From 35b57e4e78d1022903ae7c2a589e2c2b3cacf7a7 Mon Sep 17 00:00:00 2001 From: Phillip Wittrock Date: Fri, 12 Mar 2021 09:57:10 -0800 Subject: [PATCH] Iterate on API --- .../config-gen/cert-generation-filter.go | 12 +- pkg/cli/alpha/config-gen/component-filter.go | 2 +- .../alpha/config-gen/controller-gen-filter.go | 30 +-- .../config-gen/controller-manager-patches.go | 2 +- .../cert-manager/annotation.template.yaml | 2 +- .../patches/crd/conversion.template.yaml | 4 +- .../resources/auth-proxy-rbac.template.yaml | 8 +- .../resources/cert-manager.template.yaml | 12 +- .../resources/component.template.yaml | 2 +- .../controller-manager.template.yaml | 6 +- .../development-webhook-secret.template.yaml | 4 +- .../resources/namespace.template.yaml | 2 +- .../resources/prometheus.template.yaml | 2 +- .../templates/resources/rbac.template.yaml | 18 +- pkg/cli/alpha/config-gen/types.go | 209 +++++++++--------- 15 files changed, 157 insertions(+), 158 deletions(-) diff --git a/pkg/cli/alpha/config-gen/cert-generation-filter.go b/pkg/cli/alpha/config-gen/cert-generation-filter.go index 6c9c23d16c2..41d368cc9f9 100644 --- a/pkg/cli/alpha/config-gen/cert-generation-filter.go +++ b/pkg/cli/alpha/config-gen/cert-generation-filter.go @@ -40,7 +40,7 @@ type CertFilter struct { // Filter implements kio.Filter func (c CertFilter) Filter(input []*yaml.RNode) ([]*yaml.RNode, error) { - if !c.Spec.Development.GenerateCert { + if !c.Spec.DevelopmentOptions.GenerateCert { return input, nil } if err := c.generateCert(); err != nil { @@ -69,7 +69,7 @@ func (c CertFilter) Filter(input []*yaml.RNode) ([]*yaml.RNode, error) { return err } err = node.PipeE(yaml.LookupCreate(yaml.ScalarNode, "clientConfig", "service", "namespace"), - yaml.FieldSetter{StringValue: c.Spec.Namespace}) + yaml.FieldSetter{StringValue: c.Namespace}) if err != nil { return err } @@ -115,7 +115,7 @@ func (c CertFilter) Filter(input []*yaml.RNode) ([]*yaml.RNode, error) { } err = matches[i].PipeE(yaml.LookupCreate( yaml.ScalarNode, "spec", "conversion", "webhookClientConfig", "service", "namespace"), - yaml.FieldSetter{StringValue: c.Spec.Namespace}) + yaml.FieldSetter{StringValue: c.Namespace}) if err != nil { return nil, err } @@ -135,8 +135,8 @@ func (c CertFilter) generateCert() error { var err error var req = csr.New() req.Hosts = []string{ - fmt.Sprintf("webhook-service.%s.svc", c.Spec.Namespace), - fmt.Sprintf("webhook-service.%s.svc.cluster.local", c.Spec.Namespace), + fmt.Sprintf("webhook-service.%s.svc", c.Namespace), + fmt.Sprintf("webhook-service.%s.svc.cluster.local", c.Namespace), } req.CN = "kb-dev-controller-manager" @@ -152,7 +152,7 @@ func (c CertFilter) generateCert() error { } profile := config.DefaultConfig() - profile.Expiry = c.Spec.Development.CertDuration + profile.Expiry = c.Spec.DevelopmentOptions.CertDuration cert, err := selfsign.Sign(priv, csrPEM, profile) if err != nil { return err diff --git a/pkg/cli/alpha/config-gen/component-filter.go b/pkg/cli/alpha/config-gen/component-filter.go index a959b87f563..ae2e012b9a8 100644 --- a/pkg/cli/alpha/config-gen/component-filter.go +++ b/pkg/cli/alpha/config-gen/component-filter.go @@ -38,7 +38,7 @@ func (cf ComponentFilter) Filter(input []*yaml.RNode) ([]*yaml.RNode, error) { APIVersions: []string{"v1"}, Kinds: []string{"ConfigMap"}, Names: []string{"manager-config"}, - Namespaces: []string{cf.Spec.Namespace}, + Namespaces: []string{cf.Namespace}, } matches, err := s.GetMatches(&framework.ResourceList{Items: input}) if err != nil { diff --git a/pkg/cli/alpha/config-gen/controller-gen-filter.go b/pkg/cli/alpha/config-gen/controller-gen-filter.go index e4fe05be530..1cb3dced181 100644 --- a/pkg/cli/alpha/config-gen/controller-gen-filter.go +++ b/pkg/cli/alpha/config-gen/controller-gen-filter.go @@ -44,28 +44,22 @@ func (cgr ControllerGenFilter) Filter(input []*yaml.RNode) ([]*yaml.RNode, error gens := genall.Generators{} // generate CRD definitions - if cgr.Spec.Enabled(CRDsComponent) { - desclen := 40 - crdGen := genall.Generator(crd.Generator{ - TrivialVersions: true, - MaxDescLen: &desclen, - }) - gens = append(gens, &crdGen) - } + desclen := 40 + crdGen := genall.Generator(crd.Generator{ + TrivialVersions: true, + MaxDescLen: &desclen, + }) + gens = append(gens, &crdGen) // generate RBAC definitions - if cgr.Spec.Enabled(RBACComponent) { - rbacGen := genall.Generator(rbac.Generator{ - RoleName: cgr.Spec.Namespace + "-manager-role", - }) - gens = append(gens, &rbacGen) - } + rbacGen := genall.Generator(rbac.Generator{ + RoleName: cgr.Namespace + "-manager-role", + }) + gens = append(gens, &rbacGen) // generate Webhook definitions - if cgr.Spec.Enabled(WebhooksComponent) { - webhookGen := genall.Generator(webhook.Generator{}) - gens = append(gens, &webhookGen) - } + webhookGen := genall.Generator(webhook.Generator{}) + gens = append(gens, &webhookGen) // set the directory b := bufferedGenerator{} diff --git a/pkg/cli/alpha/config-gen/controller-manager-patches.go b/pkg/cli/alpha/config-gen/controller-manager-patches.go index 13b39d7fee4..b414391d981 100644 --- a/pkg/cli/alpha/config-gen/controller-manager-patches.go +++ b/pkg/cli/alpha/config-gen/controller-manager-patches.go @@ -27,7 +27,7 @@ func ControllerManagerPatchTemplate(kp *KubebuilderConfigGen) framework.PT { Selector: func() *framework.Selector { return &framework.Selector{ Kinds: []string{"Deployment"}, - Namespaces: []string{kp.Spec.Namespace}, + Namespaces: []string{kp.Namespace}, Names: []string{"controller-manager"}, Labels: map[string]string{"control-plane": "controller-manager"}, TemplatizeValues: true, diff --git a/pkg/cli/alpha/config-gen/templates/patches/cert-manager/annotation.template.yaml b/pkg/cli/alpha/config-gen/templates/patches/cert-manager/annotation.template.yaml index f42ed42d5bd..a8ea89cf15f 100644 --- a/pkg/cli/alpha/config-gen/templates/patches/cert-manager/annotation.template.yaml +++ b/pkg/cli/alpha/config-gen/templates/patches/cert-manager/annotation.template.yaml @@ -1,5 +1,5 @@ {{ if .Spec.Enabled "cert-manager" }} metadata: annotations: - cert-manager.io/inject-ca-from: {{ .Spec.Namespace }}/{{ .Spec.Name }}-serving-cert + cert-manager.io/inject-ca-from: {{ .Namespace }}/{{ .Name }}-serving-cert {{ end }} diff --git a/pkg/cli/alpha/config-gen/templates/patches/crd/conversion.template.yaml b/pkg/cli/alpha/config-gen/templates/patches/crd/conversion.template.yaml index c46ebf46222..8e8b9c3c2e3 100644 --- a/pkg/cli/alpha/config-gen/templates/patches/crd/conversion.template.yaml +++ b/pkg/cli/alpha/config-gen/templates/patches/crd/conversion.template.yaml @@ -3,7 +3,7 @@ spec: conversion: strategy: Webhook webhookClientConfig: -{{- if .Spec.Development.GenerateCert }} +{{- if .Spec.DevelopmentOptions.GenerateCert }} caBundle: {{ .Status.CertCA }} {{- else }} # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, @@ -11,7 +11,7 @@ spec: caBundle: Cg== {{- end }} service: - namespace: {{ .Spec.Namespace }} + namespace: {{ .Namespace }} name: webhook-service path: /convert {{ end }} diff --git a/pkg/cli/alpha/config-gen/templates/resources/auth-proxy-rbac.template.yaml b/pkg/cli/alpha/config-gen/templates/resources/auth-proxy-rbac.template.yaml index 56313d5eed3..b0d5294a3f4 100644 --- a/pkg/cli/alpha/config-gen/templates/resources/auth-proxy-rbac.template.yaml +++ b/pkg/cli/alpha/config-gen/templates/resources/auth-proxy-rbac.template.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ .Spec.Name }}-proxy-role + name: {{ .Name }}-proxy-role rules: - apiGroups: ["authentication.k8s.io"] resources: @@ -16,14 +16,14 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ .Spec.Name }}-proxy-rolebinding + name: {{ .Name }}-proxy-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ .Spec.Name }}-proxy-role + name: {{ .Name }}-proxy-role subjects: - kind: ServiceAccount name: default - namespace: {{ .Spec.Namespace }} + namespace: {{ .Namespace }} --- {{ end }}{{ end }} diff --git a/pkg/cli/alpha/config-gen/templates/resources/cert-manager.template.yaml b/pkg/cli/alpha/config-gen/templates/resources/cert-manager.template.yaml index dbe9ff0ad4c..4cd086cc5f2 100644 --- a/pkg/cli/alpha/config-gen/templates/resources/cert-manager.template.yaml +++ b/pkg/cli/alpha/config-gen/templates/resources/cert-manager.template.yaml @@ -6,20 +6,20 @@ apiVersion: cert-manager.io/v1 kind: Issuer metadata: - name: {{ .Spec.Name }}-selfsigned-issuer - namespace: {{ .Spec.Namespace }} + name: {{ .Name }}-selfsigned-issuer + namespace: {{ .Namespace }} spec: selfSigned: {} --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: - name: {{ .Spec.Name }}-serving-cert - namespace: {{ .Spec.Namespace }} + name: {{ .Name }}-serving-cert + namespace: {{ .Namespace }} spec: dnsNames: - - webhook-service.{{ .Spec.Namespace }}.svc - - webhook-service.{{ .Spec.Namespace }}.svc.cluster.local + - webhook-service.{{ .Namespace }}.svc + - webhook-service.{{ .Namespace }}.svc.cluster.local issuerRef: kind: Issuer name: selfsigned-issuer diff --git a/pkg/cli/alpha/config-gen/templates/resources/component.template.yaml b/pkg/cli/alpha/config-gen/templates/resources/component.template.yaml index 079e3c805d3..00534a0ff69 100644 --- a/pkg/cli/alpha/config-gen/templates/resources/component.template.yaml +++ b/pkg/cli/alpha/config-gen/templates/resources/component.template.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: manager-config - namespace: {{ .Spec.Namespace }} + namespace: {{ .Namespace }} labels: control-plane: controller-manager data: diff --git a/pkg/cli/alpha/config-gen/templates/resources/controller-manager.template.yaml b/pkg/cli/alpha/config-gen/templates/resources/controller-manager.template.yaml index 6aa82ec6155..53e1f9158b9 100644 --- a/pkg/cli/alpha/config-gen/templates/resources/controller-manager.template.yaml +++ b/pkg/cli/alpha/config-gen/templates/resources/controller-manager.template.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: controller-manager - namespace: {{ .Spec.Namespace }} + namespace: {{ .Namespace }} labels: control-plane: controller-manager spec: @@ -36,7 +36,7 @@ spec: apiVersion: v1 kind: Service metadata: - namespace: {{ .Spec.Namespace }} + namespace: {{ .Namespace }} name: webhook-service labels: control-plane: webhook @@ -52,7 +52,7 @@ spec: apiVersion: v1 kind: Service metadata: - namespace: {{ .Spec.Namespace }} + namespace: {{ .Namespace }} name: metrics-service labels: control-plane: controller-manager diff --git a/pkg/cli/alpha/config-gen/templates/resources/development-webhook-secret.template.yaml b/pkg/cli/alpha/config-gen/templates/resources/development-webhook-secret.template.yaml index 59dbe6b3f80..98610418ced 100644 --- a/pkg/cli/alpha/config-gen/templates/resources/development-webhook-secret.template.yaml +++ b/pkg/cli/alpha/config-gen/templates/resources/development-webhook-secret.template.yaml @@ -1,9 +1,9 @@ -{{- if .Spec.Development.GenerateCert }} +{{- if .Spec.DevelopmentOptions.GenerateCert }} apiVersion: v1 kind: Secret metadata: name: webhook-server-cert - namespace: {{ .Spec.Namespace }} + namespace: {{ .Namespace }} data: tls.key: {{ .Status.CertKey }} tls.crt: {{ .Status.CertCA }} diff --git a/pkg/cli/alpha/config-gen/templates/resources/namespace.template.yaml b/pkg/cli/alpha/config-gen/templates/resources/namespace.template.yaml index f96d15219a2..c7bb7c61b14 100644 --- a/pkg/cli/alpha/config-gen/templates/resources/namespace.template.yaml +++ b/pkg/cli/alpha/config-gen/templates/resources/namespace.template.yaml @@ -4,6 +4,6 @@ kind: Namespace metadata: labels: control-plane: controller-manager - name: {{ .Spec.Namespace }} + name: {{ .Namespace }} --- {{- end }} diff --git a/pkg/cli/alpha/config-gen/templates/resources/prometheus.template.yaml b/pkg/cli/alpha/config-gen/templates/resources/prometheus.template.yaml index fcb83fb90cb..347eefd1965 100644 --- a/pkg/cli/alpha/config-gen/templates/resources/prometheus.template.yaml +++ b/pkg/cli/alpha/config-gen/templates/resources/prometheus.template.yaml @@ -2,7 +2,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: - namespace: {{ .Spec.Namespace }} + namespace: {{ .Namespace }} name: controller-manager-metrics-monitor labels: control-plane: controller-manager diff --git a/pkg/cli/alpha/config-gen/templates/resources/rbac.template.yaml b/pkg/cli/alpha/config-gen/templates/resources/rbac.template.yaml index bb41604bb33..63bd1e4f079 100644 --- a/pkg/cli/alpha/config-gen/templates/resources/rbac.template.yaml +++ b/pkg/cli/alpha/config-gen/templates/resources/rbac.template.yaml @@ -2,21 +2,21 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ .Spec.Namespace }}-manager-rolebinding + name: {{ .Namespace }}-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ .Spec.Namespace }}-manager-role + name: {{ .Namespace }}-manager-role subjects: - kind: ServiceAccount name: default - namespace: {{ .Spec.Namespace }} + namespace: {{ .Namespace }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: {{ .Spec.Namespace }}-leader-election-role - namespace: {{ .Spec.Namespace }} + name: {{ .Namespace }}-leader-election-role + namespace: {{ .Namespace }} rules: - apiGroups: - "" @@ -48,15 +48,15 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ .Spec.Namespace }}-leader-election-rolebinding - namespace: {{ .Spec.Namespace }} + name: {{ .Namespace }}-leader-election-rolebinding + namespace: {{ .Namespace }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ .Spec.Namespace }}-leader-election-role + name: {{ .Namespace }}-leader-election-role subjects: - kind: ServiceAccount name: default - namespace: {{ .Spec.Namespace }} + namespace: {{ .Namespace }} --- {{ end }} diff --git a/pkg/cli/alpha/config-gen/types.go b/pkg/cli/alpha/config-gen/types.go index 9375e904647..151b3c42d5e 100644 --- a/pkg/cli/alpha/config-gen/types.go +++ b/pkg/cli/alpha/config-gen/types.go @@ -34,153 +34,158 @@ type KubebuilderConfigGen struct { // Status is the configuration status defined at runtime. Status KubebuilderConfigGenStatus `json:"status,omitempty" yaml:"status,omitempty"` - - // Project is for the field name used by the PROJECT file (config), instead of spec. - // Use Spec unless in the PROJECT file. - Project *KubebuilderConfigGenSpec `json:"config,omitempty" yaml:"config,omitempty"` } -var ( - // NamespaceComponent will create the namespace for the controller-manager - NamespaceComponent = "namespace" +// ComponentConfigEnabled returns true if component config is being used +func (a *KubebuilderConfigGenSpec) ComponentConfigEnabled() bool { + return a.ControllerManager.ComponentConfig.Enable != nil && + *a.ControllerManager.ComponentConfig.Enable +} - // ControllerManagerComponent will create the controller-manager Deployment - ControllerManagerComponent = "controller-manager" +// KubebuilderConfigGenSpec defines the desired configuration to be generated +type KubebuilderConfigGenSpec struct { + // CRDs configures how CRDs + related RBAC and Webhook resources are generated. + CRDs *CRDs `json:"crds,omitempty" yaml:"crds,omitempty"` - // WebhooksComponent will create the webhook configurations - WebhooksComponent = "webhooks" + // ControllerManager configures how the controller-manager Deployment is generated. + ControllerManager *ControllerManager `json:"controllerManager,omitempty" yaml:"controllerManager,omitempty"` - // CRDsComponent will create the CRDs - CRDsComponent = "crds" + // Webhooks configures how webhooks and certificates are generated. + Webhooks *Webhooks `json:"webhooks,omitempty" yaml:"webhooks,omitempty"` +} - // RBACComponent will create RBAC rules - RBACComponent = "rbac" +// CRDs configures how controller-gen is run against the project go source code in order to generate CRDs and RBAC. +type CRDs struct { + // SourceDirectory is the go project directory containing source code marked up with controller-gen tags. + // Defaults to the directory containing the KubebuilderConfigGen configuration file. + // +optional + SourceDirectory *string `json:"sourceDirectory,omitempty" yaml:"sourceDirectory,omitempty"` +} - // CertManagerComponent will create the Issuer and Certificate resources - // for CertManager to inject the certificates - CertManagerComponent = "cert-manager" +// ControllerManager configures how the controller-manager resources are generated. +type ControllerManager struct { + // Image is the container image to run as the controller-manager. + Image *string `json:"image,omitempty" yaml:"image,omitempty"` - // PrometheusComponent will create the ServiceMonitor resource - PrometheusComponent = "prometheus" -) + // Metrics configures how prometheus metrics are exposed. + Metrics *Metrics `json:"metrics,omitempty" yaml:"metrics,omitempty"` -// getDefaultComponents returns the set of components that are created by default -func getDefaultComponents() map[string]bool { - return map[string]bool{ - NamespaceComponent: true, - ControllerManagerComponent: true, - RBACComponent: true, - CRDsComponent: true, - } + // ComponentConfig configures how the controller-manager is configured. + // +optional + ComponentConfig ComponentConfig `json:"componentConfig,omitempty" yaml:"componentConfig,omitempty"` } -// Enabled returns true if the component is enabled -func (a *KubebuilderConfigGenSpec) Enabled(component string) bool { - return a.Components[component] -} +// Metrics configures how prometheus metrics are exposed from the controller. +type Metrics struct { + // DisableAuthProxy if set to true will disable the auth proxy + // +optional + Disable *bool `json:"disableAuthProxy,omitempty" yaml:"disableAuthProxy,omitempty"` -// ComponentConfigEnabled returns true if component config is being used -func (a *KubebuilderConfigGenSpec) ComponentConfigEnabled() bool { - return a.ComponentConfigFilepath != "" + // EnableServiceMonitoir if set to true with generate the prometheus ServiceMonitor resource + // +optional + EnableServiceMonitor *bool `json:"enableServiceMonitor,omitempty" yaml:"enableServiceMonitor,omitempty"` } -// KubebuilderConfigGenSpec defines the desired configuration to be generated -type KubebuilderConfigGenSpec struct { - // Directory is the kubebuilder directory containing the code. - // Defaults to the directory containing the KubebuilderConfigGen configuration file. - Directory string `json:"projectDirectory" yaml:"projectDirectory"` +// ComponentConfig configures how to setup the controller-manager to use component config rather +// than flag driven options. +type ComponentConfig struct { + // Enable if set to true will use component config rather than flags. + Enable *bool `json:"enable,omitempty" yaml:"enable,omitempty"` - // Name is the name of project and used to generate the component and role names - // Defaults to metadata.name - Name string `json:"projectName" yaml:"projectName"` + // ConfigFilepath is the relative path to a file containing component config. + ConfigFilepath *string `json:"configFilepath,omitempty" yaml:"configFilepath,omitempty"` +} - // Namespace is the namespace to run the project in. - // Defaults to "${spec.name}-system" -- e.g. if spec.name is "foo", - // the default namespace will be "foo-system". - Namespace string `json:"namespace" yaml:"namespace"` +// Webhooks configures how webhooks are generated. +type Webhooks struct { + // Enable if set to true will generate webhook configurations. + Enable *bool `json:"enable,omitempty" yaml:"enable,omitempty"` - // Image is the container image to run in the controller-manager Deployment - Image string `json:"image" yaml:"image"` + // EnableConversion configures which resource types to enable conversion webhooks for. + // Conversion will be set in the CRDs for these resource types. + // The key is the resource Kind. + // Note: This is a map rather than a list so it can be overridden when patched or merged. + EnableConversion map[string]bool `json:"enableConversion,omitempty" yaml:"enableConversion,omitempty"` - // Components is a map of components to enable or disable. - // Defaults to enabling: ["namespace", "controller-manager", "rbac", "crds"] - Components map[string]bool `json:"components" yaml:"components"` + // CertificateSource defines where to get the webhook certificates from. + CertificateSource *CertificateSource `json:"certificateSource,omitempty" yaml:"certificateSource,omitempty"` +} - // DisableAuthProxy if set to true will disable the auth proxy - DisableAuthProxy bool `json:"disableAuthProxy,omitempty" yaml:"disableAuthProxy,omitempty"` +// CertificateSource configures where to get webhook certificates from. +// It is a discriminated union. +type CertificateSource struct { + // Type is a discriminator for this union. + // One of: ["certManager", "dev", "manual"]. + // Defaults to "manual". + Type string `json:"type,omitempty" yaml:"type,omitempty"` + + // ManualCertificate requires the user to provide a certificate. + // Requires "manual" as the type. + ManualCertificate *ManualCertificate `json:"manualCertificate,omitempty" yaml:"manualCertificate,omitempty"` + + // CertManagerCertificate relies on the certificate manager operator installed separately. + // Requires "certManager" as the type. + CertManagerCertificate *CertManagerCertificate `json:"certManagerCert,omitempty" yaml:"certManagerCert,omitempty"` + + // GenerateCert will generate self signed certificate and inject it into the caBundles. + // For development only, not a production grade solution. + // Requires "dev" as the type. + DevCertificate *DevCertificate `json:"devCertificate,omitempty" yaml:"devCertificate,omitempty"` +} - // ConversionWebhooks is a map of kinds to enable conversion webhooks for - ConversionWebhooks map[string]bool `json:"conversionWebhooks,omitempty" yaml:"conversionWebhooks,omitempty"` +// ManualCertificate will not generate any certificate, and requires the user to manually +// specify and wire one in. +type ManualCertificate struct { + // Placeholder for future options + // TODO: Consider allowing users to specify the path to a file containing a certificate +} - // Development contains development options - Development DevelopmentOptions `json:"developmentOptions,omitempty" yaml:"developmentOptions,omitempty"` +// CertManagerCertificate will generate cert-manager.io/v1 Issuer and Certificate resources. +type CertManagerCertificate struct { + // Placeholder for future options +} - // ComponentConfigFilepath is the relative path to a component config file used to configure the - // controller-manager - ComponentConfigFilepath string `json:"componentConfigFilepath,omitempty" yaml:"componentConfigFilepath,omitempty"` +// DevCertificate generates a certificate for development purposes and wires it into the appropriate locations. +type DevCertificate struct { + // CertDuration sets the duration for the generated cert. Defaults to 1 hour. + CertDuration *time.Duration `json:"certDuration,omitempty" yaml:"certDuration,omitempty"` } -// KubebuilderConfigGenStatus is runtime status for the api configuration +// KubebuilderConfigGenStatus is runtime status for the api configuration. +// It is used to pass values generated at runtime (not directly specified by users) +// to templates. type KubebuilderConfigGenStatus struct { + // CertCA is the CertCA generated at runtime. CertCA string + // CertKey is the CertKey generated at runtime. CertKey string + // ComponentConfigString is the contents of the component config file read from disk. ComponentConfigString string } -// DevelopmentOptions defines options for development installation -type DevelopmentOptions struct { - // GenerateCert will cause a self signed certificate to be generated and injected - // into the Webhook caBundles. - GenerateCert bool `json:"generateCert,omitempty" yaml:"generateCert,omitempty"` - - // CertDuration sets the duration for the cert - CertDuration time.Duration `json:"certDuration,omitempty" yaml:"certDuration,omitempty"` -} - // Default defaults the values func (kp *KubebuilderConfigGen) Default() error { - // merge project.yaml into fc - if kp.Project != nil { - // For compabitility with the PROJECT file format - kp.Spec = *kp.Project - } - // Validate the input - if kp.Spec.Name == "" { - if kp.Name == "" { - return errors.Errorf("must specify Kubebuilder projectName field") - } - kp.Spec.Name = kp.Name + if kp.Name == "" { + return errors.Errorf("must specify Kubebuilder projectName field") } - if kp.Spec.Namespace == "" { - if kp.Namespace != "" { - kp.Spec.Namespace = kp.Namespace - } else { - kp.Spec.Namespace = kp.Spec.Name + "-system" - } + if kp.Namespace == "" { + kp.Namespace = kp.Name + "-system" } - if kp.Spec.Image == "" { + if kp.Spec.ControllerManager.Image == nil { return errors.Errorf("must specify Kubebuilder image field") } - if kp.Spec.Development.CertDuration == 0 { - kp.Spec.Development.CertDuration = time.Hour + if kp.Spec.Webhooks.CertDuration == nil { + d := time.Hour + kp.Spec.Webhooks.CertDuration = &d } if kp.Spec.Directory == "" { kp.Spec.Directory = "./..." } - if kp.Spec.Components == nil { - kp.Spec.Components = map[string]bool{} - } - for k, v := range getDefaultComponents() { - if _, found := kp.Spec.Components[k]; !found { - kp.Spec.Components[k] = v - } - } - if kp.Spec.ComponentConfigFilepath != "" { b, err := ioutil.ReadFile(kp.Spec.ComponentConfigFilepath) if err != nil {