-
Notifications
You must be signed in to change notification settings - Fork 583
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bazel CRD and RBAC role generation #543
Bazel CRD and RBAC role generation #543
Conversation
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: randomvariable The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
f149b7b
to
9abb7ea
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
working through this one, off to a good start!
build/install.bzl
Outdated
|
||
def _install_impl(ctx): | ||
|
||
cmd = "" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
An alternative implementation to consider:
def _install_impl(ctx):
copy_format = "cp -f {} {}"
touch_format = "touch {}"
cmds = []
for s in ctx.attr.srcs:
files = s.files.to_list()
file = files[0].path
root_file = paths.relativize(file, "bazel-out/k8-fastbuild/genfiles/")
cmds.append(copy_format.format(file, root_file))
cmds.append(touch_format.append(ctx.outputs.record.path))
cmd = " && ".join(cmd)
...
If you want to be really safe, the last line should be:
# Remove empty items from cmdList to avoid an erroneous " && && "
" && ".join(filter(None, cmdList))
I'm also looking into how to make this work on a Darwin system. It's failing for me with this error:
salazar:cluster-api-provider-aws cha$ make crds
bazel build //config:config_install
WARNING: failed to raise resource limit 8 to 524288: Invalid argument
Starting local Bazel server and connecting to it...
INFO: Invocation ID: 456b2a2b-7895-4f8f-865b-45226a773acc
ERROR: /Users/cha/go/src/sigs.k8s.io/cluster-api-provider-aws/config/BUILD.bazel:17:1: in install rule //config:config_install:
Traceback (most recent call last):
File "/Users/cha/go/src/sigs.k8s.io/cluster-api-provider-aws/config/BUILD.bazel", line 17
install(name = 'config_install')
File "/Users/cha/go/src/sigs.k8s.io/cluster-api-provider-aws/build/install.bzl", line 28, in _install_impl
paths.relativize(file, "bazel-out/k8-fastbuild/genf...")
File "/private/var/tmp/_bazel_cha/b7ce3b297716e241b109da3b2c60846f/external/bazel_skylib/lib/paths.bzl", line 186, in paths.relativize
fail(("Path '%s' is not beneath '%s'"...)))
Path 'bazel-out/darwin-fastbuild/genfiles/config/rbac/rbac_role.yaml' is not beneath 'bazel-out/k8-fastbuild/genfiles/'
ERROR: Analysis of target '//config:config_install' failed; build aborted: Analysis of target '//config:config_install' failed; build aborted
INFO: Elapsed time: 13.016s
INFO: 0 processes.
FAILED: Build did NOT complete successfully (358 packages loaded, 9342 targets configured)
make: *** [crds] Error 1
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for checking this out, was interested how it'd behave on os x. Will dig deeper, or more likely, split it out into a separate PR
build/install.bzl
Outdated
for s in ctx.attr.srcs: | ||
files = s.files.to_list() | ||
file = files[0].path | ||
root_file = paths.relativize(file,"bazel-out/k8-fastbuild/genfiles/") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
define a build_dir outside the for loop:
build_dir = "bazel-out/{}-{}/genfiles".format(ctx.var["TARGET_CPU"], ctx.var["COMPILATION_MODE"])
and then this line can be
root_file = paths.relativize(file, build_dir)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lol or just ctx.var["GENDIR"]
thx Bazel
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Omg.
@@ -41,6 +41,11 @@ import ( | |||
controllerError "sigs.k8s.io/cluster-api/pkg/controller/error" | |||
) | |||
|
|||
//+kubebuilder:rbac:groups=awsprovider.k8s.io,resources=awsmachineproviderconfigs;awsmachineproviderstatuses,verbs=get;list;watch;create;update;patch;delete |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are these being added so that the rbac rules are a bit more restrictive?
Should this PR also clean up the Makefile and remove the crd generation from the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some minor comments, otherwise this looks great!
Makefile
Outdated
@@ -163,6 +163,10 @@ manifests: cmd/clusterctl/examples/aws/out/credentials ## Generate manifests for | |||
manifests-dev: dep-ensure dep-install binaries-dev ## Builds development manifests | |||
MANAGER_IMAGE=$(DEV_MANAGER_IMAGE) MANAGER_IMAGE_PULL_POLICY="Always" $(MAKE) manifests | |||
|
|||
.PHONY: crds | |||
crds: | |||
bazel build //config:config_install |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
😍
def _qualified_genfile(label): | ||
return "$$GO_GENRULE_EXECROOT/$(location %s)" % label | ||
|
||
def controller_gen(name, importpath, api, visibility, deps = []): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would love to bring these upstream if that's even possible. We should also add some more comments around these functions and their objective.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
100% agree. Have added comments for now, then I'll PR to the controller-runtime repo after we know we're happy with it.
build/install.bzl
Outdated
for s in ctx.attr.srcs: | ||
files = s.files.to_list() | ||
file = files[0].path | ||
root_file = paths.relativize(file,"bazel-out/k8-fastbuild/genfiles/") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Space between arguments?
aebe53d
to
c3b856f
Compare
* Add annotations to controllers as required * New controller_gen build rule for generating CRD and RBAC Signed-off-by: Naadir Jeewa <[email protected]>
c3b856f
to
5e2dbe5
Compare
Alright, taken out the install.bzl magic until I understand the sandboxing across Linux and OS X better. |
@randomvariable Huh, which part do you want to understand more? It looked pretty good to me with that one fix for darwin architecture. Also should this PR also clean up the Makefile and remove the crd generation from the |
Signed-off-by: Naadir Jeewa <[email protected]>
@chuckha Was short on time this week, so just want to do it as a separate PR now. Have cleaned up the Makefile - deleted the CRD gen from |
whoops. was cleaning up dead branches in my fork... |
/lgtm |
What this PR does / why we need it:
Moves CRD and RBAC yaml generation directly into Bazel.
Our current set of RBAC were not automatically generated as intended from Kubebuilder.
The annotations have been put into the actuators to make this happen.
Eventually, this should move to Cluster API and/or Kubebuilder.
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close the issue(s) when PR gets merged):Extracted from #371
Special notes for your reviewer:
Please confirm that if this PR changes any image versions, then that's the sole change this PR makes.
Release note: