.io/hostname containers: - - command: - - argocd-server + - args: + - /usr/local/bin/argocd-server - --redis - argocd-redis-ha-haproxy:6379 env: @@ -17803,8 +17801,8 @@ spec: topologyKey: kubernetes.io/hostname weight: 5 containers: - - command: - - argocd-application-controller + - args: + - /usr/local/bin/argocd-application-controller - --redis - argocd-redis-ha-haproxy:6379 env: diff --git a/manifests/ha/namespace-install.yaml b/manifests/ha/namespace-install.yaml index 2b253ad85643c..766132e01c652 100644 --- a/manifests/ha/namespace-install.yaml +++ b/manifests/ha/namespace-install.yaml @@ -1494,9 +1494,8 @@ spec: app.kubernetes.io/name: argocd-applicationset-controller spec: containers: - - command: - - entrypoint.sh - - argocd-applicationset-controller + - args: + - /usr/local/bin/argocd-applicationset-controller env: - name: NAMESPACE valueFrom: @@ -1668,7 +1667,7 @@ spec: name: argocd-dex-server-tls initContainers: - command: - - cp + - /bin/cp - -n - /usr/local/bin/argocd - /shared/argocd-dex @@ -1723,8 +1722,8 @@ spec: app.kubernetes.io/name: argocd-notifications-controller spec: containers: - - command: - - argocd-notifications + - args: + - /usr/local/bin/argocd-notifications image: quay.io/argoproj/argocd:latest imagePullPolicy: Always livenessProbe: @@ -1896,9 +1895,8 @@ spec: topologyKey: kubernetes.io/hostname automountServiceAccountToken: false containers: - - command: - - entrypoint.sh - - argocd-repo-server + - args: + - /usr/local/bin/argocd-repo-server - --redis - argocd-redis-ha-haproxy:6379 env: @@ -2076,7 +2074,7 @@ spec: name: plugins initContainers: - command: - - cp + - /bin/cp - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server @@ -2160,8 +2158,8 @@ spec: app.kubernetes.io/name: argocd-server topologyKey: kubernetes.io/hostname containers: - - command: - - argocd-server + - args: + - /usr/local/bin/argocd-server - --redis - argocd-redis-ha-haproxy:6379 env: @@ -2468,8 +2466,8 @@ spec: topologyKey: kubernetes.io/hostname weight: 5 containers: - - command: - - argocd-application-controller + - args: + - /usr/local/bin/argocd-application-controller - --redis - argocd-redis-ha-haproxy:6379 env: diff --git a/manifests/install.yaml b/manifests/install.yaml index 11f4a84ebb247..438682f3adf4d 100644 --- a/manifests/install.yaml +++ b/manifests/install.yaml @@ -15948,9 +15948,8 @@ spec: app.kubernetes.io/name: argocd-applicationset-controller spec: containers: - - command: - - entrypoint.sh - - argocd-applicationset-controller + - args: + - /usr/local/bin/argocd-applicationset-controller env: - name: NAMESPACE valueFrom: @@ -16122,7 +16121,7 @@ spec: name: argocd-dex-server-tls initContainers: - command: - - cp + - /bin/cp - -n - /usr/local/bin/argocd - /shared/argocd-dex @@ -16177,8 +16176,8 @@ spec: app.kubernetes.io/name: argocd-notifications-controller spec: containers: - - command: - - argocd-notifications + - args: + - /usr/local/bin/argocd-notifications image: quay.io/argoproj/argocd:latest imagePullPolicy: Always livenessProbe: @@ -16307,10 +16306,10 @@ spec: weight: 5 automountServiceAccountToken: false containers: - - command: - - sh - - -c - - entrypoint.sh argocd-repo-server --redis argocd-redis:6379 + - args: + - /usr/local/bin/argocd-repo-server + - --redis + - argocd-redis:6379 env: - name: ARGOCD_RECONCILIATION_TIMEOUT valueFrom: @@ -16486,7 +16485,7 @@ spec: name: plugins initContainers: - command: - - cp + - /bin/cp - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server @@ -16570,8 +16569,8 @@ spec: topologyKey: kubernetes.io/hostname weight: 5 containers: - - command: - - argocd-server + - args: + - /usr/local/bin/argocd-server env: - name: ARGOCD_SERVER_INSECURE valueFrom: @@ -16874,8 +16873,8 @@ spec: topologyKey: kubernetes.io/hostname weight: 5 containers: - - command: - - argocd-application-controller + - args: + - /usr/local/bin/argocd-application-controller env: - name: ARGOCD_CONTROLLER_REPLICAS value: "1" diff --git a/manifests/namespace-install.yaml b/manifests/namespace-install.yaml index ee0052d4912c7..b43778019fe0c 100644 --- a/manifests/namespace-install.yaml +++ b/manifests/namespace-install.yaml @@ -613,9 +613,8 @@ spec: app.kubernetes.io/name: argocd-applicationset-controller spec: containers: - - command: - - entrypoint.sh - - argocd-applicationset-controller + - args: + - /usr/local/bin/argocd-applicationset-controller env: - name: NAMESPACE valueFrom: @@ -787,7 +786,7 @@ spec: name: argocd-dex-server-tls initContainers: - command: - - cp + - /bin/cp - -n - /usr/local/bin/argocd - /shared/argocd-dex @@ -842,8 +841,8 @@ spec: app.kubernetes.io/name: argocd-notifications-controller spec: containers: - - command: - - argocd-notifications + - args: + - /usr/local/bin/argocd-notifications image: quay.io/argoproj/argocd:latest imagePullPolicy: Always livenessProbe: @@ -972,10 +971,10 @@ spec: weight: 5 automountServiceAccountToken: false containers: - - command: - - sh - - -c - - entrypoint.sh argocd-repo-server --redis argocd-redis:6379 + - args: + - /usr/local/bin/argocd-repo-server + - --redis + - argocd-redis:6379 env: - name: ARGOCD_RECONCILIATION_TIMEOUT valueFrom: @@ -1151,7 +1150,7 @@ spec: name: plugins initContainers: - command: - - cp + - /bin/cp - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server @@ -1235,8 +1234,8 @@ spec: topologyKey: kubernetes.io/hostname weight: 5 containers: - - command: - - argocd-server + - args: + - /usr/local/bin/argocd-server env: - name: ARGOCD_SERVER_INSECURE valueFrom: @@ -1539,8 +1538,8 @@ spec: topologyKey: kubernetes.io/hostname weight: 5 containers: - - command: - - argocd-application-controller + - args: + - /usr/local/bin/argocd-application-controller env: - name: ARGOCD_CONTROLLER_REPLICAS value: "1" diff --git a/mkdocs.yml b/mkdocs.yml index fa7549072c306..694e099dc8424 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -113,6 +113,7 @@ nav: - operator-manual/server-commands/additional-configuration-method.md - Upgrading: - operator-manual/upgrading/overview.md + - operator-manual/upgrading/2.6-2.7.md - operator-manual/upgrading/2.5-2.6.md - operator-manual/upgrading/2.4-2.5.md - operator-manual/upgrading/2.3-2.4.md