From 4eb33e9239c64ec9eb9f7f8b28c15514ecc13832 Mon Sep 17 00:00:00 2001 From: wyike <77846369+wangyikewxgm@users.noreply.github.com> Date: Thu, 1 Jul 2021 16:32:01 +0800 Subject: [PATCH] split out oam-spec v0.2 charts (#1842) * WIP disable oam related controller and webhok change velue fix spell error change namespace add e2e for oam-runtime fix charts hack fix e2e definition namespace fix diasble contains list fix e2e-test * disable components handler * fix flaky ac test add every definition in oam-runtime-system namespace * upload ac e2e-test replace files fix upload reports * more wait time --- .github/workflows/e2e-test.yml | 4 +- Makefile | 8 +- apis/generate.go | 2 - charts/oam-runtime/Chart.yaml | 21 + ...ore.oam.dev_applicationconfigurations.yaml | 0 .../crds/core.oam.dev_components.yaml | 0 .../core.oam.dev_containerizedworkloads.yaml | 471 ++++++++++++++++++ .../crds/core.oam.dev_healthscopes.yaml | 179 +++++++ .../crds/core.oam.dev_manualscalertraits.yaml | 106 ++++ .../crds/core.oam.dev_scopedefinitions.yaml | 127 +++++ .../crds/core.oam.dev_traitdefinitions.yaml | 449 +++++++++++++++++ .../core.oam.dev_workloaddefinitions.yaml | 428 ++++++++++++++++ charts/oam-runtime/templates/NOTES.txt | 1 + charts/oam-runtime/templates/_helpers.tpl | 63 +++ .../job-patch/clusterrole.yaml | 28 ++ .../job-patch/clusterrolebinding.yaml | 20 + .../job-patch/job-createSecret.yaml | 50 ++ .../job-patch/job-patchWebhook.yaml | 49 ++ .../admission-webhooks/job-patch/role.yaml | 21 + .../job-patch/rolebinding.yaml | 21 + .../job-patch/serviceaccount.yaml | 13 + .../mutatingWebhookConfiguration.yaml | 67 +++ .../validatingWebhookConfiguration.yaml | 67 +++ .../admission-webhooks/webhookService.yaml | 19 + charts/oam-runtime/templates/certmanager.yaml | 53 ++ .../definitions/containerizedworkloads.yaml | 13 + .../templates/definitions/healthscopes.yaml | 10 + .../templates/oam-runtime-controller.yaml | 176 +++++++ .../templates/test/test-application.yaml | 15 + charts/oam-runtime/values.yaml | 100 ++++ .../standard.oam.dev_podspecworkloads.yaml | 3 + .../mutatingWebhookConfiguration.yaml | 56 ++- .../validatingWebhookConfiguration.yaml | 56 ++- .../templates/kubevela-controller.yaml | 4 +- charts/vela-core/values.yaml | 9 +- cmd/core/main.go | 8 +- hack/crd/cleanup.sh | 2 +- hack/crd/dispatch/dispatch.go | 92 ++++ hack/e2e/end_e2e.sh | 22 + hack/e2e/modify_charts.sh | 7 +- pkg/controller/common/types.go | 6 + .../core.oam.dev/oamruntime_controller.go | 5 +- .../application/application_controller.go | 18 +- .../applicationconfiguration.go | 7 + .../applicationconfiguration/suite_test.go | 4 + .../v1alpha2/applicationcontext/suit_test.go | 2 + pkg/controller/core.oam.dev/v1alpha2/setup.go | 26 +- pkg/controller/setup.go | 25 +- .../podspecworkload_controller.go | 4 +- pkg/controller/utils/utils.go | 4 +- pkg/controller/utils/utils_test.go | 2 +- pkg/webhook/core.oam.dev/register.go | 26 +- test/e2e-test/app_resourcetracker_test.go | 2 +- test/e2e-test/kubernetes_workload_test.go | 9 +- test/e2e-test/suite_test.go | 16 +- .../revision/trait-def-no-revision.yaml | 2 +- .../e2e-test/testdata/revision/trait-def.yaml | 2 +- 57 files changed, 2873 insertions(+), 127 deletions(-) create mode 100644 charts/oam-runtime/Chart.yaml rename charts/{vela-core => oam-runtime}/crds/core.oam.dev_applicationconfigurations.yaml (100%) rename charts/{vela-core => oam-runtime}/crds/core.oam.dev_components.yaml (100%) create mode 100644 charts/oam-runtime/crds/core.oam.dev_containerizedworkloads.yaml create mode 100644 charts/oam-runtime/crds/core.oam.dev_healthscopes.yaml create mode 100644 charts/oam-runtime/crds/core.oam.dev_manualscalertraits.yaml create mode 100644 charts/oam-runtime/crds/core.oam.dev_scopedefinitions.yaml create mode 100644 charts/oam-runtime/crds/core.oam.dev_traitdefinitions.yaml create mode 100644 charts/oam-runtime/crds/core.oam.dev_workloaddefinitions.yaml create mode 100644 charts/oam-runtime/templates/NOTES.txt create mode 100644 charts/oam-runtime/templates/_helpers.tpl create mode 100644 charts/oam-runtime/templates/admission-webhooks/job-patch/clusterrole.yaml create mode 100644 charts/oam-runtime/templates/admission-webhooks/job-patch/clusterrolebinding.yaml create mode 100644 charts/oam-runtime/templates/admission-webhooks/job-patch/job-createSecret.yaml create mode 100644 charts/oam-runtime/templates/admission-webhooks/job-patch/job-patchWebhook.yaml create mode 100644 charts/oam-runtime/templates/admission-webhooks/job-patch/role.yaml create mode 100644 charts/oam-runtime/templates/admission-webhooks/job-patch/rolebinding.yaml create mode 100644 charts/oam-runtime/templates/admission-webhooks/job-patch/serviceaccount.yaml create mode 100644 charts/oam-runtime/templates/admission-webhooks/mutatingWebhookConfiguration.yaml create mode 100644 charts/oam-runtime/templates/admission-webhooks/validatingWebhookConfiguration.yaml create mode 100644 charts/oam-runtime/templates/admission-webhooks/webhookService.yaml create mode 100644 charts/oam-runtime/templates/certmanager.yaml create mode 100644 charts/oam-runtime/templates/definitions/containerizedworkloads.yaml create mode 100644 charts/oam-runtime/templates/definitions/healthscopes.yaml create mode 100644 charts/oam-runtime/templates/oam-runtime-controller.yaml create mode 100644 charts/oam-runtime/templates/test/test-application.yaml create mode 100644 charts/oam-runtime/values.yaml create mode 100644 hack/crd/dispatch/dispatch.go diff --git a/.github/workflows/e2e-test.yml b/.github/workflows/e2e-test.yml index 42eacbca0..2b5274028 100644 --- a/.github/workflows/e2e-test.yml +++ b/.github/workflows/e2e-test.yml @@ -97,12 +97,12 @@ jobs: uses: codecov/codecov-action@v1 with: token: ${{ secrets.CODECOV_TOKEN }} - file: /tmp/e2e-profile.out + files: /tmp/e2e-profile.out,/tmp/oam-e2e-profile.out flags: e2etests name: codecov-umbrella - name: Clean e2e profile - run: rm /tmp/e2e-profile.out + run: rm /tmp/e2e-profile.out /tmp/oam-e2e-profile.out - name: Cleanup image if: ${{ always() }} diff --git a/Makefile b/Makefile index ad6c52348..ad0111e6b 100644 --- a/Makefile +++ b/Makefile @@ -150,6 +150,7 @@ e2e-setup: helm install kruise https://github.com/openkruise/kruise/releases/download/v0.7.0/kruise-chart.tgz sh ./hack/e2e/modify_charts.sh helm upgrade --install --create-namespace --namespace vela-system --set image.pullPolicy=IfNotPresent --set image.repository=vela-core-test --set applicationRevisionLimit=5 --set dependCheckWait=10s --set image.tag=$(GIT_COMMIT) --wait kubevela ./charts/vela-core + helm upgrade --install --create-namespace --namespace oam-runtime-system --set image.pullPolicy=IfNotPresent --set image.repository=vela-core-test --set dependCheckWait=10s --set image.tag=$(GIT_COMMIT) --wait oam-runtime ./charts/oam-runtime ginkgo version ginkgo -v -r e2e/setup kubectl wait --for=condition=Ready pod -l app.kubernetes.io/name=vela-core,app.kubernetes.io/instance=kubevela -n vela-system --timeout=600s @@ -229,9 +230,12 @@ manifests: installcue kustomize go generate $(foreach t,pkg apis,./$(t)/...) # TODO(yangsoon): kustomize will merge all CRD into a whole file, it may not work if we want patch more than one CRD in this way $(KUSTOMIZE) build config/crd -o config/crd/base/core.oam.dev_applications.yaml - mv config/crd/base/* charts/vela-core/crds - ./vela-templates/gen_definitions.sh ./hack/crd/cleanup.sh + go run ./hack/crd/dispatch/dispatch.go config/crd/base charts/vela-core/crds charts/oam-runtime/crds + go run hack/crd/update.go charts/vela-core/crds/standard.oam.dev_podspecworkloads.yaml + rm -f config/crd/base/* + ./vela-templates/gen_definitions.sh + GOLANGCILINT_VERSION ?= v1.31.0 HOSTOS := $(shell uname -s | tr '[:upper:]' '[:lower:]') diff --git a/apis/generate.go b/apis/generate.go index 527f400e9..dbbeef33e 100644 --- a/apis/generate.go +++ b/apis/generate.go @@ -28,8 +28,6 @@ limitations under the License. //go:generate go run -tags generate sigs.k8s.io/controller-tools/cmd/controller-gen object:headerFile=../hack/boilerplate.go.txt paths=./... crd output:artifacts:config=../legacy/charts/vela-core-legacy/crds //go:generate go run ../legacy/convert/main.go ../legacy/charts/vela-core-legacy/crds -//go:generate go run ../hack/crd/update.go ../charts/vela-core/crds/standard.oam.dev_podspecworkloads.yaml - package apis import ( diff --git a/charts/oam-runtime/Chart.yaml b/charts/oam-runtime/Chart.yaml new file mode 100644 index 000000000..809f9deb3 --- /dev/null +++ b/charts/oam-runtime/Chart.yaml @@ -0,0 +1,21 @@ +apiVersion: v2 +name: oam-runtime +description: A Helm chart for oam-runtime aligns with OAM spec v0.2 + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 0.1.0 diff --git a/charts/vela-core/crds/core.oam.dev_applicationconfigurations.yaml b/charts/oam-runtime/crds/core.oam.dev_applicationconfigurations.yaml similarity index 100% rename from charts/vela-core/crds/core.oam.dev_applicationconfigurations.yaml rename to charts/oam-runtime/crds/core.oam.dev_applicationconfigurations.yaml diff --git a/charts/vela-core/crds/core.oam.dev_components.yaml b/charts/oam-runtime/crds/core.oam.dev_components.yaml similarity index 100% rename from charts/vela-core/crds/core.oam.dev_components.yaml rename to charts/oam-runtime/crds/core.oam.dev_components.yaml diff --git a/charts/oam-runtime/crds/core.oam.dev_containerizedworkloads.yaml b/charts/oam-runtime/crds/core.oam.dev_containerizedworkloads.yaml new file mode 100644 index 000000000..cf3f78e14 --- /dev/null +++ b/charts/oam-runtime/crds/core.oam.dev_containerizedworkloads.yaml @@ -0,0 +1,471 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.4 + name: containerizedworkloads.core.oam.dev +spec: + group: core.oam.dev + names: + categories: + - oam + kind: ContainerizedWorkload + listKind: ContainerizedWorkloadList + plural: containerizedworkloads + singular: containerizedworkload + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + description: A ContainerizedWorkload is a workload that runs OCI containers. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: A ContainerizedWorkloadSpec defines the desired state of a ContainerizedWorkload. + properties: + arch: + description: CPUArchitecture required by this workload. + enum: + - i386 + - amd64 + - arm + - arm64 + type: string + containers: + description: Containers of which this workload consists. + items: + description: A Container represents an Open Containers Initiative (OCI) container. + properties: + args: + description: Arguments to be passed to the command run by this container. + items: + type: string + type: array + command: + description: Command to be run by this container. + items: + type: string + type: array + config: + description: ConfigFiles that should be written within this container. + items: + description: A ContainerConfigFile specifies a configuration file that should be written within a container. + properties: + fromSecret: + description: FromSecret is a secret key reference which can be used to assign a value to be written to the configuration file at the given path in the container. + properties: + key: + description: The key to select. + type: string + name: + description: The name of the secret. + type: string + required: + - key + - name + type: object + path: + description: Path within the container at which the configuration file should be written. + type: string + value: + description: Value that should be written to the configuration file. + type: string + required: + - path + type: object + type: array + env: + description: Environment variables that should be set within this container. + items: + description: A ContainerEnvVar specifies an environment variable that should be set within a container. + properties: + fromSecret: + description: FromSecret is a secret key reference which can be used to assign a value to the environment variable. + properties: + key: + description: The key to select. + type: string + name: + description: The name of the secret. + type: string + required: + - key + - name + type: object + name: + description: Name of the environment variable. Must be composed of valid Unicode letter and number characters, as well as _ and -. + pattern: ^[-_a-zA-Z0-9]+$ + type: string + value: + description: Value of the environment variable. + type: string + required: + - name + type: object + type: array + image: + description: Image this container should run. Must be a path-like or URI-like representation of an OCI image. May be prefixed with a registry address and should be suffixed with a tag. + type: string + imagePullSecret: + description: ImagePullSecret specifies the name of a Secret from which the credentials required to pull this container's image can be loaded. + type: string + livenessProbe: + description: A LivenessProbe assesses whether this container is alive. Containers that fail liveness probes will be restarted. + properties: + exec: + description: Exec probes a container's health by executing a command. + properties: + command: + description: Command to be run by this probe. + items: + type: string + type: array + required: + - command + type: object + failureThreshold: + description: FailureThreshold specifies how many consecutive probes must fail in order for the container to be considered healthy. + format: int32 + type: integer + httpGet: + description: HTTPGet probes a container's health by sending an HTTP GET request. + properties: + httpHeaders: + description: HTTPHeaders to send with the GET request. + items: + description: A HTTPHeader to be passed when probing a container. + properties: + name: + description: Name of this HTTP header. Must be unique per probe. + type: string + value: + description: Value of this HTTP header. + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to probe, e.g. '/healthz'. + type: string + port: + description: Port to probe. + format: int32 + type: integer + required: + - path + - port + type: object + initialDelaySeconds: + description: InitialDelaySeconds after a container starts before the first probe. + format: int32 + type: integer + periodSeconds: + description: PeriodSeconds between probes. + format: int32 + type: integer + successThreshold: + description: SuccessThreshold specifies how many consecutive probes must success in order for the container to be considered healthy. + format: int32 + type: integer + tcpSocket: + description: TCPSocketProbe probes a container's health by connecting to a TCP socket. + properties: + port: + description: Port this probe should connect to. + format: int32 + type: integer + required: + - port + type: object + timeoutSeconds: + description: TimeoutSeconds after which the probe times out. + format: int32 + type: integer + type: object + name: + description: Name of this container. Must be unique within its workload. + type: string + ports: + description: Ports exposed by this container. + items: + description: A ContainerPort specifies a port that is exposed by a container. + properties: + containerPort: + description: Port number. Must be unique within its container. + format: int32 + type: integer + name: + description: Name of this port. Must be unique within its container. Must be lowercase alphabetical characters. + pattern: ^[a-z]+$ + type: string + protocol: + description: Protocol used by the server listening on this port. + enum: + - TCP + - UDP + type: string + required: + - containerPort + - name + type: object + type: array + readinessProbe: + description: A ReadinessProbe assesses whether this container is ready to serve requests. Containers that fail readiness probes will be withdrawn from service. + properties: + exec: + description: Exec probes a container's health by executing a command. + properties: + command: + description: Command to be run by this probe. + items: + type: string + type: array + required: + - command + type: object + failureThreshold: + description: FailureThreshold specifies how many consecutive probes must fail in order for the container to be considered healthy. + format: int32 + type: integer + httpGet: + description: HTTPGet probes a container's health by sending an HTTP GET request. + properties: + httpHeaders: + description: HTTPHeaders to send with the GET request. + items: + description: A HTTPHeader to be passed when probing a container. + properties: + name: + description: Name of this HTTP header. Must be unique per probe. + type: string + value: + description: Value of this HTTP header. + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to probe, e.g. '/healthz'. + type: string + port: + description: Port to probe. + format: int32 + type: integer + required: + - path + - port + type: object + initialDelaySeconds: + description: InitialDelaySeconds after a container starts before the first probe. + format: int32 + type: integer + periodSeconds: + description: PeriodSeconds between probes. + format: int32 + type: integer + successThreshold: + description: SuccessThreshold specifies how many consecutive probes must success in order for the container to be considered healthy. + format: int32 + type: integer + tcpSocket: + description: TCPSocketProbe probes a container's health by connecting to a TCP socket. + properties: + port: + description: Port this probe should connect to. + format: int32 + type: integer + required: + - port + type: object + timeoutSeconds: + description: TimeoutSeconds after which the probe times out. + format: int32 + type: integer + type: object + resources: + description: Resources required by this container + properties: + cpu: + description: CPU required by this container. + properties: + required: + description: Required CPU count. 1.0 represents one CPU core. + type: string + required: + - required + type: object + extended: + description: Extended resources required by this container. + items: + description: ExtendedResource required by a container. + properties: + name: + description: Name of the external resource. Resource names are specified in kind.group/version format, e.g. motionsensor.ext.example.com/v1. + type: string + required: + anyOf: + - type: integer + - type: string + description: Required extended resource(s), e.g. 8 or "very-cool-widget" + x-kubernetes-int-or-string: true + required: + - name + - required + type: object + type: array + gpu: + description: GPU required by this container. + properties: + required: + description: Required GPU count. + type: string + required: + - required + type: object + memory: + description: Memory required by this container. + properties: + required: + description: Required memory. + type: string + required: + - required + type: object + volumes: + description: Volumes required by this container. + items: + description: VolumeResource required by a container. + properties: + accessMode: + description: AccessMode of this volume; RO (read only) or RW (read and write). + enum: + - RO + - RW + type: string + disk: + description: Disk requirements of this volume. + properties: + ephemeral: + description: Ephemeral specifies whether an external disk needs to be mounted. + type: boolean + required: + description: Required disk space. + type: string + required: + - required + type: object + mountPath: + description: MountPath at which this volume will be mounted within its container. + type: string + name: + description: Name of this volume. Must be unique within its container. + type: string + sharingPolicy: + description: SharingPolicy of this volume; Exclusive or Shared. + enum: + - Exclusive + - Shared + type: string + required: + - mountPath + - name + type: object + type: array + required: + - cpu + - memory + type: object + required: + - image + - name + type: object + type: array + osType: + description: OperatingSystem required by this workload. + enum: + - linux + - windows + type: string + required: + - containers + type: object + status: + description: A ContainerizedWorkloadStatus represents the observed state of a ContainerizedWorkload. + properties: + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: LastTransitionTime is the last time this condition transitioned from one status to another. + format: date-time + type: string + message: + description: A Message containing details about this condition's last transition from one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from one status to another. + type: string + status: + description: Status of this condition; is it currently True, False, or Unknown? + type: string + type: + description: Type of this condition. At most one of each condition type may apply to a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + resources: + description: Resources managed by this containerised workload. + items: + description: A TypedReference refers to an object by Name, Kind, and APIVersion. It is commonly used to reference cluster-scoped objects or objects where the namespace is already known. + properties: + apiVersion: + description: APIVersion of the referenced object. + type: string + kind: + description: Kind of the referenced object. + type: string + name: + description: Name of the referenced object. + type: string + uid: + description: UID of the referenced object. + type: string + required: + - apiVersion + - kind + - name + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/oam-runtime/crds/core.oam.dev_healthscopes.yaml b/charts/oam-runtime/crds/core.oam.dev_healthscopes.yaml new file mode 100644 index 000000000..65e6007dd --- /dev/null +++ b/charts/oam-runtime/crds/core.oam.dev_healthscopes.yaml @@ -0,0 +1,179 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.4 + name: healthscopes.core.oam.dev +spec: + group: core.oam.dev + names: + categories: + - oam + kind: HealthScope + listKind: HealthScopeList + plural: healthscopes + singular: healthscope + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.health + name: HEALTH + type: string + name: v1alpha2 + schema: + openAPIV3Schema: + description: A HealthScope determines an aggregate health status based of the health of components. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: A HealthScopeSpec defines the desired state of a HealthScope. + properties: + probe-interval: + description: ProbeInterval is the amount of time in seconds between probing tries. + format: int32 + type: integer + probe-timeout: + description: ProbeTimeout is the amount of time in seconds to wait when receiving a response before marked failure. + format: int32 + type: integer + workloadRefs: + description: WorkloadReferences to the workloads that are in this scope. + items: + description: A TypedReference refers to an object by Name, Kind, and APIVersion. It is commonly used to reference cluster-scoped objects or objects where the namespace is already known. + properties: + apiVersion: + description: APIVersion of the referenced object. + type: string + kind: + description: Kind of the referenced object. + type: string + name: + description: Name of the referenced object. + type: string + uid: + description: UID of the referenced object. + type: string + required: + - apiVersion + - kind + - name + type: object + type: array + required: + - workloadRefs + type: object + status: + description: A HealthScopeStatus represents the observed state of a HealthScope. + properties: + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: LastTransitionTime is the last time this condition transitioned from one status to another. + format: date-time + type: string + message: + description: A Message containing details about this condition's last transition from one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from one status to another. + type: string + status: + description: Status of this condition; is it currently True, False, or Unknown? + type: string + type: + description: Type of this condition. At most one of each condition type may apply to a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + healthConditions: + description: WorkloadHealthConditions represents health condition of workloads in the scope + items: + description: WorkloadHealthCondition represents informative health condition. + properties: + componentName: + description: ComponentName represents the component name if target is a workload + type: string + diagnosis: + type: string + healthStatus: + description: HealthStatus represents health status strings. + type: string + targetWorkload: + description: A TypedReference refers to an object by Name, Kind, and APIVersion. It is commonly used to reference cluster-scoped objects or objects where the namespace is already known. + properties: + apiVersion: + description: APIVersion of the referenced object. + type: string + kind: + description: Kind of the referenced object. + type: string + name: + description: Name of the referenced object. + type: string + uid: + description: UID of the referenced object. + type: string + required: + - apiVersion + - kind + - name + type: object + workloadStatus: + description: WorkloadStatus represents status of workloads whose HealthStatus is UNKNOWN. + type: string + required: + - healthStatus + type: object + type: array + scopeHealthCondition: + description: ScopeHealthCondition represents health condition summary of the scope + properties: + healthStatus: + description: HealthStatus represents health status strings. + type: string + healthyWorkloads: + format: int64 + type: integer + total: + format: int64 + type: integer + unhealthyWorkloads: + format: int64 + type: integer + unknownWorkloads: + format: int64 + type: integer + required: + - healthStatus + type: object + required: + - scopeHealthCondition + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/oam-runtime/crds/core.oam.dev_manualscalertraits.yaml b/charts/oam-runtime/crds/core.oam.dev_manualscalertraits.yaml new file mode 100644 index 000000000..6ab29c76d --- /dev/null +++ b/charts/oam-runtime/crds/core.oam.dev_manualscalertraits.yaml @@ -0,0 +1,106 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.4 + name: manualscalertraits.core.oam.dev +spec: + group: core.oam.dev + names: + categories: + - oam + kind: ManualScalerTrait + listKind: ManualScalerTraitList + plural: manualscalertraits + singular: manualscalertrait + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + description: A ManualScalerTrait determines how many replicas a workload should have. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: A ManualScalerTraitSpec defines the desired state of a ManualScalerTrait. + properties: + replicaCount: + description: ReplicaCount of the workload this trait applies to. + format: int32 + type: integer + workloadRef: + description: WorkloadReference to the workload this trait applies to. + properties: + apiVersion: + description: APIVersion of the referenced object. + type: string + kind: + description: Kind of the referenced object. + type: string + name: + description: Name of the referenced object. + type: string + uid: + description: UID of the referenced object. + type: string + required: + - apiVersion + - kind + - name + type: object + required: + - replicaCount + - workloadRef + type: object + status: + description: A ManualScalerTraitStatus represents the observed state of a ManualScalerTrait. + properties: + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: LastTransitionTime is the last time this condition transitioned from one status to another. + format: date-time + type: string + message: + description: A Message containing details about this condition's last transition from one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from one status to another. + type: string + status: + description: Status of this condition; is it currently True, False, or Unknown? + type: string + type: + description: Type of this condition. At most one of each condition type may apply to a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/oam-runtime/crds/core.oam.dev_scopedefinitions.yaml b/charts/oam-runtime/crds/core.oam.dev_scopedefinitions.yaml new file mode 100644 index 000000000..1e5ab38b7 --- /dev/null +++ b/charts/oam-runtime/crds/core.oam.dev_scopedefinitions.yaml @@ -0,0 +1,127 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.4 + name: scopedefinitions.core.oam.dev +spec: + group: core.oam.dev + names: + categories: + - oam + kind: ScopeDefinition + listKind: ScopeDefinitionList + plural: scopedefinitions + shortNames: + - scope + singular: scopedefinition + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.definitionRef.name + name: DEFINITION-NAME + type: string + name: v1alpha2 + schema: + openAPIV3Schema: + description: A ScopeDefinition registers a kind of Kubernetes custom resource as a valid OAM scope kind by referencing its CustomResourceDefinition. The CRD is used to validate the schema of the scope when it is embedded in an OAM ApplicationConfiguration. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: A ScopeDefinitionSpec defines the desired state of a ScopeDefinition. + properties: + allowComponentOverlap: + description: AllowComponentOverlap specifies whether an OAM component may exist in multiple instances of this kind of scope. + type: boolean + definitionRef: + description: Reference to the CustomResourceDefinition that defines this scope kind. + properties: + name: + description: Name of the referenced CustomResourceDefinition. + type: string + version: + description: Version indicate which version should be used if CRD has multiple versions by default it will use the first one if not specified + type: string + required: + - name + type: object + extension: + description: Extension is used for extension needs by OAM platform builders + type: object + x-kubernetes-preserve-unknown-fields: true + workloadRefsPath: + description: WorkloadRefsPath indicates if/where a scope accepts workloadRef objects + type: string + required: + - allowComponentOverlap + - definitionRef + type: object + type: object + served: true + storage: false + subresources: {} + - additionalPrinterColumns: + - jsonPath: .spec.definitionRef.name + name: DEFINITION-NAME + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: A ScopeDefinition registers a kind of Kubernetes custom resource as a valid OAM scope kind by referencing its CustomResourceDefinition. The CRD is used to validate the schema of the scope when it is embedded in an OAM ApplicationConfiguration. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: A ScopeDefinitionSpec defines the desired state of a ScopeDefinition. + properties: + allowComponentOverlap: + description: AllowComponentOverlap specifies whether an OAM component may exist in multiple instances of this kind of scope. + type: boolean + definitionRef: + description: Reference to the CustomResourceDefinition that defines this scope kind. + properties: + name: + description: Name of the referenced CustomResourceDefinition. + type: string + version: + description: Version indicate which version should be used if CRD has multiple versions by default it will use the first one if not specified + type: string + required: + - name + type: object + extension: + description: Extension is used for extension needs by OAM platform builders + type: object + x-kubernetes-preserve-unknown-fields: true + workloadRefsPath: + description: WorkloadRefsPath indicates if/where a scope accepts workloadRef objects + type: string + required: + - allowComponentOverlap + - definitionRef + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/oam-runtime/crds/core.oam.dev_traitdefinitions.yaml b/charts/oam-runtime/crds/core.oam.dev_traitdefinitions.yaml new file mode 100644 index 000000000..fa4315f85 --- /dev/null +++ b/charts/oam-runtime/crds/core.oam.dev_traitdefinitions.yaml @@ -0,0 +1,449 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.4 + name: traitdefinitions.core.oam.dev +spec: + group: core.oam.dev + names: + categories: + - oam + kind: TraitDefinition + listKind: TraitDefinitionList + plural: traitdefinitions + shortNames: + - trait + singular: traitdefinition + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.appliesToWorkloads + name: APPLIES-TO + type: string + - jsonPath: .metadata.annotations.definition\.oam\.dev/description + name: DESCRIPTION + type: string + name: v1alpha2 + schema: + openAPIV3Schema: + description: A TraitDefinition registers a kind of Kubernetes custom resource as a valid OAM trait kind by referencing its CustomResourceDefinition. The CRD is used to validate the schema of the trait when it is embedded in an OAM ApplicationConfiguration. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: A TraitDefinitionSpec defines the desired state of a TraitDefinition. + properties: + appliesToWorkloads: + description: AppliesToWorkloads specifies the list of workload kinds this trait applies to. Workload kinds are specified in kind.group/version format, e.g. server.core.oam.dev/v1alpha2. Traits that omit this field apply to all workload kinds. + items: + type: string + type: array + conflictsWith: + description: 'ConflictsWith specifies the list of traits(CRD name, Definition name, CRD group) which could not apply to the same workloads with this trait. Traits that omit this field can work with any other traits. Example rules: "service" # Trait definition name "services.k8s.io" # API resource/crd name "*.networking.k8s.io" # API group "labelSelector:foo=bar" # label selector labelSelector format: https://pkg.go.dev/k8s.io/apimachinery/pkg/labels#Parse' + items: + type: string + type: array + definitionRef: + description: Reference to the CustomResourceDefinition that defines this trait kind. + properties: + name: + description: Name of the referenced CustomResourceDefinition. + type: string + version: + description: Version indicate which version should be used if CRD has multiple versions by default it will use the first one if not specified + type: string + required: + - name + type: object + extension: + description: Extension is used for extension needs by OAM platform builders + type: object + x-kubernetes-preserve-unknown-fields: true + podDisruptive: + description: PodDisruptive specifies whether using the trait will cause the pod to restart or not. + type: boolean + revisionEnabled: + description: Revision indicates whether a trait is aware of component revision + type: boolean + schematic: + description: Schematic defines the data format and template of the encapsulation of the trait + properties: + cue: + description: CUE defines the encapsulation in CUE format + properties: + template: + description: Template defines the abstraction template data of the capability, it will replace the old CUE template in extension field. Template is a required field if CUE is defined in Capability Definition. + type: string + required: + - template + type: object + helm: + description: A Helm represents resources used by a Helm module + properties: + release: + description: Release records a Helm release used by a Helm module workload. + type: object + x-kubernetes-preserve-unknown-fields: true + repository: + description: HelmRelease records a Helm repository used by a Helm module workload. + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - release + - repository + type: object + kube: + description: Kube defines the encapsulation in raw Kubernetes resource format + properties: + parameters: + description: Parameters defines configurable parameters + items: + description: A KubeParameter defines a configurable parameter of a component. + properties: + description: + description: Description of this parameter. + type: string + fieldPaths: + description: "FieldPaths specifies an array of fields within this workload that will be overwritten by the value of this parameter. \tAll fields must be of the same type. Fields are specified as JSON field paths without a leading dot, for example 'spec.replicas'." + items: + type: string + type: array + name: + description: Name of this parameter + type: string + required: + default: false + description: Required specifies whether or not a value for this parameter must be supplied when authoring an Application. + type: boolean + type: + description: 'ValueType indicates the type of the parameter value, and only supports basic data types: string, number, boolean.' + enum: + - string + - number + - boolean + type: string + required: + - fieldPaths + - name + - type + type: object + type: array + template: + description: Template defines the raw Kubernetes resource + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - template + type: object + terraform: + description: Terraform is the struct to describe cloud resources managed by Hashicorp Terraform + properties: + configuration: + description: Configuration is Terraform Configuration + type: string + type: + default: hcl + description: Type specifies which Terraform configuration it is, HCL or JSON syntax + enum: + - hcl + - json + type: string + required: + - configuration + type: object + type: object + status: + description: Status defines the custom health policy and status message for trait + properties: + customStatus: + description: CustomStatus defines the custom status message that could display to user + type: string + healthPolicy: + description: HealthPolicy defines the health check policy for the abstraction + type: string + type: object + workloadRefPath: + description: WorkloadRefPath indicates where/if a trait accepts a workloadRef object + type: string + type: object + status: + description: TraitDefinitionStatus is the status of TraitDefinition + properties: + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: LastTransitionTime is the last time this condition transitioned from one status to another. + format: date-time + type: string + message: + description: A Message containing details about this condition's last transition from one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from one status to another. + type: string + status: + description: Status of this condition; is it currently True, False, or Unknown? + type: string + type: + description: Type of this condition. At most one of each condition type may apply to a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + configMapRef: + description: ConfigMapRef refer to a ConfigMap which contains OpenAPI V3 JSON schema of Component parameters. + type: string + latestRevision: + description: LatestRevision of the trait definition + properties: + name: + type: string + revision: + format: int64 + type: integer + revisionHash: + description: RevisionHash record the hash value of the spec of ApplicationRevision object. + type: string + required: + - name + - revision + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.appliesToWorkloads + name: APPLIES-TO + type: string + - jsonPath: .metadata.annotations.definition\.oam\.dev/description + name: DESCRIPTION + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: A TraitDefinition registers a kind of Kubernetes custom resource as a valid OAM trait kind by referencing its CustomResourceDefinition. The CRD is used to validate the schema of the trait when it is embedded in an OAM ApplicationConfiguration. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: A TraitDefinitionSpec defines the desired state of a TraitDefinition. + properties: + appliesToWorkloads: + description: AppliesToWorkloads specifies the list of workload kinds this trait applies to. Workload kinds are specified in kind.group/version format, e.g. server.core.oam.dev/v1alpha2. Traits that omit this field apply to all workload kinds. + items: + type: string + type: array + conflictsWith: + description: 'ConflictsWith specifies the list of traits(CRD name, Definition name, CRD group) which could not apply to the same workloads with this trait. Traits that omit this field can work with any other traits. Example rules: "service" # Trait definition name "services.k8s.io" # API resource/crd name "*.networking.k8s.io" # API group "labelSelector:foo=bar" # label selector labelSelector format: https://pkg.go.dev/k8s.io/apimachinery/pkg/labels#Parse' + items: + type: string + type: array + definitionRef: + description: Reference to the CustomResourceDefinition that defines this trait kind. + properties: + name: + description: Name of the referenced CustomResourceDefinition. + type: string + version: + description: Version indicate which version should be used if CRD has multiple versions by default it will use the first one if not specified + type: string + required: + - name + type: object + extension: + description: Extension is used for extension needs by OAM platform builders + type: object + x-kubernetes-preserve-unknown-fields: true + podDisruptive: + description: PodDisruptive specifies whether using the trait will cause the pod to restart or not. + type: boolean + revisionEnabled: + description: Revision indicates whether a trait is aware of component revision + type: boolean + schematic: + description: Schematic defines the data format and template of the encapsulation of the trait + properties: + cue: + description: CUE defines the encapsulation in CUE format + properties: + template: + description: Template defines the abstraction template data of the capability, it will replace the old CUE template in extension field. Template is a required field if CUE is defined in Capability Definition. + type: string + required: + - template + type: object + helm: + description: A Helm represents resources used by a Helm module + properties: + release: + description: Release records a Helm release used by a Helm module workload. + type: object + x-kubernetes-preserve-unknown-fields: true + repository: + description: HelmRelease records a Helm repository used by a Helm module workload. + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - release + - repository + type: object + kube: + description: Kube defines the encapsulation in raw Kubernetes resource format + properties: + parameters: + description: Parameters defines configurable parameters + items: + description: A KubeParameter defines a configurable parameter of a component. + properties: + description: + description: Description of this parameter. + type: string + fieldPaths: + description: "FieldPaths specifies an array of fields within this workload that will be overwritten by the value of this parameter. \tAll fields must be of the same type. Fields are specified as JSON field paths without a leading dot, for example 'spec.replicas'." + items: + type: string + type: array + name: + description: Name of this parameter + type: string + required: + default: false + description: Required specifies whether or not a value for this parameter must be supplied when authoring an Application. + type: boolean + type: + description: 'ValueType indicates the type of the parameter value, and only supports basic data types: string, number, boolean.' + enum: + - string + - number + - boolean + type: string + required: + - fieldPaths + - name + - type + type: object + type: array + template: + description: Template defines the raw Kubernetes resource + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - template + type: object + terraform: + description: Terraform is the struct to describe cloud resources managed by Hashicorp Terraform + properties: + configuration: + description: Configuration is Terraform Configuration + type: string + type: + default: hcl + description: Type specifies which Terraform configuration it is, HCL or JSON syntax + enum: + - hcl + - json + type: string + required: + - configuration + type: object + type: object + status: + description: Status defines the custom health policy and status message for trait + properties: + customStatus: + description: CustomStatus defines the custom status message that could display to user + type: string + healthPolicy: + description: HealthPolicy defines the health check policy for the abstraction + type: string + type: object + workloadRefPath: + description: WorkloadRefPath indicates where/if a trait accepts a workloadRef object + type: string + type: object + status: + description: TraitDefinitionStatus is the status of TraitDefinition + properties: + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: LastTransitionTime is the last time this condition transitioned from one status to another. + format: date-time + type: string + message: + description: A Message containing details about this condition's last transition from one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from one status to another. + type: string + status: + description: Status of this condition; is it currently True, False, or Unknown? + type: string + type: + description: Type of this condition. At most one of each condition type may apply to a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + configMapRef: + description: ConfigMapRef refer to a ConfigMap which contains OpenAPI V3 JSON schema of Component parameters. + type: string + latestRevision: + description: LatestRevision of the component definition + properties: + name: + type: string + revision: + format: int64 + type: integer + revisionHash: + description: RevisionHash record the hash value of the spec of ApplicationRevision object. + type: string + required: + - name + - revision + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/oam-runtime/crds/core.oam.dev_workloaddefinitions.yaml b/charts/oam-runtime/crds/core.oam.dev_workloaddefinitions.yaml new file mode 100644 index 000000000..b13246a84 --- /dev/null +++ b/charts/oam-runtime/crds/core.oam.dev_workloaddefinitions.yaml @@ -0,0 +1,428 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.4 + name: workloaddefinitions.core.oam.dev +spec: + group: core.oam.dev + names: + categories: + - oam + kind: WorkloadDefinition + listKind: WorkloadDefinitionList + plural: workloaddefinitions + shortNames: + - workload + singular: workloaddefinition + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.definitionRef.name + name: DEFINITION-NAME + type: string + name: v1alpha2 + schema: + openAPIV3Schema: + description: A WorkloadDefinition registers a kind of Kubernetes custom resource as a valid OAM workload kind by referencing its CustomResourceDefinition. The CRD is used to validate the schema of the workload when it is embedded in an OAM Component. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: A WorkloadDefinitionSpec defines the desired state of a WorkloadDefinition. + properties: + childResourceKinds: + description: ChildResourceKinds are the list of GVK of the child resources this workload generates + items: + description: A ChildResourceKind defines a child Kubernetes resource kind with a selector + properties: + apiVersion: + description: APIVersion of the child resource + type: string + kind: + description: Kind of the child resource + type: string + selector: + additionalProperties: + type: string + description: Selector to select the child resources that the workload wants to expose to traits + type: object + required: + - apiVersion + - kind + type: object + type: array + definitionRef: + description: Reference to the CustomResourceDefinition that defines this workload kind. + properties: + name: + description: Name of the referenced CustomResourceDefinition. + type: string + version: + description: Version indicate which version should be used if CRD has multiple versions by default it will use the first one if not specified + type: string + required: + - name + type: object + extension: + description: Extension is used for extension needs by OAM platform builders + type: object + x-kubernetes-preserve-unknown-fields: true + podSpecPath: + description: PodSpecPath indicates where/if this workload has K8s podSpec field if one workload has podSpec, trait can do lot's of assumption such as port, env, volume fields. + type: string + revisionLabel: + description: RevisionLabel indicates which label for underlying resources(e.g. pods) of this workload can be used by trait to create resource selectors(e.g. label selector for pods). + type: string + schematic: + description: Schematic defines the data format and template of the encapsulation of the workload + properties: + cue: + description: CUE defines the encapsulation in CUE format + properties: + template: + description: Template defines the abstraction template data of the capability, it will replace the old CUE template in extension field. Template is a required field if CUE is defined in Capability Definition. + type: string + required: + - template + type: object + helm: + description: A Helm represents resources used by a Helm module + properties: + release: + description: Release records a Helm release used by a Helm module workload. + type: object + x-kubernetes-preserve-unknown-fields: true + repository: + description: HelmRelease records a Helm repository used by a Helm module workload. + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - release + - repository + type: object + kube: + description: Kube defines the encapsulation in raw Kubernetes resource format + properties: + parameters: + description: Parameters defines configurable parameters + items: + description: A KubeParameter defines a configurable parameter of a component. + properties: + description: + description: Description of this parameter. + type: string + fieldPaths: + description: "FieldPaths specifies an array of fields within this workload that will be overwritten by the value of this parameter. \tAll fields must be of the same type. Fields are specified as JSON field paths without a leading dot, for example 'spec.replicas'." + items: + type: string + type: array + name: + description: Name of this parameter + type: string + required: + default: false + description: Required specifies whether or not a value for this parameter must be supplied when authoring an Application. + type: boolean + type: + description: 'ValueType indicates the type of the parameter value, and only supports basic data types: string, number, boolean.' + enum: + - string + - number + - boolean + type: string + required: + - fieldPaths + - name + - type + type: object + type: array + template: + description: Template defines the raw Kubernetes resource + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - template + type: object + terraform: + description: Terraform is the struct to describe cloud resources managed by Hashicorp Terraform + properties: + configuration: + description: Configuration is Terraform Configuration + type: string + type: + default: hcl + description: Type specifies which Terraform configuration it is, HCL or JSON syntax + enum: + - hcl + - json + type: string + required: + - configuration + type: object + type: object + status: + description: Status defines the custom health policy and status message for workload + properties: + customStatus: + description: CustomStatus defines the custom status message that could display to user + type: string + healthPolicy: + description: HealthPolicy defines the health check policy for the abstraction + type: string + type: object + required: + - definitionRef + type: object + status: + description: WorkloadDefinitionStatus is the status of WorkloadDefinition + properties: + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: LastTransitionTime is the last time this condition transitioned from one status to another. + format: date-time + type: string + message: + description: A Message containing details about this condition's last transition from one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from one status to another. + type: string + status: + description: Status of this condition; is it currently True, False, or Unknown? + type: string + type: + description: Type of this condition. At most one of each condition type may apply to a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: false + subresources: {} + - additionalPrinterColumns: + - jsonPath: .spec.definitionRef.name + name: DEFINITION-NAME + type: string + - jsonPath: .metadata.annotations.definition\.oam\.dev/description + name: DESCRIPTION + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: A WorkloadDefinition registers a kind of Kubernetes custom resource as a valid OAM workload kind by referencing its CustomResourceDefinition. The CRD is used to validate the schema of the workload when it is embedded in an OAM Component. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: A WorkloadDefinitionSpec defines the desired state of a WorkloadDefinition. + properties: + childResourceKinds: + description: ChildResourceKinds are the list of GVK of the child resources this workload generates + items: + description: A ChildResourceKind defines a child Kubernetes resource kind with a selector + properties: + apiVersion: + description: APIVersion of the child resource + type: string + kind: + description: Kind of the child resource + type: string + selector: + additionalProperties: + type: string + description: Selector to select the child resources that the workload wants to expose to traits + type: object + required: + - apiVersion + - kind + type: object + type: array + definitionRef: + description: Reference to the CustomResourceDefinition that defines this workload kind. + properties: + name: + description: Name of the referenced CustomResourceDefinition. + type: string + version: + description: Version indicate which version should be used if CRD has multiple versions by default it will use the first one if not specified + type: string + required: + - name + type: object + extension: + description: Extension is used for extension needs by OAM platform builders + type: object + x-kubernetes-preserve-unknown-fields: true + podSpecPath: + description: PodSpecPath indicates where/if this workload has K8s podSpec field if one workload has podSpec, trait can do lot's of assumption such as port, env, volume fields. + type: string + revisionLabel: + description: RevisionLabel indicates which label for underlying resources(e.g. pods) of this workload can be used by trait to create resource selectors(e.g. label selector for pods). + type: string + schematic: + description: Schematic defines the data format and template of the encapsulation of the workload + properties: + cue: + description: CUE defines the encapsulation in CUE format + properties: + template: + description: Template defines the abstraction template data of the capability, it will replace the old CUE template in extension field. Template is a required field if CUE is defined in Capability Definition. + type: string + required: + - template + type: object + helm: + description: A Helm represents resources used by a Helm module + properties: + release: + description: Release records a Helm release used by a Helm module workload. + type: object + x-kubernetes-preserve-unknown-fields: true + repository: + description: HelmRelease records a Helm repository used by a Helm module workload. + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - release + - repository + type: object + kube: + description: Kube defines the encapsulation in raw Kubernetes resource format + properties: + parameters: + description: Parameters defines configurable parameters + items: + description: A KubeParameter defines a configurable parameter of a component. + properties: + description: + description: Description of this parameter. + type: string + fieldPaths: + description: "FieldPaths specifies an array of fields within this workload that will be overwritten by the value of this parameter. \tAll fields must be of the same type. Fields are specified as JSON field paths without a leading dot, for example 'spec.replicas'." + items: + type: string + type: array + name: + description: Name of this parameter + type: string + required: + default: false + description: Required specifies whether or not a value for this parameter must be supplied when authoring an Application. + type: boolean + type: + description: 'ValueType indicates the type of the parameter value, and only supports basic data types: string, number, boolean.' + enum: + - string + - number + - boolean + type: string + required: + - fieldPaths + - name + - type + type: object + type: array + template: + description: Template defines the raw Kubernetes resource + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - template + type: object + terraform: + description: Terraform is the struct to describe cloud resources managed by Hashicorp Terraform + properties: + configuration: + description: Configuration is Terraform Configuration + type: string + type: + default: hcl + description: Type specifies which Terraform configuration it is, HCL or JSON syntax + enum: + - hcl + - json + type: string + required: + - configuration + type: object + type: object + status: + description: Status defines the custom health policy and status message for workload + properties: + customStatus: + description: CustomStatus defines the custom status message that could display to user + type: string + healthPolicy: + description: HealthPolicy defines the health check policy for the abstraction + type: string + type: object + required: + - definitionRef + type: object + status: + description: WorkloadDefinitionStatus is the status of WorkloadDefinition + properties: + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: LastTransitionTime is the last time this condition transitioned from one status to another. + format: date-time + type: string + message: + description: A Message containing details about this condition's last transition from one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from one status to another. + type: string + status: + description: Status of this condition; is it currently True, False, or Unknown? + type: string + type: + description: Type of this condition. At most one of each condition type may apply to a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/oam-runtime/templates/NOTES.txt b/charts/oam-runtime/templates/NOTES.txt new file mode 100644 index 000000000..46fc786e0 --- /dev/null +++ b/charts/oam-runtime/templates/NOTES.txt @@ -0,0 +1 @@ +Welcome to use the oam-runtime follows OAM spec v0.2! Enjoy your shipping application journey! \ No newline at end of file diff --git a/charts/oam-runtime/templates/_helpers.tpl b/charts/oam-runtime/templates/_helpers.tpl new file mode 100644 index 000000000..18989e7a3 --- /dev/null +++ b/charts/oam-runtime/templates/_helpers.tpl @@ -0,0 +1,63 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "oam-runtime.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "oam-runtime.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "oam-runtime.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "oam-runtime.labels" -}} +helm.sh/chart: {{ include "oam-runtime.chart" . }} +{{ include "oam-runtime.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "oam-runtime.selectorLabels" -}} +app.kubernetes.io/name: {{ include "oam-runtime.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "oam-runtime.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "oam-runtime.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/charts/oam-runtime/templates/admission-webhooks/job-patch/clusterrole.yaml b/charts/oam-runtime/templates/admission-webhooks/job-patch/clusterrole.yaml new file mode 100644 index 000000000..1847f905d --- /dev/null +++ b/charts/oam-runtime/templates/admission-webhooks/job-patch/clusterrole.yaml @@ -0,0 +1,28 @@ +{{- if and .Values.admissionWebhooks.enabled .Values.admissionWebhooks.patch.enabled .Values.rbac.create (not .Values.admissionWebhooks.certManager.enabled) }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "oam-runtime.fullname" . }}-admission + annotations: + "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: + app: {{ template "oam-runtime.name" . }}-admission + {{- include "oam-runtime.labels" . | nindent 4 }} +rules: + - apiGroups: + - admissionregistration.k8s.io + resources: + - validatingwebhookconfigurations + - mutatingwebhookconfigurations + verbs: + - get + - update + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - update +{{- end }} diff --git a/charts/oam-runtime/templates/admission-webhooks/job-patch/clusterrolebinding.yaml b/charts/oam-runtime/templates/admission-webhooks/job-patch/clusterrolebinding.yaml new file mode 100644 index 000000000..7c9b11ded --- /dev/null +++ b/charts/oam-runtime/templates/admission-webhooks/job-patch/clusterrolebinding.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.admissionWebhooks.enabled .Values.admissionWebhooks.patch.enabled .Values.rbac.create (not .Values.admissionWebhooks.certManager.enabled) }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "oam-runtime.fullname" . }}-admission + annotations: + "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: + app: {{ template "oam-runtime.name" . }}-admission + {{- include "oam-runtime.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "oam-runtime.fullname" . }}-admission +subjects: + - kind: ServiceAccount + name: {{ template "oam-runtime.fullname" . }}-admission + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/oam-runtime/templates/admission-webhooks/job-patch/job-createSecret.yaml b/charts/oam-runtime/templates/admission-webhooks/job-patch/job-createSecret.yaml new file mode 100644 index 000000000..de15dbf2d --- /dev/null +++ b/charts/oam-runtime/templates/admission-webhooks/job-patch/job-createSecret.yaml @@ -0,0 +1,50 @@ +{{- if and .Values.admissionWebhooks.enabled .Values.admissionWebhooks.patch.enabled (not .Values.admissionWebhooks.certManager.enabled) }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "oam-runtime.fullname" . }}-admission-create + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: + app: {{ template "oam-runtime.name" . }}-admission-create + {{- include "oam-runtime.labels" . | nindent 4 }} +spec: + {{- if .Capabilities.APIVersions.Has "batch/v1alpha1" }} + # Alpha feature since k8s 1.12 + ttlSecondsAfterFinished: 0 + {{- end }} + template: + metadata: + name: {{ template "oam-runtime.fullname" . }}-admission-create + labels: + app: {{ template "oam-runtime.name" . }}-admission-create + {{- include "oam-runtime.labels" . | nindent 8 }} + spec: + containers: + - name: create + image: {{ .Values.admissionWebhooks.patch.image.repository }}:{{ .Values.admissionWebhooks.patch.image.tag }} + imagePullPolicy: {{ .Values.admissionWebhooks.patch.image.pullPolicy }} + args: + - create + - --host={{ template "oam-runtime.name" . }}-webhook,{{ template "oam-runtime.name" . }}-webhook.{{ .Release.Namespace }}.svc + - --namespace={{ .Release.Namespace }} + - --secret-name={{ template "oam-runtime.fullname" . }}-admission + - --key-name=tls.key + - --cert-name=tls.crt + restartPolicy: OnFailure + serviceAccountName: {{ template "oam-runtime.fullname" . }}-admission + {{- with .Values.admissionWebhooks.patch.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.admissionWebhooks.patch.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + securityContext: + runAsGroup: 2000 + runAsNonRoot: true + runAsUser: 2000 +{{- end }} diff --git a/charts/oam-runtime/templates/admission-webhooks/job-patch/job-patchWebhook.yaml b/charts/oam-runtime/templates/admission-webhooks/job-patch/job-patchWebhook.yaml new file mode 100644 index 000000000..eaad9c4ee --- /dev/null +++ b/charts/oam-runtime/templates/admission-webhooks/job-patch/job-patchWebhook.yaml @@ -0,0 +1,49 @@ +{{- if and .Values.admissionWebhooks.enabled .Values.admissionWebhooks.patch.enabled (not .Values.admissionWebhooks.certManager.enabled) }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "oam-runtime.fullname" . }}-admission-patch + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: + app: {{ template "oam-runtime.name" . }}-admission-patch + {{- include "oam-runtime.labels" . | nindent 4 }} +spec: + {{- if .Capabilities.APIVersions.Has "batch/v1alpha1" }} + # Alpha feature since k8s 1.12 + ttlSecondsAfterFinished: 0 + {{- end }} + template: + metadata: + name: {{ template "oam-runtime.fullname" . }}-admission-patch + labels: + app: {{ template "oam-runtime.name" . }}-admission-patch + {{- include "oam-runtime.labels" . | nindent 8 }} + spec: + containers: + - name: patch + image: {{ .Values.admissionWebhooks.patch.image.repository }}:{{ .Values.admissionWebhooks.patch.image.tag }} + imagePullPolicy: {{ .Values.admissionWebhooks.patch.image.pullPolicy }} + args: + - patch + - --webhook-name={{ template "oam-runtime.fullname" . }}-admission + - --namespace={{ .Release.Namespace }} + - --secret-name={{ template "oam-runtime.fullname" . }}-admission + - --patch-failure-policy={{ .Values.admissionWebhooks.failurePolicy }} + restartPolicy: OnFailure + serviceAccountName: {{ template "oam-runtime.fullname" . }}-admission + {{- with .Values.admissionWebhooks.patch.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.admissionWebhooks.patch.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + securityContext: + runAsGroup: 2000 + runAsNonRoot: true + runAsUser: 2000 +{{- end }} diff --git a/charts/oam-runtime/templates/admission-webhooks/job-patch/role.yaml b/charts/oam-runtime/templates/admission-webhooks/job-patch/role.yaml new file mode 100644 index 000000000..2dff83694 --- /dev/null +++ b/charts/oam-runtime/templates/admission-webhooks/job-patch/role.yaml @@ -0,0 +1,21 @@ +{{- if and .Values.admissionWebhooks.enabled .Values.admissionWebhooks.patch.enabled .Values.rbac.create (not .Values.admissionWebhooks.certManager.enabled) }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "oam-runtime.fullname" . }}-admission + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: + app: {{ template "oam-runtime.name" . }}-admission + {{- include "oam-runtime.labels" . | nindent 4 }} +rules: + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - create +{{- end }} diff --git a/charts/oam-runtime/templates/admission-webhooks/job-patch/rolebinding.yaml b/charts/oam-runtime/templates/admission-webhooks/job-patch/rolebinding.yaml new file mode 100644 index 000000000..408e20359 --- /dev/null +++ b/charts/oam-runtime/templates/admission-webhooks/job-patch/rolebinding.yaml @@ -0,0 +1,21 @@ +{{- if and .Values.admissionWebhooks.enabled .Values.admissionWebhooks.patch.enabled .Values.rbac.create (not .Values.admissionWebhooks.certManager.enabled) }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "oam-runtime.fullname" . }}-admission + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: + app: {{ template "oam-runtime.name" . }}-admission + {{- include "oam-runtime.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "oam-runtime.fullname" . }}-admission +subjects: + - kind: ServiceAccount + name: {{ template "oam-runtime.fullname" . }}-admission + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/oam-runtime/templates/admission-webhooks/job-patch/serviceaccount.yaml b/charts/oam-runtime/templates/admission-webhooks/job-patch/serviceaccount.yaml new file mode 100644 index 000000000..f30323cbf --- /dev/null +++ b/charts/oam-runtime/templates/admission-webhooks/job-patch/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if and .Values.admissionWebhooks.enabled .Values.admissionWebhooks.patch.enabled .Values.rbac.create (not .Values.admissionWebhooks.certManager.enabled) }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "oam-runtime.fullname" . }}-admission + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: + app: {{ template "oam-runtime.name" . }}-admission + {{- include "oam-runtime.labels" . | nindent 4 }} +{{- end }} diff --git a/charts/oam-runtime/templates/admission-webhooks/mutatingWebhookConfiguration.yaml b/charts/oam-runtime/templates/admission-webhooks/mutatingWebhookConfiguration.yaml new file mode 100644 index 000000000..f05672cda --- /dev/null +++ b/charts/oam-runtime/templates/admission-webhooks/mutatingWebhookConfiguration.yaml @@ -0,0 +1,67 @@ +{{- if .Values.admissionWebhooks.enabled -}} +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: {{ template "oam-runtime.fullname" . }}-admission + namespace: {{ .Release.Namespace }} + {{- if .Values.admissionWebhooks.certManager.enabled }} + annotations: + cert-manager.io/inject-ca-from: {{ printf "%s/%s-root-cert" .Release.Namespace (include "oam-runtime.fullname" .) | quote }} + {{- end }} +webhooks: + - clientConfig: + caBundle: Cg== + service: + name: {{ template "oam-runtime.name" . }}-webhook + namespace: {{ .Release.Namespace }} + path: /mutating-core-oam-dev-v1alpha2-applicationconfigurations + {{- if .Values.admissionWebhooks.patch.enabled }} + failurePolicy: Ignore + {{- else }} + failurePolicy: Fail + {{- end }} + name: mutating.core.oam.dev.v1alpha2.applicationconfigurations + sideEffects: None + rules: + - apiGroups: + - core.oam.dev + apiVersions: + - v1alpha2 + operations: + - CREATE + - UPDATE + resources: + - applicationconfigurations + scope: Namespaced + admissionReviewVersions: + - v1beta1 + timeoutSeconds: 5 + - clientConfig: + caBundle: Cg== + service: + name: {{ template "oam-runtime.name" . }}-webhook + namespace: {{ .Release.Namespace }} + path: /mutating-core-oam-dev-v1alpha2-components + {{- if .Values.admissionWebhooks.patch.enabled }} + failurePolicy: Ignore + {{- else }} + failurePolicy: Fail + {{- end }} + name: mutating.core.oam-dev.v1alpha2.components + sideEffects: None + rules: + - apiGroups: + - core.oam.dev + apiVersions: + - v1alpha2 + operations: + - CREATE + - UPDATE + resources: + - components + scope: Namespaced + admissionReviewVersions: + - v1beta1 + timeoutSeconds: 5 + +{{- end -}} diff --git a/charts/oam-runtime/templates/admission-webhooks/validatingWebhookConfiguration.yaml b/charts/oam-runtime/templates/admission-webhooks/validatingWebhookConfiguration.yaml new file mode 100644 index 000000000..58b6fe041 --- /dev/null +++ b/charts/oam-runtime/templates/admission-webhooks/validatingWebhookConfiguration.yaml @@ -0,0 +1,67 @@ +{{- if .Values.admissionWebhooks.enabled -}} +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: {{ template "oam-runtime.fullname" . }}-admission + namespace: {{ .Release.Namespace }} + {{- if .Values.admissionWebhooks.certManager.enabled }} + annotations: + cert-manager.io/inject-ca-from: {{ printf "%s/%s-root-cert" .Release.Namespace (include "oam-runtime.fullname" .) | quote }} + {{- end }} +webhooks: + - clientConfig: + caBundle: Cg== + service: + name: {{ template "oam-runtime.name" . }}-webhook + namespace: {{ .Release.Namespace }} + path: /validating-core-oam-dev-v1alpha2-applicationconfigurations + {{- if .Values.admissionWebhooks.patch.enabled }} + failurePolicy: Ignore + {{- else }} + failurePolicy: {{ .Values.admissionWebhooks.failurePolicy }} + {{- end }} + name: validating.core.oam.dev.v1alpha2.applicationconfigurations + sideEffects: None + rules: + - apiGroups: + - core.oam.dev + apiVersions: + - v1alpha2 + operations: + - CREATE + - UPDATE + resources: + - applicationconfigurations + scope: Namespaced + admissionReviewVersions: + - v1beta1 + timeoutSeconds: 5 + - clientConfig: + caBundle: Cg== + service: + name: {{ template "oam-runtime.name" . }}-webhook + namespace: {{ .Release.Namespace }} + path: /validating-core-oam-dev-v1alpha2-components + {{- if .Values.admissionWebhooks.patch.enabled }} + failurePolicy: Ignore + {{- else }} + failurePolicy: {{ .Values.admissionWebhooks.failurePolicy }} + {{- end }} + name: validating.core.oam.dev.v1alpha2.components + sideEffects: None + rules: + - apiGroups: + - core.oam.dev + apiVersions: + - v1alpha2 + operations: + - CREATE + - UPDATE + resources: + - components + scope: Namespaced + admissionReviewVersions: + - v1beta1 + timeoutSeconds: 5 + +{{- end -}} diff --git a/charts/oam-runtime/templates/admission-webhooks/webhookService.yaml b/charts/oam-runtime/templates/admission-webhooks/webhookService.yaml new file mode 100644 index 000000000..4bd48ca6e --- /dev/null +++ b/charts/oam-runtime/templates/admission-webhooks/webhookService.yaml @@ -0,0 +1,19 @@ +{{- if .Values.admissionWebhooks.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "oam-runtime.name" . }}-webhook + namespace: {{ .Release.Namespace }} + labels: + {{- include "oam-runtime.labels" . | nindent 4 }} +spec: + type: {{ .Values.webhookService.type }} + ports: + - port: 443 + targetPort: {{ .Values.webhookService.port }} + protocol: TCP + name: https + selector: + {{ include "oam-runtime.selectorLabels" . | nindent 6 }} + +{{- end -}} diff --git a/charts/oam-runtime/templates/certmanager.yaml b/charts/oam-runtime/templates/certmanager.yaml new file mode 100644 index 000000000..e04d4c3f4 --- /dev/null +++ b/charts/oam-runtime/templates/certmanager.yaml @@ -0,0 +1,53 @@ +{{- if and .Values.admissionWebhooks.certManager.enabled -}} + +# The following manifests contain a self-signed issuer CR and a certificate CR. +# More document can be found at https://docs.cert-manager.io +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: {{ template "oam-runtime.fullname" . }}-self-signed-issuer +spec: + selfSigned: {} + +--- +# Generate a CA Certificate used to sign certificates for the webhook +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ template "oam-runtime.fullname" . }}-root-cert +spec: + secretName: {{ template "oam-runtime.fullname" . }}-root-cert + duration: 43800h # 5y + issuerRef: + name: {{ template "oam-runtime.fullname" . }}-self-signed-issuer + commonName: "ca.webhook.oam-runtime" + isCA: true + +--- +# Create an Issuer that uses the above generated CA certificate to issue certs +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: {{ template "oam-runtime.fullname" . }}-root-issuer + namespace: {{ .Release.Namespace }} +spec: + ca: + secretName: {{ template "oam-runtime.fullname" . }}-root-cert + +--- +# generate a serving certificate for the apiservices to use +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ template "oam-runtime.fullname" . }}-admission + namespace: {{ .Release.Namespace }} +spec: + secretName: {{ template "oam-runtime.fullname" . }}-admission + duration: 8760h # 1y + issuerRef: + name: {{ template "oam-runtime.fullname" . }}-root-issuer + dnsNames: + - {{ template "oam-runtime.name" . }}-webhook.{{ .Release.Namespace }}.svc + - {{ template "oam-runtime.name" . }}-webhook.{{ .Release.Namespace }}.svc.cluster.local + +{{- end }} diff --git a/charts/oam-runtime/templates/definitions/containerizedworkloads.yaml b/charts/oam-runtime/templates/definitions/containerizedworkloads.yaml new file mode 100644 index 000000000..8c1ce9e0d --- /dev/null +++ b/charts/oam-runtime/templates/definitions/containerizedworkloads.yaml @@ -0,0 +1,13 @@ +apiVersion: core.oam.dev/v1beta1 +kind: WorkloadDefinition +metadata: + name: containerizedworkloads.core.oam.dev + namespace: {{.Values.systemDefinitionNamespace}} +spec: + definitionRef: + name: containerizedworkloads.core.oam.dev + childResourceKinds: + - apiVersion: apps/v1 + kind: Deployment + - apiVersion: v1 + kind: Service \ No newline at end of file diff --git a/charts/oam-runtime/templates/definitions/healthscopes.yaml b/charts/oam-runtime/templates/definitions/healthscopes.yaml new file mode 100644 index 000000000..fa3dbbf26 --- /dev/null +++ b/charts/oam-runtime/templates/definitions/healthscopes.yaml @@ -0,0 +1,10 @@ +apiVersion: core.oam.dev/v1beta1 +kind: ScopeDefinition +metadata: + name: healthscopes.core.oam.dev + namespace: {{.Values.systemDefinitionNamespace}} +spec: + workloadRefsPath: spec.workloadRefs + allowComponentOverlap: true + definitionRef: + name: healthscopes.core.oam.dev \ No newline at end of file diff --git a/charts/oam-runtime/templates/oam-runtime-controller.yaml b/charts/oam-runtime/templates/oam-runtime-controller.yaml new file mode 100644 index 000000000..005a2dc25 --- /dev/null +++ b/charts/oam-runtime/templates/oam-runtime-controller.yaml @@ -0,0 +1,176 @@ +--- + +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "oam-runtime.serviceAccountName" . }} + labels: + {{- include "oam-runtime.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "oam-runtime.fullname" . }}:manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: "cluster-admin" +subjects: + - kind: ServiceAccount + name: {{ include "oam-runtime.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + +--- +# permissions to do leader election. +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "oam-runtime.fullname" . }}:leader-election-role +rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch + - apiGroups: + - "" + resources: + - events + verbs: + - create + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "oam-runtime.fullname" . }}:leader-election-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "oam-runtime.fullname" . }}:leader-election-role +subjects: + - kind: ServiceAccount + name: {{ include "oam-runtime.serviceAccountName" . }} + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "oam-runtime.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "oam-runtime.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "oam-runtime.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "oam-runtime.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "oam-runtime.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Release.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + args: + - "--metrics-addr=:8080" + - "--enable-leader-election" + {{ if ne .Values.logFilePath "" }} + - "--log-file-path={{ .Values.logFilePath }}" + - "--log-file-max-size={{ .Values.logFileMaxSize }}" + {{ end }} + {{ if .Values.logDebug }} + - "--log-debug=true" + {{ end }} + {{ if .Values.admissionWebhooks.enabled }} + - "--use-webhook=true" + - "--webhook-port={{ .Values.webhookService.port }}" + - "--webhook-cert-dir={{ .Values.admissionWebhooks.certificate.mountPath }}" + {{ end }} + - "--health-addr=:{{ .Values.healthCheck.port }}" + - "--apply-once-only={{ .Values.applyOnceOnly }}" + {{ if ne .Values.disableCaps "" }} + - "--disable-caps={{ .Values.disableCaps }}" + {{ end }} + - "--system-definition-namespace={{ .Values.systemDefinitionNamespace }}" + - "--oam-spec-ver={{ .Values.OAMSpecVer }}" + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ quote .Values.image.pullPolicy }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{ if .Values.admissionWebhooks.enabled }} + ports: + - containerPort: {{ .Values.webhookService.port }} + name: webhook-server + protocol: TCP + - containerPort: {{ .Values.healthCheck.port }} + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + initialDelaySeconds: 90 + periodSeconds: 5 + livenessProbe: + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 90 + periodSeconds: 5 + volumeMounts: + - mountPath: {{ .Values.admissionWebhooks.certificate.mountPath }} + name: tls-cert-vol + readOnly: true + {{ end }} + {{ if .Values.admissionWebhooks.enabled }} + volumes: + - name: tls-cert-vol + secret: + defaultMode: 420 + secretName: {{ template "oam-runtime.fullname" . }}-admission + {{ end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} \ No newline at end of file diff --git a/charts/oam-runtime/templates/test/test-application.yaml b/charts/oam-runtime/templates/test/test-application.yaml new file mode 100644 index 000000000..a9375c7f6 --- /dev/null +++ b/charts/oam-runtime/templates/test/test-application.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "oam-runtime.fullname" . }}-test-connection" + labels: + {{- include "oam-runtime.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test-success +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "oam-runtime.fullname" . }}:{{ .Values.healthCheck.port }}'] + restartPolicy: Never \ No newline at end of file diff --git a/charts/oam-runtime/values.yaml b/charts/oam-runtime/values.yaml new file mode 100644 index 000000000..3978f0fc2 --- /dev/null +++ b/charts/oam-runtime/values.yaml @@ -0,0 +1,100 @@ +# Default values for kubevela. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 +# Valid applyOnceOnly values: true/false/on/off/force +applyOnceOnly: "off" + +disableCaps: "all" +image: + repository: oamdev/vela-core + tag: latest + pullPolicy: Always + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +resources: + limits: + cpu: 500m + memory: 1Gi + requests: + cpu: 50m + memory: 20Mi + +webhookService: + type: ClusterIP + port: 11443 + +healthCheck: + port: 11440 + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +rbac: + create: true + +admissionWebhooks: + enabled: true + failurePolicy: Fail + certificate: + mountPath: /etc/k8s-webhook-certs + patch: + enabled: true + image: + repository: wonderflow/kube-webhook-certgen + tag: v2.1 + pullPolicy: IfNotPresent + affinity: {} + tolerations: [] + certManager: + enabled: false + # If autoGenWorkloadDefinition is true, webhook will auto generated workloadDefinition which componentDefinition refers to + autoGenWorkloadDefinition: true + +#Enable debug logs for development purpose +logDebug: false + +#If non-empty, write log files in this path +logFilePath: "" + +#Defines the maximum size a log file can grow to. Unit is megabytes. +#If the value is 0, the maximum file size is unlimited. +logFileMaxSize: 1024 + +systemDefinitionNamespace: oam-runtime-system + +# concurrentReconciles is the concurrent reconcile number of the controller +concurrentReconciles: 4 + +# dependCheckWait is the time to wait for ApplicationConfiguration's dependent-resource ready +dependCheckWait: 30s + +# OAMSpecVer is the oam spec version controller want to setup +OAMSpecVer: "v0.2" \ No newline at end of file diff --git a/charts/vela-core/crds/standard.oam.dev_podspecworkloads.yaml b/charts/vela-core/crds/standard.oam.dev_podspecworkloads.yaml index a904807df..f60bc7f7f 100644 --- a/charts/vela-core/crds/standard.oam.dev_podspecworkloads.yaml +++ b/charts/vela-core/crds/standard.oam.dev_podspecworkloads.yaml @@ -753,6 +753,7 @@ spec: description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. type: string protocol: + default: TCP description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". type: string required: @@ -1482,6 +1483,7 @@ spec: description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. type: string protocol: + default: TCP description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". type: string required: @@ -2219,6 +2221,7 @@ spec: description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. type: string protocol: + default: TCP description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". type: string required: diff --git a/charts/vela-core/templates/admission-webhooks/mutatingWebhookConfiguration.yaml b/charts/vela-core/templates/admission-webhooks/mutatingWebhookConfiguration.yaml index 5e6310e0d..740168125 100644 --- a/charts/vela-core/templates/admission-webhooks/mutatingWebhookConfiguration.yaml +++ b/charts/vela-core/templates/admission-webhooks/mutatingWebhookConfiguration.yaml @@ -9,6 +9,7 @@ metadata: cert-manager.io/inject-ca-from: {{ printf "%s/%s-root-cert" .Release.Namespace (include "kubevela.fullname" .) | quote }} {{- end }} webhooks: + {{- if eq .Values.OAMSpecVer "all"}} - clientConfig: caBundle: Cg== service: @@ -36,33 +37,6 @@ webhooks: admissionReviewVersions: - v1beta1 timeoutSeconds: 5 - - clientConfig: - caBundle: Cg== - service: - name: {{ template "kubevela.name" . }}-webhook - namespace: {{ .Release.Namespace }} - path: /mutating-core-oam-dev-v1beta1-approllout - {{- if .Values.admissionWebhooks.patch.enabled }} - failurePolicy: Ignore - {{- else }} - failurePolicy: Fail - {{- end }} - name: mutating.core.oam.dev.v1beta1.approllouts - sideEffects: None - rules: - - apiGroups: - - core.oam.dev - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - approllouts - scope: Namespaced - admissionReviewVersions: - - v1beta1 - timeoutSeconds: 5 - clientConfig: caBundle: Cg== service: @@ -90,6 +64,34 @@ webhooks: admissionReviewVersions: - v1beta1 timeoutSeconds: 5 + {{- end }} + - clientConfig: + caBundle: Cg== + service: + name: {{ template "kubevela.name" . }}-webhook + namespace: {{ .Release.Namespace }} + path: /mutating-core-oam-dev-v1beta1-approllout + {{- if .Values.admissionWebhooks.patch.enabled }} + failurePolicy: Ignore + {{- else }} + failurePolicy: Fail + {{- end }} + name: mutating.core.oam.dev.v1beta1.approllouts + sideEffects: None + rules: + - apiGroups: + - core.oam.dev + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - approllouts + scope: Namespaced + admissionReviewVersions: + - v1beta1 + timeoutSeconds: 5 - clientConfig: caBundle: Cg== service: diff --git a/charts/vela-core/templates/admission-webhooks/validatingWebhookConfiguration.yaml b/charts/vela-core/templates/admission-webhooks/validatingWebhookConfiguration.yaml index d3ca20323..f15329c83 100644 --- a/charts/vela-core/templates/admission-webhooks/validatingWebhookConfiguration.yaml +++ b/charts/vela-core/templates/admission-webhooks/validatingWebhookConfiguration.yaml @@ -9,6 +9,7 @@ metadata: cert-manager.io/inject-ca-from: {{ printf "%s/%s-root-cert" .Release.Namespace (include "kubevela.fullname" .) | quote }} {{- end }} webhooks: + {{- if eq .Values.OAMSpecVer "all"}} - clientConfig: caBundle: Cg== service: @@ -36,33 +37,6 @@ webhooks: admissionReviewVersions: - v1beta1 timeoutSeconds: 5 - - clientConfig: - caBundle: Cg== - service: - name: {{ template "kubevela.name" . }}-webhook - namespace: {{ .Release.Namespace }} - path: /validating-core-oam-dev-v1beta1-approllout - {{- if .Values.admissionWebhooks.patch.enabled }} - failurePolicy: Ignore - {{- else }} - failurePolicy: {{ .Values.admissionWebhooks.failurePolicy }} - {{- end }} - name: validating.core.oam.dev.v1beta1.approllouts - sideEffects: None - rules: - - apiGroups: - - core.oam.dev - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - approllouts - scope: Namespaced - admissionReviewVersions: - - v1beta1 - timeoutSeconds: 5 - clientConfig: caBundle: Cg== service: @@ -90,6 +64,34 @@ webhooks: admissionReviewVersions: - v1beta1 timeoutSeconds: 5 + {{- end }} + - clientConfig: + caBundle: Cg== + service: + name: {{ template "kubevela.name" . }}-webhook + namespace: {{ .Release.Namespace }} + path: /validating-core-oam-dev-v1beta1-approllout + {{- if .Values.admissionWebhooks.patch.enabled }} + failurePolicy: Ignore + {{- else }} + failurePolicy: {{ .Values.admissionWebhooks.failurePolicy }} + {{- end }} + name: validating.core.oam.dev.v1beta1.approllouts + sideEffects: None + rules: + - apiGroups: + - core.oam.dev + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - approllouts + scope: Namespaced + admissionReviewVersions: + - v1beta1 + timeoutSeconds: 5 - clientConfig: caBundle: Cg== service: diff --git a/charts/vela-core/templates/kubevela-controller.yaml b/charts/vela-core/templates/kubevela-controller.yaml index bb256beaf..62bc8b8e3 100644 --- a/charts/vela-core/templates/kubevela-controller.yaml +++ b/charts/vela-core/templates/kubevela-controller.yaml @@ -120,9 +120,6 @@ spec: - "--webhook-cert-dir={{ .Values.admissionWebhooks.certificate.mountPath }}" - "--autogen-workload-definition={{ .Values.admissionWebhooks.autoGenWorkloadDefinition }}" {{ end }} - {{ if not .Values.useAppConfig }} - - "--app-config-installed=false" - {{ end }} - "--health-addr=:{{ .Values.healthCheck.port }}" - "--apply-once-only={{ .Values.applyOnceOnly }}" {{ if ne .Values.disableCaps "" }} @@ -131,6 +128,7 @@ spec: - "--system-definition-namespace={{ .Values.systemDefinitionNamespace }}" - "--application-revision-limit={{ .Values.applicationRevisionLimit }}" - "--definition-revision-limit={{ .Values.definitionRevisionLimit }}" + - "--oam-spec-ver={{ .Values.OAMSpecVer }}" image: {{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ quote .Values.image.pullPolicy }} resources: diff --git a/charts/vela-core/values.yaml b/charts/vela-core/values.yaml index 642019a78..4cd3a0745 100644 --- a/charts/vela-core/values.yaml +++ b/charts/vela-core/values.yaml @@ -6,8 +6,7 @@ replicaCount: 1 # Valid applyOnceOnly values: true/false/on/off/force applyOnceOnly: "off" -# By default, metrics are disabled due the prometheus dependency -disableCaps: "metrics" +disableCaps: "" image: repository: oamdev/vela-core tag: latest @@ -16,7 +15,6 @@ image: imagePullSecrets: [] nameOverride: "" fullnameOverride: "" -useAppConfig: true serviceAccount: # Specifies whether a service account should be created @@ -100,4 +98,7 @@ definitionRevisionLimit: 20 concurrentReconciles: 4 # dependCheckWait is the time to wait for ApplicationConfiguration's dependent-resource ready -dependCheckWait: 30s \ No newline at end of file +dependCheckWait: 30s + +# OAMSpecVer is the oam spec version controller want to setup +OAMSpecVer: "v0.3" \ No newline at end of file diff --git a/cmd/core/main.go b/cmd/core/main.go index 72d5ca1a0..f3dfbb397 100644 --- a/cmd/core/main.go +++ b/cmd/core/main.go @@ -89,8 +89,6 @@ func main() { "definition-revision-limit is the maximum number of component/trait definition useless revisions that will be maintained, if the useless revisions exceed this number, older ones will be GCed first.The default value is 20.") flag.StringVar(&controllerArgs.CustomRevisionHookURL, "custom-revision-hook-url", "", "custom-revision-hook-url is a webhook url which will let KubeVela core to call with applicationConfiguration and component info and return a customized component revision") - flag.BoolVar(&controllerArgs.ApplicationConfigurationInstalled, "app-config-installed", true, - "app-config-installed indicates if applicationConfiguration CRD is installed") flag.BoolVar(&controllerArgs.AutoGenWorkloadDefinition, "autogen-workload-definition", true, "Automatic generated workloadDefinition which componentDefinition refers to.") flag.StringVar(&healthAddr, "health-addr", ":9440", "The address the health endpoint binds to.") flag.StringVar(&applyOnceOnly, "apply-once-only", "false", @@ -103,6 +101,7 @@ func main() { flag.IntVar(&controllerArgs.ConcurrentReconciles, "concurrent-reconciles", 4, "concurrent-reconciles is the concurrent reconcile number of the controller. The default value is 4") flag.DurationVar(&controllerArgs.DependCheckWait, "depend-check-wait", 30*time.Second, "depend-check-wait is the time to wait for ApplicationConfiguration's dependent-resource ready."+ "The default value is 30s, which means if dependent resources were not prepared, the ApplicationConfiguration would be reconciled after 30s.") + flag.StringVar(&controllerArgs.OAMSpecVer, "oam-spec-ver", "v0.3", "oam-spec-ver is the oam spec version controller want to setup, available options: v0.2, v0.3, all") flag.Parse() // setup logging @@ -193,14 +192,15 @@ func main() { } if err = oamv1alpha2.Setup(mgr, controllerArgs); err != nil { - klog.ErrorS(err, "Unable to setup the oam core controller") + klog.ErrorS(err, "Unable to setup the oam controller") os.Exit(1) } - if err = standardcontroller.Setup(mgr, disableCaps); err != nil { + if err = standardcontroller.Setup(mgr, disableCaps, controllerArgs); err != nil { klog.ErrorS(err, "Unable to setup the vela core controller") os.Exit(1) } + if driver := os.Getenv(system.StorageDriverEnv); len(driver) == 0 { // first use system environment, err := os.Setenv(system.StorageDriverEnv, storageDriver) diff --git a/hack/crd/cleanup.sh b/hack/crd/cleanup.sh index 7773b5bcd..744ee05c5 100755 --- a/hack/crd/cleanup.sh +++ b/hack/crd/cleanup.sh @@ -5,7 +5,7 @@ set -e SCRIPT_DIR=$(dirname "$0") pushd $SCRIPT_DIR -TEMPLATE_DIR="../../charts/vela-core/crds" +TEMPLATE_DIR="../../config/crd/base" echo "clean up unused fields of CRDs" diff --git a/hack/crd/dispatch/dispatch.go b/hack/crd/dispatch/dispatch.go new file mode 100644 index 000000000..4671da757 --- /dev/null +++ b/hack/crd/dispatch/dispatch.go @@ -0,0 +1,92 @@ +/* +Copyright 2021 The KubeVela Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package main + +import ( + "fmt" + "io/ioutil" + "log" + "os" + "path/filepath" + "strings" +) + +var ( + common = map[string]bool{"workloaddefinitions": true, "traitdefinitions": true, "scopedefinitions": true, "healthscopes": true, + "manualscalertraits": true, "containerizedworkloads": true} + oldCRD = map[string]bool{"components": true, "applicationconfigurations": true} +) + +func main() { + var dir string + var oldDir string + var newDir string + if len(os.Args) > 2 { + dir = os.Args[1] + newDir = os.Args[2] + oldDir = os.Args[3] + } else { + log.Fatal(fmt.Errorf("not enough args")) + } + + writeOld := func(fileName string, data []byte) { + pathOld := fmt.Sprintf("%s/%s", oldDir, fileName) + /* #nosec */ + if err := ioutil.WriteFile(pathOld, data, 0644); err != nil { + log.Fatal(err) + } + } + + writeNew := func(fileName string, data []byte) { + pathNew := fmt.Sprintf("%s/%s", newDir, fileName) + /* #nosec */ + if err := ioutil.WriteFile(pathNew, data, 0644); err != nil { + log.Fatal(err) + } + } + + err := filepath.Walk(dir, func(path string, info os.FileInfo, _ error) error { + if info.IsDir() { + return nil + } + resourceName := extractMainInfo(info.Name()) + /* #nosec */ + data, err := ioutil.ReadFile(path) + if err != nil { + fmt.Fprintln(os.Stderr, "failed to read file", err) + return err + } + if oldCRD[resourceName] { + writeOld(info.Name(), data) + return nil + } + if common[resourceName] { + writeOld(info.Name(), data) + } + writeNew(info.Name(), data) + return nil + }) + + if err != nil { + log.Fatal(err) + } + log.Println("complete crd files dispatch") +} + +func extractMainInfo(fileName string) string { + return strings.Split(strings.Split(fileName, "_")[1], ".")[0] +} diff --git a/hack/e2e/end_e2e.sh b/hack/e2e/end_e2e.sh index 64c989a3b..428a3a550 100644 --- a/hack/e2e/end_e2e.sh +++ b/hack/e2e/end_e2e.sh @@ -18,4 +18,26 @@ while [ $n -le 60 ];do echo file not generated yet n=$(expr $n + 1) sleep 1 +done + +OAM_CONTAINER_ID=$(docker exec kind-control-plane crictl ps | grep oam-runtime | grep --regexp '^.............' -o) +OAM_DOCKER_DIR=$(docker exec kind-control-plane crictl inspect --output go-template --template '{{range .info.runtimeSpec.mounts}}{{if (eq .destination "/workspace/data")}}{{.source}}{{end}}{{end}}' "${OAM_CONTAINER_ID}") +echo "${OAM_CONTAINER_ID}" +echo "${OAM_DOCKER_DIR}" + +docker exec kind-control-plane crictl exec "${OAM_CONTAINER_ID}" kill -2 1 + +file=$OAM_DOCKER_DIR/e2e-profile.out +echo $file +n=1 +while [ $n -le 60 ];do + if_exist=$(docker exec kind-control-plane sh -c "test -f $file && echo 'ok'") + echo $if_exist + if [ -n "$if_exist" ];then + docker exec kind-control-plane cat $file > /tmp/oam-e2e-profile.out + break + fi + echo file not generated yet + n=$(expr $n + 1) + sleep 1 done \ No newline at end of file diff --git a/hack/e2e/modify_charts.sh b/hack/e2e/modify_charts.sh index ab4eccbdc..6f3a2d7af 100644 --- a/hack/e2e/modify_charts.sh +++ b/hack/e2e/modify_charts.sh @@ -7,6 +7,11 @@ } > tmp_add.txt sed '/ args:/r tmp_add.txt' ./charts/vela-core/templates/kubevela-controller.yaml > tmp.yaml rm ./charts/vela-core/templates/kubevela-controller.yaml -rm tmp_add.txt cat tmp.yaml mv tmp.yaml ./charts/vela-core/templates/kubevela-controller.yaml + +sed '/ args:/r tmp_add.txt' ./charts/oam-runtime/templates/oam-runtime-controller.yaml > tmp.yaml +rm ./charts/oam-runtime/templates/oam-runtime-controller.yaml +rm tmp_add.txt +cat tmp.yaml +mv tmp.yaml ./charts/oam-runtime/templates/oam-runtime-controller.yaml \ No newline at end of file diff --git a/pkg/controller/common/types.go b/pkg/controller/common/types.go index 36ef60205..cbc06a672 100644 --- a/pkg/controller/common/types.go +++ b/pkg/controller/common/types.go @@ -31,4 +31,10 @@ const ( DisableAllCaps = "all" // DisableNoneCaps disable none of capabilities DisableNoneCaps = "" + // ManualScalerTraitControllerName is the controller name of manualScalerTrait + ManualScalerTraitControllerName = "manualscaler" + // ContainerizedWorkloadControllerName is the controller name of containerized workload + ContainerizedWorkloadControllerName = "containerizedwokrload" + // HealthScopeControllerName is the controller name of healthScope controller + HealthScopeControllerName = "healthscope" ) diff --git a/pkg/controller/core.oam.dev/oamruntime_controller.go b/pkg/controller/core.oam.dev/oamruntime_controller.go index 0b5d5ad3a..cc6ee18e3 100644 --- a/pkg/controller/core.oam.dev/oamruntime_controller.go +++ b/pkg/controller/core.oam.dev/oamruntime_controller.go @@ -43,8 +43,6 @@ const ( // Args args used by controller type Args struct { - // ApplicationConfigurationInstalled indicates if we have installed the ApplicationConfiguration CRD - ApplicationConfigurationInstalled bool // RevisionLimit is the maximum number of revisions that will be maintained. // The default value is 50. @@ -79,4 +77,7 @@ type Args struct { // AutoGenWorkloadDefinition indicates whether automatic generated workloadDefinition which componentDefinition refers to AutoGenWorkloadDefinition bool + + // OAMSpecVer is the oam spec version controller want to setup + OAMSpecVer string } diff --git a/pkg/controller/core.oam.dev/v1alpha2/application/application_controller.go b/pkg/controller/core.oam.dev/v1alpha2/application/application_controller.go index 52d7888ea..398a7065d 100644 --- a/pkg/controller/core.oam.dev/v1alpha2/application/application_controller.go +++ b/pkg/controller/core.oam.dev/v1alpha2/application/application_controller.go @@ -25,10 +25,6 @@ import ( "github.com/crossplane/crossplane-runtime/pkg/event" "github.com/crossplane/crossplane-runtime/pkg/meta" "github.com/pkg/errors" - "sigs.k8s.io/controller-runtime/pkg/controller" - "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" - corev1 "k8s.io/api/core/v1" kerrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -38,15 +34,15 @@ import ( "k8s.io/klog/v2" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/controller" + "sigs.k8s.io/controller-runtime/pkg/reconcile" "github.com/oam-dev/kubevela/apis/core.oam.dev/common" - "github.com/oam-dev/kubevela/apis/core.oam.dev/v1alpha2" "github.com/oam-dev/kubevela/apis/core.oam.dev/v1beta1" velatypes "github.com/oam-dev/kubevela/apis/types" "github.com/oam-dev/kubevela/pkg/appfile" core "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev" "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev/v1alpha2/application/dispatch" - ac "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev/v1alpha2/applicationconfiguration" "github.com/oam-dev/kubevela/pkg/cue/packages" "github.com/oam-dev/kubevela/pkg/oam" "github.com/oam-dev/kubevela/pkg/oam/discoverymapper" @@ -361,14 +357,13 @@ func readyCondition(tpy string) v1alpha1.Condition { } // SetupWithManager install to manager -func (r *Reconciler) SetupWithManager(mgr ctrl.Manager, compHandler *ac.ComponentHandler) error { +func (r *Reconciler) SetupWithManager(mgr ctrl.Manager) error { // If Application Own these two child objects, AC status change will notify application controller and recursively update AC again, and trigger application event again... return ctrl.NewControllerManagedBy(mgr). WithOptions(controller.Options{ MaxConcurrentReconciles: r.concurrentReconciles, }). For(&v1beta1.Application{}). - Watches(&source.Kind{Type: &v1alpha2.Component{}}, compHandler). Complete(r) } @@ -396,10 +391,5 @@ func Setup(mgr ctrl.Manager, args core.Args) error { appRevisionLimit: args.AppRevisionLimit, concurrentReconciles: args.ConcurrentReconciles, } - compHandler := &ac.ComponentHandler{ - Client: mgr.GetClient(), - RevisionLimit: args.RevisionLimit, - CustomRevisionHookURL: args.CustomRevisionHookURL, - } - return reconciler.SetupWithManager(mgr, compHandler) + return reconciler.SetupWithManager(mgr) } diff --git a/pkg/controller/core.oam.dev/v1alpha2/applicationconfiguration/applicationconfiguration.go b/pkg/controller/core.oam.dev/v1alpha2/applicationconfiguration/applicationconfiguration.go index 937d053da..164efca70 100644 --- a/pkg/controller/core.oam.dev/v1alpha2/applicationconfiguration/applicationconfiguration.go +++ b/pkg/controller/core.oam.dev/v1alpha2/applicationconfiguration/applicationconfiguration.go @@ -23,6 +23,8 @@ import ( "strings" "time" + "sigs.k8s.io/controller-runtime/pkg/source" + "github.com/crossplane/crossplane-runtime/apis/core/v1alpha1" "github.com/crossplane/crossplane-runtime/pkg/event" "github.com/crossplane/crossplane-runtime/pkg/fieldpath" @@ -93,6 +95,11 @@ func Setup(mgr ctrl.Manager, args core.Args) error { return builder. Named(name). For(&v1alpha2.ApplicationConfiguration{}). + Watches(&source.Kind{Type: &v1alpha2.Component{}}, &ComponentHandler{ + Client: mgr.GetClient(), + RevisionLimit: args.RevisionLimit, + CustomRevisionHookURL: args.CustomRevisionHookURL, + }). Complete(NewReconciler(mgr, args.DiscoveryMapper, WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), WithApplyOnceOnlyMode(args.ApplyMode), diff --git a/pkg/controller/core.oam.dev/v1alpha2/applicationconfiguration/suite_test.go b/pkg/controller/core.oam.dev/v1alpha2/applicationconfiguration/suite_test.go index ea3086716..a972cbb21 100644 --- a/pkg/controller/core.oam.dev/v1alpha2/applicationconfiguration/suite_test.go +++ b/pkg/controller/core.oam.dev/v1alpha2/applicationconfiguration/suite_test.go @@ -79,10 +79,14 @@ var _ = BeforeSuite(func(done Done) { } else { yamlPath = filepath.Join("../../../../..", "charts", "vela-core", "crds") } + compCRD := "../../../../../charts/oam-runtime/crds/core.oam.dev_components.yaml" + acCRD := "../../../../../charts/oam-runtime/crds/core.oam.dev_applicationconfigurations.yaml" logf.Log.Info("start applicationconfiguration suit test", "yaml_path", yamlPath) testEnv = &envtest.Environment{ CRDDirectoryPaths: []string{ yamlPath, // this has all the required CRDs, + compCRD, + acCRD, }, } var err error diff --git a/pkg/controller/core.oam.dev/v1alpha2/applicationcontext/suit_test.go b/pkg/controller/core.oam.dev/v1alpha2/applicationcontext/suit_test.go index 77be415c2..b37f4e42e 100644 --- a/pkg/controller/core.oam.dev/v1alpha2/applicationcontext/suit_test.go +++ b/pkg/controller/core.oam.dev/v1alpha2/applicationcontext/suit_test.go @@ -61,6 +61,8 @@ var _ = BeforeSuite(func(done Done) { testEnv = &envtest.Environment{ CRDDirectoryPaths: []string{ filepath.Join("../../../../..", "charts/vela-core/crds"), // this has all the required CRDs, + "../../../../../charts/oam-runtime/crds/core.oam.dev_applicationconfigurations.yaml", + "../../../../../charts/oam-runtime/crds/core.oam.dev_components.yaml", }, UseExistingCluster: &useExistCluster, } diff --git a/pkg/controller/core.oam.dev/v1alpha2/setup.go b/pkg/controller/core.oam.dev/v1alpha2/setup.go index 1a973bc05..73b220ab4 100644 --- a/pkg/controller/core.oam.dev/v1alpha2/setup.go +++ b/pkg/controller/core.oam.dev/v1alpha2/setup.go @@ -26,28 +26,28 @@ import ( "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev/v1alpha2/applicationrollout" "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev/v1alpha2/core/components/componentdefinition" "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev/v1alpha2/core/policies/policydefinition" - "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev/v1alpha2/core/scopes/healthscope" - "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev/v1alpha2/core/traits/manualscalertrait" "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev/v1alpha2/core/traits/traitdefinition" "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev/v1alpha2/core/workflow/workflowstepdefinition" - "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev/v1alpha2/core/workloads/containerizedworkload" "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev/v1alpha2/initializer" ) // Setup workload controllers. func Setup(mgr ctrl.Manager, args controller.Args) error { - for _, setup := range []func(ctrl.Manager, controller.Args) error{ - containerizedworkload.Setup, manualscalertrait.Setup, healthscope.Setup, - application.Setup, applicationrollout.Setup, appdeployment.Setup, - traitdefinition.Setup, componentdefinition.Setup, policydefinition.Setup, workflowstepdefinition.Setup, - initializer.Setup, - } { - if err := setup(mgr, args); err != nil { + if args.OAMSpecVer == "v0.3" || args.OAMSpecVer == "all" { + for _, setup := range []func(ctrl.Manager, controller.Args) error{ + application.Setup, applicationrollout.Setup, appdeployment.Setup, + traitdefinition.Setup, componentdefinition.Setup, policydefinition.Setup, workflowstepdefinition.Setup, + initializer.Setup, + } { + if err := setup(mgr, args); err != nil { + return err + } + } + } + if args.OAMSpecVer == "v0.2" || args.OAMSpecVer == "all" { + if err := applicationconfiguration.Setup(mgr, args); err != nil { return err } } - if args.ApplicationConfigurationInstalled { - return applicationconfiguration.Setup(mgr, args) - } return nil } diff --git a/pkg/controller/setup.go b/pkg/controller/setup.go index 26916cd4f..9ba781bb8 100644 --- a/pkg/controller/setup.go +++ b/pkg/controller/setup.go @@ -19,18 +19,26 @@ package controller import ( ctrl "sigs.k8s.io/controller-runtime" + controller "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev" + "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev/v1alpha2/core/scopes/healthscope" + "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev/v1alpha2/core/traits/manualscalertrait" + "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev/v1alpha2/core/workloads/containerizedworkload" + "github.com/oam-dev/kubevela/pkg/controller/common" "github.com/oam-dev/kubevela/pkg/controller/standard.oam.dev/v1alpha1/podspecworkload" "github.com/oam-dev/kubevela/pkg/controller/utils" ) // Setup workload controllers. -func Setup(mgr ctrl.Manager, disableCaps string) error { - var functions []func(ctrl.Manager) error +func Setup(mgr ctrl.Manager, disableCaps string, args controller.Args) error { + var functions []func(ctrl.Manager, controller.Args) error switch disableCaps { case common.DisableNoneCaps: - functions = []func(ctrl.Manager) error{ + functions = []func(ctrl.Manager, controller.Args) error{ podspecworkload.Setup, + manualscalertrait.Setup, + containerizedworkload.Setup, + healthscope.Setup, } case common.DisableAllCaps: default: @@ -38,10 +46,19 @@ func Setup(mgr ctrl.Manager, disableCaps string) error { if !disableCapsSet.Contains(common.PodspecWorkloadControllerName) { functions = append(functions, podspecworkload.Setup) } + if !disableCapsSet.Contains(common.ManualScalerTraitControllerName) { + functions = append(functions, manualscalertrait.Setup) + } + if !disableCapsSet.Contains(common.ContainerizedWorkloadControllerName) { + functions = append(functions, containerizedworkload.Setup) + } + if !disableCapsSet.Contains(common.HealthScopeControllerName) { + functions = append(functions, healthscope.Setup) + } } for _, setup := range functions { - if err := setup(mgr); err != nil { + if err := setup(mgr, args); err != nil { return err } } diff --git a/pkg/controller/standard.oam.dev/v1alpha1/podspecworkload/podspecworkload_controller.go b/pkg/controller/standard.oam.dev/v1alpha1/podspecworkload/podspecworkload_controller.go index f0e7ac84d..f710271c7 100644 --- a/pkg/controller/standard.oam.dev/v1alpha1/podspecworkload/podspecworkload_controller.go +++ b/pkg/controller/standard.oam.dev/v1alpha1/podspecworkload/podspecworkload_controller.go @@ -21,6 +21,8 @@ import ( "fmt" "reflect" + controller "github.com/oam-dev/kubevela/pkg/controller/core.oam.dev" + cpv1alpha1 "github.com/crossplane/crossplane-runtime/apis/core/v1alpha1" "github.com/crossplane/crossplane-runtime/pkg/event" "github.com/go-logr/logr" @@ -292,7 +294,7 @@ func (r *Reconciler) UpdateStatus(ctx context.Context, workload *v1alpha1.PodSpe } // Setup adds a controller that reconciles PodSpecWorkload. -func Setup(mgr ctrl.Manager) error { +func Setup(mgr ctrl.Manager, args controller.Args) error { reconciler := Reconciler{ Client: mgr.GetClient(), log: ctrl.Log.WithName("PodSpecWorkload"), diff --git a/pkg/controller/utils/utils.go b/pkg/controller/utils/utils.go index 37a1f713d..f7d9a9814 100644 --- a/pkg/controller/utils/utils.go +++ b/pkg/controller/utils/utils.go @@ -65,8 +65,8 @@ const LabelPodSpecable = "workload.oam.dev/podspecable" // allBuiltinCapabilities includes all builtin controllers // TODO(zzxwill) needs to automatically discovery all controllers -var allBuiltinCapabilities = mapset.NewSet(common.MetricsControllerName, common.PodspecWorkloadControllerName, - common.RouteControllerName, common.AutoscaleControllerName) +var allBuiltinCapabilities = mapset.NewSet(common.ManualScalerTraitControllerName, common.PodspecWorkloadControllerName, + common.ContainerizedWorkloadControllerName, common.HealthScopeControllerName) // GetPodSpecPath get podSpec field and label func GetPodSpecPath(workloadDef *v1alpha2.WorkloadDefinition) (string, bool) { diff --git a/pkg/controller/utils/utils_test.go b/pkg/controller/utils/utils_test.go index d7c381ef3..01cc4fea2 100644 --- a/pkg/controller/utils/utils_test.go +++ b/pkg/controller/utils/utils_test.go @@ -52,7 +52,7 @@ var _ = Describe("utils", func() { Expect(err).NotTo(HaveOccurred()) }) It("disable some capabilities", func() { - disableCaps := "autoscale,route" + disableCaps := "manualscaler,healthscope" err := CheckDisabledCapabilities(disableCaps) Expect(err).NotTo(HaveOccurred()) }) diff --git a/pkg/webhook/core.oam.dev/register.go b/pkg/webhook/core.oam.dev/register.go index 722adecc2..3d16c89a8 100644 --- a/pkg/webhook/core.oam.dev/register.go +++ b/pkg/webhook/core.oam.dev/register.go @@ -31,16 +31,22 @@ import ( // Register will be called in main and register all validation handlers func Register(mgr manager.Manager, args controller.Args) { - application.RegisterValidatingHandler(mgr, args) - applicationconfiguration.RegisterValidatingHandler(mgr, args) - componentdefinition.RegisterMutatingHandler(mgr, args) - componentdefinition.RegisterValidatingHandler(mgr, args) - traitdefinition.RegisterValidatingHandler(mgr, args) - applicationconfiguration.RegisterMutatingHandler(mgr) - applicationrollout.RegisterMutatingHandler(mgr) - applicationrollout.RegisterValidatingHandler(mgr) - component.RegisterMutatingHandler(mgr, args) - component.RegisterValidatingHandler(mgr) + + if args.OAMSpecVer == "v0.3" || args.OAMSpecVer == "all" { + application.RegisterValidatingHandler(mgr, args) + componentdefinition.RegisterMutatingHandler(mgr, args) + componentdefinition.RegisterValidatingHandler(mgr, args) + traitdefinition.RegisterValidatingHandler(mgr, args) + applicationrollout.RegisterMutatingHandler(mgr) + applicationrollout.RegisterValidatingHandler(mgr) + } + + if args.OAMSpecVer == "v0.2" || args.OAMSpecVer == "all" { + applicationconfiguration.RegisterMutatingHandler(mgr) + applicationconfiguration.RegisterValidatingHandler(mgr, args) + component.RegisterMutatingHandler(mgr, args) + component.RegisterValidatingHandler(mgr) + } server := mgr.GetWebhookServer() server.Register("/convert", &conversion.Webhook{}) diff --git a/test/e2e-test/app_resourcetracker_test.go b/test/e2e-test/app_resourcetracker_test.go index ef4075bcd..b51aa2b79 100644 --- a/test/e2e-test/app_resourcetracker_test.go +++ b/test/e2e-test/app_resourcetracker_test.go @@ -1150,7 +1150,7 @@ var _ = Describe("Test application cross namespace resource", func() { return fmt.Errorf("error to record deploy name in app status") } return nil - }, time.Second*5, time.Millisecond*500).Should(BeNil()) + }, time.Second*30, time.Millisecond*500).Should(BeNil()) By("deleting application will remove resourceTracker and related resourceTracker will be removed") app = new(v1beta1.Application) Expect(k8sClient.Get(ctx, types.NamespacedName{Namespace: namespace, Name: appName}, app)).Should(BeNil()) diff --git a/test/e2e-test/kubernetes_workload_test.go b/test/e2e-test/kubernetes_workload_test.go index 3bb234690..af01ff93d 100644 --- a/test/e2e-test/kubernetes_workload_test.go +++ b/test/e2e-test/kubernetes_workload_test.go @@ -81,7 +81,7 @@ var _ = Describe("Test kubernetes native workloads", func() { wd := v1alpha2.WorkloadDefinition{ ObjectMeta: metav1.ObjectMeta{ Name: "deployments.apps", - Namespace: "vela-system", + Namespace: "oam-runtime-system", Labels: label, }, Spec: v1alpha2.WorkloadDefinitionSpec{ @@ -92,7 +92,7 @@ var _ = Describe("Test kubernetes native workloads", func() { } logf.Log.Info("Creating workload definition for deployment") // For some reason, WorkloadDefinition is created as a Cluster scope object - Expect(k8sClient.Create(ctx, &wd)).Should(SatisfyAny(BeNil(), &util.AlreadyExistMatcher{})) + Expect(k8sClient.Create(ctx, wd.DeepCopy())).Should(SatisfyAny(BeNil(), &util.AlreadyExistMatcher{})) // create a workload CR workloadName := "example-deployment-workload" wl := appsv1.Deployment{ @@ -153,7 +153,10 @@ var _ = Describe("Test kubernetes native workloads", func() { }, } logf.Log.Info("Creating component", "Name", comp.Name, "Namespace", comp.Namespace) - Expect(k8sClient.Create(ctx, &comp)).Should(BeNil()) + + Eventually(func() error { + return k8sClient.Create(ctx, &comp) + }, 30*time.Second, 300*time.Microsecond).Should(SatisfyAny(BeNil(), util.AlreadyExistMatcher{})) By("Check component created as expected") Eventually( diff --git a/test/e2e-test/suite_test.go b/test/e2e-test/suite_test.go index 44b309510..de0553622 100644 --- a/test/e2e-test/suite_test.go +++ b/test/e2e-test/suite_test.go @@ -120,6 +120,9 @@ var _ = BeforeSuite(func(done Done) { }, } // For some reason, traitDefinition is created as a Cluster scope object + Expect(k8sClient.Create(context.Background(), manualscalertrait.DeepCopy())).Should(SatisfyAny(BeNil(), &util.AlreadyExistMatcher{})) + // for oam spec v0.2 e2e-test + manualscalertrait.Namespace = "oam-runtime-system" Expect(k8sClient.Create(context.Background(), &manualscalertrait)).Should(SatisfyAny(BeNil(), &util.AlreadyExistMatcher{})) // Create manual scaler trait definition with spec.extension field definitionExtension := DefinitionExtension{ @@ -142,6 +145,9 @@ var _ = BeforeSuite(func(done Done) { Extension: in, }, } + Expect(k8sClient.Create(context.Background(), extendedmanualscalertrait.DeepCopy())).Should(SatisfyAny(BeNil(), &util.AlreadyExistMatcher{})) + // for oam spec v0.2 e2e-test + extendedmanualscalertrait.Namespace = "oam-runtime-system" Expect(k8sClient.Create(context.Background(), &extendedmanualscalertrait)).Should(SatisfyAny(BeNil(), &util.AlreadyExistMatcher{})) By("Created extended manualscalertraits.core.oam.dev") @@ -261,18 +267,26 @@ var _ = BeforeSuite(func(done Done) { Scope: crdv1.NamespaceScoped, }, } + Expect(k8sClient.Create(context.Background(), crd.DeepCopy())).Should(SatisfyAny(BeNil(), &util.AlreadyExistMatcher{})) + // for oam spec v0.2 e2e-test + crd.Namespace = "oam-runtime-system" Expect(k8sClient.Create(context.Background(), &crd)).Should(SatisfyAny(BeNil(), &util.AlreadyExistMatcher{})) By("Created a crd for revision mechanism test") By("Create workload definition for revision mechanism test") var nwd v1alpha2.WorkloadDefinition Expect(common.ReadYamlToObject("testdata/revision/workload-def.yaml", &nwd)).Should(BeNil()) + Eventually( + func() error { + return k8sClient.Create(context.Background(), nwd.DeepCopy()) + }, + time.Second*3, time.Millisecond*300).Should(SatisfyAny(BeNil(), &util.AlreadyExistMatcher{})) + nwd.Namespace = "oam-runtime-system" Eventually( func() error { return k8sClient.Create(context.Background(), &nwd) }, time.Second*3, time.Millisecond*300).Should(SatisfyAny(BeNil(), &util.AlreadyExistMatcher{})) - close(done) }, 300) diff --git a/test/e2e-test/testdata/revision/trait-def-no-revision.yaml b/test/e2e-test/testdata/revision/trait-def-no-revision.yaml index b6f90162f..849d7b096 100644 --- a/test/e2e-test/testdata/revision/trait-def-no-revision.yaml +++ b/test/e2e-test/testdata/revision/trait-def-no-revision.yaml @@ -2,7 +2,7 @@ apiVersion: core.oam.dev/v1alpha2 kind: TraitDefinition metadata: name: bars.example.com - namespace: vela-system + namespace: oam-runtime-system spec: definitionRef: name: bars.example.com \ No newline at end of file diff --git a/test/e2e-test/testdata/revision/trait-def.yaml b/test/e2e-test/testdata/revision/trait-def.yaml index 9e1c35e9c..4f9da8d12 100644 --- a/test/e2e-test/testdata/revision/trait-def.yaml +++ b/test/e2e-test/testdata/revision/trait-def.yaml @@ -2,7 +2,7 @@ apiVersion: core.oam.dev/v1alpha2 kind: TraitDefinition metadata: name: bars.example.com - namespace: vela-system + namespace: oam-runtime-system spec: revisionEnabled: true definitionRef: