Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: onmetal/matryoshka
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v0.3.7
Choose a base ref
...
head repository: onmetal/matryoshka
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: refs/heads/main
Choose a head ref
Loading
Showing with 8,895 additions and 748 deletions.
  1. +10 −0 .github/release-drafter.yml
  2. +4 −4 .github/workflows/golangci-lint.yml
  3. +2 −2 .github/workflows/publish-docker.yml
  4. +1 −1 .github/workflows/size-label.yml
  5. +3 −3 .github/workflows/test.yml
  6. +2 −0 CODEOWNERS
  7. +1 −0 CODE_OF_CONDUCT.md
  8. +1 −1 Dockerfile
  9. +45 −21 Makefile
  10. +9 −0 PROJECT
  11. +1 −0 apis/matryoshka/v1alpha1/groupversion_info.go
  12. +13 −0 apis/matryoshka/v1alpha1/kubeapiserver_types.go
  13. +2 −2 apis/matryoshka/v1alpha1/kubecontrollermanager_types.go
  14. +170 −0 apis/matryoshka/v1alpha1/kubescheduler_types.go
  15. +236 −0 apis/matryoshka/v1alpha1/zz_generated.deepcopy.go
  16. +311 −73 config/crd/bases/matryoshka.onmetal.de_kubeapiservers.yaml
  17. +6 −8 config/crd/bases/matryoshka.onmetal.de_kubeconfigs.yaml
  18. +287 −76 config/crd/bases/matryoshka.onmetal.de_kubecontrollermanagers.yaml
  19. +6,662 −0 config/crd/bases/matryoshka.onmetal.de_kubeschedulers.yaml
  20. +3 −0 config/crd/kustomization.yaml
  21. +7 −0 config/crd/patches/cainjection_in_matryoshka_kubeschedulers.yaml
  22. +16 −0 config/crd/patches/webhook_in_matryoshka_kubeschedulers.yaml
  23. +24 −0 config/rbac/matryoshka_kubescheduler_editor_role.yaml
  24. +20 −0 config/rbac/matryoshka_kubescheduler_viewer_role.yaml
  25. +26 −1 config/rbac/role.yaml
  26. +3 −1 config/samples/matryoshka_v1alpha1_kubeapiserver.yaml
  27. +67 −0 config/samples/matryoshka_v1alpha1_kubescheduler.yaml
  28. +12 −4 controllers/matryoshka/internal/kubeapiserver/kubeapiserver.go
  29. +2 −2 controllers/matryoshka/internal/kubecontrollermanager/kubecontrollermanager.go
  30. +353 −0 controllers/matryoshka/internal/kubescheduler/kubescheduler.go
  31. +14 −13 controllers/matryoshka/kubeapiserver_controller_test.go
  32. +3 −5 controllers/matryoshka/kubeconfig_controller_test.go
  33. +14 −14 controllers/matryoshka/kubecontrollermanager_controller_test.go
  34. +218 −0 controllers/matryoshka/kubescheduler_controller.go
  35. +146 −0 controllers/matryoshka/kubescheduler_controller_test.go
  36. +19 −16 controllers/matryoshka/suite_test.go
  37. +70 −11 go.mod
  38. +100 −487 go.sum
  39. +12 −1 main.go
  40. +0 −2 tools.go
10 changes: 10 additions & 0 deletions .github/release-drafter.yml
Original file line number Diff line number Diff line change
@@ -5,6 +5,7 @@ categories:
labels:
- 'feature'
- 'enhancement'
- 'controller'
- title: '🐛 Bug Fixes'
labels:
- 'fix'
@@ -31,6 +32,9 @@ version-resolver:
exclude-labels:
- 'skip-changelog'
autolabeler:
- label: 'controller'
files:
- '/controllers/*'
- label: 'api-change'
files:
- '/apis/**/*'
@@ -49,6 +53,12 @@ autolabeler:
- '/feature\/.+/'
body:
- '/JIRA-[0-9]{1,4}/'
- label: 'enhancement'
branch:
- '/enh\/.+/'
- label: 'chore'
branch:
- '/chore\/.+/'
template: |
## Changes
$CHANGES
8 changes: 4 additions & 4 deletions .github/workflows/golangci-lint.yml
Original file line number Diff line number Diff line change
@@ -10,11 +10,11 @@ jobs:
name: lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version: '1.17'
go-version: '1.18'
- name: golangci-lint
uses: golangci/golangci-lint-action@v3
with:
version: v1.43.0
version: v1.47.2
4 changes: 2 additions & 2 deletions .github/workflows/publish-docker.yml
Original file line number Diff line number Diff line change
@@ -21,7 +21,7 @@ jobs:
buildAndPush:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: docker/metadata-action@v4
id: meta
with:
@@ -51,7 +51,7 @@ jobs:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v3
uses: docker/build-push-action@v4
timeout-minutes: 50
with:
context: .
2 changes: 1 addition & 1 deletion .github/workflows/size-label.yml
Original file line number Diff line number Diff line change
@@ -7,6 +7,6 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: size-label
uses: pascalgn/size-label-action@v0.4.3
uses: pascalgn/size-label-action@v0.5.0
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
6 changes: 3 additions & 3 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -12,8 +12,8 @@ jobs:
name: run
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version: '1.17'
go-version: '1.18'
- run: make test
2 changes: 2 additions & 0 deletions CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
# onmetal-api maintainers
* @onmetal/onmetal-api-maintainers
1 change: 1 addition & 0 deletions CODE_OF_CONDUCT.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Please refer to the [Gardener on Metal code of conduct](https://onmetal.github.io/documentation/contribute/overview/#code-of-conduct).
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Build the manager binary
FROM --platform=$BUILDPLATFORM golang:1.17 as builder
FROM --platform=$BUILDPLATFORM golang:1.18 as builder

ARG GOARCH=""

66 changes: 45 additions & 21 deletions Makefile
Original file line number Diff line number Diff line change
@@ -1,8 +1,5 @@

# Image URL to use all building/pushing image targets
IMG ?= controller:latest
# Produce CRDs that work back to Kubernetes 1.11 (no version conversion)
CRD_OPTIONS ?= "crd:generateEmbeddedObjectMeta=true"

# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
ifeq (,$(shell go env GOBIN))
@@ -11,6 +8,11 @@ else
GOBIN=$(shell go env GOBIN)
endif

## Location to install dependencies to
LOCALBIN ?= $(shell pwd)/bin
$(LOCALBIN):
mkdir -p $(LOCALBIN)

# Setting SHELL to bash allows bash commands to be executed by recipes.
# This is a requirement for 'setup-envtest.sh' in the test target.
# Options are set to exit when a recipe line exits non-zero or a piped command fails.
@@ -37,39 +39,43 @@ help: ## Display this help.

##@ Development

.PHONY: manifests
manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
$(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases
$(CONTROLLER_GEN) rbac:roleName=manager-role crd:generateEmbeddedObjectMeta=true webhook paths="./..." output:crd:artifacts:config=config/crd/bases

.PHONY: generate
generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations.
$(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..."

addlicense: ## Add license headers to all go files.
find . -name '*.go' -exec go run github.com/google/addlicense -c 'OnMetal authors' {} +

fmt: ## Run go fmt against code.
go fmt ./...

.PHONY: checklicense
checklicense: ## Check that every file has a license header present.
find . -name '*.go' -exec go run github.com/google/addlicense -check -c 'OnMetal authors' {} +
vet: ## Run go vet against code.
go vet ./...

.PHONY: add-license
add-license: addlicense ## Add license headers to all go files.
find . -name '*.go' -exec $(ADDLICENSE) -c 'OnMetal authors' {} +

.PHONY: check-license
check-license: addlicense ## Check that every file has a license header present.
find . -name '*.go' -exec $(ADDLICENSE) -check -c 'OnMetal authors' {} +

lint: ## Lint code
golangci-lint run ./...

ENVTEST_ASSETS_DIR=$(shell pwd)/testbin
test: manifests generate fmt checklicense ## Run tests.
mkdir -p ${ENVTEST_ASSETS_DIR}
test -f ${ENVTEST_ASSETS_DIR}/setup-envtest.sh || curl -sSLo ${ENVTEST_ASSETS_DIR}/setup-envtest.sh https://raw.githubusercontent.com/kubernetes-sigs/controller-runtime/v0.8.3/hack/setup-envtest.sh
source ${ENVTEST_ASSETS_DIR}/setup-envtest.sh; fetch_envtest_tools $(ENVTEST_ASSETS_DIR); setup_envtest_env $(ENVTEST_ASSETS_DIR); go test ./... -coverprofile cover.out
.PHONY: test
test: manifests generate fmt vet envtest ## Run tests.
KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" go test ./... -coverprofile cover.out

check: lint test ## Lint and run tests.
check: manifests generate check-license lint test ## Lint and run tests.

##@ Build

build: generate fmt addlicense lint ## Build manager binary.
build: generate fmt add-license lint ## Build manager binary.
go build -o bin/manager main.go

run: manifests generate fmt addlicense ## Run a controller from your host.
run: manifests generate fmt add-license ## Run a controller from your host.
go run ./main.go

docker-build: test ## Build docker image with the manager.
@@ -93,14 +99,27 @@ deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in
undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config.
$(KUSTOMIZE) build config/default | kubectl delete -f -

## Tool Binaries
ADDLICENSE ?= $(LOCALBIN)/addlicense

## Tool Versions
ADDLICENSE_VERSION ?= v1.1.1
CONTROLLER_TOOLS_VERSION ?= v0.11.1

CONTROLLER_GEN = $(shell pwd)/bin/controller-gen
.PHONY: controller-gen
controller-gen: ## Download controller-gen locally if necessary.
$(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.7.0)
$(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@$(CONTROLLER_TOOLS_VERSION))

KUSTOMIZE = $(shell pwd)/bin/kustomize
.PHONY: kustomize
kustomize: ## Download kustomize locally if necessary.
$(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v3@v3.8.7)
$(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v4@v4.5.3)

ENVTEST = $(shell pwd)/bin/setup-envtest
.PHONY: envtest
envtest: ## Download envtest-setup locally if necessary.
$(call go-get-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest@latest)

# go-get-tool will 'go get' any package $2 and install it to $1.
PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST))))
@@ -111,7 +130,12 @@ TMP_DIR=$$(mktemp -d) ;\
cd $$TMP_DIR ;\
go mod init tmp ;\
echo "Downloading $(2)" ;\
GOBIN=$(PROJECT_DIR)/bin go get $(2) ;\
GOBIN=$(PROJECT_DIR)/bin go install $(2) ;\
rm -rf $$TMP_DIR ;\
}
endef

.PHONY: addlicense
addlicense: $(ADDLICENSE) ## Download addlicense locally if necessary.
$(ADDLICENSE): $(LOCALBIN)
test -s $(LOCALBIN)/addlicense || GOBIN=$(LOCALBIN) go install github.com/google/addlicense@$(ADDLICENSE_VERSION)
9 changes: 9 additions & 0 deletions PROJECT
Original file line number Diff line number Diff line change
@@ -32,4 +32,13 @@ resources:
kind: KubeControllerManager
path: github.com/onmetal/matryoshka/apis/matryoshka/v1alpha1
version: v1alpha1
- api:
crdVersion: v1
namespaced: true
controller: true
domain: onmetal.de
group: matryoshka
kind: KubeScheduler
path: github.com/onmetal/matryoshka/apis/matryoshka/v1alpha1
version: v1alpha1
version: "3"
1 change: 1 addition & 0 deletions apis/matryoshka/v1alpha1/groupversion_info.go
Original file line number Diff line number Diff line change
@@ -17,6 +17,7 @@ limitations under the License.
// Package v1alpha1 contains API Schema definitions for the matryoshka v1alpha1 API group
//+kubebuilder:object:generate=true
//+groupName=matryoshka.onmetal.de

package v1alpha1

import (
13 changes: 13 additions & 0 deletions apis/matryoshka/v1alpha1/kubeapiserver_types.go
Original file line number Diff line number Diff line change
@@ -52,6 +52,19 @@ type KubeAPIServerSpec struct {
ServiceAccount KubeAPIServerServiceAccount `json:"serviceAccount"`
// FeatureGates describe which alpha features should be enabled or beta features disabled
FeatureGates map[string]bool `json:"featureGates,omitempty"`
// RuntimeConfig passes --runtime-config <comma-separated 'key=value' pairs>.
// A set of key=value pairs that enable or disable built-in APIs. Supported options are:
// v1=true|false for the core API group.
// <group>/<version>=true|false for a specific API group and version (e.g. apps/v1=true).
// api/all=true|false controls all API versions.
// api/ga=true|false controls all API versions of the form v[0-9]+.
// api/beta=true|false controls all API versions of the form v[0-9]+beta[0-9]+.
// api/alpha=true|false controls all API versions of the form v[0-9]+alpha[0-9]+.
// api/legacy is deprecated, and will be removed in a future version.
RuntimeConfig map[string]bool `json:"runtimeConfig,omitempty"`
// AdmissionPlugins defaults to NamespaceLifecycle,NodeRestriction,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota
//+kubebuilder:default={NamespaceLifecycle,NodeRestriction,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota}
AdmissionPlugins []string `json:"admissionPlugins,omitempty"`
}

// KubeAPIServerPodTemplateOverlay is the template overlay for pods.
4 changes: 2 additions & 2 deletions apis/matryoshka/v1alpha1/kubecontrollermanager_types.go
Original file line number Diff line number Diff line change
@@ -63,15 +63,15 @@ type KubeControllerManagerSpec struct {
type KubeControllerManagerPodTemplateOverlay struct {
// ObjectMeta specifies additional object metadata to set on the managed pods.
metav1.ObjectMeta `json:"metadata,omitempty"`
// Spec is the KubeAPIServerPodOverlay overlay specification for the pod.
// Spec is the KubeControllerManagerPodOverlay overlay specification for the pod.
Spec KubeControllerManagerPodOverlay `json:"spec,omitempty"`
}

// KubeControllerManagerPodOverlay is the PodOverlay with additional ContainerOverlay containers.
type KubeControllerManagerPodOverlay struct {
// PodOverlay is the base managed pod specification.
PodOverlay `json:",inline,omitempty"`
// ControllerManagerContainer is the ContainerOverlay that hosts the api server.
// ControllerManagerContainer is the ContainerOverlay that hosts the kube controller manager.
ControllerManagerContainer ContainerOverlay `json:"controllerManagerContainer,omitempty"`
}

Loading