From 0ae03a5eb7d7848493aa4376a5d5496440354a6e Mon Sep 17 00:00:00 2001 From: Jason Madigan Date: Wed, 28 Feb 2024 17:19:53 +0000 Subject: [PATCH 1/2] Show errors on missing deps (OLM, Istio, cert-manager) --- Makefile | 1 + cmd/install.go | 44 ++++++++++++++++++++++++++++++++++++++++++-- make/cert-manager.mk | 5 +++++ 3 files changed, 48 insertions(+), 2 deletions(-) create mode 100644 make/cert-manager.mk diff --git a/Makefile b/Makefile index 2a23925..5ad7a1f 100644 --- a/Makefile +++ b/Makefile @@ -53,6 +53,7 @@ env-setup: $(MAKE) olm-install $(MAKE) gateway-api-install $(MAKE) istio-install + $(MAKE) cert-manager-install $(MAKE) deploy-gateway ## local-setup: Sets up Kind cluster with GatewayAPI manifests and istio GW, nothing Kuadrant. Build and install kuadrantctl binary diff --git a/cmd/install.go b/cmd/install.go index c36eaa0..d4bc0a6 100644 --- a/cmd/install.go +++ b/cmd/install.go @@ -15,6 +15,8 @@ import ( "k8s.io/apimachinery/pkg/util/wait" "k8s.io/client-go/kubernetes/scheme" + apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" + kuadrantoperator "github.com/kuadrant/kuadrant-operator/api/v1beta1" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/client/config" @@ -73,6 +75,11 @@ func installRun(cmd *cobra.Command, args []string) error { return err } + if err := performDependencyChecks(k8sClient); err != nil { + logf.Log.Error(err, "Dependency checks failed") + return err + } + err = deployKuadrantOperator(k8sClient) if err != nil { return err @@ -91,13 +98,46 @@ func installRun(cmd *cobra.Command, args []string) error { return nil } +func checkCRDExistence(k8sClient client.Client, crdName, documentationURL string) error { + crd := &apiextensionsv1.CustomResourceDefinition{} + err := k8sClient.Get(context.Background(), types.NamespacedName{Name: crdName}, crd) + if err != nil { + logf.Log.Info(fmt.Sprintf("CRD %s not found. Please visit %s for installation instructions.", crdName, documentationURL)) + return fmt.Errorf("dependency CRD %s is not installed. Please follow the installation guide at %s", crdName, documentationURL) + } + return nil +} + +func performDependencyChecks(k8sClient client.Client) error { + var dependencyErrors []error + + // Perform each check and collect errors + if err := checkCRDExistence(k8sClient, "gateways.networking.istio.io", "https://istio.io/latest/docs/setup/additional-setup/getting-started/"); err != nil { + dependencyErrors = append(dependencyErrors, err) + } + if err := checkCRDExistence(k8sClient, "gatewayclasses.gateway.networking.k8s.io", "https://gateway-api.sigs.k8s.io/guides/#installing-gateway-api"); err != nil { + dependencyErrors = append(dependencyErrors, err) + } + if err := checkCRDExistence(k8sClient, "certificates.cert-manager.io", "https://cert-manager.io/docs/installation/"); err != nil { + dependencyErrors = append(dependencyErrors, err) + } + + // If any errors were collected, return an aggregated error + if len(dependencyErrors) > 0 { + return fmt.Errorf("dependency checks failed: %+v", dependencyErrors) + } + + // If no errors were collected, return nil to indicate success + return nil +} + func waitForDeployments(k8sClient client.Client) error { retryInterval := time.Second * 5 - timeout := time.Minute * 2 + timeout := time.Minute * 3 deploymentKeys := []types.NamespacedName{ types.NamespacedName{Name: "authorino", Namespace: installNamespace}, - types.NamespacedName{Name: "limitador", Namespace: installNamespace}, + types.NamespacedName{Name: "limitador-limitador", Namespace: installNamespace}, } for _, key := range deploymentKeys { diff --git a/make/cert-manager.mk b/make/cert-manager.mk new file mode 100644 index 0000000..4d52fb0 --- /dev/null +++ b/make/cert-manager.mk @@ -0,0 +1,5 @@ +##@ Install cert-manager, a tool to help manage the TLS certificates. + +.PHONY: cert-manager-install +cert-manager-install: + kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.3/cert-manager.yaml From 47f6c18470a20da80dc6ec7a3c3c58f161faee0e Mon Sep 17 00:00:00 2001 From: Jason Madigan Date: Wed, 28 Feb 2024 17:58:38 +0000 Subject: [PATCH 2/2] README updates --- Makefile | 1 - README.md | 144 ++++++++++++++++++++++++++++++++++++++++--- cmd/install.go | 44 +------------ make/cert-manager.mk | 5 -- 4 files changed, 138 insertions(+), 56 deletions(-) delete mode 100644 make/cert-manager.mk diff --git a/Makefile b/Makefile index 5ad7a1f..2a23925 100644 --- a/Makefile +++ b/Makefile @@ -53,7 +53,6 @@ env-setup: $(MAKE) olm-install $(MAKE) gateway-api-install $(MAKE) istio-install - $(MAKE) cert-manager-install $(MAKE) deploy-gateway ## local-setup: Sets up Kind cluster with GatewayAPI manifests and istio GW, nothing Kuadrant. Build and install kuadrantctl binary diff --git a/README.md b/README.md index d30ff36..cff87aa 100644 --- a/README.md +++ b/README.md @@ -1,23 +1,151 @@ # kuadrantctl [![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](http://www.apache.org/licenses/LICENSE-2.0) -Kuadrant configuration command line utility +`kuadrantctl` is a CLI tool for managing [Kuadrant](https://kuadrant.io/) configurations and resources. ## Installing -Use `go install` to install the latest version of the library. This command will install the `kuadrantctl` binary executable in `$GOBIN` (defaulting to `$GOPATH/bin`). -``` +`kuadrantctl` can be installed either by downloading pre-compiled binaries or by compiling from source. For most users, downloading the binary is the easiest and recommended method. + +### Installing Pre-compiled Binaries + +1. Download the latest binary for your platform from the [`kuadrantctl` Releases](https://github.com/Kuadrant/kuadrantctl/releases) page. +2. Unpack the binary. +3. Move it to a directory in your `$PATH` so that it can be executed from anywhere. + +### Compiling from Source + +If you prefer to compile from source or are contributing to the project, you can install `kuadrantctl` using `go install`. This method requires Golang 1.21 or newer. + +```bash go install github.com/kuadrant/kuadrantctl@latest ``` -> Golang 1.21+ required + +This command will compile `kuadrantctl` and install the binary executable in `$GOBIN` (defaulting to `$GOPATH/bin`). + +## Usage + + Below is a high-level overview of its commands, along with links to detailed documentation for more complex commands. + +### General Syntax + +```bash +kuadrantctl [command] [subcommand] [flags] +``` + + +### Commands Overview + +| Command | Description | +| ------------ | ---------------------------------------------------------- | +| `completion` | Generate autocompletion scripts for the specified shell | +| `generate` | Commands related to Kubernetes Gateway API and Kuadrant resource generation from OpenAPI 3.x specifications | +| `help` | Help about any command | +| `install` | Install the Kuadrant Operator with OLM to your Kuberenetes or OpenShift cluster | +| `uninstall` | Uninstall Kuadrant Operator from a Kubernetes or OpenShift cluster | +| `version` | Print the version number of `kuadrantctl` | + +### Flags + +| Flag | Description | +| ------------------ | --------------------- | +| `-h`, `--help` | Help for `kuadrantctl` | +| `-v`, `--verbose` | Enable verbose output | + +### Commands Detail + +#### `completion` + +Generate an autocompletion script for the specified shell. + +| Subcommand | Description | +| ------------ | ------------------------------------------- | +| `bash` | Generate script for Bash | +| `fish` | Generate script for Fish | +| `powershell` | Generate script for PowerShell | +| `zsh` | Generate script for Zsh | + +#### `generate` + +Commands related to Kubernetes Gateway API and Kuadrant resource generation from OpenAPI 3.x specifications. + +| Subcommand | Description | +| ------------ | --------------------------------------------- | +| `gatewayapi` | Generate Gateway API resources | +| `kuadrant` | Generate Kuadrant resources | + +##### `generate gatewayapi` + +Generate Gateway API resources from an OpenAPI 3.x specification + +| Subcommand | Description | Flags | +| ---------- | ------------------------------------------------ | --------------------------------- | +| `httproute`| Generate Gateway API HTTPRoute from OpenAPI 3.0.X| `--oas string` Path or URL to OpenAPI spec (required) | + +##### `generate kuadrant` + +Generate Kuadrant resources from an OpenAPI 3.x specification + +| Subcommand | Description | Flags | +| ---------------- | ------------------------------------------------- | --------------------------------- | +| `authpolicy` | Generate a [Kuadrant AuthPolicy](https://docs.kuadrant.io/kuadrant-operator/doc/auth/) from an OpenAPI 3.0.x specification | `--oas string` Path or URL to OpenAPI spec (required) | +| `ratelimitpolicy`| Generate [Kuadrant RateLimitPolicy](https://docs.kuadrant.io/kuadrant-operator/doc/rate-limiting/) from an OpenAPI 3.0.x specification | `--oas string` Path or URL to OpenAPI spec (required) | + + +#### `install` + +Install the [Kuadrant Operator](https://github.com/Kuadrant/kuadrant-operator) into an OLM-powered cluster. + +| Flag | Description | +| --------------------- | -------------------------------- | +| `--kubeconfig` string | Kubernetes configuration file | + +* For more information of the Kuadrant Operator, see https://docs.kuadrant.io/kuadrant-operator/ + +#### `uninstall` + +Remove Kuadrant from the cluster. + +| Flag | Description | +| --------------------- | -------------------------------- | +| `--kubeconfig` string | Kubernetes configuration file | + +#### `version` + +Print the version number of `kuadrantctl`. + +No additional flags or subcommands. + +### Additional Guides + +#### Generating Gateway API HTTPRoute Objects + +- Generates [Gateway API HTTPRoute](https://gateway-api.sigs.k8s.io/v1alpha2/guides/http-routing/) objects from an OpenAPI Specification (OAS) 3.x. +- Supports reading from a file, URL, or stdin. +- Example usages and more information can be found in the [detailed guide](doc/generate-gateway-api-httproute.md). + +#### Generating Kuadrant AuthPolicy Objects + +- Generates [Kuadrant AuthPolicy](https://github.com/Kuadrant/kuadrant-operator/blob/v0.4.1/doc/auth.md) objects for managing API authentication. +- Supports `openIdConnect` and `apiKey` types from the OpenAPI Security Scheme Object. +- Example usages and more information can be found in the [detailed guide](doc/generate-kuadrant-auth-policy.md). + +#### Generating Kuadrant RateLimitPolicy Objects + +- Generates [Kuadrant RateLimitPolicy](https://github.com/Kuadrant/kuadrant-operator/blob/v0.4.1/doc/rate-limiting.md) objects for managing API rate limiting. +- Supports reading from a file, URL, or stdin. +- Example usages and more information can be found in the [detailed guide](doc/generate-kuadrant-rate-limit-policy.md). + +For more detailed information about each command, including options and usage examples, use `kuadrantctl [command] --help`. + ## Using with GitHub Actions ```yaml - - name: Install kuadrantctl - uses: jaxxstorm/action-install-gh-release@v1.10.0 - with: # Grab the latest version - repo: Kuadrant/kuadrantctl +- name: Install kuadrantctl + uses: jaxxstorm/action-install-gh-release@v1.10.0 + with: # Grab the latest version + repo: Kuadrant/kuadrantctl ``` ## Commands diff --git a/cmd/install.go b/cmd/install.go index d4bc0a6..c36eaa0 100644 --- a/cmd/install.go +++ b/cmd/install.go @@ -15,8 +15,6 @@ import ( "k8s.io/apimachinery/pkg/util/wait" "k8s.io/client-go/kubernetes/scheme" - apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" - kuadrantoperator "github.com/kuadrant/kuadrant-operator/api/v1beta1" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/client/config" @@ -75,11 +73,6 @@ func installRun(cmd *cobra.Command, args []string) error { return err } - if err := performDependencyChecks(k8sClient); err != nil { - logf.Log.Error(err, "Dependency checks failed") - return err - } - err = deployKuadrantOperator(k8sClient) if err != nil { return err @@ -98,46 +91,13 @@ func installRun(cmd *cobra.Command, args []string) error { return nil } -func checkCRDExistence(k8sClient client.Client, crdName, documentationURL string) error { - crd := &apiextensionsv1.CustomResourceDefinition{} - err := k8sClient.Get(context.Background(), types.NamespacedName{Name: crdName}, crd) - if err != nil { - logf.Log.Info(fmt.Sprintf("CRD %s not found. Please visit %s for installation instructions.", crdName, documentationURL)) - return fmt.Errorf("dependency CRD %s is not installed. Please follow the installation guide at %s", crdName, documentationURL) - } - return nil -} - -func performDependencyChecks(k8sClient client.Client) error { - var dependencyErrors []error - - // Perform each check and collect errors - if err := checkCRDExistence(k8sClient, "gateways.networking.istio.io", "https://istio.io/latest/docs/setup/additional-setup/getting-started/"); err != nil { - dependencyErrors = append(dependencyErrors, err) - } - if err := checkCRDExistence(k8sClient, "gatewayclasses.gateway.networking.k8s.io", "https://gateway-api.sigs.k8s.io/guides/#installing-gateway-api"); err != nil { - dependencyErrors = append(dependencyErrors, err) - } - if err := checkCRDExistence(k8sClient, "certificates.cert-manager.io", "https://cert-manager.io/docs/installation/"); err != nil { - dependencyErrors = append(dependencyErrors, err) - } - - // If any errors were collected, return an aggregated error - if len(dependencyErrors) > 0 { - return fmt.Errorf("dependency checks failed: %+v", dependencyErrors) - } - - // If no errors were collected, return nil to indicate success - return nil -} - func waitForDeployments(k8sClient client.Client) error { retryInterval := time.Second * 5 - timeout := time.Minute * 3 + timeout := time.Minute * 2 deploymentKeys := []types.NamespacedName{ types.NamespacedName{Name: "authorino", Namespace: installNamespace}, - types.NamespacedName{Name: "limitador-limitador", Namespace: installNamespace}, + types.NamespacedName{Name: "limitador", Namespace: installNamespace}, } for _, key := range deploymentKeys { diff --git a/make/cert-manager.mk b/make/cert-manager.mk deleted file mode 100644 index 4d52fb0..0000000 --- a/make/cert-manager.mk +++ /dev/null @@ -1,5 +0,0 @@ -##@ Install cert-manager, a tool to help manage the TLS certificates. - -.PHONY: cert-manager-install -cert-manager-install: - kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.3/cert-manager.yaml