Skip to content
This repository was archived by the owner on Jun 22, 2023. It is now read-only.

Commit a701424

Browse files
Revert KB default scaffolding
1 parent 381028f commit a701424

35 files changed

+791
-371
lines changed

Dockerfile

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
# Build the manager binary
2-
FROM golang:1.18 as builder
2+
FROM golang:1.19 as builder
3+
ARG TARGETOS
4+
ARG TARGETARCH
35

46
WORKDIR /workspace
57
# Copy the Go Modules manifests
@@ -15,7 +17,11 @@ COPY api/ api/
1517
COPY controllers/ controllers/
1618

1719
# Build
18-
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go
20+
# the GOARCH has not a default value to allow the binary be built according to the host where the command
21+
# was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
22+
# the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
23+
# by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
24+
RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager main.go
1925

2026
# Use distroless as minimal base image to package the manager binary
2127
# Refer to https://github.com/GoogleContainerTools/distroless for more details

Makefile

Lines changed: 28 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
# Image URL to use all building/pushing image targets
33
IMG ?= controller:latest
44
# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
5-
ENVTEST_K8S_VERSION = 1.24
5+
ENVTEST_K8S_VERSION = 1.25.0
66

77
# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
88
ifeq (,$(shell go env GOBIN))
@@ -12,7 +12,6 @@ GOBIN=$(shell go env GOBIN)
1212
endif
1313

1414
# Setting SHELL to bash allows bash commands to be executed by recipes.
15-
# This is a requirement for 'setup-envtest.sh' in the test target.
1615
# Options are set to exit when a recipe line exits non-zero or a piped command fails.
1716
SHELL = /usr/bin/env bash -o pipefail
1817
.SHELLFLAGS = -ec
@@ -41,7 +40,7 @@ help: ## Display this help.
4140

4241
.PHONY: manifests
4342
manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
44-
$(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd
43+
$(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases
4544

4645
.PHONY: generate
4746
generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations.
@@ -57,18 +56,21 @@ vet: ## Run go vet against code.
5756

5857
.PHONY: test
5958
test: manifests generate fmt vet envtest ## Run tests.
60-
KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" go test ./... -coverprofile cover.out
59+
KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test ./... -coverprofile cover.out
6160

6261
##@ Build
6362

6463
.PHONY: build
65-
build: generate fmt vet ## Build manager binary.
64+
build: manifests generate fmt vet ## Build manager binary.
6665
go build -o bin/manager main.go
6766

6867
.PHONY: run
6968
run: manifests generate fmt vet ## Run a controller from your host.
7069
go run ./main.go
7170

71+
# If you wish built the manager image targeting other platforms you can use the --platform flag.
72+
# (i.e. docker build --platform linux/arm64 ). However, you must enable docker buildKit for it.
73+
# More info: https://docs.docker.com/develop/develop-images/build_enhancements/
7274
.PHONY: docker-build
7375
docker-build: test ## Build docker image with the manager.
7476
docker build -t ${IMG} .
@@ -77,6 +79,23 @@ docker-build: test ## Build docker image with the manager.
7779
docker-push: ## Push docker image with the manager.
7880
docker push ${IMG}
7981

82+
# PLATFORMS defines the target platforms for the manager image be build to provide support to multiple
83+
# architectures. (i.e. make docker-buildx IMG=myregistry/mypoperator:0.0.1). To use this option you need to:
84+
# - able to use docker buildx . More info: https://docs.docker.com/build/buildx/
85+
# - have enable BuildKit, More info: https://docs.docker.com/develop/develop-images/build_enhancements/
86+
# - be able to push the image for your registry (i.e. if you do not inform a valid value via IMG=<myregistry/image:<tag>> than the export will fail)
87+
# To properly provided solutions that supports more than one platform you should use this option.
88+
PLATFORMS ?= linux/arm64,linux/amd64,linux/s390x,linux/ppc64le
89+
.PHONY: docker-buildx
90+
docker-buildx: test ## Build and push docker image for the manager for cross-platform support
91+
# copy existing Dockerfile and insert --platform=${BUILDPLATFORM} into Dockerfile.cross, and preserve the original Dockerfile
92+
sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' Dockerfile > Dockerfile.cross
93+
- docker buildx create --name project-v3-builder
94+
docker buildx use project-v3-builder
95+
- docker buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile.cross .
96+
- docker buildx rm project-v3-builder
97+
rm Dockerfile.cross
98+
8099
##@ Deployment
81100

82101
ifndef ignore-not-found
@@ -114,20 +133,20 @@ ENVTEST ?= $(LOCALBIN)/setup-envtest
114133

115134
## Tool Versions
116135
KUSTOMIZE_VERSION ?= v3.8.7
117-
CONTROLLER_TOOLS_VERSION ?= v0.8.0
136+
CONTROLLER_TOOLS_VERSION ?= v0.10.0
118137

119138
KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"
120139
.PHONY: kustomize
121140
kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary.
122141
$(KUSTOMIZE): $(LOCALBIN)
123-
curl -s $(KUSTOMIZE_INSTALL_SCRIPT) | bash -s -- $(subst v,,$(KUSTOMIZE_VERSION)) $(LOCALBIN)
142+
test -s $(LOCALBIN)/kustomize || { curl -Ss $(KUSTOMIZE_INSTALL_SCRIPT) | bash -s -- $(subst v,,$(KUSTOMIZE_VERSION)) $(LOCALBIN); }
124143

125144
.PHONY: controller-gen
126145
controller-gen: $(CONTROLLER_GEN) ## Download controller-gen locally if necessary.
127146
$(CONTROLLER_GEN): $(LOCALBIN)
128-
GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-tools/cmd/controller-gen@$(CONTROLLER_TOOLS_VERSION)
147+
test -s $(LOCALBIN)/controller-gen || GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-tools/cmd/controller-gen@$(CONTROLLER_TOOLS_VERSION)
129148

130149
.PHONY: envtest
131150
envtest: $(ENVTEST) ## Download envtest-setup locally if necessary.
132151
$(ENVTEST): $(LOCALBIN)
133-
GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest
152+
test -s $(LOCALBIN)/setup-envtest || GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest

PROJECT

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
domain: kcp.dev
2+
layout:
3+
- go.kubebuilder.io/v3
4+
projectName: catalog
5+
repo: github.com/kcp-dev/catalog
6+
resources:
7+
- api:
8+
crdVersion: v1
9+
namespaced: true
10+
controller: true
11+
domain: kcp.dev
12+
group: catalog
13+
kind: CatalogEntry
14+
path: github.com/kcp-dev/catalog/api/v1alpha1
15+
version: v1alpha1
16+
version: "3"

api/v1alpha1/groupversion_info.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -14,9 +14,9 @@ See the License for the specific language governing permissions and
1414
limitations under the License.
1515
*/
1616

17-
// Package v1alpha1 contains API Schema definitions for the catalog.kcp.dev v1alpha1 API group
18-
//+kubebuilder:object:generate=true
19-
//+groupName=catalog.kcp.dev
17+
// Package v1alpha1 contains API Schema definitions for the catalog v1alpha1 API group
18+
// +kubebuilder:object:generate=true
19+
// +groupName=catalog.kcp.dev
2020
package v1alpha1
2121

2222
import (

config/crd/catalog.kcp.dev_catalogentries.yaml renamed to config/crd/bases/catalog.kcp.dev_catalogentries.yaml

Lines changed: 6 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
33
kind: CustomResourceDefinition
44
metadata:
55
annotations:
6-
controller-gen.kubebuilder.io/version: v0.8.0
6+
controller-gen.kubebuilder.io/version: v0.10.0
77
creationTimestamp: null
88
name: catalogentries.catalog.kcp.dev
99
spec:
@@ -57,9 +57,8 @@ spec:
5757
type: string
5858
path:
5959
description: path is an absolute reference to a workspace,
60-
e.g. root:org:ws. The workspace must be some ancestor
61-
or a child of some ancestor. If it is unset, the path
62-
of the APIBinding is used.
60+
e.g. root:org:ws. If it is unset, the path of the APIBinding
61+
is used.
6362
pattern: ^root(:[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
6463
type: string
6564
required:
@@ -125,11 +124,12 @@ spec:
125124
by the API provider(s) for this catalog entry.
126125
items:
127126
description: PermissionClaim identifies an object by GR and identity
128-
hash. It's purpose is to determine the added permisions that a
127+
hash. Its purpose is to determine the added permissions that a
129128
service provider may request and that a consumer may accept and
130-
alllow the service provider access to.
129+
allow the service provider access to.
131130
properties:
132131
group:
132+
default: ""
133133
description: group is the name of an API group. For core groups
134134
this is the empty string '""'.
135135
pattern: ^(|[a-z0-9]([-a-z0-9]*[a-z0-9](\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*)?)$
@@ -174,9 +174,3 @@ spec:
174174
storage: true
175175
subresources:
176176
status: {}
177-
status:
178-
acceptedNames:
179-
kind: ""
180-
plural: ""
181-
conditions: []
182-
storedVersions: []

config/crd/kustomization.yaml

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
# This kustomization.yaml is not intended to be run by itself,
2+
# since it depends on service name and namespace that are out of this kustomize package.
3+
# It should be run by config/default
4+
resources:
5+
- bases/catalog.kcp.dev_catalogentries.yaml
6+
#+kubebuilder:scaffold:crdkustomizeresource
7+
8+
patchesStrategicMerge:
9+
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
10+
# patches here are for enabling the conversion webhook for each CRD
11+
#- patches/webhook_in_catalogentries.yaml
12+
#+kubebuilder:scaffold:crdkustomizewebhookpatch
13+
14+
# [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
15+
# patches here are for enabling the CA injection for each CRD
16+
#- patches/cainjection_in_catalogentries.yaml
17+
#+kubebuilder:scaffold:crdkustomizecainjectionpatch
18+
19+
# the following config is for teaching kustomize how to do kustomization for CRDs.
20+
configurations:
21+
- kustomizeconfig.yaml

config/crd/kustomizeconfig.yaml

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
# This file is for teaching kustomize how to substitute name and namespace reference in CRD
2+
nameReference:
3+
- kind: Service
4+
version: v1
5+
fieldSpecs:
6+
- kind: CustomResourceDefinition
7+
version: v1
8+
group: apiextensions.k8s.io
9+
path: spec/conversion/webhook/clientConfig/service/name
10+
11+
namespace:
12+
- kind: CustomResourceDefinition
13+
version: v1
14+
group: apiextensions.k8s.io
15+
path: spec/conversion/webhook/clientConfig/service/namespace
16+
create: false
17+
18+
varReference:
19+
- path: metadata/annotations
Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
# The following patch adds a directive for certmanager to inject CA into the CRD
2+
apiVersion: apiextensions.k8s.io/v1
3+
kind: CustomResourceDefinition
4+
metadata:
5+
annotations:
6+
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
7+
name: catalogentries.catalog.kcp.dev
Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
# The following patch enables a conversion webhook for the CRD
2+
apiVersion: apiextensions.k8s.io/v1
3+
kind: CustomResourceDefinition
4+
metadata:
5+
name: catalogentries.catalog.kcp.dev
6+
spec:
7+
conversion:
8+
strategy: Webhook
9+
webhook:
10+
clientConfig:
11+
service:
12+
namespace: system
13+
name: webhook-service
14+
path: /convert
15+
conversionReviewVersions:
16+
- v1

config/default/kustomization.yaml

Lines changed: 72 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,72 @@
1+
# Adds namespace to all resources.
2+
namespace: catalog-system
3+
4+
# Value of this field is prepended to the
5+
# names of all resources, e.g. a deployment named
6+
# "wordpress" becomes "alices-wordpress".
7+
# Note that it should also match with the prefix (text before '-') of the namespace
8+
# field above.
9+
namePrefix: catalog-
10+
11+
# Labels to add to all resources and selectors.
12+
#commonLabels:
13+
# someName: someValue
14+
15+
bases:
16+
- ../crd
17+
- ../rbac
18+
- ../manager
19+
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
20+
# crd/kustomization.yaml
21+
#- ../webhook
22+
# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required.
23+
#- ../certmanager
24+
# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
25+
#- ../prometheus
26+
27+
patchesStrategicMerge:
28+
# Protect the /metrics endpoint by putting it behind auth.
29+
# If you want your controller-manager to expose the /metrics
30+
# endpoint w/o any authn/z, please comment the following line.
31+
- manager_auth_proxy_patch.yaml
32+
33+
34+
35+
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
36+
# crd/kustomization.yaml
37+
#- manager_webhook_patch.yaml
38+
39+
# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'.
40+
# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks.
41+
# 'CERTMANAGER' needs to be enabled to use ca injection
42+
#- webhookcainjection_patch.yaml
43+
44+
# the following config is for teaching kustomize how to do var substitution
45+
vars:
46+
# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix.
47+
#- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
48+
# objref:
49+
# kind: Certificate
50+
# group: cert-manager.io
51+
# version: v1
52+
# name: serving-cert # this name should match the one in certificate.yaml
53+
# fieldref:
54+
# fieldpath: metadata.namespace
55+
#- name: CERTIFICATE_NAME
56+
# objref:
57+
# kind: Certificate
58+
# group: cert-manager.io
59+
# version: v1
60+
# name: serving-cert # this name should match the one in certificate.yaml
61+
#- name: SERVICE_NAMESPACE # namespace of the service
62+
# objref:
63+
# kind: Service
64+
# version: v1
65+
# name: webhook-service
66+
# fieldref:
67+
# fieldpath: metadata.namespace
68+
#- name: SERVICE_NAME
69+
# objref:
70+
# kind: Service
71+
# version: v1
72+
# name: webhook-service

0 commit comments

Comments
 (0)