From 10849eea0b5650904adb68e354bb02c80176237f Mon Sep 17 00:00:00 2001 From: Kasun Talwatta Date: Thu, 7 Dec 2023 03:05:06 +1300 Subject: [PATCH] Adding scheme to readiness probe (#522) * Adding scheme to readiness probe Signed-off-by: pseudonator * Fixed test description Signed-off-by: pseudonator * Updated the changelog ver Signed-off-by: pseudonator --------- Signed-off-by: pseudonator --- .../v0.36.1/readinessprobe-scheme-field.yaml | 7 + codegen/cmd_test.go | 73 ++++++++++ codegen/model/chart.go | 1 + .../chart/operator-deployment.yamltmpl | 3 + codegen/test/chart-readiness/Chart.yaml | 8 ++ .../chart-readiness/templates/_helpers.tpl | 54 +++++++ .../chart-readiness/templates/deployment.yaml | 134 ++++++++++++++++++ .../test/chart-readiness/templates/rbac.yaml | 2 + codegen/test/chart-readiness/values.yaml | 19 +++ 9 files changed, 301 insertions(+) create mode 100644 changelog/v0.36.1/readinessprobe-scheme-field.yaml create mode 100644 codegen/test/chart-readiness/Chart.yaml create mode 100644 codegen/test/chart-readiness/templates/_helpers.tpl create mode 100644 codegen/test/chart-readiness/templates/deployment.yaml create mode 100644 codegen/test/chart-readiness/templates/rbac.yaml create mode 100644 codegen/test/chart-readiness/values.yaml diff --git a/changelog/v0.36.1/readinessprobe-scheme-field.yaml b/changelog/v0.36.1/readinessprobe-scheme-field.yaml new file mode 100644 index 000000000..5a870943c --- /dev/null +++ b/changelog/v0.36.1/readinessprobe-scheme-field.yaml @@ -0,0 +1,7 @@ +changelog: + - type: NEW_FEATURE + issueLink: https://github.com/solo-io/skv2/issues/521 + resolvesIssue: false + description: | + Support scheme field for readiness probes. By default it is HTTP and an optional field. + skipCI: false \ No newline at end of file diff --git a/codegen/cmd_test.go b/codegen/cmd_test.go index 6b98a6f2f..3ee8167eb 100644 --- a/codegen/cmd_test.go +++ b/codegen/cmd_test.go @@ -2520,6 +2520,79 @@ roleRef: Entry("sidecar service port name with hyphen", "foo-bar"), ) + It("render readiness probe when scheme is specified", func() { + cmd := &Command{ + Chart: &Chart{ + Operators: []Operator{ + { + Name: "painter", + Deployment: Deployment{ + Container: Container{ + Image: Image{ + Tag: "v0.0.0", + Repository: "painter", + Registry: "quay.io/solo-io", + PullPolicy: "IfNotPresent", + }, + ReadinessProbe: &ReadinessProbe{ + Path: "/", + Port: "8080", + Scheme: "HTTPS", + PeriodSeconds: 10, + InitialDelaySeconds: 5, + }, + }, + }, + }, + }, + + Values: nil, + Data: Data{ + ApiVersion: "v1", + Description: "", + Name: "Painting Operator", + Version: "v0.0.1", + Home: "https://docs.solo.io/skv2/latest", + Sources: []string{ + "https://github.com/solo-io/skv2", + }, + }, + }, + + ManifestRoot: "codegen/test/chart-readiness", + } + + err := cmd.Execute() + Expect(err).NotTo(HaveOccurred()) + + helmValues := map[string]interface{}{} + + renderedManifests := helmTemplate("codegen/test/chart-readiness", helmValues) + + var renderedDeployment *appsv1.Deployment + decoder := kubeyaml.NewYAMLOrJSONDecoder(bytes.NewBuffer(renderedManifests), 4096) + for { + obj := &unstructured.Unstructured{} + err := decoder.Decode(obj) + if err != nil { + break + } + if obj.GetName() != "painter" || obj.GetKind() != "Deployment" { + continue + } + + bytes, err := obj.MarshalJSON() + Expect(err).NotTo(HaveOccurred()) + renderedDeployment = &appsv1.Deployment{} + err = json.Unmarshal(bytes, renderedDeployment) + Expect(err).NotTo(HaveOccurred()) + } + Expect(renderedDeployment).NotTo(BeNil()) + renderedReadinessProbe := renderedDeployment.Spec.Template.Spec.Containers[0].ReadinessProbe.HTTPGet + Expect(string(renderedReadinessProbe.Scheme)).To(Equal("HTTPS")) + Expect(int(renderedReadinessProbe.Port.IntVal)).To(Equal(8080)) + }) + It("can configure cluster-scoped and namespace-scoped RBAC", func() { cmd := &Command{ RenderProtos: false, diff --git a/codegen/model/chart.go b/codegen/model/chart.go index 66ac873d9..16bd6eb19 100644 --- a/codegen/model/chart.go +++ b/codegen/model/chart.go @@ -175,6 +175,7 @@ type ReadinessProbe struct { Exec []string // optional: if specified, the readiness probe will be an exec probe with the specified commands Path string // Path to access on the HTTP server. Either specify Path and Port for httpGet probes, or specify Exec Port string + Scheme string // optional scheme: HTTP or HTTPS ((kasunt): imo better to keep it as a non-enum field) PeriodSeconds int InitialDelaySeconds int } diff --git a/codegen/templates/chart/operator-deployment.yamltmpl b/codegen/templates/chart/operator-deployment.yamltmpl index d412df39c..b1e788ccf 100644 --- a/codegen/templates/chart/operator-deployment.yamltmpl +++ b/codegen/templates/chart/operator-deployment.yamltmpl @@ -189,6 +189,9 @@ spec: httpGet: path: [[ $container.ReadinessProbe.Path ]] port: [[ $container.ReadinessProbe.Port ]] + [[- if $container.ReadinessProbe.Scheme ]] + scheme: [[ $container.ReadinessProbe.Scheme ]] + [[- end ]] [[- end ]] [[- if $container.ReadinessProbe.InitialDelaySeconds ]] initialDelaySeconds: [[ $container.ReadinessProbe.InitialDelaySeconds ]] diff --git a/codegen/test/chart-readiness/Chart.yaml b/codegen/test/chart-readiness/Chart.yaml new file mode 100644 index 000000000..01037b07a --- /dev/null +++ b/codegen/test/chart-readiness/Chart.yaml @@ -0,0 +1,8 @@ +# Code generated by skv2. DO NOT EDIT. + +apiVersion: v1 +home: https://docs.solo.io/skv2/latest +name: Painting Operator +sources: +- https://github.com/solo-io/skv2 +version: v0.0.1 diff --git a/codegen/test/chart-readiness/templates/_helpers.tpl b/codegen/test/chart-readiness/templates/_helpers.tpl new file mode 100644 index 000000000..0c155a127 --- /dev/null +++ b/codegen/test/chart-readiness/templates/_helpers.tpl @@ -0,0 +1,54 @@ +# Code generated by skv2. DO NOT EDIT. + + + +{{/* Below are library functions provided by skv2 */}} + +{{- /* + +"skv2.utils.merge" takes an array of three values: +- the top context +- the yaml block that will be merged in (override) +- the name of the base template (source) + +note: the source must be a named template (helm partial). This is necessary for the merging logic. + +The behaviour is as follows, to align with already existing helm behaviour: +- If no source is found (template is empty), the merged output will be empty +- If no overrides are specified, the source is rendered as is +- If overrides are specified and source is not empty, overrides will be merged in to the source. + +Overrides can replace / add to deeply nested dictionaries, but will completely replace lists. +Examples: + +┌─────────────────────┬───────────────────────┬────────────────────────┐ +│ Source (template) │ Overrides │ Result │ +├─────────────────────┼───────────────────────┼────────────────────────┤ +│ metadata: │ metadata: │ metadata: │ +│ labels: │ labels: │ labels: │ +│ app: gloo │ app: gloo1 │ app: gloo1 │ +│ cluster: useast │ author: infra-team │ author: infra-team │ +│ │ │ cluster: useast │ +├─────────────────────┼───────────────────────┼────────────────────────┤ +│ lists: │ lists: │ lists: │ +│ groceries: │ groceries: │ groceries: │ +│ - apple │ - grapes │ - grapes │ +│ - banana │ │ │ +└─────────────────────┴───────────────────────┴────────────────────────┘ + +skv2.utils.merge is a fork of a helm library chart function (https://github.com/helm/charts/blob/master/incubator/common/templates/_util.tpl). +This includes some optimizations to speed up chart rendering time, and merges in a value (overrides) with a named template, unlike the upstream +version, which merges two named templates. + +*/ -}} +{{- define "skv2.utils.merge" -}} +{{- $top := first . -}} +{{- $overrides := (index . 1) -}} +{{- $tpl := fromYaml (include (index . 2) $top) -}} +{{- if or (empty $overrides) (empty $tpl) -}} +{{ include (index . 2) $top }} {{/* render source as is */}} +{{- else -}} +{{- $merged := merge $overrides $tpl -}} +{{- toYaml $merged -}} {{/* render source with overrides as YAML */}} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/codegen/test/chart-readiness/templates/deployment.yaml b/codegen/test/chart-readiness/templates/deployment.yaml new file mode 100644 index 000000000..7cfab8b28 --- /dev/null +++ b/codegen/test/chart-readiness/templates/deployment.yaml @@ -0,0 +1,134 @@ +# Code generated by skv2. DO NOT EDIT. + + + +{{- $painter := $.Values.painter }} +--- + +{{- define "painter.deploymentSpec" }} +# Deployment manifest for painter + +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: painter + annotations: + app.kubernetes.io/name: painter + name: painter + namespace: {{ default .Release.Namespace $.Values.painter.namespace }} +spec: + selector: + matchLabels: + app: painter + template: + metadata: + labels: + app: painter + annotations: + app.kubernetes.io/name: painter + spec: + serviceAccountName: painter + containers: +{{- $painter := $.Values.painter }} +{{- $painterImage := $painter.image }} + - name: painter + image: {{ $painterImage.registry }}/{{ $painterImage.repository }}:{{ $painterImage.tag }} + imagePullPolicy: {{ $painterImage.pullPolicy }} +{{- if $painter.env }} + env: +{{ toYaml $painter.env | indent 10 }} +{{- else if $painter.extraEnvs }} + env: +{{- end }} +{{- range $name, $item := $painter.extraEnvs }} + - name: {{ $name }} +{{- $item | toYaml | nindent 12 }} +{{- end }} + resources: +{{- if $painter.resources }} +{{ toYaml $painter.resources | indent 10}} +{{- else}} + requests: + cpu: 500m + memory: 256Mi +{{- end }} + {{- /* + Render securityContext configs if it is set. + If securityContext is not set, render the default securityContext. + If securityContext is set to 'false', render an empty map. + */}} + securityContext: +{{- if or ($painter.securityContext) (eq "map[]" (printf "%v" $painter.securityContext)) }} +{{ toYaml $painter.securityContext | indent 10}} +{{/* Because securityContext is nil by default we can only perform following conversion if it is a boolean. Skip conditional otherwise. */}} +{{- else if eq (ternary $painter.securityContext true (eq "bool" (printf "%T" $painter.securityContext))) false }} + {} +{{- else}} + runAsNonRoot: true + {{- if not $painter.floatingUserId }} + runAsUser: {{ printf "%.0f" (float64 $painter.runAsUser) }} + {{- end }} + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL +{{- end }} + readinessProbe: + httpGet: + path: / + port: 8080 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + {{- if $painterImage.pullSecret }} + imagePullSecrets: + - name: {{ $painterImage.pullSecret }} + {{- end}} +{{- end }} {{/* define "painter.deploymentSpec" */}} + +{{/* Render painter deployment template with overrides from values*/}} +{{ if $painter.enabled }} +{{- $painterDeploymentOverrides := dict }} +{{- if $painter.deploymentOverrides }} +{{- $painterDeploymentOverrides = $painter.deploymentOverrides }} +{{- end }} +--- +{{ include "skv2.utils.merge" (list . $painterDeploymentOverrides "painter.deploymentSpec") }} +{{- end }} +--- +{{ if $painter.enabled }} +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: painter + {{- if $painter.serviceAccount}} + {{- if $painter.serviceAccount.extraAnnotations }} + annotations: + {{- range $key, $value := $painter.serviceAccount.extraAnnotations }} + {{ $key }}: {{ $value }} + {{- end }} + {{- end }} + {{- end}} + name: painter + namespace: {{ default .Release.Namespace $.Values.painter.namespace }} +{{- end }} + + +{{- define "painter.serviceSpec"}} + +{{- end }} {{/* define "painter.serviceSpec" */}} +{{ if $painter.enabled }} +{{/* Render painter service template with overrides from values*/}} +{{- $painterServiceOverrides := dict }} +{{- if $painter.serviceOverrides }} +{{- $painterServiceOverrides = $painter.serviceOverrides }} +{{- end }} + +--- + +{{ include "skv2.utils.merge" (list . $painterServiceOverrides "painter.serviceSpec") }} +{{- end }} + diff --git a/codegen/test/chart-readiness/templates/rbac.yaml b/codegen/test/chart-readiness/templates/rbac.yaml new file mode 100644 index 000000000..feb93b669 --- /dev/null +++ b/codegen/test/chart-readiness/templates/rbac.yaml @@ -0,0 +1,2 @@ +# Code generated by skv2. DO NOT EDIT. + diff --git a/codegen/test/chart-readiness/values.yaml b/codegen/test/chart-readiness/values.yaml new file mode 100644 index 000000000..b39d9e5ec --- /dev/null +++ b/codegen/test/chart-readiness/values.yaml @@ -0,0 +1,19 @@ +# Code generated by skv2. DO NOT EDIT. + +painter: + deploymentOverrides: null + enabled: true + env: null + extraEnvs: {} + floatingUserId: false + image: + pullPolicy: IfNotPresent + registry: quay.io/solo-io + repository: painter + tag: v0.0.0 + ports: {} + runAsUser: 10101 + serviceOverrides: null + serviceType: "" + sidecars: {} +