From c71f46ad8f72ae3eb7236e6fae9ec1d0b633ead6 Mon Sep 17 00:00:00 2001 From: Chandan Kumar Date: Wed, 27 Nov 2024 11:19:20 +0530 Subject: [PATCH] Added run-with-webhook make target It will help to run with webhook. Signed-off-by: Chandan Kumar --- Makefile | 15 ++ hack/clean_local_webhook.sh | 11 ++ hack/run_with_local_webhook.sh | 295 +++++++++++++++++++++++++++++++++ 3 files changed, 321 insertions(+) create mode 100644 hack/clean_local_webhook.sh create mode 100644 hack/run_with_local_webhook.sh diff --git a/Makefile b/Makefile index fc889c4..55d2e4f 100644 --- a/Makefile +++ b/Makefile @@ -437,3 +437,18 @@ PHONY: crd-schema-check crd-schema-check: manifests INSTALL_DIR=$(LOCALBIN) CRD_SCHEMA_CHECKER_VERSION=$(CRD_SCHEMA_CHECKER_VERSION) hack/build-crd-schema-checker.sh INSTALL_DIR=$(LOCALBIN) BASE_REF="$${PULL_BASE_SHA:-$(BRANCH)}" hack/crd-schema-checker.sh + +# Used for webhook testing +# The configure_local_webhook.sh script below will remove any OLM webhooks +# for the operator and also scale its deployment replicas down to 0 so that +# the operator can run locally. +# We will attempt to catch SIGINT/SIGTERM and clean up the local webhooks, +# but it may be necessary to manually run ./hack/clean_local_webhook.sh +# before deploying with OLM again for other untrappable signals. +SKIP_CERT ?=false +.PHONY: run-with-webhook +run-with-webhook: export METRICS_PORT?=8080 +run-with-webhook: export HEALTH_PORT?=8081 +run-with-webhook: manifests generate fmt vet ## Run a controller from your host. + /bin/bash hack/clean_local_webhook.sh + /bin/bash hack/run_with_local_webhook.sh diff --git a/hack/clean_local_webhook.sh b/hack/clean_local_webhook.sh new file mode 100644 index 0000000..5c853e3 --- /dev/null +++ b/hack/clean_local_webhook.sh @@ -0,0 +1,11 @@ +#!/bin/bash +set -ex + +oc delete validatingwebhookconfiguration/vwatcher.kb.io --ignore-not-found +oc delete mutatingwebhookconfiguration/mwatcher.kb.io --ignore-not-found +oc delete validatingwebhookconfiguration/vwatcherapi.kb.io --ignore-not-found +oc delete mutatingwebhookconfiguration/mwatcherapi.kb.io --ignore-not-found +oc delete validatingwebhookconfiguration/vwatcherdecisionengine.kb.io --ignore-not-found +oc delete mutatingwebhookconfiguration/mwatcherdecisionengine.kb.io --ignore-not-found +oc delete validatingwebhookconfiguration/vwatcherapplier.kb.io --ignore-not-found +oc delete mutatingwebhookconfiguration/mwatcherapplier.kb.io --ignore-not-found \ No newline at end of file diff --git a/hack/run_with_local_webhook.sh b/hack/run_with_local_webhook.sh new file mode 100644 index 0000000..10c1bac --- /dev/null +++ b/hack/run_with_local_webhook.sh @@ -0,0 +1,295 @@ +#!/bin/bash +set -ex + +# Define a cleanup function +cleanup() { + echo "Caught signal, cleaning up local webhooks..." + ./hack/clean_local_webhook.sh + exit 0 +} + +# Set trap to catch SIGINT and SIGTERM +trap cleanup SIGINT SIGTERM + +TMPDIR=${TMPDIR:-"/tmp/k8s-webhook-server/serving-certs"} +SKIP_CERT=${SKIP_CERT:-false} +CRC_IP=${CRC_IP:-$(/sbin/ip -o -4 addr list crc | awk '{print $4}' | cut -d/ -f1)} +FIREWALL_ZONE=${FIREWALL_ZONE:-"libvirt"} +SKIP_FIREWALL=${SKIP_FIREWALL:-false} + +if [ "$SKIP_FIREWALL" = false ] ; then + #Open 9443 + sudo firewall-cmd --zone=${FIREWALL_ZONE} --add-port=9443/tcp + sudo firewall-cmd --runtime-to-permanent +fi + +# Generate the certs and the ca bundle +if [ "$SKIP_CERT" = false ] ; then + mkdir -p ${TMPDIR} + rm -rf ${TMPDIR}/* || true + + openssl req -newkey rsa:2048 -days 3650 -nodes -x509 \ + -subj "/CN=${HOSTNAME}" \ + -addext "subjectAltName = IP:${CRC_IP}" \ + -keyout ${TMPDIR}/tls.key \ + -out ${TMPDIR}/tls.crt + + cat ${TMPDIR}/tls.crt ${TMPDIR}/tls.key | base64 -w 0 > ${TMPDIR}/bundle.pem + +fi + +CA_BUNDLE=`cat ${TMPDIR}/bundle.pem` + +# Patch the webhook(s) +cat >> ${TMPDIR}/patch_webhook_configurations.yaml < "${CSV_FILE}" + + printf \ + "\n\tNow patching operator CSV to remove its OLM deployment and associated webhooks. + The original OLM version of the operator's CSV has been copied to %s. To restore it, use: + oc patch -n openstack-operators %s --type=merge --patch-file=%s\n\n" "${CSV_FILE}" "${CSV_NAME}" "${CSV_FILE}" + fi + + oc patch "${CSV_NAME}" -n openstack-operators --type=json -p="[{'op': 'replace', 'path': '/spec/install/spec/deployments/0/spec/replicas', 'value': 0}]" + oc patch "${CSV_NAME}" -n openstack-operators --type=json -p="[{'op': 'replace', 'path': '/spec/webhookdefinitions', 'value': []}]" +fi + +go run ./main.go -metrics-bind-address ":${METRICS_PORT}" -health-probe-bind-address ":${HEALTH_PORT}"