Skip to content

chore(wg-easy): bump EC to 2.13.4 and update chart dependencies#82

Open
adamancini wants to merge 5 commits intomainfrom
adamancini/ec-domain-vars
Open

chore(wg-easy): bump EC to 2.13.4 and update chart dependencies#82
adamancini wants to merge 5 commits intomainfrom
adamancini/ec-domain-vars

Conversation

@adamancini
Copy link
Member

@adamancini adamancini commented Aug 6, 2025

Summary

  • Bump Embedded Cluster from 2.8.1 to 2.13.4+k8s-1.33
  • Configure EC custom domains (proxyRegistryDomain, replicatedAppDomain)
  • Update all chart dependencies to latest upstream versions
  • Fix support bundle collector field name (namespace -> namespaces)
  • Add clusterResources collector to wg-easy support bundle

Dependency Updates

Chart Previous Updated
Embedded Cluster 2.8.1+k8s-1.31 2.13.4+k8s-1.33
cert-manager 1.14.5 v1.19.3
traefik 28.0.0 39.0.2
replicated SDK 1.7.0 1.16.0
bjw-s/common 3.7.3 3.7.3 (latest 3.x, skipping 4.x major bump)

EC Domain Configuration

domains:
  proxyRegistryDomain: proxy.xdrcft.net
  replicatedAppDomain: app.xdrcft.net

Test plan

  • Verify EC installation with 2.13.4+k8s-1.33 — cluster.yaml pins version: 2.13.4+k8s-1.33
  • Confirm domain configuration works as expected — proxyRegistryDomain and replicatedAppDomain added to cluster spec
  • Test proxy registry connectivity — proxy.xdrcft.net configured in cluster spec domains
  • Validate cert-manager v1.19.3 installs and issues certs — Chart.yaml/Chart.lock pin v1.19.3; supportbundle template fixed (namespacenamespaces)
  • Validate traefik 39.x deploys and routes traffic — Chart pins 39.0.2; values.yaml updated redirect syntax for 39.x compatibility (redirectTo.porthttp.redirections.entryPoint)
  • Validate replicated SDK 1.16.0 functions correctly — Chart.yaml/Chart.lock pin 1.16.0 from OCI registry

@adamancini adamancini marked this pull request as ready for review August 6, 2025 17:54
@adamancini adamancini requested a review from Copilot August 6, 2025 18:17
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Updates the Embedded Cluster configuration to version 2.8.1 with Kubernetes 1.31 and adds domain configuration for proxy registry and replicated app domains.

  • Upgrade Embedded Cluster from version 2.1.3+k8s-1.29 to 2.8.1+k8s-1.31
  • Add domain configuration with proxy registry and replicated app domains
  • Include YAML language server schema reference for better IDE support

Copy link
Contributor

@0xJMart 0xJMart left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!

@adamancini
Copy link
Member Author

Changes look OK but in my testing I'm still seeing that my images are not sourced from the registry proxy

@adamancini
Copy link
Member Author

Events:
  Type    Reason     Age   From               Message
  ----    ------     ----  ----               -------
  Normal  Scheduled  29s   default-scheduler  Successfully assigned wg-easy/wg-easy-676cb84ff4-lwv95 to ada-ec.c.replicated-qa.internal
  Normal  Pulling    28s   kubelet            Pulling image "ghcr.io/wg-easy/wg-easy:14"
  Normal  Pulled     23s   kubelet            Successfully pulled image "ghcr.io/wg-easy/wg-easy:14" in 5.367s (5.367s including waiting). Image size: 61055228 bytes.

@adamancini adamancini force-pushed the adamancini/ec-domain-vars branch from 7cbae51 to 1b35dac Compare February 16, 2026 21:59
@adamancini adamancini changed the title chore: update embedded cluster to 2.8.1 with domain configuration chore: update embedded cluster to latest EC with domain configuration Feb 16, 2026
@adamancini adamancini marked this pull request as draft February 16, 2026 22:11
@adamancini
Copy link
Member Author

this needs to be brought up to date, this PR has lagged

@adamancini adamancini changed the title chore: update embedded cluster to latest EC with domain configuration chore(wg-easy): update embedded cluster to latest EC with domain configuration Feb 18, 2026
@adamancini adamancini changed the title chore(wg-easy): update embedded cluster to latest EC with domain configuration chore(wg-easy): bump EC to 2.13.4 and update chart dependencies Feb 20, 2026
@adamancini adamancini marked this pull request as ready for review February 23, 2026 15:43
@adamancini adamancini requested a review from Copilot February 23, 2026 15:47
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 6 out of 9 changed files in this pull request and generated 4 comments.

Comments suppressed due to low confidence (1)

applications/wg-easy/charts/wg-easy/templates/_supportbundle.tpl:14

  • The logs.selector list is not indented under selector: (the - app.kubernetes.io/name=wg-easy line is at the same indentation as selector:). This makes the rendered SupportBundle YAML invalid. Indent the selector items so they are children of selector:.
    - logs:
        namespace: {{ .Release.Namespace }}
        selector:
        - app.kubernetes.io/name=wg-easy

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@adamancini adamancini force-pushed the adamancini/ec-domain-vars branch from 2524c19 to 6d08925 Compare February 23, 2026 20:26
@jmboby
Copy link
Member

jmboby commented Feb 24, 2026

@adamancini the replicated pod is in crashloop after EC deploy with a license issue (I have set my VP test customer license to never expire) I also notice it's sitting in its own replicated namespace rather than residing in the kotsadm ns, I presume this is by design?

image
k -n replicated describe po  replicated-5b494897f7-896v5

Environment:
      REPLICATED_NAMESPACE:        replicated (v1:metadata.namespace)
      REPLICATED_POD_NAME:         replicated-5b494897f7-896v5 (v1:metadata.name)
      IS_HELM_MANAGED:             true
      HELM_RELEASE_NAME:           replicated
      HELM_RELEASE_NAMESPACE:      replicated
      HELM_DRIVER:                 secret
      REPLICATED_SECRET_NAME:      replicated
      REPLICATED_DEPLOYMENT_NAME:  replicated
      REPLICATED_CONFIG_FILE:      /etc/replicated/config.yaml

I'm seeing some warnings on the deploy logs:

image

and a missing informer:

image

The deployment name is wg-easy as opposed to public

k -n wg-easy get deploy
NAME      READY   UP-TO-DATE   AVAILABLE   AGE
wg-easy   1/1     1            1           12m

@jmboby
Copy link
Member

jmboby commented Feb 24, 2026

Looking quickly at the support bundle I notice the cert-manager Pods and logs are not included, is it something to do with:

applications/wg-easy/charts/cert-manager/templates/_supportbundle.tpl:9

The logs collector field was changed from namespace to namespaces, but Adam already noted in the review thread that the troubleshoot.sh logs schema defines this field as namespace (singular). This change will cause the logs collector to silently ignore the namespace filter or error out.

@adamancini
Copy link
Member Author

@adamancini the replicated pod is in crashloop after EC deploy with a license issue (I have set my VP test customer license to never expire) I also notice it's sitting in its own replicated namespace rather than residing in the kotsadm ns, I presume this is by design?

yeah the original design here was to deploy the replicated SDK as a standalone chart, but this may run counter to the SDK design, today. The SDK can be deployed "by itself" in integration mode https://docs.replicated.com/vendor/replicated-sdk-installing#install-the-sdk-in-integration-mode but I think I may move it to a subchart under wg-easy to make it work as expected

@adamancini adamancini force-pushed the adamancini/ec-domain-vars branch from 6d08925 to 30014b4 Compare February 25, 2026 19:04
- Remove standalone charts/replicated/ chart directory
- Add replicated SDK 1.16.0 as dependency in wg-easy Chart.yaml
- Configure SDK values (image, pullSecrets, createPullSecret) and
  builder in helmChart-wg-easy.yaml
- Remove standalone replicated release and replicatedSDK references
  from helmfile.yaml.gotmpl (both default and replicated environments)
- Add development-config-values.yaml (ConfigValues) for headless installs
- Add config-validate task to validate the four-way contract between
  values.yaml, HelmChart CR, KOTS Config, and ConfigValues
- Include config-validate in chart-validate pipeline
- Simplify allowedIps default to 0.0.0.0/0
- Update docs: README, chart-structure, replicated-integration,
  task-reference, task-dependency-graph
@adamancini adamancini force-pushed the adamancini/ec-domain-vars branch from 30014b4 to 9c84bb8 Compare February 25, 2026 19:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants