From 0429938208179f82ee05c557511da08bf9a0189c Mon Sep 17 00:00:00 2001 From: Stefan Bueringer Date: Sat, 7 Sep 2019 15:02:07 +0200 Subject: [PATCH 1/4] Re-sync controller implementation with CAPA, Fix cloud config indent bug, also copy addons to examples output folder, Re-sync makefile --- Makefile | 25 +++++++++++----- README.md | 2 ++ controllers/openstackcluster_controller.go | 4 +-- controllers/openstackmachine_controller.go | 23 +++++++++++---- examples/controlplane/controlplane.yaml | 6 ++-- examples/generate.sh | 29 +++++++++++++------ .../machinedeployment/machinedeployment.yaml | 10 +++---- go.sum | 4 +++ pkg/cloud/services/provider/provider.go | 6 ++-- 9 files changed, 76 insertions(+), 33 deletions(-) diff --git a/Makefile b/Makefile index 41a6324e00..b181947d44 100644 --- a/Makefile +++ b/Makefile @@ -238,9 +238,13 @@ set-manifest-image: ## -------------------------------------- RELEASE_TAG := $(shell git describe --abbrev=0 2>/dev/null) +RELEASE_DIR := out + +$(RELEASE_DIR): + mkdir -p $(RELEASE_DIR)/ .PHONY: release -release: ## Builds and push container images using the latest git tag for the commit. +release: clean-release ## Builds and push container images using the latest git tag for the commit. @if [ -z "${RELEASE_TAG}" ]; then echo "RELEASE_TAG is not set"; exit 1; fi # Push the release image to the staging bucket first. REGISTRY=$(STAGING_REGISTRY) TAG=$(RELEASE_TAG) \ @@ -248,9 +252,11 @@ release: ## Builds and push container images using the latest git tag for the c # Set the manifest image to the production bucket. MANIFEST_IMG=$(PROD_REGISTRY)/$(IMAGE_NAME) MANIFEST_TAG=$(RELEASE_TAG) \ $(MAKE) set-manifest-image - # Generate release artifacts. - mkdir -p out/ - kustomize build config/default > out/infrastructure-components.yaml + $(MAKE) release-manifests + +.PHONY: release-manifests +release-manifests: $(RELEASE_DIR) ## Builds the manifests to publish with a release + kustomize build config/default > $(RELEASE_DIR)/infrastructure-components.yaml .PHONY: release-staging-latest release-staging-latest: ## Builds and push container images to the staging bucket using "latest" tag. @@ -267,8 +273,9 @@ create-cluster: $(CLUSTERCTL) ## Create a development Kubernetes cluster on Open create cluster -v 4 \ --bootstrap-flags="name=clusterapi" \ --bootstrap-type kind \ - -m ./examples/_out/controlplane.yaml \ + --bootstrap-cluster-cleanup=false \ -c ./examples/_out/cluster.yaml \ + -m ./examples/_out/machines.yaml \ -p ./examples/_out/provider-components.yaml \ -a ./examples/addons.yaml @@ -312,8 +319,9 @@ delete-cluster: $(CLUSTERCTL) ## Deletes the development Kubernetes Cluster "tes --bootstrap-flags="name=clusterapi" \ --cluster test1 \ --kubeconfig ./kubeconfig \ - -p ./examples/out/provider-components.yaml \ + -p ./examples/_out/provider-components.yaml \ +.PHONY: kind-reset kind-reset: ## Destroys the "clusterapi" kind cluster. kind delete cluster --name=clusterapi || true @@ -335,7 +343,10 @@ clean-bin: ## Remove all generated binaries clean-temporary: ## Remove all temporary files and folders rm -f minikube.kubeconfig rm -f kubeconfig - rm -rf out/ + +.PHONY: clean-release +clean-release: ## Remove the release folder + rm -rf $(RELEASE_DIR) .PHONY: clean-examples clean-examples: ## Remove all the temporary files generated in the examples folder diff --git a/README.md b/README.md index 398d83a756..a0900de5b8 100644 --- a/README.md +++ b/README.md @@ -120,6 +120,8 @@ For more information, please refer to [v1alpha2](https://github.com/kubernetes-s -m examples/_out/machines.yaml \ -p examples/_out/provider-components.yaml \ -a examples/addons.yaml + # Alternatively + make create-cluster ``` - If you are using an existing Kubernetes cluster: diff --git a/controllers/openstackcluster_controller.go b/controllers/openstackcluster_controller.go index 8f159fb728..987fad56e9 100644 --- a/controllers/openstackcluster_controller.go +++ b/controllers/openstackcluster_controller.go @@ -255,11 +255,11 @@ func (r *OpenStackClusterReconciler) SetupWithManager(mgr ctrl.Manager, options func (r *OpenStackClusterReconciler) getControlPlaneMachine() (*infrav1.OpenStackMachine, error) { machines := &clusterv1.MachineList{} - if err := r.Client.List(context.Background(), machines); err != nil { + if err := r.Client.List(context.TODO(), machines); err != nil { return nil, err } openStackMachines := &infrav1.OpenStackMachineList{} - if err := r.Client.List(context.Background(), openStackMachines); err != nil { + if err := r.Client.List(context.TODO(), openStackMachines); err != nil { return nil, err } diff --git a/controllers/openstackmachine_controller.go b/controllers/openstackmachine_controller.go index cfdc9cca37..b6dbace16f 100644 --- a/controllers/openstackmachine_controller.go +++ b/controllers/openstackmachine_controller.go @@ -442,15 +442,28 @@ func (r *OpenStackMachineReconciler) OpenStackClusterToOpenStackMachines(o handl r.Log.Error(errors.Errorf("expected a OpenStackCluster but got a %T", o.Object), "failed to get OpenStackMachine for OpenStackCluster") return nil } + log := r.Log.WithValues("OpenStackCluster", c.Name, "Namespace", c.Namespace) - labels := map[string]string{clusterv1.MachineClusterLabelName: c.Name} - machineList := &infrav1.OpenStackMachineList{} - if err := r.List(context.Background(), machineList, client.InNamespace(c.Namespace), client.MatchingLabels(labels)); err != nil { - r.Log.Error(err, "failed to list OpenStackMachines", "OpenStackCluster", c.Name, "Namespace", c.Namespace) + cluster, err := util.GetOwnerCluster(context.TODO(), r.Client, c.ObjectMeta) + switch { + case apierrors.IsNotFound(err) || cluster == nil: + return result + case err != nil: + log.Error(err, "failed to get owning cluster") + return result + } + + labels := map[string]string{clusterv1.MachineClusterLabelName: cluster.Name} + machineList := &clusterv1.MachineList{} + if err := r.List(context.TODO(), machineList, client.InNamespace(c.Namespace), client.MatchingLabels(labels)); err != nil { + log.Error(err, "failed to list Machines") return nil } for _, m := range machineList.Items { - name := client.ObjectKey{Namespace: m.Namespace, Name: m.Name} + if m.Spec.InfrastructureRef.Name == "" { + continue + } + name := client.ObjectKey{Namespace: m.Namespace, Name: m.Spec.InfrastructureRef.Name} result = append(result, ctrl.Request{NamespacedName: name}) } diff --git a/examples/controlplane/controlplane.yaml b/examples/controlplane/controlplane.yaml index c6b7ac7119..3feb08629c 100644 --- a/examples/controlplane/controlplane.yaml +++ b/examples/controlplane/controlplane.yaml @@ -61,7 +61,7 @@ spec: permissions: "0600" content: |- # cloud.conf to communicate with OpenStack - $OPENSTACK_CLOUD_PROVIDER_CONF + $OPENSTACK_CLOUD_PROVIDER_CONF6 - path: /etc/certs/cacert owner: root permissions: "0600" @@ -172,7 +172,7 @@ spec: permissions: "0600" content: |- # cloud.conf to communicate with OpenStack - $OPENSTACK_CLOUD_PROVIDER_CONF + $OPENSTACK_CLOUD_PROVIDER_CONF6 - path: /etc/certs/cacert owner: root permissions: "0600" @@ -254,7 +254,7 @@ spec: permissions: "0600" content: |- # cloud.conf to communicate with OpenStack - $OPENSTACK_CLOUD_PROVIDER_CONF + $OPENSTACK_CLOUD_PROVIDER_CONF6 - path: /etc/certs/cacert owner: root permissions: "0600" diff --git a/examples/generate.sh b/examples/generate.sh index 7f26822ee6..5b760e2f24 100755 --- a/examples/generate.sh +++ b/examples/generate.sh @@ -114,6 +114,7 @@ CLUSTER_GENERATED_FILE=${OUTPUT_DIR}/cluster.yaml CONTROLPLANE_GENERATED_FILE=${OUTPUT_DIR}/controlplane.yaml MACHINEDEPLOYMENT_GENERATED_FILE=${OUTPUT_DIR}/machinedeployment.yaml MACHINES_GENERATED_FILE=${OUTPUT_DIR}/machines.yaml +ADDONS_GENERATED_FILE=${OUTPUT_DIR}/addons.yaml rm -rf "${OUTPUT_DIR}" rm -rf "${CLOUDS_SECRETS_CONFIG_DIR}" @@ -127,7 +128,7 @@ if [[ ! -f ${MACHINE_CONTROLLER_SSH_PRIVATE_FILE} ]]; then ssh-keygen -t rsa -f ${MACHINE_CONTROLLER_SSH_PRIVATE_FILE} -N "" fi export MACHINE_CONTROLLER_SSH_PUBLIC_FILE_CONTENT -MACHINE_CONTROLLER_SSH_PUBLIC_FILE_CONTENT=$(cat ${MACHINE_CONTROLLER_SSH_PRIVATE_FILE}.pub) +MACHINE_CONTROLLER_SSH_PUBLIC_FILE_CONTENT="\"$(cat ${MACHINE_CONTROLLER_SSH_PRIVATE_FILE}.pub)\"" CLOUDS_PATH=${CLOUDS_PATH:-""} OPENSTACK_CLOUD_CONFIG_PLAIN=$(cat "$CLOUDS_PATH") @@ -145,23 +146,30 @@ fi CACERT_ORIGINAL=$(echo "$OPENSTACK_CLOUD_CONFIG_PLAIN" | yq r - clouds.${CLOUD}.cacert) # Basic cloud.conf, no LB configuration as that data is not known yet. -export OPENSTACK_CLOUD_PROVIDER_CONF="[Global] - auth-url=$AUTH_URL - username=\"$USERNAME\" - password=\"$PASSWORD\" - tenant-id=\"$PROJECT_ID\" - domain-name=\"$DOMAIN_NAME\" +OPENSTACK_CLOUD_PROVIDER_CONF=" +[Global] +auth-url=$AUTH_URL +username=\"$USERNAME\" +password=\"$PASSWORD\" +tenant-id=\"$PROJECT_ID\" +domain-name=\"$DOMAIN_NAME\" " if [[ "$CACERT_ORIGINAL" != "null" ]]; then OPENSTACK_CLOUD_PROVIDER_CONF="$OPENSTACK_CLOUD_PROVIDER_CONF - ca-file=\"${CACERT_ORIGINAL}\" +ca-file=\"${CACERT_ORIGINAL}\" " fi if [[ "$REGION" != "null" ]]; then OPENSTACK_CLOUD_PROVIDER_CONF="$OPENSTACK_CLOUD_PROVIDER_CONF - region=\"${REGION}\" +region=\"${REGION}\" " fi + +export OPENSTACK_CLOUD_PROVIDER_CONF6 +OPENSTACK_CLOUD_PROVIDER_CONF6=$(echo "${OPENSTACK_CLOUD_PROVIDER_CONF}" | sed -e 's/^/ /') +export OPENSTACK_CLOUD_PROVIDER_CONF10 +OPENSTACK_CLOUD_PROVIDER_CONF10=$(echo "${OPENSTACK_CLOUD_PROVIDER_CONF}" | sed -e 's/^/ /') + OS=$(uname) if [[ "$OS" =~ "Linux" ]]; then # export OPENSTACK_CLOUD_PROVIDER_CONF=$(echo "$OPENSTACK_CLOUD_PROVIDER_CONF_PLAIN"|base64 -w0) @@ -208,6 +216,9 @@ cat ${MACHINEDEPLOYMENT_GENERATED_FILE} >> ${MACHINES_GENERATED_FILE} echo "---" >> ${MACHINES_GENERATED_FILE} echo "Generated ${MACHINES_GENERATED_FILE}" +cp ${SOURCE_DIR}/addons.yaml "${ADDONS_GENERATED_FILE}" +echo "Generated ${ADDONS_GENERATED_FILE}" + # Generate Cluster API provider components file. kustomize build "github.com/kubernetes-sigs/cluster-api//config/default/?ref=master" --reorder=none > "${COMPONENTS_CLUSTER_API_GENERATED_FILE}" echo "Generated ${COMPONENTS_CLUSTER_API_GENERATED_FILE}" diff --git a/examples/machinedeployment/machinedeployment.yaml b/examples/machinedeployment/machinedeployment.yaml index ea1099b326..56ade01df9 100644 --- a/examples/machinedeployment/machinedeployment.yaml +++ b/examples/machinedeployment/machinedeployment.yaml @@ -68,7 +68,7 @@ spec: files: - content: |- # cloud.conf to communicate with OpenStack - $OPENSTACK_CLOUD_PROVIDER_CONF + $OPENSTACK_CLOUD_PROVIDER_CONF10 owner: root path: /etc/kubernetes/cloud.conf permissions: "0600" @@ -86,7 +86,7 @@ spec: name: '{{ local_hostname }}' ntp: servers: [] - users: - - name: ubuntu - sshAuthorizedKeys: - - "$MACHINE_CONTROLLER_SSH_PUBLIC_FILE_CONTENT" + users: + - name: ubuntu + sshAuthorizedKeys: + - "$MACHINE_CONTROLLER_SSH_PUBLIC_FILE_CONTENT" diff --git a/go.sum b/go.sum index 805201e8ff..5cc12d950b 100644 --- a/go.sum +++ b/go.sum @@ -1,11 +1,14 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.34.0 h1:eOI3/cP2VTU6uZLDYAoic+eyzzB9YyGmJ7eIjl8rOPg= cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/Azure/go-autorest/autorest v0.9.0 h1:MRvx8gncNaXJqOoLmhNjUAKh33JJF8LyxPhomEtOsjs= github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= +github.com/Azure/go-autorest/autorest/adal v0.6.0 h1:UCTq22yE3RPgbU/8u4scfnnzuCW6pwQ9n+uBtV78ouo= github.com/Azure/go-autorest/autorest/adal v0.6.0/go.mod h1:Z6vX6WXXuyieHAXwMj0S6HY6e6wcHn37qQMBQlvY3lc= github.com/Azure/go-autorest/autorest/date v0.1.0 h1:YGrhWfrgtFs84+h0o46rJrlmsZtyZRg470CqAXTZaGM= github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= +github.com/Azure/go-autorest/autorest/date v0.2.0 h1:yW+Zlqf26583pE43KhfnhFcdmSWlm5Ew6bxipnr/tbM= github.com/Azure/go-autorest/autorest/date v0.2.0/go.mod h1:vcORJHLJEh643/Ioh9+vPmf1Ij9AEBM5FuBIXLmIy0g= github.com/Azure/go-autorest/autorest/mocks v0.1.0 h1:Kx+AUU2Te+A3JIyYn6Dfs+cFgx5XorQKuIXrZGoq/SI= github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= @@ -13,6 +16,7 @@ github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxB github.com/Azure/go-autorest/autorest/mocks v0.3.0/go.mod h1:a8FDP3DYzQ4RYfVAxAN3SVSiiO77gL2j2ronKKP0syM= github.com/Azure/go-autorest/logger v0.1.0 h1:ruG4BSDXONFRrZZJ2GUXDiUyVpayPmb1GnWeHDdaNKY= github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= +github.com/Azure/go-autorest/tracing v0.5.0 h1:TRn4WjSnkcSy5AEG3pnbtFSwNtwzjr4VYyQflFE619k= github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf h1:qet1QNfXsQxTZqLG4oE62mJzwPIB8+Tee4RNCL9ulrY= diff --git a/pkg/cloud/services/provider/provider.go b/pkg/cloud/services/provider/provider.go index 1a3a6fe402..2a37f84ebf 100644 --- a/pkg/cloud/services/provider/provider.go +++ b/pkg/cloud/services/provider/provider.go @@ -79,8 +79,10 @@ func newClient(cloud clientconfig.Cloud, caCert []byte) (*gophercloud.ProviderCl } config := &tls.Config{ - RootCAs: x509.NewCertPool(), - InsecureSkipVerify: !*cloud.Verify, + RootCAs: x509.NewCertPool(), + } + if cloud.Verify != nil { + config.InsecureSkipVerify = !*cloud.Verify } config.RootCAs.AppendCertsFromPEM(caCert) From 1ee2e634343ec0e734c18b8bd23b8e974b8fbba5 Mon Sep 17 00:00:00 2001 From: Stefan Bueringer Date: Sat, 7 Sep 2019 19:17:07 +0200 Subject: [PATCH 2/4] update --- Makefile | 3 +-- examples/generate.sh | 24 +++++++++--------------- 2 files changed, 10 insertions(+), 17 deletions(-) diff --git a/Makefile b/Makefile index b181947d44..ff732e5dfd 100644 --- a/Makefile +++ b/Makefile @@ -273,9 +273,8 @@ create-cluster: $(CLUSTERCTL) ## Create a development Kubernetes cluster on Open create cluster -v 4 \ --bootstrap-flags="name=clusterapi" \ --bootstrap-type kind \ - --bootstrap-cluster-cleanup=false \ + -m ./examples/_out/controlplane.yaml \ -c ./examples/_out/cluster.yaml \ - -m ./examples/_out/machines.yaml \ -p ./examples/_out/provider-components.yaml \ -a ./examples/addons.yaml diff --git a/examples/generate.sh b/examples/generate.sh index 5b760e2f24..a292a70857 100755 --- a/examples/generate.sh +++ b/examples/generate.sh @@ -14,6 +14,7 @@ # limitations under the License. set -o errexit +set -o nounset # Directories. SOURCE_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" @@ -113,7 +114,6 @@ PROVIDER_COMPONENTS_GENERATED_FILE=${OUTPUT_DIR}/provider-components.yaml CLUSTER_GENERATED_FILE=${OUTPUT_DIR}/cluster.yaml CONTROLPLANE_GENERATED_FILE=${OUTPUT_DIR}/controlplane.yaml MACHINEDEPLOYMENT_GENERATED_FILE=${OUTPUT_DIR}/machinedeployment.yaml -MACHINES_GENERATED_FILE=${OUTPUT_DIR}/machines.yaml ADDONS_GENERATED_FILE=${OUTPUT_DIR}/addons.yaml rm -rf "${OUTPUT_DIR}" @@ -145,6 +145,9 @@ if [[ "$DOMAIN_NAME" = "null" ]]; then fi CACERT_ORIGINAL=$(echo "$OPENSTACK_CLOUD_CONFIG_PLAIN" | yq r - clouds.${CLOUD}.cacert) +# use only the selected cloud not the whole clouds.yaml +OPENSTACK_CLOUD_CONFIG_SELECTED_CLOUD=$(echo "${OPENSTACK_CLOUD_CONFIG_PLAIN}" | yq r - clouds.${CLOUD} | yq p - clouds.${CLOUD}) + # Basic cloud.conf, no LB configuration as that data is not known yet. OPENSTACK_CLOUD_PROVIDER_CONF=" [Global] @@ -188,7 +191,7 @@ else exit 1 fi -echo "${OPENSTACK_CLOUD_CONFIG_PLAIN}" > ${CLOUDS_SECRETS_CONFIG_DIR}/clouds.yaml +echo "${OPENSTACK_CLOUD_CONFIG_SELECTED_CLOUD}" > ${CLOUDS_SECRETS_CONFIG_DIR}/clouds.yaml if [[ "$CACERT_ORIGINAL" != "null" ]]; then cat "$CACERT_ORIGINAL" > ${CLOUDS_SECRETS_CONFIG_DIR}/cacert else @@ -207,28 +210,19 @@ echo "Generated ${CONTROLPLANE_GENERATED_FILE}" kustomize build "${SOURCE_DIR}/machinedeployment" --reorder=none | envsubst >> "${MACHINEDEPLOYMENT_GENERATED_FILE}" echo "Generated ${MACHINEDEPLOYMENT_GENERATED_FILE}" -# combine control plane and regular machines in ${MACHINES_GENERATED_FILE} -cat ${CONTROLPLANE_GENERATED_FILE} > ${MACHINES_GENERATED_FILE} -echo "---" >> ${MACHINES_GENERATED_FILE} -#cat ${MACHINEDEPLOYMENT_GENERATED_FILE} >> ${MACHINES_GENERATED_FILE} -echo "---" >> ${MACHINES_GENERATED_FILE} -cat ${MACHINEDEPLOYMENT_GENERATED_FILE} >> ${MACHINES_GENERATED_FILE} -echo "---" >> ${MACHINES_GENERATED_FILE} -echo "Generated ${MACHINES_GENERATED_FILE}" - cp ${SOURCE_DIR}/addons.yaml "${ADDONS_GENERATED_FILE}" echo "Generated ${ADDONS_GENERATED_FILE}" # Generate Cluster API provider components file. -kustomize build "github.com/kubernetes-sigs/cluster-api//config/default/?ref=master" --reorder=none > "${COMPONENTS_CLUSTER_API_GENERATED_FILE}" +kustomize build "github.com/kubernetes-sigs/cluster-api//config/default/?ref=master" > "${COMPONENTS_CLUSTER_API_GENERATED_FILE}" echo "Generated ${COMPONENTS_CLUSTER_API_GENERATED_FILE}" # Generate Kubeadm Bootstrap Provider components file. -kustomize build "github.com/kubernetes-sigs/cluster-api-bootstrap-provider-kubeadm//config/default/?ref=master" --reorder=none > "${COMPONENTS_KUBEADM_GENERATED_FILE}" +kustomize build "github.com/kubernetes-sigs/cluster-api-bootstrap-provider-kubeadm//config/default/?ref=master" > "${COMPONENTS_KUBEADM_GENERATED_FILE}" echo "Generated ${COMPONENTS_KUBEADM_GENERATED_FILE}" # Generate OpenStack Infrastructure Provider components file. -kustomize build "${SOURCE_DIR}/../config/default" --reorder=none | envsubst > "${COMPONENTS_OPENSTACK_GENERATED_FILE}" +kustomize build "${SOURCE_DIR}/../config/default" | envsubst > "${COMPONENTS_OPENSTACK_GENERATED_FILE}" echo "Generated ${COMPONENTS_OPENSTACK_GENERATED_FILE}" # Generate OpenStack Infrastructure Provider cloud-secrets file. @@ -237,6 +231,6 @@ echo "Generated ${COMPONENTS_OPENSTACK_CLOUDS_SECRETS_GENERATED_FILE}" echo "WARNING: ${COMPONENTS_OPENSTACK_CLOUDS_SECRETS_GENERATED_FILE} includes OpenStack credentials" # Generate a single provider components file. -kustomize build "${SOURCE_DIR}/provider-components"| envsubst > "${PROVIDER_COMPONENTS_GENERATED_FILE}" +kustomize build "${SOURCE_DIR}/provider-components" | envsubst > "${PROVIDER_COMPONENTS_GENERATED_FILE}" echo "Generated ${PROVIDER_COMPONENTS_GENERATED_FILE}" echo "WARNING: ${PROVIDER_COMPONENTS_GENERATED_FILE} includes OpenStack credentials" From a155e7bf592a044df5bf472401d04ac827e43873 Mon Sep 17 00:00:00 2001 From: Stefan Bueringer Date: Sat, 7 Sep 2019 21:16:15 +0200 Subject: [PATCH 3/4] fix image name, more sync --- Dockerfile | 54 +++++++------------------ Makefile | 23 ++++++----- config/default/manager_image_patch.yaml | 2 +- 3 files changed, 29 insertions(+), 50 deletions(-) diff --git a/Dockerfile b/Dockerfile index 17908b425d..a5a23a2cd5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,39 +13,13 @@ # limitations under the License. # Build the manager binary -#FROM golang:1.12.9 as builder -# -## Copy in the go src -#WORKDIR ${GOPATH}/src/sigs.k8s.io/cluster-api-provider-openstack -#COPY pkg/ pkg/ -#COPY cmd/ cmd/ -#COPY vendor/ vendor/ -#COPY api/ api/ -#COPY controllers/ controllers/ -#COPY main.go main.go -#COPY go.mod go.mod -#COPY go.sum go.sum -# -## Build -#RUN CGO_ENABLED=0 GOOS=linux GO111MODULE=on GOFLAGS="-mod=vendor" \ -# go build -a -ldflags '-extldflags "-static"' \ -# -o manager sigs.k8s.io/cluster-api-provider-openstack -# -## Copy the controller-manager into a thin image -#FROM gcr.io/distroless/static:latest -#WORKDIR / -#COPY --from=builder /go/src/sigs.k8s.io/cluster-api-provider-openstack/manager . -#USER nobody -#ENTRYPOINT ["/manager"] - -# Build the manager binary -FROM golang:1.12.9 +FROM golang:1.12.9 as builder +WORKDIR /workspace # Run this with docker build --build_arg $(go env GOPROXY) to override the goproxy ARG goproxy=https://proxy.golang.org ENV GOPROXY=$goproxy -WORKDIR /workspace # Copy the Go Modules manifests COPY go.mod go.mod COPY go.sum go.sum @@ -54,17 +28,17 @@ COPY go.sum go.sum RUN go mod download # Copy the sources -COPY main.go main.go -COPY api/ api/ -COPY controllers/ controllers/ -COPY pkg/ pkg/ +COPY ./ ./ -# Allow containerd to restart pods by calling /restart.sh (mostly for tilt + fast dev cycles) -# TODO: Remove this on prod and use a multi-stage build -COPY third_party/forked/rerun-process-wrapper/start.sh . -COPY third_party/forked/rerun-process-wrapper/restart.sh . +# Build +ARG ARCH +RUN CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} \ + go build -a -ldflags '-extldflags "-static"' \ + -o manager . -# Build and run -RUN go install -v . -RUN mv /go/bin/cluster-api-provider-openstack /manager -ENTRYPOINT ["./start.sh", "/manager"] +# Copy the controller-manager into a thin image +FROM gcr.io/distroless/static:latest +WORKDIR / +COPY --from=builder /workspace/manager . +USER nobody +ENTRYPOINT ["/manager"] diff --git a/Makefile b/Makefile index ff732e5dfd..4bce06f1ef 100644 --- a/Makefile +++ b/Makefile @@ -43,9 +43,9 @@ MOCKGEN := $(TOOLS_BIN_DIR)/mockgen # Define Docker related variables. Releases should modify and double check these vars. REGISTRY ?= gcr.io/$(shell gcloud config get-value project) -STAGING_REGISTRY := gcr.io/k8s-staging-cluster-api-openstack -PROD_REGISTRY := us.gcr.io/k8s-artifacts-prod/cluster-api-openstack -IMAGE_NAME ?= cluster-api-openstack-controller +STAGING_REGISTRY := gcr.io/k8s-staging-capi-openstack +PROD_REGISTRY := us.gcr.io/k8s-artifacts-prod/capi-openstack +IMAGE_NAME ?= capi-openstack-controller CONTROLLER_IMG ?= $(REGISTRY)/$(IMAGE_NAME) TAG ?= dev ARCH ?= amd64 @@ -225,7 +225,7 @@ docker-push-manifest: ## Push the fat manifest docker image. ## Minimum docker version 18.06.0 is required for creating and pushing manifest images. docker manifest create --amend $(CONTROLLER_IMG):$(TAG) $(shell echo $(ALL_ARCH) | sed -e "s~[^ ]*~$(CONTROLLER_IMG)\-&:$(TAG)~g") @for arch in $(ALL_ARCH); do docker manifest annotate --arch $${arch} ${CONTROLLER_IMG}:${TAG} ${CONTROLLER_IMG}-$${arch}:${TAG}; done - docker manifest push --purge ${CONTROLLER_IMG}:${TAG} + docker manifest push --purge $(CONTROLLER_IMG):$(TAG) MANIFEST_IMG=$(CONTROLLER_IMG) MANIFEST_TAG=$(TAG) $(MAKE) set-manifest-image .PHONY: set-manifest-image @@ -244,8 +244,10 @@ $(RELEASE_DIR): mkdir -p $(RELEASE_DIR)/ .PHONY: release -release: clean-release ## Builds and push container images using the latest git tag for the commit. +release: clean-release ## Builds and push container images using the latest git tag for the commit. @if [ -z "${RELEASE_TAG}" ]; then echo "RELEASE_TAG is not set"; exit 1; fi + @if ! [ -z "$$(git status --porcelain)" ]; then echo "Your local git repository contains uncommitted changes, use git clean before proceeding."; exit 1; fi + git checkout "${RELEASE_TAG}" # Push the release image to the staging bucket first. REGISTRY=$(STAGING_REGISTRY) TAG=$(RELEASE_TAG) \ $(MAKE) docker-build-all docker-push-all @@ -258,10 +260,13 @@ release: clean-release ## Builds and push container images using the latest git release-manifests: $(RELEASE_DIR) ## Builds the manifests to publish with a release kustomize build config/default > $(RELEASE_DIR)/infrastructure-components.yaml -.PHONY: release-staging-latest -release-staging-latest: ## Builds and push container images to the staging bucket using "latest" tag. - REGISTRY=$(STAGING_REGISTRY) TAG=latest \ - $(MAKE) docker-build-all docker-push-all +.PHONY: release-staging +release-staging: ## Builds and push container images to the staging bucket. + REGISTRY=$(STAGING_REGISTRY) $(MAKE) docker-build-all docker-push-all release-tag-latest + +.PHONY: release-tag-latest +release-tag-latest: ## Adds the latest tag to the last build tag. + gcloud container images add-tag $(CONTROLLER_IMG):$(TAG) $(CONTROLLER_IMG):latest ## -------------------------------------- ## Development diff --git a/config/default/manager_image_patch.yaml b/config/default/manager_image_patch.yaml index 6be964d4ca..af34776355 100644 --- a/config/default/manager_image_patch.yaml +++ b/config/default/manager_image_patch.yaml @@ -8,5 +8,5 @@ spec: spec: containers: # Change the value of image field below to your controller image URL - - image: k8scloudprovider/openstack-cluster-api-controller:latest + - image: gcr.io/k8s-staging-capi-openstack/capi-openstack-controller:dev name: manager From c66ff1ab0a00868298f1d5a4c9fef39e97fad233 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20B=C3=BCringer?= Date: Mon, 9 Sep 2019 06:23:18 +0200 Subject: [PATCH 4/4] Update generate.sh --- examples/generate.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/examples/generate.sh b/examples/generate.sh index a292a70857..5ced287936 100755 --- a/examples/generate.sh +++ b/examples/generate.sh @@ -199,22 +199,22 @@ else fi # Generate cluster resources. -kustomize build "${SOURCE_DIR}/cluster" --reorder=none | envsubst > "${CLUSTER_GENERATED_FILE}" +kustomize build "${SOURCE_DIR}/cluster" | envsubst > "${CLUSTER_GENERATED_FILE}" echo "Generated ${CLUSTER_GENERATED_FILE}" # Generate controlplane resources. -kustomize build "${SOURCE_DIR}/controlplane" --reorder=none | envsubst > "${CONTROLPLANE_GENERATED_FILE}" +kustomize build "${SOURCE_DIR}/controlplane" | envsubst > "${CONTROLPLANE_GENERATED_FILE}" echo "Generated ${CONTROLPLANE_GENERATED_FILE}" # Generate machinedeployment resources. -kustomize build "${SOURCE_DIR}/machinedeployment" --reorder=none | envsubst >> "${MACHINEDEPLOYMENT_GENERATED_FILE}" +kustomize build "${SOURCE_DIR}/machinedeployment" | envsubst >> "${MACHINEDEPLOYMENT_GENERATED_FILE}" echo "Generated ${MACHINEDEPLOYMENT_GENERATED_FILE}" cp ${SOURCE_DIR}/addons.yaml "${ADDONS_GENERATED_FILE}" echo "Generated ${ADDONS_GENERATED_FILE}" # Generate Cluster API provider components file. -kustomize build "github.com/kubernetes-sigs/cluster-api//config/default/?ref=master" > "${COMPONENTS_CLUSTER_API_GENERATED_FILE}" +kustomize build "github.com/kubernetes-sigs/cluster-api/config/default/?ref=master" > "${COMPONENTS_CLUSTER_API_GENERATED_FILE}" echo "Generated ${COMPONENTS_CLUSTER_API_GENERATED_FILE}" # Generate Kubeadm Bootstrap Provider components file. @@ -226,7 +226,7 @@ kustomize build "${SOURCE_DIR}/../config/default" | envsubst > "${COMPONENTS_OPE echo "Generated ${COMPONENTS_OPENSTACK_GENERATED_FILE}" # Generate OpenStack Infrastructure Provider cloud-secrets file. -kustomize build "${SOURCE_DIR}/clouds-secrets" --reorder=none | envsubst > "${COMPONENTS_OPENSTACK_CLOUDS_SECRETS_GENERATED_FILE}" +kustomize build "${SOURCE_DIR}/clouds-secrets" | envsubst > "${COMPONENTS_OPENSTACK_CLOUDS_SECRETS_GENERATED_FILE}" echo "Generated ${COMPONENTS_OPENSTACK_CLOUDS_SECRETS_GENERATED_FILE}" echo "WARNING: ${COMPONENTS_OPENSTACK_CLOUDS_SECRETS_GENERATED_FILE} includes OpenStack credentials"