From 9f1b68f865bb1e52979511907a1a0d3a6169a16d Mon Sep 17 00:00:00 2001 From: Wahab Ali Date: Fri, 20 Dec 2024 11:55:47 -0500 Subject: [PATCH 1/2] Expose additional sveltos settings for service deployment --- api/v1alpha1/clusterdeployment_types.go | 23 +- api/v1alpha1/indexers.go | 6 +- api/v1alpha1/multiclusterservice_types.go | 37 ++- api/v1alpha1/zz_generated.deepcopy.go | 50 +++- .../clusterdeployment_controller.go | 11 +- .../clusterdeployment_controller_test.go | 10 +- .../multiclusterservice_controller.go | 13 +- .../multiclusterservice_controller_test.go | 18 +- internal/sveltos/profile.go | 28 +- internal/webhook/clusterdeployment_webhook.go | 8 +- .../webhook/multiclusterservice_webhook.go | 6 +- .../hmc.mirantis.com_clusterdeployments.yaml | 277 ++++++++++++++---- ...hmc.mirantis.com_multiclusterservices.yaml | 277 ++++++++++++++---- .../clusterdeployment/clusterdeployment.go | 2 +- .../multiclusterservice.go | 2 +- 15 files changed, 574 insertions(+), 194 deletions(-) diff --git a/api/v1alpha1/clusterdeployment_types.go b/api/v1alpha1/clusterdeployment_types.go index dc56d98be..2eaf4a63e 100644 --- a/api/v1alpha1/clusterdeployment_types.go +++ b/api/v1alpha1/clusterdeployment_types.go @@ -65,29 +65,10 @@ type ClusterDeploymentSpec struct { // for use by CCM (Cloud Controller Manager). // +kubebuilder:default:=true PropagateCredentials bool `json:"propagateCredentials,omitempty"` - // Services is a list of services created via ServiceTemplates - // that could be installed on the target cluster. - Services []ServiceSpec `json:"services,omitempty"` - - // +kubebuilder:default:=100 - // +kubebuilder:validation:Minimum=1 - // +kubebuilder:validation:Maximum=2147483646 - - // ServicesPriority sets the priority for the services defined in this spec. - // Higher value means higher priority and lower means lower. - // In case of conflict with another object managing the service, - // the one with higher priority will get to deploy its services. - ServicesPriority int32 `json:"servicesPriority,omitempty"` + // ServiceSpec is spec related to deployment of services. + ServiceSpec ServiceSpec `json:"serviceSpec,omitempty"` // DryRun specifies whether the template should be applied after validation or only validated. DryRun bool `json:"dryRun,omitempty"` - - // +kubebuilder:default:=false - - // StopOnConflict specifies what to do in case of a conflict. - // E.g. If another object is already managing a service. - // By default the remaining services will be deployed even if conflict is detected. - // If set to true, the deployment will stop after encountering the first conflict. - StopOnConflict bool `json:"stopOnConflict,omitempty"` } // ClusterDeploymentStatus defines the observed state of ClusterDeployment diff --git a/api/v1alpha1/indexers.go b/api/v1alpha1/indexers.go index 222ce8b69..066a7cb97 100644 --- a/api/v1alpha1/indexers.go +++ b/api/v1alpha1/indexers.go @@ -78,7 +78,7 @@ func ExtractServiceTemplateNamesFromClusterDeployment(rawObj client.Object) []st } templates := []string{} - for _, s := range cluster.Spec.Services { + for _, s := range cluster.Spec.ServiceSpec.Services { templates = append(templates, s.Template) } @@ -204,8 +204,8 @@ func ExtractServiceTemplateNamesFromMultiClusterService(rawObj client.Object) [] return nil } - templates := make([]string, len(mcs.Spec.Services)) - for i, s := range mcs.Spec.Services { + templates := make([]string, len(mcs.Spec.ServiceSpec.Services)) + for i, s := range mcs.Spec.ServiceSpec.Services { templates[i] = s.Template } diff --git a/api/v1alpha1/multiclusterservice_types.go b/api/v1alpha1/multiclusterservice_types.go index 70cd7b1ef..9f7d118ac 100644 --- a/api/v1alpha1/multiclusterservice_types.go +++ b/api/v1alpha1/multiclusterservice_types.go @@ -15,6 +15,7 @@ package v1alpha1 import ( + sveltosv1beta1 "github.com/projectsveltos/addon-controller/api/v1beta1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -37,8 +38,8 @@ const ( FetchServicesStatusSuccessCondition = "FetchServicesStatusSuccess" ) -// ServiceSpec represents a Service to be managed -type ServiceSpec struct { +// Service represents a Service to be deployed. +type Service struct { // Values is the helm values to be passed to the chart used by the template. // The string type is used in order to allow for templating. Values string `json:"values,omitempty"` @@ -57,27 +58,35 @@ type ServiceSpec struct { // Namespace is the namespace the release will be installed in. // It will default to Name if not provided. Namespace string `json:"namespace,omitempty"` + // ValuesFrom can reference a ConfigMap or Secret containing helm values. + ValuesFrom []sveltosv1beta1.ValueFrom `json:"valuesFrom,omitempty"` // Disable can be set to disable handling of this service. Disable bool `json:"disable,omitempty"` } -// MultiClusterServiceSpec defines the desired state of MultiClusterService -type MultiClusterServiceSpec struct { - // ClusterSelector identifies target clusters to manage services on. - ClusterSelector metav1.LabelSelector `json:"clusterSelector,omitempty"` +// ServiceSpec contains all the spec related to deployment of services. +type ServiceSpec struct { // Services is a list of services created via ServiceTemplates // that could be installed on the target cluster. - Services []ServiceSpec `json:"services,omitempty"` + Services []Service `json:"services,omitempty"` + // TemplateResourceRefs is a list of resources to collect from the management cluster, + // the values from which can be used in templates. + TemplateResourceRefs []sveltosv1beta1.TemplateResourceRef `json:"templateResourceRefs,omitempty"` + // PolicyRefs is a list of kubernetes resources that need to be deployed in matching clusters. + // These resources may contain static values or leverage Go templates for dynamic customization. + // When expressed as templates, the values are rendered using data from resources + // (like Cluster & TemplateResourceRefs) within the management cluster before deployement. + PolicyRefs []sveltosv1beta1.PolicyRef `json:"policyRefs,omitempty"` // +kubebuilder:default:=100 // +kubebuilder:validation:Minimum=1 // +kubebuilder:validation:Maximum=2147483646 - // ServicesPriority sets the priority for the services defined in this spec. + // Priority sets the priority for the services defined in this spec. // Higher value means higher priority and lower means lower. // In case of conflict with another object managing the service, // the one with higher priority will get to deploy its services. - ServicesPriority int32 `json:"servicesPriority,omitempty"` + Priority int32 `json:"priority,omitempty"` // +kubebuilder:default:=false @@ -86,6 +95,16 @@ type MultiClusterServiceSpec struct { // By default the remaining services will be deployed even if conflict is detected. // If set to true, the deployment will stop after encountering the first conflict. StopOnConflict bool `json:"stopOnConflict,omitempty"` + // Reload instances via rolling upgrade when a ConfigMap/Secret mounted as volume is modified. + Reload bool `json:"reload,omitempty"` +} + +// MultiClusterServiceSpec defines the desired state of MultiClusterService +type MultiClusterServiceSpec struct { + // ClusterSelector identifies target clusters to manage services on. + ClusterSelector metav1.LabelSelector `json:"clusterSelector,omitempty"` + // ServiceSpec is spec related to deployment of services. + ServiceSpec ServiceSpec `json:"serviceSpec,omitempty"` } // ServiceStatus contains details for the state of services. diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 75d485b31..057b495bf 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -21,6 +21,7 @@ package v1alpha1 import ( "github.com/fluxcd/helm-controller/api/v2" apiv1 "github.com/fluxcd/source-controller/api/v1" + "github.com/projectsveltos/addon-controller/api/v1beta1" velerov1 "github.com/zerospiel/velero/pkg/apis/velero/v1" corev1 "k8s.io/api/core/v1" apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" @@ -352,11 +353,7 @@ func (in *ClusterDeploymentSpec) DeepCopyInto(out *ClusterDeploymentSpec) { *out = new(apiextensionsv1.JSON) (*in).DeepCopyInto(*out) } - if in.Services != nil { - in, out := &in.Services, &out.Services - *out = make([]ServiceSpec, len(*in)) - copy(*out, *in) - } + in.ServiceSpec.DeepCopyInto(&out.ServiceSpec) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterDeploymentSpec. @@ -1000,11 +997,7 @@ func (in *MultiClusterServiceList) DeepCopyObject() runtime.Object { func (in *MultiClusterServiceSpec) DeepCopyInto(out *MultiClusterServiceSpec) { *out = *in in.ClusterSelector.DeepCopyInto(&out.ClusterSelector) - if in.Services != nil { - in, out := &in.Services, &out.Services - *out = make([]ServiceSpec, len(*in)) - copy(*out, *in) - } + in.ServiceSpec.DeepCopyInto(&out.ServiceSpec) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MultiClusterServiceSpec. @@ -1315,9 +1308,46 @@ func (in *ReleaseStatus) DeepCopy() *ReleaseStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Service) DeepCopyInto(out *Service) { + *out = *in + if in.ValuesFrom != nil { + in, out := &in.ValuesFrom, &out.ValuesFrom + *out = make([]v1beta1.ValueFrom, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Service. +func (in *Service) DeepCopy() *Service { + if in == nil { + return nil + } + out := new(Service) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ServiceSpec) DeepCopyInto(out *ServiceSpec) { *out = *in + if in.Services != nil { + in, out := &in.Services, &out.Services + *out = make([]Service, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TemplateResourceRefs != nil { + in, out := &in.TemplateResourceRefs, &out.TemplateResourceRefs + *out = make([]v1beta1.TemplateResourceRef, len(*in)) + copy(*out, *in) + } + if in.PolicyRefs != nil { + in, out := &in.PolicyRefs, &out.PolicyRefs + *out = make([]v1beta1.PolicyRef, len(*in)) + copy(*out, *in) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceSpec. diff --git a/internal/controller/clusterdeployment_controller.go b/internal/controller/clusterdeployment_controller.go index f0b3bec30..2513bbfd4 100644 --- a/internal/controller/clusterdeployment_controller.go +++ b/internal/controller/clusterdeployment_controller.go @@ -448,7 +448,7 @@ func (r *ClusterDeploymentReconciler) updateServices(ctx context.Context, mc *hm err = errors.Join(err, servicesErr) }() - opts, err := sveltos.GetHelmChartOpts(ctx, r.Client, mc.Namespace, mc.Spec.Services) + opts, err := sveltos.GetHelmChartOpts(ctx, r.Client, mc.Namespace, mc.Spec.ServiceSpec.Services) if err != nil { return ctrl.Result{}, err } @@ -467,9 +467,12 @@ func (r *ClusterDeploymentReconciler) updateServices(ctx context.Context, mc *hm hmc.FluxHelmChartNameKey: mc.Name, }, }, - HelmChartOpts: opts, - Priority: mc.Spec.ServicesPriority, - StopOnConflict: mc.Spec.StopOnConflict, + HelmChartOpts: opts, + Priority: mc.Spec.ServiceSpec.Priority, + StopOnConflict: mc.Spec.ServiceSpec.StopOnConflict, + Reload: mc.Spec.ServiceSpec.Reload, + TemplateResourceRefs: mc.Spec.ServiceSpec.TemplateResourceRefs, + PolicyRefs: mc.Spec.ServiceSpec.PolicyRefs, }); err != nil { return ctrl.Result{}, fmt.Errorf("failed to reconcile Profile: %w", err) } diff --git a/internal/controller/clusterdeployment_controller_test.go b/internal/controller/clusterdeployment_controller_test.go index 0c62feccd..1fe200fa6 100644 --- a/internal/controller/clusterdeployment_controller_test.go +++ b/internal/controller/clusterdeployment_controller_test.go @@ -373,10 +373,12 @@ var _ = Describe("ClusterDeployment Controller", func() { Spec: hmc.ClusterDeploymentSpec{ Template: clusterTemplate.Name, Credential: awsCredential.Name, - Services: []hmc.ServiceSpec{ - { - Template: serviceTemplate.Name, - Name: "test-service", + ServiceSpec: hmc.ServiceSpec{ + Services: []hmc.Service{ + { + Template: serviceTemplate.Name, + Name: "test-service", + }, }, }, Config: &apiextensionsv1.JSON{ diff --git a/internal/controller/multiclusterservice_controller.go b/internal/controller/multiclusterservice_controller.go index fa922f3de..ace309415 100644 --- a/internal/controller/multiclusterservice_controller.go +++ b/internal/controller/multiclusterservice_controller.go @@ -123,7 +123,7 @@ func (r *MultiClusterServiceReconciler) reconcileUpdate(ctx context.Context, mcs // We are enforcing that MultiClusterService may only use // ServiceTemplates that are present in the system namespace. - opts, err := sveltos.GetHelmChartOpts(ctx, r.Client, r.SystemNamespace, mcs.Spec.Services) + opts, err := sveltos.GetHelmChartOpts(ctx, r.Client, r.SystemNamespace, mcs.Spec.ServiceSpec.Services) if err != nil { return ctrl.Result{}, err } @@ -136,10 +136,13 @@ func (r *MultiClusterServiceReconciler) reconcileUpdate(ctx context.Context, mcs Name: mcs.Name, UID: mcs.UID, }, - LabelSelector: mcs.Spec.ClusterSelector, - HelmChartOpts: opts, - Priority: mcs.Spec.ServicesPriority, - StopOnConflict: mcs.Spec.StopOnConflict, + LabelSelector: mcs.Spec.ClusterSelector, + HelmChartOpts: opts, + Priority: mcs.Spec.ServiceSpec.Priority, + StopOnConflict: mcs.Spec.ServiceSpec.StopOnConflict, + Reload: mcs.Spec.ServiceSpec.Reload, + TemplateResourceRefs: mcs.Spec.ServiceSpec.TemplateResourceRefs, + PolicyRefs: mcs.Spec.ServiceSpec.PolicyRefs, }); err != nil { return ctrl.Result{}, fmt.Errorf("failed to reconcile ClusterProfile: %w", err) } diff --git a/internal/controller/multiclusterservice_controller_test.go b/internal/controller/multiclusterservice_controller_test.go index d8094774f..5bb4df823 100644 --- a/internal/controller/multiclusterservice_controller_test.go +++ b/internal/controller/multiclusterservice_controller_test.go @@ -216,14 +216,16 @@ var _ = Describe("MultiClusterService Controller", func() { }, }, Spec: hmc.MultiClusterServiceSpec{ - Services: []hmc.ServiceSpec{ - { - Template: serviceTemplate1Name, - Name: helmChartReleaseName, - }, - { - Template: serviceTemplate2Name, - Name: helmChartReleaseName, + ServiceSpec: hmc.ServiceSpec{ + Services: []hmc.Service{ + { + Template: serviceTemplate1Name, + Name: helmChartReleaseName, + }, + { + Template: serviceTemplate2Name, + Name: helmChartReleaseName, + }, }, }, }, diff --git a/internal/sveltos/profile.go b/internal/sveltos/profile.go index 14e777e39..8e0cb2305 100644 --- a/internal/sveltos/profile.go +++ b/internal/sveltos/profile.go @@ -33,11 +33,14 @@ import ( ) type ReconcileProfileOpts struct { - OwnerReference *metav1.OwnerReference - LabelSelector metav1.LabelSelector - HelmChartOpts []HelmChartOpts - Priority int32 - StopOnConflict bool + OwnerReference *metav1.OwnerReference + LabelSelector metav1.LabelSelector + HelmChartOpts []HelmChartOpts + TemplateResourceRefs []sveltosv1beta1.TemplateResourceRef + PolicyRefs []sveltosv1beta1.PolicyRef + Priority int32 + StopOnConflict bool + Reload bool } type HelmChartOpts struct { @@ -49,6 +52,7 @@ type HelmChartOpts struct { ChartVersion string ReleaseName string ReleaseNamespace string + ValuesFrom []sveltosv1beta1.ValueFrom PlainHTTP bool InsecureSkipTLSVerify bool } @@ -127,7 +131,7 @@ func ReconcileProfile( // GetHelmChartOpts returns slice of helm chart options to use with Sveltos. // Namespace is the namespace of the referred templates in services slice. -func GetHelmChartOpts(ctx context.Context, c client.Client, namespace string, services []hmc.ServiceSpec) ([]HelmChartOpts, error) { +func GetHelmChartOpts(ctx context.Context, c client.Client, namespace string, services []hmc.Service) ([]HelmChartOpts, error) { l := ctrl.LoggerFrom(ctx) opts := []HelmChartOpts{} @@ -178,6 +182,7 @@ func GetHelmChartOpts(ctx context.Context, c client.Client, namespace string, se chartName := chart.Spec.Chart opt := HelmChartOpts{ Values: svc.Values, + ValuesFrom: svc.ValuesFrom, RepositoryURL: repo.Spec.URL, // We don't have repository name so chart name becomes repository name. RepositoryName: chartName, @@ -230,9 +235,12 @@ func GetSpec(opts *ReconcileProfileOpts) (*sveltosv1beta1.Spec, error) { ClusterSelector: libsveltosv1beta1.Selector{ LabelSelector: opts.LabelSelector, }, - Tier: tier, - ContinueOnConflict: !opts.StopOnConflict, - HelmCharts: make([]sveltosv1beta1.HelmChart, 0, len(opts.HelmChartOpts)), + Tier: tier, + ContinueOnConflict: !opts.StopOnConflict, + HelmCharts: make([]sveltosv1beta1.HelmChart, 0, len(opts.HelmChartOpts)), + Reloader: opts.Reload, + TemplateResourceRefs: opts.TemplateResourceRefs, + PolicyRefs: opts.PolicyRefs, } for _, hc := range opts.HelmChartOpts { @@ -259,6 +267,8 @@ func GetSpec(opts *ReconcileProfileOpts) (*sveltosv1beta1.Spec, error) { } helmChart.Values = hc.Values + helmChart.ValuesFrom = hc.ValuesFrom + spec.HelmCharts = append(spec.HelmCharts, helmChart) } diff --git a/internal/webhook/clusterdeployment_webhook.go b/internal/webhook/clusterdeployment_webhook.go index 2dadeefa6..f405702b0 100644 --- a/internal/webhook/clusterdeployment_webhook.go +++ b/internal/webhook/clusterdeployment_webhook.go @@ -79,7 +79,7 @@ func (v *ClusterDeploymentValidator) ValidateCreate(ctx context.Context, obj run return nil, fmt.Errorf("%s: %w", invalidClusterDeploymentMsg, err) } - if err := validateServices(ctx, v.Client, clusterDeployment.Namespace, clusterDeployment.Spec.Services); err != nil { + if err := validateServices(ctx, v.Client, clusterDeployment.Namespace, clusterDeployment.Spec.ServiceSpec.Services); err != nil { return nil, fmt.Errorf("%s: %w", invalidClusterDeploymentMsg, err) } @@ -123,7 +123,7 @@ func (v *ClusterDeploymentValidator) ValidateUpdate(ctx context.Context, oldObj, return nil, fmt.Errorf("%s: %w", invalidClusterDeploymentMsg, err) } - if err := validateServices(ctx, v.Client, newClusterDeployment.Namespace, newClusterDeployment.Spec.Services); err != nil { + if err := validateServices(ctx, v.Client, newClusterDeployment.Namespace, newClusterDeployment.Spec.ServiceSpec.Services); err != nil { return nil, fmt.Errorf("%s: %w", invalidClusterDeploymentMsg, err) } @@ -131,7 +131,7 @@ func (v *ClusterDeploymentValidator) ValidateUpdate(ctx context.Context, oldObj, } func validateK8sCompatibility(ctx context.Context, cl client.Client, template *hmcv1alpha1.ClusterTemplate, mc *hmcv1alpha1.ClusterDeployment) error { - if len(mc.Spec.Services) == 0 || template.Status.KubernetesVersion == "" { + if len(mc.Spec.ServiceSpec.Services) == 0 || template.Status.KubernetesVersion == "" { return nil // nothing to do } @@ -140,7 +140,7 @@ func validateK8sCompatibility(ctx context.Context, cl client.Client, template *h return fmt.Errorf("failed to parse k8s version %s of the ClusterDeployment %s/%s: %w", template.Status.KubernetesVersion, mc.Namespace, mc.Name, err) } - for _, v := range mc.Spec.Services { + for _, v := range mc.Spec.ServiceSpec.Services { if v.Disable { continue } diff --git a/internal/webhook/multiclusterservice_webhook.go b/internal/webhook/multiclusterservice_webhook.go index f41a9757c..60ac188ec 100644 --- a/internal/webhook/multiclusterservice_webhook.go +++ b/internal/webhook/multiclusterservice_webhook.go @@ -63,7 +63,7 @@ func (v *MultiClusterServiceValidator) ValidateCreate(ctx context.Context, obj r return nil, apierrors.NewBadRequest(fmt.Sprintf("expected MultiClusterService but got a %T", obj)) } - if err := validateServices(ctx, v.Client, v.SystemNamespace, mcs.Spec.Services); err != nil { + if err := validateServices(ctx, v.Client, v.SystemNamespace, mcs.Spec.ServiceSpec.Services); err != nil { return nil, fmt.Errorf("%s: %w", invalidMultiClusterServiceMsg, err) } @@ -77,7 +77,7 @@ func (v *MultiClusterServiceValidator) ValidateUpdate(ctx context.Context, _, ne return nil, apierrors.NewBadRequest(fmt.Sprintf("expected MultiClusterService but got a %T", newObj)) } - if err := validateServices(ctx, v.Client, v.SystemNamespace, mcs.Spec.Services); err != nil { + if err := validateServices(ctx, v.Client, v.SystemNamespace, mcs.Spec.ServiceSpec.Services); err != nil { return nil, fmt.Errorf("%s: %w", invalidMultiClusterServiceMsg, err) } @@ -94,7 +94,7 @@ func getServiceTemplate(ctx context.Context, c client.Client, templateNamespace, return tpl, c.Get(ctx, client.ObjectKey{Namespace: templateNamespace, Name: templateName}, tpl) } -func validateServices(ctx context.Context, c client.Client, namespace string, services []v1alpha1.ServiceSpec) (errs error) { +func validateServices(ctx context.Context, c client.Client, namespace string, services []v1alpha1.Service) (errs error) { for _, svc := range services { tpl, err := getServiceTemplate(ctx, c, namespace, svc.Template) if err != nil { diff --git a/templates/provider/hmc/templates/crds/hmc.mirantis.com_clusterdeployments.yaml b/templates/provider/hmc/templates/crds/hmc.mirantis.com_clusterdeployments.yaml index 4fb51689d..2877f76f4 100644 --- a/templates/provider/hmc/templates/crds/hmc.mirantis.com_clusterdeployments.yaml +++ b/templates/provider/hmc/templates/crds/hmc.mirantis.com_clusterdeployments.yaml @@ -75,62 +75,227 @@ spec: PropagateCredentials indicates whether credentials should be propagated for use by CCM (Cloud Controller Manager). type: boolean - services: - description: |- - Services is a list of services created via ServiceTemplates - that could be installed on the target cluster. - items: - description: ServiceSpec represents a Service to be managed - properties: - disable: - description: Disable can be set to disable handling of this - service. - type: boolean - name: - description: Name is the chart release. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace the release will be installed in. - It will default to Name if not provided. - type: string - template: - description: Template is a reference to a Template object located - in the same namespace. - maxLength: 253 - minLength: 1 - type: string - values: - description: |- - Values is the helm values to be passed to the chart used by the template. - The string type is used in order to allow for templating. - type: string - required: - - name - - template - type: object - type: array - servicesPriority: - default: 100 - description: |- - ServicesPriority sets the priority for the services defined in this spec. - Higher value means higher priority and lower means lower. - In case of conflict with another object managing the service, - the one with higher priority will get to deploy its services. - format: int32 - maximum: 2147483646 - minimum: 1 - type: integer - stopOnConflict: - default: false - description: |- - StopOnConflict specifies what to do in case of a conflict. - E.g. If another object is already managing a service. - By default the remaining services will be deployed even if conflict is detected. - If set to true, the deployment will stop after encountering the first conflict. - type: boolean + serviceSpec: + description: ServiceSpec is spec related to deployment of services. + properties: + policyRefs: + description: |- + PolicyRefs is a list of kubernetes resources that need to be deployed in matching clusters. + These resources may contain static values or leverage Go templates for dynamic customization. + When expressed as templates, the values are rendered using data from resources + (like Cluster & TemplateResourceRefs) within the management cluster before deployement. + items: + properties: + deploymentType: + default: Remote + description: |- + DeploymentType indicates whether resources need to be deployed + into the management cluster (local) or the managed cluster (remote) + enum: + - Local + - Remote + type: string + kind: + description: |- + Kind of the resource. Supported kinds are: + - ConfigMap/Secret + - flux GitRepository;OCIRepository;Bucket + enum: + - GitRepository + - OCIRepository + - Bucket + - ConfigMap + - Secret + type: string + name: + description: |- + Name of the referenced resource. + Name can be expressed as a template and instantiate using + - cluster namespace: .Cluster.metadata.namespace + - cluster name: .Cluster.metadata.name + - cluster type: .Cluster.kind + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referenced resource. + For ClusterProfile namespace can be left empty. In such a case, namespace will + be implicit set to cluster's namespace. + For Profile namespace must be left empty. Profile namespace will be used. + type: string + path: + description: |- + Path to the directory containing the YAML files. + Defaults to 'None', which translates to the root path of the SourceRef. + Used only for GitRepository;OCIRepository;Bucket + type: string + required: + - kind + - name + type: object + type: array + priority: + default: 100 + description: |- + Priority sets the priority for the services defined in this spec. + Higher value means higher priority and lower means lower. + In case of conflict with another object managing the service, + the one with higher priority will get to deploy its services. + format: int32 + maximum: 2147483646 + minimum: 1 + type: integer + reload: + description: Reload instances via rolling upgrade when a ConfigMap/Secret + mounted as volume is modified. + type: boolean + services: + description: |- + Services is a list of services created via ServiceTemplates + that could be installed on the target cluster. + items: + description: Service represents a Service to be deployed. + properties: + disable: + description: Disable can be set to disable handling of this + service. + type: boolean + name: + description: Name is the chart release. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace is the namespace the release will be installed in. + It will default to Name if not provided. + type: string + template: + description: Template is a reference to a Template object + located in the same namespace. + maxLength: 253 + minLength: 1 + type: string + values: + description: |- + Values is the helm values to be passed to the chart used by the template. + The string type is used in order to allow for templating. + type: string + valuesFrom: + description: ValuesFrom can reference a ConfigMap or Secret + containing helm values. + items: + properties: + kind: + description: |- + Kind of the resource. Supported kinds are: + - ConfigMap/Secret + enum: + - ConfigMap + - Secret + type: string + name: + description: |- + Name of the referenced resource. + Name can be expressed as a template and instantiate using + - cluster namespace: .Cluster.metadata.namespace + - cluster name: .Cluster.metadata.name + - cluster type: .Cluster.kind + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referenced resource. + For ClusterProfile namespace can be left empty. In such a case, namespace will + be implicit set to cluster's namespace. + For Profile namespace must be left empty. The Profile namespace will be used. + type: string + required: + - kind + - name + type: object + type: array + required: + - name + - template + type: object + type: array + stopOnConflict: + default: false + description: |- + StopOnConflict specifies what to do in case of a conflict. + E.g. If another object is already managing a service. + By default the remaining services will be deployed even if conflict is detected. + If set to true, the deployment will stop after encountering the first conflict. + type: boolean + templateResourceRefs: + description: |- + TemplateResourceRefs is a list of resources to collect from the management cluster, + the values from which can be used in templates. + items: + properties: + identifier: + description: |- + Identifier is how the resource will be referred to in the + template + type: string + resource: + description: |- + Resource references a Kubernetes instance in the management + cluster to fetch and use during template instantiation. + For ClusterProfile namespace can be left empty. In such a case, namespace will + be implicit set to cluster's namespace. + Name and namespace can be expressed as a template and instantiate using + - cluster namespace: .Cluster.metadata.namespace + - cluster name: .Cluster.metadata.name + - cluster type: .Cluster.kind + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + required: + - identifier + - resource + type: object + type: array + type: object template: description: Template is a reference to a Template object located in the same namespace. diff --git a/templates/provider/hmc/templates/crds/hmc.mirantis.com_multiclusterservices.yaml b/templates/provider/hmc/templates/crds/hmc.mirantis.com_multiclusterservices.yaml index d4f05b686..17c9f91ad 100644 --- a/templates/provider/hmc/templates/crds/hmc.mirantis.com_multiclusterservices.yaml +++ b/templates/provider/hmc/templates/crds/hmc.mirantis.com_multiclusterservices.yaml @@ -87,62 +87,227 @@ spec: type: object type: object x-kubernetes-map-type: atomic - services: - description: |- - Services is a list of services created via ServiceTemplates - that could be installed on the target cluster. - items: - description: ServiceSpec represents a Service to be managed - properties: - disable: - description: Disable can be set to disable handling of this - service. - type: boolean - name: - description: Name is the chart release. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace the release will be installed in. - It will default to Name if not provided. - type: string - template: - description: Template is a reference to a Template object located - in the same namespace. - maxLength: 253 - minLength: 1 - type: string - values: - description: |- - Values is the helm values to be passed to the chart used by the template. - The string type is used in order to allow for templating. - type: string - required: - - name - - template - type: object - type: array - servicesPriority: - default: 100 - description: |- - ServicesPriority sets the priority for the services defined in this spec. - Higher value means higher priority and lower means lower. - In case of conflict with another object managing the service, - the one with higher priority will get to deploy its services. - format: int32 - maximum: 2147483646 - minimum: 1 - type: integer - stopOnConflict: - default: false - description: |- - StopOnConflict specifies what to do in case of a conflict. - E.g. If another object is already managing a service. - By default the remaining services will be deployed even if conflict is detected. - If set to true, the deployment will stop after encountering the first conflict. - type: boolean + serviceSpec: + description: ServiceSpec is spec related to deployment of services. + properties: + policyRefs: + description: |- + PolicyRefs is a list of kubernetes resources that need to be deployed in matching clusters. + These resources may contain static values or leverage Go templates for dynamic customization. + When expressed as templates, the values are rendered using data from resources + (like Cluster & TemplateResourceRefs) within the management cluster before deployement. + items: + properties: + deploymentType: + default: Remote + description: |- + DeploymentType indicates whether resources need to be deployed + into the management cluster (local) or the managed cluster (remote) + enum: + - Local + - Remote + type: string + kind: + description: |- + Kind of the resource. Supported kinds are: + - ConfigMap/Secret + - flux GitRepository;OCIRepository;Bucket + enum: + - GitRepository + - OCIRepository + - Bucket + - ConfigMap + - Secret + type: string + name: + description: |- + Name of the referenced resource. + Name can be expressed as a template and instantiate using + - cluster namespace: .Cluster.metadata.namespace + - cluster name: .Cluster.metadata.name + - cluster type: .Cluster.kind + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referenced resource. + For ClusterProfile namespace can be left empty. In such a case, namespace will + be implicit set to cluster's namespace. + For Profile namespace must be left empty. Profile namespace will be used. + type: string + path: + description: |- + Path to the directory containing the YAML files. + Defaults to 'None', which translates to the root path of the SourceRef. + Used only for GitRepository;OCIRepository;Bucket + type: string + required: + - kind + - name + type: object + type: array + priority: + default: 100 + description: |- + Priority sets the priority for the services defined in this spec. + Higher value means higher priority and lower means lower. + In case of conflict with another object managing the service, + the one with higher priority will get to deploy its services. + format: int32 + maximum: 2147483646 + minimum: 1 + type: integer + reload: + description: Reload instances via rolling upgrade when a ConfigMap/Secret + mounted as volume is modified. + type: boolean + services: + description: |- + Services is a list of services created via ServiceTemplates + that could be installed on the target cluster. + items: + description: Service represents a Service to be deployed. + properties: + disable: + description: Disable can be set to disable handling of this + service. + type: boolean + name: + description: Name is the chart release. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace is the namespace the release will be installed in. + It will default to Name if not provided. + type: string + template: + description: Template is a reference to a Template object + located in the same namespace. + maxLength: 253 + minLength: 1 + type: string + values: + description: |- + Values is the helm values to be passed to the chart used by the template. + The string type is used in order to allow for templating. + type: string + valuesFrom: + description: ValuesFrom can reference a ConfigMap or Secret + containing helm values. + items: + properties: + kind: + description: |- + Kind of the resource. Supported kinds are: + - ConfigMap/Secret + enum: + - ConfigMap + - Secret + type: string + name: + description: |- + Name of the referenced resource. + Name can be expressed as a template and instantiate using + - cluster namespace: .Cluster.metadata.namespace + - cluster name: .Cluster.metadata.name + - cluster type: .Cluster.kind + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referenced resource. + For ClusterProfile namespace can be left empty. In such a case, namespace will + be implicit set to cluster's namespace. + For Profile namespace must be left empty. The Profile namespace will be used. + type: string + required: + - kind + - name + type: object + type: array + required: + - name + - template + type: object + type: array + stopOnConflict: + default: false + description: |- + StopOnConflict specifies what to do in case of a conflict. + E.g. If another object is already managing a service. + By default the remaining services will be deployed even if conflict is detected. + If set to true, the deployment will stop after encountering the first conflict. + type: boolean + templateResourceRefs: + description: |- + TemplateResourceRefs is a list of resources to collect from the management cluster, + the values from which can be used in templates. + items: + properties: + identifier: + description: |- + Identifier is how the resource will be referred to in the + template + type: string + resource: + description: |- + Resource references a Kubernetes instance in the management + cluster to fetch and use during template instantiation. + For ClusterProfile namespace can be left empty. In such a case, namespace will + be implicit set to cluster's namespace. + Name and namespace can be expressed as a template and instantiate using + - cluster namespace: .Cluster.metadata.namespace + - cluster name: .Cluster.metadata.name + - cluster type: .Cluster.kind + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + required: + - identifier + - resource + type: object + type: array + type: object type: object status: description: MultiClusterServiceStatus defines the observed state of MultiClusterService. diff --git a/test/objects/clusterdeployment/clusterdeployment.go b/test/objects/clusterdeployment/clusterdeployment.go index 87f5a6432..30b08d592 100644 --- a/test/objects/clusterdeployment/clusterdeployment.go +++ b/test/objects/clusterdeployment/clusterdeployment.go @@ -76,7 +76,7 @@ func WithConfig(config string) Opt { func WithServiceTemplate(templateName string) Opt { return func(p *v1alpha1.ClusterDeployment) { - p.Spec.Services = append(p.Spec.Services, v1alpha1.ServiceSpec{ + p.Spec.ServiceSpec.Services = append(p.Spec.ServiceSpec.Services, v1alpha1.Service{ Template: templateName, }) } diff --git a/test/objects/multiclusterservice/multiclusterservice.go b/test/objects/multiclusterservice/multiclusterservice.go index 4328cf2b5..1e96ae013 100644 --- a/test/objects/multiclusterservice/multiclusterservice.go +++ b/test/objects/multiclusterservice/multiclusterservice.go @@ -47,7 +47,7 @@ func WithName(name string) Opt { func WithServiceTemplate(templateName string) Opt { return func(p *v1alpha1.MultiClusterService) { - p.Spec.Services = append(p.Spec.Services, v1alpha1.ServiceSpec{ + p.Spec.ServiceSpec.Services = append(p.Spec.ServiceSpec.Services, v1alpha1.Service{ Template: templateName, }) } From 1c61c68a22dcd8434f546330facf6cec85524c7f Mon Sep 17 00:00:00 2001 From: Wahab Ali Date: Mon, 6 Jan 2025 11:43:12 -0500 Subject: [PATCH 2/2] Removed PolicyRefs --- api/v1alpha1/multiclusterservice_types.go | 5 -- api/v1alpha1/zz_generated.deepcopy.go | 5 -- .../clusterdeployment_controller.go | 1 - .../multiclusterservice_controller.go | 1 - internal/sveltos/profile.go | 2 - .../hmc.mirantis.com_clusterdeployments.yaml | 56 ------------------- ...hmc.mirantis.com_multiclusterservices.yaml | 56 ------------------- 7 files changed, 126 deletions(-) diff --git a/api/v1alpha1/multiclusterservice_types.go b/api/v1alpha1/multiclusterservice_types.go index 9f7d118ac..4d96d261a 100644 --- a/api/v1alpha1/multiclusterservice_types.go +++ b/api/v1alpha1/multiclusterservice_types.go @@ -72,11 +72,6 @@ type ServiceSpec struct { // TemplateResourceRefs is a list of resources to collect from the management cluster, // the values from which can be used in templates. TemplateResourceRefs []sveltosv1beta1.TemplateResourceRef `json:"templateResourceRefs,omitempty"` - // PolicyRefs is a list of kubernetes resources that need to be deployed in matching clusters. - // These resources may contain static values or leverage Go templates for dynamic customization. - // When expressed as templates, the values are rendered using data from resources - // (like Cluster & TemplateResourceRefs) within the management cluster before deployement. - PolicyRefs []sveltosv1beta1.PolicyRef `json:"policyRefs,omitempty"` // +kubebuilder:default:=100 // +kubebuilder:validation:Minimum=1 diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 057b495bf..bedeffafb 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -1343,11 +1343,6 @@ func (in *ServiceSpec) DeepCopyInto(out *ServiceSpec) { *out = make([]v1beta1.TemplateResourceRef, len(*in)) copy(*out, *in) } - if in.PolicyRefs != nil { - in, out := &in.PolicyRefs, &out.PolicyRefs - *out = make([]v1beta1.PolicyRef, len(*in)) - copy(*out, *in) - } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceSpec. diff --git a/internal/controller/clusterdeployment_controller.go b/internal/controller/clusterdeployment_controller.go index 2513bbfd4..677468824 100644 --- a/internal/controller/clusterdeployment_controller.go +++ b/internal/controller/clusterdeployment_controller.go @@ -472,7 +472,6 @@ func (r *ClusterDeploymentReconciler) updateServices(ctx context.Context, mc *hm StopOnConflict: mc.Spec.ServiceSpec.StopOnConflict, Reload: mc.Spec.ServiceSpec.Reload, TemplateResourceRefs: mc.Spec.ServiceSpec.TemplateResourceRefs, - PolicyRefs: mc.Spec.ServiceSpec.PolicyRefs, }); err != nil { return ctrl.Result{}, fmt.Errorf("failed to reconcile Profile: %w", err) } diff --git a/internal/controller/multiclusterservice_controller.go b/internal/controller/multiclusterservice_controller.go index ace309415..99070bb06 100644 --- a/internal/controller/multiclusterservice_controller.go +++ b/internal/controller/multiclusterservice_controller.go @@ -142,7 +142,6 @@ func (r *MultiClusterServiceReconciler) reconcileUpdate(ctx context.Context, mcs StopOnConflict: mcs.Spec.ServiceSpec.StopOnConflict, Reload: mcs.Spec.ServiceSpec.Reload, TemplateResourceRefs: mcs.Spec.ServiceSpec.TemplateResourceRefs, - PolicyRefs: mcs.Spec.ServiceSpec.PolicyRefs, }); err != nil { return ctrl.Result{}, fmt.Errorf("failed to reconcile ClusterProfile: %w", err) } diff --git a/internal/sveltos/profile.go b/internal/sveltos/profile.go index 8e0cb2305..1d65d0160 100644 --- a/internal/sveltos/profile.go +++ b/internal/sveltos/profile.go @@ -37,7 +37,6 @@ type ReconcileProfileOpts struct { LabelSelector metav1.LabelSelector HelmChartOpts []HelmChartOpts TemplateResourceRefs []sveltosv1beta1.TemplateResourceRef - PolicyRefs []sveltosv1beta1.PolicyRef Priority int32 StopOnConflict bool Reload bool @@ -240,7 +239,6 @@ func GetSpec(opts *ReconcileProfileOpts) (*sveltosv1beta1.Spec, error) { HelmCharts: make([]sveltosv1beta1.HelmChart, 0, len(opts.HelmChartOpts)), Reloader: opts.Reload, TemplateResourceRefs: opts.TemplateResourceRefs, - PolicyRefs: opts.PolicyRefs, } for _, hc := range opts.HelmChartOpts { diff --git a/templates/provider/hmc/templates/crds/hmc.mirantis.com_clusterdeployments.yaml b/templates/provider/hmc/templates/crds/hmc.mirantis.com_clusterdeployments.yaml index 2877f76f4..126bf9066 100644 --- a/templates/provider/hmc/templates/crds/hmc.mirantis.com_clusterdeployments.yaml +++ b/templates/provider/hmc/templates/crds/hmc.mirantis.com_clusterdeployments.yaml @@ -78,62 +78,6 @@ spec: serviceSpec: description: ServiceSpec is spec related to deployment of services. properties: - policyRefs: - description: |- - PolicyRefs is a list of kubernetes resources that need to be deployed in matching clusters. - These resources may contain static values or leverage Go templates for dynamic customization. - When expressed as templates, the values are rendered using data from resources - (like Cluster & TemplateResourceRefs) within the management cluster before deployement. - items: - properties: - deploymentType: - default: Remote - description: |- - DeploymentType indicates whether resources need to be deployed - into the management cluster (local) or the managed cluster (remote) - enum: - - Local - - Remote - type: string - kind: - description: |- - Kind of the resource. Supported kinds are: - - ConfigMap/Secret - - flux GitRepository;OCIRepository;Bucket - enum: - - GitRepository - - OCIRepository - - Bucket - - ConfigMap - - Secret - type: string - name: - description: |- - Name of the referenced resource. - Name can be expressed as a template and instantiate using - - cluster namespace: .Cluster.metadata.namespace - - cluster name: .Cluster.metadata.name - - cluster type: .Cluster.kind - minLength: 1 - type: string - namespace: - description: |- - Namespace of the referenced resource. - For ClusterProfile namespace can be left empty. In such a case, namespace will - be implicit set to cluster's namespace. - For Profile namespace must be left empty. Profile namespace will be used. - type: string - path: - description: |- - Path to the directory containing the YAML files. - Defaults to 'None', which translates to the root path of the SourceRef. - Used only for GitRepository;OCIRepository;Bucket - type: string - required: - - kind - - name - type: object - type: array priority: default: 100 description: |- diff --git a/templates/provider/hmc/templates/crds/hmc.mirantis.com_multiclusterservices.yaml b/templates/provider/hmc/templates/crds/hmc.mirantis.com_multiclusterservices.yaml index 17c9f91ad..7a4310ef9 100644 --- a/templates/provider/hmc/templates/crds/hmc.mirantis.com_multiclusterservices.yaml +++ b/templates/provider/hmc/templates/crds/hmc.mirantis.com_multiclusterservices.yaml @@ -90,62 +90,6 @@ spec: serviceSpec: description: ServiceSpec is spec related to deployment of services. properties: - policyRefs: - description: |- - PolicyRefs is a list of kubernetes resources that need to be deployed in matching clusters. - These resources may contain static values or leverage Go templates for dynamic customization. - When expressed as templates, the values are rendered using data from resources - (like Cluster & TemplateResourceRefs) within the management cluster before deployement. - items: - properties: - deploymentType: - default: Remote - description: |- - DeploymentType indicates whether resources need to be deployed - into the management cluster (local) or the managed cluster (remote) - enum: - - Local - - Remote - type: string - kind: - description: |- - Kind of the resource. Supported kinds are: - - ConfigMap/Secret - - flux GitRepository;OCIRepository;Bucket - enum: - - GitRepository - - OCIRepository - - Bucket - - ConfigMap - - Secret - type: string - name: - description: |- - Name of the referenced resource. - Name can be expressed as a template and instantiate using - - cluster namespace: .Cluster.metadata.namespace - - cluster name: .Cluster.metadata.name - - cluster type: .Cluster.kind - minLength: 1 - type: string - namespace: - description: |- - Namespace of the referenced resource. - For ClusterProfile namespace can be left empty. In such a case, namespace will - be implicit set to cluster's namespace. - For Profile namespace must be left empty. Profile namespace will be used. - type: string - path: - description: |- - Path to the directory containing the YAML files. - Defaults to 'None', which translates to the root path of the SourceRef. - Used only for GitRepository;OCIRepository;Bucket - type: string - required: - - kind - - name - type: object - type: array priority: default: 100 description: |-