From 99c99a1ce675296762df428f1c08299d855ce4ce Mon Sep 17 00:00:00 2001
From: Ky-Anh Huynh <kyanh@viettug.org>
Date: Fri, 9 Oct 2020 01:31:17 +0200
Subject: [PATCH] vpa/hack/vpa-process-yamls.sh add print action

The print action will print yaml contents for all resources
that would be understood by the next kubectl subcommand
(e.g., kubectl diff). This would be helpful for kustomization
user who wants to generate complete yaml content and
store them in their source tree.

Action delete, diff and print will include crd information.
The print action will not include secret information
that is supposed to be generated by gencerts.sh script.
---
 vertical-pod-autoscaler/README.md                | 14 ++++++++++++--
 .../hack/vpa-process-yamls.sh                    | 16 ++++++++++------
 2 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/vertical-pod-autoscaler/README.md b/vertical-pod-autoscaler/README.md
index 0a36f895e699..9a67706a3bfd 100644
--- a/vertical-pod-autoscaler/README.md
+++ b/vertical-pod-autoscaler/README.md
@@ -112,6 +112,16 @@ in the `kube-system` namespace. It also generates
 and uploads a secret (a CA cert) used by VPA Admission Controller when communicating
 with the API server.
 
+To print YAML contents with all resources that would be understood by
+`kubectl diff|apply|...` commands, you can use
+
+```
+./hack/vpa-process-yamls.sh print
+```
+
+The output of that command won't include secret information generated by
+[pkg/admission-controller/gencerts.sh](pkg/admission-controller/gencerts.sh) script.
+
 ### Quick start
 
 After [installation](#installation) the system is ready to recommend and set
@@ -275,7 +285,7 @@ VPA will set RAM request to 2 GB (following the resource policy) and RAM limit t
   be restarted. The pod may be recreated on a different node.
 * VPA does not evict pods which are not run under a controller. For such pods
   `Auto` mode is currently equivalent to `Initial`.
-* Vertical Pod Autoscaler **should not be used with the [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) (HPA) on CPU or memory** at this moment. 
+* Vertical Pod Autoscaler **should not be used with the [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) (HPA) on CPU or memory** at this moment.
   However, you can use VPA with [HPA on custom and external metrics](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#support-for-custom-metrics).
 * The VPA admission controller is an admission webhook. If you add other admission webhooks
   to you cluster, it is important to analyze how they interact and whether they may conflict
@@ -283,7 +293,7 @@ VPA will set RAM request to 2 GB (following the resource policy) and RAM limit t
 * VPA reacts to most out-of-memory events, but not in all situations.
 * VPA performance has not been tested in large clusters.
 * VPA recommendation might exceed available resources (e.g. Node size, available
-  size, available quota) and cause **pods to go pending**. This can be partly 
+  size, available quota) and cause **pods to go pending**. This can be partly
   addressed by using VPA together with [Cluster Autoscaler](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#basics).
 * Multiple VPA resources matching the same pod have undefined behavior.
 
diff --git a/vertical-pod-autoscaler/hack/vpa-process-yamls.sh b/vertical-pod-autoscaler/hack/vpa-process-yamls.sh
index 9173979d6816..95d19641786c 100755
--- a/vertical-pod-autoscaler/hack/vpa-process-yamls.sh
+++ b/vertical-pod-autoscaler/hack/vpa-process-yamls.sh
@@ -22,7 +22,8 @@ SCRIPT_ROOT=$(dirname ${BASH_SOURCE})/..
 
 function print_help {
   echo "ERROR! Usage: vpa-process-yamls.sh <action> [<component>]"
-  echo "<action> should be either 'create' or 'delete'."
+  echo "<action> should be either 'create', 'diff', 'print' or 'delete'."
+  echo "The 'print' action will print all resources that would be used by, e.g., 'kubectl diff'."
   echo "<component> might be one of 'admission-controller', 'updater', 'recommender'."
   echo "If <component> is set, only the deployment of that component will be processed,"
   echo "otherwise all components and configs will be processed."
@@ -40,9 +41,9 @@ fi
 
 ACTION=$1
 COMPONENTS="vpa-v1-crd vpa-rbac updater-deployment recommender-deployment admission-controller-deployment"
-if [ ${ACTION} == delete ]; then
-  COMPONENTS+=" vpa-beta2-crd"
-fi
+case ${ACTION} in
+delete|diff|print) COMPONENTS+=" vpa-beta2-crd" ;;
+esac
 
 if [ $# -gt 1 ]; then
   COMPONENTS="$2-deployment"
@@ -57,6 +58,9 @@ for i in $COMPONENTS; do
       (bash ${SCRIPT_ROOT}/pkg/admission-controller/delete-webhook.sh || true)
     fi
   fi
-  ${SCRIPT_ROOT}/hack/vpa-process-yaml.sh ${SCRIPT_ROOT}/deploy/$i.yaml | kubectl ${ACTION} -f - || true
+  if [[ ${ACTION} == print ]]; then
+    ${SCRIPT_ROOT}/hack/vpa-process-yaml.sh ${SCRIPT_ROOT}/deploy/$i.yaml
+  else
+    ${SCRIPT_ROOT}/hack/vpa-process-yaml.sh ${SCRIPT_ROOT}/deploy/$i.yaml | kubectl ${ACTION} -f - || true
+  fi
 done
-