Update Chart for SSH reruns open preview

Chart.yaml

@@ -4,5 +4,5 @@ description: For deploying a CircleCI Container Agent
 icon: https://raw.githubusercontent.com/circleci/media/master/logo/build/horizontal_dark.1.png
 type: application
 
-version: "101.0.16"
+version: "101.0.17"
 appVersion: "3"

README.md

@@ -2,7 +2,7 @@
 
 For deploying a CircleCI Container Agent
 
-![Version: 101.0.16](https://img.shields.io/badge/Version-101.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3](https://img.shields.io/badge/AppVersion-3-informational?style=flat-square)
+![Version: 101.0.17](https://img.shields.io/badge/Version-101.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3](https://img.shields.io/badge/AppVersion-3-informational?style=flat-square)
 
 ## Contributing
 
@@ -83,12 +83,12 @@ The command removes all the Kubernetes objects associated with the chart and del
 | agent.resourceClasses | object | `{}` | Resource class settings. The tokens specified here will be used to claim tasks & the tasks will be launched with the configured configs Ref: https://circleci.com/docs/container-runner/#resource-class-configuration-custom-pod |
 | agent.resources | object | `{}` | Agent pod resource configuration Ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
 | agent.runnerAPI | string | `"https://runner.circleci.com"` | CircleCI Runner API URL |
-| agent.ssh.controllerName | string | `"gateway.envoyproxy.io/gatewayclass-controller"` | The name of the infrastructure provider for the SSH rerun Gateway (see: https://gateway-api.sigs.k8s.io/implementations/). SSH reruns depend on the TCPRoute resource, so only implementations that support it are compatible at this time. Please consult the documentation for your preferred Gateway implementation for guidance on setting it up in your cluster. The Envoy Gateway has been successfully tested for SSH reruns (see: https://gateway.envoyproxy.io/latest/user/tcp-routing/). |
-| agent.ssh.enabled | bool | `false` | Controls whether to enable SSH reruns (see: https://circleci.com/docs/ssh-access-jobs/). Note that enabling SSH reruns will install additional resources to your cluster. Notably, SSH reruns requires the Kubernetes Gateway API (see: https://gateway-api.sigs.k8s.io/). |
-| agent.ssh.existingGatewayClassName | string | `""` | Alternatively, you can provide an existing GatewayClass name instead of creating a new one. The GatewayClass resource is a cluster-scoped resource defined by the infrastructure provider, so you may want to manage this resource externally. Note: Configuration specific to SSH reruns is defined in the namespace-scoped Gateway resource. For more information, see: https://gateway-api.sigs.k8s.io/api-types/gatewayclass/#gatewayclass |
-| agent.ssh.numPorts | int | `20` |  |
-| agent.ssh.parametersRef | object | `{}` | Specify controller-specific configuration for the Gateway. For more information, see: https://gateway-api.sigs.k8s.io/api-types/gatewayclass/#gatewayclass-parameters |
-| agent.ssh.startPort | int | `54782` | Specify the port range that is approved for SSH connections. Note that the number of concurrent jobs rerun with SSH is limited by the number of ports in this range. |
+| agent.ssh.controllerName | string | `"gateway.envoyproxy.io/gatewayclass-controller"` | The name of the [Gateway controller](https://gateway-api.sigs.k8s.io/guides/#installing-a-gateway-controller). The rerun jobs with SSH feature requires [Gateway API](https://gateway-api.sigs.k8s.io/) to facilitate SSH access, which requires additional setup of a [Gateway controller](https://gateway-api.sigs.k8s.io/guides/#installing-a-gateway-controller) on your cluster that supports the [TCPRoute](https://gateway-api.sigs.k8s.io/guides/tcp/) resource. CircleCI currently supports [Envoy Gateway](https://gateway.envoyproxy.io/) for SSH reruns, [read the docs](https://circleci.com/docs/container-runner-installation/#1-install-envoy-gateway-to-your-cluster) on setting it up. Otherwise, consult the documentation for your preferred Gateway controller on installing it in your cluster. |
+| agent.ssh.enabled | bool | `false` | Enable [rerunning jobs with SSH](https://circleci.com/docs/ssh-access-jobs/). For instructions on setting up this feature, [read the docs](https://circleci.com/docs/container-runner-installation/#enable-rerun-job-with-ssh). |
+| agent.ssh.existingGatewayClassName | string | `""` | Provide an existing GatewayClass instead of creating a new one. The GatewayClass resource is a cluster-scoped resource defined by the infrastructure provider, so you may want to manage this resource externally. Note that configuration specific to SSH reruns is defined in the namespace-scoped Gateway resource. For more information, see the [Gateway API reference](https://gateway-api.sigs.k8s.io/api-types/gatewayclass/#gatewayclass). |
+| agent.ssh.numPorts | int | `20` | Specify the number of ports for SSH. Used in conjunction with `agent.ssh.startPort` for port ranging. Note that the number of concurrent jobs rerun with SSH is limited by the number of ports in this range. |
+| agent.ssh.parametersRef | object | `{}` | Specify controller-specific configuration for the GatewayClass. For more information, see the [Gateway API reference](https://gateway-api.sigs.k8s.io/api-types/gatewayclass/#gatewayclass-parameters). |
+| agent.ssh.startPort | int | `54782` | Specify the start port for SSH. Used in conjunction with `agent.ssh.numPorts` for port ranging. Note that you may need to set rules on your firewall or Gateway controller configuration to allow this port range. |
 | agent.terminationGracePeriodSeconds | int | `18300` | Tasks are drained during the termination grace period, so this should be sufficiently long relative to the maximum run time to ensure graceful shutdown |
 | agent.tolerations | list | `[]` | Node tolerations for agent scheduling to nodes with taints Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ |
 | logging | object | `{"image":{"registry":"","repository":"circleci/logging-collector","tag":3},"rbac":{"create":true,"role":{"name":"logging-collector","rules":[]}},"serviceAccount":{"annotations":{},"create":true,"name":"logging-collector","secret":{"name":"logging-collector-token"}}}` | Configuration values for the logging containers. These containers run alongside service containers and stream their logs to the CircleCI UI |

changelog.md

@@ -2,6 +2,10 @@
 
 This is the Container Agent Helm Chart changelog
 
+# 101.0.17
+
+- [#37](https://github.com/CircleCI-Public/container-runner-helm-chart/pull/37) SSH reruns open preview
+
 # 101.0.16
 
 - [#36](https://github.com/CircleCI-Public/container-runner-helm-chart/pull/36) Add field to set arbitrary environment variables for container-agent

values.yaml

@@ -208,28 +208,32 @@ agent:
     interval: 15m
 
   ssh:
-    # -- Controls whether to enable SSH reruns (see: https://circleci.com/docs/ssh-access-jobs/).
-    # Note that enabling SSH reruns will install additional resources to your cluster. Notably,
-    # SSH reruns requires the Kubernetes Gateway API (see: https://gateway-api.sigs.k8s.io/).
+    # -- Enable [rerunning jobs with SSH](https://circleci.com/docs/ssh-access-jobs/).
+    # For instructions on setting up this feature, [read the docs](https://circleci.com/docs/container-runner-installation/#enable-rerun-job-with-ssh).
     enabled: false
 
-    # -- The name of the infrastructure provider for the SSH rerun Gateway (see: https://gateway-api.sigs.k8s.io/implementations/).
-    # SSH reruns depend on the TCPRoute resource, so only implementations that support it are compatible at this time.
-    # Please consult the documentation for your preferred Gateway implementation for guidance on setting it up in your cluster.
-    # The Envoy Gateway has been successfully tested for SSH reruns (see: https://gateway.envoyproxy.io/latest/user/tcp-routing/).
+    # -- The name of the [Gateway controller](https://gateway-api.sigs.k8s.io/guides/#installing-a-gateway-controller).
+    # The rerun jobs with SSH feature requires [Gateway API](https://gateway-api.sigs.k8s.io/) to facilitate SSH access,
+    # which involves additional setup of a [Gateway controller](https://gateway-api.sigs.k8s.io/guides/#installing-a-gateway-controller)
+    # on your cluster that supports the [TCPRoute](https://gateway-api.sigs.k8s.io/guides/tcp/) resource.
+    # CircleCI currently supports [Envoy Gateway](https://gateway.envoyproxy.io/) for SSH reruns,
+    # [read the docs](https://circleci.com/docs/container-runner-installation/#1-install-envoy-gateway-to-your-cluster) on setting it up.
+    # Otherwise, consult the documentation for your preferred Gateway controller on installing it in your cluster.
     controllerName: "gateway.envoyproxy.io/gatewayclass-controller"
-    # -- Specify controller-specific configuration for the Gateway.
-    # For more information, see: https://gateway-api.sigs.k8s.io/api-types/gatewayclass/#gatewayclass-parameters
+    # -- Specify controller-specific configuration for the GatewayClass.
+    # For more information, see the [Gateway API reference](https://gateway-api.sigs.k8s.io/api-types/gatewayclass/#gatewayclass-parameters).
     parametersRef: {}
-    # -- Alternatively, you can provide an existing GatewayClass name instead of creating a new one. The GatewayClass resource is a
+    # -- Provide an existing GatewayClass instead of creating a new one. The GatewayClass resource is a
     # cluster-scoped resource defined by the infrastructure provider, so you may want to manage this resource externally.
-    # Note: Configuration specific to SSH reruns is defined in the namespace-scoped Gateway resource.
-    # For more information, see: https://gateway-api.sigs.k8s.io/api-types/gatewayclass/#gatewayclass
+    # Note that configuration specific to SSH reruns is defined in the namespace-scoped Gateway resource.
+    # For more information, see the [Gateway API reference](https://gateway-api.sigs.k8s.io/api-types/gatewayclass/#gatewayclass).
     existingGatewayClassName: ""
 
-    # -- Specify the port range that is approved for SSH connections.
-    # Note that the number of concurrent jobs rerun with SSH is limited by the number of ports in this range.
+    # -- Specify the start port for SSH. Used in conjunction with `agent.ssh.numPorts` for port ranging.
+    # Note that you may need to set rules on your firewall or Gateway controller configuration to allow this port range.
     startPort: 54782
+    # -- Specify the number of ports for SSH. Used in conjunction with `agent.ssh.startPort` for port ranging.
+    # Note that the number of concurrent jobs rerun with SSH is limited by the number of ports in this range.
     numPorts: 20
 
 # -- Kubernetes service account settings