├── internal ├── version │ ├── VERSION │ └── version.go ├── streams │ └── types.go ├── cli │ ├── flags.go │ ├── streams.go │ ├── logger.go │ ├── options.go │ └── pprof.go ├── controller │ ├── request.go │ ├── requeue.go │ ├── finalizer.go │ └── context.go ├── cmd │ ├── ocean-tide │ │ ├── version │ │ │ └── version.go │ │ ├── root.go │ │ ├── uninstall │ │ │ └── uninstall.go │ │ └── install │ │ │ └── install.go │ └── ocean-operator │ │ ├── version │ │ └── version.go │ │ ├── root.go │ │ └── manager │ │ └── manager.go └── ocean │ └── flags.go ├── main.go ├── hack ├── boilerplate.go.txt └── scripts │ └── build.sh ├── config ├── prometheus │ ├── kustomization.yaml │ └── monitor.yaml ├── rbac │ ├── service_account.yaml │ ├── auth_proxy_client_clusterrole.yaml │ ├── role_binding.yaml │ ├── auth_proxy_role_binding.yaml │ ├── auth_proxy_service.yaml │ ├── leader_election_role_binding.yaml │ ├── auth_proxy_role.yaml │ ├── oceancomponent_viewer_role.yaml │ ├── oceancomponent_editor_role.yaml │ ├── leader_election_role.yaml │ ├── kustomization.yaml │ └── role.yaml ├── samples │ ├── v1alpha1_oceancomponent_metricsserver.yaml │ └── v1alpha1_oceancomponent_oceancontroller.yaml ├── manager │ ├── controller_manager_config.yaml │ ├── kustomization.yaml │ └── manager.yaml ├── crd │ ├── patches │ │ ├── cainjection_in_oceancomponents.yaml │ │ └── webhook_in_oceancomponents.yaml │ ├── kustomizeconfig.yaml │ ├── kustomization.yaml │ └── bases │ │ └── ocean.spot.io_oceancomponents.yaml └── default │ ├── manager_config_patch.yaml │ ├── manager_auth_proxy_patch.yaml │ └── kustomization.yaml ├── .dockerignore ├── .github ├── dependabot.yaml ├── SECURITY.md ├── ISSUE_TEMPLATE │ ├── enhancement-request.md │ ├── support-request.md │ └── bug-report.md ├── workflows │ └── release.yaml ├── stale.yaml └── CONTRIBUTING.md ├── PROJECT ├── pkg ├── installer │ ├── installers │ │ ├── installers.go │ │ └── helm │ │ │ ├── helm_test.go │ │ │ └── helm.go │ ├── factory.go │ ├── options.go │ └── interfaces.go ├── log │ ├── null.go │ ├── types.go │ └── helpers.go ├── tide │ ├── components │ │ ├── v1alpha1_oceancomponent_metricsserver.yaml │ │ └── v1alpha1_oceancomponent_oceancontroller.yaml │ ├── values │ │ ├── components.go │ │ ├── helpers.go │ │ └── builders.go │ ├── rbac │ │ ├── rbac_test.go │ │ └── rbac.go │ ├── interfaces.go │ ├── helpers.go │ ├── crds │ │ └── ocean.spot.io_oceancomponents.yaml │ ├── options.go │ └── operator.go ├── config │ ├── provider_env.go │ ├── provider.go │ ├── config.go │ ├── provider_configmap.go │ └── provider_chain.go └── credentials │ ├── provider.go │ ├── provider_env.go │ ├── credentials.go │ ├── provider_secret.go │ └── provider_chain.go ├── .goreleaser.yaml ├── .gitignore ├── go.mod ├── api └── v1alpha1 │ ├── groupversion_info.go │ ├── zz_generated.deepcopy.go │ └── oceancomponent_types.go ├── cmd ├── ocean-tide │ └── main.go └── ocean-operator │ └── main.go ├── Dockerfile ├── README.md ├── Makefile ├── controllers ├── oceancomponent_helpers.go └── oceancomponent_controller.go └── LICENSE /internal/version/VERSION: -------------------------------------------------------------------------------- 1 | 0.2.0-alpha.5 2 | -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | internal/cmd/ocean-operator/manager/manager.go -------------------------------------------------------------------------------- /hack/boilerplate.go.txt: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | -------------------------------------------------------------------------------- /config/prometheus/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | resources: 5 | - monitor.yaml 6 | -------------------------------------------------------------------------------- /config/rbac/service_account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | -------------------------------------------------------------------------------- /.dockerignore: -------------------------------------------------------------------------------- 1 | # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file 2 | !**/*.go 3 | !**/*.mod 4 | !**/*.sum 5 | !**/*.yaml 6 | -------------------------------------------------------------------------------- /.github/dependabot.yaml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: "gomod" 4 | directory: "/" 5 | schedule: 6 | interval: "daily" 7 | labels: 8 | - "area/dependency" 9 | -------------------------------------------------------------------------------- /.github/SECURITY.md: -------------------------------------------------------------------------------- 1 | # Security Policy 2 | 3 | ## Reporting a Vulnerability 4 | 5 | Instructions for reporting a vulnerability can be found on the [Spot Documentation](https://docs.spot.io/) website. 6 | -------------------------------------------------------------------------------- /PROJECT: -------------------------------------------------------------------------------- 1 | domain: spot.io 2 | layout: 3 | - go.kubebuilder.io/v3 4 | repo: github.com/spotinst/ocean-operator 5 | resources: 6 | - group: ocean 7 | kind: OceanComponent 8 | version: v1alpha1 9 | version: "3" 10 | -------------------------------------------------------------------------------- /pkg/installer/installers/installers.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package installers 4 | 5 | import ( 6 | _ "github.com/spotinst/ocean-operator/pkg/installer/installers/helm" 7 | ) 8 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_client_clusterrole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: metrics-reader 5 | rules: 6 | - nonResourceURLs: 7 | - "/metrics" 8 | verbs: 9 | - get 10 | -------------------------------------------------------------------------------- /pkg/log/null.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package log 4 | 5 | import ( 6 | "sigs.k8s.io/controller-runtime/pkg/log" 7 | ) 8 | 9 | // NullLogger is a logr.Logger that does nothing. 10 | var NullLogger = log.NullLogger{} 11 | -------------------------------------------------------------------------------- /.goreleaser.yaml: -------------------------------------------------------------------------------- 1 | builds: 2 | - skip: true 3 | 4 | changelog: 5 | sort: asc 6 | filters: 7 | exclude: 8 | - ^chore 9 | - ^ci 10 | - ^doc 11 | - ^test 12 | - Merge pull request 13 | - Merge branch 14 | 15 | release: 16 | draft: true 17 | -------------------------------------------------------------------------------- /internal/streams/types.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package streams 4 | 5 | import ( 6 | "k8s.io/cli-runtime/pkg/genericclioptions" 7 | ) 8 | 9 | // IOStreams provides the standard names for IOStreams. 10 | type IOStreams = genericclioptions.IOStreams 11 | -------------------------------------------------------------------------------- /config/samples/v1alpha1_oceancomponent_metricsserver.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ocean.spot.io/v1alpha1 2 | kind: OceanComponent 3 | metadata: 4 | name: metrics-server 5 | spec: 6 | type: Helm 7 | name: metrics-server 8 | url: https://charts.helm.sh/stable 9 | state: Present 10 | version: 2.8.8 11 | -------------------------------------------------------------------------------- /pkg/tide/components/v1alpha1_oceancomponent_metricsserver.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ocean.spot.io/v1alpha1 2 | kind: OceanComponent 3 | metadata: 4 | name: metrics-server 5 | spec: 6 | type: Helm 7 | name: metrics-server 8 | url: https://charts.helm.sh/stable 9 | state: Present 10 | version: 2.8.8 11 | -------------------------------------------------------------------------------- /config/manager/controller_manager_config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 2 | kind: ControllerManagerConfig 3 | health: 4 | healthProbeBindAddress: :8081 5 | metrics: 6 | bindAddress: 127.0.0.1:8080 7 | webhook: 8 | port: 9443 9 | leaderElection: 10 | leaderElect: true 11 | resourceName: 6c511c84.spot.io 12 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/enhancement-request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Enhancement request 3 | about: Suggest an enhancement to the `ocean-operator` 4 | labels: kind/feature 5 | --- 6 | 7 | 10 | 11 | **What would you like to be added?** 12 | 13 | **Why is this needed?** 14 | -------------------------------------------------------------------------------- /config/rbac/role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: manager-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: manager-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: controller-manager 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: proxy-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: proxy-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: controller-manager 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_oceancomponents.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | annotations: 6 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 7 | name: oceancomponents.ocean.spot.io 8 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | name: controller-manager-metrics-service 7 | namespace: system 8 | spec: 9 | ports: 10 | - name: https 11 | port: 8443 12 | targetPort: https 13 | selector: 14 | control-plane: controller-manager 15 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: leader-election-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: Role 8 | name: leader-election-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: controller-manager 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: proxy-role 5 | rules: 6 | - apiGroups: 7 | - authentication.k8s.io 8 | resources: 9 | - tokenreviews 10 | verbs: 11 | - create 12 | - apiGroups: 13 | - authorization.k8s.io 14 | resources: 15 | - subjectaccessreviews 16 | verbs: 17 | - create 18 | -------------------------------------------------------------------------------- /pkg/log/types.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package log 4 | 5 | import "github.com/go-logr/logr" 6 | 7 | // Level is a verbosity logging level for Info logs. 8 | // See also https://github.com/kubernetes/klog 9 | type Level int32 10 | 11 | // Logger describes the interface that must be implemented by all loggers. 12 | type Logger = logr.Logger 13 | -------------------------------------------------------------------------------- /config/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | resources: 5 | - manager.yaml 6 | 7 | generatorOptions: 8 | disableNameSuffixHash: true 9 | 10 | configMapGenerator: 11 | - files: 12 | - controller_manager_config.yaml 13 | name: manager-config 14 | 15 | images: 16 | - name: controller 17 | newName: spotinst/ocean-operator 18 | -------------------------------------------------------------------------------- /internal/cli/flags.go: -------------------------------------------------------------------------------- 1 | package cli 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/spf13/pflag" 7 | "github.com/spotinst/ocean-operator/pkg/log" 8 | ) 9 | 10 | // PrintFlags logs the flags in the flag set. 11 | func PrintFlags(flags *pflag.FlagSet, log log.Logger) { 12 | flags.VisitAll(func(flag *pflag.Flag) { 13 | log.V(4).Info(fmt.Sprintf("FLAG: --%s=%q", flag.Name, flag.Value)) 14 | }) 15 | } 16 | -------------------------------------------------------------------------------- /internal/cli/streams.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package cli 4 | 5 | import ( 6 | "os" 7 | 8 | "github.com/spotinst/ocean-operator/internal/streams" 9 | ) 10 | 11 | // NewStdIOStreams returns an IOStreams from os.Stdin, os.Stdout. 12 | func NewStdIOStreams() streams.IOStreams { 13 | return streams.IOStreams{ 14 | In: os.Stdin, 15 | Out: os.Stdout, 16 | ErrOut: os.Stderr, 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/support-request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Support request 3 | about: Support request or question relating to `ocean-operator` 4 | labels: kind/support 5 | --- 6 | 7 | 12 | -------------------------------------------------------------------------------- /config/samples/v1alpha1_oceancomponent_oceancontroller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ocean.spot.io/v1alpha1 2 | kind: OceanComponent 3 | metadata: 4 | name: ocean-controller 5 | spec: 6 | type: Helm 7 | name: spotinst-kubernetes-cluster-controller 8 | url: https://spotinst.github.io/spotinst-kubernetes-helm-charts 9 | state: Present 10 | version: 1.0.95 11 | values: | 12 | secret: 13 | enabled: true 14 | metrics-server: 15 | deployChart: false 16 | -------------------------------------------------------------------------------- /pkg/tide/components/v1alpha1_oceancomponent_oceancontroller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ocean.spot.io/v1alpha1 2 | kind: OceanComponent 3 | metadata: 4 | name: ocean-controller 5 | spec: 6 | type: Helm 7 | name: spotinst-kubernetes-cluster-controller 8 | url: https://spotinst.github.io/spotinst-kubernetes-helm-charts 9 | state: Present 10 | version: 1.0.95 11 | values: | 12 | secret: 13 | enabled: true 14 | metrics-server: 15 | deployChart: false 16 | -------------------------------------------------------------------------------- /config/rbac/oceancomponent_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view oceancomponents. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: oceancomponent-viewer-role 6 | rules: 7 | - apiGroups: 8 | - ocean.spot.io 9 | resources: 10 | - oceancomponents 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - ocean.spot.io 17 | resources: 18 | - oceancomponents/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /pkg/tide/values/components.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package values 4 | 5 | import ( 6 | "context" 7 | ) 8 | 9 | func ForOceanOperator(ctx context.Context, values string, builder Builder) (string, error) { 10 | return build(ctx, values, builder, new(valuesOceanOperator)) 11 | } 12 | 13 | func ForOceanController(ctx context.Context, values string, builder Builder) (string, error) { 14 | return build(ctx, values, builder, new(valuesOceanController)) 15 | } 16 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Binaries for programs and plugins 2 | *.exe 3 | *.exe~ 4 | *.dll 5 | *.so 6 | *.dylib 7 | bin 8 | testbin/* 9 | 10 | # Test binary, build with `go test -c` 11 | *.test 12 | 13 | # Output of the go coverage tool, specifically when used with LiteIDE 14 | *.out 15 | 16 | # Kubernetes Generated files - skip generated files, except for vendored files 17 | 18 | !vendor/**/zz_generated.* 19 | 20 | # editor and IDE paraphernalia 21 | .idea 22 | *.swp 23 | *.swo 24 | *~ 25 | 26 | # misc 27 | .envrc 28 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_oceancomponents.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables a conversion webhook for the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: oceancomponents.ocean.spot.io 6 | spec: 7 | conversion: 8 | strategy: Webhook 9 | webhook: 10 | clientConfig: 11 | service: 12 | namespace: system 13 | name: webhook-service 14 | path: /convert 15 | conversionReviewVersions: 16 | - v1 17 | -------------------------------------------------------------------------------- /config/rbac/oceancomponent_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit oceancomponents. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: oceancomponent-editor-role 6 | rules: 7 | - apiGroups: 8 | - ocean.spot.io 9 | resources: 10 | - oceancomponents 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - ocean.spot.io 21 | resources: 22 | - oceancomponents/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/default/manager_config_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: manager 11 | args: 12 | - "--config=controller_manager_config.yaml" 13 | volumeMounts: 14 | - name: manager-config 15 | mountPath: /controller_manager_config.yaml 16 | subPath: controller_manager_config.yaml 17 | volumes: 18 | - name: manager-config 19 | configMap: 20 | name: manager-config 21 | -------------------------------------------------------------------------------- /config/prometheus/monitor.yaml: -------------------------------------------------------------------------------- 1 | 2 | # Prometheus Monitor Service (Metrics) 3 | apiVersion: monitoring.coreos.com/v1 4 | kind: ServiceMonitor 5 | metadata: 6 | labels: 7 | control-plane: controller-manager 8 | name: controller-manager-metrics-monitor 9 | namespace: system 10 | spec: 11 | endpoints: 12 | - path: /metrics 13 | port: https 14 | scheme: https 15 | bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token 16 | tlsConfig: 17 | insecureSkipVerify: true 18 | selector: 19 | matchLabels: 20 | control-plane: controller-manager 21 | -------------------------------------------------------------------------------- /config/crd/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD 2 | nameReference: 3 | - kind: Service 4 | version: v1 5 | fieldSpecs: 6 | - kind: CustomResourceDefinition 7 | version: v1 8 | group: apiextensions.k8s.io 9 | path: spec/conversion/webhook/clientConfig/service/name 10 | 11 | namespace: 12 | - kind: CustomResourceDefinition 13 | version: v1 14 | group: apiextensions.k8s.io 15 | path: spec/conversion/webhook/clientConfig/service/namespace 16 | create: false 17 | 18 | varReference: 19 | - path: metadata/annotations 20 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions to do leader election. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: leader-election-role 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - configmaps 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - create 16 | - update 17 | - patch 18 | - delete 19 | - apiGroups: 20 | - coordination.k8s.io 21 | resources: 22 | - leases 23 | verbs: 24 | - get 25 | - list 26 | - watch 27 | - create 28 | - update 29 | - patch 30 | - delete 31 | - apiGroups: 32 | - "" 33 | resources: 34 | - events 35 | verbs: 36 | - create 37 | - patch 38 | -------------------------------------------------------------------------------- /internal/controller/request.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package controller 4 | 5 | import ( 6 | uuid "github.com/satori/go.uuid" 7 | "github.com/spotinst/ocean-operator/pkg/log" 8 | ctrl "sigs.k8s.io/controller-runtime" 9 | ) 10 | 11 | // NewRequestId returns random generated UUID. 12 | func NewRequestId() string { 13 | return uuid.NewV4().String() 14 | } 15 | 16 | // NewRequestLog returns a new log.Logger with reconcile.Request's metadata. 17 | func NewRequestLog(log log.Logger, req ctrl.Request, reqID string) log.Logger { 18 | return log.WithValues( 19 | "request", reqID, 20 | "namespace", req.Namespace, 21 | "name", req.Name) 22 | } 23 | -------------------------------------------------------------------------------- /.github/workflows/release.yaml: -------------------------------------------------------------------------------- 1 | name: Release 2 | 3 | on: 4 | push: 5 | tags: 6 | - v* 7 | 8 | jobs: 9 | goreleaser: 10 | runs-on: ubuntu-latest 11 | steps: 12 | - name: Checkout 13 | uses: actions/checkout@v2 14 | with: 15 | fetch-depth: 0 # required for the changelog to work correctly 16 | 17 | - name: Set up Go 18 | uses: actions/setup-go@v2 19 | with: 20 | go-version: ^1.16 21 | 22 | - name: Run GoReleaser 23 | uses: goreleaser/goreleaser-action@v2 24 | with: 25 | version: latest 26 | args: release --rm-dist 27 | env: 28 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 29 | -------------------------------------------------------------------------------- /internal/cli/logger.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package cli 4 | 5 | import ( 6 | "flag" 7 | 8 | "github.com/spotinst/ocean-operator/pkg/log" 9 | "go.uber.org/zap" 10 | ctrlzap "sigs.k8s.io/controller-runtime/pkg/log/zap" 11 | ) 12 | 13 | // zapLoggerOptions contains default configuration for the Zap logger. 14 | var zapLoggerOptions = new(ctrlzap.Options) 15 | 16 | func init() { 17 | zapLoggerOptions.BindFlags(flag.CommandLine) 18 | } 19 | 20 | func NewZapLogger() log.Logger { 21 | if zapLoggerOptions.Development { 22 | zapLoggerOptions.ZapOpts = append( 23 | zapLoggerOptions.ZapOpts, zap.AddCaller()) 24 | } 25 | return ctrlzap.New(ctrlzap.UseFlagOptions(zapLoggerOptions)) 26 | } 27 | -------------------------------------------------------------------------------- /pkg/log/helpers.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package log 4 | 5 | import ( 6 | "io" 7 | ) 8 | 9 | // MaybeSetWriter will call log.SetWriter(w) if logger has a SetWriter method. 10 | func MaybeSetWriter(log Logger, w io.Writer) { 11 | type writerSetter interface { 12 | SetWriter(io.Writer) 13 | } 14 | v, ok := log.(writerSetter) 15 | if ok { 16 | v.SetWriter(w) 17 | } 18 | } 19 | 20 | // MaybeSetVerbosity will call log.SetVerbosity(verbosity) if logger has 21 | // a SetVerbosity method. 22 | func MaybeSetVerbosity(log Logger, verbosity Level) { 23 | type verbositySetter interface { 24 | SetVerbosity(Level) 25 | } 26 | v, ok := log.(verbositySetter) 27 | if ok { 28 | v.SetVerbosity(verbosity) 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /.github/stale.yaml: -------------------------------------------------------------------------------- 1 | # Number of days of inactivity before an issue becomes stale 2 | daysUntilStale: 180 3 | # Number of days of inactivity before a stale issue is closed 4 | daysUntilClose: 30 5 | # Issues with these labels will never be considered stale 6 | exemptLabels: 7 | - pinned 8 | - security 9 | # Label to use when marking an issue as stale 10 | staleLabel: lifecycle/stale 11 | # Comment to post when marking an issue as stale. Set to `false` to disable 12 | markComment: > 13 | This issue has been automatically marked as stale because it has not had 14 | recent activity. It will be closed if no further activity occurs. Thank you 15 | for your contributions. 16 | # Comment to post when closing a stale issue. Set to `false` to disable 17 | closeComment: false 18 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/spotinst/ocean-operator 2 | 3 | go 1.16 4 | 5 | require ( 6 | github.com/go-logr/logr v1.2.0 7 | github.com/google/go-cmp v0.5.6 8 | github.com/hashicorp/go-version v1.3.0 9 | github.com/mitchellh/mapstructure v1.4.2 10 | github.com/satori/go.uuid v1.2.0 11 | github.com/spf13/cobra v1.2.1 12 | github.com/spf13/pflag v1.0.5 13 | github.com/spotinst/spotinst-sdk-go v1.105.0 14 | github.com/stretchr/testify v1.7.0 15 | go.uber.org/zap v1.19.1 16 | gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b 17 | helm.sh/helm/v3 v3.7.1 18 | k8s.io/api v0.22.4 19 | k8s.io/apiextensions-apiserver v0.22.4 20 | k8s.io/apimachinery v0.22.4 21 | k8s.io/cli-runtime v0.22.4 22 | k8s.io/client-go v0.22.4 23 | sigs.k8s.io/controller-runtime v0.10.3 24 | ) 25 | -------------------------------------------------------------------------------- /internal/cmd/ocean-tide/version/version.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package version 4 | 5 | import ( 6 | "fmt" 7 | 8 | "github.com/spf13/cobra" 9 | "github.com/spotinst/ocean-operator/internal/cli" 10 | "github.com/spotinst/ocean-operator/internal/version" 11 | ) 12 | 13 | // NewCommand returns a new cobra.Command for version. 14 | func NewCommand(commonOptions *cli.CommonOptions) *cobra.Command { 15 | return &cobra.Command{ 16 | Args: cobra.NoArgs, 17 | Use: "version", 18 | Short: "Print the version information", 19 | Long: "Print the version information", 20 | RunE: func(cmd *cobra.Command, args []string) error { 21 | fmt.Fprintln(commonOptions.IOStreams.Out, version.String()) 22 | return nil 23 | }, 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /internal/cmd/ocean-operator/version/version.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package version 4 | 5 | import ( 6 | "fmt" 7 | 8 | "github.com/spf13/cobra" 9 | "github.com/spotinst/ocean-operator/internal/cli" 10 | "github.com/spotinst/ocean-operator/internal/version" 11 | ) 12 | 13 | // NewCommand returns a new cobra.Command for version. 14 | func NewCommand(commonOptions *cli.CommonOptions) *cobra.Command { 15 | return &cobra.Command{ 16 | Args: cobra.NoArgs, 17 | Use: "version", 18 | Short: "Print the version information", 19 | Long: "Print the version information", 20 | RunE: func(cmd *cobra.Command, args []string) error { 21 | fmt.Fprintln(commonOptions.IOStreams.Out, version.String()) 22 | return nil 23 | }, 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug-report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Report a bug encountered while operating `ocean-operator` 4 | labels: kind/bug 5 | --- 6 | 7 | 12 | 13 | **What happened**: 14 | 15 | **What you expected to happen**: 16 | 17 | **How to reproduce it (as minimally and precisely as possible):** 18 | 19 | **Anything else we need to know:** 20 | 21 | **Environment:** 22 | 23 | - Operator version: 24 | - Cluster version: 25 | - OS: 26 | - Kernel: 27 | - Others: 28 | -------------------------------------------------------------------------------- /api/v1alpha1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | // Package v1alpha1 contains API Schema definitions for the ocean v1alpha1 API group 4 | //+kubebuilder:object:generate=true 5 | //+groupName=ocean.spot.io 6 | package v1alpha1 7 | 8 | import ( 9 | "k8s.io/apimachinery/pkg/runtime/schema" 10 | "sigs.k8s.io/controller-runtime/pkg/scheme" 11 | ) 12 | 13 | var ( 14 | // GroupVersion is group version used to register these objects 15 | GroupVersion = schema.GroupVersion{Group: "ocean.spot.io", Version: "v1alpha1"} 16 | 17 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme 18 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 19 | 20 | // AddToScheme adds the types in this group-version to the given scheme. 21 | AddToScheme = SchemeBuilder.AddToScheme 22 | ) 23 | -------------------------------------------------------------------------------- /internal/controller/requeue.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package controller 4 | 5 | import ( 6 | "time" 7 | 8 | ctrl "sigs.k8s.io/controller-runtime" 9 | ) 10 | 11 | func Requeue(requeue bool) (ctrl.Result, error) { 12 | return ctrl.Result{Requeue: requeue}, nil 13 | } 14 | 15 | func RequeueError(err error) (ctrl.Result, error) { 16 | return ctrl.Result{}, err 17 | } 18 | 19 | func RequeueAfterError(interval time.Duration, err error) (ctrl.Result, error) { 20 | return ctrl.Result{RequeueAfter: interval}, err 21 | } 22 | 23 | func RequeueAfter(interval time.Duration) (ctrl.Result, error) { 24 | return RequeueAfterError(interval, nil) 25 | } 26 | 27 | func RequeueImmediately() (ctrl.Result, error) { 28 | return Requeue(true) 29 | } 30 | 31 | func NoRequeue() (ctrl.Result, error) { 32 | return RequeueError(nil) 33 | } 34 | -------------------------------------------------------------------------------- /config/rbac/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | resources: 5 | # All RBAC will be applied under this service account in 6 | # the deployment namespace. You may comment out this resource 7 | # if your manager will use a service account that exists at 8 | # runtime. Be sure to update RoleBinding and ClusterRoleBinding 9 | # subjects if changing service account names. 10 | - service_account.yaml 11 | - role.yaml 12 | - role_binding.yaml 13 | - leader_election_role.yaml 14 | - leader_election_role_binding.yaml 15 | # Comment the following 4 lines if you want to disable 16 | # the auth proxy (https://github.com/brancz/kube-rbac-proxy) 17 | # which protects your /metrics endpoint. 18 | - auth_proxy_service.yaml 19 | - auth_proxy_role.yaml 20 | - auth_proxy_role_binding.yaml 21 | - auth_proxy_client_clusterrole.yaml 22 | -------------------------------------------------------------------------------- /config/default/manager_auth_proxy_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch inject a sidecar container which is a HTTP proxy for the 2 | # controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. 3 | apiVersion: apps/v1 4 | kind: Deployment 5 | metadata: 6 | name: controller-manager 7 | namespace: system 8 | spec: 9 | template: 10 | spec: 11 | containers: 12 | - name: kube-rbac-proxy 13 | image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 14 | args: 15 | - "--secure-listen-address=0.0.0.0:8443" 16 | - "--upstream=http://127.0.0.1:8080/" 17 | - "--logtostderr=true" 18 | - "--v=10" 19 | ports: 20 | - containerPort: 8443 21 | name: https 22 | - name: manager 23 | args: 24 | - "--health-probe-bind-address=:8081" 25 | - "--metrics-bind-address=127.0.0.1:8080" 26 | - "--leader-elect" 27 | -------------------------------------------------------------------------------- /config/rbac/role.yaml: -------------------------------------------------------------------------------- 1 | 2 | --- 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | kind: ClusterRole 5 | metadata: 6 | creationTimestamp: null 7 | name: manager-role 8 | rules: 9 | - apiGroups: 10 | - "" 11 | resources: 12 | - namespaces 13 | verbs: 14 | - create 15 | - get 16 | - list 17 | - watch 18 | - apiGroups: 19 | - apps 20 | resources: 21 | - deployments 22 | verbs: 23 | - create 24 | - get 25 | - list 26 | - patch 27 | - uninstall 28 | - update 29 | - watch 30 | - apiGroups: 31 | - ocean.spot.io 32 | resources: 33 | - components 34 | verbs: 35 | - create 36 | - get 37 | - list 38 | - patch 39 | - uninstall 40 | - update 41 | - watch 42 | - apiGroups: 43 | - ocean.spot.io 44 | resources: 45 | - components/finalizers 46 | verbs: 47 | - update 48 | - apiGroups: 49 | - ocean.spot.io 50 | resources: 51 | - components/status 52 | verbs: 53 | - get 54 | - patch 55 | - update 56 | -------------------------------------------------------------------------------- /cmd/ocean-tide/main.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package main 4 | 5 | import ( 6 | "fmt" 7 | "os" 8 | 9 | "github.com/spotinst/ocean-operator/internal/cli" 10 | tide "github.com/spotinst/ocean-operator/internal/cmd/ocean-tide" 11 | "github.com/spotinst/ocean-operator/internal/streams" 12 | "github.com/spotinst/ocean-operator/pkg/log" 13 | ) 14 | 15 | func main() { 16 | Main() 17 | } 18 | 19 | // Main is the actual main(), it invokes Run and exits if an error occurs. 20 | func Main() { 21 | if err := Run(cli.NewStdIOStreams(), cli.NewZapLogger(), os.Args[1:]); err != nil { 22 | fmt.Fprintf(os.Stderr, "exited with error: %v\n", err) 23 | os.Exit(1) 24 | } 25 | } 26 | 27 | // Run invokes the root command and returns an error in case of failure. 28 | func Run(streams streams.IOStreams, log log.Logger, args []string) error { 29 | cmd := tide.NewCommand(streams, log) 30 | cmd.SetArgs(args) 31 | return cmd.Execute() 32 | } 33 | -------------------------------------------------------------------------------- /.github/CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | We love your input! We want to make contributing to this project as easy and transparent as possible, whether it's: 4 | 5 | - Reporting a bug. 6 | - Discussing the current state of the code. 7 | - Submitting a fix. 8 | - Proposing new features. 9 | - Becoming a maintainer. 10 | 11 | ## We Develop with GitHub 12 | 13 | We use GitHub to host code, to track issues and feature requests, as well as accept pull requests. 14 | 15 | ## Contribution Workflow 16 | 17 | Pull requests are the best way to propose changes to the codebase. We actively welcome your pull requests: 18 | 19 | 1. Fork the repo and create your branch from `main`. 20 | 2. If you've added code that should be tested, add tests. 21 | 3. Ensure the test suite passes. 22 | 4. Make sure your code lints. 23 | 5. Issue a pull request. 24 | 25 | ## License 26 | 27 | By contributing, you agree that your contributions will be licensed under the [Apache License 2.0](../LICENSE). 28 | -------------------------------------------------------------------------------- /cmd/ocean-operator/main.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package main 4 | 5 | import ( 6 | "fmt" 7 | "os" 8 | 9 | "github.com/spotinst/ocean-operator/internal/cli" 10 | operator "github.com/spotinst/ocean-operator/internal/cmd/ocean-operator" 11 | "github.com/spotinst/ocean-operator/internal/streams" 12 | "github.com/spotinst/ocean-operator/pkg/log" 13 | ) 14 | 15 | func main() { 16 | Main() 17 | } 18 | 19 | // Main is the actual main(), it invokes Run and exits if an error occurs. 20 | func Main() { 21 | if err := Run(cli.NewStdIOStreams(), cli.NewZapLogger(), os.Args[1:]); err != nil { 22 | fmt.Fprintf(os.Stderr, "exited with error: %v\n", err) 23 | os.Exit(1) 24 | } 25 | } 26 | 27 | // Run invokes the root command and returns an error in case of failure. 28 | func Run(streams streams.IOStreams, log log.Logger, args []string) error { 29 | cmd := operator.NewCommand(streams, log) 30 | cmd.SetArgs(args) 31 | return cmd.Execute() 32 | } 33 | -------------------------------------------------------------------------------- /pkg/tide/rbac/rbac_test.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package rbac 4 | 5 | import ( 6 | "testing" 7 | 8 | "github.com/stretchr/testify/assert" 9 | ) 10 | 11 | func TestGetRBACManifests(t *testing.T) { 12 | var expectedServiceAccount = `apiVersion: v1 13 | kind: ServiceAccount 14 | metadata: 15 | name: tide 16 | namespace: my-namespace 17 | ` 18 | 19 | var expectedRoleBinding = `apiVersion: rbac.authorization.k8s.io/v1 20 | kind: ClusterRoleBinding 21 | metadata: 22 | name: tide-helmadmin 23 | roleRef: 24 | apiGroup: rbac.authorization.k8s.io 25 | kind: ClusterRole 26 | name: cluster-admin 27 | subjects: 28 | - kind: ServiceAccount 29 | name: tide 30 | namespace: my-namespace 31 | ` 32 | 33 | t.Run("whenSuccessful", func(tt *testing.T) { 34 | res, err := GetRBACManifests("my-namespace") 35 | assert.NoError(tt, err) 36 | 37 | assert.Equal(tt, expectedServiceAccount, res.ServiceAccount) 38 | assert.Equal(tt, expectedRoleBinding, res.ClusterRoleBinding) 39 | }) 40 | } 41 | -------------------------------------------------------------------------------- /config/crd/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | # This kustomization.yaml is not intended to be run by itself, 5 | # since it depends on service name and namespace that are out of this kustomize package. 6 | # It should be run by config/default 7 | resources: 8 | - bases/ocean.spot.io_oceancomponents.yaml 9 | #+kubebuilder:scaffold:crdkustomizeresource 10 | 11 | patchesStrategicMerge: 12 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. 13 | # patches here are for enabling the conversion webhook for each CRD 14 | #- patches/webhook_in_oceancomponents.yaml 15 | #+kubebuilder:scaffold:crdkustomizewebhookpatch 16 | 17 | # [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. 18 | # patches here are for enabling the CA injection for each CRD 19 | #- patches/cainjection_in_oceancomponents.yaml 20 | #+kubebuilder:scaffold:crdkustomizecainjectionpatch 21 | 22 | # the following config is for teaching kustomize how to do kustomization for CRDs. 23 | configurations: 24 | - kustomizeconfig.yaml 25 | -------------------------------------------------------------------------------- /internal/cli/options.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package cli 4 | 5 | import ( 6 | "github.com/spotinst/ocean-operator/internal/streams" 7 | "github.com/spotinst/ocean-operator/pkg/log" 8 | ) 9 | 10 | // CommonOptions contains common options. 11 | type CommonOptions struct { 12 | // In, Out, and Err represent the respective data streams that the command 13 | // may act upon. They are attached directly to any sub-process of the executed 14 | // command. 15 | IOStreams streams.IOStreams 16 | 17 | // Log represents the common internal logger implementation. 18 | Log log.Logger 19 | } 20 | 21 | // NewCommonOptions returns a new CommonOptions object. 22 | func NewCommonOptions(streams streams.IOStreams, log log.Logger) *CommonOptions { 23 | return &CommonOptions{ 24 | IOStreams: streams, 25 | Log: log, 26 | } 27 | } 28 | 29 | // SetIOStreams sets the IOStreams. 30 | func (o *CommonOptions) SetIOStreams(streams streams.IOStreams) { 31 | o.IOStreams = streams 32 | } 33 | 34 | // SetLog sets the Log. 35 | func (o *CommonOptions) SetLog(log log.Logger) { 36 | o.Log = log 37 | } 38 | -------------------------------------------------------------------------------- /pkg/config/provider_env.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package config 4 | 5 | import ( 6 | "context" 7 | "os" 8 | ) 9 | 10 | const ( 11 | // EnvClusterIdentifier specifies the name of the environment variable points 12 | // to cluster identifier. 13 | EnvClusterIdentifier = "SPOTINST_CLUSTER_IDENTIFIER" 14 | // EnvACDIdentifier specifies the name of the environment variable points 15 | // to ACDIdentifier identifier. 16 | EnvACDIdentifier = "SPOTINST_ACD_IDENTIFIER" 17 | ) 18 | 19 | // EnvProvider retrieves configuration from the environment variables of the process. 20 | type EnvProvider struct{} 21 | 22 | // NewEnvProvider returns a new EnvProvider. 23 | func NewEnvProvider() *EnvProvider { 24 | return new(EnvProvider) 25 | } 26 | 27 | // Retrieve retrieves and returns the configuration, or error in case of failure. 28 | func (x *EnvProvider) Retrieve(ctx context.Context) (*Value, error) { 29 | return &Value{ 30 | ClusterIdentifier: os.Getenv(EnvClusterIdentifier), 31 | ACDIdentifier: os.Getenv(EnvACDIdentifier), 32 | }, nil 33 | } 34 | 35 | // String returns the string representation of the Env provider. 36 | func (x *EnvProvider) String() string { 37 | return "EnvProvider" 38 | } 39 | -------------------------------------------------------------------------------- /internal/version/version.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package version 4 | 5 | import ( 6 | _ "embed" 7 | "strings" 8 | 9 | "github.com/hashicorp/go-version" 10 | ) 11 | 12 | var ( 13 | // Version is an instance of version.Version used to verify that the full 14 | // version complies with the Semantic Versioning specification (https://semver.org). 15 | // 16 | // Populated at runtime. 17 | // Read-only. 18 | Version *version.Version 19 | 20 | // _version represents the full version that must comply with the Semantic 21 | // Versioning specification (https://semver.org). 22 | // 23 | // Populated at build-time. 24 | // Read-only. 25 | //go:embed VERSION 26 | _version string 27 | ) 28 | 29 | func init() { 30 | // Parse and verify the given version. 31 | Version = version.Must(version.NewSemver(strings.TrimSpace(_version))) 32 | } 33 | 34 | // Prerelease is an alias of version.Prerelease. 35 | func Prerelease() string { 36 | return Version.Prerelease() 37 | } 38 | 39 | // Metadata is an alias of version.Metadata. 40 | func Metadata() string { 41 | return Version.Metadata() 42 | } 43 | 44 | // String is an alias of version.String. 45 | func String() string { 46 | return Version.String() 47 | } 48 | -------------------------------------------------------------------------------- /internal/controller/finalizer.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package controller 4 | 5 | import ( 6 | "sigs.k8s.io/controller-runtime/pkg/client" 7 | "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" 8 | ) 9 | 10 | // IsBeingDeleted returns whether this object has been requested to be deleted. 11 | func IsBeingDeleted(obj client.Object) bool { 12 | return !obj.GetDeletionTimestamp().IsZero() 13 | } 14 | 15 | // HasFinalizer returns true if the given object has the given finalizer. 16 | func HasFinalizer(o client.Object, finalizer string) bool { 17 | finalizers := o.GetFinalizers() 18 | for _, f := range finalizers { 19 | if f == finalizer { 20 | return true 21 | } 22 | } 23 | return false 24 | } 25 | 26 | // AddFinalizer adds the given finalizer to the given object. 27 | func AddFinalizer(obj client.Object, finalizer string) bool { 28 | finalizers := obj.GetFinalizers() 29 | controllerutil.AddFinalizer(obj, finalizer) 30 | return len(finalizers) < len(obj.GetFinalizers()) 31 | } 32 | 33 | // RemoveFinalizer removes the given finalizer from the given object. 34 | func RemoveFinalizer(obj client.Object, finalizer string) bool { 35 | finalizers := obj.GetFinalizers() 36 | controllerutil.RemoveFinalizer(obj, finalizer) 37 | return len(finalizers) > len(obj.GetFinalizers()) 38 | } 39 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1.3 2 | 3 | # 4 | # 5 | # Images. 6 | ARG BASE_BUILDER=golang:1.16 7 | ARG BASE_RUNTIME=gcr.io/distroless/static:nonroot 8 | 9 | # 10 | # 11 | # Builder. 12 | FROM ${BASE_BUILDER} AS builder 13 | 14 | # Set the working directory. 15 | WORKDIR /src 16 | 17 | # Copy the go.* files and download the modules before copying the rest of the 18 | # source. This allows BuildKit to cache the modules as it will only rerun these 19 | # steps if the go.* files change. 20 | COPY go.* ./ 21 | RUN go mod download 22 | 23 | # Linker flags. 24 | ARG GO_LDFLAGS 25 | 26 | # Copy source. 27 | COPY . ./ 28 | 29 | # Allow the build container to cache the Go's compiler cache directory. 30 | # Ref: https://docs.docker.com/develop/develop-images/build_enhancements/ 31 | # Ref: https://github.com/moby/buildkit/blob/master/frontend/dockerfile/docs/experimental.md 32 | RUN --mount=type=cache,target=/root/.cache/go-build \ 33 | CGO_ENABLED=0 go build -trimpath -ldflags="${GO_LDFLAGS}" \ 34 | -o ocean-operator cmd/ocean-operator/main.go 35 | 36 | ## 37 | ## 38 | ## Runtime. 39 | FROM ${BASE_RUNTIME} AS runtime 40 | 41 | # Copy from builder. 42 | COPY --from=builder /src/ocean-operator /opt/ocean/bin/ 43 | COPY --from=builder /src/LICENSE /opt/ocean/ 44 | 45 | # Set user. 46 | USER nonroot:nonroot 47 | 48 | # Configure the image to run as an executable. 49 | ENTRYPOINT ["/opt/ocean/bin/ocean-operator"] 50 | -------------------------------------------------------------------------------- /internal/cmd/ocean-operator/root.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package operator 4 | 5 | import ( 6 | "flag" 7 | 8 | "github.com/spf13/cobra" 9 | "github.com/spotinst/ocean-operator/internal/cli" 10 | "github.com/spotinst/ocean-operator/internal/cmd/ocean-operator/manager" 11 | "github.com/spotinst/ocean-operator/internal/cmd/ocean-operator/version" 12 | "github.com/spotinst/ocean-operator/internal/streams" 13 | "github.com/spotinst/ocean-operator/pkg/log" 14 | ) 15 | 16 | func NewCommand(streams streams.IOStreams, log log.Logger) *cobra.Command { 17 | // Initialize common options. 18 | options := cli.NewCommonOptions(streams, log) 19 | 20 | // Root command. 21 | cmd := &cobra.Command{ 22 | Use: "ocean-operator", 23 | Short: `Ocean Operator manager`, 24 | SilenceUsage: true, 25 | CompletionOptions: cobra.CompletionOptions{ 26 | DisableDefaultCmd: true, 27 | }, 28 | PersistentPreRun: func(cmd *cobra.Command, args []string) { 29 | options.SetLog(cli.NewZapLogger()) 30 | }, 31 | } 32 | 33 | // Sub-commands. 34 | cmd.AddCommand(version.NewCommand(options)) 35 | cmd.AddCommand(manager.NewCommand(options)) 36 | 37 | // IO streams. 38 | cmd.SetIn(streams.In) 39 | cmd.SetOut(streams.Out) 40 | cmd.SetErr(streams.ErrOut) 41 | 42 | // Add flags registered by imported packages (e.g. klog and controller-runtime). 43 | cmd.PersistentFlags().AddGoFlagSet(flag.CommandLine) 44 | 45 | return cmd 46 | } 47 | -------------------------------------------------------------------------------- /pkg/credentials/provider.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package credentials 4 | 5 | import ( 6 | "context" 7 | "fmt" 8 | ) 9 | 10 | // Provider defines the interface for any component which will provide credentials. 11 | // The Provider should not need to implement its own mutexes, because that will 12 | // be managed by config. 13 | type Provider interface { 14 | fmt.Stringer 15 | 16 | // Retrieve retrieves and returns the credentials, or error in case of failure. 17 | Retrieve(ctx context.Context) (*Value, error) 18 | } 19 | 20 | // Value represents the operator credentials. 21 | type Value struct { 22 | // Token represents the token that should be used by the Ocean Controller. 23 | Token string `json:"token" yaml:"token"` 24 | // Account represents the account that should be used by the Ocean Controller. 25 | Account string `json:"account" yaml:"account"` 26 | } 27 | 28 | // IsEmpty if all fields of a Value are empty. 29 | func (v *Value) IsEmpty() bool { return v == nil || (v.Token == "" && v.Account == "") } 30 | 31 | // IsComplete if all fields of a Value are set. 32 | func (v *Value) IsComplete() bool { return v != nil && v.Token != "" && v.Account != "" } 33 | 34 | // Merge merges the passed in Value into the existing Value object. 35 | func (v *Value) Merge(v2 *Value) *Value { 36 | if v != nil && v2 != nil { 37 | if v.Token == "" { 38 | v.Token = v2.Token 39 | } 40 | if v.Account == "" { 41 | v.Account = v2.Account 42 | } 43 | } 44 | return v 45 | } 46 | -------------------------------------------------------------------------------- /config/manager/manager.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | name: system 7 | --- 8 | apiVersion: apps/v1 9 | kind: Deployment 10 | metadata: 11 | name: controller-manager 12 | namespace: system 13 | labels: 14 | control-plane: controller-manager 15 | spec: 16 | selector: 17 | matchLabels: 18 | control-plane: controller-manager 19 | replicas: 1 20 | template: 21 | metadata: 22 | labels: 23 | control-plane: controller-manager 24 | spec: 25 | securityContext: 26 | runAsNonRoot: true 27 | containers: 28 | - command: 29 | - /opt/ocean/bin/ocean-operator 30 | args: 31 | - manager 32 | - --leader-elect 33 | image: controller:latest 34 | name: manager 35 | securityContext: 36 | allowPrivilegeEscalation: false 37 | livenessProbe: 38 | httpGet: 39 | path: /healthz 40 | port: 8081 41 | initialDelaySeconds: 15 42 | periodSeconds: 20 43 | readinessProbe: 44 | httpGet: 45 | path: /readyz 46 | port: 8081 47 | initialDelaySeconds: 5 48 | periodSeconds: 10 49 | resources: 50 | limits: 51 | cpu: 100m 52 | memory: 30Mi 53 | requests: 54 | cpu: 100m 55 | memory: 20Mi 56 | serviceAccountName: controller-manager 57 | terminationGracePeriodSeconds: 10 58 | -------------------------------------------------------------------------------- /internal/cmd/ocean-tide/root.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package tide 4 | 5 | import ( 6 | "flag" 7 | 8 | "github.com/spf13/cobra" 9 | "github.com/spotinst/ocean-operator/internal/cli" 10 | "github.com/spotinst/ocean-operator/internal/cmd/ocean-tide/install" 11 | "github.com/spotinst/ocean-operator/internal/cmd/ocean-tide/uninstall" 12 | "github.com/spotinst/ocean-operator/internal/cmd/ocean-tide/version" 13 | "github.com/spotinst/ocean-operator/internal/streams" 14 | "github.com/spotinst/ocean-operator/pkg/log" 15 | ) 16 | 17 | func NewCommand(streams streams.IOStreams, log log.Logger) *cobra.Command { 18 | // Initialize common options. 19 | options := cli.NewCommonOptions(streams, log) 20 | 21 | // Root command. 22 | cmd := &cobra.Command{ 23 | Use: "ocean-tide", 24 | Short: `Ocean Operator installer`, 25 | SilenceUsage: true, 26 | CompletionOptions: cobra.CompletionOptions{ 27 | DisableDefaultCmd: true, 28 | }, 29 | PersistentPreRun: func(cmd *cobra.Command, args []string) { 30 | options.SetLog(cli.NewZapLogger()) 31 | }, 32 | } 33 | 34 | // Sub-commands. 35 | cmd.AddCommand(version.NewCommand(options)) 36 | cmd.AddCommand(install.NewCommand(options)) 37 | cmd.AddCommand(uninstall.NewCommand(options)) 38 | 39 | // IO streams. 40 | cmd.SetIn(streams.In) 41 | cmd.SetOut(streams.Out) 42 | cmd.SetErr(streams.ErrOut) 43 | 44 | // Add flags registered by imported packages (e.g. klog and controller-runtime). 45 | cmd.PersistentFlags().AddGoFlagSet(flag.CommandLine) 46 | 47 | return cmd 48 | } 49 | -------------------------------------------------------------------------------- /internal/cli/pprof.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package cli 4 | 5 | import ( 6 | "fmt" 7 | "os" 8 | "runtime" 9 | "runtime/pprof" 10 | ) 11 | 12 | // StartProfiling initializes profiling for the current process. 13 | func StartProfiling(profile, output string) error { 14 | switch profile { 15 | case "none": 16 | return nil 17 | case "cpu": 18 | f, err := os.Create(output) 19 | if err != nil { 20 | return err 21 | } 22 | return pprof.StartCPUProfile(f) 23 | // Block and mutex profiles need a call to Set{Block,Mutex}ProfileRate to 24 | // output anything. We choose to sample all events. 25 | case "block": 26 | runtime.SetBlockProfileRate(1) 27 | return nil 28 | case "mutex": 29 | runtime.SetMutexProfileFraction(1) 30 | return nil 31 | default: 32 | if profile != "" { 33 | // Check the profile name is valid. 34 | if prof := pprof.Lookup(profile); prof == nil { 35 | return fmt.Errorf("unknown profile %q", profile) 36 | } 37 | } 38 | } 39 | return nil 40 | } 41 | 42 | // StopProfiling stops the profiler. 43 | func StopProfiling(profile, output string) error { 44 | switch profile { 45 | case "none": 46 | return nil 47 | case "cpu": 48 | pprof.StopCPUProfile() 49 | case "heap": 50 | runtime.GC() 51 | fallthrough 52 | default: 53 | if profile != "" { 54 | prof := pprof.Lookup(profile) 55 | if prof == nil { 56 | return nil 57 | } 58 | f, err := os.Create(output) 59 | if err != nil { 60 | return err 61 | } 62 | _ = prof.WriteTo(f, 0) 63 | } 64 | } 65 | return nil 66 | } 67 | -------------------------------------------------------------------------------- /pkg/config/provider.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package config 4 | 5 | import ( 6 | "context" 7 | "fmt" 8 | ) 9 | 10 | // Provider defines the interface for any component which will provide configuration. 11 | // The Provider should not need to implement its own mutexes, because that will 12 | // be managed by Config. 13 | type Provider interface { 14 | fmt.Stringer 15 | 16 | // Retrieve retrieves and returns the configuration, or error in case of failure. 17 | Retrieve(ctx context.Context) (*Value, error) 18 | } 19 | 20 | // Value represents the operator configuration. 21 | type Value struct { 22 | // ClusterIdentifier represents the cluster identifier that should be used by the Ocean Controller. 23 | ClusterIdentifier string `json:"clusterIdentifier" yaml:"clusterIdentifier"` 24 | // ACDIdentifier represents the ACDIdentifier identifier that should be used by the Ocean AKS Connector. 25 | ACDIdentifier string `json:"acdIdentifier" yaml:"acdIdentifier"` 26 | } 27 | 28 | // IsEmpty if all fields of a Value are empty. 29 | func (v *Value) IsEmpty() bool { return v == nil || v.ClusterIdentifier == "" } 30 | 31 | // IsComplete if all fields of a Value are set. 32 | func (v *Value) IsComplete() bool { return v != nil && v.ClusterIdentifier != "" } 33 | 34 | // Merge merges the passed in Value into the existing Value object. 35 | func (v *Value) Merge(v2 *Value) *Value { 36 | if v != nil && v2 != nil { 37 | if v.ClusterIdentifier == "" { 38 | v.ClusterIdentifier = v2.ClusterIdentifier 39 | } 40 | if v.ACDIdentifier == "" { 41 | v.ACDIdentifier = v2.ACDIdentifier 42 | } 43 | } 44 | return v 45 | } 46 | -------------------------------------------------------------------------------- /pkg/credentials/provider_env.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package credentials 4 | 5 | import ( 6 | "context" 7 | "fmt" 8 | "os" 9 | 10 | "github.com/spotinst/spotinst-sdk-go/spotinst/credentials" 11 | ) 12 | 13 | const ( 14 | // EnvCredentialsToken specifies the name of the environment variable points 15 | // to the Spotinst Token. 16 | EnvCredentialsToken = credentials.EnvCredentialsVarToken 17 | 18 | // EnvCredentialsAccount specifies the name of the environment variable points 19 | // to the Spotinst account ID. 20 | EnvCredentialsAccount = credentials.EnvCredentialsVarAccount 21 | ) 22 | 23 | // ErrEnvCredentialsNotFound is returned when no credentials can be found in the 24 | // process's environment. 25 | var ErrEnvCredentialsNotFound = fmt.Errorf("credentials: %s and %s not found "+ 26 | "in environment", EnvCredentialsToken, EnvCredentialsAccount) 27 | 28 | // EnvProvider retrieves credentials from the environment variables of the process. 29 | type EnvProvider struct{} 30 | 31 | // NewEnvProvider returns a new EnvProvider. 32 | func NewEnvProvider() *EnvProvider { 33 | return new(EnvProvider) 34 | } 35 | 36 | // Retrieve retrieves and returns the credentials, or error in case of failure. 37 | func (x *EnvProvider) Retrieve(ctx context.Context) (*Value, error) { 38 | value := &Value{ 39 | Token: os.Getenv(EnvCredentialsToken), 40 | Account: os.Getenv(EnvCredentialsAccount), 41 | } 42 | 43 | if value.IsEmpty() { 44 | return value, ErrEnvCredentialsNotFound 45 | } 46 | 47 | return value, nil 48 | } 49 | 50 | // String returns the string representation of the Env provider. 51 | func (x *EnvProvider) String() string { 52 | return "EnvProvider" 53 | } 54 | -------------------------------------------------------------------------------- /pkg/config/config.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package config 4 | 5 | import ( 6 | "context" 7 | "sync" 8 | ) 9 | 10 | // Config provides synchronous safe retrieval of configuration. 11 | // 12 | // Config object is safe to use across multiple goroutines and will manage 13 | // the synchronous state so the Providers do not need to implement their own 14 | // synchronization. 15 | // 16 | // The first Config.Get() will always call Provider.Retrieve() to get the first 17 | // instance of the configuration. All calls to Get() after that will return the 18 | // cached configuration. 19 | type Config struct { 20 | provider Provider 21 | mu sync.Mutex 22 | forceRefresh bool 23 | value *Value 24 | } 25 | 26 | // NewConfig returns a new Config with the provider set. 27 | func NewConfig(provider Provider) *Config { 28 | return &Config{ 29 | provider: provider, 30 | forceRefresh: true, 31 | } 32 | } 33 | 34 | // Get returns the configuration, or error if the configuration failed to be 35 | // retrieved. Will return the cached configuration. If the configuration is 36 | // empty the Provider's Retrieve() will be called to refresh the configuration. 37 | func (x *Config) Get(ctx context.Context) (*Value, error) { 38 | x.mu.Lock() 39 | defer x.mu.Unlock() 40 | 41 | if x.value == nil || x.forceRefresh { 42 | value, err := x.provider.Retrieve(ctx) 43 | if err != nil { 44 | return nil, err 45 | } 46 | x.value = value 47 | x.forceRefresh = false 48 | } 49 | 50 | return x.value, nil 51 | } 52 | 53 | // Refresh refreshes the configuration and forces it to be retrieved on the next 54 | // call to Get(). 55 | func (x *Config) Refresh() *Config { 56 | x.mu.Lock() 57 | defer x.mu.Unlock() 58 | x.forceRefresh = true 59 | return x 60 | } 61 | -------------------------------------------------------------------------------- /pkg/credentials/credentials.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package credentials 4 | 5 | import ( 6 | "context" 7 | "sync" 8 | ) 9 | 10 | // Credentials provides synchronous safe retrieval of credentials. 11 | // 12 | // Credentials object is safe to use across multiple goroutines and will manage 13 | // the synchronous state so the Providers do not need to implement their own 14 | // synchronization. 15 | // 16 | // The first Credentials.Get() will always call Provider.Retrieve() to get the first 17 | // instance of the credentials. All calls to Get() after that will return the 18 | // cached credentials. 19 | type Credentials struct { 20 | provider Provider 21 | mu sync.Mutex 22 | forceRefresh bool 23 | value *Value 24 | } 25 | 26 | // NewCredentials returns a new Credentials with the provider set. 27 | func NewCredentials(provider Provider) *Credentials { 28 | return &Credentials{ 29 | provider: provider, 30 | forceRefresh: true, 31 | } 32 | } 33 | 34 | // Get returns the credentials, or error if the credentials failed to be 35 | // retrieved. Will return the cached credentials. If the credentials are 36 | // empty the Provider's Retrieve() will be called to refresh the credentials. 37 | func (x *Credentials) Get(ctx context.Context) (*Value, error) { 38 | x.mu.Lock() 39 | defer x.mu.Unlock() 40 | 41 | if x.value == nil || x.forceRefresh { 42 | value, err := x.provider.Retrieve(ctx) 43 | if err != nil { 44 | return nil, err 45 | } 46 | x.value = value 47 | x.forceRefresh = false 48 | } 49 | 50 | return x.value, nil 51 | } 52 | 53 | // Refresh refreshes the credentials and forces it to be retrieved on the next 54 | // call to Get(). 55 | func (x *Credentials) Refresh() *Credentials { 56 | x.mu.Lock() 57 | defer x.mu.Unlock() 58 | x.forceRefresh = true 59 | return x 60 | } 61 | -------------------------------------------------------------------------------- /pkg/installer/factory.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package installer 4 | 5 | import ( 6 | "fmt" 7 | "sync" 8 | ) 9 | 10 | // Factory is a function that returns an Installer interface. An error is 11 | // returned if the installer fails to initialize, nil otherwise. 12 | type Factory func(options *InstallerOptions) (Installer, error) 13 | 14 | // All registered installers. 15 | var ( 16 | installersMutex sync.RWMutex 17 | installers = make(map[string]Factory) 18 | ) 19 | 20 | // MustRegister registers a Factory by name and panics if an error occurs. 21 | func MustRegister(name string, factory Factory) { 22 | if err := Register(name, factory); err != nil { 23 | panic(err) 24 | } 25 | } 26 | 27 | // Register registers a Factory by name and returns an error, if any. 28 | func Register(name string, factory Factory) error { 29 | installersMutex.Lock() 30 | defer installersMutex.Unlock() 31 | 32 | if name == "" { 33 | return fmt.Errorf("installer must have a name") 34 | } 35 | 36 | if _, dup := installers[name]; dup { 37 | return fmt.Errorf("installer named %q already registered", name) 38 | } 39 | 40 | installers[name] = factory 41 | return nil 42 | } 43 | 44 | // GetFactory returns a Factory by name. 45 | func GetFactory(name string) (Factory, error) { 46 | installersMutex.RLock() 47 | defer installersMutex.RUnlock() 48 | 49 | if factory, ok := installers[name]; ok { 50 | return factory, nil 51 | } 52 | 53 | return nil, fmt.Errorf("installer: no factory function found for "+ 54 | "installer %q (missing import?)", name) 55 | } 56 | 57 | // GetInstance returns an instance of installer by name. 58 | func GetInstance(name string, options ...InstallerOption) (Installer, error) { 59 | factory, err := GetFactory(name) 60 | if err != nil { 61 | return nil, err 62 | } 63 | 64 | opts := mutateInstallerOptions(options...) 65 | return factory(opts) 66 | } 67 | -------------------------------------------------------------------------------- /internal/controller/context.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package controller 4 | 5 | import ( 6 | "context" 7 | 8 | "github.com/spotinst/ocean-operator/pkg/log" 9 | ctrl "sigs.k8s.io/controller-runtime" 10 | ) 11 | 12 | // RequestContext is an interface and serves as a base for contexts. 13 | type RequestContext interface { 14 | context.Context 15 | 16 | // GetRequestId returns the request ID. 17 | GetRequestId() string 18 | // GetRequest returns the underlying request. 19 | GetRequest() ctrl.Request 20 | // GetLogger returns an initialized logger. 21 | GetLogger() log.Logger 22 | // Cancel cancels the request context and tells the reconciler to abandon its work. 23 | Cancel() 24 | // Canceled returns true whether the request context has been canceled. 25 | Canceled() bool 26 | } 27 | 28 | // reconcileContext implements the RequestContext interface. 29 | type reconcileContext struct { 30 | context.Context 31 | 32 | requestID string 33 | request ctrl.Request 34 | log log.Logger 35 | 36 | // internal 37 | cancel context.CancelFunc // used for a cancellation signal 38 | } 39 | 40 | // NewRequestContext returns a new request context. 41 | func NewRequestContext(ctx context.Context, req ctrl.Request, 42 | reqID string, reqLogger log.Logger) RequestContext { 43 | 44 | reqCtx, cancel := context.WithCancel(ctx) 45 | return &reconcileContext{ 46 | Context: reqCtx, 47 | request: req, 48 | requestID: reqID, 49 | log: reqLogger, 50 | cancel: cancel, 51 | } 52 | } 53 | 54 | func (r *reconcileContext) GetRequestId() string { return r.requestID } 55 | func (r *reconcileContext) GetRequest() ctrl.Request { return r.request } 56 | func (r *reconcileContext) GetLogger() log.Logger { return r.log } 57 | 58 | func (r *reconcileContext) Cancel() { 59 | if r.cancel != nil { 60 | r.cancel() 61 | } 62 | } 63 | 64 | func (r *reconcileContext) Canceled() bool { 65 | select { 66 | case <-r.Context.Done(): 67 | return true 68 | default: 69 | return false 70 | } 71 | } 72 | -------------------------------------------------------------------------------- /pkg/tide/rbac/rbac.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package rbac 4 | 5 | import ( 6 | "bytes" 7 | "fmt" 8 | "text/template" 9 | ) 10 | 11 | const ( 12 | ServiceAccountName = "tide" 13 | RoleBindingName = "tide-helmadmin" 14 | ) 15 | 16 | type rbacValues struct { 17 | ServiceAccountName string 18 | ServiceAccountNamespace string 19 | RoleBindingName string 20 | } 21 | 22 | type RBACManifests struct { 23 | ServiceAccount string 24 | ClusterRoleBinding string 25 | } 26 | 27 | func GetRBACManifests(namespace string) (*RBACManifests, error) { 28 | values := rbacValues{ 29 | ServiceAccountName: ServiceAccountName, 30 | ServiceAccountNamespace: namespace, 31 | RoleBindingName: RoleBindingName, 32 | } 33 | 34 | saTemplate, err := template.New("sa").Parse(serviceAccountTemplate) 35 | if err != nil { 36 | return nil, fmt.Errorf("could not parse service account template, %w", err) 37 | } 38 | 39 | saManifest := new(bytes.Buffer) 40 | err = saTemplate.Execute(saManifest, values) 41 | if err != nil { 42 | return nil, fmt.Errorf("could not execute service account template, %w", err) 43 | } 44 | 45 | rbTemplate, err := template.New("roleBinding").Parse(roleBindingTemplate) 46 | if err != nil { 47 | return nil, fmt.Errorf("could not parse role binding template, %w", err) 48 | } 49 | 50 | rbManifest := new(bytes.Buffer) 51 | err = rbTemplate.Execute(rbManifest, values) 52 | if err != nil { 53 | return nil, fmt.Errorf("could not execute role binding template, %w", err) 54 | } 55 | 56 | return &RBACManifests{ 57 | ServiceAccount: saManifest.String(), 58 | ClusterRoleBinding: rbManifest.String(), 59 | }, nil 60 | } 61 | 62 | const serviceAccountTemplate = `apiVersion: v1 63 | kind: ServiceAccount 64 | metadata: 65 | name: {{.ServiceAccountName}} 66 | namespace: {{.ServiceAccountNamespace}} 67 | ` 68 | 69 | const roleBindingTemplate = `apiVersion: rbac.authorization.k8s.io/v1 70 | kind: ClusterRoleBinding 71 | metadata: 72 | name: {{.RoleBindingName}} 73 | roleRef: 74 | apiGroup: rbac.authorization.k8s.io 75 | kind: ClusterRole 76 | name: cluster-admin 77 | subjects: 78 | - kind: ServiceAccount 79 | name: {{.ServiceAccountName}} 80 | namespace: {{.ServiceAccountNamespace}} 81 | ` 82 | -------------------------------------------------------------------------------- /pkg/config/provider_configmap.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package config 4 | 5 | import ( 6 | "context" 7 | "fmt" 8 | 9 | "github.com/mitchellh/mapstructure" 10 | corev1 "k8s.io/api/core/v1" 11 | apierrors "k8s.io/apimachinery/pkg/api/errors" 12 | "k8s.io/apimachinery/pkg/types" 13 | "sigs.k8s.io/controller-runtime/pkg/client" 14 | ) 15 | 16 | // ConfigMapProvider retrieves configuration from a ConfigMap. 17 | type ConfigMapProvider struct { 18 | Client client.Client 19 | Name, Namespace string 20 | } 21 | 22 | // NewConfigMapProvider returns a new Config. 23 | func NewConfigMapProvider(client client.Client, name, namespace string) *ConfigMapProvider { 24 | return &ConfigMapProvider{ 25 | Client: client, 26 | Name: name, 27 | Namespace: namespace, 28 | } 29 | } 30 | 31 | // Retrieve retrieves and returns the configuration, or error in case of failure. 32 | func (x *ConfigMapProvider) Retrieve(ctx context.Context) (*Value, error) { 33 | configMap, err := getConfigMap(ctx, x.Client, x.Name, x.Namespace) 34 | if err != nil { 35 | return nil, fmt.Errorf("error retrieving configmap %q from "+ 36 | "namespace %q: %w", x.Name, x.Namespace, err) 37 | } 38 | 39 | value, err := decodeConfigMap(configMap) 40 | if err != nil { 41 | return nil, fmt.Errorf("error decoding configmap %q from "+ 42 | "namespace %q: %w", x.Name, x.Namespace, err) 43 | } 44 | 45 | return value, nil 46 | } 47 | 48 | // String returns the string representation of the ConfigMap provider. 49 | func (x *ConfigMapProvider) String() string { 50 | return "ConfigMapProvider" 51 | } 52 | 53 | func getConfigMap(ctx context.Context, client client.Client, 54 | name, namespace string) (*corev1.ConfigMap, error) { 55 | obj := new(corev1.ConfigMap) 56 | key := types.NamespacedName{ 57 | Name: name, 58 | Namespace: namespace, 59 | } 60 | err := client.Get(ctx, key, obj) 61 | if err != nil && !apierrors.IsNotFound(err) { 62 | return nil, err 63 | } 64 | return obj, nil 65 | } 66 | 67 | func decodeConfigMap(configMap *corev1.ConfigMap) (*Value, error) { 68 | value := new(Value) 69 | if configMap != nil && configMap.Data != nil { 70 | if err := mapstructure.Decode(configMap.Data, value); err != nil { 71 | return nil, err 72 | } 73 | } 74 | return value, nil 75 | } 76 | -------------------------------------------------------------------------------- /internal/ocean/flags.go: -------------------------------------------------------------------------------- 1 | package ocean 2 | 3 | import ( 4 | "errors" 5 | "strings" 6 | 7 | oceanv1alpha1 "github.com/spotinst/ocean-operator/api/v1alpha1" 8 | "github.com/spotinst/ocean-operator/pkg/log" 9 | ) 10 | 11 | // ComponentsFlag implements pflag.Value interface to store component names, 12 | // allowing transforming and validating them while being set. 13 | type ComponentsFlag struct { 14 | list map[oceanv1alpha1.OceanComponentName]struct{} 15 | log log.Logger 16 | } 17 | 18 | // NewEmptyComponentsFlag returns a new ComponentsFlag with an empty list of components. 19 | func NewEmptyComponentsFlag(log log.Logger) *ComponentsFlag { 20 | return &ComponentsFlag{ 21 | list: make(map[oceanv1alpha1.OceanComponentName]struct{}), 22 | log: log, 23 | } 24 | } 25 | 26 | // NewDefaultComponentsFlag returns a new ComponentsFlag with a default list of components. 27 | func NewDefaultComponentsFlag(log log.Logger) *ComponentsFlag { 28 | f := NewEmptyComponentsFlag(log) 29 | f.list[oceanv1alpha1.OceanControllerComponentName] = struct{}{} 30 | f.list[oceanv1alpha1.MetricsServerComponentName] = struct{}{} 31 | return f 32 | } 33 | 34 | func (c *ComponentsFlag) Type() string { 35 | return "strings" 36 | } 37 | 38 | func (c *ComponentsFlag) Set(arg string) error { 39 | c.list = make(map[oceanv1alpha1.OceanComponentName]struct{}) 40 | v := strings.Split(arg, ",") 41 | for _, val := range v { 42 | name := oceanv1alpha1.OceanComponentName(val) 43 | switch name { 44 | case oceanv1alpha1.OceanControllerComponentName, oceanv1alpha1.MetricsServerComponentName: 45 | c.list[name] = struct{}{} 46 | default: 47 | if name != "" && c.log != nil { 48 | c.log.Error(errors.New("unknown component name input, ignoring"), "name", name) 49 | } 50 | } 51 | } 52 | return nil 53 | } 54 | 55 | func (c *ComponentsFlag) String() string { 56 | s := make([]string, 0, len(c.list)) 57 | for n := range c.list { 58 | s = append(s, string(n)) 59 | } 60 | return strings.Join(s, ",") 61 | } 62 | 63 | func (c *ComponentsFlag) StringSlice() []string { 64 | return strings.Split(c.String(), ",") 65 | } 66 | 67 | func (c *ComponentsFlag) List() []oceanv1alpha1.OceanComponentName { 68 | s := make([]oceanv1alpha1.OceanComponentName, 0, len(c.list)) 69 | for n := range c.list { 70 | s = append(s, n) 71 | } 72 | return s 73 | } 74 | -------------------------------------------------------------------------------- /pkg/installer/options.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package installer 4 | 5 | import ( 6 | "github.com/spotinst/ocean-operator/pkg/log" 7 | "k8s.io/cli-runtime/pkg/genericclioptions" 8 | ) 9 | 10 | // region Options 11 | 12 | type InstallerOptions struct { 13 | Namespace string 14 | ClientGetter genericclioptions.RESTClientGetter 15 | DryRun bool 16 | Log log.Logger 17 | } 18 | 19 | // endregion 20 | 21 | // region Interfaces 22 | 23 | // InstallerOption is some configuration that modifies options for an Installer. 24 | type InstallerOption interface { 25 | // MutateInstallerOptions applies this configuration to the given InstallerOptions. 26 | MutateInstallerOptions(options *InstallerOptions) 27 | } 28 | 29 | // endregion 30 | 31 | // region Adapters 32 | 33 | // InstallerOptionFunc is a convenience type like http.HandlerFunc. 34 | type InstallerOptionFunc func(options *InstallerOptions) 35 | 36 | // MutateInstallerOptions implements the InstallerOption interface. 37 | func (f InstallerOptionFunc) MutateInstallerOptions(options *InstallerOptions) { f(options) } 38 | 39 | // endregion 40 | 41 | // region "Functional" Options 42 | 43 | // WithNamespace sets the given namespace. 44 | func WithNamespace(namespace string) InstallerOption { 45 | return InstallerOptionFunc(func(options *InstallerOptions) { 46 | options.Namespace = namespace 47 | }) 48 | } 49 | 50 | // WithClientGetter sets the given RESTClientGetter. 51 | func WithClientGetter(getter genericclioptions.RESTClientGetter) InstallerOption { 52 | return InstallerOptionFunc(func(options *InstallerOptions) { 53 | options.ClientGetter = getter 54 | }) 55 | } 56 | 57 | // WithDryRun sets the dry run flag. 58 | func WithDryRun(dryRun bool) InstallerOption { 59 | return InstallerOptionFunc(func(options *InstallerOptions) { 60 | options.DryRun = dryRun 61 | }) 62 | } 63 | 64 | // WithLogger sets the given logger. 65 | func WithLogger(log log.Logger) InstallerOption { 66 | return InstallerOptionFunc(func(options *InstallerOptions) { 67 | options.Log = log 68 | }) 69 | } 70 | 71 | // endregion 72 | 73 | // region Helpers 74 | 75 | func mutateInstallerOptions(options ...InstallerOption) *InstallerOptions { 76 | opts := new(InstallerOptions) 77 | for _, opt := range options { 78 | opt.MutateInstallerOptions(opts) 79 | } 80 | return opts 81 | } 82 | 83 | // endregion 84 | -------------------------------------------------------------------------------- /pkg/tide/interfaces.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package tide 4 | 5 | import ( 6 | "context" 7 | 8 | oceanv1alpha1 "github.com/spotinst/ocean-operator/api/v1alpha1" 9 | corev1 "k8s.io/api/core/v1" 10 | rbacv1 "k8s.io/api/rbac/v1" 11 | apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" 12 | "k8s.io/apimachinery/pkg/runtime" 13 | clientgoscheme "k8s.io/client-go/kubernetes/scheme" 14 | ) 15 | 16 | var scheme = runtime.NewScheme() 17 | 18 | func init() { 19 | _ = clientgoscheme.AddToScheme(scheme) 20 | _ = apiextensionsv1.AddToScheme(scheme) 21 | _ = oceanv1alpha1.AddToScheme(scheme) 22 | //+kubebuilder:scaffold:scheme 23 | } 24 | 25 | // DefaultScheme returns the default runtime.Scheme. 26 | func DefaultScheme() *runtime.Scheme { return scheme } 27 | 28 | type ( 29 | // Applier defines the interface used for applying cluster resources. 30 | Applier interface { 31 | // ApplyEnvironment applies all resources. 32 | ApplyEnvironment( 33 | ctx context.Context, 34 | options ...ApplyOption) error 35 | // ApplyComponents applies component resources. 36 | ApplyComponents( 37 | ctx context.Context, 38 | components []*oceanv1alpha1.OceanComponent, 39 | options ...ApplyOption) error 40 | // ApplyCRDs applies CRD resources. 41 | ApplyCRDs( 42 | ctx context.Context, 43 | crds []*apiextensionsv1.CustomResourceDefinition, 44 | options ...ApplyOption) error 45 | // ApplyRBAC applies RBAC resources. 46 | ApplyRBAC( 47 | ctx context.Context, 48 | serviceAccount *corev1.ServiceAccount, 49 | roleBinding *rbacv1.ClusterRoleBinding, 50 | options ...ApplyOption) error 51 | } 52 | 53 | // Deleter defines the interface used for deleting cluster resources. 54 | Deleter interface { 55 | // DeleteEnvironment deletes all resources. 56 | DeleteEnvironment( 57 | ctx context.Context, 58 | options ...DeleteOption) error 59 | // DeleteComponents deletes component resources. 60 | DeleteComponents( 61 | ctx context.Context, 62 | components []oceanv1alpha1.OceanComponent, 63 | options ...DeleteOption) error 64 | // DeleteCRDs deletes CRD resources. 65 | DeleteCRDs( 66 | ctx context.Context, 67 | crds []apiextensionsv1.CustomResourceDefinition, 68 | options ...DeleteOption) error 69 | // DeleteRBAC deletes RBAC resources. 70 | DeleteRBAC( 71 | ctx context.Context, 72 | serviceAccount, roleBinding string, 73 | options ...DeleteOption) error 74 | } 75 | 76 | // Manager defines the interface used for managing cluster resources. 77 | Manager interface { 78 | Applier 79 | Deleter 80 | } 81 | ) 82 | -------------------------------------------------------------------------------- /pkg/tide/values/helpers.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package values 4 | 5 | import ( 6 | "bytes" 7 | "context" 8 | "fmt" 9 | "io" 10 | 11 | "gopkg.in/yaml.v3" 12 | yamlutil "k8s.io/apimachinery/pkg/util/yaml" 13 | ) 14 | 15 | func Merge(values ...string) (string, error) { 16 | list := make([]map[string]interface{}, 0, len(values)) 17 | for _, value := range values { 18 | m := make(map[string]interface{}) 19 | r := bytes.NewReader([]byte(value)) 20 | d := yamlutil.NewYAMLOrJSONDecoder(r, r.Len()) 21 | if err := d.Decode(&m); err != nil { 22 | if err == io.EOF { 23 | continue 24 | } 25 | return "", fmt.Errorf("failed to unmarshal merged values: %w", err) 26 | } 27 | list = append(list, m) 28 | } 29 | b, err := yaml.Marshal(mergeMaps(list...)) 30 | if err != nil { 31 | return "", fmt.Errorf("failed to marshal merged values: %w", err) 32 | } 33 | return string(b), nil 34 | } 35 | 36 | func mergeMaps(maps ...map[string]interface{}) map[string]interface{} { 37 | out := make(map[string]interface{}) 38 | for _, m := range maps { 39 | for k, v := range m { 40 | if v, ok := v.(map[string]interface{}); ok { 41 | if bv, ok := out[k]; ok { 42 | if bv, ok := bv.(map[string]interface{}); ok { 43 | out[k] = mergeMaps(bv, v) 44 | continue 45 | } 46 | } 47 | } 48 | out[k] = v 49 | } 50 | } 51 | return out 52 | } 53 | 54 | func decode(values string, dest interface{}) error { 55 | if len(values) == 0 { 56 | return nil 57 | } 58 | r := bytes.NewReader([]byte(values)) 59 | d := yamlutil.NewYAMLOrJSONDecoder(r, r.Len()) 60 | return d.Decode(dest) 61 | } 62 | 63 | func complete(values interface{}) bool { 64 | type validator interface { 65 | Valid() bool 66 | } 67 | v, ok := values.(validator) 68 | if ok { 69 | return v.Valid() 70 | } 71 | return false 72 | } 73 | 74 | func buildMerge(ctx context.Context, values string, builder Builder) (string, error) { 75 | v, err := builder.Build(ctx) 76 | if err != nil { 77 | return "", fmt.Errorf("unable to build values: %w", err) 78 | } 79 | if len(v) > 0 { 80 | values, err = Merge(v, values) 81 | if err != nil { 82 | return "", fmt.Errorf("unable to merge values: %w", err) 83 | } 84 | } 85 | return values, nil 86 | } 87 | 88 | func build(ctx context.Context, values string, builder Builder, dest interface{}) (string, error) { 89 | err := decode(values, dest) 90 | if err != nil { 91 | return "", err 92 | } 93 | if !complete(dest) { 94 | values, err = buildMerge(ctx, values, builder) 95 | if err != nil { 96 | return "", err 97 | } 98 | } 99 | return values, nil 100 | } 101 | -------------------------------------------------------------------------------- /pkg/credentials/provider_secret.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package credentials 4 | 5 | import ( 6 | "context" 7 | "fmt" 8 | 9 | "github.com/mitchellh/mapstructure" 10 | corev1 "k8s.io/api/core/v1" 11 | apierrors "k8s.io/apimachinery/pkg/api/errors" 12 | "k8s.io/apimachinery/pkg/types" 13 | "sigs.k8s.io/controller-runtime/pkg/client" 14 | ) 15 | 16 | // ErrSecretCredentialsNotFound is returned when no credentials can be found in Secret. 17 | var ErrSecretCredentialsNotFound = fmt.Errorf("credentials: %s and %s not found "+ 18 | "in Secret", EnvCredentialsToken, EnvCredentialsAccount) 19 | 20 | // SecretProvider retrieves credentials from a Secret. 21 | type SecretProvider struct { 22 | Client client.Client 23 | Name, Namespace string 24 | } 25 | 26 | // NewSecretProvider returns a new SecretProvider. 27 | func NewSecretProvider(client client.Client, name, namespace string) *SecretProvider { 28 | return &SecretProvider{ 29 | Client: client, 30 | Name: name, 31 | Namespace: namespace, 32 | } 33 | } 34 | 35 | // Retrieve retrieves and returns the credentials, or error in case of failure. 36 | func (x *SecretProvider) Retrieve(ctx context.Context) (*Value, error) { 37 | secret, err := getSecret(ctx, x.Client, x.Name, x.Namespace) 38 | if err != nil { 39 | return nil, fmt.Errorf("error retrieving secret %q from "+ 40 | "namespace %q: %w", x.Name, x.Namespace, err) 41 | } 42 | 43 | value, err := decodeSecret(secret) 44 | if err != nil { 45 | return nil, fmt.Errorf("error decoding secret %q from "+ 46 | "namespace %q: %w", x.Name, x.Namespace, err) 47 | } 48 | 49 | if value.IsEmpty() { 50 | return value, ErrSecretCredentialsNotFound 51 | } 52 | 53 | return value, nil 54 | } 55 | 56 | // String returns the string representation of the Secret provider. 57 | func (x *SecretProvider) String() string { 58 | return "SecretProvider" 59 | } 60 | 61 | func getSecret(ctx context.Context, client client.Client, 62 | name, namespace string) (*corev1.Secret, error) { 63 | obj := new(corev1.Secret) 64 | key := types.NamespacedName{ 65 | Name: name, 66 | Namespace: namespace, 67 | } 68 | err := client.Get(ctx, key, obj) 69 | if err != nil && !apierrors.IsNotFound(err) { 70 | return nil, err 71 | } 72 | return obj, nil 73 | } 74 | 75 | func decodeSecret(secret *corev1.Secret) (*Value, error) { 76 | data := make(map[string]string) 77 | value := new(Value) 78 | 79 | if secret != nil { 80 | // Copy all non-binary secret data. 81 | if secret.StringData != nil { 82 | for k, v := range secret.StringData { 83 | data[k] = v 84 | } 85 | } 86 | 87 | // Copy all binary secret data. 88 | if secret.Data != nil { 89 | for k, v := range secret.Data { 90 | data[k] = string(v) 91 | } 92 | } 93 | } 94 | 95 | return value, mapstructure.Decode(data, value) 96 | } 97 | -------------------------------------------------------------------------------- /config/default/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | # Adds namespace to all resources. 5 | namespace: ocean-operator-system 6 | 7 | # Value of this field is prepended to the 8 | # names of all resources, e.g. a deployment named 9 | # "wordpress" becomes "alices-wordpress". 10 | # Note that it should also match with the prefix (text before '-') of the namespace 11 | # field above. 12 | namePrefix: ocean-operator- 13 | 14 | # Labels to add to all resources and selectors. 15 | #commonLabels: 16 | # someName: someValue 17 | 18 | bases: 19 | - ../crd 20 | - ../rbac 21 | - ../manager 22 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in 23 | # crd/kustomization.yaml 24 | #- ../webhook 25 | # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. 26 | #- ../certmanager 27 | # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. 28 | #- ../prometheus 29 | 30 | patchesStrategicMerge: 31 | # Protect the /metrics endpoint by putting it behind auth. 32 | # If you want your controller-manager to expose the /metrics 33 | # endpoint w/o any authn/z, please comment the following line. 34 | - manager_auth_proxy_patch.yaml 35 | 36 | # Mount the controller config file for loading manager configurations 37 | # through a OceanComponentConfig type 38 | #- manager_config_patch.yaml 39 | 40 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in 41 | # crd/kustomization.yaml 42 | #- manager_webhook_patch.yaml 43 | 44 | # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 45 | # Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. 46 | # 'CERTMANAGER' needs to be enabled to use ca injection 47 | #- webhookcainjection_patch.yaml 48 | 49 | # the following config is for teaching kustomize how to do var substitution 50 | vars: 51 | # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. 52 | #- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR 53 | # objref: 54 | # kind: Certificate 55 | # group: cert-manager.io 56 | # version: v1 57 | # name: serving-cert # this name should match the one in certificate.yaml 58 | # fieldref: 59 | # fieldpath: metadata.namespace 60 | #- name: CERTIFICATE_NAME 61 | # objref: 62 | # kind: Certificate 63 | # group: cert-manager.io 64 | # version: v1 65 | # name: serving-cert # this name should match the one in certificate.yaml 66 | #- name: SERVICE_NAMESPACE # namespace of the service 67 | # objref: 68 | # kind: Service 69 | # version: v1 70 | # name: webhook-service 71 | # fieldref: 72 | # fieldpath: metadata.namespace 73 | #- name: SERVICE_NAME 74 | # objref: 75 | # kind: Service 76 | # version: v1 77 | # name: webhook-service 78 | -------------------------------------------------------------------------------- /pkg/config/provider_chain.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package config 4 | 5 | import ( 6 | "context" 7 | "errors" 8 | "fmt" 9 | "strings" 10 | ) 11 | 12 | // ErrNoValidProvidersFoundInChain Is returned when there are no valid 13 | // configuration providers in the ChainProvider. 14 | var ErrNoValidProvidersFoundInChain = errors.New("config: no valid " + 15 | "configuration providers in chain") 16 | 17 | // ChainProvider will search for a provider which returns configuration and cache 18 | // that provider until Retrieve is called again. 19 | // 20 | // The ChainProvider provides a way of chaining multiple providers together which 21 | // will pick the first available using priority order of the Providers in the list. 22 | // 23 | // If none of the Providers retrieve valid configuration, Retrieve() will return 24 | // the error ErrNoValidProvidersFoundInChain. 25 | // 26 | // If a Provider is found which returns valid configuration, ChainProvider will 27 | // cache that Provider for all calls until Retrieve is called again. 28 | type ChainProvider struct { 29 | Providers []Provider 30 | } 31 | 32 | // NewChainProvider returns a new ChainProvider. 33 | func NewChainProvider(providers ...Provider) *ChainProvider { 34 | return &ChainProvider{ 35 | Providers: providers, 36 | } 37 | } 38 | 39 | // Retrieve retrieves and returns the configuration, or error in case of failure. 40 | func (x *ChainProvider) Retrieve(ctx context.Context) (*Value, error) { 41 | value := new(Value) 42 | var errs errorList 43 | 44 | if len(x.Providers) > 0 { 45 | for _, p := range x.Providers { 46 | v, err := p.Retrieve(ctx) 47 | if err != nil { 48 | errs = append(errs, err) 49 | continue 50 | } 51 | if value.Merge(v).IsComplete() { 52 | break 53 | } 54 | } 55 | } 56 | 57 | if value.IsEmpty() { 58 | err := ErrNoValidProvidersFoundInChain 59 | if len(errs) > 0 { 60 | err = errs 61 | } 62 | return nil, err 63 | } 64 | 65 | return value, nil 66 | } 67 | 68 | // String returns the string representation of the Chain provider. 69 | func (x *ChainProvider) String() string { 70 | providers := make([]string, len(x.Providers)) 71 | if len(x.Providers) > 0 { 72 | for i, provider := range x.Providers { 73 | providers[i] = provider.String() 74 | } 75 | } 76 | return fmt.Sprintf("ChainProvider(%s)", strings.Join(providers, ",")) 77 | } 78 | 79 | // An error list that satisfies the error interface. 80 | type errorList []error 81 | 82 | // Error returns the string representation of the error list. 83 | func (e errorList) Error() string { 84 | msg := "" 85 | if size := len(e); size > 0 { 86 | for i := 0; i < size; i++ { 87 | msg += fmt.Sprintf("%s", e[i].Error()) 88 | 89 | // Check the next index to see if it is within the slice. If it is, 90 | // append a newline. We do this, because unit tests could be broken 91 | // with the additional '\n'. 92 | if i+1 < size { 93 | msg += "\n" 94 | } 95 | } 96 | } 97 | return msg 98 | } 99 | -------------------------------------------------------------------------------- /pkg/credentials/provider_chain.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package credentials 4 | 5 | import ( 6 | "context" 7 | "errors" 8 | "fmt" 9 | "strings" 10 | ) 11 | 12 | // ErrNoValidProvidersFoundInChain Is returned when there are no valid credentials 13 | // providers in the ChainProvider. 14 | var ErrNoValidProvidersFoundInChain = errors.New("credentials: no valid " + 15 | "credentials providers in chain") 16 | 17 | // ChainProvider will search for a provider which returns credentials and cache 18 | // that provider until Retrieve is called again. 19 | // 20 | // The ChainProvider provides a way of chaining multiple providers together which 21 | // will pick the first available using priority order of the Providers in the list. 22 | // 23 | // If none of the Providers retrieve valid credentials, Retrieve() will return 24 | // the error ErrNoValidProvidersFoundInChain. 25 | // 26 | // If a Provider is found which returns valid credentials, ChainProvider will 27 | // cache that Provider for all calls until Retrieve is called again. 28 | type ChainProvider struct { 29 | Providers []Provider 30 | } 31 | 32 | // NewChainProvider returns a new ChainProvider. 33 | func NewChainProvider(providers ...Provider) *ChainProvider { 34 | return &ChainProvider{ 35 | Providers: providers, 36 | } 37 | } 38 | 39 | // Retrieve retrieves and returns the credentials, or error in case of failure. 40 | func (x *ChainProvider) Retrieve(ctx context.Context) (*Value, error) { 41 | value := new(Value) 42 | var errs errorList 43 | 44 | if len(x.Providers) > 0 { 45 | for _, p := range x.Providers { 46 | v, err := p.Retrieve(ctx) 47 | if err != nil { 48 | errs = append(errs, err) 49 | continue 50 | } 51 | if value.Merge(v).IsComplete() { 52 | break 53 | } 54 | } 55 | } 56 | 57 | if value.IsEmpty() { 58 | err := ErrNoValidProvidersFoundInChain 59 | if len(errs) > 0 { 60 | err = errs 61 | } 62 | return nil, err 63 | } 64 | 65 | return value, nil 66 | } 67 | 68 | // String returns the string representation of the Chain provider. 69 | func (x *ChainProvider) String() string { 70 | providers := make([]string, len(x.Providers)) 71 | if len(x.Providers) > 0 { 72 | for i, provider := range x.Providers { 73 | providers[i] = provider.String() 74 | } 75 | } 76 | return fmt.Sprintf("ChainProvider(%s)", strings.Join(providers, ",")) 77 | } 78 | 79 | // An error list that satisfies the error interface. 80 | type errorList []error 81 | 82 | // Error returns the string representation of the error list. 83 | func (e errorList) Error() string { 84 | msg := "" 85 | if size := len(e); size > 0 { 86 | for i := 0; i < size; i++ { 87 | msg += fmt.Sprintf("%s", e[i].Error()) 88 | 89 | // Check the next index to see if it is within the slice. If it is, 90 | // append a newline. We do this, because unit tests could be broken 91 | // with the additional '\n'. 92 | if i+1 < size { 93 | msg += "\n" 94 | } 95 | } 96 | } 97 | return msg 98 | } 99 | -------------------------------------------------------------------------------- /internal/cmd/ocean-tide/uninstall/uninstall.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package uninstall 4 | 5 | import ( 6 | "context" 7 | "time" 8 | 9 | "github.com/spf13/cobra" 10 | oceanv1alpha1 "github.com/spotinst/ocean-operator/api/v1alpha1" 11 | "github.com/spotinst/ocean-operator/internal/cli" 12 | "github.com/spotinst/ocean-operator/pkg/tide" 13 | "k8s.io/client-go/rest" 14 | ctrl "sigs.k8s.io/controller-runtime" 15 | ) 16 | 17 | type Options struct { 18 | *cli.CommonOptions 19 | 20 | ChartNamespace string 21 | ChartName string 22 | Wait bool 23 | DryRun bool 24 | Timeout time.Duration 25 | 26 | // internal 27 | config *rest.Config 28 | } 29 | 30 | // NewCommand returns a new cobra.Command for uninstall. 31 | func NewCommand(commonOptions *cli.CommonOptions) *cobra.Command { 32 | options := &Options{ 33 | CommonOptions: commonOptions, 34 | } 35 | 36 | cmd := &cobra.Command{ 37 | Use: "uninstall", 38 | Short: "UninstallOperator the Ocean Operator and all its components", 39 | Long: `UninstallOperator the Ocean Operator and all its components`, 40 | PreRun: func(cmd *cobra.Command, args []string) { 41 | cli.PrintFlags(cmd.Flags(), options.Log) 42 | }, 43 | RunE: func(cmd *cobra.Command, args []string) error { 44 | return options.run(ctrl.LoggerInto(ctrl.SetupSignalHandler(), options.Log)) 45 | }, 46 | } 47 | 48 | cmd.Flags().StringVar(&options.ChartNamespace, "chart-namespace", oceanv1alpha1.NamespaceSystem, "chart namespace") 49 | cmd.Flags().StringVar(&options.ChartName, "chart-name", tide.OceanOperatorChart, "chart name") 50 | cmd.Flags().DurationVar(&options.Timeout, "timeout", 5*time.Minute, "maximum duration before timing out the execution") 51 | cmd.Flags().BoolVar(&options.Wait, "wait", true, "wait for completion before exiting") 52 | cmd.Flags().BoolVar(&options.DryRun, "dry-run", false, "only print the actions that would be executed, without executing them") 53 | 54 | return cmd 55 | } 56 | 57 | func (x *Options) run(ctx context.Context) (err error) { 58 | ctrl.SetLogger(x.Log) 59 | x.config, err = ctrl.GetConfig() 60 | if err != nil { 61 | x.Log.Error(err, "unable to get kubeconfig") 62 | return err 63 | } 64 | 65 | clientGetter := tide.NewConfigFlags(x.config, x.ChartNamespace) 66 | manager, err := tide.NewManager(clientGetter, x.Log) 67 | if err != nil { 68 | x.Log.Error(err, "unable to create tide manager") 69 | return err 70 | } 71 | deleteOptions := []tide.DeleteOption{ 72 | tide.WithNamespace(x.ChartNamespace), 73 | } 74 | if err = manager.DeleteEnvironment(ctx, deleteOptions...); err != nil { 75 | return err 76 | } 77 | 78 | operator := tide.NewOperatorOceanComponent( 79 | tide.WithChartName(x.ChartName), 80 | tide.WithChartNamespace(x.ChartNamespace), 81 | ) 82 | if err = tide.UninstallOperator(ctx, operator, clientGetter, 83 | x.Wait, x.DryRun, x.Timeout, x.Log); err != nil { 84 | return err 85 | } 86 | 87 | x.Log.Info("ocean operator is now removed") 88 | return nil 89 | } 90 | -------------------------------------------------------------------------------- /pkg/installer/installers/helm/helm_test.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package helm 4 | 5 | import ( 6 | "testing" 7 | 8 | oceanv1alpha1 "github.com/spotinst/ocean-operator/api/v1alpha1" 9 | "github.com/spotinst/ocean-operator/pkg/installer" 10 | "github.com/stretchr/testify/assert" 11 | "gopkg.in/yaml.v3" 12 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 13 | "sigs.k8s.io/controller-runtime/pkg/log/zap" 14 | ) 15 | 16 | func TestYamlConversion(t *testing.T) { 17 | values := ` 18 | serviceAccount: 19 | create: true 20 | ` 21 | var vals map[string]interface{} 22 | err := yaml.Unmarshal([]byte(values), &vals) 23 | assert.NoError(t, err) 24 | 25 | for k, v := range vals { 26 | t.Log("values", k, v) 27 | } 28 | 29 | e := vals["serviceAccount"] 30 | s, ok := e.(map[string]interface{}) 31 | assert.True(t, ok) 32 | assert.Equal(t, true, s["create"]) 33 | } 34 | 35 | func getVersionedObjects(componentVersion, releasedVersion string) (*oceanv1alpha1.OceanComponent, *installer.Release) { 36 | return &oceanv1alpha1.OceanComponent{ 37 | ObjectMeta: metav1.ObjectMeta{ 38 | Name: "ocean-foo", 39 | }, 40 | Spec: oceanv1alpha1.OceanComponentSpec{ 41 | Name: "foo", 42 | Version: componentVersion, 43 | Values: "", 44 | }, 45 | }, 46 | &installer.Release{ 47 | Name: "foo", 48 | Version: releasedVersion, 49 | } 50 | } 51 | 52 | func getValuesObjects(componentValues string, releasedValues map[string]interface{}) (*oceanv1alpha1.OceanComponent, *installer.Release) { 53 | return &oceanv1alpha1.OceanComponent{ 54 | ObjectMeta: metav1.ObjectMeta{ 55 | Name: "ocean-foo", 56 | }, 57 | Spec: oceanv1alpha1.OceanComponentSpec{ 58 | Name: "foo", 59 | Version: "v1.2", 60 | Values: componentValues, 61 | }, 62 | }, 63 | &installer.Release{ 64 | Name: "foo", 65 | Version: "v1.2", 66 | Values: releasedValues, 67 | } 68 | 69 | } 70 | 71 | func TestIsUpgrade(t *testing.T) { 72 | logger := zap.New(zap.UseDevMode(true)).WithValues("test", t.Name()) 73 | i := &Installer{ 74 | ClientGetter: nil, 75 | Log: logger, 76 | } // fix getClient for more complex tests 77 | var u bool 78 | 79 | u = i.IsUpgrade(getVersionedObjects("v1.1.0", "v0.9.8")) 80 | assert.True(t, u) 81 | 82 | u = i.IsUpgrade(getVersionedObjects("v1.1.0", "v1.1.0")) 83 | assert.False(t, u) 84 | 85 | u = i.IsUpgrade(getValuesObjects("metricsEnabled: true", map[string]interface{}{})) 86 | assert.True(t, u) 87 | 88 | u = i.IsUpgrade(getValuesObjects("", map[string]interface{}{})) 89 | assert.False(t, u) 90 | 91 | u = i.IsUpgrade(getValuesObjects(":unparseable yaml is an upgrade lol:", map[string]interface{}{})) 92 | assert.True(t, u) 93 | 94 | v1 := ` 95 | serviceAccount: 96 | create: true 97 | ` 98 | v2 := map[string]interface{}{ 99 | "serviceAccount": map[string]interface{}{ 100 | "create": true, 101 | }, 102 | } 103 | u = i.IsUpgrade(getValuesObjects(v1, v2)) 104 | assert.False(t, u) 105 | 106 | } 107 | -------------------------------------------------------------------------------- /pkg/tide/helpers.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package tide 4 | 5 | import ( 6 | "context" 7 | "fmt" 8 | 9 | oceanv1alpha1 "github.com/spotinst/ocean-operator/api/v1alpha1" 10 | "github.com/spotinst/ocean-operator/pkg/config" 11 | "github.com/spotinst/ocean-operator/pkg/credentials" 12 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 13 | "k8s.io/apimachinery/pkg/runtime" 14 | "k8s.io/cli-runtime/pkg/genericclioptions" 15 | "k8s.io/client-go/rest" 16 | "sigs.k8s.io/controller-runtime/pkg/client" 17 | ) 18 | 19 | func NewConfigFlags(config *rest.Config, namespace string) *genericclioptions.ConfigFlags { 20 | cf := genericclioptions.NewConfigFlags(true) 21 | cf.APIServer = &config.Host 22 | cf.BearerToken = &config.BearerToken 23 | cf.CAFile = &config.CAFile 24 | cf.Namespace = &namespace 25 | return cf 26 | } 27 | 28 | func NewControllerRuntimeClient(config *rest.Config, scheme *runtime.Scheme) (client.Client, error) { 29 | return client.New(config, client.Options{ 30 | Scheme: scheme, 31 | Mapper: nil, 32 | }) 33 | } 34 | 35 | func LoadConfig(ctx context.Context, client client.Client) (*config.Value, error) { 36 | providers := []config.Provider{ 37 | &config.ConfigMapProvider{ 38 | Client: client, 39 | Name: OceanOperatorConfigMap, 40 | Namespace: oceanv1alpha1.NamespaceSystem, 41 | }, 42 | &config.ConfigMapProvider{ 43 | Client: client, 44 | Name: OceanOperatorConfigMap, 45 | Namespace: metav1.NamespaceSystem, 46 | }, 47 | &config.ConfigMapProvider{ 48 | Client: client, 49 | Name: OceanOperatorConfigMap, 50 | Namespace: metav1.NamespaceDefault, 51 | }, 52 | &config.ConfigMapProvider{ 53 | Client: client, 54 | Name: LegacyOceanControllerConfigMap, 55 | Namespace: metav1.NamespaceDefault, 56 | }, 57 | &config.EnvProvider{}, 58 | } 59 | 60 | value, err := config.NewConfig(config.NewChainProvider(providers...)).Get(ctx) 61 | if err != nil { 62 | return nil, fmt.Errorf("failed to load configuration: %w", err) 63 | } 64 | 65 | return value, nil 66 | } 67 | 68 | func LoadCredentials(ctx context.Context, client client.Client) (*credentials.Value, error) { 69 | providers := []credentials.Provider{ 70 | &credentials.SecretProvider{ 71 | Client: client, 72 | Name: OceanOperatorSecret, 73 | Namespace: oceanv1alpha1.NamespaceSystem, 74 | }, 75 | &credentials.SecretProvider{ 76 | Client: client, 77 | Name: OceanOperatorSecret, 78 | Namespace: metav1.NamespaceSystem, 79 | }, 80 | &credentials.SecretProvider{ 81 | Client: client, 82 | Name: OceanOperatorSecret, 83 | Namespace: metav1.NamespaceDefault, 84 | }, 85 | &credentials.SecretProvider{ 86 | Client: client, 87 | Name: LegacyOceanControllerSecret, 88 | Namespace: metav1.NamespaceSystem, 89 | }, 90 | &credentials.EnvProvider{}, 91 | } 92 | 93 | value, err := credentials.NewCredentials(credentials.NewChainProvider(providers...)).Get(ctx) 94 | if err != nil { 95 | return nil, fmt.Errorf("failed to load credentials: %w", err) 96 | } 97 | 98 | return value, nil 99 | } 100 | -------------------------------------------------------------------------------- /internal/cmd/ocean-tide/install/install.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package install 4 | 5 | import ( 6 | "context" 7 | "time" 8 | 9 | "github.com/spf13/cobra" 10 | oceanv1alpha1 "github.com/spotinst/ocean-operator/api/v1alpha1" 11 | "github.com/spotinst/ocean-operator/internal/cli" 12 | "github.com/spotinst/ocean-operator/pkg/tide" 13 | "k8s.io/client-go/rest" 14 | ctrl "sigs.k8s.io/controller-runtime" 15 | ) 16 | 17 | type Options struct { 18 | *cli.CommonOptions 19 | 20 | ChartNamespace string 21 | ChartName string 22 | ChartVersion string 23 | ChartURL string 24 | ChartValuesJSON string 25 | Wait bool 26 | DryRun bool 27 | Timeout time.Duration 28 | 29 | // internal 30 | config *rest.Config 31 | } 32 | 33 | // NewCommand returns a new cobra.Command for install. 34 | func NewCommand(commonOptions *cli.CommonOptions) *cobra.Command { 35 | options := &Options{ 36 | CommonOptions: commonOptions, 37 | } 38 | 39 | cmd := &cobra.Command{ 40 | Use: "install", 41 | Short: "InstallOperator the Ocean Operator and all its components", 42 | Long: `InstallOperator the Ocean Operator and all its components`, 43 | PreRun: func(cmd *cobra.Command, args []string) { 44 | cli.PrintFlags(cmd.Flags(), options.Log) 45 | }, 46 | RunE: func(cmd *cobra.Command, args []string) error { 47 | return options.run(ctrl.LoggerInto(ctrl.SetupSignalHandler(), options.Log)) 48 | }, 49 | } 50 | 51 | cmd.Flags().StringVar(&options.ChartNamespace, "chart-namespace", oceanv1alpha1.NamespaceSystem, "chart namespace") 52 | cmd.Flags().StringVar(&options.ChartName, "chart-name", tide.OceanOperatorChart, "chart name") 53 | cmd.Flags().StringVar(&options.ChartVersion, "chart-version", tide.OceanOperatorVersion, "chart version") 54 | cmd.Flags().StringVar(&options.ChartURL, "chart-url", tide.OceanOperatorRepository, "chart repository url") 55 | cmd.Flags().StringVar(&options.ChartValuesJSON, "chart-values", tide.OceanOperatorValues, "chart values (json)") 56 | cmd.Flags().DurationVar(&options.Timeout, "timeout", 5*time.Minute, "maximum duration before timing out the execution") 57 | cmd.Flags().BoolVar(&options.Wait, "wait", true, "wait for completion before exiting") 58 | cmd.Flags().BoolVar(&options.DryRun, "dry-run", false, "only print the actions that would be executed, without executing them") 59 | 60 | return cmd 61 | } 62 | 63 | func (x *Options) run(ctx context.Context) (err error) { 64 | ctrl.SetLogger(x.Log) 65 | x.config, err = ctrl.GetConfig() 66 | if err != nil { 67 | x.Log.Error(err, "unable to get kubeconfig") 68 | return err 69 | } 70 | 71 | clientGetter := tide.NewConfigFlags(x.config, x.ChartNamespace) 72 | operator := tide.NewOperatorOceanComponent( 73 | tide.WithChartName(x.ChartName), 74 | tide.WithChartNamespace(x.ChartNamespace), 75 | tide.WithChartURL(x.ChartURL), 76 | tide.WithChartVersion(x.ChartVersion), 77 | tide.WithChartValues(x.ChartValuesJSON), 78 | ) 79 | if err = tide.InstallOperator(ctx, operator, clientGetter, 80 | x.Wait, x.DryRun, x.Timeout, x.Log); err != nil { 81 | return err 82 | } 83 | 84 | x.Log.Info("ocean operator is now installed and managing components") 85 | return nil 86 | } 87 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Ocean Operator for Kubernetes 2 | 3 | **Ocean Operator for Kubernetes** is an [Operator](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/) that makes use of [custom resources](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/) and can be used to create and manage Ocean components. 4 | 5 | ## Table of Contents 6 | 7 | - [Installation](#installation) 8 | - [Documentation](#documentation) 9 | - [Getting Help](#getting-help) 10 | - [Community](#community) 11 | - [Contributing](#contributing) 12 | - [License](#license) 13 | 14 | ## Installation 15 | 16 | ### Install with Spot CLI 17 | 18 | #### Prerequisites 19 | 20 | - [Install the Spot CLI](https://github.com/spotinst/spotctl#installation). 21 | 22 | #### Steps 23 | 24 | 1. Install `ocean-operator`: 25 | 26 | ```sh 27 | spotctl ocean install \ 28 | --set spotinst.token=REDACTED \ 29 | --set spotinst.account=REDACTED \ 30 | --set spotinst.clusterIdentifier=REDACTED \ 31 | --namespace spot-system 32 | # [...] 33 | ``` 34 | 35 | #### Verify 36 | 37 | Ensure all Kubernetes Pods in `spot-system` namespace are deployed and have a `STATUS` of `Running`: 38 | 39 | ```sh 40 | kubectl get pods -n spot-system 41 | ``` 42 | 43 | ### Install with Helm 44 | 45 | #### Prerequisites 46 | 47 | - [Install a Helm client](https://helm.sh/docs/intro/install/) with a version 3 or later. 48 | 49 | #### Steps 50 | 51 | 1. Add the Spot Helm repository: 52 | 53 | ```sh 54 | helm repo add spot https://charts.spot.io 55 | ``` 56 | 57 | 2. Update your local Helm chart repository cache: 58 | 59 | ```sh 60 | helm repo update 61 | ``` 62 | 63 | 3. Install `ocean-operator`: 64 | 65 | ```sh 66 | helm install my-release spot/ocean-operator \ 67 | --set spotinst.token=REDACTED \ 68 | --set spotinst.account=REDACTED \ 69 | --set spotinst.clusterIdentifier=REDACTED \ 70 | --namespace spot-system \ 71 | --create-namespace \ 72 | # [...] 73 | ``` 74 | 75 | #### Verify 76 | 77 | Ensure all Kubernetes Pods in `spot-system` namespace are deployed and have a `STATUS` of `Running`: 78 | 79 | ```sh 80 | kubectl get pods -n spot-system 81 | ``` 82 | 83 | ## Documentation 84 | 85 | If you're new to [Spot](https://spot.io/) and want to get started, please checkout our [Getting Started](https://docs.spot.io/connect-your-cloud-provider/) guide, available on the [Spot Documentation](https://docs.spot.io/) website. 86 | 87 | ## Getting Help 88 | 89 | We use GitHub issues for tracking bugs and feature requests. Please use these community resources for getting help: 90 | 91 | - Ask a question on [Stack Overflow](https://stackoverflow.com/) and tag it with [ocean-operator](https://stackoverflow.com/questions/tagged/ocean-operator/). 92 | - Join our [Spot](https://spot.io/) community on [Slack](http://slack.spot.io/). 93 | - Open an [issue](https://github.com/spotinst/ocean-operator/issues/new/choose/). 94 | 95 | ## Community 96 | 97 | - [Slack](http://slack.spot.io/) 98 | - [Twitter](https://twitter.com/spot_hq/) 99 | 100 | ## Contributing 101 | 102 | Please see the [contribution guidelines](.github/CONTRIBUTING.md). 103 | 104 | ## License 105 | 106 | Code is licensed under the [Apache License 2.0](LICENSE). 107 | -------------------------------------------------------------------------------- /pkg/installer/interfaces.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package installer 4 | 5 | import ( 6 | "errors" 7 | 8 | oceanv1alpha1 "github.com/spotinst/ocean-operator/api/v1alpha1" 9 | ) 10 | 11 | var ( 12 | // ErrNotImplemented is the error returned if a method is not implemented. 13 | ErrNotImplemented = errors.New("installer: not implemented") 14 | // ErrReleaseNotFound indicates that a component release is not found. 15 | ErrReleaseNotFound = errors.New("installer: release not found") 16 | ) 17 | 18 | type ( 19 | // Installer defines the interface of a component installer. 20 | Installer interface { 21 | // Get returns details of a component release by name. 22 | Get(name oceanv1alpha1.OceanComponentName) (*Release, error) 23 | // Install installs a component to a cluster. 24 | Install(component *oceanv1alpha1.OceanComponent) (*Release, error) 25 | // Uninstall uninstalls a component from a cluster. 26 | Uninstall(component *oceanv1alpha1.OceanComponent) error 27 | // Upgrade upgrades a component to a cluster. 28 | Upgrade(component *oceanv1alpha1.OceanComponent) (*Release, error) 29 | // IsUpgrade determines whether a component release is an upgrade. 30 | IsUpgrade(component *oceanv1alpha1.OceanComponent, release *Release) bool 31 | } 32 | 33 | // Release describes a deployment of a component. For Helm-based components, 34 | // it represents a Helm release (i.e. a chart installed into a cluster). 35 | Release struct { 36 | // Name is the name of the release. 37 | Name string `json:"name,omitempty"` 38 | // Version is a SemVer 2 conformant version string of the release. 39 | Version string `json:"version,omitempty"` 40 | // AppVersion is the version of the application enclosed inside of this release. 41 | AppVersion string `json:"appVersion,omitempty"` 42 | // Status is the current state of the release. 43 | Status ReleaseStatus `json:"status,omitempty"` 44 | // Description is human-friendly "log entry" about this release. 45 | Description string `json:"description,omitempty"` 46 | // Values is the set of extra values added to the release. 47 | Values map[string]interface{} `json:"values,omitempty"` 48 | // Manifest is the string representation of the rendered template. 49 | Manifest string `json:"manifest,omitempty"` 50 | } 51 | ) 52 | 53 | // ReleaseStatus is the status of a release. 54 | type ReleaseStatus string 55 | 56 | // These are valid release statuses. 57 | const ( 58 | // ReleaseStatusUnknown indicates that a release is in an uncertain state. 59 | ReleaseStatusUnknown ReleaseStatus = "Unknown" 60 | // ReleaseStatusDeployed indicates that a release has been deployed to Kubernetes. 61 | ReleaseStatusDeployed ReleaseStatus = "Deployed" 62 | // ReleaseStatusUninstalled indicates that a release has been uninstalled from Kubernetes. 63 | ReleaseStatusUninstalled ReleaseStatus = "Uninstalled" 64 | // ReleaseStatusFailed indicates that the release was not successfully deployed. 65 | ReleaseStatusFailed ReleaseStatus = "Failed" 66 | // ReleaseStatusProgressing indicates that a release is in progress. 67 | ReleaseStatusProgressing ReleaseStatus = "Progressing" 68 | ) 69 | 70 | func (x ReleaseStatus) String() string { return string(x) } 71 | 72 | // IsNotImplemented returns true if the specified error is ErrNotImplemented. 73 | func IsNotImplemented(err error) bool { 74 | return errors.Is(err, ErrNotImplemented) 75 | } 76 | 77 | // IsReleaseNotFound returns true if the specified error is ErrReleaseNotFound. 78 | func IsReleaseNotFound(err error) bool { 79 | return errors.Is(err, ErrReleaseNotFound) 80 | } 81 | -------------------------------------------------------------------------------- /hack/scripts/build.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -euo pipefail 3 | 4 | # Version. 5 | VERSION="${VERSION:-$(cat internal/version/VERSION)}" 6 | 7 | # Revision. 8 | REVISION="${REVISION:-$(git rev-parse --short HEAD)}" 9 | 10 | # Release channel the image is being built for. Defaults to `stable`. 11 | RELEASE_CHANNEL="${RELEASE_CHANNEL:-stable}" 12 | 13 | # Target platform the image is being built for. Defaults to `linux/amd64`. 14 | TARGET_PLATFORM="${TARGET_PLATFORM:-linux/amd64}" 15 | 16 | # Image output. One of `push` (push image into registry), `load` (load image into Docker). 17 | IMAGE_OUTPUT="${IMAGE_OUTPUT:-push}" 18 | 19 | # Image registry. Defaults to `docker.io`. 20 | IMAGE_REGISTRY="${IMAGE_REGISTRY:-docker.io}" 21 | 22 | # Image repository. Defaults to `spotinst`. 23 | IMAGE_REPOSITORY="${IMAGE_REPOSITORY:-spotinst}" 24 | 25 | # Image name. Defaults to `ocean-operator`. 26 | IMAGE_NAME="${IMAGE_NAME:-ocean-operator}" 27 | 28 | # Image tag. One of `$VERSION`, `$VERSION-$RELEASE_CHANNEL`, `latest`. 29 | IMAGE_TAG="${IMAGE_TAG:-${VERSION}}" 30 | 31 | function log() { 32 | nanosec="$(date +%N)" 33 | timestamp="$(date -u +"%Y-%m-%dT%H:%M:%S").${nanosec:0:3}Z" 34 | log_level="$1" 35 | shift 36 | message="$*" 37 | echo -e "${timestamp} [${log_level}] ${message}" >&2 38 | } 39 | 40 | function log_info() { 41 | for message; do log "INFO" "${message}"; done 42 | } 43 | 44 | function log_fatal() { 45 | while (($# > 1)); do 46 | log "FATAL" "${1}" 47 | shift 48 | done 49 | exit "${1}" 50 | } 51 | 52 | function lowercase() { 53 | echo -n "${1}" | tr '[:upper:]' '[:lower:]' 54 | } 55 | 56 | function trim() { 57 | echo -n "${1}" | xargs 58 | } 59 | 60 | function docker_buildx() { 61 | # Enable extended build capabilities with BuildKit. 62 | cmd_args="$*" 63 | cmd="DOCKER_CLI_EXPERIMENTAL=enabled docker buildx ${cmd_args}" 64 | log_info "executing: ${cmd}" 65 | eval "${cmd}" 66 | echo $? 67 | } 68 | 69 | function docker_ensure_builder() { 70 | log_info "ensuring availability of buildkit builder" 71 | builder_name="ocean-operator-builder" 72 | builder_status="$(docker_buildx "inspect ${builder_name} >/dev/null 2>&1")" 73 | [[ "${builder_status}" -gt 0 ]] && 74 | docker_buildx "create --name ${builder_name} --use --buildkitd-flags=--debug" 75 | docker_buildx "inspect ${builder_name} --bootstrap" 76 | } 77 | 78 | function docker_ensure_platforms() { 79 | log_info "ensuring platforms" 80 | platforms="$(trim $(lowercase "${TARGET_PLATFORM}"))" 81 | case "${platforms}" in 82 | "all") 83 | echo "linux/amd64,linux/arm64" 84 | ;; 85 | "linux/amd64" | "linux/arm64") 86 | echo "${platforms}" 87 | ;; 88 | *) 89 | log_fatal "unsupported platform: ${platforms}" 128 90 | ;; 91 | esac 92 | } 93 | 94 | function docker_image_spec() { 95 | image_registry="$(trim $(lowercase "${IMAGE_REGISTRY}"))" 96 | image_repository="$(trim $(lowercase "${IMAGE_REPOSITORY}"))" 97 | image_name="$(trim $(lowercase "${IMAGE_NAME}"))" 98 | image_tag="$(trim $(lowercase ${IMAGE_TAG}))" 99 | [[ "${image_tag}" == ${VERSION} && "${RELEASE_CHANNEL}" != "stable" ]] && \ 100 | image_tag="${VERSION}-${RELEASE_CHANNEL}" 101 | release_channel="$(trim $(lowercase "${RELEASE_CHANNEL}"))" 102 | echo "${image_registry}/${image_repository}/${image_name}:${image_tag}" 103 | } 104 | 105 | function docker_build() { 106 | image="$(docker_image_spec)" 107 | platforms="$(docker_ensure_platforms)" 108 | 109 | args=( 110 | "build" 111 | "--platform ${platforms}" 112 | "--tag ${image}" 113 | "--label org.opencontainers.image.version=${VERSION}" 114 | "--label org.opencontainers.image.revision=${REVISION}" 115 | "--label org.opencontainers.image.created=$(date --rfc-3339=seconds | sed "s/ /T/")" 116 | "--label org.opencontainers.image.authors=spotinst" 117 | "--${IMAGE_OUTPUT}" 118 | "." 119 | ) 120 | 121 | log_info "building image: ${image} (${platforms})" 122 | docker_buildx "${args[@]}" 123 | } 124 | 125 | function main() { 126 | docker_ensure_platforms 127 | docker_ensure_builder 128 | docker_build 129 | } 130 | 131 | main "$@" 132 | -------------------------------------------------------------------------------- /api/v1alpha1/zz_generated.deepcopy.go: -------------------------------------------------------------------------------- 1 | //go:build !ignore_autogenerated 2 | // +build !ignore_autogenerated 3 | 4 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 5 | 6 | // Code generated by controller-gen. DO NOT EDIT. 7 | 8 | package v1alpha1 9 | 10 | import ( 11 | runtime "k8s.io/apimachinery/pkg/runtime" 12 | ) 13 | 14 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. 15 | func (in *OceanComponent) DeepCopyInto(out *OceanComponent) { 16 | *out = *in 17 | out.TypeMeta = in.TypeMeta 18 | in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) 19 | out.Spec = in.Spec 20 | in.Status.DeepCopyInto(&out.Status) 21 | } 22 | 23 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OceanComponent. 24 | func (in *OceanComponent) DeepCopy() *OceanComponent { 25 | if in == nil { 26 | return nil 27 | } 28 | out := new(OceanComponent) 29 | in.DeepCopyInto(out) 30 | return out 31 | } 32 | 33 | // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. 34 | func (in *OceanComponent) DeepCopyObject() runtime.Object { 35 | if c := in.DeepCopy(); c != nil { 36 | return c 37 | } 38 | return nil 39 | } 40 | 41 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. 42 | func (in *OceanComponentCondition) DeepCopyInto(out *OceanComponentCondition) { 43 | *out = *in 44 | in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime) 45 | in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) 46 | } 47 | 48 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OceanComponentCondition. 49 | func (in *OceanComponentCondition) DeepCopy() *OceanComponentCondition { 50 | if in == nil { 51 | return nil 52 | } 53 | out := new(OceanComponentCondition) 54 | in.DeepCopyInto(out) 55 | return out 56 | } 57 | 58 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. 59 | func (in *OceanComponentList) DeepCopyInto(out *OceanComponentList) { 60 | *out = *in 61 | out.TypeMeta = in.TypeMeta 62 | in.ListMeta.DeepCopyInto(&out.ListMeta) 63 | if in.Items != nil { 64 | in, out := &in.Items, &out.Items 65 | *out = make([]OceanComponent, len(*in)) 66 | for i := range *in { 67 | (*in)[i].DeepCopyInto(&(*out)[i]) 68 | } 69 | } 70 | } 71 | 72 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OceanComponentList. 73 | func (in *OceanComponentList) DeepCopy() *OceanComponentList { 74 | if in == nil { 75 | return nil 76 | } 77 | out := new(OceanComponentList) 78 | in.DeepCopyInto(out) 79 | return out 80 | } 81 | 82 | // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. 83 | func (in *OceanComponentList) DeepCopyObject() runtime.Object { 84 | if c := in.DeepCopy(); c != nil { 85 | return c 86 | } 87 | return nil 88 | } 89 | 90 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. 91 | func (in *OceanComponentSpec) DeepCopyInto(out *OceanComponentSpec) { 92 | *out = *in 93 | } 94 | 95 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OceanComponentSpec. 96 | func (in *OceanComponentSpec) DeepCopy() *OceanComponentSpec { 97 | if in == nil { 98 | return nil 99 | } 100 | out := new(OceanComponentSpec) 101 | in.DeepCopyInto(out) 102 | return out 103 | } 104 | 105 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. 106 | func (in *OceanComponentStatus) DeepCopyInto(out *OceanComponentStatus) { 107 | *out = *in 108 | if in.Properties != nil { 109 | in, out := &in.Properties, &out.Properties 110 | *out = make(map[string]string, len(*in)) 111 | for key, val := range *in { 112 | (*out)[key] = val 113 | } 114 | } 115 | if in.Conditions != nil { 116 | in, out := &in.Conditions, &out.Conditions 117 | *out = make([]OceanComponentCondition, len(*in)) 118 | for i := range *in { 119 | (*in)[i].DeepCopyInto(&(*out)[i]) 120 | } 121 | } 122 | } 123 | 124 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OceanComponentStatus. 125 | func (in *OceanComponentStatus) DeepCopy() *OceanComponentStatus { 126 | if in == nil { 127 | return nil 128 | } 129 | out := new(OceanComponentStatus) 130 | in.DeepCopyInto(out) 131 | return out 132 | } 133 | -------------------------------------------------------------------------------- /pkg/tide/crds/ocean.spot.io_oceancomponents.yaml: -------------------------------------------------------------------------------- 1 | 2 | --- 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | controller-gen.kubebuilder.io/version: v0.4.1 8 | creationTimestamp: null 9 | name: oceancomponents.ocean.spot.io 10 | spec: 11 | group: ocean.spot.io 12 | names: 13 | kind: OceanComponent 14 | listKind: OceanComponentList 15 | plural: oceancomponents 16 | shortNames: 17 | - oc 18 | singular: oceancomponent 19 | scope: Namespaced 20 | versions: 21 | - name: v1alpha1 22 | schema: 23 | openAPIV3Schema: 24 | description: OceanComponent is the Schema for the OceanComponent API 25 | properties: 26 | apiVersion: 27 | description: 'APIVersion defines the versioned schema of this representation 28 | of an object. Servers should convert recognized schemas to the latest 29 | internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 30 | type: string 31 | kind: 32 | description: 'Kind is a string value representing the REST resource this 33 | object represents. Servers may infer this from the endpoint the client 34 | submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 35 | type: string 36 | metadata: 37 | type: object 38 | spec: 39 | description: OceanComponentSpec defines the desired state of OceanComponent. 40 | properties: 41 | name: 42 | description: Name is the name of the OceanComponent. 43 | type: string 44 | state: 45 | description: State determines whether the component should be installed 46 | or removed. 47 | type: string 48 | type: 49 | description: Type is one of ["Helm"]. 50 | type: string 51 | url: 52 | description: URL is the location of the OceanComponent archive file. 53 | type: string 54 | values: 55 | description: Values is the set of extra values added to the OceanComponent. 56 | type: string 57 | version: 58 | description: Version is a SemVer 2 conformant version string of the 59 | OceanComponent archive file. 60 | type: string 61 | required: 62 | - name 63 | - state 64 | - type 65 | - url 66 | - version 67 | type: object 68 | status: 69 | description: OceanComponentStatus defines the observed state of OceanComponent. 70 | properties: 71 | conditions: 72 | items: 73 | description: OceanComponentCondition describes the state of a deployment 74 | at a certain point. 75 | properties: 76 | lastTransitionTime: 77 | description: Last time the condition transitioned from one status 78 | to another. 79 | format: date-time 80 | type: string 81 | lastUpdateTime: 82 | description: The last time this condition was updated. 83 | format: date-time 84 | type: string 85 | message: 86 | description: A human readable message indicating details about 87 | the transition. 88 | type: string 89 | reason: 90 | description: The reason for the condition's last transition. 91 | type: string 92 | status: 93 | description: Status of the condition, one of True, False, Unknown. 94 | type: string 95 | type: 96 | description: Type of deployment condition. 97 | type: string 98 | required: 99 | - status 100 | - type 101 | type: object 102 | type: array 103 | properties: 104 | additionalProperties: 105 | type: string 106 | description: A set of installation values specific to the component 107 | type: object 108 | type: object 109 | type: object 110 | served: true 111 | storage: true 112 | status: 113 | acceptedNames: 114 | kind: "" 115 | plural: "" 116 | conditions: [] 117 | storedVersions: [] 118 | -------------------------------------------------------------------------------- /config/crd/bases/ocean.spot.io_oceancomponents.yaml: -------------------------------------------------------------------------------- 1 | 2 | --- 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | controller-gen.kubebuilder.io/version: v0.4.1 8 | creationTimestamp: null 9 | name: oceancomponents.ocean.spot.io 10 | spec: 11 | group: ocean.spot.io 12 | names: 13 | kind: OceanComponent 14 | listKind: OceanComponentList 15 | plural: oceancomponents 16 | shortNames: 17 | - oc 18 | singular: oceancomponent 19 | scope: Namespaced 20 | versions: 21 | - name: v1alpha1 22 | schema: 23 | openAPIV3Schema: 24 | description: OceanComponent is the Schema for the OceanComponent API 25 | properties: 26 | apiVersion: 27 | description: 'APIVersion defines the versioned schema of this representation 28 | of an object. Servers should convert recognized schemas to the latest 29 | internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 30 | type: string 31 | kind: 32 | description: 'Kind is a string value representing the REST resource this 33 | object represents. Servers may infer this from the endpoint the client 34 | submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 35 | type: string 36 | metadata: 37 | type: object 38 | spec: 39 | description: OceanComponentSpec defines the desired state of OceanComponent. 40 | properties: 41 | name: 42 | description: Name is the name of the OceanComponent. 43 | type: string 44 | state: 45 | description: State determines whether the component should be installed 46 | or removed. 47 | type: string 48 | type: 49 | description: Type is one of ["Helm"]. 50 | type: string 51 | url: 52 | description: URL is the location of the OceanComponent archive file. 53 | type: string 54 | values: 55 | description: Values is the set of extra values added to the OceanComponent. 56 | type: string 57 | version: 58 | description: Version is a SemVer 2 conformant version string of the 59 | OceanComponent archive file. 60 | type: string 61 | required: 62 | - name 63 | - state 64 | - type 65 | - url 66 | - version 67 | type: object 68 | status: 69 | description: OceanComponentStatus defines the observed state of OceanComponent. 70 | properties: 71 | conditions: 72 | items: 73 | description: OceanComponentCondition describes the state of a deployment 74 | at a certain point. 75 | properties: 76 | lastTransitionTime: 77 | description: Last time the condition transitioned from one status 78 | to another. 79 | format: date-time 80 | type: string 81 | lastUpdateTime: 82 | description: The last time this condition was updated. 83 | format: date-time 84 | type: string 85 | message: 86 | description: A human readable message indicating details about 87 | the transition. 88 | type: string 89 | reason: 90 | description: The reason for the condition's last transition. 91 | type: string 92 | status: 93 | description: Status of the condition, one of True, False, Unknown. 94 | type: string 95 | type: 96 | description: Type of deployment condition. 97 | type: string 98 | required: 99 | - status 100 | - type 101 | type: object 102 | type: array 103 | properties: 104 | additionalProperties: 105 | type: string 106 | description: A set of installation values specific to the component 107 | type: object 108 | type: object 109 | type: object 110 | served: true 111 | storage: true 112 | status: 113 | acceptedNames: 114 | kind: "" 115 | plural: "" 116 | conditions: [] 117 | storedVersions: [] 118 | -------------------------------------------------------------------------------- /api/v1alpha1/oceancomponent_types.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package v1alpha1 4 | 5 | import ( 6 | corev1 "k8s.io/api/core/v1" 7 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 8 | ) 9 | 10 | // NamespaceSystem is the system namespace where we place Ocean components. 11 | const NamespaceSystem = "spot-system" 12 | 13 | // OceanComponentType represents the type of OceanComponent. 14 | type OceanComponentType string 15 | 16 | // These are valid component types. 17 | const ( 18 | OceanComponentTypeHelm OceanComponentType = "Helm" 19 | ) 20 | 21 | func (x OceanComponentType) String() string { return string(x) } 22 | 23 | // OceanComponentState represents the state of OceanComponent. 24 | type OceanComponentState string 25 | 26 | // These are valid component states. 27 | const ( 28 | OceanComponentStatePresent OceanComponentState = "Present" 29 | OceanComponentStateAbsent OceanComponentState = "Absent" 30 | ) 31 | 32 | func (x OceanComponentState) String() string { return string(x) } 33 | 34 | // OceanComponentName represents the name of OceanComponent. 35 | type OceanComponentName string 36 | 37 | // These are valid component names. 38 | const ( 39 | MetricsServerComponentName OceanComponentName = "metrics-server" 40 | OceanControllerComponentName OceanComponentName = "ocean-controller" 41 | LegacyOceanControllerComponentName OceanComponentName = "spotinst-kubernetes-cluster-controller" 42 | ) 43 | 44 | func (x OceanComponentName) String() string { return string(x) } 45 | 46 | // OceanComponentConditionType represents the type of OceanComponentCondition. 47 | type OceanComponentConditionType string 48 | 49 | // These are valid component conditions. 50 | const ( 51 | // OceanComponentConditionTypeAvailable means the application is available. 52 | OceanComponentConditionTypeAvailable OceanComponentConditionType = "Available" 53 | // OceanComponentConditionTypeProgressing means the component is progressing. 54 | OceanComponentConditionTypeProgressing OceanComponentConditionType = "Progressing" 55 | // OceanComponentConditionTypeDegraded indicates the component is in a temporary degraded state. 56 | OceanComponentConditionTypeDegraded OceanComponentConditionType = "Degraded" 57 | // OceanComponentConditionTypeFailure indicates a significant error conditions. 58 | OceanComponentConditionTypeFailure OceanComponentConditionType = "Failing" 59 | ) 60 | 61 | func (x OceanComponentConditionType) String() string { return string(x) } 62 | 63 | // OceanComponentCondition describes the state of a deployment at a certain point. 64 | type OceanComponentCondition struct { 65 | // Type of deployment condition. 66 | Type OceanComponentConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=OceanComponentConditionType"` 67 | // Status of the condition, one of True, False, Unknown. 68 | Status corev1.ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=k8s.io/api/core/v1.ConditionStatus"` 69 | // The last time this condition was updated. 70 | LastUpdateTime metav1.Time `json:"lastUpdateTime,omitempty" protobuf:"bytes,6,opt,name=lastUpdateTime"` 71 | // Last time the condition transitioned from one status to another. 72 | LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,7,opt,name=lastTransitionTime"` 73 | // The reason for the condition's last transition. 74 | Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"` 75 | // A human readable message indicating details about the transition. 76 | Message string `json:"message,omitempty" protobuf:"bytes,5,opt,name=message"` 77 | } 78 | 79 | // OceanComponentSpec defines the desired state of OceanComponent. 80 | type OceanComponentSpec struct { 81 | // Type is one of ["Helm"]. 82 | Type OceanComponentType `json:"type"` 83 | // Name is the name of the OceanComponent. 84 | Name OceanComponentName `json:"name"` 85 | // State determines whether the component should be installed or removed. 86 | State OceanComponentState `json:"state"` 87 | // URL is the location of the OceanComponent archive file. 88 | URL string `json:"url"` 89 | // Version is a SemVer 2 conformant version string of the OceanComponent archive file. 90 | Version string `json:"version"` 91 | // Values is the set of extra values added to the OceanComponent. 92 | Values string `json:"values,omitempty"` 93 | } 94 | 95 | // OceanComponentStatus defines the observed state of OceanComponent. 96 | type OceanComponentStatus struct { 97 | // A set of installation values specific to the component 98 | Properties map[string]string `json:"properties,omitempty"` 99 | Conditions []OceanComponentCondition `json:"conditions,omitempty"` 100 | } 101 | 102 | // +kubebuilder:object:root=true 103 | // +kubebuilder:resource:shortName=oc,path=oceancomponents 104 | 105 | // OceanComponent is the Schema for the OceanComponent API 106 | type OceanComponent struct { 107 | metav1.TypeMeta `json:",inline"` 108 | metav1.ObjectMeta `json:"metadata,omitempty"` 109 | 110 | Spec OceanComponentSpec `json:"spec,omitempty"` 111 | Status OceanComponentStatus `json:"status,omitempty"` 112 | } 113 | 114 | // +kubebuilder:object:root=true 115 | 116 | // OceanComponentList contains a list of OceanComponent 117 | type OceanComponentList struct { 118 | metav1.TypeMeta `json:",inline"` 119 | metav1.ListMeta `json:"metadata,omitempty"` 120 | Items []OceanComponent `json:"items"` 121 | } 122 | 123 | func init() { 124 | SchemeBuilder.Register(&OceanComponent{}, &OceanComponentList{}) 125 | } 126 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | .DEFAULT_GOAL := help 2 | .EXPORT_ALL_VARIABLES: 3 | 4 | # Utilities. 5 | V := 0 6 | Q := $(if $(filter 1,$(V)),,@) 7 | T := $(shell date -u +"%Y-%m-%dT%H:%M:%SZ") 8 | 9 | # Versioning. 10 | GIT_DIRTY := $(shell git status --porcelain) 11 | VERSION := $(shell cat internal/version/VERSION) 12 | 13 | # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set). 14 | ifeq (,$(shell go env GOBIN)) 15 | GOBIN=$(shell go env GOPATH)/bin 16 | else 17 | GOBIN=$(shell go env GOBIN) 18 | endif 19 | 20 | # Shell. 21 | # Setting SHELL to bash allows bash commands to be executed by recipes. 22 | # Options are set to exit when a recipe line exits non-zero or a piped command fails. 23 | SHELL = /usr/bin/env bash -o pipefail 24 | .SHELLFLAGS = -ec 25 | 26 | # Image spec for testing. 27 | IMAGE_REPOSITORY ?= spotinst 28 | IMAGE_NAME ?= ocean-operator 29 | IMAGE_TAG ?= $(VERSION) 30 | IMAGE_SPEC := $(IMAGE_REPOSITORY)/$(IMAGE_NAME):$(IMAGE_TAG) 31 | 32 | # Produce CRDs that work back to Kubernetes 1.11 (no version conversion) 33 | CRD_OPTIONS ?= "crd:trivialVersions=true,preserveUnknownFields=false" 34 | 35 | ##@ General 36 | 37 | .PHONY: help 38 | help: ## Display this help 39 | $(Q) awk 'BEGIN {FS = ":.*##"; printf "Usage: make \033[36m\033[0m\n"} /^[a-zA-Z_-]+:.*?##/ { printf " \033[36m%-20s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) }' $(MAKEFILE_LIST) 40 | 41 | ##@ Development 42 | 43 | .PHONY: manifests 44 | manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects 45 | $(Q) $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases 46 | $(Q) cp config/crd/bases/* pkg/tide/crds/ 47 | 48 | .PHONY: generate 49 | generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations 50 | $(Q) $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." 51 | 52 | .PHONY: fmt 53 | fmt: ## Run go fmt against code 54 | $(Q) go fmt ./... 55 | 56 | .PHONY: vet 57 | vet: ## Run go vet against code 58 | $(Q) go vet ./... 59 | 60 | .PHONY: test 61 | test: manifests generate fmt vet setup-envtest ## Run tests 62 | $(Q) go test ./... -coverprofile cover.out 63 | 64 | ##@ Build 65 | 66 | .PHONY: build 67 | build: generate fmt vet ## Build manager binary 68 | $(Q) go build -trimpath -o bin/ocean-operator cmd/ocean-operator/main.go 69 | 70 | .PHONY: build-tide 71 | build-tide: generate fmt vet ## Build tide binary 72 | $(Q) go build -trimpath -o bin/ocean-tide cmd/ocean-tide/main.go 73 | 74 | .PHONY: run 75 | run: manifests generate fmt vet ## Run a controller from your host 76 | $(Q) go run cmd/ocean-operator/main.go manager --zap-devel --zap-log-level=5 $(ARGS) 77 | 78 | BUILD_IMAGE_TARGETS := build-image-amd build-image-arm 79 | .PHONY: $(BUILD_IMAGE_TARGETS) build-image 80 | $(BUILD_IMAGE_TARGETS): build-image 81 | build-image: ## Build Docker image for all platforms 82 | $(Q) hack/scripts/build.sh 83 | build-image-amd: TARGET_PLATFORM="linux/amd64" ## Build Docker image for linux/amd64 84 | build-image-arm: TARGET_PLATFORM="linux/arm64" ## Build Docker image for linux/arm64 85 | 86 | ##@ Deployment 87 | 88 | .PHONY: install 89 | install: manifests kustomize ## Install CRDs into the cluster specified in ~/.kube/config 90 | $(Q) $(KUSTOMIZE) build config/crd | kubectl apply -f - 91 | 92 | .PHONY: uninstall 93 | uninstall: manifests kustomize ## Uninstall CRDs from the cluster specified in ~/.kube/config 94 | $(Q) $(KUSTOMIZE) build config/crd | kubectl delete -f - 95 | 96 | .PHONY: deploy 97 | deploy: manifests kustomize ## Deploy controller to the cluster specified in ~/.kube/config 98 | $(Q) cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMAGE_SPEC) 99 | $(Q) $(KUSTOMIZE) build config/default | kubectl apply -f - 100 | 101 | .PHONY: undeploy 102 | undeploy: ## Undeploy controller from the cluster specified in ~/.kube/config 103 | $(Q) $(KUSTOMIZE) build config/default | kubectl delete -f - 104 | 105 | .PHONY: controller-gen 106 | CONTROLLER_GEN = $(shell pwd)/bin/controller-gen 107 | controller-gen: ## Download controller-gen locally if necessary 108 | $(Q) $(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.4.1) 109 | 110 | .PHONY: kustomize 111 | KUSTOMIZE = $(shell pwd)/bin/kustomize 112 | kustomize: ## Download kustomize locally if necessary 113 | $(Q) $(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v3@v3.8.7) 114 | 115 | .PHONY: setup-envtest 116 | SETUP_ENVTEST = $(shell pwd)/bin/setup-envtest 117 | setup-envtest: ## Download setup-envtest locally if necessary 118 | $(Q) $(call go-get-tool,$(SETUP_ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest@latest) 119 | $(Q) $(SETUP_ENVTEST) use -i -p env 1.21.x! 120 | $(Q) source <($(SETUP_ENVTEST) -i -p env 1.21.x!) 121 | 122 | ##@ Release 123 | 124 | .PHONY: release 125 | release: manifests generate fmt ## Release a new version 126 | ifneq ($(strip $(GIT_DIRTY)),) 127 | $(Q) echo "Git is currently in a dirty state. Please commit your changes or stash them before you release." ; exit 1 128 | else 129 | $(Q) read -p "Release version: $(VERSION) → " version ;\ 130 | echo $$version > internal/version/VERSION ;\ 131 | git commit -a -m "chore(release): v$$version" ;\ 132 | git tag -f -m "chore(release): v$$version" v$$version ;\ 133 | git push --follow-tags 134 | endif 135 | 136 | # go-get-tool will 'go get' any package $2 and install it to $1. 137 | PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST)))) 138 | define go-get-tool 139 | @[ -f $(1) ] || { \ 140 | set -e ;\ 141 | TMP_DIR=$$(mktemp -d) ;\ 142 | cd $$TMP_DIR ;\ 143 | go mod init tmp ;\ 144 | echo "Downloading $(2)" ;\ 145 | GOBIN=$(PROJECT_DIR)/bin go get $(2) ;\ 146 | rm -rf $$TMP_DIR ;\ 147 | } 148 | endef 149 | -------------------------------------------------------------------------------- /pkg/tide/options.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package tide 4 | 5 | import ( 6 | oceanv1alpha1 "github.com/spotinst/ocean-operator/api/v1alpha1" 7 | ) 8 | 9 | // region Options 10 | 11 | // ApplyOptions contains apply options. 12 | type ApplyOptions struct { 13 | Namespace string 14 | ComponentsFilter map[oceanv1alpha1.OceanComponentName]struct{} 15 | } 16 | 17 | // DeleteOptions contains delete options. 18 | type DeleteOptions struct { 19 | Namespace string 20 | } 21 | 22 | // ChartOptions contains Helm chart options. 23 | type ChartOptions struct { 24 | Name string 25 | Namespace string 26 | URL string 27 | Version string 28 | Values string 29 | } 30 | 31 | // endregion 32 | 33 | // region Interfaces 34 | 35 | // ApplyOption is some configuration that modifies options for an apply request. 36 | type ApplyOption interface { 37 | // MutateApplyOptions applies this configuration to the given ApplyOptions. 38 | MutateApplyOptions(options *ApplyOptions) 39 | } 40 | 41 | // DeleteOption is some configuration that modifies options for a delete request. 42 | type DeleteOption interface { 43 | // MutateDeleteOptions applies this configuration to the given DeleteOptions. 44 | MutateDeleteOptions(options *DeleteOptions) 45 | } 46 | 47 | // ChartOption is some configuration that modifies options for a Helm chart. 48 | type ChartOption interface { 49 | // MutateChartOptions applies this configuration to the given ChartOptions. 50 | MutateChartOptions(options *ChartOptions) 51 | } 52 | 53 | // endregion 54 | 55 | // region Adapters 56 | 57 | // ApplyOptionFunc is a convenience type like http.HandlerFunc. 58 | type ApplyOptionFunc func(options *ApplyOptions) 59 | 60 | // MutateApplyOptions implements the ApplyOption interface. 61 | func (f ApplyOptionFunc) MutateApplyOptions(options *ApplyOptions) { f(options) } 62 | 63 | // DeleteOptionFunc is a convenience type like http.HandlerFunc. 64 | type DeleteOptionFunc func(options *DeleteOptions) 65 | 66 | // MutateDeleteOptions implements the DeleteOption interface. 67 | func (f DeleteOptionFunc) MutateDeleteOptions(options *DeleteOptions) { f(options) } 68 | 69 | // ChartOptionFunc is a convenience type like http.HandlerFunc. 70 | type ChartOptionFunc func(options *ChartOptions) 71 | 72 | // MutateChartOptions implements the ChartOption interface. 73 | func (f ChartOptionFunc) MutateChartOptions(options *ChartOptions) { 74 | f(options) 75 | } 76 | 77 | // endregion 78 | 79 | // region "Functional" Options 80 | 81 | // WithNamespace sets the given namespace. 82 | func WithNamespace(namespace string) Namespace { 83 | return Namespace(namespace) 84 | } 85 | 86 | // Namespace determines where components should be applied or deleted. 87 | type Namespace string 88 | 89 | // MutateApplyOptions implements the ApplyOption interface. 90 | func (w Namespace) MutateApplyOptions(options *ApplyOptions) { 91 | options.Namespace = string(w) 92 | } 93 | 94 | // MutateDeleteOptions implements the DeleteOption interface. 95 | func (w Namespace) MutateDeleteOptions(options *DeleteOptions) { 96 | options.Namespace = string(w) 97 | } 98 | 99 | // Blank assignments to verify that Namespace implements both ApplyOption and DeleteOption. 100 | var ( 101 | _ ApplyOption = Namespace("") 102 | _ DeleteOption = Namespace("") 103 | ) 104 | 105 | // WithComponentsFilter sets the given ComponentsFilter list. 106 | func WithComponentsFilter(components ...oceanv1alpha1.OceanComponentName) ComponentsFilter { 107 | return ComponentsFilter{ 108 | components: components, 109 | } 110 | } 111 | 112 | // ComponentsFilter filters components to be applied or deleted. 113 | type ComponentsFilter struct { 114 | components []oceanv1alpha1.OceanComponentName 115 | } 116 | 117 | // MutateApplyOptions implements the ApplyOption interface. 118 | func (w ComponentsFilter) MutateApplyOptions(options *ApplyOptions) { 119 | options.ComponentsFilter = make(map[oceanv1alpha1.OceanComponentName]struct{}) 120 | for _, component := range w.components { 121 | options.ComponentsFilter[component] = struct{}{} 122 | } 123 | } 124 | 125 | // Blank assignment to verify that ComponentsFilter implements ApplyOption. 126 | var _ ApplyOption = ComponentsFilter{} 127 | 128 | // WithChartName sets the given chart name. 129 | func WithChartName(name string) ChartOption { 130 | return ChartOptionFunc(func(options *ChartOptions) { 131 | options.Name = name 132 | }) 133 | } 134 | 135 | // WithChartNamespace sets the given chart namespace. 136 | func WithChartNamespace(namespace string) ChartOption { 137 | return ChartOptionFunc(func(options *ChartOptions) { 138 | options.Namespace = namespace 139 | }) 140 | } 141 | 142 | // WithChartURL sets the given chart URL. 143 | func WithChartURL(url string) ChartOption { 144 | return ChartOptionFunc(func(options *ChartOptions) { 145 | options.URL = url 146 | }) 147 | } 148 | 149 | // WithChartVersion sets the given chart version. 150 | func WithChartVersion(version string) ChartOption { 151 | return ChartOptionFunc(func(options *ChartOptions) { 152 | options.Version = version 153 | }) 154 | } 155 | 156 | // WithChartValues sets the given chart values. 157 | func WithChartValues(values string) ChartOption { 158 | return ChartOptionFunc(func(options *ChartOptions) { 159 | options.Values = values 160 | }) 161 | } 162 | 163 | // endregion 164 | 165 | // region Helpers 166 | 167 | func mutateApplyOptions(options ...ApplyOption) *ApplyOptions { 168 | opts := new(ApplyOptions) 169 | for _, opt := range options { 170 | opt.MutateApplyOptions(opts) 171 | } 172 | return opts 173 | } 174 | 175 | func mutateDeleteOptions(options ...DeleteOption) *DeleteOptions { 176 | opts := new(DeleteOptions) 177 | for _, opt := range options { 178 | opt.MutateDeleteOptions(opts) 179 | } 180 | return opts 181 | } 182 | 183 | func mutateChartOptions(options ...ChartOption) *ChartOptions { 184 | opts := new(ChartOptions) 185 | for _, opt := range options { 186 | opt.MutateChartOptions(opts) 187 | } 188 | return opts 189 | } 190 | 191 | // endregion 192 | -------------------------------------------------------------------------------- /internal/cmd/ocean-operator/manager/manager.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package manager 4 | 5 | import ( 6 | "context" 7 | "fmt" 8 | "runtime" 9 | 10 | "github.com/spf13/cobra" 11 | oceanv1alpha1 "github.com/spotinst/ocean-operator/api/v1alpha1" 12 | "github.com/spotinst/ocean-operator/controllers" 13 | "github.com/spotinst/ocean-operator/internal/cli" 14 | "github.com/spotinst/ocean-operator/internal/ocean" 15 | "github.com/spotinst/ocean-operator/internal/version" 16 | "github.com/spotinst/ocean-operator/pkg/tide" 17 | "k8s.io/client-go/rest" 18 | ctrl "sigs.k8s.io/controller-runtime" 19 | "sigs.k8s.io/controller-runtime/pkg/healthz" 20 | "sigs.k8s.io/controller-runtime/pkg/manager" 21 | //+kubebuilder:scaffold:imports 22 | ) 23 | 24 | type Options struct { 25 | *cli.CommonOptions 26 | 27 | LeaderElection bool 28 | LeaderLock string 29 | MetricsAddress string 30 | ProbeAddress string 31 | BootstrapNamespace string 32 | BootstrapComponents *ocean.ComponentsFlag 33 | 34 | // internal 35 | config *rest.Config 36 | manager manager.Manager 37 | } 38 | 39 | // NewCommand returns a new cobra.Command for manager. 40 | func NewCommand(commonOptions *cli.CommonOptions) *cobra.Command { 41 | options := &Options{ 42 | CommonOptions: commonOptions, 43 | BootstrapComponents: ocean.NewEmptyComponentsFlag(commonOptions.Log), 44 | } 45 | 46 | cmd := &cobra.Command{ 47 | Use: "manager", 48 | Short: "Start the controller runtime manager", 49 | Long: `Start the controller runtime manager`, 50 | SilenceUsage: true, 51 | SilenceErrors: true, 52 | PreRun: func(cmd *cobra.Command, args []string) { 53 | cli.PrintFlags(cmd.Flags(), options.Log) 54 | }, 55 | RunE: func(cmd *cobra.Command, args []string) error { 56 | return options.run(ctrl.LoggerInto(ctrl.SetupSignalHandler(), options.Log)) 57 | }, 58 | } 59 | 60 | // bind 61 | cmd.Flags().StringVar(&options.MetricsAddress, "metrics-bind-address", ":8080", "address the metric endpoint binds to") 62 | cmd.Flags().StringVar(&options.ProbeAddress, "health-probe-bind-address", ":8081", "address the probe endpoint binds to") 63 | 64 | // leadership 65 | cmd.Flags().BoolVar(&options.LeaderElection, "leader-elect", false, "enable leader election") 66 | cmd.Flags().StringVar(&options.LeaderLock, "leader-lock", "6c511c84.spot.io", "leader election lock name") 67 | 68 | // bootstrap 69 | cmd.Flags().StringVar(&options.BootstrapNamespace, "bootstrap-namespace", oceanv1alpha1.NamespaceSystem, "namespace where components should be installed during environment bootstrapping") 70 | cmd.Flags().Var(options.BootstrapComponents, "bootstrap-components", "list of components to install during environment bootstrapping") 71 | 72 | return cmd 73 | } 74 | 75 | func (x *Options) run(ctx context.Context) error { 76 | for _, fn := range []func(context.Context) error{ 77 | x.printVersion, 78 | x.setupConfig, 79 | x.setupEnvironment, 80 | x.setupManager, 81 | x.setupChecks, 82 | x.startManager, 83 | } { 84 | if err := fn(ctx); err != nil { 85 | return err 86 | } 87 | } 88 | return nil 89 | } 90 | 91 | func (x *Options) printVersion(ctx context.Context) error { 92 | x.Log.Info(fmt.Sprintf("operator version: %s", version.String())) 93 | x.Log.Info(fmt.Sprintf("go version: %s", runtime.Version()[2:])) 94 | x.Log.Info(fmt.Sprintf("go os/arch: %s/%s", runtime.GOOS, runtime.GOARCH)) 95 | return nil 96 | } 97 | 98 | func (x *Options) setupConfig(ctx context.Context) (err error) { 99 | ctrl.SetLogger(x.Log) 100 | x.config, err = ctrl.GetConfig() 101 | if err != nil { 102 | x.Log.Error(err, "unable to get kubeconfig") 103 | return err 104 | } 105 | return nil 106 | } 107 | 108 | func (x *Options) setupEnvironment(ctx context.Context) error { 109 | clientGetter := tide.NewConfigFlags(x.config, x.BootstrapNamespace) 110 | manager, err := tide.NewManager(clientGetter, x.Log) 111 | if err != nil { 112 | x.Log.Error(err, "unable to create tide manager") 113 | return err 114 | } 115 | 116 | applyOptions := []tide.ApplyOption{ 117 | tide.WithNamespace(x.BootstrapNamespace), 118 | tide.WithComponentsFilter(x.BootstrapComponents.List()...), 119 | } 120 | if err = manager.ApplyEnvironment(ctx, applyOptions...); err != nil { 121 | return err 122 | } 123 | 124 | return nil 125 | } 126 | 127 | func (x *Options) setupManager(ctx context.Context) (err error) { 128 | x.manager, err = ctrl.NewManager(x.config, ctrl.Options{ 129 | Scheme: tide.DefaultScheme(), 130 | Port: 9443, 131 | MetricsBindAddress: x.MetricsAddress, 132 | HealthProbeBindAddress: x.ProbeAddress, 133 | LeaderElection: x.LeaderElection, 134 | LeaderElectionID: x.LeaderLock, 135 | }) 136 | if err != nil { 137 | x.Log.Error(err, "unable to create runtime manager") 138 | return err 139 | } 140 | 141 | if err = (&controllers.OceanComponentReconciler{ 142 | Scheme: x.manager.GetScheme(), 143 | Client: x.manager.GetClient(), 144 | ClientGetter: tide.NewConfigFlags(x.config, x.BootstrapNamespace), 145 | Log: x.Log.WithName("oceancomponent"), 146 | Namespace: x.BootstrapNamespace, 147 | }).SetupWithManager(x.manager); err != nil { 148 | x.Log.Error(err, "unable to create controller", "controller", "oceancomponent") 149 | return err 150 | } 151 | 152 | //+kubebuilder:scaffold:builder 153 | return nil 154 | } 155 | 156 | func (x *Options) setupChecks(ctx context.Context) error { 157 | x.Log.Info("registering checks") 158 | if err := x.manager.AddHealthzCheck("healthz", healthz.Ping); err != nil { 159 | x.Log.Error(err, "unable to set up health check") 160 | return err 161 | } 162 | if err := x.manager.AddReadyzCheck("readyz", healthz.Ping); err != nil { 163 | x.Log.Error(err, "unable to set up ready check") 164 | return err 165 | } 166 | return nil 167 | } 168 | 169 | func (x *Options) startManager(ctx context.Context) error { 170 | x.Log.Info("starting manager") 171 | if err := x.manager.Start(ctx); err != nil { 172 | x.Log.Error(err, "manager exited non-zero") 173 | return err 174 | } 175 | return nil 176 | } 177 | -------------------------------------------------------------------------------- /pkg/tide/operator.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package tide 4 | 5 | import ( 6 | "context" 7 | "errors" 8 | "fmt" 9 | "time" 10 | 11 | oceanv1alpha1 "github.com/spotinst/ocean-operator/api/v1alpha1" 12 | "github.com/spotinst/ocean-operator/pkg/installer" 13 | "github.com/spotinst/ocean-operator/pkg/log" 14 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 15 | utilwait "k8s.io/apimachinery/pkg/util/wait" 16 | "k8s.io/cli-runtime/pkg/genericclioptions" 17 | "k8s.io/client-go/kubernetes" 18 | ) 19 | 20 | // NewOperatorOceanComponent returns an oceanv1alpha1.OceanComponent 21 | // representing the Ocean Operator. 22 | func NewOperatorOceanComponent(options ...ChartOption) *oceanv1alpha1.OceanComponent { 23 | comp := &oceanv1alpha1.OceanComponent{ 24 | ObjectMeta: metav1.ObjectMeta{ 25 | Namespace: oceanv1alpha1.NamespaceSystem, 26 | Name: OceanOperatorChart, 27 | }, 28 | Spec: oceanv1alpha1.OceanComponentSpec{ 29 | Type: oceanv1alpha1.OceanComponentTypeHelm, 30 | State: oceanv1alpha1.OceanComponentStatePresent, 31 | Name: OceanOperatorChart, 32 | URL: OceanOperatorRepository, 33 | Version: OceanOperatorVersion, 34 | }, 35 | } 36 | 37 | opts := mutateChartOptions(options...) 38 | comp.Namespace = opts.Namespace 39 | comp.Spec.Name = oceanv1alpha1.OceanComponentName(opts.Name) 40 | comp.Spec.URL = opts.URL 41 | comp.Spec.Version = opts.Version 42 | comp.Spec.Values = opts.Values 43 | 44 | return comp 45 | } 46 | 47 | // InstallOperator installs the Ocean Operator. 48 | func InstallOperator( 49 | ctx context.Context, 50 | operator *oceanv1alpha1.OceanComponent, 51 | clientGetter genericclioptions.RESTClientGetter, 52 | wait, dryRun bool, 53 | timeout time.Duration, 54 | log log.Logger, 55 | ) error { 56 | // install or upgrade 57 | { 58 | i, err := installer.GetInstance( 59 | operator.Spec.Type.String(), 60 | installer.WithNamespace(operator.Namespace), 61 | installer.WithClientGetter(clientGetter), 62 | installer.WithDryRun(dryRun), 63 | installer.WithLogger(log)) 64 | if err != nil { 65 | log.Error(err, "unable to create installer") 66 | return err 67 | } 68 | 69 | existing, err := i.Get(operator.Spec.Name) 70 | if err != nil && !installer.IsReleaseNotFound(err) { 71 | log.Error(err, "error checking ocean operator release") 72 | return err 73 | } 74 | 75 | var release *installer.Release 76 | if existing != nil && i.IsUpgrade(operator, existing) { 77 | log.Info("upgrading ocean operator") 78 | release, err = i.Upgrade(operator) 79 | } else { 80 | log.Info("installing ocean operator") 81 | release, err = i.Install(operator) 82 | } 83 | if err != nil { 84 | return fmt.Errorf("cannot release ocean operator: %w", err) 85 | } 86 | if dryRun && release != nil { 87 | log.Info(release.Manifest) 88 | } 89 | } 90 | 91 | // validate 92 | { 93 | if wait && !dryRun { 94 | config, err := clientGetter.ToRESTConfig() 95 | if err != nil { 96 | return fmt.Errorf("cannot get restconfig: %w", err) 97 | } 98 | 99 | clientSet, err := kubernetes.NewForConfig(config) 100 | if err != nil { 101 | return fmt.Errorf("cannot connect to cluster: %w", err) 102 | } 103 | 104 | log.Info("waiting for deployment to be ready") 105 | client := clientSet.AppsV1().Deployments(operator.Namespace) 106 | err = utilwait.Poll(5*time.Second, timeout, func() (bool, error) { 107 | dep, err := client.Get(ctx, OceanOperatorDeployment, metav1.GetOptions{}) 108 | if err != nil || dep.Status.AvailableReplicas == 0 || dep.Status.UnavailableReplicas != 0 { 109 | return false, nil 110 | } 111 | log.V(2).Info("polled", 112 | "deployment", dep.Name, 113 | "replicas", dep.Status.AvailableReplicas) 114 | return true, nil 115 | }) 116 | if err != nil && errors.Is(err, utilwait.ErrWaitTimeout) { 117 | return fmt.Errorf("timed out waiting for deployment to be ready") 118 | } 119 | } 120 | } 121 | 122 | return nil 123 | } 124 | 125 | // UninstallOperator uninstalls the Ocean Operator. 126 | func UninstallOperator( 127 | ctx context.Context, 128 | operator *oceanv1alpha1.OceanComponent, 129 | clientGetter genericclioptions.RESTClientGetter, 130 | wait, dryRun bool, 131 | timeout time.Duration, 132 | log log.Logger, 133 | ) error { 134 | // uninstall 135 | { 136 | i, err := installer.GetInstance( 137 | operator.Spec.Type.String(), 138 | installer.WithNamespace(operator.Namespace), 139 | installer.WithClientGetter(clientGetter), 140 | installer.WithDryRun(dryRun), 141 | installer.WithLogger(log)) 142 | if err != nil { 143 | log.Error(err, "unable to create installer") 144 | return err 145 | } 146 | 147 | existing, err := i.Get(operator.Spec.Name) 148 | if err != nil && !installer.IsReleaseNotFound(err) { 149 | log.Error(err, "error checking ocean operator release") 150 | return err 151 | } 152 | 153 | if existing != nil { 154 | log.Info("uninstalling ocean operator") 155 | if err = i.Uninstall(operator); err != nil { 156 | return fmt.Errorf("cannot uninstall ocean operator: %w", err) 157 | } 158 | } 159 | } 160 | 161 | // validate 162 | { 163 | if wait && !dryRun { 164 | config, err := clientGetter.ToRESTConfig() 165 | if err != nil { 166 | return fmt.Errorf("cannot get restconfig: %w", err) 167 | } 168 | 169 | clientSet, err := kubernetes.NewForConfig(config) 170 | if err != nil { 171 | return fmt.Errorf("cannot connect to cluster: %w", err) 172 | } 173 | 174 | log.Info("waiting for deployment to be evicted") 175 | client := clientSet.AppsV1().Deployments(operator.Namespace) 176 | err = utilwait.Poll(5*time.Second, timeout, func() (bool, error) { 177 | dep, err := client.Get(ctx, OceanOperatorDeployment, metav1.GetOptions{}) 178 | if err == nil { 179 | log.V(2).Info("polled", 180 | "deployment", dep.Name, 181 | "replicas", dep.Status.AvailableReplicas) 182 | return false, nil 183 | } 184 | return true, nil 185 | }) 186 | if err != nil && errors.Is(err, utilwait.ErrWaitTimeout) { 187 | return fmt.Errorf("timed out waiting for deployment to be evicted") 188 | } 189 | } 190 | } 191 | 192 | return nil 193 | } 194 | -------------------------------------------------------------------------------- /controllers/oceancomponent_helpers.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package controllers 4 | 5 | import ( 6 | "context" 7 | "fmt" 8 | "sort" 9 | 10 | oceanv1alpha1 "github.com/spotinst/ocean-operator/api/v1alpha1" 11 | "github.com/spotinst/ocean-operator/pkg/tide" 12 | appsv1 "k8s.io/api/apps/v1" 13 | corev1 "k8s.io/api/core/v1" 14 | apierrors "k8s.io/apimachinery/pkg/api/errors" 15 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 16 | "k8s.io/apimachinery/pkg/types" 17 | "sigs.k8s.io/controller-runtime/pkg/client" 18 | ) 19 | 20 | // newCondition creates a new OceanComponent condition. 21 | func newCondition(condType oceanv1alpha1.OceanComponentConditionType, 22 | status corev1.ConditionStatus, reason, message string, 23 | ) *oceanv1alpha1.OceanComponentCondition { 24 | return &oceanv1alpha1.OceanComponentCondition{ 25 | Type: condType, 26 | Status: status, 27 | Reason: reason, 28 | Message: message, 29 | LastUpdateTime: metav1.Now(), 30 | LastTransitionTime: metav1.Now(), 31 | } 32 | } 33 | 34 | // newConditionf returns a new OceanComponent condition with arguments. 35 | func newConditionf(condType oceanv1alpha1.OceanComponentConditionType, 36 | status corev1.ConditionStatus, reason, message string, args ...interface{}, 37 | ) *oceanv1alpha1.OceanComponentCondition { 38 | return newCondition(condType, status, reason, fmt.Sprintf(message, args...)) 39 | } 40 | 41 | // hasCondition returns true if the given status has the given condition. 42 | func hasCondition(status *oceanv1alpha1.OceanComponentStatus, 43 | condition oceanv1alpha1.OceanComponentCondition) bool { 44 | c := status.Conditions 45 | for _, e := range c { 46 | if e.Type == condition.Type { 47 | return true 48 | } 49 | } 50 | return false 51 | } 52 | 53 | // setCondition updates the OceanComponent to include the provided 54 | // condition. If the condition that we are about to add already exists and has 55 | // the same status and reason then we are not going to update. 56 | func setCondition(status *oceanv1alpha1.OceanComponentStatus, 57 | condition oceanv1alpha1.OceanComponentCondition) bool { 58 | currentCond := getCondition(*status, condition.Type) 59 | if currentCond != nil && 60 | currentCond.Status == condition.Status && 61 | currentCond.Reason == condition.Reason { 62 | return false 63 | } 64 | // Do not update lastTransitionTime if the status of the condition doesn't change. 65 | if currentCond != nil && currentCond.Status == condition.Status { 66 | condition.LastTransitionTime = currentCond.LastTransitionTime 67 | } 68 | newConditions := filterOutCondition(status.Conditions, condition.Type) 69 | status.Conditions = append(newConditions, condition) 70 | return true 71 | } 72 | 73 | // removeCondition removes the condition with the provided type. 74 | func removeCondition(status *oceanv1alpha1.OceanComponentStatus, 75 | condType oceanv1alpha1.OceanComponentConditionType) { 76 | status.Conditions = filterOutCondition(status.Conditions, condType) 77 | } 78 | 79 | // getCurrentCondition returns the condition with the most recent 80 | // update. 81 | func getCurrentCondition( 82 | status oceanv1alpha1.OceanComponentStatus) *oceanv1alpha1.OceanComponentCondition { 83 | if len(status.Conditions) == 0 { 84 | return nil 85 | } 86 | sortMostRecent(&status) 87 | return &status.Conditions[0] 88 | } 89 | 90 | func sortMostRecent(status *oceanv1alpha1.OceanComponentStatus) { 91 | c := status.Conditions 92 | sort.Slice(c, func(i int, j int) bool { 93 | return c[i].LastUpdateTime.Time.After(c[j].LastUpdateTime.Time) 94 | }) 95 | status.Conditions = c 96 | } 97 | 98 | // getCondition returns the condition with the provided type. 99 | func getCondition(status oceanv1alpha1.OceanComponentStatus, 100 | condType oceanv1alpha1.OceanComponentConditionType) *oceanv1alpha1.OceanComponentCondition { 101 | for i := range status.Conditions { 102 | c := status.Conditions[i] 103 | if c.Type == condType { 104 | return &c 105 | } 106 | } 107 | return nil 108 | } 109 | 110 | // filterOutCondition returns a new slice of conditions without conditions with 111 | // the provided type. 112 | func filterOutCondition(conditions []oceanv1alpha1.OceanComponentCondition, 113 | condType oceanv1alpha1.OceanComponentConditionType) []oceanv1alpha1.OceanComponentCondition { 114 | var newConditions []oceanv1alpha1.OceanComponentCondition 115 | for _, condition := range conditions { 116 | if condition.Type == condType { 117 | continue 118 | } 119 | newConditions = append(newConditions, condition) 120 | } 121 | return newConditions 122 | } 123 | 124 | func getDeploymentConditions(ctx context.Context, client client.Client, 125 | objName types.NamespacedName) ([]*oceanv1alpha1.OceanComponentCondition, error) { 126 | conditions := make([]*oceanv1alpha1.OceanComponentCondition, 0) 127 | 128 | deployment := new(appsv1.Deployment) 129 | if err := client.Get(ctx, objName, deployment); err != nil { 130 | if apierrors.IsNotFound(err) { 131 | conditions = append(conditions, newCondition( 132 | oceanv1alpha1.OceanComponentConditionTypeAvailable, 133 | corev1.ConditionFalse, 134 | "DeploymentAbsent", 135 | "Deployment does not exist", 136 | )) 137 | return conditions, nil // enough, return 138 | } else { 139 | return nil, err 140 | } 141 | } 142 | 143 | if deployment.Status.AvailableReplicas == 0 { 144 | conditions = append(conditions, newCondition( 145 | oceanv1alpha1.OceanComponentConditionTypeAvailable, 146 | corev1.ConditionFalse, 147 | "DeploymentUnavailable", 148 | "No pods are available", 149 | )) 150 | } else { 151 | conditions = append(conditions, newCondition( 152 | oceanv1alpha1.OceanComponentConditionTypeAvailable, 153 | corev1.ConditionTrue, 154 | "DeploymentAvailable", 155 | "Pods are available", 156 | )) 157 | } 158 | 159 | return conditions, nil 160 | } 161 | 162 | func getOceanControllerConditions(ctx context.Context, client client.Client, 163 | objName types.NamespacedName) ([]*oceanv1alpha1.OceanComponentCondition, error) { 164 | // ocean-controller's deployment name differs from its component name 165 | objName = types.NamespacedName{ 166 | Namespace: metav1.NamespaceSystem, 167 | Name: tide.LegacyOceanControllerDeployment, 168 | } 169 | return getDeploymentConditions(ctx, client, objName) 170 | } 171 | 172 | func getMetricsServerConditions(ctx context.Context, client client.Client, 173 | objName types.NamespacedName) ([]*oceanv1alpha1.OceanComponentCondition, error) { 174 | return getDeploymentConditions(ctx, client, objName) 175 | } 176 | -------------------------------------------------------------------------------- /pkg/tide/values/builders.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package values 4 | 5 | import ( 6 | "context" 7 | "encoding/json" 8 | "fmt" 9 | 10 | "github.com/spotinst/ocean-operator/pkg/config" 11 | "github.com/spotinst/ocean-operator/pkg/credentials" 12 | "github.com/spotinst/ocean-operator/pkg/tide" 13 | "sigs.k8s.io/controller-runtime/pkg/client" 14 | ) 15 | 16 | // Builder defines the interface used by chart builders. 17 | type Builder interface { 18 | // Build builds chart values. 19 | Build(ctx context.Context) (string, error) 20 | } 21 | 22 | // Blank assignments to verify that all builders implement the Builder interface. 23 | var ( 24 | _ Builder = new(OceanOperatorBuilder) 25 | _ Builder = new(OceanControllerBuilder) 26 | ) 27 | 28 | // region Base Builder 29 | 30 | // OceanBaseBuilder builds values passed to Helm charts. 31 | type OceanBaseBuilder struct { 32 | credentials *credentials.Value 33 | config *config.Value 34 | client client.Client 35 | } 36 | 37 | // NewOceanBaseBuilder returns a new OceanBaseBuilder. 38 | func NewOceanBaseBuilder() *OceanBaseBuilder { 39 | return new(OceanBaseBuilder) 40 | } 41 | 42 | // WithCredentials sets the credentials that should be used. 43 | func (b *OceanBaseBuilder) WithCredentials(value *credentials.Value) *OceanBaseBuilder { 44 | b.credentials = value 45 | return b 46 | } 47 | 48 | // WithToken sets the value for `spotinst.token`. 49 | // It's a shorthand for WithCredentials(&Value{Token:"redacted"}). 50 | func (b *OceanBaseBuilder) WithToken(value string) *OceanBaseBuilder { 51 | if b.credentials == nil { 52 | b.credentials = new(credentials.Value) 53 | } 54 | b.credentials.Token = value 55 | return b 56 | } 57 | 58 | // WithAccount sets the value for `spotinst.account`. 59 | // It's a shorthand for WithCredentials(&Value{Account:"redacted"}). 60 | func (b *OceanBaseBuilder) WithAccount(value string) *OceanBaseBuilder { 61 | if b.credentials == nil { 62 | b.credentials = new(credentials.Value) 63 | } 64 | b.credentials.Account = value 65 | return b 66 | } 67 | 68 | // WithConfig sets the config that should be used. 69 | func (b *OceanBaseBuilder) WithConfig(value *config.Value) *OceanBaseBuilder { 70 | b.config = value 71 | return b 72 | } 73 | 74 | // WithClusterIdentifier sets the value for `oceanController.clusterIdentifier`. 75 | // It's a shorthand for WithConfig(&Value{ClusterIdentifier:"redacted"}). 76 | func (b *OceanBaseBuilder) WithClusterIdentifier(value string) *OceanBaseBuilder { 77 | if b.config == nil { 78 | b.config = new(config.Value) 79 | } 80 | b.config.ClusterIdentifier = value 81 | return b 82 | } 83 | 84 | // WithACDIdentifier sets the value for `oceanController.acdIdentifier`. 85 | // It's a shorthand for WithConfig(&Value{ACDIdentifier:"redacted"}). 86 | func (b *OceanBaseBuilder) WithACDIdentifier(value string) *OceanBaseBuilder { 87 | if b.config == nil { 88 | b.config = new(config.Value) 89 | } 90 | b.config.ACDIdentifier = value 91 | return b 92 | } 93 | 94 | // WithClient sets the client that should be used to fetch in-cluster config/credentials. 95 | func (b *OceanBaseBuilder) WithClient(client client.Client) *OceanBaseBuilder { 96 | b.client = client 97 | return b 98 | } 99 | 100 | // Complete completes the setup of the builder. 101 | func (b *OceanBaseBuilder) Complete(ctx context.Context) error { 102 | var err error 103 | 104 | if b.credentials == nil && b.client != nil { 105 | b.credentials, err = tide.LoadCredentials(ctx, b.client) 106 | if err != nil { 107 | return err 108 | } 109 | } 110 | 111 | if b.config == nil && b.client != nil { 112 | b.config, err = tide.LoadConfig(ctx, b.client) 113 | if err != nil { 114 | return err 115 | } 116 | } 117 | 118 | return nil 119 | } 120 | 121 | // endregion 122 | 123 | // region Ocean Operator Builder 124 | 125 | type OceanOperatorBuilder struct { 126 | *OceanBaseBuilder 127 | components []string 128 | } 129 | 130 | func NewOceanOperatorBuilder(base *OceanBaseBuilder) *OceanOperatorBuilder { 131 | return &OceanOperatorBuilder{ 132 | OceanBaseBuilder: base, 133 | } 134 | } 135 | 136 | // WithComponents sets the value for `bootstrap.components`. 137 | func (b *OceanOperatorBuilder) WithComponents(components []string) *OceanOperatorBuilder { 138 | b.components = components 139 | return b 140 | } 141 | 142 | func (b *OceanOperatorBuilder) Build(ctx context.Context) (string, error) { 143 | if err := b.Complete(ctx); err != nil { 144 | return "", err 145 | } 146 | 147 | values := &valuesOceanOperator{ 148 | Spotinst: &valuesOceanOperatorSpotinst{ 149 | Token: b.credentials.Token, 150 | Account: b.credentials.Account, 151 | ClusterIdentifier: b.config.ClusterIdentifier, 152 | ACDIdentifier: b.config.ACDIdentifier, 153 | }, 154 | Bootstrap: &valuesOceanOperatorBootstrap{ 155 | Components: b.components, 156 | }, 157 | } 158 | 159 | o, err := json.Marshal(values) 160 | if err != nil { 161 | return "", fmt.Errorf("failed to marshal values: %w", err) 162 | } 163 | 164 | return string(o), nil 165 | } 166 | 167 | // endregion 168 | 169 | // region Ocean Controller Builder 170 | 171 | type OceanControllerBuilder struct { 172 | *OceanBaseBuilder 173 | } 174 | 175 | func NewOceanControllerBuilder(base *OceanBaseBuilder) *OceanControllerBuilder { 176 | return &OceanControllerBuilder{ 177 | OceanBaseBuilder: base, 178 | } 179 | } 180 | 181 | func (b *OceanControllerBuilder) Build(ctx context.Context) (string, error) { 182 | if err := b.Complete(ctx); err != nil { 183 | return "", err 184 | } 185 | 186 | values := &valuesOceanController{ 187 | Spotinst: &valuesOceanControllerSpotinst{ 188 | Token: b.credentials.Token, 189 | Account: b.credentials.Account, 190 | ClusterIdentifier: b.config.ClusterIdentifier, 191 | }, 192 | Connector: &valuesOceanControllerConnector{ 193 | ACDIdentifier: b.config.ACDIdentifier, 194 | }, 195 | } 196 | 197 | o, err := json.Marshal(values) 198 | if err != nil { 199 | return "", fmt.Errorf("failed to marshal values: %w", err) 200 | } 201 | 202 | return string(o), nil 203 | } 204 | 205 | // endregion 206 | 207 | // region Types 208 | 209 | type ( 210 | valuesOceanOperatorSpotinst struct { 211 | Token string `json:"token" yaml:"token"` 212 | Account string `json:"account" yaml:"account"` 213 | ClusterIdentifier string `json:"clusterIdentifier" yaml:"clusterIdentifier"` 214 | ACDIdentifier string `json:"acdIdentifier" yaml:"acdIdentifier"` 215 | } 216 | 217 | valuesOceanOperatorBootstrap struct { 218 | Components []string `json:"components" yaml:"components"` 219 | } 220 | 221 | valuesOceanOperator struct { 222 | Spotinst *valuesOceanOperatorSpotinst `json:"spotinst" yaml:"spotinst"` 223 | Bootstrap *valuesOceanOperatorBootstrap `json:"bootstrap" yaml:"bootstrap"` 224 | } 225 | ) 226 | 227 | func (v *valuesOceanOperator) Valid() bool { 228 | return v.Spotinst != nil && 229 | v.Spotinst.Token != "" && 230 | v.Spotinst.Account != "" && 231 | v.Spotinst.ClusterIdentifier != "" 232 | } 233 | 234 | type ( 235 | valuesOceanControllerSpotinst struct { 236 | Token string `json:"token" yaml:"token"` 237 | Account string `json:"account" yaml:"account"` 238 | ClusterIdentifier string `json:"clusterIdentifier" yaml:"clusterIdentifier"` 239 | } 240 | 241 | valuesOceanControllerConnector struct { 242 | ACDIdentifier string `json:"acdIdentifier" yaml:"acdIdentifier"` 243 | } 244 | 245 | valuesOceanController struct { 246 | Spotinst *valuesOceanControllerSpotinst `json:"spotinst" yaml:"spotinst"` 247 | Connector *valuesOceanControllerConnector `json:"aksConnector" yaml:"aksConnector"` 248 | } 249 | ) 250 | 251 | func (v *valuesOceanController) Valid() bool { 252 | return v.Spotinst != nil && 253 | v.Spotinst.Token != "" && 254 | v.Spotinst.Account != "" && 255 | v.Spotinst.ClusterIdentifier != "" 256 | } 257 | 258 | // endregion 259 | -------------------------------------------------------------------------------- /pkg/installer/installers/helm/helm.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package helm 4 | 5 | import ( 6 | "errors" 7 | "fmt" 8 | "io/ioutil" 9 | "os" 10 | "strings" 11 | 12 | "github.com/google/go-cmp/cmp" 13 | oceanv1alpha1 "github.com/spotinst/ocean-operator/api/v1alpha1" 14 | "github.com/spotinst/ocean-operator/pkg/installer" 15 | "github.com/spotinst/ocean-operator/pkg/log" 16 | "gopkg.in/yaml.v3" 17 | "helm.sh/helm/v3/pkg/action" 18 | "helm.sh/helm/v3/pkg/chart/loader" 19 | "helm.sh/helm/v3/pkg/cli" 20 | _ "helm.sh/helm/v3/pkg/downloader" 21 | _ "helm.sh/helm/v3/pkg/getter" 22 | "helm.sh/helm/v3/pkg/release" 23 | "helm.sh/helm/v3/pkg/storage/driver" 24 | "k8s.io/cli-runtime/pkg/genericclioptions" 25 | ) 26 | 27 | func init() { 28 | installer.MustRegister(oceanv1alpha1.OceanComponentTypeHelm.String(), 29 | func(options *installer.InstallerOptions) (installer.Installer, error) { 30 | return NewInstaller(options), nil 31 | }) 32 | } 33 | 34 | type Installer struct { 35 | ClientGetter genericclioptions.RESTClientGetter 36 | Namespace string 37 | DryRun bool 38 | Log log.Logger 39 | } 40 | 41 | // NewInstaller returns a Installer. 42 | func NewInstaller(options *installer.InstallerOptions) *Installer { 43 | return &Installer{ 44 | ClientGetter: options.ClientGetter, 45 | Namespace: options.Namespace, 46 | DryRun: options.DryRun, 47 | Log: options.Log, 48 | } 49 | } 50 | 51 | func (i *Installer) Get(name oceanv1alpha1.OceanComponentName) (*installer.Release, error) { 52 | config, err := i.getActionConfig(i.Namespace) 53 | if err != nil { 54 | return nil, fmt.Errorf("failed to get action configuration: %w", err) 55 | } 56 | 57 | rel, err := action.NewGet(config).Run(name.String()) 58 | if err != nil { 59 | if errors.Is(err, driver.ErrReleaseNotFound) { 60 | return nil, installer.ErrReleaseNotFound 61 | } 62 | return nil, err 63 | } 64 | 65 | values := make(map[string]interface{}) 66 | if rel.Config != nil { 67 | values = rel.Config 68 | } 69 | 70 | return i.translateRelease(rel, values), nil 71 | } 72 | 73 | func (i *Installer) Install(component *oceanv1alpha1.OceanComponent) (*installer.Release, error) { 74 | values := make(map[string]interface{}) 75 | if err := yaml.Unmarshal([]byte(component.Spec.Values), &values); err != nil { 76 | return nil, fmt.Errorf("invalid values configuration: %w", err) 77 | } 78 | i.Log.V(5).Info("install values configuration", "values", values) 79 | 80 | config, err := i.getActionConfig(i.Namespace) 81 | if err != nil { 82 | return nil, fmt.Errorf("failed to get action configuration: %w", err) 83 | } 84 | 85 | chartName := component.Spec.Name.String() 86 | rel, err := action.NewGet(config).Run(chartName) 87 | if err != nil && !errors.Is(err, driver.ErrReleaseNotFound) { 88 | return nil, fmt.Errorf("existing release check failed: %w", err) 89 | } else if rel != nil { 90 | i.Log.Info("release already exists", "name", chartName) 91 | return i.translateRelease(rel, values), nil 92 | } 93 | 94 | act := action.NewInstall(config) 95 | act.ReleaseName = chartName 96 | act.Namespace = i.Namespace 97 | act.DryRun = i.DryRun 98 | act.ChartPathOptions.RepoURL = component.Spec.URL 99 | act.ChartPathOptions.Version = component.Spec.Version 100 | act.CreateNamespace = true 101 | 102 | settings := new(cli.EnvSettings) 103 | cache, err := ioutil.TempDir(os.TempDir(), "oceancache-") 104 | if err != nil { 105 | return nil, fmt.Errorf("unable to create cache directory: %w", err) 106 | } 107 | defer func() { 108 | err := os.RemoveAll(cache) 109 | if err != nil { 110 | i.Log.Error(err, "could not delete cache directory", "path", cache) 111 | } 112 | }() 113 | settings.RepositoryCache = cache 114 | settings.Debug = i.DryRun // renders out invalid yaml 115 | 116 | // Check for the existence of a file called 'chartName' in the current directory. 117 | // If it exists, it will assume that is the chart and it won't download the chart. 118 | cp, err := act.ChartPathOptions.LocateChart(chartName, settings) 119 | if err != nil { 120 | return nil, fmt.Errorf("failed to locate chart %s: %w", chartName, err) 121 | } 122 | 123 | chart, err := loader.Load(cp) 124 | if err != nil { 125 | return nil, fmt.Errorf("failed to load chart %s: %w", cp, err) 126 | } 127 | 128 | rel, err = act.Run(chart, values) 129 | if err != nil { 130 | return nil, fmt.Errorf("installation error: %w", err) 131 | } 132 | 133 | i.Log.Info("installed", "name", rel.Name) 134 | return i.translateRelease(rel, values), nil 135 | } 136 | 137 | func (i *Installer) Uninstall(component *oceanv1alpha1.OceanComponent) error { 138 | config, err := i.getActionConfig(i.Namespace) 139 | if err != nil { 140 | return fmt.Errorf("failed to get action configuration: %w", err) 141 | } 142 | 143 | act := action.NewUninstall(config) 144 | act.DryRun = i.DryRun 145 | 146 | chartName := component.Spec.Name.String() 147 | _, err = act.Run(chartName) 148 | if err != nil { 149 | i.Log.Error(err, fmt.Sprintf("ignoring deletion error: %v", err)) 150 | } else { 151 | i.Log.Info("uninstalled", "name", chartName) 152 | } 153 | 154 | return nil 155 | } 156 | 157 | func (i *Installer) Upgrade(component *oceanv1alpha1.OceanComponent) (*installer.Release, error) { 158 | values := make(map[string]interface{}) 159 | if err := yaml.Unmarshal([]byte(component.Spec.Values), &values); err != nil { 160 | return nil, fmt.Errorf("invalid values configuration: %w", err) 161 | } 162 | i.Log.V(5).Info("upgrade values configuration", "values", values) 163 | 164 | config, err := i.getActionConfig(i.Namespace) 165 | if err != nil { 166 | return nil, fmt.Errorf("failed to get action configuration: %w", err) 167 | } 168 | 169 | act := action.NewUpgrade(config) 170 | act.Namespace = i.Namespace 171 | act.DryRun = i.DryRun 172 | act.ChartPathOptions.RepoURL = component.Spec.URL 173 | act.ChartPathOptions.Version = component.Spec.Version 174 | act.ReuseValues = true 175 | 176 | settings := new(cli.EnvSettings) 177 | cacheDir, err := ioutil.TempDir(os.TempDir(), "oceancache-") 178 | if err != nil { 179 | return nil, fmt.Errorf("unable to create cache directory: %w", err) 180 | } 181 | defer func() { 182 | err := os.RemoveAll(cacheDir) 183 | if err != nil { 184 | i.Log.Error(err, "could not delete cache directory", "path", cacheDir) 185 | } 186 | }() 187 | settings.RepositoryCache = cacheDir 188 | settings.Debug = i.DryRun // renders out invalid yaml 189 | 190 | chartName := component.Spec.Name.String() 191 | cp, err := act.ChartPathOptions.LocateChart(chartName, settings) 192 | if err != nil { 193 | return nil, fmt.Errorf("failed to locate chart %s: %w", chartName, err) 194 | } 195 | 196 | chart, err := loader.Load(cp) 197 | if err != nil { 198 | return nil, fmt.Errorf("failed to load chart %s: %w", cp, err) 199 | } 200 | 201 | rel, err := act.Run(chartName, chart, values) 202 | if err != nil { 203 | return nil, fmt.Errorf("installation error: %w", err) 204 | } 205 | 206 | i.Log.Info("upgraded", "name", rel.Name) 207 | return i.translateRelease(rel, values), nil 208 | } 209 | 210 | func (i *Installer) IsUpgrade(component *oceanv1alpha1.OceanComponent, release *installer.Release) bool { 211 | if component.Spec.Version != release.Version { 212 | return true 213 | } 214 | 215 | newValues := make(map[string]interface{}) 216 | if err := yaml.Unmarshal([]byte(component.Spec.Values), &newValues); err != nil { 217 | i.Log.Error(err, "failed to unmarshal values") 218 | return true // fail properly later 219 | } 220 | if newValues == nil { 221 | newValues = make(map[string]interface{}) 222 | } 223 | 224 | oldValues := make(map[string]interface{}) 225 | if release.Values != nil { 226 | oldValues = release.Values 227 | } 228 | 229 | if diff := strings.TrimSpace(cmp.Diff(newValues, oldValues)); diff != "" { 230 | i.Log.V(5).Info("upgrade is required", "diff", diff) 231 | return true 232 | } 233 | 234 | return false 235 | } 236 | 237 | // https://stackoverflow.com/questions/59782217/run-helm3-client-from-in-cluster 238 | func (i *Installer) getActionConfig(namespace string) (*action.Configuration, error) { 239 | config := new(action.Configuration) 240 | if err := config.Init(i.ClientGetter, namespace, "secret", i.actionLogger); err != nil { 241 | return nil, err 242 | } 243 | return config, nil 244 | } 245 | 246 | // actionLogger returns an action.DebugLog that uses Zap to log. 247 | func (i *Installer) actionLogger(format string, v ...interface{}) { 248 | i.Log.Info(fmt.Sprintf(format, v...)) 249 | } 250 | 251 | func (i *Installer) translateRelease(rel *release.Release, values map[string]interface{}) *installer.Release { 252 | return &installer.Release{ 253 | Name: rel.Name, 254 | Version: rel.Chart.Metadata.Version, 255 | AppVersion: rel.Chart.Metadata.AppVersion, 256 | Description: rel.Info.Description, 257 | Manifest: rel.Manifest, 258 | Status: i.translateReleaseStatus(rel.Info.Status), 259 | Values: values, 260 | } 261 | } 262 | 263 | func (i *Installer) translateReleaseStatus(status release.Status) installer.ReleaseStatus { 264 | switch status { 265 | case release.StatusFailed, release.StatusSuperseded: 266 | return installer.ReleaseStatusFailed 267 | case release.StatusPendingInstall, release.StatusPendingRollback, release.StatusPendingUpgrade, release.StatusUninstalling: 268 | return installer.ReleaseStatusProgressing 269 | case release.StatusUninstalled: 270 | return installer.ReleaseStatusUninstalled 271 | case release.StatusDeployed: 272 | return installer.ReleaseStatusDeployed 273 | case release.StatusUnknown: 274 | return installer.ReleaseStatusUnknown 275 | default: 276 | return "" 277 | } 278 | } 279 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /controllers/oceancomponent_controller.go: -------------------------------------------------------------------------------- 1 | // Copyright 2021 NetApp, Inc. All Rights Reserved. 2 | 3 | package controllers 4 | 5 | import ( 6 | "context" 7 | "fmt" 8 | "time" 9 | 10 | oceanv1alpha1 "github.com/spotinst/ocean-operator/api/v1alpha1" 11 | ctrlutil "github.com/spotinst/ocean-operator/internal/controller" 12 | "github.com/spotinst/ocean-operator/internal/version" 13 | "github.com/spotinst/ocean-operator/pkg/installer" 14 | _ "github.com/spotinst/ocean-operator/pkg/installer/installers" 15 | "github.com/spotinst/ocean-operator/pkg/log" 16 | "github.com/spotinst/ocean-operator/pkg/tide/values" 17 | corev1 "k8s.io/api/core/v1" 18 | apierrors "k8s.io/apimachinery/pkg/api/errors" 19 | "k8s.io/apimachinery/pkg/runtime" 20 | "k8s.io/apimachinery/pkg/types" 21 | "k8s.io/cli-runtime/pkg/genericclioptions" 22 | ctrl "sigs.k8s.io/controller-runtime" 23 | "sigs.k8s.io/controller-runtime/pkg/client" 24 | ) 25 | 26 | const ( 27 | // OperatorFinalizerName is the name of the finalizer. 28 | OperatorFinalizerName = "operator.ocean.spot.io" 29 | 30 | // OperatorVersionAnnotation is the annotation holds the operator version. 31 | OperatorVersionAnnotation = "operator.ocean.spot.io/version" 32 | ) 33 | 34 | // OceanComponentReconciler reconciles a OceanComponent object 35 | type OceanComponentReconciler struct { 36 | Scheme *runtime.Scheme 37 | Client client.Client 38 | ClientGetter genericclioptions.RESTClientGetter 39 | Log log.Logger 40 | Namespace string 41 | } 42 | 43 | // Helm requires cluster-admin access, but here we'll explicitly mention a few 44 | // resources that the ocean operator accesses directly: 45 | // 46 | // +kubebuilder:rbac:groups="",resources=namespaces,verbs=get;list;watch;create 47 | // +kubebuilder:rbac:groups="apps",resources=deployments,verbs=get;list;watch;create;update;patch;uninstall 48 | // +kubebuilder:rbac:groups=ocean.spot.io,resources=components,verbs=get;list;watch;create;update;patch;uninstall 49 | // +kubebuilder:rbac:groups=ocean.spot.io,resources=components/status,verbs=get;update;patch 50 | // +kubebuilder:rbac:groups=ocean.spot.io,resources=components/finalizers,verbs=update 51 | 52 | // SetupWithManager sets up the controller with the Manager. 53 | func (r *OceanComponentReconciler) SetupWithManager(mgr ctrl.Manager) error { 54 | return ctrl.NewControllerManagedBy(mgr). 55 | For(&oceanv1alpha1.OceanComponent{}). 56 | Complete(r) 57 | } 58 | 59 | type RequestContext struct { 60 | ctrlutil.RequestContext 61 | comp *oceanv1alpha1.OceanComponent 62 | installer installer.Installer 63 | log log.Logger 64 | } 65 | 66 | // Reconcile is part of the main kubernetes reconciliation loop which aims to 67 | // move the current state of the cluster closer to the desired state. 68 | // 69 | // For more details, check Reconcile and its Result here: 70 | // - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.9.5/pkg/reconcile 71 | func (r *OceanComponentReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { 72 | rctx := r.newContext(ctx, req) 73 | rctx.log.Info("reconciling") 74 | 75 | // get component by namespaced name 76 | rctx.comp = new(oceanv1alpha1.OceanComponent) 77 | if err := r.Client.Get(ctx, req.NamespacedName, rctx.comp); err != nil { 78 | if !apierrors.IsNotFound(err) { 79 | rctx.log.Error(err, "cannot retrieve") 80 | } 81 | return ctrlutil.NoRequeue() 82 | } 83 | 84 | // add finalizer and version annotation 85 | changed, err := r.setInitialValues(rctx.comp) 86 | if err != nil { 87 | return ctrlutil.RequeueError(err) 88 | } 89 | if changed { 90 | if err = r.Client.Update(ctx, rctx.comp); err != nil { 91 | return ctrlutil.RequeueError(err) 92 | } 93 | } 94 | 95 | // initialize new installer 96 | rctx.installer, err = r.newInstaller(rctx) 97 | if err != nil { 98 | rctx.log.Error(err, "cannot reconcile") 99 | return r.unsupportedType(rctx) 100 | } 101 | 102 | // reconcile delete 103 | if ctrlutil.IsBeingDeleted(rctx.comp) { 104 | resp, err := r.reconcileAbsent(rctx) 105 | if err != nil { 106 | return resp, err 107 | } 108 | // remove finalizer, but fetch again since it's been patched 109 | if err = r.Client.Get(ctx, req.NamespacedName, rctx.comp); err != nil { 110 | if !apierrors.IsNotFound(err) { 111 | rctx.log.Error(err, "cannot retrieve") 112 | } 113 | return ctrlutil.NoRequeue() 114 | } 115 | ctrlutil.RemoveFinalizer(rctx.comp, OperatorFinalizerName) 116 | err = r.Client.Update(ctx, rctx.comp) 117 | return resp, err 118 | } 119 | 120 | // reconcile apply 121 | switch rctx.comp.Spec.State { 122 | case oceanv1alpha1.OceanComponentStatePresent: 123 | return r.reconcilePresent(rctx) 124 | case oceanv1alpha1.OceanComponentStateAbsent: 125 | return r.reconcileAbsent(rctx) 126 | default: 127 | return ctrlutil.RequeueError(fmt.Errorf("unsupported component state: %v", rctx.comp.Spec.State)) 128 | } 129 | } 130 | 131 | func (r *OceanComponentReconciler) reconcilePresent(ctx *RequestContext) (ctrl.Result, error) { 132 | // check whether the component is already installed 133 | release, err := ctx.installer.Get(ctx.comp.Spec.Name) 134 | if err != nil { 135 | if !installer.IsReleaseNotFound(err) { 136 | return ctrlutil.RequeueError(err) 137 | } else { 138 | // component isn't present, install 139 | return r.install(ctx) 140 | } 141 | } 142 | 143 | // component is present, upgrade 144 | if ctx.installer.IsUpgrade(ctx.comp, release) { 145 | return r.upgrade(ctx) 146 | } 147 | 148 | // component is present, and it's not an upgrade 149 | switch release.Status { 150 | case installer.ReleaseStatusFailed: // mark as failed, uninstall 151 | deepCopy := ctx.comp.DeepCopy() 152 | condition := newCondition( 153 | oceanv1alpha1.OceanComponentConditionTypeFailure, 154 | corev1.ConditionTrue, 155 | installer.ReleaseStatusFailed.String(), 156 | release.Description) 157 | changed := setCondition(&(deepCopy.Status), *condition) 158 | if changed { 159 | if err = r.Client.Patch(ctx, deepCopy, client.MergeFrom(ctx.comp)); err != nil { 160 | ctx.log.Error(err, "patch error") 161 | return ctrlutil.RequeueError(err) 162 | } 163 | } 164 | return r.uninstall(ctx) 165 | 166 | case installer.ReleaseStatusProgressing: // progressing, requeue 167 | deepCopy := ctx.comp.DeepCopy() 168 | condition := newCondition( 169 | oceanv1alpha1.OceanComponentConditionTypeProgressing, 170 | corev1.ConditionTrue, 171 | installer.ReleaseStatusProgressing.String(), 172 | release.Description) 173 | changed := setCondition(&(deepCopy.Status), *condition) 174 | if changed { 175 | if err = r.Client.Patch(ctx, deepCopy, client.MergeFrom(ctx.comp)); err != nil { 176 | ctx.log.Error(err, "patch error") 177 | return ctrlutil.RequeueError(err) 178 | } 179 | } 180 | return ctrlutil.RequeueAfterError(15*time.Second, err) 181 | 182 | case installer.ReleaseStatusUninstalled: // well, reinstall it 183 | deepCopy := ctx.comp.DeepCopy() 184 | condition := newCondition( 185 | oceanv1alpha1.OceanComponentConditionTypeAvailable, 186 | corev1.ConditionFalse, 187 | installer.ReleaseStatusUninstalled.String(), 188 | release.Description) 189 | changed := setCondition(&(deepCopy.Status), *condition) 190 | if changed { // update component 191 | if err = r.Client.Patch(ctx, deepCopy, client.MergeFrom(ctx.comp)); err != nil { 192 | ctx.log.Error(err, "patch error") 193 | return ctrlutil.RequeueError(err) 194 | } 195 | if err = r.Client.Get(ctx, ctx.GetRequest().NamespacedName, ctx.comp); err != nil { 196 | ctx.log.Error(err, "retrieve error") 197 | return ctrlutil.RequeueError(err) 198 | } 199 | } 200 | return r.install(ctx) 201 | 202 | // remaining conditions are Deployed and Unknown 203 | // continue on to component-specific condition 204 | } 205 | 206 | // check updated conditions 207 | // note that underlying components may fail without triggering a reconciliation event 208 | 209 | deepCopy := ctx.comp.DeepCopy() 210 | changed := false 211 | 212 | conditions, err := r.getCurrentConditions(ctx) 213 | if err != nil { 214 | ctx.log.Error(err, "cannot get current conditions") 215 | return ctrlutil.RequeueError(err) 216 | } 217 | if len(conditions) > 0 { 218 | for _, condition := range conditions { 219 | up := setCondition(&(deepCopy.Status), *condition) 220 | changed = changed || up 221 | } 222 | } 223 | if changed { 224 | if err = r.Client.Patch(ctx, deepCopy, client.MergeFrom(ctx.comp)); err != nil { 225 | ctx.log.Error(err, "patch error") 226 | return ctrlutil.RequeueError(err) 227 | } 228 | } 229 | 230 | condition := getCurrentCondition(deepCopy.Status) 231 | requeue := true 232 | if condition.Type == oceanv1alpha1.OceanComponentConditionTypeAvailable && 233 | condition.Status == corev1.ConditionTrue { 234 | requeue = false 235 | } 236 | 237 | return ctrlutil.Requeue(requeue) 238 | } 239 | 240 | func (r *OceanComponentReconciler) reconcileAbsent(ctx *RequestContext) (ctrl.Result, error) { 241 | _, err := ctx.installer.Get(ctx.comp.Spec.Name) 242 | if err != nil { 243 | if installer.IsReleaseNotFound(err) { 244 | deepCopy := ctx.comp.DeepCopy() 245 | condition := newCondition( 246 | oceanv1alpha1.OceanComponentConditionTypeAvailable, 247 | corev1.ConditionFalse, 248 | installer.ReleaseStatusUninstalled.String(), 249 | "Component not present", 250 | ) 251 | changed := setCondition(&(deepCopy.Status), *condition) 252 | if changed { 253 | if err = r.Client.Patch(ctx, deepCopy, client.MergeFrom(ctx.comp)); err != nil { 254 | ctx.log.Error(err, "patch error") 255 | return ctrlutil.RequeueError(err) 256 | } 257 | } 258 | return ctrlutil.NoRequeue() 259 | } 260 | return ctrlutil.RequeueError(err) 261 | } 262 | 263 | return r.uninstall(ctx) 264 | } 265 | 266 | func (r *OceanComponentReconciler) install(ctx *RequestContext) (ctrl.Result, error) { 267 | ctx.log.Info("installing") 268 | 269 | deepCopy := ctx.comp.DeepCopy() 270 | condition := newCondition( 271 | oceanv1alpha1.OceanComponentConditionTypeProgressing, 272 | corev1.ConditionTrue, 273 | "Installing", 274 | "Install started", 275 | ) 276 | changed := setCondition(&(deepCopy.Status), *condition) 277 | if changed { 278 | if err := r.Client.Patch(ctx, deepCopy, client.MergeFrom(ctx.comp)); err != nil { 279 | ctx.log.Error(err, "patch error") 280 | return ctrlutil.RequeueError(err) 281 | } 282 | } 283 | 284 | if err := r.ensureNamespace(ctx, deepCopy.Namespace); err != nil { 285 | ctx.log.Error(err, "unable to create namespace", "namespace", r.Namespace) 286 | return ctrlutil.RequeueError(err) 287 | } 288 | 289 | ephemeralCopy := deepCopy.DeepCopy() 290 | if err := r.setSpecValues(ctx, ephemeralCopy); err != nil { 291 | return ctrlutil.RequeueError(err) 292 | } 293 | _, installErr := ctx.installer.Install(ephemeralCopy) 294 | if installErr != nil { 295 | ctx.log.Error(installErr, "installation failed") 296 | return ctrlutil.RequeueError(installErr) 297 | } 298 | 299 | condition = newCondition( 300 | oceanv1alpha1.OceanComponentConditionTypeAvailable, 301 | corev1.ConditionTrue, 302 | "Installed", 303 | "Install finished", 304 | ) 305 | changed = setCondition(&(deepCopy.Status), *condition) 306 | if changed { 307 | if err := r.Client.Patch(ctx, deepCopy, client.MergeFrom(ctx.comp)); err != nil { 308 | ctx.log.Error(err, "patch error") 309 | return ctrlutil.RequeueError(err) 310 | } 311 | } 312 | 313 | return ctrlutil.RequeueAfter(time.Minute) 314 | } 315 | 316 | func (r *OceanComponentReconciler) uninstall(ctx *RequestContext) (ctrl.Result, error) { 317 | ctx.log.Info("uninstalling") 318 | 319 | deepCopy := ctx.comp.DeepCopy() 320 | condition := newCondition( 321 | oceanv1alpha1.OceanComponentConditionTypeProgressing, 322 | corev1.ConditionTrue, 323 | "Uninstalling", 324 | "Uninstall started", 325 | ) 326 | changed := setCondition(&(deepCopy.Status), *condition) 327 | if changed { 328 | if err := r.Client.Patch(ctx, deepCopy, client.MergeFrom(ctx.comp)); err != nil { 329 | ctx.log.Error(err, "patch error") 330 | return ctrlutil.RequeueError(err) 331 | } 332 | } 333 | uninstallErr := ctx.installer.Uninstall(deepCopy) 334 | if uninstallErr != nil { 335 | return ctrlutil.RequeueError(uninstallErr) 336 | } 337 | 338 | condition = newCondition( 339 | oceanv1alpha1.OceanComponentConditionTypeAvailable, 340 | corev1.ConditionTrue, 341 | "Uninstalled", 342 | "Uninstall finished", 343 | ) 344 | changed = setCondition(&(deepCopy.Status), *condition) 345 | if changed { 346 | if err := r.Client.Patch(ctx, deepCopy, client.MergeFrom(ctx.comp)); err != nil { 347 | ctx.log.Error(err, "patch error") 348 | return ctrlutil.RequeueError(err) 349 | } 350 | } 351 | 352 | return ctrlutil.RequeueAfter(time.Minute) 353 | } 354 | 355 | func (r *OceanComponentReconciler) upgrade(ctx *RequestContext) (ctrl.Result, error) { 356 | ctx.log.Info("upgrading") 357 | 358 | deepCopy := ctx.comp.DeepCopy() 359 | condition := newCondition( 360 | oceanv1alpha1.OceanComponentConditionTypeProgressing, 361 | corev1.ConditionTrue, 362 | "Upgrading", 363 | "Upgrade started", 364 | ) 365 | changed := setCondition(&(deepCopy.Status), *condition) 366 | if changed { 367 | if err := r.Client.Patch(ctx, deepCopy, client.MergeFrom(ctx.comp)); err != nil { 368 | ctx.log.Error(err, "patch error") 369 | return ctrlutil.RequeueError(err) 370 | } 371 | } 372 | 373 | ephemeralCopy := deepCopy.DeepCopy() 374 | if err := r.setSpecValues(ctx, ephemeralCopy); err != nil { 375 | return ctrlutil.RequeueError(err) 376 | } 377 | _, upgradeErr := ctx.installer.Upgrade(ephemeralCopy) 378 | if upgradeErr != nil { 379 | return ctrlutil.RequeueError(upgradeErr) 380 | } 381 | 382 | condition = newCondition( 383 | oceanv1alpha1.OceanComponentConditionTypeAvailable, 384 | corev1.ConditionTrue, 385 | "Upgraded", 386 | "Upgrade finished", 387 | ) 388 | changed = setCondition(&(deepCopy.Status), *condition) 389 | if changed { 390 | if err := r.Client.Patch(ctx, deepCopy, client.MergeFrom(ctx.comp)); err != nil { 391 | ctx.log.Error(err, "patch error") 392 | return ctrlutil.RequeueError(err) 393 | } 394 | } 395 | 396 | return ctrlutil.RequeueAfter(time.Minute) 397 | } 398 | 399 | func (r *OceanComponentReconciler) ensureNamespace(ctx *RequestContext, namespace string) error { 400 | if namespace == "" { 401 | namespace = r.Namespace 402 | } 403 | ns := new(corev1.Namespace) 404 | key := types.NamespacedName{Name: namespace} 405 | ctx.log.V(1).Info("checking existence", "namespace", namespace) 406 | err := r.Client.Get(ctx, key, ns) 407 | if apierrors.IsNotFound(err) { 408 | ns.Name = namespace 409 | ctx.log.Info("creating", "namespace", namespace) 410 | return r.Client.Create(ctx, ns) 411 | } 412 | return err 413 | } 414 | 415 | // getCurrentConditions examines the current environment and returns a condition 416 | // for the component. 417 | func (r *OceanComponentReconciler) getCurrentConditions(ctx *RequestContext) ([]*oceanv1alpha1.OceanComponentCondition, error) { 418 | objName := ctx.GetRequest().NamespacedName 419 | switch ctx.comp.Spec.Name { 420 | case oceanv1alpha1.OceanControllerComponentName, oceanv1alpha1.LegacyOceanControllerComponentName: 421 | return getOceanControllerConditions(ctx, r.Client, objName) 422 | case oceanv1alpha1.MetricsServerComponentName: 423 | return getMetricsServerConditions(ctx, r.Client, objName) 424 | default: 425 | // (a) check helm 426 | // (b) return not installed 427 | return []*oceanv1alpha1.OceanComponentCondition{ 428 | newCondition( 429 | oceanv1alpha1.OceanComponentConditionTypeAvailable, 430 | corev1.ConditionFalse, 431 | installer.ReleaseStatusUninstalled.String(), 432 | "Component not installed", 433 | ), 434 | }, nil 435 | } 436 | } 437 | 438 | func (r *OceanComponentReconciler) unsupportedType(ctx *RequestContext) (ctrl.Result, error) { 439 | deepCopy := ctx.comp.DeepCopy() 440 | condition := newCondition( 441 | oceanv1alpha1.OceanComponentConditionTypeFailure, 442 | corev1.ConditionTrue, 443 | installer.ReleaseStatusFailed.String(), 444 | "Only Helm charts are supported", 445 | ) 446 | changed := setCondition(&(deepCopy.Status), *condition) 447 | if changed { 448 | if err := r.Client.Patch(ctx, deepCopy, client.MergeFrom(ctx.comp)); err != nil { 449 | ctx.log.Error(err, "patch error") 450 | return ctrlutil.RequeueError(err) 451 | } 452 | } 453 | return ctrlutil.NoRequeue() 454 | } 455 | 456 | func (r *OceanComponentReconciler) setInitialValues(comp *oceanv1alpha1.OceanComponent) (bool, error) { 457 | changed := false 458 | if !ctrlutil.IsBeingDeleted(comp) { 459 | changed = ctrlutil.AddFinalizer(comp, OperatorFinalizerName) 460 | } 461 | if comp.Annotations == nil { 462 | comp.Annotations = make(map[string]string, 1) 463 | } 464 | if comp.Annotations[OperatorVersionAnnotation] == "" { 465 | comp.Annotations[OperatorVersionAnnotation] = version.String() 466 | changed = true 467 | } 468 | return changed, nil 469 | } 470 | 471 | func (r *OceanComponentReconciler) setSpecValues(ctx *RequestContext, 472 | comp *oceanv1alpha1.OceanComponent) (err error) { 473 | switch comp.Spec.Name { 474 | case oceanv1alpha1.OceanControllerComponentName, oceanv1alpha1.LegacyOceanControllerComponentName: 475 | comp.Spec.Values, err = values.ForOceanController(ctx, comp.Spec.Values, 476 | values.NewOceanControllerBuilder(values.NewOceanBaseBuilder().WithClient(r.Client))) 477 | return err 478 | default: 479 | return nil 480 | } 481 | } 482 | 483 | func (r *OceanComponentReconciler) newContext(ctx context.Context, req ctrl.Request) *RequestContext { 484 | // generate a new request id 485 | reqID := ctrlutil.NewRequestId() 486 | 487 | // initialize a new request logger 488 | reqLog := ctrlutil.NewRequestLog(r.Log, req, reqID) 489 | 490 | // initialize a new base context 491 | reqCtx := ctrlutil.NewRequestContext(ctx, req, reqID, reqLog) 492 | 493 | // initialize a new request context 494 | return &RequestContext{ 495 | RequestContext: reqCtx, 496 | log: reqLog, 497 | } 498 | } 499 | 500 | func (r *OceanComponentReconciler) newInstaller(ctx *RequestContext) (installer.Installer, error) { 501 | options := []installer.InstallerOption{ 502 | installer.WithNamespace(r.Namespace), 503 | installer.WithClientGetter(r.ClientGetter), 504 | installer.WithLogger(ctx.log), 505 | } 506 | switch compType := ctx.comp.Spec.Type; compType { 507 | case oceanv1alpha1.OceanComponentTypeHelm: 508 | return installer.GetInstance(string(compType), options...) 509 | default: 510 | return nil, fmt.Errorf("unsupported component type: %v", ctx.comp.Spec.Type) 511 | } 512 | } 513 | --------------------------------------------------------------------------------