From ca2b83da5c33870f63a18bed766e5c538c5fa6e3 Mon Sep 17 00:00:00 2001 From: eromanova Date: Tue, 4 Jun 2024 22:56:51 +0400 Subject: [PATCH 01/19] Add basic k0smotron+aws template Basic k0smotron+aws template on existing infra HMC-14 --- .../.helmignore | 23 ++++++++++ .../Chart.yaml | 15 +++++++ .../templates/_helpers.tpl | 23 ++++++++++ .../templates/awscluster.yaml | 18 ++++++++ .../templates/awsmachinetemplate.yaml | 21 ++++++++++ .../templates/cluster.yaml | 17 ++++++++ .../templates/k0smotroncontrolplane.yaml | 42 +++++++++++++++++++ .../templates/k0sworkerconfigtemplate.yaml | 11 +++++ .../templates/machinedeployment.yaml | 25 +++++++++++ .../values.yaml | 34 +++++++++++++++ 10 files changed, 229 insertions(+) create mode 100644 charts/hmc-templates/aws/hmc-template-hosted-control-planes/.helmignore create mode 100644 charts/hmc-templates/aws/hmc-template-hosted-control-planes/Chart.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/_helpers.tpl create mode 100644 charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/awscluster.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/awsmachinetemplate.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/cluster.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/k0smotroncontrolplane.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/k0sworkerconfigtemplate.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/machinedeployment.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-hosted-control-planes/values.yaml diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/.helmignore b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/Chart.yaml b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/Chart.yaml new file mode 100644 index 000000000..37f3881d8 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v2 +name: hmc-template-hosted-control-planes +description: | + The HMC template to deploy kubernetes cluster with control plane components + within the management cluster. +type: application +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "0.1.0" diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/_helpers.tpl b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/_helpers.tpl new file mode 100644 index 000000000..5246e1a97 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/_helpers.tpl @@ -0,0 +1,23 @@ +{{- define "cluster.name" -}} + {{- .Values.clusterName | trunc 63 }} +{{- end }} + +{{- define "awsmachinetemplate.name" -}} + {{- include "cluster.name" . }}-mt +{{- end }} + +{{- define "k0smotroncontrolplane.name" -}} + {{- include "cluster.name" . }}-cp +{{- end }} + +{{- define "k0sworkerconfigtemplate.name" -}} + {{- include "cluster.name" . }}-machine-config +{{- end }} + +{{- define "machinedeployment.name" -}} + {{- include "cluster.name" . }}-md +{{- end }} + +{{- define "k0sconfig.name" -}} + {{- include "cluster.name" . }}-k0sconfig +{{- end }} \ No newline at end of file diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/awscluster.yaml b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/awscluster.yaml new file mode 100644 index 000000000..d9063699e --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/awscluster.yaml @@ -0,0 +1,18 @@ +apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 +kind: AWSCluster +metadata: + name: {{ include "cluster.name" . }} + annotations: + cluster.x-k8s.io/managed-by: k0smotron +spec: + region: {{ .Values.region }} + # identityRef: + # kind: AWSClusterStaticIdentity + # name: aws-identity-name + network: + vpc: + id: {{ .Values.vpcID }} + {{- with .Values.subnets }} + subnets: + {{- toYaml . | nindent 6 }} + {{- end }} \ No newline at end of file diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/awsmachinetemplate.yaml b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/awsmachinetemplate.yaml new file mode 100644 index 000000000..608eda2ad --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/awsmachinetemplate.yaml @@ -0,0 +1,21 @@ +apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 +kind: AWSMachineTemplate +metadata: + name: {{ include "awsmachinetemplate.name" . }} +spec: + template: + spec: + ami: + id: {{ .Values.amiID }} + instanceType: {{ .Values.instanceType }} + # Instance Profile created by `clusterawsadm bootstrap iam create-cloudformation-stack` + iamInstanceProfile: {{ .Values.iamInstanceProfile }} + cloudInit: + # Makes CAPA use k0s bootstrap cloud-init directly and not via SSM + # Simplifies the VPC setup as we do not need custom SSM endpoints etc. + insecureSkipSecretsManager: true + additionalSecurityGroups: + - id: {{ .Values.securityGroupID }} + {{- if .Values.sshKeyName }} + sshKeyName: {{ .Values.sshKeyName }} + {{- end }} diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/cluster.yaml b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/cluster.yaml new file mode 100644 index 000000000..eaef59c58 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/cluster.yaml @@ -0,0 +1,17 @@ +apiVersion: cluster.x-k8s.io/v1beta1 +kind: Cluster +metadata: + name: {{ include "cluster.name" . }} +spec: + {{- with .Values.clusterNetwork }} + clusterNetwork: + {{- toYaml . | nindent 4 }} + {{- end }} + controlPlaneRef: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: K0smotronControlPlane + name: {{ include "k0smotroncontrolplane.name" . }} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 + kind: AWSCluster + name: {{ include "cluster.name" . }} \ No newline at end of file diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/k0smotroncontrolplane.yaml b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/k0smotroncontrolplane.yaml new file mode 100644 index 000000000..97dc5cac0 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/k0smotroncontrolplane.yaml @@ -0,0 +1,42 @@ +apiVersion: controlplane.cluster.x-k8s.io/v1beta1 +kind: K0smotronControlPlane +metadata: + name: {{ include "k0smotroncontrolplane.name" . }} +spec: + replicas: 3 + # dirty hack + version: {{ .Values.k0s.version | replace "+" "-" }} + {{- with .Values.k0smotron.service }} + service: + {{- toYaml . | nindent 4 }} + {{- end }} + controllerPlaneFlags: + - "--enable-cloud-provider=true" + - "--debug=true" + k0sConfig: + apiVersion: k0s.k0sproject.io/v1beta1 + kind: ClusterConfig + metadata: + name: {{ include "k0sconfig.name" . }} + namespace: {{ .Release.Namespace }} + spec: + extensions: + helm: + repositories: + - name: aws-cloud-controller-manager + url: https://kubernetes.github.io/cloud-provider-aws + charts: + - name: aws-cloud-controller-manager + namespace: kube-system + chartname: aws-cloud-controller-manager/aws-cloud-controller-manager + version: "0.0.8" + values: | + args: + - --v=2 + - --cloud-provider=aws + - --cluster-cidr={{ first .Values.clusterNetwork.pods.cidrBlocks }} + - --allocate-node-cidrs=true + - --cluster-name={{ include "cluster.name" . }} + # Removing the default `node-role.kubernetes.io/control-plane` node selector + # TODO: it does not work + # nodeSelector: "" \ No newline at end of file diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/k0sworkerconfigtemplate.yaml b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/k0sworkerconfigtemplate.yaml new file mode 100644 index 000000000..90b654cb2 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/k0sworkerconfigtemplate.yaml @@ -0,0 +1,11 @@ +apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 +kind: K0sWorkerConfigTemplate +metadata: + name: {{ include "k0sworkerconfigtemplate.name" . }} +spec: + template: + spec: + version: {{ .Values.k0s.version }} + args: + - --enable-cloud-provider + - --kubelet-extra-args="--cloud-provider=external --hostname-override=$(hostname --fqdn)" \ No newline at end of file diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/machinedeployment.yaml b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/machinedeployment.yaml new file mode 100644 index 000000000..12c9d62ef --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/machinedeployment.yaml @@ -0,0 +1,25 @@ +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachineDeployment +metadata: + name: {{ include "machinedeployment.name" . }} +spec: + clusterName: {{ include "cluster.name" . }} + replicas: {{ .Values.workersNumber }} + selector: + matchLabels: + cluster.x-k8s.io/cluster-name: {{ include "cluster.name" . }} + template: + metadata: + labels: + cluster.x-k8s.io/cluster-name: {{ include "cluster.name" . }} + spec: + clusterName: {{ include "cluster.name" . }} + bootstrap: + configRef: + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: K0sWorkerConfigTemplate + name: {{ include "k0sworkerconfigtemplate.name" . }} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 + kind: AWSMachineTemplate + name: {{ include "awsmachinetemplate.name" . }} \ No newline at end of file diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/values.yaml b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/values.yaml new file mode 100644 index 000000000..b43299755 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-hosted-control-planes/values.yaml @@ -0,0 +1,34 @@ +# Cluster parameters +clusterName: k0s-aws +workersNumber: 2 + +clusterNetwork: + pods: + cidrBlocks: + - "10.244.0.0/16" + services: + cidrBlocks: + - "10.96.0.0/12" + +# AWS cluster parameters +vpcID: "" +region: "" +sshKeyName: "" +subnets: [] + +# AWS machines parameters +amiID: "" +iamInstanceProfile: nodes.cluster-api-provider-aws.sigs.k8s.io +instanceType: "" +securityGroupID: "" + +# K0smotron parameters +k0smotron: + service: + type: LoadBalancer + apiPort: 6443 + konnectivityPort: 8132 + +# K0s parameters +k0s: + version: v1.27.2+k0s.0 From bf6fdb95d95b506ef00cc90f7d7e7ef7b915d121 Mon Sep 17 00:00:00 2001 From: eromanova Date: Wed, 5 Jun 2024 17:18:44 +0400 Subject: [PATCH 02/19] Add k0s+aws template with bootstrapped control planes HMC-16 --- .../.helmignore | 23 ++++++++++ .../Chart.yaml | 14 +++++++ .../templates/_helpers.tpl | 27 ++++++++++++ .../templates/awscluster.yaml | 9 ++++ .../awsmachinetemplate-controlplane.yaml | 19 +++++++++ .../templates/awsmachinetemplate-worker.yaml | 19 +++++++++ .../templates/cluster.yaml | 17 ++++++++ .../templates/k0scontrolplane.yaml | 42 +++++++++++++++++++ .../templates/k0sworkerconfigtemplate.yaml | 11 +++++ .../templates/machinedeployment.yaml | 25 +++++++++++ .../values.yaml | 31 ++++++++++++++ 11 files changed, 237 insertions(+) create mode 100644 charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/.helmignore create mode 100644 charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/Chart.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/_helpers.tpl create mode 100644 charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/awscluster.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/awsmachinetemplate-controlplane.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/awsmachinetemplate-worker.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/cluster.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/k0scontrolplane.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/k0sworkerconfigtemplate.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/machinedeployment.yaml create mode 100644 charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/values.yaml diff --git a/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/.helmignore b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/Chart.yaml b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/Chart.yaml new file mode 100644 index 000000000..3fb6d2353 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/Chart.yaml @@ -0,0 +1,14 @@ +apiVersion: v2 +name: hmc-template-bootstrapped-control-planes +description: | + The HMC template to deploy kubernetes cluster with bootstrapped control plane nodes. +type: application +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "0.1.0" diff --git a/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/_helpers.tpl b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/_helpers.tpl new file mode 100644 index 000000000..0495f7a99 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/_helpers.tpl @@ -0,0 +1,27 @@ +{{- define "cluster.name" -}} + {{- .Values.clusterName | trunc 63 }} +{{- end }} + +{{- define "awsmachinetemplate.controlplane.name" -}} + {{- include "cluster.name" . }}-cp-mt +{{- end }} + +{{- define "awsmachinetemplate.worker.name" -}} + {{- include "cluster.name" . }}-worker-mt +{{- end }} + +{{- define "k0scontrolplane.name" -}} + {{- include "cluster.name" . }}-cp +{{- end }} + +{{- define "k0sworkerconfigtemplate.name" -}} + {{- include "cluster.name" . }}-machine-config +{{- end }} + +{{- define "machinedeployment.name" -}} + {{- include "cluster.name" . }}-md +{{- end }} + +{{- define "k0sconfig.name" -}} + {{- include "cluster.name" . }}-k0sconfig +{{- end }} \ No newline at end of file diff --git a/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/awscluster.yaml b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/awscluster.yaml new file mode 100644 index 000000000..fea4ad751 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/awscluster.yaml @@ -0,0 +1,9 @@ +apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 +kind: AWSCluster +metadata: + name: {{ include "cluster.name" . }} +spec: + region: {{ .Values.region }} + # identityRef: + # kind: AWSClusterStaticIdentity + # name: aws-identity-name \ No newline at end of file diff --git a/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/awsmachinetemplate-controlplane.yaml b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/awsmachinetemplate-controlplane.yaml new file mode 100644 index 000000000..5af105d17 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/awsmachinetemplate-controlplane.yaml @@ -0,0 +1,19 @@ +apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 +kind: AWSMachineTemplate +metadata: + name: {{ include "awsmachinetemplate.controlplane.name" . }} +spec: + template: + spec: + ami: + id: {{ .Values.controlPlane.amiID }} + instanceType: {{ .Values.controlPlane.instanceType }} + # Instance Profile created by `clusterawsadm bootstrap iam create-cloudformation-stack` + iamInstanceProfile: {{ .Values.controlPlane.iamInstanceProfile }} + cloudInit: + # Makes CAPA use k0s bootstrap cloud-init directly and not via SSM + # Simplifies the VPC setup as we do not need custom SSM endpoints etc. + insecureSkipSecretsManager: true + {{- if .Values.sshKeyName }} + sshKeyName: {{ .Values.sshKeyName }} + {{- end }} diff --git a/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/awsmachinetemplate-worker.yaml b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/awsmachinetemplate-worker.yaml new file mode 100644 index 000000000..c934fb4e7 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/awsmachinetemplate-worker.yaml @@ -0,0 +1,19 @@ +apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 +kind: AWSMachineTemplate +metadata: + name: {{ include "awsmachinetemplate.worker.name" . }} +spec: + template: + spec: + ami: + id: {{ .Values.worker.amiID }} + instanceType: {{ .Values.worker.instanceType }} + # Instance Profile created by `clusterawsadm bootstrap iam create-cloudformation-stack` + iamInstanceProfile: {{ .Values.worker.iamInstanceProfile }} + cloudInit: + # Makes CAPA use k0s bootstrap cloud-init directly and not via SSM + # Simplifies the VPC setup as we do not need custom SSM endpoints etc. + insecureSkipSecretsManager: true + {{- if .Values.sshKeyName }} + sshKeyName: {{ .Values.sshKeyName }} + {{- end }} diff --git a/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/cluster.yaml b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/cluster.yaml new file mode 100644 index 000000000..cb3425af5 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/cluster.yaml @@ -0,0 +1,17 @@ +apiVersion: cluster.x-k8s.io/v1beta1 +kind: Cluster +metadata: + name: {{ include "cluster.name" . }} +spec: + {{- with .Values.clusterNetwork }} + clusterNetwork: + {{- toYaml . | nindent 4 }} + {{- end }} + controlPlaneRef: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: K0sControlPlane + name: {{ include "k0scontrolplane.name" . }} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 + kind: AWSCluster + name: {{ include "cluster.name" . }} \ No newline at end of file diff --git a/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/k0scontrolplane.yaml b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/k0scontrolplane.yaml new file mode 100644 index 000000000..c693d6a8c --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/k0scontrolplane.yaml @@ -0,0 +1,42 @@ +apiVersion: controlplane.cluster.x-k8s.io/v1beta1 +kind: K0sControlPlane +metadata: + name: {{ include "k0scontrolplane.name" . }} +spec: + replicas: {{ .Values.controlPlaneNumber }} + # dirty hack + version: {{ .Values.k0s.version | replace "+" "-" }} + k0sConfigSpec: + k0s: + apiVersion: k0s.k0sproject.io/v1beta1 + kind: ClusterConfig + metadata: + name: {{ include "k0sconfig.name" . }} + namespace: {{ .Release.Namespace }} + spec: + api: + extraArgs: + anonymous-auth: "true" + extensions: + helm: + repositories: + - name: aws-cloud-controller-manager + url: https://kubernetes.github.io/cloud-provider-aws + charts: + - name: aws-cloud-controller-manager + namespace: kube-system + chartname: aws-cloud-controller-manager/aws-cloud-controller-manager + version: "0.0.8" + values: | + args: + - --v=2 + - --cloud-provider=aws + - --cluster-cidr={{ first .Values.clusterNetwork.pods.cidrBlocks }} + - --allocate-node-cidrs=true + - --cluster-name={{ include "cluster.name" . }} + machineTemplate: + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 + kind: AWSMachineTemplate + name: {{ include "awsmachinetemplate.controlplane.name" . }} + namespace: {{ .Release.Namespace }} \ No newline at end of file diff --git a/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/k0sworkerconfigtemplate.yaml b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/k0sworkerconfigtemplate.yaml new file mode 100644 index 000000000..90b654cb2 --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/k0sworkerconfigtemplate.yaml @@ -0,0 +1,11 @@ +apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 +kind: K0sWorkerConfigTemplate +metadata: + name: {{ include "k0sworkerconfigtemplate.name" . }} +spec: + template: + spec: + version: {{ .Values.k0s.version }} + args: + - --enable-cloud-provider + - --kubelet-extra-args="--cloud-provider=external --hostname-override=$(hostname --fqdn)" \ No newline at end of file diff --git a/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/machinedeployment.yaml b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/machinedeployment.yaml new file mode 100644 index 000000000..bb0aa863e --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/templates/machinedeployment.yaml @@ -0,0 +1,25 @@ +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachineDeployment +metadata: + name: {{ include "machinedeployment.name" . }} +spec: + clusterName: {{ include "cluster.name" . }} + replicas: {{ .Values.workersNumber }} + selector: + matchLabels: + cluster.x-k8s.io/cluster-name: {{ include "cluster.name" . }} + template: + metadata: + labels: + cluster.x-k8s.io/cluster-name: {{ include "cluster.name" . }} + spec: + clusterName: {{ include "cluster.name" . }} + bootstrap: + configRef: + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: K0sWorkerConfigTemplate + name: {{ include "k0sworkerconfigtemplate.name" . }} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 + kind: AWSMachineTemplate + name: {{ include "awsmachinetemplate.worker.name" . }} \ No newline at end of file diff --git a/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/values.yaml b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/values.yaml new file mode 100644 index 000000000..3f559032f --- /dev/null +++ b/charts/hmc-templates/aws/hmc-template-bootstrapped-control-planes/values.yaml @@ -0,0 +1,31 @@ +# Cluster parameters +clusterName: k0s-aws +controlPlaneNumber: 3 +workersNumber: 2 + +clusterNetwork: + pods: + cidrBlocks: + - "10.244.0.0/16" + services: + cidrBlocks: + - "10.96.0.0/12" + +# AWS cluster parameters +region: "" +sshKeyName: "" + +# AWS machines parameters +controlPlane: + amiID: "" + iamInstanceProfile: control-plane.cluster-api-provider-aws.sigs.k8s.io + instanceType: "" + +worker: + amiID: "" + iamInstanceProfile: nodes.cluster-api-provider-aws.sigs.k8s.io + instanceType: "" + +# K0s parameters +k0s: + version: v1.27.2+k0s.0 From cc3ce2fd4b9cdc250655508c8a5e3cad27e63023 Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Tue, 4 Jun 2024 12:47:24 +0700 Subject: [PATCH 03/19] Create hmc-system namespace when installing helm-controller Signed-off-by: Andrei Pavlov --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index c6a7c0ea5..6d2f4a8eb 100644 --- a/Makefile +++ b/Makefile @@ -133,7 +133,7 @@ endif .PHONY: deploy-helm-controller deploy-helm-controller: helm - $(HELM) upgrade --install --set $(FLUX_CHART_VALUES) helm-controller $(FLUX_CHART_REPOSITORY) --version $(FLUX_CHART_VERSION) -n hmc-system + $(HELM) upgrade --install --create-namespace --set $(FLUX_CHART_VALUES) helm-controller $(FLUX_CHART_REPOSITORY) --version $(FLUX_CHART_VERSION) -n hmc-system .PHONY: install install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. From d8ebe5649f1d06cb5a851a5d6feb358c6adb060c Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Tue, 4 Jun 2024 15:52:59 +0700 Subject: [PATCH 04/19] Fix rbac for AWSProvider resource Signed-off-by: Andrei Pavlov --- charts/hmc/templates/awsprovider-editor-rbac.yaml | 4 ++-- charts/hmc/templates/awsprovider-viewer-rbac.yaml | 4 ++-- charts/hmc/templates/manager-rbac.yaml | 6 +++--- config/rbac/awsprovider_editor_role.yaml | 4 ++-- config/rbac/awsprovider_viewer_role.yaml | 4 ++-- config/rbac/role.yaml | 6 +++--- internal/controller/hmcprovideraws_controller.go | 6 +++--- 7 files changed, 17 insertions(+), 17 deletions(-) diff --git a/charts/hmc/templates/awsprovider-editor-rbac.yaml b/charts/hmc/templates/awsprovider-editor-rbac.yaml index eaed60491..426bc30ec 100644 --- a/charts/hmc/templates/awsprovider-editor-rbac.yaml +++ b/charts/hmc/templates/awsprovider-editor-rbac.yaml @@ -8,7 +8,7 @@ rules: - apiGroups: - hmc.mirantis.com.hmc.mirantis.com resources: - - awsprovider + - awsproviders verbs: - create - delete @@ -20,6 +20,6 @@ rules: - apiGroups: - hmc.mirantis.com.hmc.mirantis.com resources: - - awsprovider/status + - awsproviders/status verbs: - get \ No newline at end of file diff --git a/charts/hmc/templates/awsprovider-viewer-rbac.yaml b/charts/hmc/templates/awsprovider-viewer-rbac.yaml index 1329bf7ad..5c71a39fd 100644 --- a/charts/hmc/templates/awsprovider-viewer-rbac.yaml +++ b/charts/hmc/templates/awsprovider-viewer-rbac.yaml @@ -8,7 +8,7 @@ rules: - apiGroups: - hmc.mirantis.com.hmc.mirantis.com resources: - - awsprovider + - awsproviders verbs: - get - list @@ -16,6 +16,6 @@ rules: - apiGroups: - hmc.mirantis.com.hmc.mirantis.com resources: - - awsprovider/status + - awsproviders/status verbs: - get \ No newline at end of file diff --git a/charts/hmc/templates/manager-rbac.yaml b/charts/hmc/templates/manager-rbac.yaml index 2fe5758d2..921c6e3fb 100644 --- a/charts/hmc/templates/manager-rbac.yaml +++ b/charts/hmc/templates/manager-rbac.yaml @@ -8,7 +8,7 @@ rules: - apiGroups: - hmc.mirantis.com resources: - - awsprovider + - awsproviders verbs: - create - delete @@ -20,13 +20,13 @@ rules: - apiGroups: - hmc.mirantis.com resources: - - awsprovider/finalizers + - awsproviders/finalizers verbs: - update - apiGroups: - hmc.mirantis.com resources: - - awsprovider/status + - awsproviders/status verbs: - get - patch diff --git a/config/rbac/awsprovider_editor_role.yaml b/config/rbac/awsprovider_editor_role.yaml index 249a58591..d952a3f21 100644 --- a/config/rbac/awsprovider_editor_role.yaml +++ b/config/rbac/awsprovider_editor_role.yaml @@ -10,7 +10,7 @@ rules: - apiGroups: - hmc.mirantis.com.hmc.mirantis.com resources: - - awsprovider + - awsproviders verbs: - create - delete @@ -22,6 +22,6 @@ rules: - apiGroups: - hmc.mirantis.com.hmc.mirantis.com resources: - - awsprovider/status + - awsproviders/status verbs: - get diff --git a/config/rbac/awsprovider_viewer_role.yaml b/config/rbac/awsprovider_viewer_role.yaml index 711b211fc..89eb7f7ba 100644 --- a/config/rbac/awsprovider_viewer_role.yaml +++ b/config/rbac/awsprovider_viewer_role.yaml @@ -10,7 +10,7 @@ rules: - apiGroups: - hmc.mirantis.com.hmc.mirantis.com resources: - - awsprovider + - awsproviders verbs: - get - list @@ -18,6 +18,6 @@ rules: - apiGroups: - hmc.mirantis.com.hmc.mirantis.com resources: - - awsprovider/status + - awsproviders/status verbs: - get diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index e052d7d70..ea39692a2 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -7,7 +7,7 @@ rules: - apiGroups: - hmc.mirantis.com resources: - - awsprovider + - awsproviders verbs: - create - delete @@ -19,13 +19,13 @@ rules: - apiGroups: - hmc.mirantis.com resources: - - awsprovider/finalizers + - awsproviders/finalizers verbs: - update - apiGroups: - hmc.mirantis.com resources: - - awsprovider/status + - awsproviders/status verbs: - get - patch diff --git a/internal/controller/hmcprovideraws_controller.go b/internal/controller/hmcprovideraws_controller.go index c95f73a68..d4d11f7cc 100644 --- a/internal/controller/hmcprovideraws_controller.go +++ b/internal/controller/hmcprovideraws_controller.go @@ -33,9 +33,9 @@ type AWSProviderReconciler struct { Scheme *runtime.Scheme } -//+kubebuilder:rbac:groups=hmc.mirantis.com,resources=awsprovider,verbs=get;list;watch;create;update;patch;delete -//+kubebuilder:rbac:groups=hmc.mirantis.com,resources=awsprovider/status,verbs=get;update;patch -//+kubebuilder:rbac:groups=hmc.mirantis.com,resources=awsprovider/finalizers,verbs=update +//+kubebuilder:rbac:groups=hmc.mirantis.com,resources=awsproviders,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=hmc.mirantis.com,resources=awsproviders/status,verbs=get;update;patch +//+kubebuilder:rbac:groups=hmc.mirantis.com,resources=awsproviders/finalizers,verbs=update // Reconcile is part of the main kubernetes reconciliation loop which aims to // move the current state of the cluster closer to the desired state. From 3caf43b1706f0df47440c597a072f8fdd62571f3 Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Tue, 4 Jun 2024 21:33:13 +0700 Subject: [PATCH 05/19] Add external CRDs for testing Signed-off-by: Andrei Pavlov --- Makefile | 27 ++++++++++++++++++++++++++- internal/controller/suite_test.go | 3 ++- 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 6d2f4a8eb..60946a79d 100644 --- a/Makefile +++ b/Makefile @@ -60,7 +60,7 @@ vet: ## Run go vet against code. go vet ./... .PHONY: test -test: manifests generate fmt vet envtest ## Run tests. +test: manifests generate fmt vet envtest external-crd ## Run tests. KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test $$(go list ./... | grep -v /e2e) -coverprofile cover.out # Utilize Kind or modify the e2e tests to load the image locally, enabling compatibility with other vendors. @@ -159,6 +159,16 @@ LOCALBIN ?= $(shell pwd)/bin $(LOCALBIN): mkdir -p $(LOCALBIN) +EXTERNAL_CRD_DIR ?= $(LOCALBIN)/crd +$(EXTERNAL_CRD_DIR): $(LOCALBIN) + mkdir -p $(EXTERNAL_CRD_DIR) + +FLUX_SOURCE_VERSION ?= $(shell go mod edit -json | jq -r '.Require[] | select(.Path == "github.com/fluxcd/source-controller/api") | .Version') +FLUX_SOURCE_REPO_CRD ?= $(EXTERNAL_CRD_DIR)/source-helmrepositories-$(FLUX_SOURCE_VERSION).yaml +FLUX_SOURCE_CHART_CRD ?= $(EXTERNAL_CRD_DIR)/source-helmchart-$(FLUX_SOURCE_VERSION).yaml +FLUX_HELM_VERSION ?= $(shell go mod edit -json | jq -r '.Require[] | select(.Path == "github.com/fluxcd/helm-controller/api") | .Version') +FLUX_HELM_CRD ?= $(EXTERNAL_CRD_DIR)/helm-$(FLUX_HELM_VERSION).yaml + ## Tool Binaries KUBECTL ?= kubectl KUSTOMIZE ?= $(LOCALBIN)/kustomize-$(KUSTOMIZE_VERSION) @@ -211,6 +221,21 @@ helmify: $(HELMIFY) ## Download helmify locally if necessary. $(HELMIFY): $(LOCALBIN) $(call go-install-tool,$(HELMIFY),github.com/arttor/helmify/cmd/helmify,${HELMIFY_VERSION}) +$(FLUX_HELM_CRD): $(EXTERNAL_CRD_DIR) + rm -f $(FLUX_HELM_CRD) + curl -s https://raw.githubusercontent.com/fluxcd/helm-controller/$(FLUX_HELM_VERSION)/config/crd/bases/helm.toolkit.fluxcd.io_helmreleases.yaml > $(FLUX_HELM_CRD) + +$(FLUX_SOURCE_CHART_CRD): $(EXTERNAL_CRD_DIR) + rm -f $(FLUX_SOURCE_CHART_CRD) + curl -s https://raw.githubusercontent.com/fluxcd/source-controller/$(FLUX_SOURCE_VERSION)/config/crd/bases/source.toolkit.fluxcd.io_helmcharts.yaml > $(FLUX_SOURCE_CHART_CRD) + +$(FLUX_SOURCE_REPO_CRD): $(EXTERNAL_CRD_DIR) + rm -f $(FLUX_SOURCE_REPO_CRD) + curl -s https://raw.githubusercontent.com/fluxcd/source-controller/$(FLUX_SOURCE_VERSION)/config/crd/bases/source.toolkit.fluxcd.io_helmrepositories.yaml > $(FLUX_SOURCE_REPO_CRD) + +.PHONY: external-crd +external-crd: $(FLUX_HELM_CRD) $(FLUX_SOURCE_CHART_CRD) $(FLUX_SOURCE_REPO_CRD) + # go-install-tool will 'go install' any package with custom target and name of binary, if it doesn't exist # $1 - target path with name of binary (ideally with version) # $2 - package url which can be installed diff --git a/internal/controller/suite_test.go b/internal/controller/suite_test.go index c7e8fd2be..b14622e78 100644 --- a/internal/controller/suite_test.go +++ b/internal/controller/suite_test.go @@ -54,7 +54,8 @@ var _ = BeforeSuite(func() { By("bootstrapping test environment") testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "..", "config", "crd", "bases")}, + CRDDirectoryPaths: []string{filepath.Join("..", "..", "config", "crd", "bases"), + filepath.Join("..", "..", "bin", "crd")}, ErrorIfCRDPathMissing: true, // The BinaryAssetsDirectory is only required if you want to run the tests directly From 4e0b33c987ec14ee179a45b973e85bb17bc6357c Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Sun, 2 Jun 2024 14:31:28 +0700 Subject: [PATCH 06/19] Add hmc templates controller Signed-off-by: Andrei Pavlov --- Dockerfile | 4 +- ...videraws_types.go => awsprovider_types.go} | 0 ...eployment_types.go => deployment_types.go} | 8 +- ...anagement_types.go => management_types.go} | 0 ...hmctemplate_types.go => template_types.go} | 36 ++- api/v1alpha1/zz_generated.deepcopy.go | 27 ++- charts/hmc/templates/manager-rbac.yaml | 13 + charts/hmc/templates/template-crd.yaml | 58 ++++- cmd/main.go | 4 + .../crd/bases/hmc.mirantis.com_templates.yaml | 58 ++++- config/rbac/role.yaml | 13 + go.mod | 70 +++--- go.sum | 170 ++++++------- ...controller.go => deployment_controller.go} | 0 ..._test.go => deployment_controller_test.go} | 0 internal/controller/hmctemplate_controller.go | 62 ----- ...controller.go => management_controller.go} | 0 ..._test.go => management_controller_test.go} | 0 ...ontroller.go => provideraws_controller.go} | 0 ...test.go => provideraws_controller_test.go} | 0 internal/controller/suite_test.go | 6 + internal/controller/template_controller.go | 226 ++++++++++++++++++ ...er_test.go => template_controller_test.go} | 14 +- internal/utils/helm.go | 93 +++++++ 24 files changed, 661 insertions(+), 201 deletions(-) rename api/v1alpha1/{hmcprovideraws_types.go => awsprovider_types.go} (100%) rename api/v1alpha1/{hmcdeployment_types.go => deployment_types.go} (92%) rename api/v1alpha1/{hmcmanagement_types.go => management_types.go} (100%) rename api/v1alpha1/{hmctemplate_types.go => template_types.go} (57%) rename internal/controller/{hmcdeployment_controller.go => deployment_controller.go} (100%) rename internal/controller/{hmcdeployment_controller_test.go => deployment_controller_test.go} (100%) delete mode 100644 internal/controller/hmctemplate_controller.go rename internal/controller/{hmcmanagement_controller.go => management_controller.go} (100%) rename internal/controller/{hmcmanagement_controller_test.go => management_controller_test.go} (100%) rename internal/controller/{hmcprovideraws_controller.go => provideraws_controller.go} (100%) rename internal/controller/{hmcprovideraws_controller_test.go => provideraws_controller_test.go} (100%) create mode 100644 internal/controller/template_controller.go rename internal/controller/{hmctemplate_controller_test.go => template_controller_test.go} (90%) create mode 100644 internal/utils/helm.go diff --git a/Dockerfile b/Dockerfile index aca26f922..4ba18b68c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM golang:1.21 AS builder +FROM golang:1.22 AS builder ARG TARGETOS ARG TARGETARCH @@ -14,7 +14,7 @@ RUN go mod download # Copy the go source COPY cmd/main.go cmd/main.go COPY api/ api/ -COPY internal/controller/ internal/controller/ +COPY internal/ internal/ # Build # the GOARCH has not a default value to allow the binary be built according to the host where the command diff --git a/api/v1alpha1/hmcprovideraws_types.go b/api/v1alpha1/awsprovider_types.go similarity index 100% rename from api/v1alpha1/hmcprovideraws_types.go rename to api/v1alpha1/awsprovider_types.go diff --git a/api/v1alpha1/hmcdeployment_types.go b/api/v1alpha1/deployment_types.go similarity index 92% rename from api/v1alpha1/hmcdeployment_types.go rename to api/v1alpha1/deployment_types.go index 56b6eb614..9d05cb0e6 100644 --- a/api/v1alpha1/hmcdeployment_types.go +++ b/api/v1alpha1/deployment_types.go @@ -24,16 +24,16 @@ import ( // DeploymentSpec defines the desired state of Deployment type DeploymentSpec struct { // DryRun specifies whether the template should be applied after validation or only validated. - // +kubebuilder:validation:Optional - DryRun bool `json:"dryRun"` + // +optional + DryRun bool `json:"dryRun,omitempty"` // Template is a reference to a Template object located in the same namespace. // +kubebuilder:validation:Required Template string `json:"template"` // Configuration allows to provide parameters for template customization. // If no Configuration provided, the field will be populated with the default values for // the template and DryRun will be enabled. - // +kubebuilder:validation:Optional - Configuration apiextensionsv1.JSON `json:"configuration"` + // +optional + Configuration apiextensionsv1.JSON `json:"configuration,omitempty"` } // DeploymentStatus defines the observed state of Deployment diff --git a/api/v1alpha1/hmcmanagement_types.go b/api/v1alpha1/management_types.go similarity index 100% rename from api/v1alpha1/hmcmanagement_types.go rename to api/v1alpha1/management_types.go diff --git a/api/v1alpha1/hmctemplate_types.go b/api/v1alpha1/template_types.go similarity index 57% rename from api/v1alpha1/hmctemplate_types.go rename to api/v1alpha1/template_types.go index e58d38041..834310881 100644 --- a/api/v1alpha1/hmctemplate_types.go +++ b/api/v1alpha1/template_types.go @@ -17,7 +17,15 @@ limitations under the License. package v1alpha1 import ( + apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + helmcontrollerv2 "github.com/fluxcd/helm-controller/api/v2" +) + +const ( + // TemplateKind is the string representation of a Template. + TemplateKind = "Template" ) // TemplateSpec defines the desired state of Template @@ -26,9 +34,25 @@ type TemplateSpec struct { // +kubebuilder:validation:Enum=aws // +kubebuilder:validation:Required Provider string `json:"provider"` - // HelmChartURL is a URL of the helm chart representing the template. + // Helm holds a reference to a Helm chart representing the HMC template // +kubebuilder:validation:Required - HelmChartURL string `json:"helmChartURL"` + Helm HelmSpec `json:"helm"` +} + +// +kubebuilder:validation:XValidation:rule="(has(self.chartName) && !has(self.chartRef)) || (!has(self.chartName) && has(self.chartRef))", message="either chartName or chartRef must be set" + +// HelmSpec references a Helm chart representing the HMC template +type HelmSpec struct { + // ChartName is a name of a Helm chart representing the template in the HMC repository. + // +optional + ChartName string `json:"chartName,omitempty"` + // ChartVersion is a version of a Helm chart representing the template in the HMC repository. + // +optional + ChartVersion string `json:"chartVersion,omitempty"` + // ChartRef is a reference to a source controller resource containing the + // Helm chart representing the template. + // +optional + ChartRef *helmcontrollerv2.CrossNamespaceSourceReference `json:"chartRef,omitempty"` } // TemplateStatus defines the observed state of Template @@ -36,7 +60,11 @@ type TemplateStatus struct { TemplateValidationStatus `json:",inline"` // Descriptions contains information about the template. // +optional - Description string `json:"description"` + Description string `json:"description,omitempty"` + // Configuration demonstrates available parameters for template customization, + // that can be used when creating Deployment objects. + // +optional + Configuration apiextensionsv1.JSON `json:"configuration,omitempty"` } type TemplateValidationStatus struct { @@ -44,7 +72,7 @@ type TemplateValidationStatus struct { Valid bool `json:"valid"` // ValidationError provides information regarding issues encountered during template validation. // +optional - ValidationError string `json:"validationError"` + ValidationError string `json:"validationError,omitempty"` } //+kubebuilder:object:root=true diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 568d10d69..a55e1e5fa 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -21,6 +21,7 @@ limitations under the License. package v1alpha1 import ( + "github.com/fluxcd/helm-controller/api/v2" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -204,6 +205,26 @@ func (in *DeploymentStatus) DeepCopy() *DeploymentStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HelmSpec) DeepCopyInto(out *HelmSpec) { + *out = *in + if in.ChartRef != nil { + in, out := &in.ChartRef, &out.ChartRef + *out = new(v2.CrossNamespaceSourceReference) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmSpec. +func (in *HelmSpec) DeepCopy() *HelmSpec { + if in == nil { + return nil + } + out := new(HelmSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Management) DeepCopyInto(out *Management) { *out = *in @@ -298,8 +319,8 @@ func (in *Template) DeepCopyInto(out *Template) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - out.Status = in.Status + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Template. @@ -355,6 +376,7 @@ func (in *TemplateList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TemplateSpec) DeepCopyInto(out *TemplateSpec) { *out = *in + in.Helm.DeepCopyInto(&out.Helm) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TemplateSpec. @@ -371,6 +393,7 @@ func (in *TemplateSpec) DeepCopy() *TemplateSpec { func (in *TemplateStatus) DeepCopyInto(out *TemplateStatus) { *out = *in out.TemplateValidationStatus = in.TemplateValidationStatus + in.Configuration.DeepCopyInto(&out.Configuration) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TemplateStatus. diff --git a/charts/hmc/templates/manager-rbac.yaml b/charts/hmc/templates/manager-rbac.yaml index 921c6e3fb..7101d30b9 100644 --- a/charts/hmc/templates/manager-rbac.yaml +++ b/charts/hmc/templates/manager-rbac.yaml @@ -109,6 +109,19 @@ rules: - get - patch - update +- apiGroups: + - source.toolkit.fluxcd.io + resources: + - helmcharts + - helmrepositories + verbs: + - create + - delete + - get + - list + - patch + - update + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding diff --git a/charts/hmc/templates/template-crd.yaml b/charts/hmc/templates/template-crd.yaml index bbec9f24e..b2f25b005 100644 --- a/charts/hmc/templates/template-crd.yaml +++ b/charts/hmc/templates/template-crd.yaml @@ -40,10 +40,53 @@ spec: spec: description: TemplateSpec defines the desired state of Template properties: - helmChartURL: - description: HelmChartURL is a URL of the helm chart representing the - template. - type: string + helm: + description: Helm holds a reference to a Helm chart representing the + HMC template + properties: + chartName: + description: ChartName is a name of a Helm chart representing the + template in the HMC repository. + type: string + chartRef: + description: |- + ChartRef is a reference to a source controller resource containing the + Helm chart representing the template. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object + chartVersion: + description: ChartVersion is a version of a Helm chart representing + the template in the HMC repository. + type: string + type: object + x-kubernetes-validations: + - message: either chartName or chartRef must be set + rule: (has(self.chartName) && !has(self.chartRef)) || (!has(self.chartName) + && has(self.chartRef)) provider: description: Provider specifies a CAPI provider associated with the template. @@ -51,12 +94,17 @@ spec: - aws type: string required: - - helmChartURL + - helm - provider type: object status: description: TemplateStatus defines the observed state of Template properties: + configuration: + description: |- + Configuration demonstrates available parameters for template customization, + that can be used when creating Deployment objects. + x-kubernetes-preserve-unknown-fields: true description: description: Descriptions contains information about the template. type: string diff --git a/cmd/main.go b/cmd/main.go index e0b1f3d19..b681a8ad4 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -25,6 +25,8 @@ import ( // to ensure that exec-entrypoint and run can make use of them. _ "k8s.io/client-go/plugin/pkg/client/auth" + hcv2 "github.com/fluxcd/helm-controller/api/v2" + sourcev1 "github.com/fluxcd/source-controller/api/v1" "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" @@ -48,6 +50,8 @@ func init() { utilruntime.Must(clientgoscheme.AddToScheme(scheme)) utilruntime.Must(hmcmirantiscomv1alpha1.AddToScheme(scheme)) + utilruntime.Must(sourcev1.AddToScheme(scheme)) + utilruntime.Must(hcv2.AddToScheme(scheme)) //+kubebuilder:scaffold:scheme } diff --git a/config/crd/bases/hmc.mirantis.com_templates.yaml b/config/crd/bases/hmc.mirantis.com_templates.yaml index b07c4523d..01adfd8ef 100644 --- a/config/crd/bases/hmc.mirantis.com_templates.yaml +++ b/config/crd/bases/hmc.mirantis.com_templates.yaml @@ -39,10 +39,53 @@ spec: spec: description: TemplateSpec defines the desired state of Template properties: - helmChartURL: - description: HelmChartURL is a URL of the helm chart representing - the template. - type: string + helm: + description: Helm holds a reference to a Helm chart representing the + HMC template + properties: + chartName: + description: ChartName is a name of a Helm chart representing + the template in the HMC repository. + type: string + chartRef: + description: |- + ChartRef is a reference to a source controller resource containing the + Helm chart representing the template. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - HelmChart + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent, defaults to the namespace of the Kubernetes + resource object that contains the reference. + maxLength: 63 + minLength: 1 + type: string + required: + - kind + - name + type: object + chartVersion: + description: ChartVersion is a version of a Helm chart representing + the template in the HMC repository. + type: string + type: object + x-kubernetes-validations: + - message: either chartName or chartRef must be set + rule: (has(self.chartName) && !has(self.chartRef)) || (!has(self.chartName) + && has(self.chartRef)) provider: description: Provider specifies a CAPI provider associated with the template. @@ -50,12 +93,17 @@ spec: - aws type: string required: - - helmChartURL + - helm - provider type: object status: description: TemplateStatus defines the observed state of Template properties: + configuration: + description: |- + Configuration demonstrates available parameters for template customization, + that can be used when creating Deployment objects. + x-kubernetes-preserve-unknown-fields: true description: description: Descriptions contains information about the template. type: string diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index ea39692a2..b96e67af0 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -108,3 +108,16 @@ rules: - get - patch - update +- apiGroups: + - source.toolkit.fluxcd.io + resources: + - helmcharts + - helmrepositories + verbs: + - create + - delete + - get + - list + - patch + - update + - watch diff --git a/go.mod b/go.mod index fa560acc9..71ea6391b 100644 --- a/go.mod +++ b/go.mod @@ -1,73 +1,81 @@ module github.com/Mirantis/hmc -go 1.21 +go 1.22.0 require ( + github.com/fluxcd/helm-controller/api v1.0.1 + github.com/fluxcd/source-controller/api v1.3.0 + github.com/hashicorp/go-retryablehttp v0.7.7 github.com/onsi/ginkgo/v2 v2.19.0 github.com/onsi/gomega v1.33.1 - k8s.io/apiextensions-apiserver v0.29.2 - k8s.io/apimachinery v0.29.2 - k8s.io/client-go v0.29.2 - sigs.k8s.io/controller-runtime v0.17.3 + github.com/opencontainers/go-digest v1.0.1-0.20231025023718-d50d2fec9c98 + helm.sh/helm/v3 v3.14.4 + k8s.io/apiextensions-apiserver v0.30.0 + k8s.io/apimachinery v0.30.0 + k8s.io/client-go v0.30.0 + sigs.k8s.io/controller-runtime v0.18.1 + sigs.k8s.io/yaml v1.4.0 ) require ( + github.com/Masterminds/semver/v3 v3.2.1 // indirect github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.2.0 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.11.0 // indirect - github.com/evanphx/json-patch/v5 v5.8.0 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect + github.com/emicklei/go-restful/v3 v3.12.0 // indirect + github.com/evanphx/json-patch/v5 v5.9.0 // indirect + github.com/fluxcd/pkg/apis/acl v0.3.0 // indirect + github.com/fluxcd/pkg/apis/kustomize v1.5.0 // indirect + github.com/fluxcd/pkg/apis/meta v1.5.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/go-logr/logr v1.4.1 // indirect github.com/go-logr/zapr v1.3.0 // indirect - github.com/go-openapi/jsonpointer v0.19.6 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect + github.com/go-openapi/jsonreference v0.21.0 // indirect + github.com/go-openapi/swag v0.23.0 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/golang/protobuf v1.5.3 // indirect + github.com/golang/protobuf v1.5.4 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 // indirect - github.com/google/uuid v1.3.0 // indirect - github.com/imdario/mergo v0.3.6 // indirect + github.com/google/uuid v1.6.0 // indirect + github.com/hashicorp/go-cleanhttp v0.5.2 // indirect + github.com/imdario/mergo v0.3.16 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/pkg/errors v0.9.1 // indirect - github.com/prometheus/client_golang v1.18.0 // indirect - github.com/prometheus/client_model v0.5.0 // indirect - github.com/prometheus/common v0.45.0 // indirect - github.com/prometheus/procfs v0.12.0 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect + github.com/prometheus/client_golang v1.19.0 // indirect + github.com/prometheus/client_model v0.6.1 // indirect + github.com/prometheus/common v0.53.0 // indirect + github.com/prometheus/procfs v0.14.0 // indirect github.com/spf13/pflag v1.0.5 // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.26.0 // indirect - golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect + go.uber.org/zap v1.27.0 // indirect + golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f // indirect golang.org/x/net v0.25.0 // indirect - golang.org/x/oauth2 v0.12.0 // indirect + golang.org/x/oauth2 v0.19.0 // indirect golang.org/x/sys v0.20.0 // indirect golang.org/x/term v0.20.0 // indirect golang.org/x/text v0.15.0 // indirect - golang.org/x/time v0.3.0 // indirect + golang.org/x/time v0.5.0 // indirect golang.org/x/tools v0.21.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/appengine v1.6.7 // indirect google.golang.org/protobuf v1.33.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.29.2 // indirect - k8s.io/component-base v0.29.2 // indirect - k8s.io/klog/v2 v2.110.1 // indirect - k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect - k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect + k8s.io/api v0.30.0 // indirect + k8s.io/klog/v2 v2.120.1 // indirect + k8s.io/kube-openapi v0.0.0-20240411171206-dc4e619f62f3 // indirect + k8s.io/utils v0.0.0-20240310230437-4693a0247e57 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect - sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/go.sum b/go.sum index 5269b9bc8..65b9f12bf 100644 --- a/go.sum +++ b/go.sum @@ -1,43 +1,53 @@ +github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0= +github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= -github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= -github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= -github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch/v5 v5.8.0 h1:lRj6N9Nci7MvzrXuX6HFzU8XjmhPiXPlsKEy1u0KQro= -github.com/evanphx/json-patch/v5 v5.8.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/emicklei/go-restful/v3 v3.12.0 h1:y2DdzBAURM29NFF94q6RaY4vjIH1rtwDapwQtU84iWk= +github.com/emicklei/go-restful/v3 v3.12.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= +github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= +github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= +github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= +github.com/fluxcd/helm-controller/api v1.0.1 h1:Gn9qEVuif6D5+gHmVwTEZkR4+nmLOcOhKx4Sw2gL2EA= +github.com/fluxcd/helm-controller/api v1.0.1/go.mod h1:/6AD5a2qjo/ttxVM8GR33syLZwqigta60DCLdy8GrME= +github.com/fluxcd/pkg/apis/acl v0.3.0 h1:UOrKkBTOJK+OlZX7n8rWt2rdBmDCoTK+f5TY2LcZi8A= +github.com/fluxcd/pkg/apis/acl v0.3.0/go.mod h1:WVF9XjSMVBZuU+HTTiSebGAWMgM7IYexFLyVWbK9bNY= +github.com/fluxcd/pkg/apis/kustomize v1.5.0 h1:ah4sfqccnio+/5Edz/tVz6LetFhiBoDzXAElj6fFCzU= +github.com/fluxcd/pkg/apis/kustomize v1.5.0/go.mod h1:nEzhnhHafhWOUUV8VMFLojUOH+HHDEsL75y54mt/c30= +github.com/fluxcd/pkg/apis/meta v1.5.0 h1:/G82d2Az5D9op3F+wJUpD8jw/eTV0suM6P7+cSURoUM= +github.com/fluxcd/pkg/apis/meta v1.5.0/go.mod h1:Y3u7JomuuKtr5fvP1Iji2/50FdRe5GcBug2jawNVkdM= +github.com/fluxcd/source-controller/api v1.3.0 h1:Z5Lq0aJY87yg0cQDEuwGLKS60GhdErCHtsi546HUt10= +github.com/fluxcd/source-controller/api v1.3.0/go.mod h1:+tfd0vltjcVs/bbnq9AlYR9AAHSVfM/Z4v4TpQmdJf4= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= +github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= +github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= @@ -46,27 +56,32 @@ github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 h1:k7nVchz72niMH6YLQNvHSdIE7iqsQxK1P41mySCvssg= github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28= -github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= +github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= +github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= +github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU= +github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk= +github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= +github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= -github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= +github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -78,55 +93,52 @@ github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= +github.com/opencontainers/go-digest v1.0.1-0.20231025023718-d50d2fec9c98 h1:H55sU3giNgBkIvmAo0vI/AAFwVTwfWsf6MN3+9H6U8o= +github.com/opencontainers/go-digest v1.0.1-0.20231025023718-d50d2fec9c98/go.mod h1:RqnyioA3pIEZMkSbOIcrw32YSgETfn/VrLuEikEdPNU= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk= -github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlkOQntgjkJWKrN5txjA= -github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= -github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= -github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM= -github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY= -github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= -github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU= +github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= +github.com/prometheus/common v0.53.0 h1:U2pL9w9nmJwJDa4qqLQ3ZaePJ6ZTwt7cMD3AG3+aLCE= +github.com/prometheus/common v0.53.0/go.mod h1:BrxBKv3FWBIGXw89Mg1AeBq7FSyRzXWI3l3e7W3RN5U= +github.com/prometheus/procfs v0.14.0 h1:Lw4VdGGoKEZilJsayHf0B+9YgLGREba2C6xr+Fdfq6s= +github.com/prometheus/procfs v0.14.0/go.mod h1:XL+Iwz8k8ZabyZfMFHPiilCniixqQarAy5Mu67pHlNQ= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= +github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= -go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e h1:+WEEuIdZHnUeJJmEUjyYC2gfUMj69yZXw17EnHg/otA= -golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA= +golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f h1:99ci1mjWVBWwJiEKYY6jWa4d2nTQVIEhZIptnrVb1XY= +golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f/go.mod h1:/lliqkxwWAhPjf5oSOIJup2XcqJaw8RGS6k3TGEc7GI= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= -golang.org/x/oauth2 v0.12.0 h1:smVPGxink+n1ZI5pkQa8y6fZT0RW0MgCO5bFpepy4B4= -golang.org/x/oauth2 v0.12.0/go.mod h1:A74bZ3aGXgCY0qaIC9Ahg6Lglin4AMAco8cIv9baba4= +golang.org/x/oauth2 v0.19.0 h1:9+E/EZBCbTLNrbN35fHv/a/d/mOBatymz1zbtQrXpIg= +golang.org/x/oauth2 v0.19.0/go.mod h1:vYi7skDa1x015PmRRYZ7+s1cWyPgrPiSYRe4rnsexc8= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -138,12 +150,11 @@ golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw= golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk= golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= @@ -156,10 +167,6 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -170,27 +177,26 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.29.2 h1:hBC7B9+MU+ptchxEqTNW2DkUosJpp1P+Wn6YncZ474A= -k8s.io/api v0.29.2/go.mod h1:sdIaaKuU7P44aoyyLlikSLayT6Vb7bvJNCX105xZXY0= -k8s.io/apiextensions-apiserver v0.29.2 h1:UK3xB5lOWSnhaCk0RFZ0LUacPZz9RY4wi/yt2Iu+btg= -k8s.io/apiextensions-apiserver v0.29.2/go.mod h1:aLfYjpA5p3OwtqNXQFkhJ56TB+spV8Gc4wfMhUA3/b8= -k8s.io/apimachinery v0.29.2 h1:EWGpfJ856oj11C52NRCHuU7rFDwxev48z+6DSlGNsV8= -k8s.io/apimachinery v0.29.2/go.mod h1:6HVkd1FwxIagpYrHSwJlQqZI3G9LfYWRPAkUvLnXTKU= -k8s.io/client-go v0.29.2 h1:FEg85el1TeZp+/vYJM7hkDlSTFZ+c5nnK44DJ4FyoRg= -k8s.io/client-go v0.29.2/go.mod h1:knlvFZE58VpqbQpJNbCbctTVXcd35mMyAAwBdpt4jrA= -k8s.io/component-base v0.29.2 h1:lpiLyuvPA9yV1aQwGLENYyK7n/8t6l3nn3zAtFTJYe8= -k8s.io/component-base v0.29.2/go.mod h1:BfB3SLrefbZXiBfbM+2H1dlat21Uewg/5qtKOl8degM= -k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= -k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.17.3 h1:65QmN7r3FWgTxDMz9fvGnO1kbf2nu+acg9p2R9oYYYk= -sigs.k8s.io/controller-runtime v0.17.3/go.mod h1:N0jpP5Lo7lMTF9aL56Z/B2oWBJjey6StQM0jRbKQXtY= +helm.sh/helm/v3 v3.14.4 h1:6FSpEfqyDalHq3kUr4gOMThhgY55kXUEjdQoyODYnrM= +helm.sh/helm/v3 v3.14.4/go.mod h1:Tje7LL4gprZpuBNTbG34d1Xn5NmRT3OWfBRwpOSer9I= +k8s.io/api v0.30.0 h1:siWhRq7cNjy2iHssOB9SCGNCl2spiF1dO3dABqZ8niA= +k8s.io/api v0.30.0/go.mod h1:OPlaYhoHs8EQ1ql0R/TsUgaRPhpKNxIMrKQfWUp8QSE= +k8s.io/apiextensions-apiserver v0.30.0 h1:jcZFKMqnICJfRxTgnC4E+Hpcq8UEhT8B2lhBcQ+6uAs= +k8s.io/apiextensions-apiserver v0.30.0/go.mod h1:N9ogQFGcrbWqAY9p2mUAL5mGxsLqwgtUce127VtRX5Y= +k8s.io/apimachinery v0.30.0 h1:qxVPsyDM5XS96NIh9Oj6LavoVFYff/Pon9cZeDIkHHA= +k8s.io/apimachinery v0.30.0/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= +k8s.io/client-go v0.30.0 h1:sB1AGGlhY/o7KCyCEQ0bPWzYDL0pwOZO4vAtTSh/gJQ= +k8s.io/client-go v0.30.0/go.mod h1:g7li5O5256qe6TYdAMyX/otJqMhIiGgTapdLchhmOaY= +k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= +k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240411171206-dc4e619f62f3 h1:SbdLaI6mM6ffDSJCadEaD4IkuPzepLDGlkd2xV0t1uA= +k8s.io/kube-openapi v0.0.0-20240411171206-dc4e619f62f3/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= +k8s.io/utils v0.0.0-20240310230437-4693a0247e57 h1:gbqbevonBh57eILzModw6mrkbwM0gQBEuevE/AaBsHY= +k8s.io/utils v0.0.0-20240310230437-4693a0247e57/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.18.1 h1:RpWbigmuiylbxOCLy0tGnq1cU1qWPwNIQzoJk+QeJx4= +sigs.k8s.io/controller-runtime v0.18.1/go.mod h1:tuAt1+wbVsXIT8lPtk5RURxqAnq7xkpv2Mhttslg7Hw= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= diff --git a/internal/controller/hmcdeployment_controller.go b/internal/controller/deployment_controller.go similarity index 100% rename from internal/controller/hmcdeployment_controller.go rename to internal/controller/deployment_controller.go diff --git a/internal/controller/hmcdeployment_controller_test.go b/internal/controller/deployment_controller_test.go similarity index 100% rename from internal/controller/hmcdeployment_controller_test.go rename to internal/controller/deployment_controller_test.go diff --git a/internal/controller/hmctemplate_controller.go b/internal/controller/hmctemplate_controller.go deleted file mode 100644 index b34cd0fe8..000000000 --- a/internal/controller/hmctemplate_controller.go +++ /dev/null @@ -1,62 +0,0 @@ -/* -Copyright 2024. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package controller - -import ( - "context" - - "k8s.io/apimachinery/pkg/runtime" - ctrl "sigs.k8s.io/controller-runtime" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/log" - - hmcmirantiscomv1alpha1 "github.com/Mirantis/hmc/api/v1alpha1" -) - -// TemplateReconciler reconciles a Template object -type TemplateReconciler struct { - client.Client - Scheme *runtime.Scheme -} - -//+kubebuilder:rbac:groups=hmc.mirantis.com,resources=templates,verbs=get;list;watch;create;update;patch;delete -//+kubebuilder:rbac:groups=hmc.mirantis.com,resources=templates/status,verbs=get;update;patch -//+kubebuilder:rbac:groups=hmc.mirantis.com,resources=templates/finalizers,verbs=update - -// Reconcile is part of the main kubernetes reconciliation loop which aims to -// move the current state of the cluster closer to the desired state. -// TODO(user): Modify the Reconcile function to compare the state specified by -// the Template object against the actual cluster state, and then -// perform operations to make the cluster state reflect the state specified by -// the user. -// -// For more details, check Reconcile and its Result here: -// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.17.3/pkg/reconcile -func (r *TemplateReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { - _ = log.FromContext(ctx) - - // TODO(user): your logic here - - return ctrl.Result{}, nil -} - -// SetupWithManager sets up the controller with the Manager. -func (r *TemplateReconciler) SetupWithManager(mgr ctrl.Manager) error { - return ctrl.NewControllerManagedBy(mgr). - For(&hmcmirantiscomv1alpha1.Template{}). - Complete(r) -} diff --git a/internal/controller/hmcmanagement_controller.go b/internal/controller/management_controller.go similarity index 100% rename from internal/controller/hmcmanagement_controller.go rename to internal/controller/management_controller.go diff --git a/internal/controller/hmcmanagement_controller_test.go b/internal/controller/management_controller_test.go similarity index 100% rename from internal/controller/hmcmanagement_controller_test.go rename to internal/controller/management_controller_test.go diff --git a/internal/controller/hmcprovideraws_controller.go b/internal/controller/provideraws_controller.go similarity index 100% rename from internal/controller/hmcprovideraws_controller.go rename to internal/controller/provideraws_controller.go diff --git a/internal/controller/hmcprovideraws_controller_test.go b/internal/controller/provideraws_controller_test.go similarity index 100% rename from internal/controller/hmcprovideraws_controller_test.go rename to internal/controller/provideraws_controller_test.go diff --git a/internal/controller/suite_test.go b/internal/controller/suite_test.go index b14622e78..409e825b2 100644 --- a/internal/controller/suite_test.go +++ b/internal/controller/suite_test.go @@ -25,6 +25,8 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + helmcontrollerv2 "github.com/fluxcd/helm-controller/api/v2" + sourcev1 "github.com/fluxcd/source-controller/api/v1" "k8s.io/client-go/kubernetes/scheme" "k8s.io/client-go/rest" "sigs.k8s.io/controller-runtime/pkg/client" @@ -75,6 +77,10 @@ var _ = BeforeSuite(func() { err = hmcmirantiscomv1alpha1.AddToScheme(scheme.Scheme) Expect(err).NotTo(HaveOccurred()) + err = sourcev1.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + err = helmcontrollerv2.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) //+kubebuilder:scaffold:scheme diff --git a/internal/controller/template_controller.go b/internal/controller/template_controller.go new file mode 100644 index 000000000..fc8ae6069 --- /dev/null +++ b/internal/controller/template_controller.go @@ -0,0 +1,226 @@ +/* +Copyright 2024. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controller + +import ( + "context" + "fmt" + "time" + + sourcev1 "github.com/fluxcd/source-controller/api/v1" + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/log" + "sigs.k8s.io/yaml" + + hmc "github.com/Mirantis/hmc/api/v1alpha1" + "github.com/Mirantis/hmc/internal/utils" +) + +const ( + defaultRepoName = "hmc-templates" + defaultRepoType = "oci" + defaultRepoURL = "oci://ghcr.io/Mirantis/hmc/charts" + + defaultReconcileInterval = 10 * time.Minute +) + +// TemplateReconciler reconciles a Template object +type TemplateReconciler struct { + client.Client + Scheme *runtime.Scheme +} + +// +kubebuilder:rbac:groups=hmc.mirantis.com,resources=templates,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=hmc.mirantis.com,resources=templates/status,verbs=get;update;patch +// +kubebuilder:rbac:groups=hmc.mirantis.com,resources=templates/finalizers,verbs=update +// +kubebuilder:rbac:groups=source.toolkit.fluxcd.io,resources=helmrepositories;helmcharts,verbs=get;list;watch;create;update;patch;delete + +func (r *TemplateReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + l := log.FromContext(ctx).WithValues("TemplateController", req.NamespacedName) + l.Info("Reconciling Template") + + template := &hmc.Template{} + if err := r.Get(ctx, req.NamespacedName, template); err != nil { + if errors.IsNotFound(err) { + l.Info("Template not found, ignoring since object must be deleted") + return ctrl.Result{}, nil + } + l.Error(err, "Failed to get Template") + return ctrl.Result{}, err + } + if template.Status.Valid { + // We consider Template objects immutable, so we validate only once. + // The chart will be validated later, when reconciling Deployment objects. + l.Info("Template has already been validated, skipping validation") + return ctrl.Result{}, nil + } + l.Info("Reconciling helm-controller objects ") + err := r.reconcileHelmRepo(ctx, template) + if err != nil { + l.Error(err, "Failed to reconcile HelmRepo") + return ctrl.Result{}, err + } + hcChart, err := r.reconcileHelmChart(ctx, template) + if err != nil { + l.Error(err, "Failed to reconcile HelmChart") + return ctrl.Result{}, err + } + if hcChart == nil { + // TODO: add externally referenced source verification + return ctrl.Result{}, err + } + + if err, reportStatus := helmArtifactReady(hcChart); err != nil { + l.Info("HelmChart Artifact is not ready") + if reportStatus { + template.Status.ValidationError = err.Error() + _ = r.updateStatus(ctx, template) + } + return ctrl.Result{}, err + } + + l.Info("Downloading Helm chart") + helmChart, err := utils.DownloadChartFromArtifact(ctx, hcChart.Status.Artifact) + if err != nil { + l.Error(err, "Failed to download Helm chart") + err = fmt.Errorf("failed to download chart: %s", err) + template.Status.ValidationError = err.Error() + _ = r.updateStatus(ctx, template) + return ctrl.Result{}, err + } + l.Info("Validating Helm chart") + if err = helmChart.Validate(); err != nil { + l.Error(err, "Helm chart validation failed") + template.Status.ValidationError = err.Error() + _ = r.updateStatus(ctx, template) + return ctrl.Result{}, err + } + + template.Status.Description = helmChart.Metadata.Description + rawValues, err := yaml.Marshal(helmChart.Values) + if err != nil { + l.Error(err, "Failed to parse Helm chart values") + err = fmt.Errorf("failed to parse Helm chart values: %s", err) + template.Status.ValidationError = err.Error() + _ = r.updateStatus(ctx, template) + return ctrl.Result{}, err + } + template.Status.Configuration.Raw = rawValues + l.Info("Chart validation completed successfully") + template.Status.Valid = true + template.Status.ValidationError = "" + + return ctrl.Result{}, r.updateStatus(ctx, template) +} + +func (r *TemplateReconciler) updateStatus(ctx context.Context, template *hmc.Template) error { + if err := r.Status().Update(ctx, template); err != nil { + return fmt.Errorf("failed to update status for template %s/%s: %w", template.Namespace, template.Name, err) + } + return nil +} + +func (r *TemplateReconciler) reconcileHelmRepo(ctx context.Context, template *hmc.Template) error { + if template.Spec.Helm.ChartRef != nil { + // HelmRepository is not managed by the controller + return nil + } + helmRepo := &sourcev1.HelmRepository{ + ObjectMeta: metav1.ObjectMeta{ + Name: defaultRepoName, + Namespace: template.Namespace, + }, + } + _, err := ctrl.CreateOrUpdate(ctx, r.Client, helmRepo, func() error { + helmRepo.Spec = sourcev1.HelmRepositorySpec{ + Type: defaultRepoType, + URL: defaultRepoURL, + Interval: metav1.Duration{Duration: defaultReconcileInterval}, + } + return nil + }) + if err != nil { + return err + } + return nil +} + +func (r *TemplateReconciler) reconcileHelmChart(ctx context.Context, template *hmc.Template) (*sourcev1.HelmChart, error) { + if template.Spec.Helm.ChartRef != nil { + // HelmChart is not managed by the controller + return nil, nil + } + helmChart := &sourcev1.HelmChart{ + ObjectMeta: metav1.ObjectMeta{ + Name: template.Name, + Namespace: template.Namespace, + }, + } + + _, err := ctrl.CreateOrUpdate(ctx, r.Client, helmChart, func() error { + helmChart.OwnerReferences = []metav1.OwnerReference{ + { + APIVersion: hmc.GroupVersion.String(), + Kind: hmc.TemplateKind, + Name: template.Name, + UID: template.UID, + }, + } + helmChart.Spec = sourcev1.HelmChartSpec{ + Chart: template.Spec.Helm.ChartName, + Version: template.Spec.Helm.ChartVersion, + SourceRef: sourcev1.LocalHelmChartSourceReference{ + Kind: sourcev1.HelmRepositoryKind, + Name: defaultRepoName, + }, + Interval: metav1.Duration{Duration: defaultReconcileInterval}, + } + return nil + }) + if err != nil { + return nil, err + } + return helmChart, nil +} + +func helmArtifactReady(chart *sourcev1.HelmChart) (err error, reportStatus bool) { + for _, c := range chart.Status.Conditions { + if c.Type == "Ready" { + if chart.Generation != c.ObservedGeneration { + return fmt.Errorf("HelmChart was not reconciled yet, retrying"), false + } + if c.Status != metav1.ConditionTrue { + return fmt.Errorf("failed to dowlnoad helm chart artifact: %s", c.Message), true + } + } + } + if chart.Status.Artifact == nil || chart.Status.URL == "" { + return fmt.Errorf("helm chart artifact is not ready yet"), false + } + return nil, false +} + +// SetupWithManager sets up the controller with the Manager. +func (r *TemplateReconciler) SetupWithManager(mgr ctrl.Manager) error { + return ctrl.NewControllerManagedBy(mgr). + For(&hmc.Template{}). + Complete(r) +} diff --git a/internal/controller/hmctemplate_controller_test.go b/internal/controller/template_controller_test.go similarity index 90% rename from internal/controller/hmctemplate_controller_test.go rename to internal/controller/template_controller_test.go index b6303dbfb..cd209d1f2 100644 --- a/internal/controller/hmctemplate_controller_test.go +++ b/internal/controller/template_controller_test.go @@ -19,14 +19,14 @@ package controller import ( "context" + v2 "github.com/fluxcd/helm-controller/api/v2" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/reconcile" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - hmcmirantiscomv1alpha1 "github.com/Mirantis/hmc/api/v1alpha1" ) @@ -52,8 +52,14 @@ var _ = Describe("Template Controller", func() { Namespace: "default", }, Spec: hmcmirantiscomv1alpha1.TemplateSpec{ - Provider: "aws", - HelmChartURL: "oci://ghcr.io/Mirantis/hmc/charts/aws-template-example", + Provider: "aws", + Helm: hmcmirantiscomv1alpha1.HelmSpec{ + ChartRef: &v2.CrossNamespaceSourceReference{ + Kind: "HelmChart", + Name: "ref-test", + Namespace: "default", + }, + }, }, // TODO(user): Specify other spec details if needed. } diff --git a/internal/utils/helm.go b/internal/utils/helm.go new file mode 100644 index 000000000..4f4ab95e0 --- /dev/null +++ b/internal/utils/helm.go @@ -0,0 +1,93 @@ +/* +Copyright 2024. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package utils + +import ( + "bytes" + "context" + "fmt" + "io" + "net/http" + + sourcev1 "github.com/fluxcd/source-controller/api/v1" + "github.com/hashicorp/go-retryablehttp" + godigest "github.com/opencontainers/go-digest" + "helm.sh/helm/v3/pkg/chart" + "helm.sh/helm/v3/pkg/chart/loader" + "sigs.k8s.io/controller-runtime/pkg/log" +) + +func DownloadChartFromArtifact(ctx context.Context, artifact *sourcev1.Artifact) (*chart.Chart, error) { + return DownloadChart(ctx, artifact.URL, artifact.Digest) +} + +func DownloadChart(ctx context.Context, chartURL, digest string) (*chart.Chart, error) { + l := log.FromContext(ctx, "chart", chartURL) + + client := retryablehttp.NewClient() + req, err := retryablehttp.NewRequestWithContext(ctx, http.MethodGet, chartURL, nil) + if err != nil { + return nil, err + } + resp, err := client.Do(req) + if err != nil { + return nil, err + } + defer func() { + if err := resp.Body.Close(); err != nil { + l.Error(err, "Error closing response body after chart download") + } + }() + if resp.StatusCode != http.StatusOK { + return nil, fmt.Errorf("chart download request failed: %s", resp.Status) + } + + var buf bytes.Buffer + if err := copyChart(resp.Body, &buf, digest); err != nil { + return nil, err + } + + helmChart, err := loader.LoadArchive(&buf) + if err != nil { + return nil, fmt.Errorf("failed to load archive for chart %s, %w", chartURL, err) + } + return helmChart, nil +} + +func copyChart(reader io.Reader, writer io.Writer, digest string) error { + var writers = []io.Writer{writer} + var verifier godigest.Verifier + // verify data integrity if digest is provided + if digest != "" { + dig, err := godigest.Parse(digest) + if err != nil { + return fmt.Errorf("failed to parse digest %s: %w", digest, err) + } + verifier = dig.Verifier() + writers = append(writers, verifier) + } + + mw := io.MultiWriter(writers...) + if _, err := io.Copy(mw, reader); err != nil { + return fmt.Errorf("failed to copy chart: %w", err) + } + + if digest != "" && !verifier.Verified() { + return fmt.Errorf("verification for digest %s failed", digest) + } + return nil +} From d8a7e7067e31bf27e87151064c5ac870b24b587f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Jun 2024 17:34:02 +0000 Subject: [PATCH 07/19] Bump helm.sh/helm/v3 from 3.14.4 to 3.15.1 Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.4 to 3.15.1. - [Release notes](https://github.com/helm/helm/releases) - [Commits](https://github.com/helm/helm/compare/v3.14.4...v3.15.1) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 71ea6391b..572172177 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/onsi/ginkgo/v2 v2.19.0 github.com/onsi/gomega v1.33.1 github.com/opencontainers/go-digest v1.0.1-0.20231025023718-d50d2fec9c98 - helm.sh/helm/v3 v3.14.4 + helm.sh/helm/v3 v3.15.1 k8s.io/apiextensions-apiserver v0.30.0 k8s.io/apimachinery v0.30.0 k8s.io/client-go v0.30.0 diff --git a/go.sum b/go.sum index 65b9f12bf..fdf4282ad 100644 --- a/go.sum +++ b/go.sum @@ -179,8 +179,8 @@ gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -helm.sh/helm/v3 v3.14.4 h1:6FSpEfqyDalHq3kUr4gOMThhgY55kXUEjdQoyODYnrM= -helm.sh/helm/v3 v3.14.4/go.mod h1:Tje7LL4gprZpuBNTbG34d1Xn5NmRT3OWfBRwpOSer9I= +helm.sh/helm/v3 v3.15.1 h1:22ztacHz4gMqhXNqCQ9NAg6BFWoRUryNLvnkz6OVyw0= +helm.sh/helm/v3 v3.15.1/go.mod h1:fvfoRcB8UKRUV5jrIfOTaN/pG1TPhuqSb56fjYdTKXg= k8s.io/api v0.30.0 h1:siWhRq7cNjy2iHssOB9SCGNCl2spiF1dO3dABqZ8niA= k8s.io/api v0.30.0/go.mod h1:OPlaYhoHs8EQ1ql0R/TsUgaRPhpKNxIMrKQfWUp8QSE= k8s.io/apiextensions-apiserver v0.30.0 h1:jcZFKMqnICJfRxTgnC4E+Hpcq8UEhT8B2lhBcQ+6uAs= From c084d92ccebed30876b95b18b9287385788f2597 Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Wed, 5 Jun 2024 11:48:14 +0700 Subject: [PATCH 08/19] Add OCI registry configuration for template-controller Signed-off-by: Andrei Pavlov --- cmd/main.go | 12 ++++++++++-- internal/controller/template_controller.go | 7 +++++-- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/cmd/main.go b/cmd/main.go index b681a8ad4..4051ed1b6 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -61,6 +61,9 @@ func main() { var probeAddr string var secureMetrics bool var enableHTTP2 bool + var defaultOCIRegistry string + var insecureRegistry bool + flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.") flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.") flag.BoolVar(&enableLeaderElection, "leader-elect", false, @@ -70,6 +73,9 @@ func main() { "If set the metrics endpoint is served securely") flag.BoolVar(&enableHTTP2, "enable-http2", false, "If set, HTTP/2 will be enabled for the metrics and webhook servers") + flag.StringVar(&defaultOCIRegistry, "default-oci-registry", "oci://ghcr.io/Mirantis/hmc/charts", + "The default OCI registry to download Helm charts from.") + flag.BoolVar(&insecureRegistry, "insecure-registry", false, "Allow connecting to an HTTP registry.") opts := zap.Options{ Development: true, } @@ -127,8 +133,10 @@ func main() { } if err = (&controller.TemplateReconciler{ - Client: mgr.GetClient(), - Scheme: mgr.GetScheme(), + Client: mgr.GetClient(), + Scheme: mgr.GetScheme(), + DefaultOCIRegistry: defaultOCIRegistry, + InsecureRegistry: insecureRegistry, }).SetupWithManager(mgr); err != nil { setupLog.Error(err, "unable to create controller", "controller", "Template") os.Exit(1) diff --git a/internal/controller/template_controller.go b/internal/controller/template_controller.go index fc8ae6069..786cf4a37 100644 --- a/internal/controller/template_controller.go +++ b/internal/controller/template_controller.go @@ -37,7 +37,6 @@ import ( const ( defaultRepoName = "hmc-templates" defaultRepoType = "oci" - defaultRepoURL = "oci://ghcr.io/Mirantis/hmc/charts" defaultReconcileInterval = 10 * time.Minute ) @@ -46,6 +45,9 @@ const ( type TemplateReconciler struct { client.Client Scheme *runtime.Scheme + + DefaultOCIRegistry string + InsecureRegistry bool } // +kubebuilder:rbac:groups=hmc.mirantis.com,resources=templates,verbs=get;list;watch;create;update;patch;delete @@ -152,8 +154,9 @@ func (r *TemplateReconciler) reconcileHelmRepo(ctx context.Context, template *hm _, err := ctrl.CreateOrUpdate(ctx, r.Client, helmRepo, func() error { helmRepo.Spec = sourcev1.HelmRepositorySpec{ Type: defaultRepoType, - URL: defaultRepoURL, + URL: r.DefaultOCIRegistry, Interval: metav1.Duration{Duration: defaultReconcileInterval}, + Insecure: r.InsecureRegistry, } return nil }) From 2b60d346c8ec4eb4b204e15f83cf03947b8c2c2f Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Wed, 5 Jun 2024 12:30:26 +0700 Subject: [PATCH 09/19] Add kustomize configuration for development The configurationl adds support for a local registry Signed-off-by: Andrei Pavlov --- Makefile | 9 ++++++++ config/dev/kustomization.yaml | 31 ++++++++++++++++++++++++++++ config/dev/local_registry_patch.yaml | 15 ++++++++++++++ 3 files changed, 55 insertions(+) create mode 100644 config/dev/kustomization.yaml create mode 100644 config/dev/local_registry_patch.yaml diff --git a/Makefile b/Makefile index 60946a79d..186e72d31 100644 --- a/Makefile +++ b/Makefile @@ -152,6 +152,15 @@ deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in undeploy: kustomize ## Undeploy controller from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. $(KUSTOMIZE) build config/default | $(KUBECTL) delete --ignore-not-found=$(ignore-not-found) -f - +.PHONY: dev-deploy +dev-deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config. + cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} + $(KUSTOMIZE) build config/dev | $(KUBECTL) apply -f - + +.PHONY: dev-undeploy +dev-undeploy: kustomize ## Undeploy controller from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. + $(KUSTOMIZE) build config/dev | $(KUBECTL) delete --ignore-not-found=$(ignore-not-found) -f - + ##@ Dependencies ## Location to install dependencies to diff --git a/config/dev/kustomization.yaml b/config/dev/kustomization.yaml new file mode 100644 index 000000000..898acfec1 --- /dev/null +++ b/config/dev/kustomization.yaml @@ -0,0 +1,31 @@ +# Adds namespace to all resources. +namespace: hmc-system + +# Value of this field is prepended to the +# names of all resources, e.g. a deployment named +# "wordpress" becomes "alices-wordpress". +# Note that it should also match with the prefix (text before '-') of the namespace +# field above. +namePrefix: hmc- + +# Labels to add to all resources and selectors. +#labels: +#- includeSelectors: true +# pairs: +# someName: someValue + +resources: +- ../crd +- ../rbac +- ../manager +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in +# crd/kustomization.yaml +#- ../webhook +# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. +#- ../certmanager +# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. +#- ../prometheus + +patches: +- path: local_registry_patch.yaml + diff --git a/config/dev/local_registry_patch.yaml b/config/dev/local_registry_patch.yaml new file mode 100644 index 000000000..50dfd1a67 --- /dev/null +++ b/config/dev/local_registry_patch.yaml @@ -0,0 +1,15 @@ +# This patch adds the args to allow exposing the metrics endpoint securely +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + args: + - "--leader-elect" + - "--default-oci-registry=oci://local-registry:5000/charts" + - "--insecure-registry" From 9ef888005a9bba5883417677cd8303875de6a0b1 Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Wed, 5 Jun 2024 13:13:07 +0700 Subject: [PATCH 10/19] Add kind binary and deploy/undeploy targets Signed-off-by: Andrei Pavlov --- Makefile | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/Makefile b/Makefile index 186e72d31..4e2bb3b99 100644 --- a/Makefile +++ b/Makefile @@ -127,10 +127,24 @@ hmc-chart-generate: kustomize helmify ## Generate hmc helm chart ##@ Deployment +KIND_CLUSTER_NAME ?= hmc-dev + ifndef ignore-not-found ignore-not-found = false endif +.PHONY: deploy-kind +deploy-kind: kind + @if ! $(KIND) get clusters | grep -q "^$(KIND_CLUSTER_NAME)$$"; then \ + kind create cluster -n $(KIND_CLUSTER_NAME); \ + fi + +.PHONY: undeploy-kind +undeploy-kind: kind + @if kind get clusters | grep -q "^$(KIND_CLUSTER_NAME)$$"; then \ + kind delete cluster --name $(KIND_CLUSTER_NAME); \ + fi + .PHONY: deploy-helm-controller deploy-helm-controller: helm $(HELM) upgrade --install --create-namespace --set $(FLUX_CHART_VALUES) helm-controller $(FLUX_CHART_REPOSITORY) --version $(FLUX_CHART_VERSION) -n hmc-system @@ -186,6 +200,7 @@ ENVTEST ?= $(LOCALBIN)/setup-envtest-$(ENVTEST_VERSION) GOLANGCI_LINT = $(LOCALBIN)/golangci-lint-$(GOLANGCI_LINT_VERSION) HELM ?= $(LOCALBIN)/helm-$(HELM_VERSION) HELMIFY ?= $(LOCALBIN)/helmify-$(HELMIFY_VERSION) +KIND ?= $(LOCALBIN)/kind-$(KIND_VERSION) FLUX_CHART_REPOSITORY ?= oci://ghcr.io/fluxcd-community/charts/flux2 FLUX_CHART_VERSION ?= 2.13.0 @@ -198,6 +213,7 @@ ENVTEST_VERSION ?= release-0.17 GOLANGCI_LINT_VERSION ?= v1.57.2 HELM_VERSION ?= v3.15.1 HELMIFY_VERSION ?= v0.4.13 +KIND_VERSION ?= v0.23.0 .PHONY: kustomize kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary. @@ -230,6 +246,11 @@ helmify: $(HELMIFY) ## Download helmify locally if necessary. $(HELMIFY): $(LOCALBIN) $(call go-install-tool,$(HELMIFY),github.com/arttor/helmify/cmd/helmify,${HELMIFY_VERSION}) +.PHONY: kind +kind: $(KIND) ## Download kind locally if necessary. +$(KIND): $(LOCALBIN) + $(call go-install-tool,$(KIND),sigs.k8s.io/kind,${KIND_VERSION}) + $(FLUX_HELM_CRD): $(EXTERNAL_CRD_DIR) rm -f $(FLUX_HELM_CRD) curl -s https://raw.githubusercontent.com/fluxcd/helm-controller/$(FLUX_HELM_VERSION)/config/crd/bases/helm.toolkit.fluxcd.io_helmreleases.yaml > $(FLUX_HELM_CRD) From fc58506ebbcf57276ee183c56930a560020f1412 Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Wed, 5 Jun 2024 13:55:50 +0700 Subject: [PATCH 11/19] Add target to deploy local registry Signed-off-by: Andrei Pavlov --- Makefile | 14 ++++++++++++++ config/dev/local_registry_patch.yaml | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 4e2bb3b99..d63f55980 100644 --- a/Makefile +++ b/Makefile @@ -128,6 +128,8 @@ hmc-chart-generate: kustomize helmify ## Generate hmc helm chart ##@ Deployment KIND_CLUSTER_NAME ?= hmc-dev +LOCAL_REGISTRY_NAME ?= hmc-local-registry +LOCAL_REGISTRY_PORT ?= 5001 ifndef ignore-not-found ignore-not-found = false @@ -145,6 +147,18 @@ undeploy-kind: kind kind delete cluster --name $(KIND_CLUSTER_NAME); \ fi +.PHONY: deploy-local-registry +deploy-local-registry: + @if [ ! "`$(CONTAINER_TOOL) ps -aq -f name=$(LOCAL_REGISTRY_NAME)`" ]; then \ + $(CONTAINER_TOOL) run -d --restart=always -p "127.0.0.1:$(LOCAL_REGISTRY_PORT):5000" --network bridge --name "$(LOCAL_REGISTRY_NAME)" registry:2; \ + fi + +.PHONY: undeploy-local-registry +undeploy-local-registry: + @if [ "`$(CONTAINER_TOOL) ps -aq -f name=$(LOCAL_REGISTRY_NAME)`" ]; then \ + $(CONTAINER_TOOL) rm -f "$(LOCAL_REGISTRY_NAME)"; \ + fi + .PHONY: deploy-helm-controller deploy-helm-controller: helm $(HELM) upgrade --install --create-namespace --set $(FLUX_CHART_VALUES) helm-controller $(FLUX_CHART_REPOSITORY) --version $(FLUX_CHART_VERSION) -n hmc-system diff --git a/config/dev/local_registry_patch.yaml b/config/dev/local_registry_patch.yaml index 50dfd1a67..7cc0b6ad8 100644 --- a/config/dev/local_registry_patch.yaml +++ b/config/dev/local_registry_patch.yaml @@ -11,5 +11,5 @@ spec: - name: manager args: - "--leader-elect" - - "--default-oci-registry=oci://local-registry:5000/charts" + - "--default-oci-registry=oci://hmc-local-registry:5000/charts" - "--insecure-registry" From 924cbea83475b7aa6ffc4afb98c7af9f3a1f5916 Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Wed, 5 Jun 2024 14:29:49 +0700 Subject: [PATCH 12/19] Add targets to deploy/undeploy local registry Signed-off-by: Andrei Pavlov --- Makefile | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/Makefile b/Makefile index d63f55980..efd04e5f1 100644 --- a/Makefile +++ b/Makefile @@ -128,6 +128,7 @@ hmc-chart-generate: kustomize helmify ## Generate hmc helm chart ##@ Deployment KIND_CLUSTER_NAME ?= hmc-dev +KIND_NETWORK ?= kind LOCAL_REGISTRY_NAME ?= hmc-local-registry LOCAL_REGISTRY_PORT ?= 5001 @@ -149,15 +150,20 @@ undeploy-kind: kind .PHONY: deploy-local-registry deploy-local-registry: - @if [ ! "`$(CONTAINER_TOOL) ps -aq -f name=$(LOCAL_REGISTRY_NAME)`" ]; then \ - $(CONTAINER_TOOL) run -d --restart=always -p "127.0.0.1:$(LOCAL_REGISTRY_PORT):5000" --network bridge --name "$(LOCAL_REGISTRY_NAME)" registry:2; \ - fi + @if [ ! "$$($(CONTAINER_TOOL) ps -aq -f name=$(LOCAL_REGISTRY_NAME))" ]; then \ + echo "Starting new local registry container $(LOCAL_REGISTRY_NAME)"; \ + $(CONTAINER_TOOL) run -d --restart=always -p "127.0.0.1:$(LOCAL_REGISTRY_PORT):5000" --network bridge --name "$(LOCAL_REGISTRY_NAME)" registry:2; \ + fi; \ + if [ "$$($(CONTAINER_TOOL) inspect -f='{{json .NetworkSettings.Networks.$(KIND_NETWORK)}}' $(LOCAL_REGISTRY_NAME))" = 'null' ]; then \ + $(CONTAINER_TOOL) network connect $(KIND_NETWORK) $(LOCAL_REGISTRY_NAME); \ + fi .PHONY: undeploy-local-registry undeploy-local-registry: - @if [ "`$(CONTAINER_TOOL) ps -aq -f name=$(LOCAL_REGISTRY_NAME)`" ]; then \ - $(CONTAINER_TOOL) rm -f "$(LOCAL_REGISTRY_NAME)"; \ - fi + @if [ "$$($(CONTAINER_TOOL) ps -aq -f name=$(LOCAL_REGISTRY_NAME))" ]; then \ + echo "Removing local registry container $(LOCAL_REGISTRY_NAME)"; \ + $(CONTAINER_TOOL) rm -f "$(LOCAL_REGISTRY_NAME)"; \ + fi .PHONY: deploy-helm-controller deploy-helm-controller: helm From 20390c82d8c146d02e397aaf3879af2d51a47bb3 Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Wed, 5 Jun 2024 16:41:12 +0700 Subject: [PATCH 13/19] Add generate-all target Signed-off-by: Andrei Pavlov --- Makefile | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/Makefile b/Makefile index efd04e5f1..b76ae8d37 100644 --- a/Makefile +++ b/Makefile @@ -51,6 +51,14 @@ manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and Cust generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." +.PHONY: hmc-chart-generate +hmc-chart-generate: kustomize helmify ## Generate hmc helm chart + rm -rf charts/hmc/values.yaml charts/hmc/templates/*.yaml + $(KUSTOMIZE) build config/default | $(HELMIFY) charts/hmc + +.PHONY: generate-all +generate-all: generate manifests hmc-chart-generate + .PHONY: fmt fmt: ## Run go fmt against code. go fmt ./... @@ -60,7 +68,7 @@ vet: ## Run go vet against code. go vet ./... .PHONY: test -test: manifests generate fmt vet envtest external-crd ## Run tests. +test: generate-all fmt vet envtest external-crd ## Run tests. KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test $$(go list ./... | grep -v /e2e) -coverprofile cover.out # Utilize Kind or modify the e2e tests to load the image locally, enabling compatibility with other vendors. @@ -79,11 +87,11 @@ lint-fix: golangci-lint ## Run golangci-lint linter and perform fixes ##@ Build .PHONY: build -build: manifests generate fmt vet ## Build manager binary. +build: generate-all fmt vet ## Build manager binary. go build -o bin/manager cmd/main.go .PHONY: run -run: manifests generate fmt vet ## Run a controller from your host. +run: generate-all fmt vet ## Run a controller from your host. go run ./cmd/main.go # If you wish to build the manager image targeting other platforms you can use the --platform flag. @@ -115,16 +123,11 @@ docker-buildx: ## Build and push docker image for the manager for cross-platform rm Dockerfile.cross .PHONY: build-installer -build-installer: manifests generate kustomize ## Generate a consolidated YAML with CRDs and deployment. +build-installer: generate-all kustomize ## Generate a consolidated YAML with CRDs and deployment. mkdir -p dist cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} $(KUSTOMIZE) build config/default > dist/install.yaml -.PHONY: hmc-chart-generate -hmc-chart-generate: kustomize helmify ## Generate hmc helm chart - rm -rf charts/hmc/values.yaml charts/hmc/templates/*.yaml - $(KUSTOMIZE) build config/default | $(HELMIFY) charts/hmc - ##@ Deployment KIND_CLUSTER_NAME ?= hmc-dev From bd381d3c21b955482bf045ff12af1f036403ee11 Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Wed, 5 Jun 2024 19:29:23 +0700 Subject: [PATCH 14/19] Make a separate directory for templates Signed-off-by: Andrei Pavlov --- .../aws-hosted-cp}/.helmignore | 0 .../aws-hosted-cp}/Chart.yaml | 4 ++-- .../aws-hosted-cp}/templates/_helpers.tpl | 0 .../aws-hosted-cp}/templates/awscluster.yaml | 0 .../aws-hosted-cp}/templates/awsmachinetemplate.yaml | 0 .../aws-hosted-cp}/templates/cluster.yaml | 0 .../aws-hosted-cp}/templates/k0smotroncontrolplane.yaml | 0 .../aws-hosted-cp}/templates/k0sworkerconfigtemplate.yaml | 0 .../aws-hosted-cp}/templates/machinedeployment.yaml | 0 .../aws-hosted-cp}/values.yaml | 0 10 files changed, 2 insertions(+), 2 deletions(-) rename {charts/hmc-templates/aws/hmc-template-hosted-control-planes => templates/aws-hosted-cp}/.helmignore (100%) rename {charts/hmc-templates/aws/hmc-template-hosted-control-planes => templates/aws-hosted-cp}/Chart.yaml (84%) rename {charts/hmc-templates/aws/hmc-template-hosted-control-planes => templates/aws-hosted-cp}/templates/_helpers.tpl (100%) rename {charts/hmc-templates/aws/hmc-template-hosted-control-planes => templates/aws-hosted-cp}/templates/awscluster.yaml (100%) rename {charts/hmc-templates/aws/hmc-template-hosted-control-planes => templates/aws-hosted-cp}/templates/awsmachinetemplate.yaml (100%) rename {charts/hmc-templates/aws/hmc-template-hosted-control-planes => templates/aws-hosted-cp}/templates/cluster.yaml (100%) rename {charts/hmc-templates/aws/hmc-template-hosted-control-planes => templates/aws-hosted-cp}/templates/k0smotroncontrolplane.yaml (100%) rename {charts/hmc-templates/aws/hmc-template-hosted-control-planes => templates/aws-hosted-cp}/templates/k0sworkerconfigtemplate.yaml (100%) rename {charts/hmc-templates/aws/hmc-template-hosted-control-planes => templates/aws-hosted-cp}/templates/machinedeployment.yaml (100%) rename {charts/hmc-templates/aws/hmc-template-hosted-control-planes => templates/aws-hosted-cp}/values.yaml (100%) diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/.helmignore b/templates/aws-hosted-cp/.helmignore similarity index 100% rename from charts/hmc-templates/aws/hmc-template-hosted-control-planes/.helmignore rename to templates/aws-hosted-cp/.helmignore diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/Chart.yaml b/templates/aws-hosted-cp/Chart.yaml similarity index 84% rename from charts/hmc-templates/aws/hmc-template-hosted-control-planes/Chart.yaml rename to templates/aws-hosted-cp/Chart.yaml index 37f3881d8..d071652c3 100644 --- a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/Chart.yaml +++ b/templates/aws-hosted-cp/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 -name: hmc-template-hosted-control-planes +name: aws-hosted-cp description: | - The HMC template to deploy kubernetes cluster with control plane components + The HMC template to deploy a k8s cluster on AWS with control plane components within the management cluster. type: application # This is the chart version. This version number should be incremented each time you make changes diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/_helpers.tpl b/templates/aws-hosted-cp/templates/_helpers.tpl similarity index 100% rename from charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/_helpers.tpl rename to templates/aws-hosted-cp/templates/_helpers.tpl diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/awscluster.yaml b/templates/aws-hosted-cp/templates/awscluster.yaml similarity index 100% rename from charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/awscluster.yaml rename to templates/aws-hosted-cp/templates/awscluster.yaml diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/awsmachinetemplate.yaml b/templates/aws-hosted-cp/templates/awsmachinetemplate.yaml similarity index 100% rename from charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/awsmachinetemplate.yaml rename to templates/aws-hosted-cp/templates/awsmachinetemplate.yaml diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/cluster.yaml b/templates/aws-hosted-cp/templates/cluster.yaml similarity index 100% rename from charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/cluster.yaml rename to templates/aws-hosted-cp/templates/cluster.yaml diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/k0smotroncontrolplane.yaml b/templates/aws-hosted-cp/templates/k0smotroncontrolplane.yaml similarity index 100% rename from charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/k0smotroncontrolplane.yaml rename to templates/aws-hosted-cp/templates/k0smotroncontrolplane.yaml diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/k0sworkerconfigtemplate.yaml b/templates/aws-hosted-cp/templates/k0sworkerconfigtemplate.yaml similarity index 100% rename from charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/k0sworkerconfigtemplate.yaml rename to templates/aws-hosted-cp/templates/k0sworkerconfigtemplate.yaml diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/machinedeployment.yaml b/templates/aws-hosted-cp/templates/machinedeployment.yaml similarity index 100% rename from charts/hmc-templates/aws/hmc-template-hosted-control-planes/templates/machinedeployment.yaml rename to templates/aws-hosted-cp/templates/machinedeployment.yaml diff --git a/charts/hmc-templates/aws/hmc-template-hosted-control-planes/values.yaml b/templates/aws-hosted-cp/values.yaml similarity index 100% rename from charts/hmc-templates/aws/hmc-template-hosted-control-planes/values.yaml rename to templates/aws-hosted-cp/values.yaml From e70076934c012fabdb1b76f5642fcb9a58ab45df Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Wed, 5 Jun 2024 20:15:52 +0700 Subject: [PATCH 15/19] Add targets to build and push dev artifacts Signed-off-by: Andrei Pavlov --- .gitignore | 1 + Makefile | 27 ++++++++++++++++++++++++++- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 62b8150f0..f63f7512f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ +kubeconfig # Binaries for programs and plugins bin dist diff --git a/Makefile b/Makefile index b76ae8d37..2372e5c33 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ # Image URL to use all building/pushing image targets -IMG ?= controller:latest +IMG ?= hmc/controller:latest # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. ENVTEST_K8S_VERSION = 1.29.0 @@ -86,6 +86,21 @@ lint-fix: golangci-lint ## Run golangci-lint linter and perform fixes ##@ Build +TEMPLATES_DIR := templates +CHARTS_PACKAGE_DIR ?= $(LOCALBIN)/charts +$(CHARTS_PACKAGE_DIR): $(LOCALBIN) + rm -rf $(CHARTS_PACKAGE_DIR) + mkdir -p $(CHARTS_PACKAGE_DIR) +CHARTS = $(patsubst $(TEMPLATES_DIR)/%,%,$(wildcard $(TEMPLATES_DIR)/*)) + +helm-package: $(patsubst %,package-chart-%,$(CHARTS)) + +lint-chart-%: + $(HELM) lint --strict $(TEMPLATES_DIR)/$* + +package-chart-%: $(CHARTS_PACKAGE_DIR) lint-chart-% + $(HELM) package --destination $(CHARTS_PACKAGE_DIR) $(TEMPLATES_DIR)/$* + .PHONY: build build: generate-all fmt vet ## Build manager binary. go build -o bin/manager cmd/main.go @@ -134,6 +149,7 @@ KIND_CLUSTER_NAME ?= hmc-dev KIND_NETWORK ?= kind LOCAL_REGISTRY_NAME ?= hmc-local-registry LOCAL_REGISTRY_PORT ?= 5001 +LOCAL_REGISTRY_REPO ?= oci://127.0.0.1:$(LOCAL_REGISTRY_PORT)/hmc ifndef ignore-not-found ignore-not-found = false @@ -198,6 +214,15 @@ dev-deploy: manifests kustomize ## Deploy controller to the K8s cluster specifie dev-undeploy: kustomize ## Undeploy controller from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. $(KUSTOMIZE) build config/dev | $(KUBECTL) delete --ignore-not-found=$(ignore-not-found) -f - +.PHONY: dev-push +dev-push: docker-build helm-package + $(KIND) load docker-image $(IMG) -n $(KIND_CLUSTER_NAME) + @for chart in $(CHARTS_PACKAGE_DIR)/*.tgz; do \ + echo "Pushing $$chart to $(LOCAL_REGISTRY_REPO)"; \ + $(HELM) push "$$chart" $(LOCAL_REGISTRY_REPO); \ + done + + ##@ Dependencies ## Location to install dependencies to From 3355c484ada60b051ccb910565d655af144ee069 Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Wed, 5 Jun 2024 20:34:02 +0700 Subject: [PATCH 16/19] Add dev-apply and dev-destroy targets `make dev-apply` to initially set up a development env and to reapply configuration. `make dev-destroy` to clean it up. Signed-off-by: Andrei Pavlov --- Makefile | 39 ++++++++++++++++++------------- charts/hmc/values.yaml | 2 +- config/manager/kustomization.yaml | 2 +- 3 files changed, 25 insertions(+), 18 deletions(-) diff --git a/Makefile b/Makefile index 2372e5c33..a5ee2d88e 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,4 @@ +NAMESPACE ?= hmc-system # Image URL to use all building/pushing image targets IMG ?= hmc/controller:latest # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. @@ -155,20 +156,20 @@ ifndef ignore-not-found ignore-not-found = false endif -.PHONY: deploy-kind -deploy-kind: kind +.PHONY: kind-deploy +kind-deploy: kind @if ! $(KIND) get clusters | grep -q "^$(KIND_CLUSTER_NAME)$$"; then \ kind create cluster -n $(KIND_CLUSTER_NAME); \ fi -.PHONY: undeploy-kind -undeploy-kind: kind +.PHONY: kind-undeploy +kind-undeploy: kind @if kind get clusters | grep -q "^$(KIND_CLUSTER_NAME)$$"; then \ kind delete cluster --name $(KIND_CLUSTER_NAME); \ fi -.PHONY: deploy-local-registry -deploy-local-registry: +.PHONY: registry-deploy +registry-deploy: @if [ ! "$$($(CONTAINER_TOOL) ps -aq -f name=$(LOCAL_REGISTRY_NAME))" ]; then \ echo "Starting new local registry container $(LOCAL_REGISTRY_NAME)"; \ $(CONTAINER_TOOL) run -d --restart=always -p "127.0.0.1:$(LOCAL_REGISTRY_PORT):5000" --network bridge --name "$(LOCAL_REGISTRY_NAME)" registry:2; \ @@ -177,27 +178,27 @@ deploy-local-registry: $(CONTAINER_TOOL) network connect $(KIND_NETWORK) $(LOCAL_REGISTRY_NAME); \ fi -.PHONY: undeploy-local-registry -undeploy-local-registry: +.PHONY: registry-undeploy +registry-undeploy: @if [ "$$($(CONTAINER_TOOL) ps -aq -f name=$(LOCAL_REGISTRY_NAME))" ]; then \ echo "Removing local registry container $(LOCAL_REGISTRY_NAME)"; \ $(CONTAINER_TOOL) rm -f "$(LOCAL_REGISTRY_NAME)"; \ fi -.PHONY: deploy-helm-controller -deploy-helm-controller: helm - $(HELM) upgrade --install --create-namespace --set $(FLUX_CHART_VALUES) helm-controller $(FLUX_CHART_REPOSITORY) --version $(FLUX_CHART_VERSION) -n hmc-system +.PHONY: helm-controller-deploy +helm-controller-deploy: helm + $(HELM) upgrade --install --create-namespace --set $(FLUX_CHART_VALUES) helm-controller $(FLUX_CHART_REPOSITORY) --version $(FLUX_CHART_VERSION) -n $(NAMESPACE) -.PHONY: install -install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. +.PHONY: crd-install +crd-install: generate-all kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. $(KUSTOMIZE) build config/crd | $(KUBECTL) apply -f - -.PHONY: uninstall -uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. +.PHONY: crd-uninstall +crd-uninstall: generate-all kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. $(KUSTOMIZE) build config/crd | $(KUBECTL) delete --ignore-not-found=$(ignore-not-found) -f - .PHONY: deploy -deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config. +deploy: generate-all kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config. cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} $(KUSTOMIZE) build config/default | $(KUBECTL) apply -f - @@ -222,6 +223,12 @@ dev-push: docker-build helm-package $(HELM) push "$$chart" $(LOCAL_REGISTRY_REPO); \ done +.PHONY: dev-apply +dev-apply: kind-deploy crd-install registry-deploy helm-controller-deploy dev-push dev-deploy + kubectl rollout restart -n $(NAMESPACE) deployment/hmc-controller-manager + +.PHONY: dev-destroy +dev-destroy: kind-undeploy registry-undeploy ##@ Dependencies diff --git a/charts/hmc/values.yaml b/charts/hmc/values.yaml index 60255eb9f..3e799f4ba 100644 --- a/charts/hmc/values.yaml +++ b/charts/hmc/values.yaml @@ -10,7 +10,7 @@ controllerManager: drop: - ALL image: - repository: controller + repository: hmc/controller tag: latest resources: limits: diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index ad13e96b3..f85e4d3ed 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization images: - name: controller - newName: controller + newName: hmc/controller newTag: latest From d7d22a3fca7a696a22e16dcef8c0238f3a3be021 Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Wed, 5 Jun 2024 23:15:26 +0700 Subject: [PATCH 17/19] Set imagePullPolicy IfNotPresent by default Signed-off-by: Andrei Pavlov --- charts/hmc/templates/deployment.yaml | 1 + charts/hmc/values.yaml | 1 + config/manager/manager.yaml | 1 + 3 files changed, 3 insertions(+) diff --git a/charts/hmc/templates/deployment.yaml b/charts/hmc/templates/deployment.yaml index 049f12ee1..27bf373a5 100644 --- a/charts/hmc/templates/deployment.yaml +++ b/charts/hmc/templates/deployment.yaml @@ -28,6 +28,7 @@ spec: value: {{ quote .Values.kubernetesClusterDomain }} image: {{ .Values.controllerManager.manager.image.repository }}:{{ .Values.controllerManager.manager.image.tag | default .Chart.AppVersion }} + imagePullPolicy: {{ .Values.controllerManager.manager.imagePullPolicy }} livenessProbe: httpGet: path: /healthz diff --git a/charts/hmc/values.yaml b/charts/hmc/values.yaml index 3e799f4ba..8b557e21d 100644 --- a/charts/hmc/values.yaml +++ b/charts/hmc/values.yaml @@ -12,6 +12,7 @@ controllerManager: image: repository: hmc/controller tag: latest + imagePullPolicy: IfNotPresent resources: limits: cpu: 500m diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index b6265a5d8..b7577f509 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -65,6 +65,7 @@ spec: - --health-probe-bind-address=:8081 - --metrics-bind-address=0 image: controller:latest + imagePullPolicy: IfNotPresent name: manager securityContext: allowPrivilegeEscalation: false From c0faa8710a177cfe3b0f0c92eaf90b982da7b02c Mon Sep 17 00:00:00 2001 From: Andrei Pavlov Date: Wed, 5 Jun 2024 23:55:38 +0700 Subject: [PATCH 18/19] Fix registry URL when uploading artifacts Signed-off-by: Andrei Pavlov --- Makefile | 2 +- internal/controller/template_controller.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index a5ee2d88e..4a3ecf9ea 100644 --- a/Makefile +++ b/Makefile @@ -150,7 +150,7 @@ KIND_CLUSTER_NAME ?= hmc-dev KIND_NETWORK ?= kind LOCAL_REGISTRY_NAME ?= hmc-local-registry LOCAL_REGISTRY_PORT ?= 5001 -LOCAL_REGISTRY_REPO ?= oci://127.0.0.1:$(LOCAL_REGISTRY_PORT)/hmc +LOCAL_REGISTRY_REPO ?= oci://127.0.0.1:$(LOCAL_REGISTRY_PORT)/chart ifndef ignore-not-found ignore-not-found = false diff --git a/internal/controller/template_controller.go b/internal/controller/template_controller.go index 786cf4a37..ae791f3da 100644 --- a/internal/controller/template_controller.go +++ b/internal/controller/template_controller.go @@ -211,7 +211,7 @@ func helmArtifactReady(chart *sourcev1.HelmChart) (err error, reportStatus bool) return fmt.Errorf("HelmChart was not reconciled yet, retrying"), false } if c.Status != metav1.ConditionTrue { - return fmt.Errorf("failed to dowlnoad helm chart artifact: %s", c.Message), true + return fmt.Errorf("failed to download helm chart artifact: %s", c.Message), true } } } From 172b96948fb093347f6ddec50655755e7f329ad3 Mon Sep 17 00:00:00 2001 From: eromanova Date: Wed, 5 Jun 2024 17:18:44 +0400 Subject: [PATCH 19/19] Add k0s+aws template with bootstrapped control planes HMC-16 --- templates/aws-bootstrap-cp/.helmignore | 23 +++++++++++ templates/aws-bootstrap-cp/Chart.yaml | 14 +++++++ .../aws-bootstrap-cp/templates/_helpers.tpl | 27 ++++++++++++ .../templates/awscluster.yaml | 9 ++++ .../awsmachinetemplate-controlplane.yaml | 19 +++++++++ .../templates/awsmachinetemplate-worker.yaml | 19 +++++++++ .../aws-bootstrap-cp/templates/cluster.yaml | 17 ++++++++ .../templates/k0scontrolplane.yaml | 41 +++++++++++++++++++ .../templates/k0sworkerconfigtemplate.yaml | 11 +++++ .../templates/machinedeployment.yaml | 25 +++++++++++ templates/aws-bootstrap-cp/values.yaml | 31 ++++++++++++++ 11 files changed, 236 insertions(+) create mode 100644 templates/aws-bootstrap-cp/.helmignore create mode 100644 templates/aws-bootstrap-cp/Chart.yaml create mode 100644 templates/aws-bootstrap-cp/templates/_helpers.tpl create mode 100644 templates/aws-bootstrap-cp/templates/awscluster.yaml create mode 100644 templates/aws-bootstrap-cp/templates/awsmachinetemplate-controlplane.yaml create mode 100644 templates/aws-bootstrap-cp/templates/awsmachinetemplate-worker.yaml create mode 100644 templates/aws-bootstrap-cp/templates/cluster.yaml create mode 100644 templates/aws-bootstrap-cp/templates/k0scontrolplane.yaml create mode 100644 templates/aws-bootstrap-cp/templates/k0sworkerconfigtemplate.yaml create mode 100644 templates/aws-bootstrap-cp/templates/machinedeployment.yaml create mode 100644 templates/aws-bootstrap-cp/values.yaml diff --git a/templates/aws-bootstrap-cp/.helmignore b/templates/aws-bootstrap-cp/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/templates/aws-bootstrap-cp/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/templates/aws-bootstrap-cp/Chart.yaml b/templates/aws-bootstrap-cp/Chart.yaml new file mode 100644 index 000000000..d960825cb --- /dev/null +++ b/templates/aws-bootstrap-cp/Chart.yaml @@ -0,0 +1,14 @@ +apiVersion: v2 +name: aws-bootstrap-cp +description: | + The HMC template to deploy a k0s cluster on AWS with bootstrapped control plane nodes. +type: application +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "0.1.0" diff --git a/templates/aws-bootstrap-cp/templates/_helpers.tpl b/templates/aws-bootstrap-cp/templates/_helpers.tpl new file mode 100644 index 000000000..0495f7a99 --- /dev/null +++ b/templates/aws-bootstrap-cp/templates/_helpers.tpl @@ -0,0 +1,27 @@ +{{- define "cluster.name" -}} + {{- .Values.clusterName | trunc 63 }} +{{- end }} + +{{- define "awsmachinetemplate.controlplane.name" -}} + {{- include "cluster.name" . }}-cp-mt +{{- end }} + +{{- define "awsmachinetemplate.worker.name" -}} + {{- include "cluster.name" . }}-worker-mt +{{- end }} + +{{- define "k0scontrolplane.name" -}} + {{- include "cluster.name" . }}-cp +{{- end }} + +{{- define "k0sworkerconfigtemplate.name" -}} + {{- include "cluster.name" . }}-machine-config +{{- end }} + +{{- define "machinedeployment.name" -}} + {{- include "cluster.name" . }}-md +{{- end }} + +{{- define "k0sconfig.name" -}} + {{- include "cluster.name" . }}-k0sconfig +{{- end }} \ No newline at end of file diff --git a/templates/aws-bootstrap-cp/templates/awscluster.yaml b/templates/aws-bootstrap-cp/templates/awscluster.yaml new file mode 100644 index 000000000..fea4ad751 --- /dev/null +++ b/templates/aws-bootstrap-cp/templates/awscluster.yaml @@ -0,0 +1,9 @@ +apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 +kind: AWSCluster +metadata: + name: {{ include "cluster.name" . }} +spec: + region: {{ .Values.region }} + # identityRef: + # kind: AWSClusterStaticIdentity + # name: aws-identity-name \ No newline at end of file diff --git a/templates/aws-bootstrap-cp/templates/awsmachinetemplate-controlplane.yaml b/templates/aws-bootstrap-cp/templates/awsmachinetemplate-controlplane.yaml new file mode 100644 index 000000000..5af105d17 --- /dev/null +++ b/templates/aws-bootstrap-cp/templates/awsmachinetemplate-controlplane.yaml @@ -0,0 +1,19 @@ +apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 +kind: AWSMachineTemplate +metadata: + name: {{ include "awsmachinetemplate.controlplane.name" . }} +spec: + template: + spec: + ami: + id: {{ .Values.controlPlane.amiID }} + instanceType: {{ .Values.controlPlane.instanceType }} + # Instance Profile created by `clusterawsadm bootstrap iam create-cloudformation-stack` + iamInstanceProfile: {{ .Values.controlPlane.iamInstanceProfile }} + cloudInit: + # Makes CAPA use k0s bootstrap cloud-init directly and not via SSM + # Simplifies the VPC setup as we do not need custom SSM endpoints etc. + insecureSkipSecretsManager: true + {{- if .Values.sshKeyName }} + sshKeyName: {{ .Values.sshKeyName }} + {{- end }} diff --git a/templates/aws-bootstrap-cp/templates/awsmachinetemplate-worker.yaml b/templates/aws-bootstrap-cp/templates/awsmachinetemplate-worker.yaml new file mode 100644 index 000000000..c934fb4e7 --- /dev/null +++ b/templates/aws-bootstrap-cp/templates/awsmachinetemplate-worker.yaml @@ -0,0 +1,19 @@ +apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 +kind: AWSMachineTemplate +metadata: + name: {{ include "awsmachinetemplate.worker.name" . }} +spec: + template: + spec: + ami: + id: {{ .Values.worker.amiID }} + instanceType: {{ .Values.worker.instanceType }} + # Instance Profile created by `clusterawsadm bootstrap iam create-cloudformation-stack` + iamInstanceProfile: {{ .Values.worker.iamInstanceProfile }} + cloudInit: + # Makes CAPA use k0s bootstrap cloud-init directly and not via SSM + # Simplifies the VPC setup as we do not need custom SSM endpoints etc. + insecureSkipSecretsManager: true + {{- if .Values.sshKeyName }} + sshKeyName: {{ .Values.sshKeyName }} + {{- end }} diff --git a/templates/aws-bootstrap-cp/templates/cluster.yaml b/templates/aws-bootstrap-cp/templates/cluster.yaml new file mode 100644 index 000000000..cb3425af5 --- /dev/null +++ b/templates/aws-bootstrap-cp/templates/cluster.yaml @@ -0,0 +1,17 @@ +apiVersion: cluster.x-k8s.io/v1beta1 +kind: Cluster +metadata: + name: {{ include "cluster.name" . }} +spec: + {{- with .Values.clusterNetwork }} + clusterNetwork: + {{- toYaml . | nindent 4 }} + {{- end }} + controlPlaneRef: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: K0sControlPlane + name: {{ include "k0scontrolplane.name" . }} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 + kind: AWSCluster + name: {{ include "cluster.name" . }} \ No newline at end of file diff --git a/templates/aws-bootstrap-cp/templates/k0scontrolplane.yaml b/templates/aws-bootstrap-cp/templates/k0scontrolplane.yaml new file mode 100644 index 000000000..de35ace71 --- /dev/null +++ b/templates/aws-bootstrap-cp/templates/k0scontrolplane.yaml @@ -0,0 +1,41 @@ +apiVersion: controlplane.cluster.x-k8s.io/v1beta1 +kind: K0sControlPlane +metadata: + name: {{ include "k0scontrolplane.name" . }} +spec: + replicas: {{ .Values.controlPlaneNumber }} + version: {{ .Values.k0s.version }} + k0sConfigSpec: + k0s: + apiVersion: k0s.k0sproject.io/v1beta1 + kind: ClusterConfig + metadata: + name: {{ include "k0sconfig.name" . }} + namespace: {{ .Release.Namespace }} + spec: + api: + extraArgs: + anonymous-auth: "true" + extensions: + helm: + repositories: + - name: aws-cloud-controller-manager + url: https://kubernetes.github.io/cloud-provider-aws + charts: + - name: aws-cloud-controller-manager + namespace: kube-system + chartname: aws-cloud-controller-manager/aws-cloud-controller-manager + version: "0.0.8" + values: | + args: + - --v=2 + - --cloud-provider=aws + - --cluster-cidr={{ first .Values.clusterNetwork.pods.cidrBlocks }} + - --allocate-node-cidrs=true + - --cluster-name={{ include "cluster.name" . }} + machineTemplate: + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 + kind: AWSMachineTemplate + name: {{ include "awsmachinetemplate.controlplane.name" . }} + namespace: {{ .Release.Namespace }} \ No newline at end of file diff --git a/templates/aws-bootstrap-cp/templates/k0sworkerconfigtemplate.yaml b/templates/aws-bootstrap-cp/templates/k0sworkerconfigtemplate.yaml new file mode 100644 index 000000000..90b654cb2 --- /dev/null +++ b/templates/aws-bootstrap-cp/templates/k0sworkerconfigtemplate.yaml @@ -0,0 +1,11 @@ +apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 +kind: K0sWorkerConfigTemplate +metadata: + name: {{ include "k0sworkerconfigtemplate.name" . }} +spec: + template: + spec: + version: {{ .Values.k0s.version }} + args: + - --enable-cloud-provider + - --kubelet-extra-args="--cloud-provider=external --hostname-override=$(hostname --fqdn)" \ No newline at end of file diff --git a/templates/aws-bootstrap-cp/templates/machinedeployment.yaml b/templates/aws-bootstrap-cp/templates/machinedeployment.yaml new file mode 100644 index 000000000..bb0aa863e --- /dev/null +++ b/templates/aws-bootstrap-cp/templates/machinedeployment.yaml @@ -0,0 +1,25 @@ +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachineDeployment +metadata: + name: {{ include "machinedeployment.name" . }} +spec: + clusterName: {{ include "cluster.name" . }} + replicas: {{ .Values.workersNumber }} + selector: + matchLabels: + cluster.x-k8s.io/cluster-name: {{ include "cluster.name" . }} + template: + metadata: + labels: + cluster.x-k8s.io/cluster-name: {{ include "cluster.name" . }} + spec: + clusterName: {{ include "cluster.name" . }} + bootstrap: + configRef: + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: K0sWorkerConfigTemplate + name: {{ include "k0sworkerconfigtemplate.name" . }} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta2 + kind: AWSMachineTemplate + name: {{ include "awsmachinetemplate.worker.name" . }} \ No newline at end of file diff --git a/templates/aws-bootstrap-cp/values.yaml b/templates/aws-bootstrap-cp/values.yaml new file mode 100644 index 000000000..3f559032f --- /dev/null +++ b/templates/aws-bootstrap-cp/values.yaml @@ -0,0 +1,31 @@ +# Cluster parameters +clusterName: k0s-aws +controlPlaneNumber: 3 +workersNumber: 2 + +clusterNetwork: + pods: + cidrBlocks: + - "10.244.0.0/16" + services: + cidrBlocks: + - "10.96.0.0/12" + +# AWS cluster parameters +region: "" +sshKeyName: "" + +# AWS machines parameters +controlPlane: + amiID: "" + iamInstanceProfile: control-plane.cluster-api-provider-aws.sigs.k8s.io + instanceType: "" + +worker: + amiID: "" + iamInstanceProfile: nodes.cluster-api-provider-aws.sigs.k8s.io + instanceType: "" + +# K0s parameters +k0s: + version: v1.27.2+k0s.0