Pr finalize v1alpha2 (kubernetes-sigs#462)

* Re-sync controller implementation with CAPA, Fix cloud config indent bug, also copy addons to examples output folder, Re-sync makefile

* update

* fix image name, more sync

* Update generate.sh

Dockerfile

@@ -13,39 +13,13 @@
 # limitations under the License.
 
 # Build the manager binary
-#FROM golang:1.12.9 as builder
-#
-## Copy in the go src
-#WORKDIR ${GOPATH}/src/sigs.k8s.io/cluster-api-provider-openstack
-#COPY pkg/    pkg/
-#COPY cmd/    cmd/
-#COPY vendor/ vendor/
-#COPY api/ api/
-#COPY controllers/ controllers/
-#COPY main.go main.go
-#COPY go.mod go.mod
-#COPY go.sum go.sum
-#
-## Build
-#RUN CGO_ENABLED=0 GOOS=linux GO111MODULE=on GOFLAGS="-mod=vendor" \
-#    go build -a -ldflags '-extldflags "-static"' \
-#    -o manager sigs.k8s.io/cluster-api-provider-openstack
-#
-## Copy the controller-manager into a thin image
-#FROM gcr.io/distroless/static:latest
-#WORKDIR /
-#COPY --from=builder /go/src/sigs.k8s.io/cluster-api-provider-openstack/manager .
-#USER nobody
-#ENTRYPOINT ["/manager"]
-
-# Build the manager binary
-FROM golang:1.12.9
+FROM golang:1.12.9 as builder
+WORKDIR /workspace
 
 # Run this with docker build --build_arg $(go env GOPROXY) to override the goproxy
 ARG goproxy=https://proxy.golang.org
 ENV GOPROXY=$goproxy
 
-WORKDIR /workspace
 # Copy the Go Modules manifests
 COPY go.mod go.mod
 COPY go.sum go.sum
@@ -54,17 +28,17 @@ COPY go.sum go.sum
 RUN go mod download
 
 # Copy the sources
-COPY main.go main.go
-COPY api/ api/
-COPY controllers/ controllers/
-COPY pkg/    pkg/
+COPY ./ ./
 
-# Allow containerd to restart pods by calling /restart.sh (mostly for tilt + fast dev cycles)
-# TODO: Remove this on prod and use a multi-stage build
-COPY third_party/forked/rerun-process-wrapper/start.sh .
-COPY third_party/forked/rerun-process-wrapper/restart.sh .
+# Build
+ARG ARCH
+RUN CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} \
+    go build -a -ldflags '-extldflags "-static"' \
+    -o manager .
 
-# Build and run
-RUN go install -v .
-RUN mv /go/bin/cluster-api-provider-openstack /manager
-ENTRYPOINT ["./start.sh", "/manager"]
+# Copy the controller-manager into a thin image
+FROM gcr.io/distroless/static:latest
+WORKDIR /
+COPY --from=builder /workspace/manager .
+USER nobody
+ENTRYPOINT ["/manager"]

Makefile

@@ -43,9 +43,9 @@ MOCKGEN := $(TOOLS_BIN_DIR)/mockgen
 
 # Define Docker related variables. Releases should modify and double check these vars.
 REGISTRY ?= gcr.io/$(shell gcloud config get-value project)
-STAGING_REGISTRY := gcr.io/k8s-staging-cluster-api-openstack
-PROD_REGISTRY := us.gcr.io/k8s-artifacts-prod/cluster-api-openstack
-IMAGE_NAME ?= cluster-api-openstack-controller
+STAGING_REGISTRY := gcr.io/k8s-staging-capi-openstack
+PROD_REGISTRY := us.gcr.io/k8s-artifacts-prod/capi-openstack
+IMAGE_NAME ?= capi-openstack-controller
 CONTROLLER_IMG ?= $(REGISTRY)/$(IMAGE_NAME)
 TAG ?= dev
 ARCH ?= amd64
@@ -225,7 +225,7 @@ docker-push-manifest: ## Push the fat manifest docker image.
 	## Minimum docker version 18.06.0 is required for creating and pushing manifest images.
 	docker manifest create --amend $(CONTROLLER_IMG):$(TAG) $(shell echo $(ALL_ARCH) | sed -e "s~[^ ]*~$(CONTROLLER_IMG)\-&:$(TAG)~g")
 	@for arch in $(ALL_ARCH); do docker manifest annotate --arch $${arch} ${CONTROLLER_IMG}:${TAG} ${CONTROLLER_IMG}-$${arch}:${TAG}; done
-	docker manifest push --purge ${CONTROLLER_IMG}:${TAG}
+	docker manifest push --purge $(CONTROLLER_IMG):$(TAG)
 	MANIFEST_IMG=$(CONTROLLER_IMG) MANIFEST_TAG=$(TAG) $(MAKE) set-manifest-image
 
 .PHONY: set-manifest-image
@@ -238,24 +238,35 @@ set-manifest-image:
 ## --------------------------------------
 
 RELEASE_TAG := $(shell git describe --abbrev=0 2>/dev/null)
+RELEASE_DIR := out
+
+$(RELEASE_DIR):
+	mkdir -p $(RELEASE_DIR)/
 
 .PHONY: release
-release:  ## Builds and push container images using the latest git tag for the commit.
+release: clean-release ## Builds and push container images using the latest git tag for the commit.
 	@if [ -z "${RELEASE_TAG}" ]; then echo "RELEASE_TAG is not set"; exit 1; fi
+	@if ! [ -z "$$(git status --porcelain)" ]; then echo "Your local git repository contains uncommitted changes, use git clean before proceeding."; exit 1; fi
+	git checkout "${RELEASE_TAG}"
 	# Push the release image to the staging bucket first.
 	REGISTRY=$(STAGING_REGISTRY) TAG=$(RELEASE_TAG) \
 		$(MAKE) docker-build-all docker-push-all
 	# Set the manifest image to the production bucket.
 	MANIFEST_IMG=$(PROD_REGISTRY)/$(IMAGE_NAME) MANIFEST_TAG=$(RELEASE_TAG) \
 		$(MAKE) set-manifest-image
-	# Generate release artifacts.
-	mkdir -p out/
-	kustomize build config/default > out/infrastructure-components.yaml
+	$(MAKE) release-manifests
 
-.PHONY: release-staging-latest
-release-staging-latest: ## Builds and push container images to the staging bucket using "latest" tag.
-	REGISTRY=$(STAGING_REGISTRY) TAG=latest \
-		$(MAKE) docker-build-all docker-push-all
+.PHONY: release-manifests
+release-manifests: $(RELEASE_DIR) ## Builds the manifests to publish with a release
+	kustomize build config/default > $(RELEASE_DIR)/infrastructure-components.yaml
+
+.PHONY: release-staging
+release-staging: ## Builds and push container images to the staging bucket.
+	REGISTRY=$(STAGING_REGISTRY) $(MAKE) docker-build-all docker-push-all release-tag-latest
+
+.PHONY: release-tag-latest
+release-tag-latest: ## Adds the latest tag to the last build tag.
+	gcloud container images add-tag $(CONTROLLER_IMG):$(TAG) $(CONTROLLER_IMG):latest
 
 ## --------------------------------------
 ## Development
@@ -312,8 +323,9 @@ delete-cluster: $(CLUSTERCTL) ## Deletes the development Kubernetes Cluster "tes
 	--bootstrap-flags="name=clusterapi" \
 	--cluster test1 \
 	--kubeconfig ./kubeconfig \
-	-p ./examples/out/provider-components.yaml \
+	-p ./examples/_out/provider-components.yaml \
 
+.PHONY: kind-reset
 kind-reset: ## Destroys the "clusterapi" kind cluster.
 	kind delete cluster --name=clusterapi || true
 
@@ -335,7 +347,10 @@ clean-bin: ## Remove all generated binaries
 clean-temporary: ## Remove all temporary files and folders
 	rm -f minikube.kubeconfig
 	rm -f kubeconfig
-	rm -rf out/
+
+.PHONY: clean-release
+clean-release: ## Remove the release folder
+	rm -rf $(RELEASE_DIR)
 
 .PHONY: clean-examples
 clean-examples: ## Remove all the temporary files generated in the examples folder

README.md

@@ -120,6 +120,8 @@ For more information, please refer to [v1alpha2](https://github.com/kubernetes-s
            -m examples/_out/machines.yaml \
            -p examples/_out/provider-components.yaml \
            -a examples/addons.yaml
+   # Alternatively
+   make create-cluster
    ```
 
    - If you are using an existing Kubernetes cluster:

config/default/manager_image_patch.yaml

@@ -8,5 +8,5 @@ spec:
     spec:
       containers:
       # Change the value of image field below to your controller image URL
-      - image: k8scloudprovider/openstack-cluster-api-controller:latest
+      - image: gcr.io/k8s-staging-capi-openstack/capi-openstack-controller:dev
         name: manager

controllers/openstackcluster_controller.go

@@ -255,11 +255,11 @@ func (r *OpenStackClusterReconciler) SetupWithManager(mgr ctrl.Manager, options
 
 func (r *OpenStackClusterReconciler) getControlPlaneMachine() (*infrav1.OpenStackMachine, error) {
 	machines := &clusterv1.MachineList{}
-	if err := r.Client.List(context.Background(), machines); err != nil {
+	if err := r.Client.List(context.TODO(), machines); err != nil {
 		return nil, err
 	}
 	openStackMachines := &infrav1.OpenStackMachineList{}
-	if err := r.Client.List(context.Background(), openStackMachines); err != nil {
+	if err := r.Client.List(context.TODO(), openStackMachines); err != nil {
 		return nil, err
 	}
 

controllers/openstackmachine_controller.go

@@ -442,15 +442,28 @@ func (r *OpenStackMachineReconciler) OpenStackClusterToOpenStackMachines(o handl
 		r.Log.Error(errors.Errorf("expected a OpenStackCluster but got a %T", o.Object), "failed to get OpenStackMachine for OpenStackCluster")
 		return nil
 	}
+	log := r.Log.WithValues("OpenStackCluster", c.Name, "Namespace", c.Namespace)
 
-	labels := map[string]string{clusterv1.MachineClusterLabelName: c.Name}
-	machineList := &infrav1.OpenStackMachineList{}
-	if err := r.List(context.Background(), machineList, client.InNamespace(c.Namespace), client.MatchingLabels(labels)); err != nil {
-		r.Log.Error(err, "failed to list OpenStackMachines", "OpenStackCluster", c.Name, "Namespace", c.Namespace)
+	cluster, err := util.GetOwnerCluster(context.TODO(), r.Client, c.ObjectMeta)
+	switch {
+	case apierrors.IsNotFound(err) || cluster == nil:
+		return result
+	case err != nil:
+		log.Error(err, "failed to get owning cluster")
+		return result
+	}
+
+	labels := map[string]string{clusterv1.MachineClusterLabelName: cluster.Name}
+	machineList := &clusterv1.MachineList{}
+	if err := r.List(context.TODO(), machineList, client.InNamespace(c.Namespace), client.MatchingLabels(labels)); err != nil {
+		log.Error(err, "failed to list Machines")
 		return nil
 	}
 	for _, m := range machineList.Items {
-		name := client.ObjectKey{Namespace: m.Namespace, Name: m.Name}
+		if m.Spec.InfrastructureRef.Name == "" {
+			continue
+		}
+		name := client.ObjectKey{Namespace: m.Namespace, Name: m.Spec.InfrastructureRef.Name}
 		result = append(result, ctrl.Request{NamespacedName: name})
 	}
 

examples/controlplane/controlplane.yaml

@@ -61,7 +61,7 @@ spec:
     permissions: "0600"
     content: |-
       # cloud.conf to communicate with OpenStack
-      $OPENSTACK_CLOUD_PROVIDER_CONF
+      $OPENSTACK_CLOUD_PROVIDER_CONF6
   - path: /etc/certs/cacert
     owner: root
     permissions: "0600"
@@ -172,7 +172,7 @@ spec:
     permissions: "0600"
     content: |-
       # cloud.conf to communicate with OpenStack
-      $OPENSTACK_CLOUD_PROVIDER_CONF
+      $OPENSTACK_CLOUD_PROVIDER_CONF6
   - path: /etc/certs/cacert
     owner: root
     permissions: "0600"
@@ -254,7 +254,7 @@ spec:
     permissions: "0600"
     content: |-
       # cloud.conf to communicate with OpenStack
-      $OPENSTACK_CLOUD_PROVIDER_CONF
+      $OPENSTACK_CLOUD_PROVIDER_CONF6
   - path: /etc/certs/cacert
     owner: root
     permissions: "0600"

examples/generate.sh

@@ -14,6 +14,7 @@
 # limitations under the License.
 
 set -o errexit
+set -o nounset
 
 # Directories.
 SOURCE_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
@@ -113,7 +114,7 @@ PROVIDER_COMPONENTS_GENERATED_FILE=${OUTPUT_DIR}/provider-components.yaml
 CLUSTER_GENERATED_FILE=${OUTPUT_DIR}/cluster.yaml
 CONTROLPLANE_GENERATED_FILE=${OUTPUT_DIR}/controlplane.yaml
 MACHINEDEPLOYMENT_GENERATED_FILE=${OUTPUT_DIR}/machinedeployment.yaml
-MACHINES_GENERATED_FILE=${OUTPUT_DIR}/machines.yaml
+ADDONS_GENERATED_FILE=${OUTPUT_DIR}/addons.yaml
 
 rm -rf "${OUTPUT_DIR}"
 rm -rf "${CLOUDS_SECRETS_CONFIG_DIR}"
@@ -127,7 +128,7 @@ if [[ ! -f ${MACHINE_CONTROLLER_SSH_PRIVATE_FILE} ]]; then
   ssh-keygen -t rsa -f ${MACHINE_CONTROLLER_SSH_PRIVATE_FILE}  -N ""
 fi
 export MACHINE_CONTROLLER_SSH_PUBLIC_FILE_CONTENT
-MACHINE_CONTROLLER_SSH_PUBLIC_FILE_CONTENT=$(cat ${MACHINE_CONTROLLER_SSH_PRIVATE_FILE}.pub)
+MACHINE_CONTROLLER_SSH_PUBLIC_FILE_CONTENT="\"$(cat ${MACHINE_CONTROLLER_SSH_PRIVATE_FILE}.pub)\""
 
 CLOUDS_PATH=${CLOUDS_PATH:-""}
 OPENSTACK_CLOUD_CONFIG_PLAIN=$(cat "$CLOUDS_PATH")
@@ -144,24 +145,34 @@ if [[ "$DOMAIN_NAME" = "null" ]]; then
 fi
 CACERT_ORIGINAL=$(echo "$OPENSTACK_CLOUD_CONFIG_PLAIN" | yq r - clouds.${CLOUD}.cacert)
 
+# use only the selected cloud not the whole clouds.yaml
+OPENSTACK_CLOUD_CONFIG_SELECTED_CLOUD=$(echo "${OPENSTACK_CLOUD_CONFIG_PLAIN}" | yq r - clouds.${CLOUD} | yq p - clouds.${CLOUD})
+
 # Basic cloud.conf, no LB configuration as that data is not known yet.
-export OPENSTACK_CLOUD_PROVIDER_CONF="[Global]
-          auth-url=$AUTH_URL
-          username=\"$USERNAME\"
-          password=\"$PASSWORD\"
-          tenant-id=\"$PROJECT_ID\"
-          domain-name=\"$DOMAIN_NAME\"
+OPENSTACK_CLOUD_PROVIDER_CONF="
+[Global]
+auth-url=$AUTH_URL
+username=\"$USERNAME\"
+password=\"$PASSWORD\"
+tenant-id=\"$PROJECT_ID\"
+domain-name=\"$DOMAIN_NAME\"
 "
 if [[ "$CACERT_ORIGINAL" != "null" ]]; then
   OPENSTACK_CLOUD_PROVIDER_CONF="$OPENSTACK_CLOUD_PROVIDER_CONF
-          ca-file=\"${CACERT_ORIGINAL}\"
+ca-file=\"${CACERT_ORIGINAL}\"
   "
 fi
 if [[ "$REGION" != "null" ]]; then
   OPENSTACK_CLOUD_PROVIDER_CONF="$OPENSTACK_CLOUD_PROVIDER_CONF
-          region=\"${REGION}\"
+region=\"${REGION}\"
   "
 fi
+
+export OPENSTACK_CLOUD_PROVIDER_CONF6
+OPENSTACK_CLOUD_PROVIDER_CONF6=$(echo "${OPENSTACK_CLOUD_PROVIDER_CONF}" | sed -e 's/^/      /')
+export OPENSTACK_CLOUD_PROVIDER_CONF10
+OPENSTACK_CLOUD_PROVIDER_CONF10=$(echo "${OPENSTACK_CLOUD_PROVIDER_CONF}" | sed -e 's/^/          /')
+
 OS=$(uname)
 if [[ "$OS" =~ "Linux" ]]; then
 #  export OPENSTACK_CLOUD_PROVIDER_CONF=$(echo "$OPENSTACK_CLOUD_PROVIDER_CONF_PLAIN"|base64 -w0)
@@ -180,52 +191,46 @@ else
   exit 1
 fi
 
-echo "${OPENSTACK_CLOUD_CONFIG_PLAIN}" > ${CLOUDS_SECRETS_CONFIG_DIR}/clouds.yaml
+echo "${OPENSTACK_CLOUD_CONFIG_SELECTED_CLOUD}" > ${CLOUDS_SECRETS_CONFIG_DIR}/clouds.yaml
 if [[ "$CACERT_ORIGINAL" != "null" ]]; then
   cat "$CACERT_ORIGINAL" > ${CLOUDS_SECRETS_CONFIG_DIR}/cacert
 else
   echo "dummy" > ${CLOUDS_SECRETS_CONFIG_DIR}/cacert
 fi
 
 # Generate cluster resources.
-kustomize build "${SOURCE_DIR}/cluster" --reorder=none | envsubst > "${CLUSTER_GENERATED_FILE}"
+kustomize build "${SOURCE_DIR}/cluster" | envsubst > "${CLUSTER_GENERATED_FILE}"
 echo "Generated ${CLUSTER_GENERATED_FILE}"
 
 # Generate controlplane resources.
-kustomize build "${SOURCE_DIR}/controlplane" --reorder=none | envsubst > "${CONTROLPLANE_GENERATED_FILE}"
+kustomize build "${SOURCE_DIR}/controlplane" | envsubst > "${CONTROLPLANE_GENERATED_FILE}"
 echo "Generated ${CONTROLPLANE_GENERATED_FILE}"
 
 # Generate machinedeployment resources.
-kustomize build "${SOURCE_DIR}/machinedeployment" --reorder=none | envsubst >> "${MACHINEDEPLOYMENT_GENERATED_FILE}"
+kustomize build "${SOURCE_DIR}/machinedeployment" | envsubst >> "${MACHINEDEPLOYMENT_GENERATED_FILE}"
 echo "Generated ${MACHINEDEPLOYMENT_GENERATED_FILE}"
 
-# combine control plane and regular machines in ${MACHINES_GENERATED_FILE}
-cat ${CONTROLPLANE_GENERATED_FILE} > ${MACHINES_GENERATED_FILE}
-echo "---" >> ${MACHINES_GENERATED_FILE}
-#cat ${MACHINEDEPLOYMENT_GENERATED_FILE} >> ${MACHINES_GENERATED_FILE}
-echo "---" >> ${MACHINES_GENERATED_FILE}
-cat ${MACHINEDEPLOYMENT_GENERATED_FILE} >> ${MACHINES_GENERATED_FILE}
-echo "---" >> ${MACHINES_GENERATED_FILE}
-echo "Generated ${MACHINES_GENERATED_FILE}"
+cp ${SOURCE_DIR}/addons.yaml "${ADDONS_GENERATED_FILE}"
+echo "Generated ${ADDONS_GENERATED_FILE}"
 
 # Generate Cluster API provider components file.
-kustomize build "github.com/kubernetes-sigs/cluster-api//config/default/?ref=master" --reorder=none > "${COMPONENTS_CLUSTER_API_GENERATED_FILE}"
+kustomize build "github.com/kubernetes-sigs/cluster-api/config/default/?ref=master" > "${COMPONENTS_CLUSTER_API_GENERATED_FILE}"
 echo "Generated ${COMPONENTS_CLUSTER_API_GENERATED_FILE}"
 
 # Generate Kubeadm Bootstrap Provider components file.
-kustomize build "github.com/kubernetes-sigs/cluster-api-bootstrap-provider-kubeadm//config/default/?ref=master" --reorder=none > "${COMPONENTS_KUBEADM_GENERATED_FILE}"
+kustomize build "github.com/kubernetes-sigs/cluster-api-bootstrap-provider-kubeadm//config/default/?ref=master" > "${COMPONENTS_KUBEADM_GENERATED_FILE}"
 echo "Generated ${COMPONENTS_KUBEADM_GENERATED_FILE}"
 
 # Generate OpenStack Infrastructure Provider components file.
-kustomize build "${SOURCE_DIR}/../config/default" --reorder=none | envsubst > "${COMPONENTS_OPENSTACK_GENERATED_FILE}"
+kustomize build "${SOURCE_DIR}/../config/default" | envsubst > "${COMPONENTS_OPENSTACK_GENERATED_FILE}"
 echo "Generated ${COMPONENTS_OPENSTACK_GENERATED_FILE}"
 
 # Generate OpenStack Infrastructure Provider cloud-secrets file.
-kustomize build "${SOURCE_DIR}/clouds-secrets" --reorder=none | envsubst > "${COMPONENTS_OPENSTACK_CLOUDS_SECRETS_GENERATED_FILE}"
+kustomize build "${SOURCE_DIR}/clouds-secrets" | envsubst > "${COMPONENTS_OPENSTACK_CLOUDS_SECRETS_GENERATED_FILE}"
 echo "Generated ${COMPONENTS_OPENSTACK_CLOUDS_SECRETS_GENERATED_FILE}"
 echo "WARNING: ${COMPONENTS_OPENSTACK_CLOUDS_SECRETS_GENERATED_FILE} includes OpenStack credentials"
 
 # Generate a single provider components file.
-kustomize build "${SOURCE_DIR}/provider-components"| envsubst > "${PROVIDER_COMPONENTS_GENERATED_FILE}"
+kustomize build "${SOURCE_DIR}/provider-components" | envsubst > "${PROVIDER_COMPONENTS_GENERATED_FILE}"
 echo "Generated ${PROVIDER_COMPONENTS_GENERATED_FILE}"
 echo "WARNING: ${PROVIDER_COMPONENTS_GENERATED_FILE} includes OpenStack credentials"