diff --git a/.dockerignore b/.dockerignore deleted file mode 100644 index a3aab7af7..000000000 --- a/.dockerignore +++ /dev/null @@ -1,3 +0,0 @@ -# More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file -# Ignore build and test binaries. -bin/ diff --git a/Tiltfile b/Tiltfile index 37cb500a6..7dc9ae9fa 100644 --- a/Tiltfile +++ b/Tiltfile @@ -1,9 +1,14 @@ load("ext://k8s_attach", "k8s_attach") load("ext://helm_resource", "helm_resource", "helm_repo") load("ext://namespace", "namespace_create") +load("ext://restart_process", "docker_build_with_restart") update_settings(k8s_upsert_timeout_secs=60) -helm_repo("capi-operator-repo", "https://kubernetes-sigs.github.io/cluster-api-operator",labels=["helm-repos"]) +helm_repo( + "capi-operator-repo", + "https://kubernetes-sigs.github.io/cluster-api-operator", + labels=["helm-repos"], +) helm_repo("jetstack-repo", "https://charts.jetstack.io", labels=["helm-repos"]) helm_resource( "cert-manager", @@ -92,15 +97,52 @@ if os.getenv("INSTALL_RKE2_PROVIDER", "false") == "true": labels=["CAPI"], ) +capl_deps = ["capi-controller-manager"] +debug = os.getenv("CAPL_DEBUG", "false") +# debug setting +if debug == "true": + local_resource( + "capl-compile", + 'GOOS=linux CGO_ENABLED=0 go build -gcflags "-N -l" -ldflags="-X github.com/linode/cluster-api-provider-linode/version.version=$VERSION" -a -o bin/manager ./cmd/main.go', + deps=["./main.go", "./start.go", "vendor", "go.mod", "go.sum", "./api", "./cloud", "./cmd", "./controller", + "./util", "./version",], + labels=["CAPL"], + ) + docker_build_with_restart( + "docker.io/linode/cluster-api-provider-linode", + context=".", + dockerfile_contents="""FROM golang:1.22 + RUN go install github.com/go-delve/delve/cmd/dlv@latest + COPY bin/manager /manager + WORKDIR /""", + only=("bin/manager"), + build_args={"VERSION": os.getenv("VERSION", "")}, + entrypoint="$GOPATH/bin/dlv --listen=:40000 --continue --accept-multiclient --api-version=2 --headless=true exec /manager", + live_update=[ + sync("./bin/manager", "/manager"), + ], + ) + capl_deps.append("capl-compile") + manager_yaml = decode_yaml_stream(kustomize("config/default")) for resource in manager_yaml: if resource["metadata"]["name"] == "capl-manager-credentials": resource["stringData"]["apiToken"] = os.getenv("LINODE_TOKEN") - if resource["kind"] == "CustomResourceDefinition" and resource["spec"]["group"] == "infrastructure.cluster.x-k8s.io": + if ( + resource["kind"] == "CustomResourceDefinition" + and resource["spec"]["group"] == "infrastructure.cluster.x-k8s.io" + ): resource["metadata"]["labels"]["clusterctl.cluster.x-k8s.io"] = "" + if ( + resource["kind"] == "Deployment" + and resource["metadata"]["name"] == "capl-controller-manager" + ): + resource["spec"]["template"]["spec"].pop("securityContext") + for container in resource["spec"]["template"]["spec"]["containers"]: + container.pop("securityContext") k8s_yaml(encode_yaml_stream(manager_yaml)) -if os.getenv("SKIP_DOCKER_BUILD", "false") != "true": +if os.getenv("SKIP_DOCKER_BUILD", "false") != "true" and debug != "true": docker_build( "docker.io/linode/cluster-api-provider-linode", context=".", @@ -132,6 +174,7 @@ k8s_resource( "capl-selfsigned-issuer:issuer", "capl-validating-webhook-configuration:validatingwebhookconfiguration", ], - resource_deps=["capi-controller-manager"], + port_forwards=["40000:40000"], + resource_deps=capl_deps, labels=["CAPL"], ) diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index fe6014d3b..9ef528c7e 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -59,8 +59,8 @@ spec: securityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false - runAsUser: 10999 - runAsGroup: 10999 + runAsUser: 65532 + runAsGroup: 65532 capabilities: drop: - "ALL" diff --git a/docs/src/developers/development.md b/docs/src/developers/development.md index 251f5d9ea..0f5e21d5d 100644 --- a/docs/src/developers/development.md +++ b/docs/src/developers/development.md @@ -253,6 +253,13 @@ VPCs are not deleted when a cluster is deleted using kubectl. One can run `kubec For any issues, please refer to the [troubleshooting guide](../topics/troubleshooting.md). ``` +### Debugging CAPL Controllers +CAPL supports using [Delve](https://github.com/go-delve/delve/) to attach a debugger to CAPL. This will start Delve in the +CAPL container on port `40000` and use Tilt live_reload to rebuild the CAPL Controller on your host and insert it into the container without needing to rebuild the container. + ```bash + CAPL_DEBUG=true make tilt-cluster + ``` + ### Automated Testing #### E2E Testing