wire in bootstrap/config

Author: mjudeikis

examples/kcp/Makefile

@@ -37,19 +37,26 @@ build: $(KCP) $(KCP_APIGEN_GEN) $(CONTROLLER_GEN)
 .PHONY: kcp-server
 kcp-server: $(KCP) $(ARTIFACT_DIR)/kcp ## Run the kcp server.
 	@if [[ ! -s $(ARTIFACT_DIR)/kcp.log ]]; then ( $(KCP) start -v 5 --root-directory $(ARTIFACT_DIR)/kcp --kubeconfig-path $(ARTIFACT_DIR)/kcp.kubeconfig --audit-log-maxsize 1024 --audit-log-mode=batch --audit-log-batch-max-wait=1s --audit-log-batch-max-size=1000 --audit-log-batch-buffer-size=10000 --audit-log-batch-throttle-burst=15 --audit-log-batch-throttle-enable=true --audit-log-batch-throttle-qps=10 --audit-policy-file ./test/e2e/audit-policy.yaml --audit-log-path $(ARTIFACT_DIR)/audit.log >$(ARTIFACT_DIR)/kcp.log 2>&1 & ); fi
+	@echo "Waiting for kcp server to generate kubeconfig..."
 	@while true; do if [[ ! -s $(ARTIFACT_DIR)/kcp.kubeconfig ]]; then sleep 0.2; else break; fi; done
+	@echo "Waiting for kcp server to be ready..."
 	@while true; do if ! kubectl --kubeconfig $(ARTIFACT_DIR)/kcp.kubeconfig get --raw /readyz >$(ARTIFACT_DIR)/kcp.probe.log 2>&1; then sleep 0.2; else break; fi; done
+	@echo "kcp server is ready."
 
 .PHONY: test-e2e-cleanup
 test-cleanup: ## Clean up processes and directories from an end-to-end test run.
 	rm -rf $(ARTIFACT_DIR) || true
 	pkill -sigterm kcp || true
 	pkill -sigterm kubectl || true
 
-ARTIFACT_DIR ?= .test
-
 $(ARTIFACT_DIR)/kcp: ## Create a directory for the kcp server data.
 	mkdir -p $(ARTIFACT_DIR)/kcp
 
 generate: build
 	./hack/update-codegen-crds.sh
+
+
+bootstrap:
+	export KUBECONFIG=./.test/kcp.kubeconfig
+	@go run ./config/main.go
+

examples/kcp/config/helpers/bootstrap.go

@@ -0,0 +1,172 @@
+package helpers
+
+import (
+	"bufio"
+	"bytes"
+	"context"
+	"embed"
+	"errors"
+	"fmt"
+	"io"
+	"strings"
+	"text/template"
+	"time"
+
+	extensionsapiserver "k8s.io/apiextensions-apiserver/pkg/apiserver"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/apimachinery/pkg/types"
+	apimachineryerrors "k8s.io/apimachinery/pkg/util/errors"
+	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/apimachinery/pkg/util/wait"
+	kubeyaml "k8s.io/apimachinery/pkg/util/yaml"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/log"
+)
+
+// Bootstrap creates resources in a package's fs by
+// continuously retrying the list. This is blocking, i.e. it only returns (with error)
+// when the context is closed or with nil when the bootstrapping is successfully completed.
+func Bootstrap(ctx context.Context, client client.Client, fs embed.FS, batteriesIncluded sets.Set[string]) error {
+	// bootstrap non-crd resources
+	return wait.PollUntilContextCancel(ctx, time.Second, true, func(ctx context.Context) (bool, error) {
+		if err := CreateResourcesFromFS(ctx, client, fs, batteriesIncluded); err != nil {
+			log.FromContext(ctx).WithValues("err", err).Info("failed to bootstrap resources, retrying")
+			return false, nil
+		}
+		return true, nil
+	})
+}
+
+// CreateResourcesFromFS creates all resources from a filesystem.
+func CreateResourcesFromFS(ctx context.Context, client client.Client, fs embed.FS, batteriesIncluded sets.Set[string]) error {
+	files, err := fs.ReadDir(".")
+	if err != nil {
+		return err
+	}
+
+	var errs []error
+	for _, f := range files {
+		if f.IsDir() {
+			continue
+		}
+		if err := CreateResourceFromFS(ctx, client, f.Name(), fs, batteriesIncluded); err != nil {
+			errs = append(errs, err)
+		}
+	}
+	return apimachineryerrors.NewAggregate(errs)
+}
+
+// CreateResourceFromFS creates given resource file.
+func CreateResourceFromFS(ctx context.Context, client client.Client, filename string, fs embed.FS, batteriesIncluded sets.Set[string]) error {
+	raw, err := fs.ReadFile(filename)
+	if err != nil {
+		return fmt.Errorf("could not read %s: %w", filename, err)
+	}
+
+	if len(raw) == 0 {
+		return nil // ignore empty files
+	}
+
+	d := kubeyaml.NewYAMLReader(bufio.NewReader(bytes.NewReader(raw)))
+	var errs []error
+	for i := 1; ; i++ {
+		doc, err := d.Read()
+		if errors.Is(err, io.EOF) {
+			break
+		} else if err != nil {
+			return err
+		}
+		if len(bytes.TrimSpace(doc)) == 0 {
+			continue
+		}
+
+		if err := createResourceFromFS(ctx, client, doc, batteriesIncluded); err != nil {
+			errs = append(errs, fmt.Errorf("failed to create resource %s doc %d: %w", filename, i, err))
+		}
+	}
+	return apimachineryerrors.NewAggregate(errs)
+}
+
+const annotationCreateOnlyKey = "bootstrap.kcp.io/create-only"
+const annotationBattery = "bootstrap.kcp.io/battery"
+
+func createResourceFromFS(ctx context.Context, client client.Client, raw []byte, batteriesIncluded sets.Set[string]) error {
+	log := log.FromContext(ctx)
+
+	type Input struct {
+		Batteries map[string]bool
+	}
+	input := Input{
+		Batteries: map[string]bool{},
+	}
+	for _, b := range sets.List[string](batteriesIncluded) {
+		input.Batteries[b] = true
+	}
+	tmpl, err := template.New("manifest").Parse(string(raw))
+	if err != nil {
+		return fmt.Errorf("failed to parse manifest: %w", err)
+	}
+	var buf bytes.Buffer
+	if err := tmpl.Execute(&buf, input); err != nil {
+		return fmt.Errorf("failed to execute manifest: %w", err)
+	}
+
+	obj, gvk, err := extensionsapiserver.Codecs.UniversalDeserializer().Decode(buf.Bytes(), nil, &unstructured.Unstructured{})
+	if err != nil {
+		return fmt.Errorf("could not decode raw: %w", err)
+	}
+	u, ok := obj.(*unstructured.Unstructured)
+	if !ok {
+		return fmt.Errorf("decoded into incorrect type, got %T, wanted %T", obj, &unstructured.Unstructured{})
+	}
+
+	if v, found := u.GetAnnotations()[annotationBattery]; found {
+		partOf := strings.Split(v, ",")
+		included := false
+		for _, p := range partOf {
+			if batteriesIncluded.Has(strings.TrimSpace(p)) {
+				included = true
+				break
+			}
+		}
+		if !included {
+			log.V(4).WithValues("resource", u.GetName(), "batteriesRequired", v, "batteriesIncluded", batteriesIncluded).Info("skipping resource because required batteries are not among included batteries")
+			return nil
+		}
+	}
+
+	key := types.NamespacedName{
+		Namespace: u.GetNamespace(),
+		Name:      u.GetName(),
+	}
+	err = client.Create(ctx, u)
+	if err != nil {
+		if apierrors.IsAlreadyExists(err) {
+			err = client.Get(ctx, key, u)
+			if err != nil {
+				return err
+			}
+
+			if _, exists := u.GetAnnotations()[annotationCreateOnlyKey]; exists {
+				log.Info("skipping update of object because it has the create-only annotation")
+
+				return nil
+			}
+
+			u.SetResourceVersion(u.GetResourceVersion())
+			err = client.Update(ctx, u)
+			if err != nil {
+				return fmt.Errorf("could not update %s %s: %w", gvk.Kind, key.String(), err)
+			} else {
+				log.WithValues("resource", u.GetName(), "kind", gvk.Kind).Info("updated object")
+				return nil
+			}
+		}
+		return err
+	}
+
+	log.WithValues("resource", u.GetName(), "kind", gvk.Kind).Info("created object")
+
+	return nil
+}

examples/kcp/config/main.go

@@ -0,0 +1,108 @@
+/*
+Copyright 2024 The KCP Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package main
+
+import (
+	"net/url"
+
+	"github.com/davecgh/go-spew/spew"
+	apisv1alpha1 "github.com/kcp-dev/kcp/sdk/apis/apis/v1alpha1"
+	corev1alpha1 "github.com/kcp-dev/kcp/sdk/apis/core/v1alpha1"
+	tenancyv1alpha1 "github.com/kcp-dev/kcp/sdk/apis/tenancy/v1alpha1"
+	"k8s.io/apimachinery/pkg/runtime"
+	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+	"k8s.io/apimachinery/pkg/util/sets"
+	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/log/zap"
+
+	widgets "github.com/kcp-dev/controller-runtime/examples/kcp/config/widgets"
+	"github.com/kcp-dev/controller-runtime/examples/kcp/config/widgets/resources"
+	"sigs.k8s.io/controller-runtime/pkg/log"
+)
+
+// config is bootstrap set of assets for the controller-runtime examples.
+// It includes the following assets:
+// - crds/* for the Widget type - autogenerated from the Widget type definition
+// - widgets/resources/* - a set of Widget resources for KCP to manage. Automatically generated by kcp apigen
+// see Makefile & hack/update-codegen-crds.sh for more details
+
+// It is intended to be running with higher privileges than the examples themselves
+// to ensure system (kcp) is bootstrapped. In real world scenarios, this would be
+// done by the platform operator to enable service providers to deploy their
+// controllers.
+
+var (
+	scheme = runtime.NewScheme()
+)
+
+func init() {
+	utilruntime.Must(tenancyv1alpha1.AddToScheme(scheme))
+	utilruntime.Must(clientgoscheme.AddToScheme(scheme))
+	utilruntime.Must(corev1alpha1.AddToScheme(scheme))
+	utilruntime.Must(apisv1alpha1.AddToScheme(scheme))
+
+}
+
+var (
+	// clusterName is the workspace to host common APIs.
+	clusterName = "widgets"
+)
+
+func main() {
+	opts := zap.Options{
+		Development: true,
+	}
+	ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts)))
+
+	ctx := ctrl.SetupSignalHandler()
+	restConfig := ctrl.GetConfigOrDie()
+
+	log := log.FromContext(ctx)
+
+	c, err := client.New(restConfig, client.Options{
+		Scheme: scheme,
+	})
+	if err != nil {
+		log.Error(err, "unable to create client")
+	}
+	fakeBatteries := sets.New("")
+
+	err = widgets.Bootstrap(ctx, c, fakeBatteries)
+	if err != nil {
+		log.Error(err, "failed to bootstrap widgets")
+	}
+
+	// Hack to set the clusterName in the restConfig.Host
+	restConfig.Host = restConfig.Host + ":" + url.PathEscape(clusterName)
+	if err != nil {
+		log.Error(err, "unable to set clusterName")
+	}
+	spew.Dump(restConfig.Host)
+	c, err = client.New(restConfig, client.Options{
+		Scheme: scheme,
+	})
+	if err != nil {
+		log.Error(err, "unable to create client")
+	}
+
+	err = resources.Bootstrap(ctx, c, fakeBatteries)
+	if err != nil {
+		log.Error(err, "failed to bootstrap resources")
+	}
+}

examples/kcp/config/widgets/bootstrap.go

@@ -0,0 +1,45 @@
+/*
+Copyright 2024 The KCP Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package widdgets
+
+import (
+	"context"
+	"embed"
+
+	"k8s.io/apimachinery/pkg/util/sets"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/log"
+
+	confighelpers "github.com/kcp-dev/controller-runtime/examples/kcp/config/helpers"
+)
+
+//go:embed *.yaml
+var fs embed.FS
+
+// Bootstrap creates resources in this package by continuously retrying the list.
+// This is blocking, i.e. it only returns (with error) when the context is closed or with nil when
+// the bootstrapping is successfully completed.
+func Bootstrap(
+	ctx context.Context,
+	client client.Client,
+	batteriesIncluded sets.Set[string],
+) error {
+	log := log.FromContext(ctx)
+
+	log.Info("Bootstrapping widgets workspace")
+	return confighelpers.Bootstrap(ctx, client, fs, batteriesIncluded)
+}

examples/kcp/config/widgets/clusterworkspace.yaml

@@ -0,0 +1,14 @@
+apiVersion: tenancy.kcp.io/v1alpha1
+kind: Workspace
+metadata:
+  name: widgets
+  annotations:
+    bootstrap.kcp.io/create-only: "true"
+spec:
+  type:
+    name: universal
+    path: root
+  location:
+    selector:
+      matchLabels:
+        name: root