From 45e66922e1befbdc4e000fbbfa4dcd87f4324f4d Mon Sep 17 00:00:00 2001 From: David Arnold Date: Tue, 18 Aug 2020 00:10:34 -0500 Subject: [PATCH 01/10] refactor: implement multi-stage build - enables skaffold based workflows - the multi-arch control flow needed to be extracted out of the container --- install/operator/.lib.sh | 148 +++++++++++++++--------------- install/operator/build.sh | 26 ++---- install/operator/build/Dockerfile | 48 +++++++++- 3 files changed, 128 insertions(+), 94 deletions(-) diff --git a/install/operator/.lib.sh b/install/operator/.lib.sh index 7fbab07f4de..0c4799c459f 100644 --- a/install/operator/.lib.sh +++ b/install/operator/.lib.sh @@ -44,6 +44,12 @@ build_container_operator() { local container_cmd="${1:-}" shift + local goos="$1" + shift + local goarch="$1" + shift + local go_proxy_url="$1" + shift if [ -z "${container_cmd}" ]; then echo "ERROR: Container command is not defined. Either podman or docker are supported." @@ -51,50 +57,26 @@ build_container_operator() fi local BUILDER_IMAGE_NAME="operator-builder" - echo ====================================================== - echo Building executable with ${container_cmd} - echo ====================================================== - rm -rf build/_output - OPTS="" - for i in "$@" ; do - OPTS="$OPTS '$i'" - done - - cat > "${BUILDER_IMAGE_NAME}.tmp" < ./dist/${GOOS}-${GOARCH}/syndesis-operator + echo extracting operator executable to ./dist/${goos}-${goarch}/syndesis-operator + mkdir -p ./dist/${goos}-${goarch} + ${container_cmd} run "${BUILDER_IMAGE_NAME}" cat /out/syndesis-operator > ./dist/${goos}-${goarch}/syndesis-operator - echo extracting platform-detect executable to ./dist/${GOOS}-${GOARCH}/platform-detect - ${container_cmd} run "${BUILDER_IMAGE_NAME}" cat /dist/${GOOS}-${GOARCH}/platform-detect > ./dist/${GOOS}-${GOARCH}/platform-detect - done - done + echo extracting platform-detect executable to ./dist/${goos}-${goarch}/platform-detect + ${container_cmd} run "${BUILDER_IMAGE_NAME}" cat /out/platform-detect > ./dist/${goos}-${goarch}/platform-detect chmod a+x ./dist/*/*-* - mkdir -p ./build/_output/bin - cp ./dist/linux-amd64/syndesis-operator ./build/_output/bin/syndesis-operator } build_operator() @@ -182,12 +164,22 @@ build_operator() for GOOS in ${GOOSLIST} ; do export GOARCH GOOS echo building ./dist/${GOOS}-${GOARCH}/syndesis-operator executable - go build "$@" -o ./dist/${GOOS}-${GOARCH}/syndesis-operator \ + go build -ldflags \ + -X github.com/syndesisio/syndesis/install/operator/pkg.DefaultOperatorImage=${CONTAINER_REGISTRY}/${IMAGE_NAMESPACE}/${IMAGE_NAME} \ + -X github.com/syndesisio/syndesis/install/operator/pkg.DefaultOperatorTag=${IMAGE_TAG} \ + -X github.com/syndesisio/syndesis/install/operator/pkg.BuildDateTime=${BUILD_TIME} \ + ${GO_BUILD_OPTIONS} \ + -o ./dist/${GOOS}-${GOARCH}/syndesis-operator \ -gcflags all=-trimpath=${GOPATH} -asmflags all=-trimpath=${GOPATH} -mod=vendor \ ./cmd/manager echo building ./dist/${GOOS}-${GOARCH}/platform-detect executable - go build -o ./dist/${GOOS}-${GOARCH}/platform-detect \ + go build -ldflags \ + -X github.com/syndesisio/syndesis/install/operator/pkg.DefaultOperatorImage=${CONTAINER_REGISTRY}/${IMAGE_NAMESPACE}/${IMAGE_NAME} \ + -X github.com/syndesisio/syndesis/install/operator/pkg.DefaultOperatorTag=${IMAGE_TAG} \ + -X github.com/syndesisio/syndesis/install/operator/pkg.BuildDateTime=${BUILD_TIME} \ + ${GO_BUILD_OPTIONS} \ + -o ./dist/${GOOS}-${GOARCH}/platform-detect \ -gcflags all=-trimpath=${GOPATH} -asmflags all=-trimpath=${GOPATH} -mod=vendor \ ./cmd/detect done @@ -201,16 +193,36 @@ build_operator() echo "$hasdocker" exit 1 fi + echo ====================================================== + echo Building executable with podman + echo ====================================================== - build_container_operator "podman" "$@" + rm -rf build/_output + for GOARCH in amd64 ; do + for GOOS in ${GOOSLIST} ; do + build_container_operator "podman" "$GOARCH" "$GOOS" "$go_proxy_url" + done + done + mkdir -p ./build/_output/bin + cp ./dist/linux-amd64/syndesis-operator ./build/_output/bin/syndesis-operator ;; "docker") if [ "$hasdocker" != "OK" ]; then echo "$hasdocker" exit 1 fi + echo ====================================================== + echo Building executable with docker + echo ====================================================== - build_container_operator "docker" "$@" + rm -rf build/_output + for GOARCH in amd64 ; do + for GOOS in ${GOOSLIST} ; do + build_container_operator "docker" "$GOARCH" "$GOOS" "$go_proxy_url" + done + done + mkdir -p ./build/_output/bin + cp ./dist/linux-amd64/syndesis-operator ./build/_output/bin/syndesis-operator ;; *) echo invalid build strategy: $strategy @@ -228,10 +240,6 @@ build_operator() build_container_image() { local container_cmd="${1:-}" - local registry="${2:-}" - local image_namespace="${3:-}" - local image_name="${4:-}" - local image_tag="${5:-}" if [ -z "${container_cmd}" ]; then echo "ERROR: Container command is not defined. Either podman or docker are supported." @@ -239,48 +247,48 @@ build_container_image() fi - if [ -n "${image_namespace}" ]; then - full_image_name="${image_namespace}/${image_name}" + if [ -n "${IMAGE_NAMESPACE}" ]; then + full_image_name="${IMAGE_NAMESPACE}/${IMAGE_NAME}" else - full_image_name="${image_name}" + full_image_name="${IMAGE_NAME}" fi - if [ -n "${registry}" ]; then + if [ -n "${CONTAINER_REGISTRY}" ]; then # # Need to apply the registry to the image name so that the # operator image is built with the correct image location # - full_image_name=${registry}/${full_image_name} + full_image_name=${CONTAINER_REGISTRY}/${full_image_name} fi echo ====================================================== echo Building image with ${container_cmd} echo ====================================================== - ${container_cmd} build -f "build/Dockerfile" -t "${full_image_name}:${image_tag}" . + ${container_cmd} build -f "build/Dockerfile" -t "${full_image_name}:${IMAGE_TAG}" . echo ====================================================== echo "Operator Image Built: ${full_image_name}" echo ====================================================== - if [ "${registry}" == "docker.io" ] && [ "${image_namespace}" == "syndesis" ]; then + if [ "${CONTAINER_REGISTRY}" == "docker.io" ] && [ "${IMAGE_NAMESPACE}" == "syndesis" ]; then # # Do not push if registry and namespace are the defaults # return - elif [ -n "${registry}" ]; then + elif [ -n "${CONTAINER_REGISTRY}" ]; then # # If registry defined then push image to container registry # echo ====================================================== - echo Pushing image to container registry: ${registry} + echo Pushing image to container registry: ${CONTAINER_REGISTRY} echo ====================================================== # # Checks the container image has been built # and available to be pushed. # - image_id=$(${container_cmd} images --filter reference=${full_image_name}:${image_tag} | grep -v IMAGE | awk '{print $3}' | uniq) + image_id=$(${container_cmd} images --filter reference=${full_image_name}:${IMAGE_TAG} | grep -v IMAGE | awk '{print $3}' | uniq) if [ -z ${image_id} ]; then - check_error "ERROR: Cannot find newly-built container image of ${full_image_name}:${image_tag}" + check_error "ERROR: Cannot find newly-built container image of ${full_image_name}:${IMAGE_TAG}" fi @@ -288,9 +296,9 @@ build_container_image() # Push to the registry # if [ "${container_cmd}" == "docker" ]; then - ${container_cmd} push "${full_image_name}:${image_tag}" + ${container_cmd} push "${full_image_name}:${IMAGE_TAG}" elif [ "${container_cmd}" == "podman" ]; then - ${container_cmd} push "${image_id}" "${full_image_name}:${image_tag}" + ${container_cmd} push "${image_id}" "${full_image_name}:${IMAGE_TAG}" else echo "Pushing to registry not supported by ${container_cmd}" fi @@ -298,12 +306,12 @@ build_container_image() # # Check the image is present in the registry # - status=$(curl -sLk https://${registry}/v2/${image_namespace}/${image_name}/tags/list) + status=$(curl -sLk https://${CONTAINER_REGISTRY}/v2/${IMAGE_NAMESPACE}/${IMAGE_NAME}/tags/list) if [ -z "${status##*errors*}" ] ;then check_error "ERROR: Cannot verify image has been pushed to registry." else echo ====================================================== - echo "Operator Image Pushed to Registry: ${registry}" + echo "Operator Image Pushed to Registry: ${CONTAINER_REGISTRY}" echo ====================================================== fi fi @@ -312,20 +320,12 @@ build_container_image() # # Parameters: # IMAGE_BUILD_MODE - [auto, s2i, docker, podman] -# CONTAINER_REGISTRY - docker.io by default -# IMAGE_NAMESPACE - syndesis by default -# IMAGE_NAME - syndesis-operator by default -# IMAGE_TAG - latest by default # s2i_stream_name - syndesis-operator by default # build_image() { local strategy="${1:-auto}" - local registry="${2:-docker.io}" - local image_namespace="${3:-syndesis}" - local image_name="${4:-syndesis-operator}" - local image_tag="${5:-latest}" - local s2i_stream_name="${6:-syndesis-operator}" + local s2i_stream_name="${2:-syndesis-operator}" local hasdocker=$(docker_is_available) local haspodman=$(podman_is_available) @@ -387,8 +387,8 @@ build_image() fi if [ -z "$(oc get bc -o name | grep ${s2i_stream_name})" ]; then - echo "Creating BuildConfig ${s2i_stream_name} with tag ${image_tag}" - oc new-build --strategy=docker --binary=true --to="${image_namespace}/${image_name}:${image_tag}" --name ${s2i_stream_name} + echo "Creating BuildConfig ${s2i_stream_name} with tag ${IMAGE_TAG}" + oc new-build --strategy=docker --binary=true --to="${IMAGE_NAMESPACE}/${IMAGE_NAME}:${IMAGE_TAG}" --name ${s2i_stream_name} fi local arch="$(mktemp -t ${s2i_stream_name}-dockerXXX).tar" echo $arch @@ -408,14 +408,14 @@ build_image() check_error "$hasdocker" fi - build_container_image "docker" ${registry} ${image_namespace} ${image_name} ${image_tag} + build_container_image "docker" ;; "podman") if [ "$haspodman" != "OK" ]; then check_error "$hasdocker" fi - build_container_image "podman" ${registry} ${image_namespace} ${image_name} ${image_tag} + build_container_image "podman" ;; *) echo invalid build strategy: $1 diff --git a/install/operator/build.sh b/install/operator/build.sh index ba746aa5f30..3f1c8f02054 100755 --- a/install/operator/build.sh +++ b/install/operator/build.sh @@ -26,16 +26,16 @@ add_to_trap "print_error ${ERROR_FILE}" # trap "process_trap" EXIT -IMAGE_NAME="syndesis-operator" +export IMAGE_NAME="syndesis-operator" -CONTAINER_REGISTRY="$(readopt --registry docker.io)" -IMAGE_NAMESPACE="$(readopt --image-namespace syndesis)" -IMAGE_TAG="$(readopt --image-tag latest)" +export CONTAINER_REGISTRY="$(readopt --registry docker.io)" +export IMAGE_NAMESPACE="$(readopt --image-namespace syndesis)" +export IMAGE_TAG="$(readopt --image-tag latest)" S2I_STREAM_NAME="$(readopt --s2i-stream-name syndesis-operator)" OPERATOR_BUILD_MODE="$(readopt --operator-build auto)" IMAGE_BUILD_MODE="$(readopt --image-build auto)" SOURCE_GEN="$(readopt --source-gen on)" -GO_BUILD_OPTIONS="$(readopt --go-options '')" +export GO_BUILD_OPTIONS="$(readopt --go-options '')" GO_PROXY_URL="$(readopt --go-proxy https://proxy.golang.org)" if [[ -n "$(readopt --help)" ]] ; then @@ -62,22 +62,12 @@ fi # # Timestamp for the building of the operator # -BUILD_TIME=$(date +%Y-%m-%dT%H:%M:%S%z) - -# Custom registry needs to be injected into the operator so that -# the image coordinate in the operator resource can be rendered -# pointing to the registry -# -FULL_OPERATOR_IMAGE_NAME="${CONTAINER_REGISTRY}/${IMAGE_NAMESPACE}/${IMAGE_NAME}" +export BUILD_TIME=$(date +%Y-%m-%dT%H:%M:%S%z) if [ $OPERATOR_BUILD_MODE != "skip" ] ; then - LD_FLAGS=$(echo "-X github.com/syndesisio/syndesis/install/operator/pkg.DefaultOperatorImage=${FULL_OPERATOR_IMAGE_NAME}" \ - "-X github.com/syndesisio/syndesis/install/operator/pkg.DefaultOperatorTag=${IMAGE_TAG}" \ - "-X github.com/syndesisio/syndesis/install/operator/pkg.BuildDateTime=${BUILD_TIME}") - echo "LD_FLAGS: ${LD_FLAGS}" - build_operator $OPERATOR_BUILD_MODE "$SOURCE_GEN" "$GO_PROXY_URL" -ldflags "${LD_FLAGS}" $GO_BUILD_OPTIONS + build_operator $OPERATOR_BUILD_MODE "$SOURCE_GEN" "$GO_PROXY_URL" fi if [ $IMAGE_BUILD_MODE != "skip" ] ; then - build_image $IMAGE_BUILD_MODE $CONTAINER_REGISTRY $IMAGE_NAMESPACE $IMAGE_NAME $IMAGE_TAG $S2I_STREAM_NAME + build_image $IMAGE_BUILD_MODE $S2I_STREAM_NAME fi diff --git a/install/operator/build/Dockerfile b/install/operator/build/Dockerfile index 29ab8cb6eae..bbc58bcb222 100644 --- a/install/operator/build/Dockerfile +++ b/install/operator/build/Dockerfile @@ -1,11 +1,55 @@ -FROM registry.access.redhat.com/ubi7/ubi-minimal:latest +# ------------ +# Builder +# ------------ +FROM golang:1.13.7 as builder + +ARG GO_BUILD_OPTIONS= +ARG CONTAINER_REGISTRY=docker.io +ARG IMAGE_NAMESPACE=syndesis +ARG IMAGE_NAME=syndesis-operator +ARG IMAGE_TAG=latest +ARG BUILD_TIME= + +WORKDIR /go/src/github.com/syndesisio/syndesis/install/operator +ENV GO111MODULE=on +COPY . . +RUN go generate ./pkg/... +RUN go test -test.short -mod=vendor ./cmd/... ./pkg/... + +# Build syndesis-operator binary +RUN go build \ + -ldflags \ + -X github.com/syndesisio/syndesis/install/operator/pkg.DefaultOperatorImage=${CONTAINER_REGISTRY}/${IMAGE_NAMESPACE}/${IMAGE_NAME} \ + -X github.com/syndesisio/syndesis/install/operator/pkg.DefaultOperatorTag=${IMAGE_TAG} \ + -X github.com/syndesisio/syndesis/install/operator/pkg.BuildDateTime=${BUILD_TIME} \ + ${GO_BUILD_OPTIONS} \ + -o /out/syndesis-operator \ + -gcflags all=-trimpath=\${GOPATH} \ + -asmflags all=-trimpath=\${GOPATH} \ + -mod=vendor github.com/syndesisio/syndesis/install/operator/cmd/manager + +# Build platform-detect binary +RUN go build \ + -ldflags \ + -X github.com/syndesisio/syndesis/install/operator/pkg.DefaultOperatorImage=${CONTAINER_REGISTRY}/${IMAGE_NAMESPACE}/${IMAGE_NAME} \ + -X github.com/syndesisio/syndesis/install/operator/pkg.DefaultOperatorTag=${IMAGE_TAG} \ + -X github.com/syndesisio/syndesis/install/operator/pkg.BuildDateTime=${BUILD_TIME} \ + ${GO_BUILD_OPTIONS} \ + -o /out/platform-detect \ + -gcflags all=-trimpath=\${GOPATH} \ + -asmflags all=-trimpath=\${GOPATH} \ + +# ------------ +# Runner +# ------------ +FROM registry.access.redhat.com/ubi7/ubi-minimal:latest as runner ENV OPERATOR=/usr/local/bin/syndesis-operator \ USER_UID=1001 \ USER_NAME=operator # install operator binary -COPY build/_output/bin/syndesis-operator ${OPERATOR} +COPY --from=builder /out/syndesis-operator ${OPERATOR} COPY build/bin /usr/local/bin RUN /usr/local/bin/user_setup USER ${USER_UID} From a4df1437108c498878b0ea5dd596a1477eb38d93 Mon Sep 17 00:00:00 2001 From: David Arnold Date: Sun, 5 Jul 2020 21:21:54 -0500 Subject: [PATCH 02/10] chore: add reproducible dev env on nix-shell --- shell.nix | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 shell.nix diff --git a/shell.nix b/shell.nix new file mode 100644 index 00000000000..0620c7f0cda --- /dev/null +++ b/shell.nix @@ -0,0 +1,24 @@ +let + pkgs = import {}; +in +pkgs.mkShell { + buildInputs = [ + pkgs.checkstyle + pkgs.dive + pkgs.just + pkgs.kube3d + # pkgs.kubebox + pkgs.kubectl + # pkgs.kubespy + pkgs.minikube + pkgs.minishift + pkgs.nodejs + pkgs.yarn + pkgs.openshift + pkgs.skaffold + ]; + shellHook = '' + export PATH="$PWD/node_modules/.bin/:$PATH" + yarn install + ''; +} From 575e7324fffbb3156bcc035fc8b60d9467ae0091 Mon Sep 17 00:00:00 2001 From: David Arnold Date: Mon, 6 Jul 2020 15:39:13 -0500 Subject: [PATCH 03/10] chore: add go to nix-shell --- x | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 x diff --git a/x b/x new file mode 100644 index 00000000000..e69de29bb2d From 1a508c73ebc3f45efd7a3eca0000afcf3162659c Mon Sep 17 00:00:00 2001 From: David Arnold Date: Mon, 6 Jul 2020 15:41:08 -0500 Subject: [PATCH 04/10] chore: add operator-sdk to nix-shell (commented) uncomment once merged: https://github.com/NixOS/nixpkgs/pull/78451 --- shell.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/shell.nix b/shell.nix index 0620c7f0cda..0001cfb528f 100644 --- a/shell.nix +++ b/shell.nix @@ -5,6 +5,7 @@ pkgs.mkShell { buildInputs = [ pkgs.checkstyle pkgs.dive + pkgs.go pkgs.just pkgs.kube3d # pkgs.kubebox @@ -13,9 +14,10 @@ pkgs.mkShell { pkgs.minikube pkgs.minishift pkgs.nodejs - pkgs.yarn pkgs.openshift + # pkgs.operator-sdk pkgs.skaffold + pkgs.yarn ]; shellHook = '' export PATH="$PWD/node_modules/.bin/:$PATH" From 3d923d29abae8ca7ea34d6e0038bb8a4685fb777 Mon Sep 17 00:00:00 2001 From: David Arnold Date: Tue, 7 Jul 2020 16:46:18 -0500 Subject: [PATCH 05/10] chore: unlock operator-sdk since merge of https://github.com/NixOS/nixpkgs/pull/78451 --- shell.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/shell.nix b/shell.nix index 0001cfb528f..2d1affbe589 100644 --- a/shell.nix +++ b/shell.nix @@ -15,7 +15,7 @@ pkgs.mkShell { pkgs.minishift pkgs.nodejs pkgs.openshift - # pkgs.operator-sdk + pkgs.operator-sdk pkgs.skaffold pkgs.yarn ]; From 6a1b45fdb9fab964cecab4c442a6adb8ba0c17e5 Mon Sep 17 00:00:00 2001 From: David Arnold Date: Tue, 7 Jul 2020 16:50:35 -0500 Subject: [PATCH 06/10] chore: unlock kubespy in shell.nix since merge of https://github.com/NixOS/nixpkgs/pull/92197 --- shell.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/shell.nix b/shell.nix index 2d1affbe589..3c1227cedf4 100644 --- a/shell.nix +++ b/shell.nix @@ -10,7 +10,7 @@ pkgs.mkShell { pkgs.kube3d # pkgs.kubebox pkgs.kubectl - # pkgs.kubespy + pkgs.kubespy pkgs.minikube pkgs.minishift pkgs.nodejs From b65c51b183b508eb1cca45a8c7ca78f1c2892b42 Mon Sep 17 00:00:00 2001 From: David Arnold Date: Mon, 17 Aug 2020 20:40:01 -0500 Subject: [PATCH 07/10] chore: reduce nix-shell environment to the bare minimum --- shell.nix | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/shell.nix b/shell.nix index 3c1227cedf4..ced9ead0651 100644 --- a/shell.nix +++ b/shell.nix @@ -1,5 +1,13 @@ +{ + nixpkgs ? builtins.fetchGit { + url = https://github.com/nixos/nixpkgs-channels; + ref = "nixpkgs-unstable"; + rev = "2d6cbbe4627f6fe4a179c681537b0a3e4f59b732"; + } +}: + let - pkgs = import {}; + pkgs = import nixpkgs {config = {}; overlays = [];}; in pkgs.mkShell { buildInputs = [ @@ -8,9 +16,8 @@ pkgs.mkShell { pkgs.go pkgs.just pkgs.kube3d - # pkgs.kubebox pkgs.kubectl - pkgs.kubespy + pkgs.kustomize pkgs.minikube pkgs.minishift pkgs.nodejs From 4c2efd6cf8cb8fd17eacb9cd7bae490335dfdff5 Mon Sep 17 00:00:00 2001 From: David Arnold Date: Mon, 17 Aug 2020 20:41:34 -0500 Subject: [PATCH 08/10] chore: bump nixpkgs channel to the latest revision --- shell.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/shell.nix b/shell.nix index ced9ead0651..ac17664ab90 100644 --- a/shell.nix +++ b/shell.nix @@ -2,7 +2,7 @@ nixpkgs ? builtins.fetchGit { url = https://github.com/nixos/nixpkgs-channels; ref = "nixpkgs-unstable"; - rev = "2d6cbbe4627f6fe4a179c681537b0a3e4f59b732"; + rev = "16fc531784ac226fb268cc59ad573d2746c109c1"; } }: From 90a10449ffbc5ec7bc8524a51cdc91323f05fe73 Mon Sep 17 00:00:00 2001 From: David Arnold Date: Mon, 17 Aug 2020 22:14:52 -0500 Subject: [PATCH 09/10] add: build/deploy support based on kustomize & skaffold --- deploy/bases/Kustomization.yaml | 20 +++ deploy/bases/cr.yaml | 17 +++ deploy/bases/namespace.yaml | 6 + deploy/bases/pvc.yaml | 144 +++++++++++++++++++++ deploy/bases/rbac.yaml | 14 ++ deploy/bases/secrets.yaml | 18 +++ install/operator/deploy/Kustomization.yaml | 13 ++ justfile | 18 +++ skaffold.yaml | 20 +++ 9 files changed, 270 insertions(+) create mode 100644 deploy/bases/Kustomization.yaml create mode 100644 deploy/bases/cr.yaml create mode 100644 deploy/bases/namespace.yaml create mode 100644 deploy/bases/pvc.yaml create mode 100644 deploy/bases/rbac.yaml create mode 100644 deploy/bases/secrets.yaml create mode 100644 install/operator/deploy/Kustomization.yaml create mode 100644 justfile create mode 100644 skaffold.yaml diff --git a/deploy/bases/Kustomization.yaml b/deploy/bases/Kustomization.yaml new file mode 100644 index 00000000000..789de6c1d0e --- /dev/null +++ b/deploy/bases/Kustomization.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +commonLabels: + app: syndesis + syndesis.io/app: syndesis + syndesis.io/type: infrastructure + app.kubernetes.io/name: syndesis + app.kubernetes.io/part-of: syndesis + app.kubernetes.io/version: 1.11.0-20200813 + +resources: + - ../../install/operator/deploy + - ./namespace.yaml + - ./pvc.yaml + - ./rbac.yaml + - ./secrets.yaml + - ./cr.yaml + diff --git a/deploy/bases/cr.yaml b/deploy/bases/cr.yaml new file mode 100644 index 00000000000..2409256b6d1 --- /dev/null +++ b/deploy/bases/cr.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: syndesis.io/v1beta1 +kind: Syndesis +metadata: + name: app +spec: + # + # Route hostname is required for the accessing ingress + # + routeHostname: ${external_host} + components: + oauth: + # + # Secrets are required for oauth authorisation and authentication + # + credentialsSecret: syndesis-oauth-credentials + cryptoCommsSecret: syndesis-oauth-comms diff --git a/deploy/bases/namespace.yaml b/deploy/bases/namespace.yaml new file mode 100644 index 00000000000..5aacb7c8b27 --- /dev/null +++ b/deploy/bases/namespace.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: syndesis + diff --git a/deploy/bases/pvc.yaml b/deploy/bases/pvc.yaml new file mode 100644 index 00000000000..469ea5188f9 --- /dev/null +++ b/deploy/bases/pvc.yaml @@ -0,0 +1,144 @@ +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: syndesis-pv0001 + labels: + type: local +spec: + storageClassName: standard + persistentVolumeReclaimPolicy: Recycle + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/data/pv0001" +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: syndesis-pv0002 + labels: + type: local +spec: + storageClassName: standard + persistentVolumeReclaimPolicy: Recycle + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/data/pv0002" +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: syndesis-pv0003 + labels: + type: local +spec: + storageClassName: standard + persistentVolumeReclaimPolicy: Recycle + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/data/pv0003" +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: syndesis-pv0004 + labels: + type: local +spec: + storageClassName: standard + persistentVolumeReclaimPolicy: Recycle + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/data/pv0004" +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: syndesis-pv0005 + labels: + type: local +spec: + storageClassName: standard + persistentVolumeReclaimPolicy: Recycle + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/data/pv0005" +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: syndesis-pv0006 + labels: + type: local +spec: + storageClassName: standard + persistentVolumeReclaimPolicy: Recycle + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/data/pv0006" +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: syndesis-pv0007 + labels: + type: local +spec: + storageClassName: standard + persistentVolumeReclaimPolicy: Recycle + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/data/pv0007" +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: syndesis-pv0008 + labels: + type: local +spec: + storageClassName: standard + persistentVolumeReclaimPolicy: Recycle + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/data/pv0008" +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: syndesis-pv0009 + labels: + type: local +spec: + storageClassName: standard + persistentVolumeReclaimPolicy: Recycle + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/data/pv0009" diff --git a/deploy/bases/rbac.yaml b/deploy/bases/rbac.yaml new file mode 100644 index 00000000000..3e030037c44 --- /dev/null +++ b/deploy/bases/rbac.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: syndesis-admin + namespace: syndesis +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: admin +subjects: +- apiGroup: rbac.authorization.k8s.io + kind: User + name: developer diff --git a/deploy/bases/secrets.yaml b/deploy/bases/secrets.yaml new file mode 100644 index 00000000000..aca7c05984e --- /dev/null +++ b/deploy/bases/secrets.yaml @@ -0,0 +1,18 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: syndesis-oauth-credentials +stringData: + OAUTH2_PROXY_PROVIDER: "${provider}" + OAUTH2_PROXY_CLIENT_ID: "${client_id}" + OAUTH2_PROXY_CLIENT_SECRET: "${client_secret}" +--- +apiVersion: v1 +kind: Secret +metadata: + name: syndesis-oauth-comms +type: kubernetes.io/tls +data: + tls.key: ${oauth_key} + tls.crt: ${oauth_cert} diff --git a/install/operator/deploy/Kustomization.yaml b/install/operator/deploy/Kustomization.yaml new file mode 100644 index 00000000000..f2637db4a8e --- /dev/null +++ b/install/operator/deploy/Kustomization.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ./crds/syndesis.io_syndeses_crd.yaml + - ./cluster_role.yaml + - ./cluster_role_binding.yaml + - ./role.yaml + - ./role_binding.yaml + - ./service_account.yaml + - ./operator.yaml + diff --git a/justfile b/justfile new file mode 100644 index 00000000000..e912dd7a9e6 --- /dev/null +++ b/justfile @@ -0,0 +1,18 @@ + +# explore k8s api +k8sapi: + kubectl proxy --port=8080 & + xdg-open http://localhost:8080 + +# (re)create dev cluster +k3drecreate: + #!/bin/bash + k3d cluster delete || true + mkdir -p /tmp/k3d/kubelet/pods + # Note: we expose a volume mount of `shared` type to enable the + # Container Storage Interface related functionlity which depends on mount type shared volumes + # So we can do `kubectl alpha debug` and span ephemeral containers for debugging + k3d cluster create --api-port 6550 -p 8081:80@loadbalancer --agents 2 \ + -v /tmp/k3d/kubelet/pods:/var/lib/kubelet/pods:shared \ + --k3s-server-arg '--kube-apiserver-arg=feature-gates=EphemeralContainers=true' + diff --git a/skaffold.yaml b/skaffold.yaml new file mode 100644 index 00000000000..758ccdfe429 --- /dev/null +++ b/skaffold.yaml @@ -0,0 +1,20 @@ +apiVersion: skaffold/v2beta6 +kind: Config +metadata: + name: syndesis +build: + artifacts: + - image: syndesis/syndesis-operator + context: install/operator/build + - image: syndesis/syndesis-meta + context: install/operator/build + - image: syndesis/syndesis-server + context: install/operator/build + - image: syndesis/syndesis-ui + context: install/operator/build +deploy: + kustomize: + paths: + - deploy/bases + kubeContext: k3d-k3s-default + From 395da219ebe166c305ffe43053262930f250f55e Mon Sep 17 00:00:00 2001 From: David Arnold Date: Tue, 18 Aug 2020 00:25:53 -0500 Subject: [PATCH 10/10] wip: skaffold oeprator --- skaffold.yaml | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/skaffold.yaml b/skaffold.yaml index 758ccdfe429..ec2e0a2d30a 100644 --- a/skaffold.yaml +++ b/skaffold.yaml @@ -5,13 +5,15 @@ metadata: build: artifacts: - image: syndesis/syndesis-operator - context: install/operator/build - - image: syndesis/syndesis-meta - context: install/operator/build - - image: syndesis/syndesis-server - context: install/operator/build - - image: syndesis/syndesis-ui - context: install/operator/build + context: install/operator + docker: + dockerfile: build/Dockerfile + # - image: syndesis/syndesis-meta + # context: install/operator/build + # - image: syndesis/syndesis-server + # context: install/operator/build + # - image: syndesis/syndesis-ui + # context: install/operator/build deploy: kustomize: paths: