* Docs(KEP): Go SDK for X-Definition Authoring (defkit)
Introduces KEP proposal for defkit, a Go SDK that enables platform
engineers to author X-Definitions using native Go code instead of CUE.
Key proposed features:
- Fluent builder API for Component, Trait, Policy, and WorkflowStep definitions
- Transparent Go-to-CUE compilation
- IDE support with autocomplete and type checking
- Schema-agnostic resource construction
- Collection operations (map, filter, dedupe)
- Composable health and status expressions
- Addon integration with godef/ folder support
- Module dependencies for definition sharing via go get
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(KEP): Examples and minor api changes given in the document
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(KEP): align defkit examples
- Fix golang version in CI
- Fix variable declaration in example for testing
- Add Is() comparison method to status check
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Docs(KEP): add security considerations section
- Add goal #7 for secure code execution model
- Add Security Considerations section covering:
- Code execution model (compile-time only, not runtime)
- Security benefits over CUE (static analysis, dependency scanning)
- Threat model with mitigations
Addresses PR feedback about code execution safety.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Docs(KEP): add module versioning and definition placement sections
- Add Module Versioning section explaining git-based version derivation
- Add Definition Placement section covering:
- Motivation for placement constraints in multi-cluster environments
- Fluent API for placement (RunOn, NotRunOn, label conditions)
- Logical combinators (And, Or, Not)
- Module-level placement defaults
- Placement evaluation logic
- CLI experience for managing cluster labels
- Add Module Hooks section for lifecycle callbacks
- Minor fixes and clarifications throughout
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Docs(KEP): add module hooks and update addon integration sections
- Add Module Hooks section covering:
- Use cases (CRD installation, setup scripts, post-install samples)
- Hook configuration in module.yaml (pre-apply, post-apply)
- Hook types (path for manifests, script for shell scripts)
- waitFor field with condition names and CUE expressions
- CLI usage (--skip-hooks, --dry-run)
- Update Addon Integration section with implementation details:
- godef/ folder structure with module.yaml
- CLI flags (--godef, --components, --traits, --policies, --workflowsteps)
- Conflict detection and --override-definitions flag
- Development workflow
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Docs(KEP): address PR review comments and clarify placement labels
- Fix misleading "Sandboxed Compilation" claim (cubic-ai feedback) -
renamed to "Isolated Compilation" and clarified that security relies
on trust model, not technical sandboxing
- Fix inconsistent apiVersion in module hooks example (defkit.oam.dev/v1
→ core.oam.dev/v1beta1)
- Clarify that placement uses vela-cluster-identity ConfigMap directly,
not the vela cluster labels command (which is planned for future)
- Add --stats flag to apply-module CLI documentation
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Docs(KEP): fix API documentation
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add core fluent API types for Go-based definitions
Introduce the defkit package providing a fluent Go API for defining
KubeVela X-Definitions (components, traits, policies, workflow steps).
Core types added:
- types.go: Value, Condition, Param interfaces
- base.go: Base definition types and interfaces
- param.go: Parameter builders (String, Int, Bool, Array, Map, Struct, Enum)
- expr.go: Expression builders for conditions and comparisons
- resource.go: Resource operations (Set, SetIf, Spread)
- context.go: KubeVela context references (appName, namespace, etc.)
- test_context.go: Test utilities for definition validation
This enables writing type-safe Go definitions that compile to CUE.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add collection operations and helper builders
Add fluent API for array/collection transformations:
- CollectionOp with Filter, Map, Pick, Wrap, Dedupe operations
- From() and Each() entry points for collection pipelines
- FieldRef, FieldEquals, FieldMap for field-level operations
- MultiSource for complex multi-array comprehensions
- Add helper builders for template variables
- Add value transformation utilities
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add CUE code generator
Implement CUEGenerator that transforms Go definitions into CUE code
Added helper methods and writers for conversion
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add status and health policy builders
Add fluent builders for customStatus and healthPolicy CUE generation
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add definition type builders
Add fluent builders for all four KubeVela X-Definition types:
- ComponentDefinition
- TraitDefinition
- PolicyDefinition
- WorkflowStepDefinition
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(goloader): add Go module loader for definitions
- Definition interface and registry for runtime discovery
- Discover and parse Go-based definition files
- Compile Go definitions to CUE at runtime
- Module environment for batch processing
- Parallel generation for better performance
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(cli): add vela def commands for Go-based definitions
- init-module: scaffold a new Go definition module
- apply-module: compile and apply definitions to cluster
- list-module: show definitions in a module
- validate-module: validate definitions without applying
- Also support the cue commands for xdefintions for go code
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add testing utilities and matchers
- CUE comparison matchers for Ginkgo/Gomega tests
- Test helpers for definition validation
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add patch container helpers for container mod operations
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(cli): update the go module to 1.23.8 for defkit init-module command
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Refactor: Add grouped help output for vela def command
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add definition placement for cluster-aware deployments
Enable definitions to specify which clusters they should run on based on
cluster identity labels stored in a well-known ConfigMap.
Also derives module version from git tags and improves init-module to
create directories from --name flag.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add RunOn/NotRunOn fluent API for placement constraints
Add placement methods to all definition builders allowing definitions
to specify cluster eligibility using the placement package's fluent API.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Docs(defkit): add commented placement example to module.yaml template
Show users the placement syntax in generated module.yaml without
setting actual values.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add module-level placement support
Add placement constraints at the module level in module.yaml that
apply to all definitions unless overridden at definition level.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add CLI placement enforcement in apply-module
Add placement constraint checking to `vela def apply-module` command.
Definitions are skipped if cluster labels don't match module placement.
- Add --ignore-placement flag to bypass placement checks
- Display placement status during apply with clear skip reasons
- Track placement-skipped count in summary output
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(defkit): show all flags in subcommand help output
Fix custom help function to properly display flags for def subcommands
like init-module and apply-module instead of only showing parent flags.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(defkit): apply name prefix to definitions in apply-module
The --prefix flag was not being applied to definition names. The prefix
was set in module loader metadata but not used when creating Kubernetes
objects from parsed CUE.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Chore(defkit): align module command help with standard vela pattern
Remove argument placeholders from command Use field to align with
other vela commands (addon, cluster, workflow). Arguments are shown
in examples and individual --help output instead of the listing.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(goloader): use json.Unmarshal for go mod download output
The downloadGoModule function parses JSON output from 'go mod download -json'
but was incorrectly using yaml.Unmarshal with json struct tags. The yaml.v3
library ignores json tags, resulting in empty field values.
This would cause remote Go module loading (e.g., github.com/foo/bar@v1.0.0)
to fail with "go mod download did not return a directory" because result.Dir
would be empty.
Fix: Use json.Unmarshal instead since the data is JSON from the Go toolchain.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(goloader): use semver for MinVelaVersion comparison
String comparison of version numbers is incorrect for cases like
"v1.10.0" > "v1.9.0" which returns false due to lexicographic ordering.
Use the Masterminds/semver library (already a dependency) for proper
semantic version comparison in ValidateModule().
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(placement): validate operator in module placement conditions
Add validation to catch invalid placement operators at module load time
instead of silently failing at runtime evaluation.
- Add Operator.IsValid() method to check for valid operators
- Add ValidOperators() helper function
- Add validatePlacementConditions() in ValidateModule()
- Provides clear error message with valid operator list
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(cli): validate conflict strategy in apply-module
Invalid --conflict values like "invalid" were silently accepted and
would fall through the switch statement, behaving like "overwrite".
Add ConflictStrategy.IsValid() method and validation at flag parsing
to provide clear error message for invalid values.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(placement): support definition-level placement constraints
Previously only module-level placement was enforced. Now individual
definitions can specify their own placement constraints that override
module defaults.
Changes:
- Add Placement field to DefinitionInfo and DefinitionPlacement types
- Add GetPlacement/HasPlacement to Definition interface
- Update registry ToJSON to include placement in output
- Update goloader to capture definition placement from registry
- Update CLI apply-module to use GetEffectivePlacement() for combining
module-level and definition-level placement
- Add comprehensive tests for definition placement
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Chore(defkit): remove dead PatchTemplate code
PatchTemplate, PatchOp, SetPatchOp, and SetIfPatchOp were defined but
never used anywhere in the codebase. The PatchResource type already
provides the same functionality and is the one actually being used
through Template.Patch().
Removed:
- PatchTemplate struct and its methods (ToCue, SetIf, Set)
- PatchOp interface
- SetPatchOp struct and its ToCue method
- SetIfPatchOp struct and its ToCue method
- NewPatchTemplate constructor
This cleanup reduces maintenance burden without affecting any
functionality.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(cli): pass actual VelaVersion to validate-module command
The help text for `vela def validate-module` promised to check
minVelaVersion requirements but ValidateModule() was called with
an empty string, causing the check to be silently skipped.
Now passes velaversion.VelaVersion so modules specifying a minimum
KubeVela version will be properly validated against the current CLI
version.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): implement WithDetails() and FromTyped() APIs
WithDetails():
- Adds WithDetails(message, details...) method to StatusBuilder
- Allows adding structured key-value details alongside status messages
- Uses existing StatusDetail and statusWithDetailsExpr infrastructure
- Example: s.WithDetails(s.Format("Ready: %v", ...), s.Detail("endpoint", ...))
FromTyped():
- Converts typed Kubernetes objects (runtime.Object) to Resource
- Provides compile-time type safety for building resources
- Requires TypeMeta to be set on the object
- Includes MustFromTyped() variant that panics on error
- Example: defkit.FromTyped(&appsv1.Deployment{...})
Both APIs were documented in the KEP but not implemented.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Style(defkit): apply gofmt formatting
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(defkit): fix remote module download with @latest version
When downloading a Go module without an explicit version, always append
@latest to ensure go mod download fetches from the remote repository
instead of skipping the download.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(defkit): support running def commands from any directory
Previously, module commands like `vela def list-module` only worked
when run from within the kubevela repository. Now they work from any
directory by honoring replace directives in the source module's go.mod.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): generate doc.go files in init-module
Create doc.go files with package documentation in each definition
directory (components, traits, policies, workflowsteps). This ensures
go mod tidy works correctly by making each directory a valid Go package,
and provides helpful examples for users creating new definitions.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(defkit): deduplicate definitions from overlapping directory scans
The module loader scans both conventional directories (components/,
traits/, etc.) and the root directory. Since DiscoverDefinitions uses
recursive filepath.Walk, files in subdirectories were found twice.
Added file tracking to skip already-processed files.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(defkit): validate placement constraints and fix GOWORK interference
Add validation for conflicting placement constraints at registration time.
Definitions with logically impossible placement (e.g., same condition in
both RunOn and NotRunOn) now fail fast with a clear error message.
Also fix placement loading when parent directories contain go.work files
by setting GOWORK=off when running the registry generator.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add parameter schema constraints and runtime condition methods
Extend the parameter fluent API with comprehensive validation and
conditional logic support:
- Schema constraints for input validation (Min/Max, Pattern, MinLen/MaxLen, MinItems/MaxItems)
- Runtime conditions for template logic (In, Contains, Matches, StartsWith/EndsWith, Len*, IsEmpty/IsNotEmpty, HasKey, IsFalse)
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add waitFor support with CUE expressions for module hooks
Add the ability to specify custom readiness conditions for module hooks
using the new `waitFor` field. This allows users to define precise
conditions for when resources should be considered ready.
The waitFor field supports two formats:
- Simple condition name (e.g., "Ready", "Established") - checks
status.conditions for the named condition with status "True"
- CUE expression (e.g., "status.replicas == status.readyReplicas") -
evaluated against the full resource for flexible readiness checks
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(addon): add godef support for Go-based definitions in addons
Add support for a godef/ folder in addons that allows writing definitions
in Go instead of CUE. When an addon is enabled, Go definitions are
automatically compiled to CUE and deployed alongside traditional CUE
definitions.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: lint issues and make reviewable
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: lint and build failure
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: lint and ci errors
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: golangci-lint errors for defkit package
- Use standard library errors (errors.Is/As) instead of pkg/errors
- Fix ineffassign issues by scoping variables correctly
- Add nolint comments for intentional nilerr, makezero patterns
- Combine chained appends in addon init.go
- Add gosec nolint for CLI file operations and permissions
- Increase gocyclo threshold to 35, nolint complex CLI commands
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: kubectl installation with retry and fallback version in github actions
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(ci): hardcode kubectl version to avoid flaky CDN endpoint
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Chore: improve test coverage for codecov
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Chore: add more tests for codecov and CI to pass
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: ci failure on style
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: OperatorNotEquals to fail closed with empty values
Change NotEquals operator to return false when Values slice is empty,
matching the fail-closed behavior of Equals operator. This prevents
silent widening of placement eligibility when a malformed constraint
is created.
Following Kubernetes label selector semantics where In/NotIn operators
require non-empty values, we apply a fail-closed approach for safety
in placement decisions.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: OpenArrayParam field shadowing and remove redundant GetName()
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: path traversal vulnerability in Go definition scaffolding
Validate Go definition names before using them in file paths to prevent
creation of files outside the addon directory. Unsanitized names could
contain path traversal segments (e.g., "../../../etc/passwd") allowing
arbitrary file writes.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: unescaped string interpolation in health_expr CUE generation
Use %q format verb in formatValue() to properly escape quotes and
special characters when generating CUE strings. Update fieldContainsExpr
to use formatValue() instead of raw string interpolation.
This prevents invalid CUE when substring values contain quotes or
backslashes.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: Guard against typed nil in Gomega matchers to prevent panic
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: Guard against malformed bracket path in parseBracketAccess
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: incomplete AppRevision test to actually verify resolution
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: apply fail-closed behavior to NotIn with empty values
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Doc: Added note about RawCUE and some alignment style
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
---------
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
Webhook Upgrade Validation / webhook-upgrade-check (push) Failing after 2m0s
- Added GetCUExParameterValue()
function that uses cuex.DefaultCompiler instead
of standard CUE compiler
- Added GetParametersWithCuex() function with cuex support
- Updated GetBaseResourceKinds() to use cuex compiler
- Updated all callers to use cuex-aware functions
Fixes#7012
Signed-off-by: GoGstickGo <janilution@gmail.com>
* Feat(KEP): Nested Definition Rendering (Compositions)
Signed-off-by: Brian Kane <briankane1@gmail.com>
* Feat(KEP) #6990 - Nested Definition Rendering (Compositions) - Minor Updates
Signed-off-by: Brian Kane <briankane1@gmail.com>
---------
Signed-off-by: Brian Kane <briankane1@gmail.com>
* refactor: pre-start hook implementation
- Introduced a new `hook.go` file defining the `PreStartHook` interface for pre-start validation hooks.
- Removed the old `pre_start_hook.go` file which contained the `SystemCRDValidationHook` implementation.
- Updated the server initialization code to use the new hook structure, specifically integrating the `crdvalidation` package for pre-start validation.
- Enhanced logging for pre-start hook execution to improve clarity on hook names and execution results.
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* refactor: move color writer implementation to logging package and update usage in server setup
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* refactor: rename Hook to CRDValidation for clarity and consistency
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* refactor: reorder import statements for consistency
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* refactor: replace hardcoded namespace with variable in cleanup function
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* refactor: rename CRDValidation type to Hook for consistency
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* refactor: enhance CRD validation hook with custom client support and improved error handling
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* refactor: extend timeout for CRD validation hook and improve error handling for slow API servers
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* refactor: remove redundant comments from PreStartHook definition
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
---------
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* Feat: Add integration test setup and cleanup scripts, enhance server testing capabilities
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* Refactor: Rename variables for clarity and consistency in core command handling
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* refactor: Remove redundant server test targets and enhance logging in core command execution
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* Refactor server tests and enhance E2E testing setup
- Updated server_test.go to improve test organization and clarity, including the addition of BeforeSuite and AfterSuite for environment setup and teardown.
- Enhanced the waitWebhookSecretVolume tests to cover various scenarios including empty directories and files.
- Added new tests for syncConfigurations and logging setup functions to ensure proper configuration handling.
- Introduced a new E2E test for the main function in main_e2e_test.go to validate the core functionality of the application.
- Improved the e2e.mk file to set up a k3d cluster for running main_e2e_test with embedded test binaries and added cleanup steps.
- Removed the setup-integration-tests.sh script as its functionality is now integrated into the Makefile.
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* Refactor: improve multicluster test timeouts
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
---------
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* feat(addon): Store addon registry tokens in Secrets
Previously, addon registry tokens were stored in plaintext within the 'vela-addon-registry' ConfigMap. This is not a secure practice for sensitive data.
This commit refactors the addon registry functionality to store tokens in Kubernetes Secrets. The ConfigMap now only contains a reference to the secret name, while the token itself is stored securely.
This change includes:
- Creating/updating secrets when a registry is added/updated.
- Loading tokens from secrets when a registry is listed/retrieved.
- Deleting secrets when a registry is deleted.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* test(addon): Add tests for registry token secret storage
This commit introduces a comprehensive test suite for the addon registry feature.
It includes:
- Isolated unit tests for each CRUD operation (Add, Update, List, Get, Delete) to ensure each function works correctly in isolation.
- A stateful integration test to validate the complete lifecycle of an addon registry from creation to deletion.
The tests verify that tokens are handled correctly via Kubernetes Secrets, confirming the implementation of the secure token storage feature.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(addon): improve addon registry robustness and fix bugs
This commit introduces several improvements to the addon registry to make it more robust and fixes several bugs.
- When updating a secret, the existing secret is now fetched and updated to avoid potential conflicts.
- Deleting a non-existent registry now returns no error, making the operation idempotent.
- Getting a non-existent registry now returns a structured not-found error.
- Loading a token from a non-existent secret is now handled gracefully.
- When setting a token directly on a git-based addon source, the token secret reference is now cleared.
- The token secret reference is now correctly copied in `SafeCopy`.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* Refactor(addon): Fix secret deletion and improve registry logic
This commit refactors the addon registry data store to fix a critical bug where deleting an addon registry would not delete its associated token secret.
The root cause was that the `GetRegistry` function, which was used by `DeleteRegistry`, would load the token from the secret and then clear the `TokenSecretRef` field on the in-memory object. This meant that when `DeleteRegistry` tried to find the secret to delete, the reference was already gone.
This has been fixed by:
1. Introducing a central `getRegistries` helper function to read the raw registry data from the ConfigMap.
2. Refactoring all data store methods (`List`, `Get`, `Add`, `Update`, `Delete`) to use this central helper, removing duplicate code.
3. Ensuring `DeleteRegistry` uses the raw, unmodified registry data so that the `TokenSecretRef` is always available for deletion.
Additionally, comprehensive unit tests for the new helper functions (`getRegistries`, `loadTokenFromSecret`, `createOrUpdateTokenSecret`) have been added to verify the fix and improve overall code quality and stability.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(addon): improve addon registry token security and logging
This commit enhances the security and observability of addon registry token handling.
- Adds a warning message to users when an insecure inline token is detected in an addon registry configuration, prompting them to migrate to a more secure secret-based storage.
- Implements info-level logging to create an audit trail for token migrations, providing administrators with visibility into security-related events.
- Refactors the token migration logic into a new `migrateInlineTokenToSecret` function, improving code clarity and maintainability.
- Introduces unit tests for the `TokenSource` interface methods and the `GetTokenSource` function to ensure correctness and prevent regressions.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* Chore: remove comments to triger ci
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* fix(addon): show correct owner in definition conflict error
When enabling an addon, if a definition conflicted with one from another existing addon, the error message would misleadingly cite the addon being installed as the owner, rather than the actual owner of the definition. This made it difficult for users to diagnose the conflict.
This commit corrects the error message generation in `checkConflictDefs` to use the name of the actual owner application. A comprehensive unit test for this function has also been added to verify the corrected behavior and prevent regressions.
Fixes#6898
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* fix(addon): show correct owner name in conflict message
When a definition conflict occurs, the error message attempts to show the addon that owns the existing definition.
However, if the owner is not a KubeVela addon application (i.e., its name doesn't have the 'addon-' prefix), the `AppName2Addon` function returns an empty string. This resulted in a confusing conflict message with a blank owner name, like "already exist in \n".
This patch fixes the issue by checking if the result of `AppName2Addon` is empty. If it is, it falls back to using the full application name of the owner,
ensuring the conflict message is always clear and actionable.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* chore(addon): update comment for addon name
- Add this comment to trigger ci
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* fix(addon): improve conflict message for addon definitions
adjust comment placement and logic to ensure correct addon name display in conflict messages
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(appfile): Enhance unit test coverage and migrate to standard Go testing
This commit significantly enhances the unit test coverage for the `references/appfile` package by introducing a comprehensive suite of new test cases and migrating existing tests to the standard Go `testing` framework with `testify/assert`.
Key additions and improvements include:
- **New Test Cases for `references/appfile/api/appfile.go`**: Added tests for `NewAppFile`, `JSONToYaml`, and `LoadFromBytes` to ensure correct application file initialization, parsing, and loading.
- **New Test Cases for `references/appfile/api/service.go`**: Introduced tests for `GetUserConfigName`, `GetApplicationConfig`, and `ToStringSlice` to validate service configuration extraction and type conversions.
- **Expanded Test Coverage for `references/appfile/app.go`**: Added new tests for `NewApplication`, `Validate`, `GetComponents`, `GetServiceConfig`, `GetApplicationSettings`, `GetWorkload`, and `GetTraits`, ensuring the robustness of application-level operations.
- **Dedicated Test Files for `modify.go` and `run.go`**: Created `modify_test.go` and `run_test.go` to provide specific unit tests for `SetWorkload`, `CreateOrUpdateApplication`, `CreateOrUpdateObjects`, and `Run` functions.
- **Test Framework Migration**: Refactored `addon_suit_test.go` to `main_test.go` and `addon_test.go` to use standard Go `testing` and `testify/assert`, improving consistency and maintainability.
These changes collectively improve the robustness, reliability, and maintainability of the `appfile` package by providing a more comprehensive and standardized testing approach.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* chore(references/appfile): improve test suite robustness and style
This commit introduces two improvements to the test suite in the `references/appfile` package.
First, the `TestMain` function in `main_test.go` is refactored to ensure the `envtest` control-plane is always stopped, even if test setup fails. This is achieved by creating a single exit path that handles cleanup, preventing resource leaks.
Second, a minor linting issue (S1005) in `modify_test.go` is fixed by removing an unnecessary assignment to the blank identifier.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* Chore: remove comment to trigger ci
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* test(cli): enhance unit test coverage for theme and color config
This commit introduces a comprehensive suite of unit tests for the theme and color configuration functions in `references/cli/top/config`.
Key changes include:
- Refactored existing tests in `color_test.go` to use table-driven sub-tests for improved clarity and maintainability.
- Added new test functions to validate color parsing, hex color detection, and default theme creation.
- Implemented tests for theme file lifecycle management, including creation and loading logic.
These additions significantly increase the test coverage and ensure the robustness and correctness of the CLI's theme and color functionality.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* test(cli): refactor and enhance tests for top view models and utils
This commit improves the unit test suite for the CLI's top view functionality by refactoring existing tests and adding new ones to increase coverage.
Key changes include:
- In `application_test.go`, `TestApplicationList_ToTableBody` is refactored to be a table-driven test, and new tests are added for `serviceNum`, `workflowMode`, and `workflowStepNum` helpers.
- In `time_test.go`, `TestTimeFormat` is refactored into a table-driven test for better structure and readability.
These changes align the tests with best practices and improve the overall robustness of the CLI top view's data presentation logic.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* test(cuegen): enhance unit test coverage for CUE generation packages
This commit introduces a comprehensive suite of unit tests and refactors existing tests for the CUE generation packages located in `references/cuegen`.
Key changes include:
- Refactored existing tests in `generator_test.go` and `provider_test.go` to use table-driven sub-tests, improving clarity, maintainability, and coverage of error conditions.
- Added new test functions to `convert_test.go` to validate helper functions for comment generation, type support, and enum field handling.
- Added new tests in `provider_test.go` to cover provider extraction, declaration modification, and panic recovery logic.
These changes significantly increase the test coverage for the `cuegen` libraries, ensuring the correctness and robustness of the CUE code generation functionality.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* test(docgen): add comprehensive unit tests for doc generation
This commit introduces a comprehensive suite of unit tests for the documentation generation package located in `references/docgen`.
Key changes include:
- Added new test files (`console_test.go`, `convert_test.go`, `openapi_test.go`) to cover the core functions for parsing and generating documentation for CUE, Terraform, and OpenAPI schemas.
- Refactored and enhanced `i18n_test.go` to use sub-tests, resolve race conditions, and improve coverage for fallback logic and error handling.
- Ensured all new and existing tests follow best practices, using table-driven tests for clarity and maintainability.
This effort significantly increases the test coverage for the `docgen` package, improving the reliability and robustness of the documentation generation features.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* test: improve test reliability and conventions
This commit introduces several improvements to the test suite to enhance reliability and adhere to best practices.
- **Fix flaky test in `docgen/openapi_test.go`**:
The test for `GenerateConsoleDocument` was flaky because it performed an exact string match on table output generated from a map. Since map iteration order is not guaranteed, this could cause spurious failures. The test is now order-insensitive, comparing sorted sets of lines instead.
- **Improve assertions in `docgen/console_test.go`**:
- Removes an unnecessary `test.EquateErrors()` option, which is not needed for simple string comparisons.
- Corrects the `cmp.Diff` argument order to the standard `(want, got)` convention for clearer failure messages.
- Fixes a typo in an error message.
- **Standardize assertions in `cli/top/config/color_test.go`**:
Swaps `assert.Equal` arguments to the standard `(expected, actual)` convention.
- **Clean up `cuegen/generators/provider/provider_test.go`**:
Removes a redundant error check.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(monitor): Add unit tests for application metrics watcher
This commit introduces a new test file with comprehensive unit tests for the application metrics watcher functionality in pkg/monitor/watcher.
Key additions include:
- Test cases for the application metrics watcher's inc() method covering add, delete, and update operations
- Test cases for report() method that verifies dirty flags are cleared
- Test cases for helper functions getPhase() and getApp()
These additions improve the overall test coverage and ensure the correctness of the application metrics monitoring functionality.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(velaql): Add comprehensive unit tests for ParseVelaQLFromPath
This commit introduces new unit tests for the ParseVelaQLFromPath function in pkg/velaql, along with test data files to improve test coverage and ensure correctness.
Key additions include:
- `pkg/velaql/parse_test.go`: Adds TestParseVelaQLFromPath function with comprehensive test cases covering:
* Valid CUE files with and without export fields
* Nonexistent and empty file paths
* Invalid CUE content
* Files with invalid export types
- Test data files in pkg/velaql/testdata/:
* simple-valid.cue: Valid CUE file with export field
* simple-no-export.cue: Valid CUE file without export field
* empty.cue: Empty CUE file
* invalid-cue-content.cue: CUE file with invalid syntax
* invalid-export.cue: CUE file with invalid export type
These additions improve the overall test coverage and ensure the robustness of the VELAQL parsing functionality.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(webhook): Add unit tests for ValidateDefinitionRevision function
This commit introduces new unit tests for the ValidateDefinitionRevision function in pkg/webhook/utils to improve test coverage and ensure correctness of definition revision validation.
Key additions include:
- `pkg/webhook/utils/utils_test.go`: Adds TestValidateDefinitionRevision function with comprehensive test cases covering:
* Success scenarios with matching definition revisions
* Success scenarios when definition revision does not exist
* Failure scenarios with revision hash mismatches
* Failure scenarios with spec mismatches
* Failure scenarios with invalid definition revision names
These additions improve the overall test coverage and ensure the robustness of the webhook utility functions for validating definition revisions.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(workflow): Add unit tests for OAM apply and query utilities
This commit introduces new unit tests for workflow provider functions in pkg/workflow/providers to improve test coverage and ensure correctness.
Key additions include:
- `pkg/workflow/providers/oam/apply_test.go`: Adds TestRenderComponent function with comprehensive test cases for component rendering
- `pkg/workflow/providers/query/utils_test.go`: Adds:
* TestBuildResourceArray function with comprehensive test cases covering simple, nested, and complex resource tree scenarios
* TestBuildResourceItem function with test cases for resources with and without annotations
These additions improve the overall test coverage and ensure the robustness of the workflow provider functions for OAM applications.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* fix(velaql): Improve error handling in ParseVelaQLFromPath test
This commit addresses an issue in the TestParseVelaQLFromPath function where file read errors were being silently ignored. The changes include:
- Removing the unused expectedView field from test cases
- Replacing conditional error checking with require.NoError to ensure file read operations are properly validated
- Ensuring that test failures are properly reported when file reading fails
This fix improves the reliability of the test suite by making sure that any file I/O errors are properly caught and reported rather than silently ignored.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat: Apply cross-cutting test improvements
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat: Enhance test coverage with file-specific suggestions
This commit applies file-specific suggestions to enhance the test suite's
coverage and robustness.
Key changes include:
- **`pkg/monitor/watcher/application_test.go`**:
- Added a test case for a multi-step workflow with mixed phases to
validate `stepPhaseCounter` aggregation.
- Added a test for idempotence by calling `inc` twice.
- Added test cases for an empty workflow and an unknown application phase.
- Strengthened the `report` test to assert that counters are not cleared.
- **`pkg/velaql/parse_test.go`**:
- Added a test case for `ParseVelaQLFromPath` to handle files with
leading/trailing whitespace.
- Added a test case to ensure consistent error messages for relative paths.
- **`pkg/webhook/utils/utils_test.go`**:
- Added a test case to `TestValidateCueTemplate` for a malformed CUE
template.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
Webhook Upgrade Validation / webhook-upgrade-check (push) Failing after 25s
- Modified the documentation generation logic to keep .md file extensions, enhancing IDE support and compatibility with Docusaurus.
- Updated various documentation headers to include the correct .md references in auto-generated messages, ensuring consistency across multiple components (component, policy, trait, workflow).
Signed-off-by: jguionnet jguionnet@guidewire.com
Signed-off-by: jguionnet jguionnet@guidewire.com
Signed-off-by: Jerome Guionnet <jguionnet@guidewire.com>
Webhook Upgrade Validation / webhook-upgrade-check (push) Failing after 24s
* Fix: Update ingress messages to handle host retrieval more robustly across multiple templates
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* Fix: Enhance output handling in k8s-objects template to check for empty objects
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* Fix: Ensure policy selection from envBindingPolicies only occurs if the list is not empty
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
---------
Signed-off-by: Ayush Kumar <ayushshyamkumar888@gmail.com>
* feat(addon): add comprehensive unit tests for addon readers
This commit enhances the test coverage and code quality for the addon reader implementations in the pkg/addon package.
- Refactors all existing addon reader tests (gitee, github, gitlab, local) to use consistent, modern testing patterns like sub-tests.
- Replaces the old memory_reader_test.go with a completely refactored implementation.
- Adds new unit tests for previously untested functions, including various getters, client constructors, and RelativePath helpers.
- Improves http-based tests (gitlab, github, gitee) to use robust mock handlers that correctly simulate API behavior, including pagination and error states.
These changes improve the overall quality and reliability of the addon system and uncovered two minor bugs during the process.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(addon): add more unit tests for addon helpers
This commit continues to improve the test coverage for the pkg/addon package by adding unit tests for several helper and factory functions.
- Adds a test for WrapErrRateLimit to ensure GitHub API rate limit errors are handled correctly.
- Adds a test for ClassifyItemByPattern to verify addon file classification logic.
- Adds a test for the NewAsyncReader factory function to ensure correct reader instantiation.
- Adds tests for various utility functions in utils.go, including IsRegistryFuncs, InstallOptions, ProduceDefConflictError, and GenerateChartMetadata.
These tests increase the reliability of the addon installation and handling logic.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(addon): add unit tests for versioned addon registry
This commit improves test coverage for the versioned addon registry logic in the pkg/addon package.
- Adds a unit test for resolveAddonListFromIndex to verify the logic for parsing Helm index files.
- Introduces a new table-driven test for the internal loadAddon function, covering success and multiple failure scenarios (e.g., version not found, download failure, corrupt data).
- Adds a new test helper, setupAddonTestServer, to create isolated mock HTTP servers for testing addon loading, improving test reliability and clarity.
These tests ensure the core logic for discovering and fetching versioned addons is robust and functions as expected.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* chore(addon): remove unused gitlab testdata path constant
- remove unused gitlab testdata path constant name `gitlabTestdataPath`
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* refactor(addon): improve unit tests based on review feedback
This commit addresses several code review comments to improve the quality, correctness, and robustness of the unit tests in the pkg/addon package.
- Refactors map key assertions in the memory reader test to use the correct "comma ok" idiom instead of assert.NotNil.
- Updates the GitHub reader test to use a compliant addon mock that includes the required template.cue file.
- Modifies the chart metadata test in utils_test.go to use t.TempDir() for better test isolation and automatic cleanup.
- Switches from assert.NotNil to require.NotNil in the versioned registry test to prevent panics on nil pointers.
These changes make the test suite more robust, reliable, and easier to maintain.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(appfile): Add comprehensive unit tests for appfile package
This commit significantly enhances the test coverage for the `pkg/appfile` package by adding a comprehensive suite of new unit tests. These tests improve the reliability of core application parsing, generation, and validation logic.
Key additions include:
- **Parsing:** New tests for policy parsing, legacy application revision handling, and dynamic component loading.
- **Manifest Generation:** Added coverage for `GenerateComponentManifests` and `GeneratePolicyManifests` to ensure correctness of generated resources.
- **OAM Contracts:** New tests for `SetOAMContract` and `setWorkloadRefToTrait` to verify OAM label and reference injection.
- **Template & Context:** Added tests for loading templates from revisions (`LoadTemplateFromRevision`) and preparing the process context (`PrepareProcessContext`).
- **Validation:** Enhanced validation tests for component parameters and uniqueness of output names.
As part of this effort, the existing tests were also migrated from Ginkgo to the standard `testing` package with `testify/assert` to maintain consistency across the codebase.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* refactor(pkg/component): Migrate ref-objects tests to standard Go testing and add new test cases
This commit refactors the unit tests for `pkg/component/ref-objects` from a Ginkgo-based suite to the standard Go `testing` package. Additionally, new unit test cases have been added to further enhance test coverage and ensure the robustness of the `ref-objects` functionality.
Key changes include:
- Deletion of `pkg/component/ref_objects_suite_test.go`.
- Introduction of `pkg/component/main_test.go` to manage test environment setup and teardown using `TestMain`.
- Creation of `pkg/component/ref_objects_test.go` containing all the ref-objects related unit tests, now using standard Go testing functions, along with newly added test cases for improved coverage.
This migration improves consistency with other unit tests in the codebase and leverages the native Go testing framework.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* chore(pkg/component): Reorder imports in ref_objects_test.go
This commit reorders the import statements in `pkg/component/ref_objects_test.go` to adhere to standard Go formatting and import grouping conventions. This change improves code readability and consistency.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
The GetPath method for GitLabItem produced an incorrect path when an addon's base path in the repository was empty. This was caused by an off-by-one error in the string slicing logic that always assumed a base path separator existed, incorrectly truncating the first character of the file path.
This commit corrects the logic by adding a check for an empty base path, ensuring the full path is returned in that case.
Fixes#6899
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
Webhook Upgrade Validation / webhook-upgrade-check (push) Failing after 26s
* feat(common): Enhance unit test coverage for common utilities
This commit significantly enhances the unit test coverage for the `references/common` package, covering a wide range of utilities related to application management, metrics, registry operations, traits, and workloads. Existing tests have also been refactored to improve readability and maintainability.
Key additions and improvements include:
- **Application Utilities**: New tests for `ExportFromAppFile`, `ApplyApp`, `IsAppfile`, `Info`, `SonLeafResource`, `LoadAppFile`, and `ApplyApplication` in `application_test.go`.
- **Metrics Utilities**: Expanded tests for `ToPercentage`, `GetPodStorage`, and `GetPodOfManagedResource` in `metrics_test.go`, with existing tests refactored to use `testify/assert` and table-driven formats.
- **Registry Operations**: New tests for `InstallComponentDefinition` and `InstallTraitDefinition` in `registry_test.go`.
- **Trait Definitions**: New `trait_test.go` file with tests for `ListRawWorkloadDefinitions`.
- **Workload Initialization**: New `workload_test.go` file with tests for `InitApplication` and `BaseComplete`.
These changes collectively improve the robustness, reliability, and maintainability of the `references/common` package by providing a more comprehensive and standardized testing approach.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* test(common): Improve test assertions and error handling
This commit improves the quality and reliability of unit tests in the `references/common` package by addressing several inconsistencies and potential issues.
Key changes include:
- Asserts the error returned by `v1beta1.AddToScheme` across multiple test files (`application_test.go`, `registry_test.go`, `workload_test.go`) to prevent masking scheme registration failures.
- Replaces `strings.Contains` with the more idiomatic `assert.Contains` in `application_test.go`.
- Adds an assertion to check the error returned by `tmpFile.Close()` in `application_test.go`.
- Uses `assert.EqualError` instead of `assert.Equal` for comparing error messages in `registry_test.go` for more precise error checking.
- Removes an unused `strings` import from `application_test.go`.
These changes lead to more robust, readable, and consistent tests.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* fix(common): Fix flaky test in TestExportFromAppFile
The `TestExportFromAppFile` test was passing locally but failing in CI with a "no matches for kind" error.
This was caused by passing an uninitialized `common.Args` object to the `ExportFromAppFile` function. The function was using the client from this object, which was not the correctly configured fake client.
This commit fixes the issue by explicitly setting the fake client on the `common.Args` object before it is used, making the test hermetic and reliable.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
Webhook Upgrade Validation / webhook-upgrade-check (push) Failing after 23s
* Fix: update Homebrew formula action to latest version
Signed-off-by: Chaitanya Reddy Onteddu <chaitanyareddy0702@gmail.com>
* Fix: update Homebrew formula action reference to correct version
Signed-off-by: Chaitanya Reddy Onteddu <chaitanyareddy0702@gmail.com>
* fix: remove redundant Homebrew bump action
- Fixes: https://github.com/kubevela/kubevela/actions/runs/18149681613/job/51659048948
- The kubevela formula in homebrew/core is already configured for automatic updates via BrewTestBot.
- BrewTestBot runs every ~3 hours after a new release to automatically open version bump PRs.
- The manual bump step (dawidd6/action-homebrew-bump-formula) was redundant and caused workflow failures:
'Error: Whoops, the kubevela formula has its version update pull requests automatically opened by BrewTestBot every ~3 hours!'
- Removed the manual bump action to prevent conflicts and rely solely on BrewTestBot for formula updates https://github.com/Homebrew/homebrew-core/blob/master/Formula/k/kubevela.rb.
Signed-off-by: Chaitanya Reddy Onteddu <chaitanyareddy0702@gmail.com>
---------
Signed-off-by: Chaitanya Reddy Onteddu <chaitanyareddy0702@gmail.com>
* fix(references/appfile): correct namespace existence check in addon
The `generateSecretFromTerraformOutput` function was using an incorrect logic to check for namespace existence. It was trying to create the namespace and if it succeeded, it would return an error.
This commit corrects the logic to use `k8sClient.Get` and checks for a `NotFound` error to accurately determine if the namespace exists.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* fix(references/appfile): make terraform output parsing robust
The previous implementation for parsing `terraform output` was fragile and could lead to data corruption or errors. It would incorrectly remove all spaces from values and would fail to parse values that contained an equals sign.
This commit refactors the parsing logic to be more robust:
- It no longer removes spaces from output values, preserving them correctly.
- It correctly parses `key=value` pairs by splitting only on the first equals sign in a line.
- It properly handles quoted string values from Terraform.
The corresponding tests in `addon_test.go` have been updated to align with the refactored function signature and verify the new, robust behavior.
Fixes#6916
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(multicluster): Enhance unit test coverage for multicluster utilities
This commit introduces a comprehensive suite of unit tests for the multicluster management functions in pkg/multicluster.
Key changes include:
- `cluster_management_test.go`: Improves the structure of TestDetachCluster and TestRenameCluster by organizing test cases into a collection, which enhances clarity and
simplifies adding new scenarios.
- `utils_test.go` and `virtual_cluster_test.go`: Adds new test cases to validate additional utility and virtual cluster helper functions, increasing overall test
coverage.
These additions improve the overall test coverage and ensure the correctness and reliability of multicluster operations.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(multicluster): Add unit tests for multicluster workflow provider
This commit introduces new unit tests for the multicluster workflow provider located in pkg/workflow/providers/multicluster.
Key additions include:
- Comprehensive tests for the Deploy workflow step, covering parameter validation, error handling, and successful deployment scenarios.
- New tests for GetPlacementsFromTopologyPolicies to ensure correct placement resolution from topology policies, including error cases and default behaviors.
These additions improve the test coverage and ensure the robustness of the multicluster workflow provider.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* fix(multicluster): Correct duplicate import in utils_test.go
This commit resolves a linting error (ST1019) in pkg/multicluster/utils_test.go caused by the k8s.io/api/core/v1 package being imported twice with different aliases (v1
and corev1).
The redundant import alias v1 has been removed, and the corresponding type reference for []v1.Secret has been updated to []corev1.Secret to maintain consistency.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* test(multicluster): fix cross-test side effects
The TestListExistingClusterSecrets function mutates the global
variable ClusterGatewaySecretNamespace without restoring its original
value. This can lead to unpredictable behavior in other tests that
rely on this variable.
This commit fixes the issue by saving the value of
ClusterGatewaySecretNamespace before the test runs and restoring it
afterward using a defer statement.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* test(multicluster): remove redundant test case in TestContext
The `TestContextWithClusterName` sub-test in `TestContext` is redundant, as its functionality is already covered by the more comprehensive `TestClusterNameInContext` sub-test.
This commit removes the unnecessary test to improve the clarity and maintainability of the test suite without sacrificing coverage.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* test(resourcekeeper): add unit tests for resource management
This commit introduces new unit tests to improve the test coverage of the `resourcekeeper` package.
- A new test file `containsresources_test.go` is added, which includes a comprehensive table-driven test for the `ContainsResources` function.
- A new table-driven test, `TestUpdateSharedManagedResourceOwner`, is added to `gc_test.go` to verify the logic for updating ownership of shared resources.
These tests follow Go best practices and enhance the robustness of the resourcekeeper functionality.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(resourcetracker): add unit tests for tree display logic
This commit enhances the test coverage for the resource tree display logic in the `pkg/resourcetracker` package.
- Refactors `TestResourceTreePrintOption_getWidthForDetails` to cover more cases and improve test clarity.
- Adds a comprehensive test for `TestPrintResourceTree` to verify the output of the resource tree printing.
- Introduces a new test for the `tableRoundTripper` to ensure the HTTP `Accept` header is correctly mutated.
- Adds tests for helper functions like `TestLoadResourceRows`, `TestSortRows`, and `TestFillResourceRows` to ensure each part of the tree building logic is working as expected.
These changes improve the overall quality and reliability of the resource tracker's tree view functionality.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(envbinding): add unit tests for placement logic
This commit enhances the test coverage for the `envbinding` policy package.
- Adds a new test for `WritePlacementDecisions` to verify the logic of writing placement decisions to the application status. This includes scenarios for adding new policies, updating existing ones, and handling malformed data.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(schema): add unit tests for schema parsing and conversion
This commit enhances the test coverage for the `pkg/schema` package by adding unit tests for CUE parsing and OpenAPI schema conversion.
- Adds a new test for `ParsePropertiesToSchema` to verify that CUE parameter definitions are correctly parsed into OpenAPI schemas.
- Introduces a new test for `ConvertOpenAPISchema2SwaggerObject` to ensure the conversion from a raw OpenAPI v3 schema to a Swagger object is handled correctly, including error cases.
These tests improve the reliability of the schema generation and conversion logic, which is critical for capability definitions.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(env): Add comprehensive unit tests for environment management
This commit introduces a comprehensive suite of unit tests for the environment management functions in `pkg/utils/env`.
Key changes include:
- Refactoring the test setup to use `TestMain` for better test environment control.
- Adding new test cases for `CreateEnv`, `GetEnvByName`, `ListEnvs`, `SetCurrentEnv`, `SetEnvLabels`, and `DeleteEnv`.
These tests improve the overall test coverage and ensure the correctness and reliability of environment-related operations.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(errors): Add unit tests for error handling utilities
This commit introduces new unit tests for the error handling utilities located in `pkg/utils/errors/`.
Specifically, new test files have been added for:
- `crd_test.go`: Tests for CRD-related error checks.
- `list_test.go`: Tests for error list aggregation.
- `reason_test.go`: Tests for specific error reasons like label conflicts and CUE path not found.
- `resourcetracker_test.go`: Tests for resource tracker errors.
These additions improve the test coverage and ensure the robustness of KubeVela's error handling mechanisms.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* refactor(schema): Refactor ui_schema_test.go to use testify/assert and add new test cases
This commit refactors `pkg/utils/schema/ui_schema_test.go` to improve its readability and maintainability.
Key changes include:
- Migrating from Ginkgo/Gomega to testify/assert for assertions.
- Restructuring `TestGetDefaultUIType` into a table-driven test.
- Adding new comprehensive test cases for `Condition_Validate` function.
These changes enhance the test suite for UI schema utilities, making it more robust and easier to extend.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* refactor(system): Refactor system_test.go and add comprehensive unit tests
This commit refactors `pkg/utils/system/system_test.go` to improve its structure, readability, and test coverage.
Key changes include:
- Converting existing tests to a table-driven format using `testify/assert`.
- Adding new comprehensive test cases for:
- `CreateIfNotExist`
- `GetVelaHomeDir`
- `GetDirectoryFunctions` (e.g., `GetCapCenterDir`, `GetCapabilityDir`)
- `InitFunctions` (e.g., `InitCapabilityDir`, `InitCapCenterDir`, `InitDirs`)
- `BindEnvironmentVariables`
These changes enhance the test suite for system utilities, ensuring their correctness and robustness.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(types): Add unit tests for QL types
This commit introduces new unit tests for the types defined in `pkg/utils/types`, specifically focusing on types related to KubeVela Query Language (QL).
New test cases cover:
- `ServiceEndpoint.String()`: Verifies the string representation of service endpoints, including various protocols, ports, and paths.
- `AppliedResource.GroupVersionKind()`: Ensures correct extraction of GroupVersionKind from applied resources.
- `ResourceTreeNode.GroupVersionKind()`: Verifies correct extraction of GroupVersionKind from resource tree nodes.
These tests improve the coverage and reliability of core data structures used in KubeVela.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(util): Add and refactor unit tests for utility functions
This commit introduces new unit tests and refactors existing ones within the `pkg/utils/util` package.
Key changes include:
- **`pkg/utils/util/cmd_test.go`**: Adds comprehensive tests for `IOStreams` and its print functions, as well as `NewDefaultIOStreams` and `NewTestIOStreams`.
- **`pkg/utils/util/factory_test.go`**: Refactors the `GenerateLeaderElectionID` test to a table-driven format and adds new tests for `computeDiscoverCacheDir` and `RestConfigGetter` methods, ensuring the correctness of Kubernetes client configuration and discovery.
These additions and refactorings enhance the test coverage and reliability of core utility functions.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(utils): Add and refactor unit tests for json, jwt, parse, and strings utilities
This commit introduces new unit tests and refactors existing ones across several utility packages within `pkg/utils/`.
Key changes include:
- **`pkg/utils/json`**: Adds tests for `StrictUnmarshal` to ensure proper JSON unmarshaling.
- **`pkg/utils/jwt`**: Adds tests for JWT token subject extraction and certificate subject retrieval.
- **`pkg/utils/parse`**: Expands test coverage for URL parsing functions (`Parse`, `ParseGitlab`).
- **`pkg/utils/strings`**: Refactors existing tests to a table-driven format and adds tests for box drawing string generation.
These additions and refactorings significantly improve the test coverage and reliability of KubeVela's utility functions.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* fix(tests): Address test and error handling issues
This commit addresses several issues identified in unit tests and error handling utilities, improving test reliability and code safety.
Key fixes and improvements include:
- **`pkg/utils/errors`**:
- Added nil check to `IsCuePathNotFound` to prevent panics.
- Corrected `fmt.Errorf` usage to `errors.New` in `reason_test.go` (SA1006 fix).
- Used `assert.EqualError` for clearer error message comparisons in `resourcetracker_test.go`.
- **`pkg/utils/jwt_test.go`**: Marked `generateTestCert` as a test helper using `t.Helper()` for better error reporting.
- **`pkg/utils/system_test.go`**:
- Removed unused `verifyCleanup` field.
- Modified `TestGetVelaHomeDir` to use a temporary home directory, preventing destructive operations on the user's system.
- **`pkg/utils/util/cmd_test.go`**: Swapped `assert.Equal` arguments to follow `expected, actual` convention.
These changes enhance the robustness and correctness of the test suite and related utility functions.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* chore(tests): Apply gofmt and import ordering to test files
This commit applies standard Go formatting (`gofmt`) and corrects import ordering in several test files.
Affected files:
- `pkg/utils/schema/ui_schema_test.go`: Added missing newline at EOF.
- `pkg/utils/system/system_test.go`: Corrected import ordering.
- `pkg/utils/util/factory_test.go`: Corrected import ordering.
These changes ensure consistency with project coding standards.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(config): add unit test for config pkg
- add unit test cases for writer.go file
- add unit test cases for factory.go file
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(auth): add unit tests for auth package
This commit introduces a comprehensive suite of unit tests for the `pkg/auth` package, significantly improving test coverage and ensuring the correctness of the authentication and authorization logic.
The following key areas are now covered:
- **Identity:** Tests for identity creation, validation, matching, and subject generation.
- **Kubeconfig:** Tests for kubeconfig generation options, certificate creation, and identity reading from kubeconfig.
- **Privileges:** Tests for privilege description implementations, listing privileges, and pretty-printing.
By adding these tests, we increase the robustness of the auth package and make future refactoring safer.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(oam): add unit tests for auxiliary functions
This commit adds comprehensive unit tests for the auxiliary functions in the pkg/oam package. The new tests cover the following functions:
- GetPublishVersion / SetPublishVersion
- GetDeployVersion
- GetLastAppliedTime
- GetControllerRequirement / SetControllerRequirement
- GetCluster / SetCluster / SetClusterIfEmpty
These tests address the lack of coverage for these functions and ensure their behavior is correct, including edge cases like handling missing annotations or removing annotations when set to an empty string.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(cue): add unit tests for cue packages
This commit enhances the test coverage of the `pkg/cue` directory by adding unit tests for the `definition`, `script`, and `task` packages.
The new tests cover the following areas:
- `pkg/cue/definition`:
- `TestWorkloadGetTemplateContext`: Verifies the template context retrieval for workloads.
- `TestTraitGetTemplateContext`: Ensures correct template context retrieval for traits.
- `TestGetCommonLabels`: Checks the conversion of context labels to OAM labels.
- `TestGetBaseContextLabels`: Validates the creation of base context labels.
- `pkg/cue/script`:
- Adds tests for `ParseToValue`, `ParseToValueWithCueX`, `ParseToTemplateValue`, and `ParseToTemplateValueWithCueX` to ensure CUE scripts are parsed correctly.
- `pkg/cue/task`:
- Refactors the existing test for `Process` to use a table-driven approach, improving readability and covering more cases.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* fix(tests): address PR comments and improve test reliability
This commit addresses several comments from a pull request review, improving the reliability and correctness of tests in various packages.
The following changes are included:
- **`pkg/config/writer`**:
- Renamed `writter_test.go` to `writer_test.go` to fix a typo.
- **`pkg/cue/task`**:
- Replaced the use of an external invalid URL with a local unreachable endpoint (`http://127.0.0.1:3000`) in `process_test.go` to prevent network flakiness.
- Switched to using `assert.ErrorContains` for safer error message assertions, avoiding potential panics.
- Corrected an assertion to compare a byte slice with a string by converting the byte slice to a string first.
- **`pkg/oam`**:
- Updated `auxliary_test.go` to use `time.Time.Equal` for time comparisons, making the test robust against timezone differences.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* Feat: Support Native Cue in HealthPolicy and CustomStatus
Signed-off-by: Brian Kane <briankane1@gmail.com>
* Feat: Support Native Cue in HealthPolicy and CustomStatus - Fix PR Comments & Bugs
Signed-off-by: Brian Kane <briankane1@gmail.com>
---------
Signed-off-by: Brian Kane <briankane1@gmail.com>
* Fix: omit component revision in additionalLabel to add to k8s object when component revision is not set and DisableAllComponentRevision setted true
Signed-off-by: 那金洋(29362878) <najinyang001@ke.com>
* Fix: omit component revision in additionalLabel to add to k8s object when component revision is not set and DisableAllComponentRevision setted true test cases
Signed-off-by: 那金洋(29362878) <najinyang001@ke.com>
---------
Signed-off-by: 那金洋(29362878) <najinyang001@ke.com>
* fix: check component status after initial deployment
Signed-off-by: Brian Kane <briankane1@gmail.com>
* Fix: applications should correctly reflect component health throughout the apps lifecycle
Signed-off-by: Brian Kane <briankane1@gmail.com>
* Fix: check component status after initial deployment
Signed-off-by: Brian Kane <briankane1@gmail.com>
---------
Signed-off-by: Brian Kane <briankane1@gmail.com>
Co-authored-by: Mikhail Elenskii <elenskii-mikhail@outlook.com>
* Fix(Helm): make tolerations, nodeSelector, affinity more generic
Signed-off-by: Oleg Tsymbal <dzirg44@gmail.com>
* Fix(Helm): make conditionals if and with consistent
Signed-off-by: Oleg Tsymbal <dzirg44@gmail.com>
* Fix(Helm): trigger the build to see if it is a problem with timeout
Signed-off-by: Oleg Tsymbal <dzirg44@gmail.com>
---------
Signed-off-by: Oleg Tsymbal <dzirg44@gmail.com>
- Add SPDX SBOMs for Vela Core and CLI images
- Sign and attest images to GHCR and DockerHub
- Generate and attest SLSA provenance
- Include SBOMs for binaries via GoReleaser
- Sign artifact checksums for integrity
Signed-off-by: Ayush <ayushshyam.official.888@gmail.com>
* Fix(parser) - Valid value must be an empty string or consist of alphanumeric characters, '-', '' or '.', and must start and end with an alphanumeric character
Signed-off-by: Jonatas Teixeira <jonatas.teixeira@hellofresh.com>
* Fix(e2e) - Increase waiting to prevent test start before port-forwared be finished
Signed-off-by: Jonatas Teixeira <jonatas.teixeira@hellofresh.com>
* Fix(e2e) - Adjust the time
Signed-off-by: Jonatas Teixeira <jonatas.teixeira@hellofresh.com>
* Fix(e2e) - Increase waiting to prevent test start before port-forwared be finished - By using gomega
Signed-off-by: Jonatas Teixeira <jonatas.teixeira@hellofresh.com>
* Fix(e2e) - Change vela command to get app status
Signed-off-by: Jonatas Teixeira <jonatas.teixeira@hellofresh.com>
---------
Signed-off-by: Jonatas Teixeira <jonatas.teixeira@hellofresh.com>
Previously, the deletion message for applications contained a typo where "application" was misspelled as "appplication". This commit corrects the spelling to "application" in the message:
- Before: "Start deleting appplication %s/%s\n"
- After: "Start deleting application %s/%s\n"
This change improves the clarity of the output message when deleting applications.
Signed-off-by: YoungLH <974840768@qq.com>
* Chore: Add Anoop and Daniel as codeowners
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Chore: Add Fog as a codeowner
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Chore: Removed @zzxwill due to non existent error
- Codeowners file was saying the the user handle did not have access to
the repo
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
---------
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
- Remove gomega from workflow e2e-test step
- Change the app phase to WorkFlowFailed when there is an error in workflow
- Change the app10.yaml file
Signed-off-by: Chaitanyareddy0702 <chaitanyareddy0702@gmail.com>
Author: VibhorChinda <vibhorchinda@gmail.com>
The original variable is "grtcpSocketpc", but this variable does not
exist in the file. According to the context, it should be "tcpSocket".
In addition, its type needs to be int to work properly.
Signed-off-by: zengziheng <zengziheng@datacloak.com>
Co-authored-by: zengziheng <zengziheng@datacloak.com>
# This file is a github code protect rule follow the codeowners https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/creating-a-repository-on-github/about-code-owners#example-of-a-codeowners-file
A comprehensive GitHub composite action for running KubeVela Kubernetes upgrade end-to-end (E2E) tests with complete environment setup, multiple test suites, and failure diagnostics.
> **Note**: This action requires the `GO_VERSION` environment variable to be set in your workflow.
A GitHub Actions composite action that sets up a complete testing environment for Kubevela projects with Go, Kubernetes tools, and the Ginkgo testing framework.
description:'Sets up a KinD (Kubernetes in Docker) cluster with configurable Kubernetes version and optional cluster naming for testing and development workflows.'
inputs:
k8s-version:
description:'Kubernetes version for the kind cluster'
// ComponentOutput contains K8s resource generated from "output" block of ComponentDefinition
ComponentOutput*unstructured.Unstructured
// ComponentOutputsAndTraits contains both resources generated from "outputs" block of ComponentDefinition and resources generated from TraitDefinition
| `featureGates.sharedDefinitionStorageForApplicationRevision` | use definition cache to reduce duplicated definition storage for application revision, must be used with InformerCacheFilterUnnecessaryFields | `true` |
| `featureGates.enableCueValidation` | enable the strict cue validation for cue required parameter fields | `false` |
| `featureGates.enableApplicationStatusMetrics` | enable application status metrics and structured logging | `false` |
| `featureGates.validateResourcesExist` | enable webhook validation to check if resource types referenced in definition templates exist in the cluster | `false` |
| `serviceAccount.create` | Specifies whether a service account should be created | `true` |
| `serviceAccount.annotations` | Annotations to add to the service account | `{}` |
| `serviceAccount.name` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | `nil` |
| `nodeSelector` | Node selector | `{}` |
| `tolerations` | Tolerations | `[]` |
| `affinity` | Affinity | `{}` |
| `rbac.create` | Specifies whether a RBAC role should be created | `true` |
| `logDebug` | Enable debug logs for development purpose | `false` |
| `logFilePath`| If non-empty, write log files in this path | `""` |
| `logFileMaxSize`| Defines the maximum size a log file can grow to. Unit is megabytes. If the value is 0, the maximum file size is unlimited. | `1024` |
| `kubeClient.qps` | The qps for reconcile clients | `400` |
| `kubeClient.burst` | The burst for reconcile clients | `600` |
| `authentication.enabled` | Enable authentication for application | `false` |
| `authentication.withUser` | Application authentication will impersonate as the request User | `true` |
| `authentication.defaultUser` | Application authentication will impersonate as the User if no user provided in Application | `kubevela:vela-core` |
| `authentication.groupPattern` | Application authentication will impersonate as the request Group that matches the pattern | `kubevela:*` |
| `sharding.enabled` | When sharding enabled, the controller will run as master mode. Refer to https://github.com/kubevela/kubevela/blob/master/design/vela-core/sharding.md for details. | `false` |
| `sharding.schedulableShards` | The shards available for scheduling. If empty, dynamic discovery will be used. | `""` |
| `serviceAccount.create` | Specifies whether a service account should be created | `true` |
| `serviceAccount.annotations` | Annotations to add to the service account | `{}` |
| `serviceAccount.name` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | `nil` |
| `nodeSelector` | Node selector | `{}` |
| `tolerations` | Tolerations | `[]` |
| `affinity`| Affinity | `{}` |
| `rbac.create` | Specifies whether a RBAC role should be created | `true` |
| `logDebug`| Enable debug logs for development purpose | `false` |
| `devLogs` | Enable formatted logging support for development purpose | `false` |
| `logFilePath` | If non-empty, write log files in this path | `""` |
| `logFileMaxSize` | Defines the maximum size a log file can grow to. Unit is megabytes. If the value is 0, the maximum file size is unlimited. | `1024` |
| `authentication.withUser` | Application authentication will impersonate as the request User (must be true for security) | `true` |
| `authentication.defaultUser` | Application authentication will impersonate as the User if no user provided or withUser is false | `kubevela:vela-core` |
| `authentication.groupPattern` | Application authentication will impersonate as the request Group that matches the pattern | `kubevela:*` |
| `authorization.definitionValidationEnabled` | Enable definition permission validation for RBAC checks on definitions | `false` |
| `sharding.enabled` | When sharding enabled, the controller will run as master mode. Refer to https://github.com/kubevela/kubevela/blob/master/design/vela-core/sharding.md for details. | `false` |
| `sharding.schedulableShards` | The shards available for scheduling. If empty, dynamic discovery will be used. | `""` |
| `core.metrics.enabled` | Enable metrics for vela-core | `false` |
| `core.metrics.serviceMonitor.enabled` | Enable service monitor for metrics | `false` |
| `core.metrics.serviceMonitor.additionalLabels` | Additional labels for service monitor | `{}` |
## Uninstallation
@@ -186,6 +199,21 @@ if [ $fluxcd ]; then
fi
```
Make sure all existing KubeVela resources deleted before uninstallation:
description:Application is the Schema for the applications API
properties:
apiVersion:
description:'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description:|-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type:string
kind:
description:'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description:|-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type:string
metadata:
type:object
@@ -104,10 +109,9 @@ spec:
scopes:
additionalProperties:
type:string
description:scopes in ApplicationComponent defines the component-level
scopes the format is <scope-type:scope-instance-name> pairs,
the key represents type of `ScopeDefinition` while the value
represent the name of scope instance.
description:|-
scopes in ApplicationComponent defines the component-level scopes
the format is <scope-type:scope-instance-name> pairs, the key represents type of `ScopeDefinition` while the value represent the name of scope instance.
type:object
x-kubernetes-preserve-unknown-fields:true
traits:
@@ -133,10 +137,10 @@ spec:
type:object
type:array
policies:
description:Policies defines the global policies for all components
in the app, e.g. security, metrics, gitops, multi-cluster placement
rules, etc. Policies are applied after components are rendered and
before workflow steps are executed.
description:|-
Policies defines the global policies for all components in the app, e.g. security, metrics, gitops,
multi-cluster placement rules, etc.
Policies are applied after components are rendered and before workflow steps are executed.
items:
description:AppPolicy defines a global policy for all components
in the app.
@@ -155,11 +159,12 @@ spec:
type:object
type:array
workflow:
description:'Workflow defines how to customize the control logic.
If workflow is specified, Vela won''t apply any resource, but provide
rendered output in AppRevision. Workflow steps are executed in array
order, and each step: - will have a context in annotation. - should
mark "finish" phase in status.conditions.'
description:|-
Workflow defines how to customize the control logic.
If workflow is specified, Vela won't apply any resource, but provide rendered output in AppRevision.
Workflow steps are executed in array order, and each step:
- will have a context in annotation.
- should mark "finish" phase in status.conditions.
properties:
mode:
description:WorkflowExecuteMode defines the mode of workflow
@@ -332,33 +337,39 @@ spec:
creator:
type:string
fieldPath:
description:'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
description:|-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type:string
kind:
description: 'Kind of the referent. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description:|-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type:string
name:
description: 'Name of the referent. More info:https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
description:|-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type:string
namespace:
description: 'Namespace of the referent. More info:https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
description:|-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type:string
resourceVersion:
description:'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
description:|-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type:string
uid:
description: 'UID of the referent. More info:https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
description:|-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type:string
type:object
x-kubernetes-map-type:atomic
@@ -367,63 +378,46 @@ spec:
description:Components record the related Components created by Application
Controller
items:
description:"ObjectReference contains enough information to let
you inspect or modify the referred object. --- New uses of this
type are discouraged because of difficulty describing its usage
when embedded in APIs. 1. Ignored fields. It includes many fields
which are not generally honored. For instance, ResourceVersion
and FieldPath are both very rarely valid in actual usage. 2. Invalid
usage help. It is impossible to add specific help for individual
usage. In most embedded usages, there are particular restrictions
like, \"must refer only to types A and B\" or \"UID not honored\"
or \"name must be restricted\". Those cannot be well described
when embedded. 3. Inconsistent validation. Because the usages
are different, the validation rules are different by usage, which
makes it hard for users to predict what will happen. 4. The fields
are both imprecise and overly precise. Kind is not a precise
mapping to a URL. This can produce ambiguity during interpretation
and require a REST mapping. In most cases, the dependency is
on the group,resource tuple and the version of the actual struct
is irrelevant. 5. We cannot easily change it. Because this type
is embedded in many locations, updates to this type will affect
numerous schemas. Don't make new APIs embed an underspecified
API type they do not control. \n Instead of using this type, create
a locally provided and used type that is well-focused on your
reference. For example, ServiceReferences for admission registration:
description:'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description:|-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type:string
kind:
description:'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description:|-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type:string
metadata:
type:object
@@ -76,14 +81,14 @@ spec:
type:object
x-kubernetes-preserve-unknown-fields:true
podSpecPath:
description:PodSpecPath indicates where/if this workload has K8s
podSpec field if one workload has podSpec, trait can do lot's of
assumption such as port, env, volume fields.
description:|-
PodSpecPath indicates where/if this workload has K8s podSpec field
if one workload has podSpec, trait can do lot's of assumption such as port, env, volume fields.
type:string
revisionLabel:
description:RevisionLabel indicates which label for underlying resources(e.g.
pods) of this workload can be used by trait to create resource selectors(e.g.
label selector for pods).
description:|-
RevisionLabel indicates which label for underlying resources(e.g. pods) of this workload
can be used by trait to create resource selectors(e.g. label selector for pods).
type:string
schematic:
description:Schematic defines the data format and template of the
@@ -93,10 +98,9 @@ spec:
description:CUE defines the encapsulation in CUE format
properties:
template:
description:Template defines the abstraction template data
of the capability, it will replace the old CUE template
in extension field. Template is a required field if CUE
is defined in Capability Definition.
description:|-
Template defines the abstraction template data of the capability, it will replace the old CUE template in extension field.
Template is a required field if CUE is defined in Capability Definition.
type:string
required:
- template
@@ -159,11 +163,11 @@ spec:
- remote
type:string
writeConnectionSecretToRef:
description:WriteConnectionSecretToReference specifies the
namespace and name of a Secret to which any connection details
for this managed resource should be written. Connection
details frequently include the endpoint, username, and password
required to connect to the managed resource.
description:|-
WriteConnectionSecretToReference specifies the namespace and name of a
Secret to which any connection details for this managed resource should
be written. Connection details frequently include the endpoint, username,
and password required to connect to the managed resource.
properties:
name:
description:Name of the secret.
@@ -186,11 +190,17 @@ spec:
description:CustomStatus defines the custom status message that
could display to user
type:string
details:
description:Details stores a string representation of a CUE status
map to be evaluated at runtime for display
type:string
healthPolicy:
description:HealthPolicy defines the health check policy for
the abstraction
type:string
type:object
version:
type:string
workload:
description:Workload is a workload type descriptor
properties:
@@ -222,13 +232,15 @@ spec:
description:A Condition that may apply to a resource.
properties:
lastTransitionTime:
description:LastTransitionTime is the last time this condition
transitioned from one status to another.
description:|-
LastTransitionTime is the last time this condition transitioned from one
status to another.
format:date-time
type:string
message:
description:A Message containing details about this condition's
last transition from one status to another, if any.
description:|-
A Message containing details about this condition's last transition from
one status to another, if any.
type:string
reason:
description:A Reason for this condition's last transition from
@@ -239,8 +251,9 @@ spec:
False,or Unknown?
type:string
type:
description:Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
description:|-
Type of this condition. At most one of each condition type may apply to
description:DefinitionRevision is the Schema for the DefinitionRevision API
properties:
apiVersion:
description:'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description:|-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type:string
kind:
description:'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description:|-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type:string
metadata:
type:object
@@ -53,16 +58,19 @@ spec:
ComponentDefinition
properties:
apiVersion:
description:'APIVersion defines the versioned schema of this
representation of an object. Servers should convert recognized
schemas to the latest internal value, and may reject unrecognized
values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description:|-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type:string
kind:
description:'Kind is a string value representing the REST resource
this object represents. Servers may infer this from the endpoint
the client submits requests to. Cannot be updated. In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description:|-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type:string
metadata:
properties:
@@ -117,14 +125,14 @@ spec:
type:object
x-kubernetes-preserve-unknown-fields:true
podSpecPath:
description:PodSpecPath indicates where/if this workload
has K8s podSpec field if one workload has podSpec, trait
can do lot's of assumption such as port, env, volume fields.
description:|-
PodSpecPath indicates where/if this workload has K8s podSpec field
if one workload has podSpec, trait can do lot's of assumption such as port, env, volume fields.
type:string
revisionLabel:
description:RevisionLabel indicates which label for underlying
resources(e.g. pods) of this workload can be used by trait
to create resource selectors(e.g. label selector for pods).
description:|-
RevisionLabel indicates which label for underlying resources(e.g. pods) of this workload
can be used by trait to create resource selectors(e.g. label selector for pods).
type:string
schematic:
description:Schematic defines the data format and template
@@ -134,10 +142,9 @@ spec:
description:CUE defines the encapsulation in CUE format
properties:
template:
description:Template defines the abstraction template
data of the capability, it will replace the old
CUE template in extension field. Template is a required
field if CUE is defined in Capability Definition.
description:|-
Template defines the abstraction template data of the capability, it will replace the old CUE template in extension field.
Template is a required field if CUE is defined in Capability Definition.
description:Policy is the Schema for the policy API
properties:
apiVersion:
description:'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description:|-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type:string
kind:
description:'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description:|-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
description:PolicyDefinition is the Schema for the policydefinitions API
properties:
apiVersion:
description:'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description:|-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type:string
kind:
description:'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description:|-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type:string
metadata:
type:object
@@ -46,30 +51,30 @@ spec:
description:Name of the referenced CustomResourceDefinition.
type:string
version:
description:Version indicate which version should be used if
CRD has multiple versions by default it will use the first one
if not specified
description:|-
Version indicate which version should be used if CRD has multiple versions
by default it will use the first one if not specified
type:string
required:
- name
type:object
manageHealthCheck:
description:ManageHealthCheck means the policy will handle health
checking and skip application controller built-in health checking.
description:|-
ManageHealthCheck means the policy will handle health checking and skip application controller
built-in health checking.
type:boolean
schematic:
description:Schematic defines the data format and template of the
encapsulation of the policy definition. Only CUE schematic is supported
for now.
description:|-
Schematic defines the data format and template of the encapsulation of the policy definition.
Only CUE schematic is supported for now.
properties:
cue:
description:CUE defines the encapsulation in CUE format
properties:
template:
description:Template defines the abstraction template data
of the capability, it will replace the old CUE template
in extension field. Template is a required field if CUE
is defined in Capability Definition.
description:|-
Template defines the abstraction template data of the capability, it will replace the old CUE template in extension field.
Template is a required field if CUE is defined in Capability Definition.
type:string
required:
- template
@@ -132,11 +137,11 @@ spec:
- remote
type:string
writeConnectionSecretToRef:
description:WriteConnectionSecretToReference specifies the
namespace and name of a Secret to which any connection details
for this managed resource should be written. Connection
details frequently include the endpoint, username, and password
required to connect to the managed resource.
description:|-
WriteConnectionSecretToReference specifies the namespace and name of a
Secret to which any connection details for this managed resource should
be written. Connection details frequently include the endpoint, username,
and password required to connect to the managed resource.
properties:
name:
description:Name of the secret.
@@ -151,6 +156,8 @@ spec:
- configuration
type:object
type:object
version:
type:string
type:object
status:
description:PolicyDefinitionStatus is the status of PolicyDefinition
@@ -161,13 +168,15 @@ spec:
description:A Condition that may apply to a resource.
properties:
lastTransitionTime:
description:LastTransitionTime is the last time this condition
transitioned from one status to another.
description:|-
LastTransitionTime is the last time this condition transitioned from one
status to another.
format:date-time
type:string
message:
description:A Message containing details about this condition's
last transition from one status to another, if any.
description:|-
A Message containing details about this condition's last transition from
one status to another, if any.
type:string
reason:
description:A Reason for this condition's last transition from
@@ -178,8 +187,9 @@ spec:
False,or Unknown?
type:string
type:
description:Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
description:|-
Type of this condition. At most one of each condition type may apply to
description:'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description:|-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type:string
kind:
description:'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description:|-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type:string
metadata:
type:object
@@ -83,33 +88,37 @@ spec:
description:Deleted marks the resource to be deleted
type:boolean
fieldPath:
description:'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
description:|-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type:string
kind:
description: 'Kind of the referent. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description:|-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type:string
name:
description: 'Name of the referent. More info:https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
description:|-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type:string
namespace:
description: 'Namespace of the referent. More info:https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
description:|-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type:string
raw:
type:object
x-kubernetes-preserve-unknown-fields:true
resourceVersion:
description:'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
description:|-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type:string
skipGC:
description:SkipGC marks the resource to skip gc
@@ -117,7 +126,9 @@ spec:
trait:
type:string
uid:
description: 'UID of the referent. More info:https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
description:|-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
description:A TraitDefinition registers a kind of Kubernetes custom resource
as a valid OAM trait kind by referencing its CustomResourceDefinition. The
CRD is used to validate the schema of the trait when it is embedded in an
OAM ApplicationConfiguration.
description:|-
A TraitDefinition registers a kind of Kubernetes custom resource as a valid
OAM trait kind by referencing its CustomResourceDefinition. The CRD is used
to validate the schema of the trait when it is embedded in an OAM
ApplicationConfiguration.
properties:
apiVersion:
description:'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description:|-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type:string
kind:
description:'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description:|-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type:string
metadata:
type:object
@@ -49,20 +55,25 @@ spec:
description:A TraitDefinitionSpec defines the desired state of a TraitDefinition.
properties:
appliesToWorkloads:
description:AppliesToWorkloads specifies the list of workload kinds
this trait applies to. Workload kinds are specified in resource.group/version
format, e.g. server.core.oam.dev/v1alpha2. Traits that omit this
field apply to all workload kinds.
description:|-
AppliesToWorkloads specifies the list of workload kinds this trait
applies to. Workload kinds are specified in resource.group/version format,
e.g. server.core.oam.dev/v1alpha2. Traits that omit this field apply to
all workload kinds.
items:
type:string
type:array
conflictsWith:
description:'ConflictsWith specifies the list of traits(CRD name,
Definition name, CRD group) which could not apply to the same workloads
with this trait. Traits that omit this field can work with any other
traits. Example rules: "service" # Trait definition name "services.k8s.io"
# API resource/crd name "*.networking.k8s.io" # API group "labelSelector:foo=bar"
description:Workflow is the Schema for the workflow API
properties:
apiVersion:
description:'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description:|-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type:string
kind:
description:'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description:|-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type:string
metadata:
type:object
@@ -59,6 +63,7 @@ spec:
inputs:
description:Inputs is the inputs of the step
items:
description:InputItem defines an input variable of WorkflowStep
properties:
from:
type:string
@@ -66,7 +71,6 @@ spec:
type:string
required:
- from
- parameterKey
type:object
type:array
meta:
@@ -75,12 +79,18 @@ spec:
alias:
type:string
type:object
mode:
description:Mode is only valid for sub steps, it defines the mode
of the sub steps
nullable:true
type:string
name:
description:Name is the unique name of the workflow step.
type:string
outputs:
description:Outputs is the outputs of the step
items:
description:OutputItem defines an output variable of WorkflowStep
properties:
name:
type:string
@@ -110,6 +120,7 @@ spec:
inputs:
description:Inputs is the inputs of the step
items:
description:InputItem defines an input variable of WorkflowStep
properties:
from:
type:string
@@ -117,7 +128,6 @@ spec:
type:string
required:
- from
- parameterKey
type:object
type:array
meta:
@@ -132,6 +142,7 @@ spec:
outputs:
description:Outputs is the outputs of the step
items:
description:OutputItem defines an output variable of WorkflowStep
properties:
name:
type:string
@@ -153,7 +164,6 @@ spec:
description:Type is the type of the workflow step.
type:string
required:
- name
- type
type:object
type:array
@@ -164,7 +174,6 @@ spec:
description:Type is the type of the workflow step.
description:'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description:|-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type:string
kind:
description:'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description:|-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type:string
metadata:
type:object
@@ -47,26 +52,25 @@ spec:
description:Name of the referenced CustomResourceDefinition.
type:string
version:
description:Version indicate which version should be used if
CRD has multiple versions by default it will use the first one
if not specified
description:|-
Version indicate which version should be used if CRD has multiple versions
by default it will use the first one if not specified
type:string
required:
- name
type:object
schematic:
description:Schematic defines the data format and template of the
encapsulation of the workflow step definition. Only CUE schematic
is supported for now.
description:|-
Schematic defines the data format and template of the encapsulation of the workflow step definition.
Only CUE schematic is supported for now.
properties:
cue:
description:CUE defines the encapsulation in CUE format
properties:
template:
description:Template defines the abstraction template data
of the capability, it will replace the old CUE template
in extension field. Template is a required field if CUE
is defined in Capability Definition.
description:|-
Template defines the abstraction template data of the capability, it will replace the old CUE template in extension field.
Template is a required field if CUE is defined in Capability Definition.
type:string
required:
- template
@@ -129,11 +133,11 @@ spec:
- remote
type:string
writeConnectionSecretToRef:
description:WriteConnectionSecretToReference specifies the
namespace and name of a Secret to which any connection details
for this managed resource should be written. Connection
details frequently include the endpoint, username, and password
required to connect to the managed resource.
description:|-
WriteConnectionSecretToReference specifies the namespace and name of a
Secret to which any connection details for this managed resource should
be written. Connection details frequently include the endpoint, username,
and password required to connect to the managed resource.
properties:
name:
description:Name of the secret.
@@ -148,6 +152,8 @@ spec:
- configuration
type:object
type:object
version:
type:string
type:object
status:
description:WorkflowStepDefinitionStatus is the status of WorkflowStepDefinition
@@ -158,13 +164,15 @@ spec:
description:A Condition that may apply to a resource.
properties:
lastTransitionTime:
description:LastTransitionTime is the last time this condition
transitioned from one status to another.
description:|-
LastTransitionTime is the last time this condition transitioned from one
status to another.
format:date-time
type:string
message:
description:A Message containing details about this condition's
last transition from one status to another, if any.
description:|-
A Message containing details about this condition's last transition from
one status to another, if any.
type:string
reason:
description:A Reason for this condition's last transition from
@@ -175,8 +183,9 @@ spec:
False,or Unknown?
type:string
type:
description:Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
description:|-
Type of this condition. At most one of each condition type may apply to
description:Package is an extension for cuex engine
properties:
apiVersion:
description:'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type:string
kind:
description:'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type:string
metadata:
type:object
spec:
description:PackageSpec the spec for Package
properties:
path:
type:string
provider:
description:Provider the external Provider in Package for cuex to
run functions
properties:
endpoint:
type:string
protocol:
description:ProviderProtocol the protocol type for external Provider
if context.output.spec != _|_ if context.output.spec.jobTemplate != _|_ if context.output.spec.jobTemplate.spec != _|_ if context.output.spec.jobTemplate.spec.template != _|_ {
// +usage=Specify Kubernetes native resource object to be applied
value: {...}
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
