From 99f210a8af25505f3c4e182f0546149500633112 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20=C5=A0alata?= Date: Tue, 7 Jun 2022 12:57:34 +0200 Subject: [PATCH 01/12] Add token requestor flow --- Makefile | 4 +- .../shoot-fleet-agent-shoot/Chart.yaml | 4 + .../templates/custom-infrastructure-rbac.yaml | 35 ++++ .../shoot-fleet-agent-shoot/values.yaml | 2 + go.mod | 2 +- pkg/controller/actuator.go | 139 ++++++++++------ .../managed-resource-handler/handler.go | 117 ++++++++++++++ .../token-requestor-handler/handler.go | 150 ++++++++++++++++++ 8 files changed, 403 insertions(+), 50 deletions(-) create mode 100644 charts/internal/shoot-fleet-agent-shoot/Chart.yaml create mode 100644 charts/internal/shoot-fleet-agent-shoot/templates/custom-infrastructure-rbac.yaml create mode 100644 charts/internal/shoot-fleet-agent-shoot/values.yaml create mode 100644 pkg/controller/managed-resource-handler/handler.go create mode 100644 pkg/controller/token-requestor-handler/handler.go diff --git a/Makefile b/Makefile index 9c1c3e8..15a8f1d 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,7 @@ EXTENSION_PREFIX := gardener-extension NAME := shoot-fleet-agent -REGISTRY := javamachr +REGISTRY := ysoftglobal.azurecr.io IMAGE_PREFIX := $(REGISTRY)/gardener-extension REPO_ROOT := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) HACK_DIR := $(REPO_ROOT)/hack @@ -100,7 +100,7 @@ revendor: @GO111MODULE=on go mod vendor @GO111MODULE=on go mod tidy @chmod +x $(REPO_ROOT)/vendor/github.com/gardener/gardener/hack/* - @chmod +x $(REPO_ROOT)/vendor/github. com/gardener/gardener/hack/.ci/* + @chmod +x $(REPO_ROOT)/vendor/github.com/gardener/gardener/hack/.ci/* @$(REPO_ROOT)/hack/update-github-templates.sh .PHONY: clean diff --git a/charts/internal/shoot-fleet-agent-shoot/Chart.yaml b/charts/internal/shoot-fleet-agent-shoot/Chart.yaml new file mode 100644 index 0000000..2a26d4b --- /dev/null +++ b/charts/internal/shoot-fleet-agent-shoot/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: A Helm chart for shoot-fleet-agent-shoot +name: shoot-fleet-agent-shoot +version: 0.1.0 diff --git a/charts/internal/shoot-fleet-agent-shoot/templates/custom-infrastructure-rbac.yaml b/charts/internal/shoot-fleet-agent-shoot/templates/custom-infrastructure-rbac.yaml new file mode 100644 index 0000000..8b71fa7 --- /dev/null +++ b/charts/internal/shoot-fleet-agent-shoot/templates/custom-infrastructure-rbac.yaml @@ -0,0 +1,35 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: extensions.gardener.cloud:extension-shoot-fleet-agent:shoot + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +rules: + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + - nonResourceURLs: + - '*' + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: extensions.gardener.cloud:extension-shoot-fleet-agent:shoot + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: extensions.gardener.cloud:extension-shoot-fleet-agent:shoot +subjects: + - kind: ServiceAccount + name: {{ .Values.shootAccessServiceAccountName }} + namespace: {{ .Values.shootAccessServiceAccountNamespace }} \ No newline at end of file diff --git a/charts/internal/shoot-fleet-agent-shoot/values.yaml b/charts/internal/shoot-fleet-agent-shoot/values.yaml new file mode 100644 index 0000000..e2d66d5 --- /dev/null +++ b/charts/internal/shoot-fleet-agent-shoot/values.yaml @@ -0,0 +1,2 @@ +shootAccessServiceAccountName: "" +shootAccessServiceAccountNamespace: kube-system diff --git a/go.mod b/go.mod index 665bb22..905f816 100644 --- a/go.mod +++ b/go.mod @@ -18,6 +18,7 @@ require ( k8s.io/code-generator v0.24.0 k8s.io/component-base v0.24.0 sigs.k8s.io/controller-runtime v0.11.2 + sigs.k8s.io/yaml v1.3.0 ) require ( @@ -130,7 +131,6 @@ require ( sigs.k8s.io/controller-tools v0.8.0 // indirect sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect - sigs.k8s.io/yaml v1.3.0 // indirect ) replace ( diff --git a/pkg/controller/actuator.go b/pkg/controller/actuator.go index 93c5692..5923b89 100644 --- a/pkg/controller/actuator.go +++ b/pkg/controller/actuator.go @@ -17,6 +17,10 @@ package controller import ( "context" "fmt" + managed_resource_handler "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/controller/managed-resource-handler" + token_requestor_handler "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/controller/token-requestor-handler" + "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/utils" + "k8s.io/apimachinery/pkg/api/errors" "reflect" "strings" @@ -89,6 +93,21 @@ func initializeFleetManagers(config config.Config, logger logr.Logger) map[strin return fleetManagers } +func (a *actuator) ensureDependencies(ctx context.Context, cluster *extensions.Cluster) error { + // Initialize token requestor handler + tokenRequestor := token_requestor_handler.NewTokenRequestorHandler(ctx, a.client, cluster) + + // Initialize the managed resoruce handler + managedResourceHandler := managed_resource_handler.NewManagedResourceHandler(ctx, a.client, cluster) + + dependencyFunctions := []func() error{ + tokenRequestor.EnsureKubeconfig, + managedResourceHandler.EnsureManagedResoruces, + } + + return utils.RunParallelFunctions(dependencyFunctions) +} + // Reconcile the Extension resource. func (a *actuator) Reconcile(ctx context.Context, ex *extensionsv1alpha1.Extension) error { namespace := ex.GetNamespace() @@ -106,7 +125,17 @@ func (a *actuator) Reconcile(ctx context.Context, ex *extensionsv1alpha1.Extensi return fmt.Errorf("failed to decode provider config: %+v", err) } } - a.ReconcileClusterInFleetManager(ctx, namespace, cluster, shootsConfigOverride) + + if err := a.ensureDependencies(ctx, cluster); err != nil { + a.logger.Error(err, "Could not ensure dependencies") + return err + } + + if err = a.ReconcileClusterInFleetManager(ctx, namespace, cluster, shootsConfigOverride); err != nil { + a.logger.Error(err, "Could not reconcile cluster in fleet") + return err + } + return a.updateStatus(ctx, ex) } @@ -163,71 +192,87 @@ func (a *actuator) InjectScheme(scheme *runtime.Scheme) error { } // ReconcileClusterInFleetManager reconciles cluster registration in remote fleet manager -func (a *actuator) ReconcileClusterInFleetManager(ctx context.Context, namespace string, cluster *extensions.Cluster, override *config.Config) { +func (a *actuator) ReconcileClusterInFleetManager(ctx context.Context, namespace string, cluster *extensions.Cluster, override *config.Config) error { a.logger.Info("Starting with already registered check") labels := prepareLabels(cluster, getProjectConfig(cluster, &a.serviceConfig), getProjectConfig(cluster, override)) registered, err := a.getFleetManager(cluster).GetCluster(ctx, cluster.Shoot.Name) - if err != nil { + + // We cannot find the cluster because of an unknown error + if err != nil && !errors.IsNotFound(err) { a.logger.Error(err, "Failed to get cluster registration for Shoot", "shoot", cluster.Shoot.Name) + return err } - if err == nil && registered != nil { - if reflect.DeepEqual(registered.Labels, labels) { - a.logger.Info("Cluster already registered - skipping registration", "clientId", registered.Spec.ClientID) - } else { - a.logger.Info("Updating labels of already registered cluster.", "clientId", registered.Spec.ClientID) - a.updateClusterLabelsInFleet(ctx, registered, cluster, labels) - } - return + + // We cannot find the cluster because we haven't registered it yet + if err != nil && errors.IsNotFound(err) { + a.logger.Info("Creating fleet cluster", "shoot", cluster.Shoot.Name) + return a.registerNewClusterInFleet(ctx, namespace, cluster, labels) } - a.registerNewClusterInFleet(ctx, namespace, cluster, labels) + + // The cluster we have in fleet is already in the correct state + if reflect.DeepEqual(registered.Labels, labels) { + a.logger.Info("Cluster already registered - skipping registration", "clientId", registered.Spec.ClientID) + return nil + } + + a.logger.Info("Updating labels of already registered cluster.", "clientId", registered.Spec.ClientID) + return a.updateClusterLabelsInFleet(ctx, registered, cluster, labels) } -func (a *actuator) updateClusterLabelsInFleet(ctx context.Context, clusterRegistration *fleetv1alpha1.Cluster, cluster *extensions.Cluster, labels map[string]string) { +func (a *actuator) updateClusterLabelsInFleet(ctx context.Context, clusterRegistration *fleetv1alpha1.Cluster, cluster *extensions.Cluster, labels map[string]string) error { clusterRegistration.Labels = labels _, err := a.getFleetManager(cluster).UpdateCluster(ctx, clusterRegistration) if err != nil { a.logger.Error(err, "Failed to update cluster labels in Fleet registration.", "clusterName", clusterRegistration.Name) } + return err } -func (a *actuator) registerNewClusterInFleet(ctx context.Context, namespace string, cluster *extensions.Cluster, labels map[string]string) { +func (a *actuator) registerNewClusterInFleet(ctx context.Context, namespace string, cluster *extensions.Cluster, labels map[string]string) error { a.logger.Info("Looking up Secret with KubeConfig for given Shoot.", "namespace", namespace, "secretName", KubeconfigSecretName) secret := &corev1.Secret{} - if err := a.client.Get(ctx, kutil.Key(namespace, KubeconfigSecretName), secret); err == nil { - secretData := make(map[string][]byte) - secretData["value"] = secret.Data[KubeconfigKey] - a.logger.Info("Loaded kubeconfig from secret", "kubeconfig", secret, "namespace", namespace) - - const fleetRegisterNamespace = "clusters" - kubeconfigSecret := corev1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "kubecfg-" + buildCrdName(cluster), - Namespace: fleetRegisterNamespace, - }, - Data: secretData, - } - - clusterRegistration := fleetv1alpha1.Cluster{ - TypeMeta: metav1.TypeMeta{}, - ObjectMeta: metav1.ObjectMeta{ - Name: buildCrdName(cluster), - Namespace: fleetRegisterNamespace, - Labels: labels, - }, - Spec: fleetv1alpha1.ClusterSpec{ - KubeConfigSecret: "kubecfg-" + buildCrdName(cluster), - }, - } - if _, err = a.getFleetManager(cluster).CreateKubeconfigSecret(ctx, &kubeconfigSecret); err != nil { - a.logger.Error(err, "Failed to create secret with kubeconfig for Fleet registration") - } - if _, err = a.getFleetManager(cluster).CreateCluster(ctx, &clusterRegistration); err != nil { - a.logger.Error(err, "Failed to create Cluster for Fleet registration") - } - a.logger.Info("Registered shoot cluster in Fleet Manager ", "registration", clusterRegistration) - } else { + if err := a.client.Get(ctx, kutil.Key(namespace, KubeconfigSecretName), secret); err != nil { a.logger.Error(err, "Failed to find Secret with kubeconfig for Fleet registration.") + return err } + + secretData := make(map[string][]byte) + secretData["value"] = secret.Data[KubeconfigKey] + a.logger.Info("Loaded kubeconfig from secret", "kubeconfig", secret, "namespace", namespace) + + const fleetRegisterNamespace = "clusters" + kubeconfigSecret := corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "kubecfg-" + buildCrdName(cluster), + Namespace: fleetRegisterNamespace, + }, + Data: secretData, + } + + clusterRegistration := fleetv1alpha1.Cluster{ + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{ + Name: buildCrdName(cluster), + Namespace: fleetRegisterNamespace, + Labels: labels, + }, + Spec: fleetv1alpha1.ClusterSpec{ + KubeConfigSecret: "kubecfg-" + buildCrdName(cluster), + }, + } + + if _, err := a.getFleetManager(cluster).CreateKubeconfigSecret(ctx, &kubeconfigSecret); err != nil { + a.logger.Error(err, "Failed to create secret with kubeconfig for Fleet registration") + return err + } + + if _, err := a.getFleetManager(cluster).CreateCluster(ctx, &clusterRegistration); err != nil { + a.logger.Error(err, "Failed to create Cluster for Fleet registration") + return err + } + + a.logger.Info("Registered shoot cluster in Fleet Manager ", "registration", clusterRegistration) + return nil } func prepareLabels(cluster *extensions.Cluster, serviceConfig projConfig.ProjectConfig, override projConfig.ProjectConfig) map[string]string { diff --git a/pkg/controller/managed-resource-handler/handler.go b/pkg/controller/managed-resource-handler/handler.go new file mode 100644 index 0000000..800c4c4 --- /dev/null +++ b/pkg/controller/managed-resource-handler/handler.go @@ -0,0 +1,117 @@ +package managed_resource_handler + +import ( + "context" + "fmt" + "github.com/gardener/gardener/extensions/pkg/util" + "github.com/gardener/gardener/pkg/apis/resources/v1alpha1" + "github.com/gardener/gardener/pkg/extensions" + kutil "github.com/gardener/gardener/pkg/utils/kubernetes" + "github.com/gardener/gardener/pkg/utils/kubernetes/health" + "github.com/gardener/gardener/pkg/utils/managedresources" + "github.com/gardener/gardener/pkg/utils/retry" + "github.com/go-logr/logr" + token_requestor_handler "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/controller/token-requestor-handler" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "path/filepath" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/log" + "time" +) + +var ( + ChartsPath = filepath.Join("charts", "internal") + ManagedResourcesChartValues = map[string]interface{}{ + "shootAccessServiceAccountName": token_requestor_handler.TargetServiceAccountName, + "shootAccessServiceAccountNamespace": token_requestor_handler.TargetServiceAccountNamespace, + } +) + +const ( + ManagedResourceChartName = "shoot-fleet-agent-shoot" + ManagedResourceName = "extension-shoot-fleet-agent-shoot" +) + +type ManagedResourceHandler struct { + ctx context.Context + client client.Client + cluster *extensions.Cluster + logger logr.Logger +} + +func NewManagedResourceHandler(ctx context.Context, client client.Client, cluster *extensions.Cluster) *ManagedResourceHandler { + return &ManagedResourceHandler{ + ctx: ctx, + client: client, + cluster: cluster, + logger: log.Log.WithValues("logger", "managed-resource-handler", "cluster", cluster.ObjectMeta.Name), + } +} + +// renderChart takes the helm chart at charts/internal/ and renders it with the values +func (h *ManagedResourceHandler) renderChart() ([]byte, error) { + chartPath := filepath.Join(ChartsPath, ManagedResourceChartName) + renderer, err := util.NewChartRendererForShoot(h.cluster.Shoot.Spec.Kubernetes.Version) + if err != nil { + return nil, err + } + chart, err := renderer.Render(chartPath, ManagedResourceChartName, h.cluster.ObjectMeta.Name, ManagedResourcesChartValues) + if err != nil { + return nil, err + } + + return chart.Manifest(), nil +} + +func (h *ManagedResourceHandler) EnsureManagedResoruces() error { + h.logger.Info("Rendering chart with the managed resources") + renderedChart, err := h.renderChart() + if err != nil { + return err + } + data := map[string][]byte{ManagedResourceChartName: renderedChart} + keepObjects := false + forceOverwriteAnnotations := false + + h.logger.Info("Creating the ManagedResource") + if err := managedresources.Create(h.ctx, h.client, h.cluster.ObjectMeta.Name, ManagedResourceName, false, "", data, &keepObjects, map[string]string{}, &forceOverwriteAnnotations); err != nil { + h.logger.Error(err, "ManagedResource could not be created") + return err + } + + h.logger.Info("Waiting until the ManagedResource is healthy") + if err := h.waitUntilManagedResourceHealthy(); err != nil { + h.logger.Error(err, "ManagedResource has been created, but hasn't been applied") + return err + } + + h.logger.Info("ManagedResource created") + return nil +} + +func (h *ManagedResourceHandler) waitUntilManagedResourceHealthy() error { + name := ManagedResourceName + namespace := h.cluster.ObjectMeta.Name + + obj := &v1alpha1.ManagedResource{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: namespace, + }, + } + + return retry.UntilTimeout(h.ctx, 5*time.Second, 60*time.Second, func(ctx context.Context) (done bool, err error) { + if err := h.client.Get(ctx, kutil.Key(namespace, name), obj); err != nil { + h.logger.Info(fmt.Sprintf("Could not wait for the managed resource to be ready: %+v", err)) + return retry.MinorError(err) + } + + // Check whether ManagedResource has proper status + if err := health.CheckManagedResource(obj); err != nil { + h.logger.Info(fmt.Sprintf("Managed resource %s not ready (yet): %+v", name, err)) + return retry.MinorError(err) + } + + return retry.Ok() + }) +} diff --git a/pkg/controller/token-requestor-handler/handler.go b/pkg/controller/token-requestor-handler/handler.go new file mode 100644 index 0000000..92e4b14 --- /dev/null +++ b/pkg/controller/token-requestor-handler/handler.go @@ -0,0 +1,150 @@ +package token_requestor_handler + +import ( + "context" + "fmt" + extensionscontroller "github.com/gardener/gardener/extensions/pkg/controller" + constsv1alpha1 "github.com/gardener/gardener/pkg/apis/resources/v1alpha1" + "github.com/gardener/gardener/pkg/extensions" + kutil "github.com/gardener/gardener/pkg/utils/kubernetes" + "github.com/gardener/gardener/pkg/utils/retry" + "github.com/go-logr/logr" + v1 "k8s.io/api/core/v1" + apierrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + clientapiv1 "k8s.io/client-go/tools/clientcmd/api/v1" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/log" + "sigs.k8s.io/yaml" + "time" +) + +const ( + TokenRequestorSecretName = "shoot-access-extension-shoot-fleet-agent" + TokenRequestorSecretKey = constsv1alpha1.DataKeyKubeconfig + TargetServiceAccountName = "extension-shoot-fleet-agent" + TargetServiceAccountNamespace = "kube-system" +) + +type TokenRequestorHandler struct { + ctx context.Context + client client.Client + cluster *extensions.Cluster + logger logr.Logger +} + +func NewTokenRequestorHandler(ctx context.Context, client client.Client, cluster *extensions.Cluster) *TokenRequestorHandler { + return &TokenRequestorHandler{ + ctx: ctx, + client: client, + cluster: cluster, + logger: log.Log.WithValues("logger", "token-requestor-handler", "cluster", cluster.ObjectMeta.Name), + } +} + +func (t *TokenRequestorHandler) getGenericKubeconfigName() string { + return extensionscontroller.GenericTokenKubeconfigSecretNameFromCluster(t.cluster) +} + +func (t *TokenRequestorHandler) getGenericKubeconfig() (*clientapiv1.Config, error) { + kubeconfigSecret := &v1.Secret{} + kubeconfigSecretName := t.getGenericKubeconfigName() + if err := t.client.Get(t.ctx, kutil.Key(t.cluster.ObjectMeta.Name, kubeconfigSecretName), kubeconfigSecret); err != nil { + return nil, err + } + + kubeconfigData, ok := kubeconfigSecret.Data[TokenRequestorSecretKey] + if !ok { + return nil, fmt.Errorf("secret %s doesn't have data key %s", kubeconfigSecretName, TokenRequestorSecretKey) + } + + kubeconfig := &clientapiv1.Config{} + if err := yaml.Unmarshal(kubeconfigData, kubeconfig); err != nil { + return nil, err + } + return kubeconfig, nil +} + +func (t *TokenRequestorHandler) isTokenInserted() bool { + kubeconfigSecret := &v1.Secret{} + if err := t.client.Get(t.ctx, kutil.Key(t.cluster.ObjectMeta.Name, TokenRequestorSecretName), kubeconfigSecret); err != nil { + t.logger.Info(fmt.Sprintf("Couldn't fet the kubeconfig secret %s, %+v", TokenRequestorSecretName, err)) + return false + } + + kubeconfigData, ok := kubeconfigSecret.Data[TokenRequestorSecretKey] + if !ok { + t.logger.Info(fmt.Sprintf("Kubeconfig secret %s doesn't contain data item %s", TokenRequestorSecretName, TokenRequestorSecretKey)) + return false + } + + kubeconfig := &clientapiv1.Config{} + if err := yaml.Unmarshal(kubeconfigData, kubeconfig); err != nil { + t.logger.Info(fmt.Sprintf("Data item %s in kubeconfig secret %s couldn't be parsed: %+v", TokenRequestorSecretKey, TokenRequestorSecretName, err)) + return false + } + + if len(kubeconfig.AuthInfos) == 0 || kubeconfig.AuthInfos[0].AuthInfo.Token == "" { + t.logger.Info(fmt.Sprintf("Kubeconfig in secret %s doesn't contain token (yet?)", TokenRequestorSecretName)) + return false + } + + t.logger.Info(fmt.Sprintf("Kubeconfig in secret %s contains a proper token", TokenRequestorSecretName)) + return true +} + +func (t *TokenRequestorHandler) createKubeconfigSecretFromGeneric() error { + kubeconfig, err := t.getGenericKubeconfig() + if err != nil { + return err + } + + kubeconfigYaml, err := yaml.Marshal(kubeconfig) + if err != nil { + return err + } + + existingSecret := &v1.Secret{} + err = t.client.Get(t.ctx, kutil.Key(t.cluster.ObjectMeta.Name, TokenRequestorSecretName), existingSecret) + if err == nil || !apierrors.IsNotFound(err) { + return err + } + + secretObject := &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: t.cluster.ObjectMeta.Name, + Name: TokenRequestorSecretName, + Labels: map[string]string{ + constsv1alpha1.ResourceManagerPurpose: constsv1alpha1.LabelPurposeTokenRequest, + }, + Annotations: map[string]string{ + constsv1alpha1.ServiceAccountName: TargetServiceAccountName, + constsv1alpha1.ServiceAccountNamespace: TargetServiceAccountNamespace, + }, + }, + StringData: map[string]string{ + TokenRequestorSecretKey: string(kubeconfigYaml), + }, + } + return t.client.Create(t.ctx, secretObject) +} + +// EnsureKubeconfig creates the secret with a token-requestor label and waits until gardener fills in +// the token into the kubeconfig +func (t *TokenRequestorHandler) EnsureKubeconfig() error { + t.logger.Info(fmt.Sprintf("Trying to create the token requestor secret")) + if err := t.createKubeconfigSecretFromGeneric(); err != nil { + t.logger.Error(err, "Generic kubeconfig could not be copied") + return err + } + + t.logger.Info("Waiting until the token is propagated into the token requestor secret") + if err := retry.UntilTimeout(t.ctx, 5*time.Second, 60*time.Second, func(ctx context.Context) (bool, error) { + return t.isTokenInserted(), nil + }); err != nil { + t.logger.Error(err, "Kubeconfig could not be created") + return err + } + + return nil +} From 23dc67eb46f883827a31b41bae1ef630e77f640e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20=C5=A0alata?= Date: Tue, 7 Jun 2022 12:57:46 +0200 Subject: [PATCH 02/12] Fix CircleCI --- .circleci/config.yml | 18 +++--------------- VERSION | 2 +- 2 files changed, 4 insertions(+), 16 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index c635a6c..5b3a4de 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -3,10 +3,10 @@ jobs: build: docker: # run the steps with Docker - - image: circleci/golang:1.15 + - image: circleci/golang:1.17.10 auth: - username: javamachr - password: $DOCKERHUB_PASSWORD + username: $DOCKER_USER + password: $DOCKER_PASSWORD steps: - checkout # check out source code to working directory @@ -18,14 +18,6 @@ jobs: keys: - go-mod-v4-{{ checksum "go.sum" }} - - run: - name: Install requirements - command: make install-requirements - - - run: - name: Generate sources - command: make generate - - run: name: Docker login command: make docker-login @@ -34,10 +26,6 @@ jobs: name: Build docker images command: make docker-images - - run: - name: Build docker images - command: make docker-images - - run: name: Push docker images command: make docker-push \ No newline at end of file diff --git a/VERSION b/VERSION index c93ebbb..48a912e 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v1.0.1-DEV +v1.0.2-DEV From 4188b33fd497fe8df3fb4391d5c39df7f2369ec4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20=C5=A0alata?= Date: Tue, 7 Jun 2022 13:09:21 +0200 Subject: [PATCH 03/12] Remove generic credentials --- .circleci/config.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 5b3a4de..7788ac6 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -2,11 +2,7 @@ version: 2 jobs: build: docker: # run the steps with Docker - - image: circleci/golang:1.17.10 - auth: - username: $DOCKER_USER - password: $DOCKER_PASSWORD steps: - checkout # check out source code to working directory From f1b1ebbdf3a16a4d5a219c0405ceafd4ad417769 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20=C5=A0alata?= Date: Tue, 7 Jun 2022 13:11:13 +0200 Subject: [PATCH 04/12] Fix golang version --- .circleci/config.yml | 2 +- Makefile | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 7788ac6..779cfab 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -2,7 +2,7 @@ version: 2 jobs: build: docker: # run the steps with Docker - - image: circleci/golang:1.17.10 + - image: circleci/golang:1.17 steps: - checkout # check out source code to working directory diff --git a/Makefile b/Makefile index 15a8f1d..60849ed 100644 --- a/Makefile +++ b/Makefile @@ -49,7 +49,7 @@ install: .PHONY: docker-login docker-login: - echo ${DOCKER_PASS} | docker login -u ${DOCKER_USER} --password-stdin + @echo "$$DOCKER_PASSWORD" | docker login -u "${DOCKER_USER}" --password-stdin "${REGISTRY}" .PHONY: docker-images docker-images: @@ -65,7 +65,7 @@ docker-push: .PHONY: containerd-login containerd-login: - @echo "$(DOCKER_PASS)" | nerdctl login -u "$(DOCKER_USER)" --password-stdin + @echo "$$DOCKER_PASSWORD" | nerdctl login -u "${DOCKER_USER}" --password-stdin "${REGISTRY}" .PHONY: containerd-images containerd-images: From 597ac2630bef228b600f8e27019ef245e69c7c74 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20=C5=A0alata?= Date: Tue, 7 Jun 2022 14:20:28 +0200 Subject: [PATCH 05/12] Rename package from javamachr to ysoftdevs --- README.md | 4 ++-- .../values.yaml | 2 +- .../app/app.go | 4 ++-- .../app/options.go | 2 +- cmd/gardener-extension-shoot-fleet-agent/main.go | 2 +- docs/installation/setup.md | 2 +- go.mod | 4 ++-- hack/api-reference/config.md | 2 +- hack/update-codegen.sh | 16 ++++++++-------- pkg/apis/config/install/install.go | 4 ++-- pkg/apis/config/loader/loader.go | 4 ++-- pkg/apis/config/v1alpha1/doc.go | 2 +- .../config/v1alpha1/zz_generated.conversion.go | 3 ++- .../fleet/clientset/versioned/clientset.go | 2 +- .../versioned/fake/clientset_generated.go | 6 +++--- .../typed/fleet.cattle.io/v1alpha1/bundle.go | 2 +- .../fleet.cattle.io/v1alpha1/bundledeployment.go | 2 +- .../v1alpha1/bundlenamespacemapping.go | 2 +- .../typed/fleet.cattle.io/v1alpha1/cluster.go | 2 +- .../fleet.cattle.io/v1alpha1/clustergroup.go | 2 +- .../v1alpha1/clusterregistration.go | 2 +- .../v1alpha1/clusterregistrationtoken.go | 2 +- .../typed/fleet.cattle.io/v1alpha1/content.go | 2 +- .../v1alpha1/fake/fake_fleet.cattle.io_client.go | 2 +- .../v1alpha1/fleet.cattle.io_client.go | 2 +- .../typed/fleet.cattle.io/v1alpha1/gitrepo.go | 2 +- .../v1alpha1/gitreporestriction.go | 2 +- pkg/cmd/options.go | 10 +++++----- pkg/controller/actuator.go | 10 +++++----- pkg/controller/add.go | 2 +- pkg/controller/config/config.go | 2 +- pkg/controller/fleetmanager.go | 4 ++-- pkg/controller/healthcheck/add.go | 2 +- .../managed-resource-handler/handler.go | 2 +- 34 files changed, 58 insertions(+), 57 deletions(-) diff --git a/README.md b/README.md index 8bc8bd9..4173e32 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ [![CircleCI](https://circleci.com/gh/javamachr/gardener-extension-shoot-fleet-agent.svg?style=shield)](https://circleci.com/gh/javamachr/gardener-extension-shoot-fleet-agent) -[![Go Report Card](https://goreportcard.com/badge/github.com/javamachr/gardener-extension-shoot-fleet-agent)](https://goreportcard.com/report/github.com/javamachr/gardener-extension-shoot-fleet-agent) +[![Go Report Card](https://goreportcard.com/badge/github.com/ysoftdevs/gardener-extension-shoot-fleet-agent)](https://goreportcard.com/report/github.com/ysoftdevs/gardener-extension-shoot-fleet-agent) Project Gardener implements the automated management and operation of [Kubernetes](https://kubernetes.io/) clusters as a service. Its main principle is to leverage Kubernetes concepts for all of its tasks. @@ -76,7 +76,7 @@ Static code checks and tests can be executed by running `VERIFY=true make all`. ## Feedback and Support -Feedback and contributions are always welcome. Please report bugs or suggestions as [GitHub issues](https://github.com/javamachr/gardener-extension-shoot-fleet-agent/issues) or join our [Slack channel #gardener](https://kubernetes.slack.com/messages/gardener) (please invite yourself to the Kubernetes workspace [here](http://slack.k8s.io)). +Feedback and contributions are always welcome. Please report bugs or suggestions as [GitHub issues](https://github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/issues) or join our [Slack channel #gardener](https://kubernetes.slack.com/messages/gardener) (please invite yourself to the Kubernetes workspace [here](http://slack.k8s.io)). ## Learn more! diff --git a/charts/gardener-extension-shoot-fleet-agent/values.yaml b/charts/gardener-extension-shoot-fleet-agent/values.yaml index e3b30f0..03b2558 100644 --- a/charts/gardener-extension-shoot-fleet-agent/values.yaml +++ b/charts/gardener-extension-shoot-fleet-agent/values.yaml @@ -1,5 +1,5 @@ image: - repository: javamachr/gardener-extension-shoot-fleet-agent + repository: ysoftglobal.azurecr.io/gardener-extension-shoot-fleet-agent tag: latest pullPolicy: Always diff --git a/cmd/gardener-extension-shoot-fleet-agent/app/app.go b/cmd/gardener-extension-shoot-fleet-agent/app/app.go index 080cada..962c530 100644 --- a/cmd/gardener-extension-shoot-fleet-agent/app/app.go +++ b/cmd/gardener-extension-shoot-fleet-agent/app/app.go @@ -18,8 +18,8 @@ import ( "context" "fmt" - "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/controller" - "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/controller/healthcheck" + "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/controller" + "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/controller/healthcheck" extensionscontroller "github.com/gardener/gardener/extensions/pkg/controller" "github.com/gardener/gardener/extensions/pkg/util" diff --git a/cmd/gardener-extension-shoot-fleet-agent/app/options.go b/cmd/gardener-extension-shoot-fleet-agent/app/options.go index 7463b15..d311ff3 100644 --- a/cmd/gardener-extension-shoot-fleet-agent/app/options.go +++ b/cmd/gardener-extension-shoot-fleet-agent/app/options.go @@ -17,7 +17,7 @@ package app import ( "os" - fleetagentservicecmd "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/cmd" + fleetagentservicecmd "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/cmd" controllercmd "github.com/gardener/gardener/extensions/pkg/controller/cmd" ) diff --git a/cmd/gardener-extension-shoot-fleet-agent/main.go b/cmd/gardener-extension-shoot-fleet-agent/main.go index 89814a1..d8aacc7 100644 --- a/cmd/gardener-extension-shoot-fleet-agent/main.go +++ b/cmd/gardener-extension-shoot-fleet-agent/main.go @@ -15,7 +15,7 @@ package main import ( - "github.com/javamachr/gardener-extension-shoot-fleet-agent/cmd/gardener-extension-shoot-fleet-agent/app" + "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/cmd/gardener-extension-shoot-fleet-agent/app" "os" "github.com/gardener/gardener/pkg/logger" diff --git a/docs/installation/setup.md b/docs/installation/setup.md index 76c365a..be32d40 100644 --- a/docs/installation/setup.md +++ b/docs/installation/setup.md @@ -12,7 +12,7 @@ To let the `shoot-fleet-agent` operate properly, you need to have: - have kubeconfig with read/write access to cluster.fleet.cattle.io and secret resrouces in some namespace ### ControllerRegistration -An example of a `ControllerRegistration` for the `shoot-fleet-agent` can be found here: https://github.com/javamachr/gardener-extension-shoot-fleet-agent/blob/master/example/controller-registration.yaml +An example of a `ControllerRegistration` for the `shoot-fleet-agent` can be found here: https://github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/blob/master/example/controller-registration.yaml ### Configuration The `ControllerRegistration` contains a Helm chart which eventually deploy the `shoot-fleet-agent` to seed clusters. diff --git a/go.mod b/go.mod index 905f816..889d871 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/javamachr/gardener-extension-shoot-fleet-agent +module github.com/ysoftdevs/gardener-extension-shoot-fleet-agent go 1.17 @@ -9,6 +9,7 @@ require ( github.com/gobuffalo/packr/v2 v2.8.3 github.com/golang/mock v1.6.0 github.com/onsi/ginkgo v1.16.5 + github.com/pkg/errors v0.9.1 github.com/rancher/fleet/pkg/apis v0.0.0-20220601092642-d45a36738d27 github.com/spf13/cobra v1.4.0 github.com/spf13/pflag v1.0.5 @@ -81,7 +82,6 @@ require ( github.com/modern-go/reflect2 v1.0.2 // indirect github.com/nxadm/tail v1.4.8 // indirect github.com/onsi/ginkgo/v2 v2.1.4 // indirect - github.com/pkg/errors v0.9.1 // indirect github.com/prometheus/client_golang v1.12.1 // indirect github.com/prometheus/client_model v0.2.0 // indirect github.com/prometheus/common v0.32.1 // indirect diff --git a/hack/api-reference/config.md b/hack/api-reference/config.md index eae4549..3ead02a 100644 --- a/hack/api-reference/config.md +++ b/hack/api-reference/config.md @@ -60,7 +60,7 @@ ProjectConfig projectConfig
-map[string]github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis/config/v1alpha1.ProjectConfig +map[string]github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis/config/v1alpha1.ProjectConfig diff --git a/hack/update-codegen.sh b/hack/update-codegen.sh index 1848610..e09b3f0 100755 --- a/hack/update-codegen.sh +++ b/hack/update-codegen.sh @@ -24,24 +24,24 @@ PROJECT_ROOT=$(dirname $0)/.. bash "${PROJECT_ROOT}"/vendor/k8s.io/code-generator/generate-internal-groups.sh \ deepcopy,defaulter \ - github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/componentconfig \ - github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis \ - github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis \ + github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/componentconfig \ + github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis \ + github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis \ "config:v1alpha1" \ --go-header-file "${PROJECT_ROOT}/vendor/github.com/gardener/gardener/hack/LICENSE_BOILERPLATE.txt" bash "${PROJECT_ROOT}"/vendor/k8s.io/code-generator/generate-internal-groups.sh \ conversion \ - github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/componentconfig \ - github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis \ - github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis \ + github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/componentconfig \ + github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis \ + github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis \ "config:v1alpha1" \ - --extra-peer-dirs=github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis/config,github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis/config/v1alpha1,k8s.io/apimachinery/pkg/apis/meta/v1,k8s.io/apimachinery/pkg/conversion,k8s.io/apimachinery/pkg/runtime, github.com/gardener/gardener/extensions/pkg/controller/healthcheck/config/v1alpha1 \ + --extra-peer-dirs=github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis/config,github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis/config/v1alpha1,k8s.io/apimachinery/pkg/apis/meta/v1,k8s.io/apimachinery/pkg/conversion,k8s.io/apimachinery/pkg/runtime, github.com/gardener/gardener/extensions/pkg/controller/healthcheck/config/v1alpha1 \ --go-header-file "${PROJECT_ROOT}/vendor/github.com/gardener/gardener/hack/LICENSE_BOILERPLATE.txt" bash "${PROJECT_ROOT}"/vendor/k8s.io/code-generator/generate-internal-groups.sh \ conversion,client \ - github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet \ + github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet \ github.com/rancher/fleet/pkg/apis \ github.com/rancher/fleet/pkg/apis \ "fleet.cattle.io:v1alpha1" \ diff --git a/pkg/apis/config/install/install.go b/pkg/apis/config/install/install.go index 7b40803..263d267 100644 --- a/pkg/apis/config/install/install.go +++ b/pkg/apis/config/install/install.go @@ -1,9 +1,9 @@ package install import ( - "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis/config" - v1alpha1 "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis/config/v1alpha1" v1alpha1fleet "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" + "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis/config" + v1alpha1 "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis/config/v1alpha1" "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" diff --git a/pkg/apis/config/loader/loader.go b/pkg/apis/config/loader/loader.go index ed245aa..eb66a00 100644 --- a/pkg/apis/config/loader/loader.go +++ b/pkg/apis/config/loader/loader.go @@ -3,8 +3,8 @@ package loader import ( "io/ioutil" - "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis/config" - "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis/config/install" + "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis/config" + "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis/config/install" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/pkg/apis/config/v1alpha1/doc.go b/pkg/apis/config/v1alpha1/doc.go index fb27e0b..e52cad6 100644 --- a/pkg/apis/config/v1alpha1/doc.go +++ b/pkg/apis/config/v1alpha1/doc.go @@ -1,5 +1,5 @@ // +k8s:deepcopy-gen=package -// +k8s:conversion-gen=github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis/config +// +k8s:conversion-gen=github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis/config // +k8s:openapi-gen=true // +k8s:defaulter-gen=TypeMeta diff --git a/pkg/apis/config/v1alpha1/zz_generated.conversion.go b/pkg/apis/config/v1alpha1/zz_generated.conversion.go index 87aac31..0f7e928 100644 --- a/pkg/apis/config/v1alpha1/zz_generated.conversion.go +++ b/pkg/apis/config/v1alpha1/zz_generated.conversion.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated /* @@ -24,7 +25,7 @@ import ( unsafe "unsafe" healthcheckconfig "github.com/gardener/gardener/extensions/pkg/controller/healthcheck/config" - config "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis/config" + config "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis/config" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/pkg/client/fleet/clientset/versioned/clientset.go b/pkg/client/fleet/clientset/versioned/clientset.go index 750c5fc..949dc6e 100644 --- a/pkg/client/fleet/clientset/versioned/clientset.go +++ b/pkg/client/fleet/clientset/versioned/clientset.go @@ -21,7 +21,7 @@ package versioned import ( "fmt" - fleetv1alpha1 "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1" + fleetv1alpha1 "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" diff --git a/pkg/client/fleet/clientset/versioned/fake/clientset_generated.go b/pkg/client/fleet/clientset/versioned/fake/clientset_generated.go index 1a2b495..fcdf0c5 100644 --- a/pkg/client/fleet/clientset/versioned/fake/clientset_generated.go +++ b/pkg/client/fleet/clientset/versioned/fake/clientset_generated.go @@ -19,9 +19,9 @@ limitations under the License. package fake import ( - clientset "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned" - fleetv1alpha1 "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1" - fakefleetv1alpha1 "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/fake" + clientset "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned" + fleetv1alpha1 "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1" + fakefleetv1alpha1 "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/fake" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" diff --git a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/bundle.go b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/bundle.go index aaeb7e8..8f5507f 100644 --- a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/bundle.go +++ b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/bundle.go @@ -22,8 +22,8 @@ import ( "context" "time" - scheme "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1alpha1 "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" + scheme "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/bundledeployment.go b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/bundledeployment.go index bb9e03b..5e6f1f0 100644 --- a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/bundledeployment.go +++ b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/bundledeployment.go @@ -22,8 +22,8 @@ import ( "context" "time" - scheme "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1alpha1 "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" + scheme "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/bundlenamespacemapping.go b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/bundlenamespacemapping.go index 5c33369..ff406c3 100644 --- a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/bundlenamespacemapping.go +++ b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/bundlenamespacemapping.go @@ -22,8 +22,8 @@ import ( "context" "time" - scheme "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1alpha1 "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" + scheme "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/cluster.go b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/cluster.go index cfb45f9..ecf8dd9 100644 --- a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/cluster.go +++ b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/cluster.go @@ -22,8 +22,8 @@ import ( "context" "time" - scheme "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1alpha1 "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" + scheme "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/clustergroup.go b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/clustergroup.go index bd43095..6f3e3cb 100644 --- a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/clustergroup.go +++ b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/clustergroup.go @@ -22,8 +22,8 @@ import ( "context" "time" - scheme "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1alpha1 "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" + scheme "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/clusterregistration.go b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/clusterregistration.go index 132006c..0a4d93c 100644 --- a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/clusterregistration.go +++ b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/clusterregistration.go @@ -22,8 +22,8 @@ import ( "context" "time" - scheme "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1alpha1 "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" + scheme "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/clusterregistrationtoken.go b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/clusterregistrationtoken.go index b47db3c..3dcea58 100644 --- a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/clusterregistrationtoken.go +++ b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/clusterregistrationtoken.go @@ -22,8 +22,8 @@ import ( "context" "time" - scheme "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1alpha1 "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" + scheme "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/content.go b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/content.go index 7a6ab3a..e81f105 100644 --- a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/content.go +++ b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/content.go @@ -22,8 +22,8 @@ import ( "context" "time" - scheme "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1alpha1 "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" + scheme "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/fake/fake_fleet.cattle.io_client.go b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/fake/fake_fleet.cattle.io_client.go index 366d2fd..9b7af30 100644 --- a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/fake/fake_fleet.cattle.io_client.go +++ b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/fake/fake_fleet.cattle.io_client.go @@ -19,7 +19,7 @@ limitations under the License. package fake import ( - v1alpha1 "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1" + v1alpha1 "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) diff --git a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/fleet.cattle.io_client.go b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/fleet.cattle.io_client.go index 5d6e889..0c32003 100644 --- a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/fleet.cattle.io_client.go +++ b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/fleet.cattle.io_client.go @@ -19,8 +19,8 @@ limitations under the License. package v1alpha1 import ( - "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1alpha1 "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" + "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) diff --git a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/gitrepo.go b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/gitrepo.go index da10af1..947bda9 100644 --- a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/gitrepo.go +++ b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/gitrepo.go @@ -22,8 +22,8 @@ import ( "context" "time" - scheme "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1alpha1 "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" + scheme "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/gitreporestriction.go b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/gitreporestriction.go index 64221e3..8c12dc4 100644 --- a/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/gitreporestriction.go +++ b/pkg/client/fleet/clientset/versioned/typed/fleet.cattle.io/v1alpha1/gitreporestriction.go @@ -22,8 +22,8 @@ import ( "context" "time" - scheme "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1alpha1 "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" + scheme "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/cmd/options.go b/pkg/cmd/options.go index d43c399..c082415 100644 --- a/pkg/cmd/options.go +++ b/pkg/cmd/options.go @@ -19,12 +19,12 @@ import ( "github.com/gardener/gardener/extensions/pkg/controller/cmd" extensionshealthcheckcontroller "github.com/gardener/gardener/extensions/pkg/controller/healthcheck" healthcheckconfig "github.com/gardener/gardener/extensions/pkg/controller/healthcheck/config" - apisconfig "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis/config" - "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis/config/v1alpha1" - "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/controller" - controllerconfig "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/controller/config" - healthcheckcontroller "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/controller/healthcheck" "github.com/spf13/pflag" + apisconfig "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis/config" + "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis/config/v1alpha1" + "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/controller" + controllerconfig "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/controller/config" + healthcheckcontroller "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/controller/healthcheck" "io/ioutil" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/serializer" diff --git a/pkg/controller/actuator.go b/pkg/controller/actuator.go index 5923b89..0d009c0 100644 --- a/pkg/controller/actuator.go +++ b/pkg/controller/actuator.go @@ -17,14 +17,14 @@ package controller import ( "context" "fmt" - managed_resource_handler "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/controller/managed-resource-handler" - token_requestor_handler "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/controller/token-requestor-handler" - "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/utils" + managed_resource_handler "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/controller/managed-resource-handler" + token_requestor_handler "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/controller/token-requestor-handler" + "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/utils" "k8s.io/apimachinery/pkg/api/errors" "reflect" "strings" - projConfig "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis/config" + projConfig "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis/config" "github.com/gardener/gardener/pkg/apis/core/v1beta1" "github.com/gardener/gardener/pkg/extensions" @@ -42,7 +42,7 @@ import ( "github.com/gardener/gardener/extensions/pkg/controller" "github.com/gardener/gardener/extensions/pkg/controller/extension" - "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/controller/config" + "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/controller/config" extensionsv1alpha1 "github.com/gardener/gardener/pkg/apis/extensions/v1alpha1" kutil "github.com/gardener/gardener/pkg/utils/kubernetes" diff --git a/pkg/controller/add.go b/pkg/controller/add.go index 70ec3e1..6e66eca 100644 --- a/pkg/controller/add.go +++ b/pkg/controller/add.go @@ -15,7 +15,7 @@ package controller import ( - controllerconfig "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/controller/config" + controllerconfig "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/controller/config" "github.com/gardener/gardener/extensions/pkg/controller/extension" "sigs.k8s.io/controller-runtime/pkg/controller" diff --git a/pkg/controller/config/config.go b/pkg/controller/config/config.go index 8c6675b..dfc588a 100644 --- a/pkg/controller/config/config.go +++ b/pkg/controller/config/config.go @@ -1,6 +1,6 @@ package config -import "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis/config" +import "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis/config" // Config holds controller config type Config struct { diff --git a/pkg/controller/fleetmanager.go b/pkg/controller/fleetmanager.go index e829f86..7caefc5 100644 --- a/pkg/controller/fleetmanager.go +++ b/pkg/controller/fleetmanager.go @@ -8,9 +8,9 @@ import ( "k8s.io/client-go/tools/clientcmd" - fleetConfig "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/apis/config" - clientset "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned" "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" + fleetConfig "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/apis/config" + clientset "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/client/fleet/clientset/versioned" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes" diff --git a/pkg/controller/healthcheck/add.go b/pkg/controller/healthcheck/add.go index bdd0062..6901ec9 100644 --- a/pkg/controller/healthcheck/add.go +++ b/pkg/controller/healthcheck/add.go @@ -19,7 +19,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" - fleetcontroller "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/controller" + fleetcontroller "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/controller" "github.com/gardener/gardener/extensions/pkg/controller/healthcheck" healthcheckconfig "github.com/gardener/gardener/extensions/pkg/controller/healthcheck/config" diff --git a/pkg/controller/managed-resource-handler/handler.go b/pkg/controller/managed-resource-handler/handler.go index 800c4c4..8be5086 100644 --- a/pkg/controller/managed-resource-handler/handler.go +++ b/pkg/controller/managed-resource-handler/handler.go @@ -11,7 +11,7 @@ import ( "github.com/gardener/gardener/pkg/utils/managedresources" "github.com/gardener/gardener/pkg/utils/retry" "github.com/go-logr/logr" - token_requestor_handler "github.com/javamachr/gardener-extension-shoot-fleet-agent/pkg/controller/token-requestor-handler" + token_requestor_handler "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/controller/token-requestor-handler" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "path/filepath" "sigs.k8s.io/controller-runtime/pkg/client" From d9d3a12dd9b78b9537aa23df4594ae99de9946a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20=C5=A0alata?= Date: Tue, 7 Jun 2022 14:29:54 +0200 Subject: [PATCH 06/12] Add the forgotten utils module --- pkg/utils/parallel.go | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 pkg/utils/parallel.go diff --git a/pkg/utils/parallel.go b/pkg/utils/parallel.go new file mode 100644 index 0000000..22fc938 --- /dev/null +++ b/pkg/utils/parallel.go @@ -0,0 +1,43 @@ +package utils + +import ( + "github.com/pkg/errors" + "sync" +) + +// RunParallelFunctions runs a list of functions in parallel +// returns nil if all functions return nil +// returns an error which wraps all errors that occurred within the functions +func RunParallelFunctions(functions []func() error) error { + var wg sync.WaitGroup + var mu sync.Mutex + var errorList []error + + for _, function := range functions { + wg.Add(1) + + // create an intermediate variable so each goroutine uses the correct function and doesn't get overwritten + function := function + go func(wg *sync.WaitGroup, mu *sync.Mutex) { + defer wg.Done() + err := function() + if err != nil { + mu.Lock() + errorList = append(errorList, err) + mu.Unlock() + } + }(&wg, &mu) + } + + wg.Wait() + + if len(errorList) > 0 { + err := errors.New("not all functions returned nil error") + for _, errorItem := range errorList { + err = errors.Wrap(err, errorItem.Error()) + } + return err + } + + return nil +} From 4cf1cf33dcd4ce4c0b4a0c2ffecf570bc8bd984e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20=C5=A0alata?= Date: Wed, 8 Jun 2022 14:42:13 +0200 Subject: [PATCH 07/12] Fix reconciliation of fleet pre-token requestor --- Makefile | 5 +++ VERSION | 2 +- .../Chart.yaml | 2 +- .../templates/rbac.yaml | 7 ++++ example/controller-registration.yaml | 28 ++++++++----- hack/generate-controller-registration.sh | 40 +++++++++++-------- .../config/v1alpha1/zz_generated.deepcopy.go | 3 +- pkg/apis/config/zz_generated.deepcopy.go | 3 +- pkg/controller/actuator.go | 11 ++++- 9 files changed, 70 insertions(+), 31 deletions(-) diff --git a/Makefile b/Makefile index 60849ed..98ff13b 100644 --- a/Makefile +++ b/Makefile @@ -121,6 +121,11 @@ check: generate: @$(REPO_ROOT)/vendor/github.com/gardener/gardener/hack/generate.sh ./charts/... ./cmd/... ./pkg/... ./test/... @rm -rf ./pkg/client/fleet/clientset/internalversion; + +.PHONY: generate-charts +generate-charts: + @$(REPO_ROOT)/vendor/github.com/gardener/gardener/hack/generate.sh ./charts/... + .PHONY: format format: @$(REPO_ROOT)/vendor/github.com/gardener/gardener/hack/format.sh ./cmd ./pkg ./test diff --git a/VERSION b/VERSION index 48a912e..ea00f77 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v1.0.2-DEV +v1.0.4-DEV diff --git a/charts/gardener-extension-shoot-fleet-agent/Chart.yaml b/charts/gardener-extension-shoot-fleet-agent/Chart.yaml index 621a2df..5b2a0d2 100644 --- a/charts/gardener-extension-shoot-fleet-agent/Chart.yaml +++ b/charts/gardener-extension-shoot-fleet-agent/Chart.yaml @@ -2,4 +2,4 @@ apiVersion: v1 appVersion: "1.0" description: A Helm chart for the Gardener Shoot Fleet Agent extension. name: gardener-extension-shoot-fleet-agent -version: 0.1.0 +version: 0.3.3 diff --git a/charts/gardener-extension-shoot-fleet-agent/templates/rbac.yaml b/charts/gardener-extension-shoot-fleet-agent/templates/rbac.yaml index 23e60d9..cdd44af 100644 --- a/charts/gardener-extension-shoot-fleet-agent/templates/rbac.yaml +++ b/charts/gardener-extension-shoot-fleet-agent/templates/rbac.yaml @@ -12,10 +12,17 @@ rules: - extensions.gardener.cloud resources: - clusters + - dnsrecords verbs: - get - list - watch +- apiGroups: + - resources.gardener.cloud + resources: + - managedresources + verbs: + - "*" - apiGroups: - extensions.gardener.cloud resources: diff --git a/example/controller-registration.yaml b/example/controller-registration.yaml index 0fcdbc4..3bb14c9 100644 --- a/example/controller-registration.yaml +++ b/example/controller-registration.yaml @@ -1,20 +1,28 @@ --- apiVersion: core.gardener.cloud/v1beta1 +kind: ControllerDeployment +metadata: + name: extension-shoot-fleet-agent +type: helm +providerConfig: + chart: H4sIAAAAAAAAA+0caW/bRjafBfg/zMpbJClC6rAkt1pksaqspkbjA5brolgsghE5ktiQHO4MKUdNur993xy8JOq0Iye7fGhjco43b97Mu2YeNcHMJj5hBvkQEp871Df4lNLQGLuEhAaeED+sPXsY1AFO2235F2Dxr3xunLQazXaz0xHljU7n9PQZaj9w3K0g4iFmCD1jMOl17TbVf6Uw2Wb9zSlxPWfiU0b2GUMscKfVWrn+7XYrv/7NRv2k/QzVH3uyRfB/vv7H6BqHIWE+RyFFao3R/ZT4aBQ5ru34ExRg6z3sA24eVY7R7dThiEdBQFkID7AxXDRx6Qh5OLSm0PwVYsTFoTMj0DGcZsqxbwsMPplANfXRi4CRsfOB2OjegYZ/eWmiK9+dI+rLroIoFBCGXMcnMLZ5Nnw3DIE8gaRPPQ9Q3PWHyHYYh9qJE9bUHzUJeB79wWrqT1I0ndTkv0kBn/m1DMIRzDUK0NhxCSD91uT3gfgzwu/Fn9ATb/8R7e8wc2jE0fnZQIweMPo7sUJ4cmyCa7oxFELJjFvUJlD21GtdBFvJf3+KWWjOsefuNcYm+W+2Txbkv95ptkr5PwTgwLkjTKx7F80aFRwEyevzWcOsmy3jbHCHnldswi3mBKGs6qGfwCIgS+wLNKYMhVOC3uithIZiA6EfxQZCPbGBULK5zIqPPdJF22y7yiympG6emCdfpPh89bCV/NvUMid07zE2yH9TGPu8/3d6enpSyv8hoFYD0xfMwUJOQ/TCeoma9cb3aNi7RsMBAsHGvnzBYzCJDg4JsqgXYH9uoh5YftmNg8XnhM2IbSr3QFhPBH9dx4ItBfY98m2idEQPnAn4M6Tj8B6Dp/FWNXmFZiZqgpqwSBAizJFPQ+hHoQu7dzhg82X3t+f9wSUQJkY4qtRq4v8YR8EwCXat01DTrKMXokFVV1Vf/k3imNMIPJW5GBdFMF6YzEPTBASImQMPfIsohyVMRzAlkt80EjoKMbTH0COAt3G2JcJhQriEaRgG3Vrt/v7exJJqk7JJTbOO1/SMDaA86feLD96J4Pq/I4fBvEdzBHobuuAREOzie7lwE0agTjh1Prpn4BYJH4xrxks8tsND5oyiMMe7mFBgQLYBcA/2QrU3ROfDKvqhNzwfvpJYfj2//enql1v0a+/mpnd5ez4Yoqsb1L+6PDu/Pb+6hLcfUe/yN/Tz+eXZK0QcsabAVXD+YA5AqCO4CntHIhsSkiMiti08IJYzdiyYnT+JQCuhCQXz4Ev/lDDP4WJ9ufIxAY/reE4o3Uy+PDUYSjSa0O5EqD6xq02zBv9NwfurxWWGRf2QUdcF5cjIRLBCIjT5FK1RlsjUyO4GN0OYv34jHzDMk9RWIRXOFRrEaLtLaBXJ4KxLX1xbXuKLFecoOxPtm0vO6ULBJDF9izIGTipKaUA5Go4qQRb9l+mwlvCosJX9DwnsXdhcfL+ToJ3Pf8D/P22X5z+HgB3X/x0E/KBvuRkG28eCm/y/Vmvx/Oek2Sz9v4PAx48GssnY8cEnEqFZFRl//nlU2WZbHFVEZ+Lbqot6jXHJFmBoxs5EozQM46iSDTeXEBrCiwQTbSaDclOhMGN6TMulkV2bNbAbTHHjqPLe8e2uijVlqNmX7Y8gXB3jyNWv3aMKQu+jEVHYuujjR2TeYTci3JTjX2AfKGBm2gYJksWEnHFxUxePiMtlM4TUy2q8uvEncMd+E4b+EwLPxRbeQisZSDBy06BihTgYaaLHTd5XD53vsu1A+jyrn/IiV7J6uHzHggk3C+mIn9VbsoscD5Dq/YOQJniK+bU8OURVPsXNdqdbTWiRHcwQT1DaJWCOH45R9Rv+j2/4YlNGAsqdkLL5WhyweqQQZXd/lCunH88eRqHguM8tF3OuD0M0MzQrOPGgvC9CMgimqn9/jRpmo2XUgaQ+RBMjiNlCB8b/Gfa1ljvzjRPG4ZBExSHmsCMXnETz/XdAKgXp0lSJSa8apfHwUUYkxNmhVjaMhT2nb9YoH5dgcPmJCxsRCHBszbQ1usxQXYy4Tw79U+vozwk72n+lHD0cGHJLz4BblBkiFBMhJik+I950/tupN/L2/6Reb9dL+38IWDACclXv5KpexYsqNVP+nDi2u0rNX+DgqOKBMNs4xN3YLkkb4fiWG9mJb2ECruKdU2DNbkAYMUTrlwtGTxtb8YjEwYe02swnIZHqYt3Yq/o4PuwCv2hg2SmZlySdv8vv9y76JNTFeh5+QisM/hOv/47yb5PApXMPCne4Dtog/+3TenvR/z8t5f8wsOSVg3DwWirhZ8mCF4r4dnHC44r2tmMiJNIWTD6tyeOsXTrurCHE+aQkm5GZIzD/5HDhAb4V55BdVFdV8ow2Hybowj6NQDcoJnDphFCm2SAv0N9mGfMYrNljjgjFeiCmLLsfJErfp/rUNSlDCBw66z2PvBonFiMxLTrWMzIhWaKwc8GjCbpT+fmAI9HhAra1XUuEpF5MyqdCq5Qj64X0+tFfzVvNBvMH4M+1SHKobuUYVV9umEwcBqgSN7/mj7Pqe607Qsn+FhDHJX0Rl1zuTIJe+Z5liU2/e39xfI3Bz2cpb4wd1ZECuVL5nacDTjO3NLLwOnLdawqyOs/Jr4rsgqQyv+Go52HQommJgWq70WggQ4vI6xoJrVpOePSuk5sr38XDH0Q3K2JMRDdMnGpYIqnldYb29B5APuvGw7lv8dw0BMIpwW44lRK0O/JM540D2Q4XlxqZ25ccWl3dT2tBon6njo+qr6pLyFSaj0EDoq44jFRDraJVdbmKe/SSDkvIF0JGw7FfZ7fSchCa31XEn+U2htrBbwe9s8HNu8HbQV/cnr277F0Mhte9/iBtitBMkP0jo143W4rQ2CGufUPGC8W6QmiqbqK004Oh/RVqTPT5Re/N4A4ovrp5d3U3uPn15vx2meAuUoY44z/XCh3qdUpxiUhGOI2YRfI7KSntStdcn0It9/mEQuZ4qXfeqG9QyjAX6kYeuRC6ixcsYJF1y7LCEx3VUiwLdLYhg/0j8uG6QGL0CIu0wdStonFpybalMc83xbVljb2eXcpjyG1nVXS5MKXVZ8l5lLsxb2fWWXE8nCN5ZUS6LhiOQR9kX1AbcLSa9exMYhY/wP/fMf5TpRmzs80Ym85/TuqnC/EfPJf3PweB4nOdoRSywohvN5nbKu5LRsjsqw0BwajTIr4Vq+8nP0X5emFH+c9dSWyrADbKf6ezKP+t0zL//yCQlf+sxBXfPSkPVumI62wU+IDDIe0bNpJckKOK+KAAu2fK8sW+RS4BuRqPjiSByznIyZAF98xm9am5/uXAjvLPRtjSDSzCUo2/VhNsvP9pLsp/p9k4LeX/ELB0/itW2MRROAXx+kPlBWauhfW1jwtcI+yGiizcdT4CX0jc6G4483jk89+9jrqWO3kyt8E2RvN8t6Ha/LIni1wZ3RjQ33nDaBSoaRioWlWHv2lAKktVHMNlJejXUVLxbfWQiZd7yP/OHwJtkP8WyP2C/DdbZf7/YeCzyP+2EvrVXveslvaVqq9ICViKj1y92T4XR6nM5os6YUJC9eA6XD/di1uhIgKSMbYYXyu2pLhQFz1wjmnjxfcasDiMdpiseAzSxyiAbUe2V7lJLPog/sJ7Zv5KNArXFpaWenGpzExywpgNhYODPcDq7CedW2bKBUu9SlTX7DVGXcKXSkYg1o4/0RWZNouV+xAu9zZI0C5rVU3u05SFXDCY8EpmIL6ZSmmKk/eA2ot1WN03rbC4BYSJm/Bi4tIsiGVsj8MVi4IecPxNiyrV0tLCxCM/Atq4Rh7Y6NrtLjmyBGWnn/AnlrAHGqAf1O78P7VDwID4vide6zUcFM0KLPhu7OLRSGT4KvMXHxdmb3R35/9Wp4RP7Sn9b8KO/n9el24ZCWyK/9v1pfO/9mkZ/x8EltRv9hIgL9Vl+tdKPfzUq7g/7Cj/swDv/jsgG+S/0eosfv/XPCnzPw8DCxfiYn3VV8X2YtZ3FTwKyi28/A1HsxqrDGgcOtDkmto93ZqwvTWHAdRsrT2SDLWCGcVebC5FK1+olU6SWyZLnVzCQlKnkg+ef/s8vaf3HL/nuvSeZJO9AF0QSZqTT/Wrq8kyUxwm9BPf38fdqmtms9gtm/ohUjQ9yuZ70aC67kOG7rn8qRNCIGsQAKQpSoWZx6JiOfs4zaTYVpGrsCO3vqpIJVNkEsDEfLKtzbTdl5Wu/+iwlf6fKS7t+wNQG/T/iUj2WPz9t06j1P+HAJUDq/Rh/NliF83F74SoW1gT/xExYjGh7rcVvBBPukg6DPI1yKTO9tx7POfig738oYPQMdBc61upN6vtuiePVxItVu20LhxZJH/fY0PjRvM72fqoAuItm2rLlmarHRdZgeNlfX6cavNGve6lRfFgcqwtdE5VmEVJUybnNM59yebFAkpRujIbtYvG2OVyEpns2tSKLeE6qmS/01Wz0rllOu9GZWnKY5/st9LHIzC2Mt0GZmBnqsQv20ic+hyZxSeKIu+ZcKCLkYxXDxyj8vYeu7pbP27ObN1owdrH5+PQNf2M+V7g1b8uljQQH1vAkDHG/s0ZouqYQk5Uf5Wc/oxMPNVjkc2e/bBZFsG6znVxXPBgnogMhQRrjkMa/w5syiNLMDwy5wpH8ebyR5k+D3eyqB+HRVmMn5lP+aGOKsuZ6l30z3+JmmNUlHcqPyMUFKqcaM3afJ6sYpvyh9RklPa6yejuiRNOo5EJ7Ev0dW1V76zOJ5E5WVDzejZp1mf800V6+WI0Ut9X62bT/P6gl9cllFBCCSWUUEIJJZRQQgkllFBCCSWUUEIJJZRQQgkllFBCCSWUUIKE/wKJB60LAHgAAA== + values: + image: + tag: v1.0.4-DEV + fleetManager: + kubeconfig: #base64 encoded kubeconfig of Fleet manager cluster with user that has write access to Cluster and Secret + namespace: clusters +--- +apiVersion: core.gardener.cloud/v1beta1 kind: ControllerRegistration metadata: name: extension-shoot-fleet-agent spec: + deployment: + deploymentRefs: + - name: extension-shoot-fleet-agent resources: - kind: Extension type: shoot-fleet-agent globallyEnabled: true - deployment: - type: helm - providerConfig: - chart: H4sIAAAAAAAAA+0ca3PbNjKf+StwynWadELqYdludZObU2U19TSxPVbqTufmJgORkMSGJFiAlKMmvd9+iwcpkKKedu30yp1MLIHAYneBfQFLTTHzSESYTT4kJOI+jWw+ozSxJwEhiY2nJEqaT+4GLYDT42P5F6D8V35uH3XbnePOyYlob5+cnJ4+Qcd3nHcnSHmCGUJPGDC9qd+2539SmO6y/s6MBKE/jSgjh8whFvik2127/rDsxfXvtFtH3Seodd/MVsFffP2foiucJIRFHCUUqTVGtzMSoXHqB54fTVGM3fewD7hjPUVvZz5HPI1jyhL4APsiQNOAjlGIE3cGvV8gRgKc+HMC45KZ0Y4jDxBEZApPaYSexYxM/A/EQ7c+9PvbcwddRsEC0UiOFCShmDAU+BFxLOds9G6UAG2AYkDDEBDcDEbI8xm3nKmfNOX/inzLGf/GmvL/rGE2bYr/sq98HjWXiMbAXxqjiR8Qbn3l8NsY/h/j9/B/EsLn/0LXG8x8mnJ0fjaECWNGfyFuYjm+R3BT9YMmy5lzl3qkaT32qu4OO+n/YIZZ4ixwGBw0xzb974BvKOp/6wRMQq3/DwA49m8IE+veQ/O2hePY+Oq0nLZ9NryxPMJd5seJbO+j78EdIFdsCjShDCUzgl7pfYRGYveg78TuQX2xe1C+sxwrwiHpoV32nDWvIOOxhfV/CDvpv0ddZ0oPnmOL/nda7aNS/Hd6enJa6/9DQLMJbjBegKecJeiZ+xzBanyDRv0rNBoi0G0cyS94Au7RxwlBLg1jHC0c1AfXL4dxcPmcsDnxHBUfCE+K4G/gu7ClwMOnkUeUmehDMAF/RnSS3GKINF6rLi/Q3EEdsBQuiROEOYpoAuMoDGG3PgdskRz++nwwvADCxAxWswn/MgwVk+S4tUVDHaeFnokODf2o8fwfAsWCphCnLMSkKIXJkpwJTRDMLtgGAUQuUfFKspzAETh+1jjoOMHQHcOAGL5NzI4IJ5poCbMkiXvN5u3trYMlxQ5l06YWGm9qXm2gWo/6MYIIRUj719RnwPF4gcBewwA8BloDfCsXbMoIPBPBXIRuGQRFIvjiWuACjefzhPnjNCkILaMRWDc7gNhgCzT6I3Q+aqBv+6Pz0QuB5Kfzt99f/vgW/dS/vu5fvD0fjtDlNRpcXpydvz2/vIBv36H+xc/oh/OLsxeI+GIlQZwQ9AEHQKYvxAk7RuAaEVIgIfMpPCauP/FdYC2apmCK0JSCW4hkUEpY6HOxrFxGloAm8EM/kcElX+XLsaDLlPamwtiJfew4Tfg3g9ivmbXZLo0SRoMAzCEjUyEFic7hM7TBPCJHI7sZXo+Ad/2NfMDAI2muQyrCKTTM0PZWPaDg6UrF3trZkkisNEcmHzoYl0LTjUI+gnWXMgZhKlpSgAoUWLGJvfauf0XYyf8nBHYybDZ+2EnQ3uc/EP+fHtfnPw8Be67/O8j4wfRyJ4l3zwW3xX9Hp6X4r3PU6dTnPw8CHz/ayCMTP4KoSGRnDWT//ru1U4YmhpLIkwMsE498DE5n4k8VOtu2LTPRXMFli/gRHLWTz8cdhcDJSHHcgKZec97GQTzDbeu9H3k9lWfKNHMgu0OmOsFpoL/1LITep2OiUPXQx4/IucFBSrgjJ3+DI5ieOcs+CKgVrPiT6p4BHpOAi14Iqc/rseq+nyAW+1n4+k8IIhdPBAzdbBohvi0zikXh4KiJmjT/un7ewogdZ9EnWoNcCIWG9XMVx1Ww2qkgQn+Un/NN44eAUG0XhDSpM8yv5CkhavAZ7hyf9Bo5GbK/k+ApykfEzI+SCWp8wf/1BS/3ZCSm3E8oW2xCAQtGqhD2DkZYzXbGNcxAIUZfuAHmXB95KCFoEXASQvNAJF2QLjX++RK1nXbXbgE1A8gaxpCVJT5M/QNsYa1fzis/yVIegYlDauGlAUSFzvuvgUgKSmTlzK6bo33nOcYkwcZE67ppfTatyVrLEhAMcT0JYMvBzL6nRLXBSNlqhJ0NMVE/tun9LGBP/6+sZIhjW+71OUiVMltkZSLVJNVnxFvvf05K579H0L9d+/+HgJJTkKt6I1f1MltUYbRKx8TK+Sqr/wbHVgiq7uEE97SHkg7Dj9wg9fK4wgE81btm1a1dg75iSNovis5Pe1xLnJ7gOJZ+m0UkIdKUbJp4zRA/gtWPqmYVYzKOJNH8XXGX99Any/CKlYL7hKod/mMvugF76r9H4oAuQmjc4zpoi/4fH6/G/6fHR7X+PwSUQ3PQEd7MNfwsX+4KFd8pSbhP1d5xQoREuYLDZ015rrXHuH0NhDigFCQzMvcF2u99LuLB1+Igsoda8ok8ny1mCbpxQFMwDZJ7LuMTyhT/8s78tSGQexDJ/swhlKm9psrYABJfFFF93Jo1IQTxnfuep2GTE5eRjAyd3dlGHpbb6EKy6IDJVJE+4MjMtoAd3dQKGct4ZSmgSh9UIOqZDPzR3523WgLOtyCZK1HP0NgpBGo838yKTgVUQ1BY6XtZ60NWG6FsOwvIEpOBSEwu9p1fL3jfdcUe33u4OLDGEPCzXCr2fjZHgVyf4m7TWaZjLohsu0qD4IqCWi4Kqqoyujh/WNhkNAwxWMm8wUbNveizka1V4mWTJG6zoCx6n8ntVBgR4g9ilJsyJhIcJk4uXFG78tKge3nkLz/rzqNF5HKTBYFvRnCQzKTG7I/bGLxtHs/n4vbCuGQpYNWPB8unoEC/UD9CjReNMi5VyGPTmKirDHtpjNZRqoZcZiP6+YAy7lLGaPveS3MHraaghc1Eorm5IdSufT3snw2v3w1fDwficuzdRf/NcHTVHwzzngjNBcnfMRr2jEaEJj4JvGsyKbbqdmGRerlhXh78HGo2M3rP3/RfDW+A2Mvrd5c3w+ufrs/frtDaQ8q/GoFxszJSXm/5VghkhNOUuaSwefLGngi49QnT6ohPKGF+uIy5262NVhe4oEEakjfCQvHVNavyXIYIQjFMyX9Vd41+DLaLqGvrAXXpnRdmixNbQ9/KMu1GX0FcSlgr9nijlFQMYO5c1XJR4mX9cXAB4V4y21dibpbLmuSuzSg3ZLIZ6IPoN9QDFN1Oy2BCC/axQ38Je+Z/qtVwTbvMse3856jVLuV/3Xb7uM7/HgIqD3ZGUk0rUr69dHaXxC9Db+yoLenB+KRLIjez9p/VWcqfEfbU/8J9xa4GYKv+n5Tv/7vduv7vYcDUf1Pvqi+mZKirbMSVmSAeejqkA8l2XgdiiZcJcHCmnKcOSgrVx41sYiRJWy1AzueruGd2Go8t788N9tR/Nsau7uAStjT6Gy3BNv0/aZXf/znp1P7/YaB8/isW2MFpMgMd+02VCS4vjfW1TwAyI+yaBmRTiMBLpRu9zUci93oAfMjp1+qYUBY5ePZ4URw1UpteDGRpIJIiG0b7rxhNY8mBjRoNq5C4yjaV/XDxCCzqOGv+qvGIqcAB+r/3i0Bb9P/odEX/O93T+v2fB4F71/8ddfRPed+zTtvX2rxVI+Aq4fGiDZiSRP4NfK4+3IoroDtNtOxa+toEDpN0NwLEpzj/lMaw1GQ3Y5cnfwdyCl8NZtUWrJAmCJOGWaOsEvITzXPFpGB+sTykyXlZMrhCwVpNWLuojAaElxvGoDN+NFXtyx6lR3sSKz55sDl3XY1GfmklvU/RF8E3MgeVWD6S7i37GlOv9ASra50qR7ZKjbhQrqJoWUlQxnNXAbiUMpDr5iWTil2SvJ7wjgizdnnOoZ7tdH9gEGKwmwlDq8mdrPW3ar/91Yw2cK4vULJ13SA46LXq5fYSE0/HoiRW+onsOM28Dd1X6Lscox3u//eM/4oWYMdIcFv+1z3tls9/Tlp1/c+DQNmiGGfAhU1bl/+sWpbHXrv7gD31fx7j/X8HYov+t7tH5fq/ztFxq9b/h4DSpapYX/WWqVeq+m2At6Tcxas1/p2GNhnQN/GhxxX1+rozYQdaDhso2dF6ZGVLFaxksZhZvFNsUyYnLziSjb55z50/UrfWX371ZX7JG/pRPwjoLTFqgABXnEpi89e0G+spcpYoHBgnXr7OhjU2MFIeZlQKiDq9kLLFQSSooYdQoUeWX3tBCJQLQti8gKWq1FS0r5SbLq/fdzTfKmY2F1W1qAt4oyhIMGJ2dpb9Ptsq7T8OdrL/cyW5Q38AaNv5H9j7ld//Oq7v/x4EVI2kNIvZ62w99Aue4xC7M7ZrPWOCpz0kIwTxLTZqKfvBLV5wyypky8K6QFdlZaW9bBy3QnEMkFuvxkn3jS9a5K86bOzZ7nwtulqg2KKbdl95QdPTCov/dMV6P13a7narFeYt2Sxykq1mpiH8HpBiFB7q6gazMhKwQePagsQemuCAC9KN6srcT5URWeb7mJITXXmkaypUsZ44mDDfhH06BjcqKymAbs94JH6yRGJE6vaDZWdZotyVcCCJkWW8DkKi8l4WB3rUIOvNPN2p6MWz808YuXxP9VZg1b8ZlXcQpfQwYYZwcH2GqMqsBZP6xdPlb4RoNp+K0mXz1VVLrmO40K36+52lIa6dc6SmbDT6PQRUxJUhuGeZVU0SLuQP7PwhkjEx34t4TIR/rIwKM1mrdck99O//WEBCVQGieCtMEKcKYZVIi7WSSlwyxlFcKNt0bZjfqZ/M0rEDUsvtb3PNYNNqk9SZukzE5bnV1lwsy/ayX6LRi6axSPPdaDkd55vHvIusoYYaaqihhhpqqKGGGmqooYYaaqihhhpqqKGGGmqooYYaaqihhhpqqGF/+B//zISUAHgAAA== - values: - image: - tag: v1.0.1-DEV - fleetManager: - kubeconfig: #base64 encoded kubeconfig of Fleet manager cluster with user that has write access to Cluster and Secret - namespace: clusters + primary: true diff --git a/hack/generate-controller-registration.sh b/hack/generate-controller-registration.sh index fb91ca6..5fc6895 100755 --- a/hack/generate-controller-registration.sh +++ b/hack/generate-controller-registration.sh @@ -37,7 +37,9 @@ EOM if [ "$1" == "--optional" ]; then shift - MODE=$'\n globallyEnabled: false' + GLOBALLY_ENABLED='false' +else + GLOBALLY_ENABLED='true' fi NAME="$1" CHART_DIR="$2" @@ -67,7 +69,7 @@ trap cleanup EXIT ERR INT TERM export HELM_HOME="$temp_helm_home" [ "$(helm version --client --template "{{.Version}}" | head -c2 | tail -c1)" = "3" ] || helm init --client-only > /dev/null 2>&1 -helm package "$CHART_DIR" --version "$VERSION" --app-version "$VERSION" --destination "$temp_dir" > /dev/null +helm package "$CHART_DIR" --app-version "$VERSION" --destination "$temp_dir" > /dev/null tar -xzm -C "$temp_extract_dir" -f "$temp_dir"/* chart="$(tar --sort=name -c --owner=root:0 --group=root:0 --mtime='UTC 2019-01-01' -C "$temp_extract_dir" "$(basename "$temp_extract_dir"/*)" | gzip -n | base64 | tr -d '\n')" @@ -76,10 +78,27 @@ mkdir -p "$(dirname "$DEST")" cat < "$DEST" --- apiVersion: core.gardener.cloud/v1beta1 +kind: ControllerDeployment +metadata: + name: $NAME +type: helm +providerConfig: + chart: $chart + values: + image: + tag: $VERSION + fleetManager: + kubeconfig: #base64 encoded kubeconfig of Fleet manager cluster with user that has write access to Cluster and Secret + namespace: clusters +--- +apiVersion: core.gardener.cloud/v1beta1 kind: ControllerRegistration metadata: name: $NAME spec: + deployment: + deploymentRefs: + - name: $NAME resources: EOM @@ -88,22 +107,11 @@ for kind_and_type in "${KINDS_AND_TYPES[@]}"; do TYPE="$(echo "$kind_and_type" | cut -d ':' -f 2)" cat <> "$DEST" - kind: $KIND - type: $TYPE$MODE - globallyEnabled: true + type: $TYPE + globallyEnabled: $GLOBALLY_ENABLED + primary: true EOM done -cat <> "$DEST" - deployment: - type: helm - providerConfig: - chart: $chart - values: - image: - tag: $VERSION - fleetManager: - kubeconfig: #base64 encoded kubeconfig of Fleet manager cluster with user that has write access to Cluster and Secret - namespace: clusters -EOM echo "Successfully generated controller registration at $DEST" diff --git a/pkg/apis/config/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/config/v1alpha1/zz_generated.deepcopy.go index 62b3b45..b20ce38 100644 --- a/pkg/apis/config/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/config/v1alpha1/zz_generated.deepcopy.go @@ -1,7 +1,8 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated /* -Copyright (c) 2021 SAP SE or an SAP affiliate company. All rights reserved. This file is licensed under the Apache Software License, v. 2 except as noted otherwise in the LICENSE file +Copyright (c) SAP SE or an SAP affiliate company. All rights reserved. This file is licensed under the Apache Software License, v. 2 except as noted otherwise in the LICENSE file Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/apis/config/zz_generated.deepcopy.go b/pkg/apis/config/zz_generated.deepcopy.go index f6d9e51..dcffc46 100644 --- a/pkg/apis/config/zz_generated.deepcopy.go +++ b/pkg/apis/config/zz_generated.deepcopy.go @@ -1,7 +1,8 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated /* -Copyright (c) 2021 SAP SE or an SAP affiliate company. All rights reserved. This file is licensed under the Apache Software License, v. 2 except as noted otherwise in the LICENSE file +Copyright (c) SAP SE or an SAP affiliate company. All rights reserved. This file is licensed under the Apache Software License, v. 2 except as noted otherwise in the LICENSE file Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/controller/actuator.go b/pkg/controller/actuator.go index 0d009c0..38ae604 100644 --- a/pkg/controller/actuator.go +++ b/pkg/controller/actuator.go @@ -108,6 +108,11 @@ func (a *actuator) ensureDependencies(ctx context.Context, cluster *extensions.C return utils.RunParallelFunctions(dependencyFunctions) } +// isShootedSeed looks into the Cluster object to determine whether we are in a Shooted Seed cluster +func isShootHibernated(cluster *extensions.Cluster) bool { + return cluster.Shoot.Status.IsHibernated +} + // Reconcile the Extension resource. func (a *actuator) Reconcile(ctx context.Context, ex *extensionsv1alpha1.Extension) error { namespace := ex.GetNamespace() @@ -119,6 +124,10 @@ func (a *actuator) Reconcile(ctx context.Context, ex *extensionsv1alpha1.Extensi if isShootedSeedCluster(cluster) { return a.updateStatus(ctx, ex) } + if isShootHibernated(cluster) { + return a.updateStatus(ctx, ex) + } + shootsConfigOverride := &config.Config{} if ex.Spec.ProviderConfig != nil { //parse providerConfig defaults override for this Shoot if _, _, err := a.decoder.Decode(ex.Spec.ProviderConfig.Raw, nil, shootsConfigOverride); err != nil { @@ -195,7 +204,7 @@ func (a *actuator) InjectScheme(scheme *runtime.Scheme) error { func (a *actuator) ReconcileClusterInFleetManager(ctx context.Context, namespace string, cluster *extensions.Cluster, override *config.Config) error { a.logger.Info("Starting with already registered check") labels := prepareLabels(cluster, getProjectConfig(cluster, &a.serviceConfig), getProjectConfig(cluster, override)) - registered, err := a.getFleetManager(cluster).GetCluster(ctx, cluster.Shoot.Name) + registered, err := a.getFleetManager(cluster).GetCluster(ctx, buildCrdName(cluster)) // We cannot find the cluster because of an unknown error if err != nil && !errors.IsNotFound(err) { From 87615a7c2c0d0b87995bcd61a29fb846ecabb02e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20=C5=A0alata?= Date: Thu, 9 Jun 2022 13:17:22 +0200 Subject: [PATCH 08/12] Make fleet use the new kubeconfig secrets (fetched via token requestor flow) to access shoot clusters --- VERSION | 2 +- .../Chart.yaml | 2 +- example/controller-registration.yaml | 4 +- pkg/controller/actuator.go | 105 ++++++++++++------ pkg/controller/fleetmanager.go | 10 ++ 5 files changed, 88 insertions(+), 35 deletions(-) diff --git a/VERSION b/VERSION index ea00f77..086f0ea 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v1.0.4-DEV +v1.0.6-DEV diff --git a/charts/gardener-extension-shoot-fleet-agent/Chart.yaml b/charts/gardener-extension-shoot-fleet-agent/Chart.yaml index 5b2a0d2..97e430a 100644 --- a/charts/gardener-extension-shoot-fleet-agent/Chart.yaml +++ b/charts/gardener-extension-shoot-fleet-agent/Chart.yaml @@ -2,4 +2,4 @@ apiVersion: v1 appVersion: "1.0" description: A Helm chart for the Gardener Shoot Fleet Agent extension. name: gardener-extension-shoot-fleet-agent -version: 0.3.3 +version: 0.3.5 diff --git a/example/controller-registration.yaml b/example/controller-registration.yaml index 3bb14c9..6246101 100644 --- a/example/controller-registration.yaml +++ b/example/controller-registration.yaml @@ -5,10 +5,10 @@ metadata: name: extension-shoot-fleet-agent type: helm providerConfig: - chart: H4sIAAAAAAAAA+0caW/bRjafBfg/zMpbJClC6rAkt1pksaqspkbjA5brolgsghE5ktiQHO4MKUdNur993xy8JOq0Iye7fGhjco43b97Mu2YeNcHMJj5hBvkQEp871Df4lNLQGLuEhAaeED+sPXsY1AFO2235F2Dxr3xunLQazXaz0xHljU7n9PQZaj9w3K0g4iFmCD1jMOl17TbVf6Uw2Wb9zSlxPWfiU0b2GUMscKfVWrn+7XYrv/7NRv2k/QzVH3uyRfB/vv7H6BqHIWE+RyFFao3R/ZT4aBQ5ru34ExRg6z3sA24eVY7R7dThiEdBQFkID7AxXDRx6Qh5OLSm0PwVYsTFoTMj0DGcZsqxbwsMPplANfXRi4CRsfOB2OjegYZ/eWmiK9+dI+rLroIoFBCGXMcnMLZ5Nnw3DIE8gaRPPQ9Q3PWHyHYYh9qJE9bUHzUJeB79wWrqT1I0ndTkv0kBn/m1DMIRzDUK0NhxCSD91uT3gfgzwu/Fn9ATb/8R7e8wc2jE0fnZQIweMPo7sUJ4cmyCa7oxFELJjFvUJlD21GtdBFvJf3+KWWjOsefuNcYm+W+2Txbkv95ptkr5PwTgwLkjTKx7F80aFRwEyevzWcOsmy3jbHCHnldswi3mBKGs6qGfwCIgS+wLNKYMhVOC3uithIZiA6EfxQZCPbGBULK5zIqPPdJF22y7yiympG6emCdfpPh89bCV/NvUMid07zE2yH9TGPu8/3d6enpSyv8hoFYD0xfMwUJOQ/TCeoma9cb3aNi7RsMBAsHGvnzBYzCJDg4JsqgXYH9uoh5YftmNg8XnhM2IbSr3QFhPBH9dx4ItBfY98m2idEQPnAn4M6Tj8B6Dp/FWNXmFZiZqgpqwSBAizJFPQ+hHoQu7dzhg82X3t+f9wSUQJkY4qtRq4v8YR8EwCXat01DTrKMXokFVV1Vf/k3imNMIPJW5GBdFMF6YzEPTBASImQMPfIsohyVMRzAlkt80EjoKMbTH0COAt3G2JcJhQriEaRgG3Vrt/v7exJJqk7JJTbOO1/SMDaA86feLD96J4Pq/I4fBvEdzBHobuuAREOzie7lwE0agTjh1Prpn4BYJH4xrxks8tsND5oyiMMe7mFBgQLYBcA/2QrU3ROfDKvqhNzwfvpJYfj2//enql1v0a+/mpnd5ez4Yoqsb1L+6PDu/Pb+6hLcfUe/yN/Tz+eXZK0QcsabAVXD+YA5AqCO4CntHIhsSkiMiti08IJYzdiyYnT+JQCuhCQXz4Ev/lDDP4WJ9ufIxAY/reE4o3Uy+PDUYSjSa0O5EqD6xq02zBv9NwfurxWWGRf2QUdcF5cjIRLBCIjT5FK1RlsjUyO4GN0OYv34jHzDMk9RWIRXOFRrEaLtLaBXJ4KxLX1xbXuKLFecoOxPtm0vO6ULBJDF9izIGTipKaUA5Go4qQRb9l+mwlvCosJX9DwnsXdhcfL+ToJ3Pf8D/P22X5z+HgB3X/x0E/KBvuRkG28eCm/y/Vmvx/Oek2Sz9v4PAx48GssnY8cEnEqFZFRl//nlU2WZbHFVEZ+Lbqot6jXHJFmBoxs5EozQM46iSDTeXEBrCiwQTbSaDclOhMGN6TMulkV2bNbAbTHHjqPLe8e2uijVlqNmX7Y8gXB3jyNWv3aMKQu+jEVHYuujjR2TeYTci3JTjX2AfKGBm2gYJksWEnHFxUxePiMtlM4TUy2q8uvEncMd+E4b+EwLPxRbeQisZSDBy06BihTgYaaLHTd5XD53vsu1A+jyrn/IiV7J6uHzHggk3C+mIn9VbsoscD5Dq/YOQJniK+bU8OURVPsXNdqdbTWiRHcwQT1DaJWCOH45R9Rv+j2/4YlNGAsqdkLL5WhyweqQQZXd/lCunH88eRqHguM8tF3OuD0M0MzQrOPGgvC9CMgimqn9/jRpmo2XUgaQ+RBMjiNlCB8b/Gfa1ljvzjRPG4ZBExSHmsCMXnETz/XdAKgXp0lSJSa8apfHwUUYkxNmhVjaMhT2nb9YoH5dgcPmJCxsRCHBszbQ1usxQXYy4Tw79U+vozwk72n+lHD0cGHJLz4BblBkiFBMhJik+I950/tupN/L2/6Reb9dL+38IWDACclXv5KpexYsqNVP+nDi2u0rNX+DgqOKBMNs4xN3YLkkb4fiWG9mJb2ECruKdU2DNbkAYMUTrlwtGTxtb8YjEwYe02swnIZHqYt3Yq/o4PuwCv2hg2SmZlySdv8vv9y76JNTFeh5+QisM/hOv/47yb5PApXMPCne4Dtog/+3TenvR/z8t5f8wsOSVg3DwWirhZ8mCF4r4dnHC44r2tmMiJNIWTD6tyeOsXTrurCHE+aQkm5GZIzD/5HDhAb4V55BdVFdV8ow2Hybowj6NQDcoJnDphFCm2SAv0N9mGfMYrNljjgjFeiCmLLsfJErfp/rUNSlDCBw66z2PvBonFiMxLTrWMzIhWaKwc8GjCbpT+fmAI9HhAra1XUuEpF5MyqdCq5Qj64X0+tFfzVvNBvMH4M+1SHKobuUYVV9umEwcBqgSN7/mj7Pqe607Qsn+FhDHJX0Rl1zuTIJe+Z5liU2/e39xfI3Bz2cpb4wd1ZECuVL5nacDTjO3NLLwOnLdawqyOs/Jr4rsgqQyv+Go52HQommJgWq70WggQ4vI6xoJrVpOePSuk5sr38XDH0Q3K2JMRDdMnGpYIqnldYb29B5APuvGw7lv8dw0BMIpwW44lRK0O/JM540D2Q4XlxqZ25ccWl3dT2tBon6njo+qr6pLyFSaj0EDoq44jFRDraJVdbmKe/SSDkvIF0JGw7FfZ7fSchCa31XEn+U2htrBbwe9s8HNu8HbQV/cnr277F0Mhte9/iBtitBMkP0jo143W4rQ2CGufUPGC8W6QmiqbqK004Oh/RVqTPT5Re/N4A4ovrp5d3U3uPn15vx2meAuUoY44z/XCh3qdUpxiUhGOI2YRfI7KSntStdcn0It9/mEQuZ4qXfeqG9QyjAX6kYeuRC6ixcsYJF1y7LCEx3VUiwLdLYhg/0j8uG6QGL0CIu0wdStonFpybalMc83xbVljb2eXcpjyG1nVXS5MKXVZ8l5lLsxb2fWWXE8nCN5ZUS6LhiOQR9kX1AbcLSa9exMYhY/wP/fMf5TpRmzs80Ym85/TuqnC/EfPJf3PweB4nOdoRSywohvN5nbKu5LRsjsqw0BwajTIr4Vq+8nP0X5emFH+c9dSWyrADbKf6ezKP+t0zL//yCQlf+sxBXfPSkPVumI62wU+IDDIe0bNpJckKOK+KAAu2fK8sW+RS4BuRqPjiSByznIyZAF98xm9am5/uXAjvLPRtjSDSzCUo2/VhNsvP9pLsp/p9k4LeX/ELB0/itW2MRROAXx+kPlBWauhfW1jwtcI+yGiizcdT4CX0jc6G4483jk89+9jrqWO3kyt8E2RvN8t6Ha/LIni1wZ3RjQ33nDaBSoaRioWlWHv2lAKktVHMNlJejXUVLxbfWQiZd7yP/OHwJtkP8WyP2C/DdbZf7/YeCzyP+2EvrVXveslvaVqq9ICViKj1y92T4XR6nM5os6YUJC9eA6XD/di1uhIgKSMbYYXyu2pLhQFz1wjmnjxfcasDiMdpiseAzSxyiAbUe2V7lJLPog/sJ7Zv5KNArXFpaWenGpzExywpgNhYODPcDq7CedW2bKBUu9SlTX7DVGXcKXSkYg1o4/0RWZNouV+xAu9zZI0C5rVU3u05SFXDCY8EpmIL6ZSmmKk/eA2ot1WN03rbC4BYSJm/Bi4tIsiGVsj8MVi4IecPxNiyrV0tLCxCM/Atq4Rh7Y6NrtLjmyBGWnn/AnlrAHGqAf1O78P7VDwID4vide6zUcFM0KLPhu7OLRSGT4KvMXHxdmb3R35/9Wp4RP7Sn9b8KO/n9el24ZCWyK/9v1pfO/9mkZ/x8EltRv9hIgL9Vl+tdKPfzUq7g/7Cj/swDv/jsgG+S/0eosfv/XPCnzPw8DCxfiYn3VV8X2YtZ3FTwKyi28/A1HsxqrDGgcOtDkmto93ZqwvTWHAdRsrT2SDLWCGcVebC5FK1+olU6SWyZLnVzCQlKnkg+ef/s8vaf3HL/nuvSeZJO9AF0QSZqTT/Wrq8kyUxwm9BPf38fdqmtms9gtm/ohUjQ9yuZ70aC67kOG7rn8qRNCIGsQAKQpSoWZx6JiOfs4zaTYVpGrsCO3vqpIJVNkEsDEfLKtzbTdl5Wu/+iwlf6fKS7t+wNQG/T/iUj2WPz9t06j1P+HAJUDq/Rh/NliF83F74SoW1gT/xExYjGh7rcVvBBPukg6DPI1yKTO9tx7POfig738oYPQMdBc61upN6vtuiePVxItVu20LhxZJH/fY0PjRvM72fqoAuItm2rLlmarHRdZgeNlfX6cavNGve6lRfFgcqwtdE5VmEVJUybnNM59yebFAkpRujIbtYvG2OVyEpns2tSKLeE6qmS/01Wz0rllOu9GZWnKY5/st9LHIzC2Mt0GZmBnqsQv20ic+hyZxSeKIu+ZcKCLkYxXDxyj8vYeu7pbP27ObN1owdrH5+PQNf2M+V7g1b8uljQQH1vAkDHG/s0ZouqYQk5Uf5Wc/oxMPNVjkc2e/bBZFsG6znVxXPBgnogMhQRrjkMa/w5syiNLMDwy5wpH8ebyR5k+D3eyqB+HRVmMn5lP+aGOKsuZ6l30z3+JmmNUlHcqPyMUFKqcaM3afJ6sYpvyh9RklPa6yejuiRNOo5EJ7Ev0dW1V76zOJ5E5WVDzejZp1mf800V6+WI0Ut9X62bT/P6gl9cllFBCCSWUUEIJJZRQQgkllFBCCSWUUEIJJZRQQgkllFBCCSWUUIKE/wKJB60LAHgAAA== + chart: H4sIAAAAAAAAA+0caW/bRjafBfg/zMpbJClC6rAkt1pksaqspkbjA5brolgsghE5ktiQHO4MKUdNur993xy8JOq0Iye7fGhjco43b97Mu2YeNcHMJj5hBvkQEp871Df4lNLQGLuEhAaeED+sPXsY1AFO2235F2Dxr3xunLQazXaz0xHljU7n9PQZaj9w3K0g4iFmCD1jMOl17TbVf6Uw2Wb9zSlxPWfiU0b2GUMscKfVWrn+7XYrv/7NRv2k/QzVH3uyRfB/vv7H6BqHIWE+RyFFao3R/ZT4aBQ5ru34ExRg6z3sA24eVY7R7dThiEdBQFkID7AxXDRx6Qh5OLSm0PwVYsTFoTMj0DGcZsqxbwsMPplANfXRi4CRsfOB2OjegYZ/eWmiK9+dI+rLroIoFBCGXMcnMLZ5Nnw3DIE8gaRPPQ9Q3PWHyHYYh9qJE9bUHzUJeB79wWrqT1I0ndTkv0kBn/m1DMIRzDUK0NhxCSD91uT3gfgzwu/Fn9ATb/8R7e8wc2jE0fnZQIweMPo7sUJ4cmyCa7oxFELJjFvUJlD21GtdBFvJf3+KWWjOsefuNcYm+W+2Txbkv95ptkr5PwTgwLkjTKx7F80aFRwEyevzWcOsmx3jbHCHnldswi3mBKGs6qGfwCIgS+wLNKYMhVOC3uithIZiA6EfxQZCPbGBULK5zIqPPdJF22y7yiympG6emO0vUny+ethK/m1qmRO69xgb5L8pjH3e/zs9PT0p5f8QUKuB6QvmYCGnIXphvUTNeuN7NOxdo+EAgWBjX77gMZhEB4cEWdQLsD83UQ8sv+zGweJzwmbENpV7IKwngr+uY8GWAvse+TZROqIHzgT8GdJxeI/B03irmrxCMxM1QU1YJAgR5sinIfSj0IXdOxyw+bL72/P+4BIIEyMcVWo18X+Mo2CYBLvWaahp1tEL0aCqq6ov/yZxzGkEnspcjIsiGC9M5qFpAgLEzIEHvkWUwxKmI5gSyW8aCR2FGNpj6BHA2zjbEuEwIVzCNAyDbq12f39vYkm1SdmkplnHa3rGBlCe9PvFB+9EcP3fkcNg3qM5Ar0NXfAICHbxvVy4CSNQJ5w6H90zcIuED8Y14yUe2+Ehc0ZRmONdTCgwINsAuAd7odobovNhFf3QG54PX0ksv57f/nT1yy36tXdz07u8PR8M0dUN6l9dnp3fnl9dwtuPqHf5G/r5/PLsFSKOWFPgKjh/MAcg1BFchb0jkQ0JyRER2xYeEMsZOxbMzp9EoJXQhIJ58KV/SpjncLG+XPmYgMd1PCeUbiZfnhoMJRpNaHciVJ/Y1aZZg/+m4P3V4jLDon7IqOuCcmRkIlghEZp8itYoS2RqZHeDmyHMX7+RDxjmSWqrkArnCg1itN0ltIpkcNalL64tL/HFinOUnYn2zSXndKFgkpi+RRkDJxWlNKAcDUeVIIv+y3RYS3hU2Mr+hwT2Lmwuvt9J0M7nP+D/n7bL859DwI7r/w4CftC33AyD7WPBTf5fq7V4/nPSbJb+30Hg40cD2WTs+OATidCsiow//zyqbLMtjiqiM/Ft1UW9xrhkCzA0Y2eiURqGcVTJhptLCA3hRYKJNpNBualQmDE9puXSyK7NGtgNprhxVHnv+HZXxZoy1OzL9kcQro5x5OrX7lEFoffRiChsXfTxIzLvsBsRbsrxL7APFDAzbYMEyWJCzri4qYtHxOWyGULqZTVe3fgTuGO/CUP/CYHnYgtvoZUMJBi5aVCxQhyMNNHjJu+rh8532XYgfZ7VT3mRK1k9XL5jwYSbhXTEz+ot2UWOB0j1/kFIEzzF/FqeHKIqn+Jmu9OtJrTIDmaIJyjtEjDHD8eo+g3/xzd8sSkjAeVOSNl8LQ5YPVKIsrs/ypXTj2cPo1Bw3OeWiznXhyGaGZoVnHhQ3hchGQRT1b+/Rg2z0TLqQFIfookRxGyhA+P/DPtay535xgnjcEii4hBz2JELTqL5/jsglYJ0aarEpFeN0nj4KCMS4uxQKxvGwp7TN2uUj0swuPzEhY0IBDi2ZtoaXWaoLkbcJ4f+qXX054Qd7b9Sjh4ODLmlZ8AtygwRiokQkxSfEW86/+3UG3n7f1Kvt+ul/T8ELBgBuap3clWv4kWVmil/ThzbXaXmL3BwVPFAmG0c4m5sl6SNcHzLjezEtzABV/HOKbBmNyCMGKL1ywWjp42teETi4ENabeaTkEh1sW7sVX0cH3aBXzSw7JTMS5LO3+X3exd9EupiPQ8/oRUG/4nXf0f5t0ng0rkHhTtcB22Q//Zpvb3o/5+W8n8YWPLKQTh4LZXws2TBC0V8uzjhcUV72zEREmkLJp/W5HHWLh131hDifFKSzcjMEZh/crjwAN+Kc8guqqsqeUabDxN0YZ9GoBsUE7h0QijTbJAX6G+zjHkM1uwxR4RiPRBTlt0PEqXvU33qmpQhBA6d9Z5HXo0Ti5GYFh3rGZmQLFHYueDRBN2p/HzAkehwAdvariVCUi8m5VOhVcqR9UJ6/eiv5q1mg/kD8OdaJDlUt3KMqi83TCYOA1SJm1/zx1n1vdYdoWR/C4jjkr6ISy53JkGvfM+yxKbfvb84vsbg57OUN8aO6kiBXKn8ztMBp5lbGll4HbnuNQVZnefkV0V2QVKZ33DU8zBo0bTEQLXdaDSQoUXkdY2EVi0nPHrXyc2V7+LhD6KbFTEmohsmTjUskdTyOkN7eg8gn3Xj4dy3eG4aAuGUYDecSgnaHXmm88aBbIeLS43M7UsOra7up7UgUb9Tx0fVV9UlZCrNx6ABUVccRqqhVtGqulzFPXpJhyXkCyGj4divs1tpOQjN7yriz3IbQ+3gt4Pe2eDm3eDtoC9uz95d9i4Gw+tef5A2RWgmyP6RUa+bLUVo7BDXviHjhWJdITRVN1Ha6cHQ/go1Jvr8ovdmcAcUX928u7ob3Px6c367THAXKUOc8Z9rhQ71OqW4RCQjnEbMIvmdlJR2pWuuT6GW+3xCIXO81Dtv1DcoZZgLdSOPXAjdxQsWsMi6ZVnhiY5qKZYFOtuQwf4R+XBdIDF6hEXaYOpW0bi0ZNvSmOeb4tqyxl7PLuUx5LazKrpcmNLqs+Q8yt2YtzPrrDgezpG8MiJdFwzHoA+yL6gNOFrNenYmMYsf4P/vGP+p0ozZ2WaMTec/J/XThfgPnsv7n4NA8bnOUApZYcS3m8xtFfclI2T21YaAYNRpEd+K1feTn6J8vbCj/OeuJLZVABvlv9NZlP/WaZn/fxDIyn9W4orvnpQHq3TEdTYKfMDhkPYNG0kuyFFFfFCA3TNl+WLfIpeAXI1HR5LA5RzkZMiCe2az+tRc/3JgR/lnI2zpBhZhqcZfqwk23v80F+W/02yclvJ/CFg6/xUrbOIonIJ4/aHyAjPXwvraxwWuEXZDRRbuOh+BLyRudDeceTzy+e9eR13LnTyZ22Abo3m+21BtftmTRa6Mbgzo77xhNArUNAxUrarD3zQglaUqjuGyEvTrKKn4tnrIxMs95H/nD4E2yH8L5H5B/putMv//MPBZ5H9bCf1qr3tWS/tK1VekBCzFR67ebJ+Lo1Rm80WdMCGhenAdrp/uxa1QEQHJGFuMrxVbUlyoix44x7Tx4nsNWBxGO0xWPAbpYxTAtiPbq9wkFn0Qf+E9M38lGoVrC0tLvbhUZiY5YcyGwsHBHmB19pPOLTPlgqVeJapr9hqjLuFLJSMQa8ef6IpMm8XKfQiXexskaJe1qib3acpCLhhMeCUzEN9MpTTFyXtA7cU6rO6bVljcAsLETXgxcWkWxDK2x+GKRUEPOP6mRZVqaWlh4pEfAW1cIw9sdO12lxxZgrLTT/gTS9gDDdAPanf+n9ohYEB83xOv9RoOimYFFnw3dvFoJDJ8lfmLjwuzN7q783+rU8Kn9pT+N2FH/z+vS7eMBDbF/+360vlf+7SM/w8CS+o3ewmQl+oy/WulHn7qVdwfdpT/WYB3/x2QDfLfaHUWv/9rnpT5n4eBhQtxsb7qq2J7Meu7Ch4F5RZe/oajWY1VBjQOHWhyTe2ebk3Y3prDAGq21h5JhlrBjGIvNpeilS/USifJLZOlTi5hIalTyQfPv32e3tN7jt9zXXpPsslegC6IJM3Jp/rV1WSZKQ4T+onv7+Nu1TWzWeyWTf0QKZoeZfO9aFBd9yFD91z+1AkhkDUIANIUpcLMY1GxnH2cZlJsq8hV2JFbX1WkkikyCWBiPtnWZtruy0rXf3TYSv/PFJf2/QGoDfr/RCR7LP7+W6dR6v9DgMqBVfow/myxi+bid0LULayJ/4gYsZhQ99sKXognXSQdBvkaZFJne+49nnPxwV7+0EHoGGiu9a3Um9V23ZPHK4kWq3ZaF44skr/vsaFxo/mdbH1UAfGWTbVlS7PVjouswPGyPj9OtXmjXvfSongwOdYWOqcqzKKkKZNzGue+ZPNiAaUoXZmN2kVj7HI5iUx2bWrFlnAdVbLf6apZ6dwynXejsjTlsU/2W+njERhbmW4DM7AzVeKXbSROfY7M4hNFkfdMONDFSMarB45ReXuPXd2tHzdntm60YO3j83Homn7GfC/w6l8XSxqIjy1gyBhj/+YMUXVMISeqv0pOf0YmnuqxyGbPftgsi2Bd57o4LngwT0SGQoI1xyGNfwc25ZElGB6Zc4WjeHP5o0yfhztZ1I/DoizGz8yn/FBHleVM9S76579EzTEqyjuVnxEKClVOtGZtPk9WsU35Q2oySnvdZHT3xAmn0cgE9iX6uraqd1bnk8icLKh5PZs06zP+6SK9fDEaqe+rdbNpfn/Qy+sSSiihhBJKKKGEEkoooYQSSiihhBJKKKGEEkoooYQSSiihhBJKKEHCfwFUL/C7AHgAAA== values: image: - tag: v1.0.4-DEV + tag: v1.0.6-DEV fleetManager: kubeconfig: #base64 encoded kubeconfig of Fleet manager cluster with user that has write access to Cluster and Secret namespace: clusters diff --git a/pkg/controller/actuator.go b/pkg/controller/actuator.go index 38ae604..018f395 100644 --- a/pkg/controller/actuator.go +++ b/pkg/controller/actuator.go @@ -15,6 +15,7 @@ package controller import ( + "bytes" "context" "fmt" managed_resource_handler "github.com/ysoftdevs/gardener-extension-shoot-fleet-agent/pkg/controller/managed-resource-handler" @@ -52,14 +53,17 @@ import ( const ActuatorName = "shoot-fleet-agent-actuator" // KubeconfigSecretName name of secret that holds kubeconfig for Shoot -const KubeconfigSecretName = "kubecfg" +const KubeconfigSecretName = token_requestor_handler.TokenRequestorSecretName // KubeconfigKey key in KubeconfigSecretName secret that holds kubeconfig for Shoot -const KubeconfigKey = "kubeconfig" +const KubeconfigKey = token_requestor_handler.TokenRequestorSecretKey // DefaultConfigKey is the name of default config key. const DefaultConfigKey = "default" +// FleetClusterSecretDataKey is the key of the data item that holds the kubeconfig for the cluster in fleet +const FleetClusterSecretDataKey = "value" + // NewActuator returns an actuator responsible for Extension resources. func NewActuator(config config.Config) extension.Actuator { logger := log.Log.WithName(ActuatorName) @@ -202,9 +206,22 @@ func (a *actuator) InjectScheme(scheme *runtime.Scheme) error { // ReconcileClusterInFleetManager reconciles cluster registration in remote fleet manager func (a *actuator) ReconcileClusterInFleetManager(ctx context.Context, namespace string, cluster *extensions.Cluster, override *config.Config) error { - a.logger.Info("Starting with already registered check") labels := prepareLabels(cluster, getProjectConfig(cluster, &a.serviceConfig), getProjectConfig(cluster, override)) - registered, err := a.getFleetManager(cluster).GetCluster(ctx, buildCrdName(cluster)) + + a.logger.Info("Looking up Secret with KubeConfig for given Shoot.", "namespace", namespace, "secretName", KubeconfigSecretName) + kubeconfigSecret := &corev1.Secret{} + if err := a.client.Get(ctx, kutil.Key(namespace, KubeconfigSecretName), kubeconfigSecret); err != nil { + a.logger.Error(err, "Failed to find Secret with kubeconfig for Fleet registration.") + return err + } + + a.logger.Info("Checking if the fleet cluster already exists") + // Check whether we already have an existing cluster + _, err := a.getFleetManager(cluster).GetCluster(ctx, buildCrdName(cluster)) + if err != nil { + a.logger.Error(err, "Could not fetch fleet cluster") + return err + } // We cannot find the cluster because of an unknown error if err != nil && !errors.IsNotFound(err) { @@ -213,46 +230,67 @@ func (a *actuator) ReconcileClusterInFleetManager(ctx context.Context, namespace } // We cannot find the cluster because we haven't registered it yet - if err != nil && errors.IsNotFound(err) { + if errors.IsNotFound(err) { a.logger.Info("Creating fleet cluster", "shoot", cluster.Shoot.Name) - return a.registerNewClusterInFleet(ctx, namespace, cluster, labels) + return a.registerNewClusterInFleet(ctx, namespace, cluster, labels, kubeconfigSecret.Data[KubeconfigKey]) } - // The cluster we have in fleet is already in the correct state - if reflect.DeepEqual(registered.Labels, labels) { - a.logger.Info("Cluster already registered - skipping registration", "clientId", registered.Spec.ClientID) - return nil - } - - a.logger.Info("Updating labels of already registered cluster.", "clientId", registered.Spec.ClientID) - return a.updateClusterLabelsInFleet(ctx, registered, cluster, labels) + a.logger.Info("Updating existing fleet cluster") + return a.updateClusterInFleet(ctx, cluster, labels, kubeconfigSecret.Data[KubeconfigKey]) } -func (a *actuator) updateClusterLabelsInFleet(ctx context.Context, clusterRegistration *fleetv1alpha1.Cluster, cluster *extensions.Cluster, labels map[string]string) error { - clusterRegistration.Labels = labels - _, err := a.getFleetManager(cluster).UpdateCluster(ctx, clusterRegistration) +func (a *actuator) updateClusterInFleet(ctx context.Context, cluster *extensions.Cluster, labels map[string]string, kubeconfig []byte) error { + updated := false + clusterRegistration, err := a.getFleetManager(cluster).GetCluster(ctx, buildCrdName(cluster)) if err != nil { - a.logger.Error(err, "Failed to update cluster labels in Fleet registration.", "clusterName", clusterRegistration.Name) - } - return err -} - -func (a *actuator) registerNewClusterInFleet(ctx context.Context, namespace string, cluster *extensions.Cluster, labels map[string]string) error { - a.logger.Info("Looking up Secret with KubeConfig for given Shoot.", "namespace", namespace, "secretName", KubeconfigSecretName) - secret := &corev1.Secret{} - if err := a.client.Get(ctx, kutil.Key(namespace, KubeconfigSecretName), secret); err != nil { - a.logger.Error(err, "Failed to find Secret with kubeconfig for Fleet registration.") + a.logger.Error(err, "Could not fetch fleet cluster") return err } + fleetKubeconfigSecret, err := a.getFleetManager(cluster).GetKubeconfigSecret(ctx, buildKubecfgName(cluster)) + if err != nil { + a.logger.Error(err, "Could not fetch fleet kubeconfig secret") + return err + } + + if !reflect.DeepEqual(clusterRegistration.Labels, labels) { + a.logger.Info("Cluster labels changed, updating") + clusterRegistration.Labels = labels + _, err := a.getFleetManager(cluster).UpdateCluster(ctx, clusterRegistration) + if err != nil { + a.logger.Error(err, "Failed to update cluster labels in Fleet registration.", "clusterName", clusterRegistration.Name) + return err + } + updated = true + } + + if bytes.Compare(fleetKubeconfigSecret.Data[FleetClusterSecretDataKey], kubeconfig) != 0 { + a.logger.Info("Shoot kubeconfig changed, updating") + fleetKubeconfigSecret.Data[FleetClusterSecretDataKey] = kubeconfig + _, err := a.getFleetManager(cluster).UpdateKubeconfigSecret(ctx, fleetKubeconfigSecret) + if err != nil { + a.logger.Error(err, "Failed to update kuebconfig secret in Fleet registration.", "clusterName", clusterRegistration.Name) + return err + } + updated = true + } + + if updated { + a.logger.Info("Cluster successfully updated.") + } else { + a.logger.Info("Cluster is already up to date.") + } + return nil +} + +func (a *actuator) registerNewClusterInFleet(ctx context.Context, namespace string, cluster *extensions.Cluster, labels map[string]string, kubeconfig []byte) error { secretData := make(map[string][]byte) - secretData["value"] = secret.Data[KubeconfigKey] - a.logger.Info("Loaded kubeconfig from secret", "kubeconfig", secret, "namespace", namespace) + secretData[FleetClusterSecretDataKey] = kubeconfig const fleetRegisterNamespace = "clusters" kubeconfigSecret := corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ - Name: "kubecfg-" + buildCrdName(cluster), + Name: buildKubecfgName(cluster), Namespace: fleetRegisterNamespace, }, Data: secretData, @@ -330,9 +368,14 @@ func getProjectConfig(cluster *extensions.Cluster, serviceConfig *config.Config) return projectConfig } +// buildCrdName creates a unique name for cluster registration resources in Fleet manager cluster +func buildKubecfgName(cluster *extensions.Cluster) string { + return fmt.Sprintf("kubecfg-%s", buildCrdName(cluster)) +} + // buildCrdName creates a unique name for cluster registration resources in Fleet manager cluster func buildCrdName(cluster *extensions.Cluster) string { - return cluster.Seed.Name + "" + cluster.Shoot.Name + return fmt.Sprintf("%s%s", cluster.Seed.Name, cluster.Shoot.Name) } // isShootedSeedCluster checks if clusters purpose is Infrastructure diff --git a/pkg/controller/fleetmanager.go b/pkg/controller/fleetmanager.go index 7caefc5..fcb352f 100644 --- a/pkg/controller/fleetmanager.go +++ b/pkg/controller/fleetmanager.go @@ -63,6 +63,16 @@ func (f *FleetManager) GetCluster(ctx context.Context, clusterName string) (*v1a return f.fleetClient.FleetV1alpha1().Clusters(f.namespace).Get(ctx, clusterName, metav1.GetOptions{}) } +// GetKubeconfigSecret registers a clusters kubeconfig secret in remote fleet +func (f *FleetManager) GetKubeconfigSecret(ctx context.Context, secretName string) (*corev1.Secret, error) { + return f.secretClient.CoreV1().Secrets(f.namespace).Get(ctx, secretName, metav1.GetOptions{}) +} + +// UpdateKubeconfigSecret updates kubeconfig secret in remote fleet +func (f *FleetManager) UpdateKubeconfigSecret(ctx context.Context, secret *corev1.Secret) (*corev1.Secret, error) { + return f.secretClient.CoreV1().Secrets(f.namespace).Update(ctx, secret, metav1.UpdateOptions{}) +} + // CreateKubeconfigSecret registers a clusters kubeconfig secret in remote fleet func (f *FleetManager) CreateKubeconfigSecret(ctx context.Context, secret *corev1.Secret) (*corev1.Secret, error) { return f.secretClient.CoreV1().Secrets(f.namespace).Create(ctx, secret, metav1.CreateOptions{}) From fd217747d4389050b7b0eaeecb7f777815c7e324 Mon Sep 17 00:00:00 2001 From: pvito Date: Fri, 1 Jul 2022 23:36:27 +0200 Subject: [PATCH 09/12] Replace kubeconfig server url with actual ingress URL from shoot status. --- pkg/controller/token-requestor-handler/handler.go | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/pkg/controller/token-requestor-handler/handler.go b/pkg/controller/token-requestor-handler/handler.go index 92e4b14..8ecb7a4 100644 --- a/pkg/controller/token-requestor-handler/handler.go +++ b/pkg/controller/token-requestor-handler/handler.go @@ -95,6 +95,19 @@ func (t *TokenRequestorHandler) isTokenInserted() bool { func (t *TokenRequestorHandler) createKubeconfigSecretFromGeneric() error { kubeconfig, err := t.getGenericKubeconfig() + s := false + for _, value := range t.cluster.Shoot.Status.AdvertisedAddresses { + // check for external URL server + if value.Name == "external" { + kubeconfig.Clusters[0].Cluster.Server = value.URL + s = true + break + } + } + if s != true { + t.logger.Info(fmt.Sprintf("Shoot status doesn't contain external URL address.")) + return err + } if err != nil { return err } From 6da54ab7df6bdfa92ee698f7296d9a5d190bdb56 Mon Sep 17 00:00:00 2001 From: pvito Date: Fri, 8 Jul 2022 22:21:46 +0200 Subject: [PATCH 10/12] Skip existing cluster check for now. --- pkg/controller/actuator.go | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/pkg/controller/actuator.go b/pkg/controller/actuator.go index 018f395..5e9efa4 100644 --- a/pkg/controller/actuator.go +++ b/pkg/controller/actuator.go @@ -214,14 +214,14 @@ func (a *actuator) ReconcileClusterInFleetManager(ctx context.Context, namespace a.logger.Error(err, "Failed to find Secret with kubeconfig for Fleet registration.") return err } - - a.logger.Info("Checking if the fleet cluster already exists") + // skip this check for now + // a.logger.Info("Checking if the fleet cluster already exists") // Check whether we already have an existing cluster - _, err := a.getFleetManager(cluster).GetCluster(ctx, buildCrdName(cluster)) - if err != nil { - a.logger.Error(err, "Could not fetch fleet cluster") - return err - } + //_, err := a.getFleetManager(cluster).GetCluster(ctx, buildCrdName(cluster)) + //if err != nil { + // a.logger.Error(err, "Could not fetch fleet cluster") + // return err + //} // We cannot find the cluster because of an unknown error if err != nil && !errors.IsNotFound(err) { From 5c297accd3b86b4163f823a9d42b1f1268dcc56f Mon Sep 17 00:00:00 2001 From: pvito Date: Fri, 8 Jul 2022 22:28:33 +0200 Subject: [PATCH 11/12] Skip existing cluster check for now. --- pkg/controller/actuator.go | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/pkg/controller/actuator.go b/pkg/controller/actuator.go index 5e9efa4..dfc1fa7 100644 --- a/pkg/controller/actuator.go +++ b/pkg/controller/actuator.go @@ -214,14 +214,14 @@ func (a *actuator) ReconcileClusterInFleetManager(ctx context.Context, namespace a.logger.Error(err, "Failed to find Secret with kubeconfig for Fleet registration.") return err } - // skip this check for now - // a.logger.Info("Checking if the fleet cluster already exists") + + a.logger.Info("Checking if the fleet cluster already exists") // Check whether we already have an existing cluster - //_, err := a.getFleetManager(cluster).GetCluster(ctx, buildCrdName(cluster)) - //if err != nil { - // a.logger.Error(err, "Could not fetch fleet cluster") - // return err - //} + _, err := a.getFleetManager(cluster).GetCluster(ctx, buildCrdName(cluster)) + if err != nil { + a.logger.Error(err, "Could not fetch fleet cluster") + //return err + } // We cannot find the cluster because of an unknown error if err != nil && !errors.IsNotFound(err) { From cf6651771b569ccacd8af99d661c90a3660b9278 Mon Sep 17 00:00:00 2001 From: pvito Date: Mon, 11 Jul 2022 10:47:04 +0200 Subject: [PATCH 12/12] Removing unnecessary err check. --- pkg/controller/actuator.go | 4 ---- 1 file changed, 4 deletions(-) diff --git a/pkg/controller/actuator.go b/pkg/controller/actuator.go index dfc1fa7..61294f5 100644 --- a/pkg/controller/actuator.go +++ b/pkg/controller/actuator.go @@ -218,10 +218,6 @@ func (a *actuator) ReconcileClusterInFleetManager(ctx context.Context, namespace a.logger.Info("Checking if the fleet cluster already exists") // Check whether we already have an existing cluster _, err := a.getFleetManager(cluster).GetCluster(ctx, buildCrdName(cluster)) - if err != nil { - a.logger.Error(err, "Could not fetch fleet cluster") - //return err - } // We cannot find the cluster because of an unknown error if err != nil && !errors.IsNotFound(err) {