Skip to content

Commit

Permalink
helm: generate operator resources from Go source
Browse files Browse the repository at this point in the history 
Rename CRDs in the operator Helm chart to match kubebuilder v4 generated
names and add a generation directive to output CRD resources directly
into the Helm chart. CRDs are not templated, so we don't need to helmify
them.

Split the manager-rbac.yaml into a role.yaml and a rolebinding.yaml, and
add a directive to generate role.yaml from operator sources. We're
losing the labels on the role, but that is only a cosmetic defect.
  • Loading branch information
@burgerdev
burgerdev committed Jan 22, 2024
1 parent f92823a commit 710badb
Show file tree
Hide file tree
Showing 10 changed files with 79 additions and 88 deletions.
10 changes: 5 additions & 5 deletions internal/constellation/helm/BUILD.bazel
View file
Original file line number Diff line number Diff line change
Expand Up @@ -253,11 +253,6 @@ go_library(
"charts/edgeless/operators/Chart.yaml",
"charts/edgeless/operators/charts/constellation-operator/.helmignore",
"charts/edgeless/operators/charts/constellation-operator/Chart.yaml",
"charts/edgeless/operators/charts/constellation-operator/crds/autoscalingstrategy-crd.yaml",
"charts/edgeless/operators/charts/constellation-operator/crds/joiningnode-crd.yaml",
"charts/edgeless/operators/charts/constellation-operator/crds/nodeversion-crd.yaml",
"charts/edgeless/operators/charts/constellation-operator/crds/pendingnode-crd.yaml",
"charts/edgeless/operators/charts/constellation-operator/crds/scalinggroup-crd.yaml",
"charts/edgeless/operators/charts/constellation-operator/templates/_helpers.tpl",
"charts/edgeless/operators/charts/constellation-operator/templates/deployment.yaml",
"charts/edgeless/operators/charts/constellation-operator/templates/leader-election-rbac.yaml",
Expand Down Expand Up @@ -452,6 +447,11 @@ go_library(
"charts/cert-manager/templates/webhook-poddisruptionbudget.yaml",
"charts/edgeless/constellation-services/charts/autoscaler/templates/coredns-pdb.yaml",
"charts/cilium/templates/cilium-flowlog-configmap.yaml",
"charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_autoscalingstrategies.yaml",
"charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_joiningnodes.yaml",
"charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_nodeversions.yaml",
"charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_pendingnodes.yaml",
"charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_scalinggroups.yaml",
],
importpath = "github.com/edgelesssys/constellation/v2/internal/constellation/helm",
visibility = ["//:__subpackages__"],
Expand Down
18 changes: 7 additions & 11 deletions ...perator/crds/autoscalingstrategy-crd.yaml → ...geless.systems_autoscalingstrategies.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: autoscalingstrategies.update.edgeless.systems
annotations:
controller-gen.kubebuilder.io/version: v0.9.0
controller-gen.kubebuilder.io/version: v0.13.0
name: autoscalingstrategies.update.edgeless.systems
spec:
group: update.edgeless.systems
names:
Expand Down Expand Up @@ -48,8 +49,8 @@ spec:
deployment.
type: string
enabled:
description: Enabled defines whether cluster autoscaling should be enabled
or not.
description: Enabled defines whether cluster autoscaling should be
enabled or not.
type: boolean
required:
- deploymentName
Expand All @@ -64,7 +65,8 @@ spec:
enabled or not.
type: boolean
replicas:
description: Replicas is the number of replicas for the autoscaler deployment.
description: Replicas is the number of replicas for the autoscaler
deployment.
format: int32
type: integer
type: object
Expand All @@ -73,9 +75,3 @@ spec:
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
11 changes: 3 additions & 8 deletions ...lation-operator/crds/joiningnode-crd.yaml → ...update.edgeless.systems_joiningnodes.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: joiningnodes.update.edgeless.systems
annotations:
controller-gen.kubebuilder.io/version: v0.9.0
controller-gen.kubebuilder.io/version: v0.13.0
name: joiningnodes.update.edgeless.systems
spec:
group: update.edgeless.systems
names:
Expand Down Expand Up @@ -59,9 +60,3 @@ spec:
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
15 changes: 13 additions & 2 deletions ...lation-operator/crds/nodeversion-crd.yaml → ...update.edgeless.systems_nodeversions.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: nodeversions.update.edgeless.systems
annotations:
controller-gen.kubebuilder.io/version: v0.9.0
controller-gen.kubebuilder.io/version: v0.13.0
name: nodeversions.update.edgeless.systems
spec:
group: update.edgeless.systems
names:
Expand Down Expand Up @@ -119,6 +120,7 @@ spec:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
type: array
budget:
description: Budget is the amount of extra nodes that can be created
Expand Down Expand Up @@ -258,6 +260,7 @@ spec:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
type: array
heirs:
description: Heirs is a list of nodes using the latest image that
Expand Down Expand Up @@ -322,6 +325,7 @@ spec:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
type: array
invalid:
description: Invalid is a list of invalid nodes (nodes that cannot
Expand Down Expand Up @@ -387,6 +391,7 @@ spec:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
type: array
mints:
description: Mints is a list of up to date nodes that will become
Expand Down Expand Up @@ -451,6 +456,7 @@ spec:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
type: array
obsolete:
description: Obsolete is a list of obsolete nodes (nodes that have
Expand Down Expand Up @@ -515,6 +521,7 @@ spec:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
type: array
outdated:
description: Outdated is a list of nodes that are using an outdated
Expand Down Expand Up @@ -579,6 +586,7 @@ spec:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
type: array
pending:
description: Pending is a list of pending nodes (joining or leaving
Expand Down Expand Up @@ -643,6 +651,7 @@ spec:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
type: array
upToDate:
description: UpToDate is a list of nodes that are using the latest
Expand Down Expand Up @@ -707,8 +716,10 @@ spec:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
x-kubernetes-map-type: atomic
type: array
required:
- activeclusterversionupgrade
- budget
- conditions
type: object
Expand Down
26 changes: 11 additions & 15 deletions ...lation-operator/crds/pendingnode-crd.yaml → ...update.edgeless.systems_pendingnodes.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: pendingnodes.update.edgeless.systems
annotations:
controller-gen.kubebuilder.io/version: v0.9.0
controller-gen.kubebuilder.io/version: v0.13.0
name: pendingnodes.update.edgeless.systems
spec:
group: update.edgeless.systems
names:
Expand Down Expand Up @@ -34,10 +35,10 @@ spec:
description: PendingNodeSpec defines the desired state of PendingNode.
properties:
deadline:
description: Deadline is the deadline for reaching the goal state. Joining
nodes will be terminated if the deadline is exceeded. Leaving nodes
will remain as unschedulable to prevent data loss. If not specified,
the node may remain in the pending state indefinitely.
description: Deadline is the deadline for reaching the goal state.
Joining nodes will be terminated if the deadline is exceeded. Leaving
nodes will remain as unschedulable to prevent data loss. If not
specified, the node may remain in the pending state indefinitely.
format: date-time
type: string
goal:
Expand All @@ -47,8 +48,8 @@ spec:
- Leave
type: string
groupID:
description: ScalingGroupID is the ID of the group that this node shall
be part of.
description: ScalingGroupID is the ID of the group that this node
shall be part of.
type: string
nodeName:
description: NodeName is the kubernetes internal name of the node.
Expand All @@ -72,17 +73,12 @@ spec:
- Failed
type: string
reachedGoal:
description: ReachedGoal is true if the node has reached the goal state.
description: ReachedGoal is true if the node has reached the goal
state.
type: boolean
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
51 changes: 23 additions & 28 deletions ...ation-operator/crds/scalinggroup-crd.yaml → ...pdate.edgeless.systems_scalinggroups.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: scalinggroups.update.edgeless.systems
annotations:
controller-gen.kubebuilder.io/version: v0.9.0
controller-gen.kubebuilder.io/version: v0.13.0
name: scalinggroups.update.edgeless.systems
spec:
group: update.edgeless.systems
names:
Expand Down Expand Up @@ -37,16 +38,16 @@ spec:
description: AutoscalerGroupName is name that is expected by the autoscaler.
type: string
autoscaling:
description: Autoscaling specifies wether the scaling group should automatically
scale using the cluster-autoscaler.
description: Autoscaling specifies wether the scaling group should
automatically scale using the cluster-autoscaler.
type: boolean
groupId:
description: GroupID is the CSP specific, canonical identifier of a
scaling group.
description: GroupID is the CSP specific, canonical identifier of
a scaling group.
type: string
max:
description: Max is the maximum number of autoscaled nodes in the scaling
group (used by cluster-autoscaler).
description: Max is the maximum number of autoscaled nodes in the
scaling group (used by cluster-autoscaler).
format: int32
type: integer
min:
Expand All @@ -55,11 +56,11 @@ spec:
format: int32
type: integer
nodeGroupName:
description: NodeGroupName is the human friendly name of the node group
as defined in the Constellation configuration.
description: NodeGroupName is the human friendly name of the node
group as defined in the Constellation configuration.
type: string
nodeImage:
description: NodeImage is the name of the NodeImage resource.
description: NodeVersion is the name of the NodeVersion resource.
type: string
role:
description: Role is the role of the nodes in the scaling group.
Expand All @@ -78,8 +79,8 @@ spec:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a foo's
current state. // Known .status.conditions.type are: \"Available\",
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
Expand All @@ -93,8 +94,8 @@ spec:
format: date-time
type: string
message:
description: message is a human readable message indicating details
about the transition. This may be an empty string.
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
Expand All @@ -108,11 +109,11 @@ spec:
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers of
specific condition types may define expected values and meanings
for this field, and whether the values are considered a guaranteed
API. The value should be a CamelCase string. This field may
not be empty.
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
Expand Down Expand Up @@ -142,8 +143,8 @@ spec:
type: object
type: array
imageReference:
description: ImageReference is the image currently used for newly created
nodes in this scaling group.
description: ImageReference is the image currently used for newly
created nodes in this scaling group.
type: string
required:
- conditions
Expand All @@ -153,9 +154,3 @@ spec:
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
20 changes: 1 addition & 19 deletions ...tion-operator/templates/manager-rbac.yaml → ...onstellation-operator/templates/role.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,8 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: constellation-operator-manager-role
namespace: {{ .Release.Namespace }}
labels:
{{- include "chart.labels" . | nindent 4 }}
rules:
- apiGroups:
- ""
Expand Down Expand Up @@ -198,19 +196,3 @@ rules:
- get
- patch
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: constellation-operator-manager-rolebinding
namespace: {{ .Release.Namespace }}
labels:
{{- include "chart.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: 'constellation-operator-manager-role'
subjects:
- kind: ServiceAccount
name: 'constellation-operator-controller-manager'
namespace: '{{ .Release.Namespace }}'
14 changes: 14 additions & 0 deletions ...n/helm/charts/edgeless/operators/charts/constellation-operator/templates/rolebinding.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: constellation-operator-manager-rolebinding
labels:
{{- include "chart.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: 'constellation-operator-manager-role'
subjects:
- kind: ServiceAccount
name: 'constellation-operator-controller-manager'
namespace: '{{ .Release.Namespace }}'
Loading

0 comments on commit 710badb

Please sign in to comment.