OperatorHub bundle generation (#31)

Implement OperatorHub bundle generation. Signed-off-by: Tomash Sidei <[email protected]>
IBM · Apr 12, 2021 · ecab38e · ecab38e
1 parent f3320be
commit ecab38e
Show file tree

Hide file tree

Showing 14 changed files with 386 additions and 22 deletions.
diff --git a/.github/workflows/helm.yml b/.github/workflows/helm.yml
@@ -38,9 +38,6 @@ jobs:
           ./bin/yq w -i varnish-operator/Chart.yaml 'appVersion' $VERSION
           ./bin/yq w -i varnish-operator/Chart.yaml 'version' $VERSION
           ./bin/yq w -i varnish-operator/values.yaml 'container.image' $(./bin/yq r varnish-operator/values.yaml 'container.image' | sed "s/:.*/:$VERSION/")
-          ./bin/yq w -i config/samples/varnishcluster.yaml 'spec.varnish.image' $(./bin/yq r config/samples/varnishcluster.yaml 'spec.varnish.image' | sed "s/:.*/:$VERSION/")
-          ./bin/yq w -i config/samples/varnishcluster.yaml 'spec.varnish.controller.image' $(./bin/yq r config/samples/varnishcluster.yaml 'spec.varnish.controller.image' | sed "s/:.*/:$VERSION/")
-          ./bin/yq w -i config/samples/varnishcluster.yaml 'spec.varnish.metricsExporter.image' $(./bin/yq r config/samples/varnishcluster.yaml 'spec.varnish.metricsExporter.image' | sed "s/:.*/:$VERSION/")
       - name: Package chart
         run: |
           git config --global user.email ""

diff --git a/Makefile b/Makefile
@@ -1,7 +1,7 @@
 # Image URL to use in all building/pushing image targets
 ROOT_DIR := $(dir $(realpath $(lastword $(MAKEFILE_LIST))))
 VERSION ?= "local"
-PUBLISH_IMG ?= varnish-operator:${VERSION}
+PUBLISH_IMG ?= ibmcom/varnish-operator:${VERSION}
 IMG ?= ${PUBLISH_IMG}-dev
 VARNISH_PUBLISH_IMG ?= varnish:${VERSION}
 VARNISH_IMG ?= ${VARNISH_PUBLISH_IMG}-dev
@@ -41,7 +41,7 @@ uninstall:
 # Generate manifests e.g. CRD, RBAC etc.
 manifests:
 	# CRD apiextensions.k8s.io/v1
-	$(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=varnish-operator output:rbac:none paths="./..." output:crd:artifacts:config=config/crd/bases
+	$(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=varnish-operator paths="./..." output:crd:artifacts:config=config/crd/bases
 	kustomize build ${ROOT_DIR}config/crd > $(ROOT_DIR)varnish-operator/crds/varnishcluster.yaml
 
 	# ClusterRole
@@ -147,4 +147,21 @@ endif
 e2e-tests:
 	sh $(ROOT_DIR)hack/create_dev_cluster.sh
 	KUBECONFIG=$(ROOT_DIR)e2e-tests-kubeconfig go test ./tests
-	sh $(ROOT_DIR)hack/delete_dev_cluster.sh
+	sh $(ROOT_DIR)hack/delete_dev_cluster.sh
+
+KUSTOMIZE = $(shell pwd)/bin/kustomize
+kustomize:
+	$(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/[email protected])
+
+# Generate bundle manifests and metadata, then validate generated files.
+.PHONY: bundle
+bundle: manifests kustomize
+	yq w -i config/manager/deployment.yaml 'spec.template.spec.containers(name==varnish-operator).env(name==CONTAINER_IMAGE).value' $(PUBLISH_IMG)
+	yq w -i config/manifests/bases/varnish-operator.clusterserviceversion.yaml 'metadata.annotations.containerImage' $(PUBLISH_IMG)
+	yq w -i config/manifests/bases/varnish-operator.clusterserviceversion.yaml 'metadata.annotations.createdAt' $(date +"%Y-%m-%d")
+	operator-sdk generate kustomize manifests -q
+	cd config/manager && $(KUSTOMIZE) edit set image controller=$(PUBLISH_IMG)
+	$(KUSTOMIZE) build config/manifests | operator-sdk generate bundle -q --overwrite --version $(VERSION) $(BUNDLE_METADATA_OPTS)
+	operator-sdk bundle validate ./bundle
+	cp Dockerfile.bundle ./bundle/Dockerfile
+	mv ./bundle ./$(VERSION)
diff --git a/PROJECT b/PROJECT
@@ -1,7 +1,18 @@
-version: "2"
 domain: ibm.com
+layout: go.kubebuilder.io/v3
+projectName: varnish-operator
 repo: github.com/ibm/varnish-operator
 resources:
-- group: caching
-  version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: ibm.com
+  group: caching
   kind: VarnishCluster
+  path: github.com/ibm/varnish-operator/api/v1alpha1
+  version: v1alpha1
+version: "3"
+plugins:
+  manifests.sdk.operatorframework.io/v2: {}
+  scorecard.sdk.operatorframework.io/v2: {}
diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml
@@ -0,0 +1,7 @@
+namespace: varnish-operator
+namePrefix: varnish-operator-
+
+bases:
+- ../crd
+- ../rbac
+- ../manager
diff --git a/config/manager/deployment.yaml b/config/manager/deployment.yaml
@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: controller
+  namespace: system
+  labels:
+    operator: varnish-operator
+spec:
+  selector:
+    matchLabels:
+      operator: varnish-operator
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        operator: varnish-operator
+    spec:
+      serviceAccountName: varnish-operator
+      containers:
+        - image: controller:latest
+          name: varnish-operator
+          securityContext:
+            allowPrivilegeEscalation: false
+          readinessProbe:
+            httpGet:
+              path: /readyz
+              port: 8234
+            initialDelaySeconds: 5
+            periodSeconds: 10
+          resources:
+            limits:
+              cpu: 500m
+              memory: 200Mi
+            requests:
+              cpu: 500m
+              memory: 200Mi
+          env:
+            - name: NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+            - name: LEADERELECTION_ENABLED
+              value: "false"
+            - name: CONTAINER_IMAGE
+              value: ibmcom/varnish-operator:0.27.2
+            - name: WEBHOOKS_ENABLED
+              value: "false"
+            - name: LOGLEVEL
+              value: info
+            - name: LOGFORMAT
+              value: json
+          ports:
+            - containerPort: 8329
+              name: metrics
+            - containerPort: 7340
+              name: webhook
+            - containerPort: 8234
+              name: healthz
+      terminationGracePeriodSeconds: 10
diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml
@@ -0,0 +1,9 @@
+resources:
+- deployment.yaml
+
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+images:
+- name: controller
+  newName: ibmcom/varnish-operator
+  newTag: 0.27.2
diff --git a/config/manifests/bases/varnish-operator.clusterserviceversion.yaml b/config/manifests/bases/varnish-operator.clusterserviceversion.yaml
diff --git a/config/manifests/kustomization.yaml b/config/manifests/kustomization.yaml
@@ -0,0 +1,3 @@
+resources:
+- ../default
+- ../samples
diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml
@@ -0,0 +1,3 @@
+resources:
+- role.yaml
+- role_binding.yaml
diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
@@ -0,0 +1,140 @@
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  name: varnish-operator
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - endpoints
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - create
+  - patch
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - get
+  - list
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - create
+  - get
+  - list
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - serviceaccounts
+  - services
+  verbs:
+  - create
+  - delete
+  - list
+  - update
+  - watch
+- apiGroups:
+  - apps
+  resources:
+  - statefulsets
+  verbs:
+  - create
+  - delete
+  - list
+  - update
+  - watch
+- apiGroups:
+  - caching.ibm.com
+  resources:
+  - varnishclusters
+  verbs:
+  - create
+  - delete
+  - list
+  - update
+  - watch
+- apiGroups:
+  - caching.ibm.com
+  resources:
+  - varnishclusters/finalizers
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - caching.ibm.com
+  resources:
+  - varnishclusters/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - servicemonitors
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - update
+  - watch
+- apiGroups:
+  - policy
+  resources:
+  - poddisruptionbudgets
+  verbs:
+  - create
+  - delete
+  - list
+  - update
+  - watch
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - clusterrolebindings
+  - clusterroles
+  - rolebindings
+  - roles
+  verbs:
+  - create
+  - delete
+  - list
+  - update
+  - watch
diff --git a/config/rbac/role_binding.yaml b/config/rbac/role_binding.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: manager-rolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: varnish-operator
+subjects:
+- kind: ServiceAccount
+  name: varnish-operator
+  namespace: system
diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml
@@ -0,0 +1,2 @@
+resources:
+- varnishcluster.yaml
diff --git a/config/samples/varnishcluster.yaml b/config/samples/varnishcluster.yaml
@@ -6,12 +6,12 @@ spec:
   # The number of varnish instances to run. Default: 1
   replicas: 1
   # updateStrategy can be used to control the way Varnish pods will be updated. "OnDelete" is by default.
-  updateStrategy:
-    type: "OnDelete" #can be "OnDelete", "RollingUpdate" and "DelayedRollingUpdate"
+#  updateStrategy:
+#    type: "OnDelete" #can be "OnDelete", "RollingUpdate" and "DelayedRollingUpdate"
   varnish:
     # path to image + tag
-    image: ibmcom/varnish:0.27.2
-    imagePullPolicy: Always
+#    image: ibmcom/varnish:0.27.2
+#    imagePullPolicy: Always
     # Resources allocated to the Varnish pod through Kubernetes. It is strongly recommended that you specify resources,
     # since Varnish is an in-memory cache, and you do not want it restarting frequently.
     #resources:
@@ -26,9 +26,9 @@ spec:
     args: ["-p", "default_ttl=3600", "-p", "default_grace=3600"]
     # varnish's controller - an optional definiton for the pod. It allows override default image name and pull policy
     # and defines the container's resources allocation.
-    controller:
+#    controller:
       #  # path to image + tag to override, by default it refers to varnish.image with "-controller" suffix image.
-      image: ibmcom/varnish-controller:0.27.2
+#      image: ibmcom/varnish-controller:0.27.2
       #  # imagePullPolicy controls how the varnish-controller image will be pulled for new containers
       #  imagePullPolicy: Always
       #  # Resources allocated to the Varnish controller container through Kubernetes.
@@ -42,9 +42,9 @@ spec:
     # varnish's metrics exporter - an optional definiton for the pod. It allows override default image name and pull policy
     # and defines the container's resources allocation.
 
-    metricsExporter:
+#    metricsExporter:
       #  # path to image + tag to override, by default it refers to varnish.image with "-metrics-exporter" suffix image.
-      image: ibmcom/varnish-metrics-exporter:0.27.2
+#      image: ibmcom/varnish-metrics-exporter:0.27.2
       #  # imagePullPolicy controls how the varnish-metrics-exporter image will be pulled for new containers
       #  imagePullPolicy: Always
       #  # Resources allocated to the Varnish metrics exporter container through Kubernetes.
@@ -83,10 +83,10 @@ spec:
     #     remote: 10
   service:
     port: 80
-    metricsPort: 8080
-    type: ClusterIP # ClusterIP, LoadBalancer and NodePort are supported
-    annotations:
-      example: annotation
+#    metricsPort: 8080
+#    type: ClusterIP # ClusterIP, LoadBalancer and NodePort are supported
+#    annotations:
+#      example: annotation
   # Affinity configuration to apply to Varnish pods.
   # For more on affinity, see https://kubernetes.io/docs/concepts/configuration/assign-pod-node#affinity-and-anti-affinity
   #affinity:
@@ -143,4 +143,4 @@ spec:
   # logging level: "debug", "info", "warn", "error"
   #logLevel: info
   # logging encoder: "json", "console"
-  logFormat: console
+#  logFormat: console