Support for ClusterClass template

Signed-off-by: Patryk Strusiewicz-Surmacki <[email protected]>

Makefile

@@ -410,6 +410,10 @@ generate-manifests: $(CONTROLLER_GEN) ## Generate manifests e.g. CRD, RBAC etc.
 generate-examples: $(KUSTOMIZE) clean-examples ## Generate examples configurations to run a cluster.
 	./examples/generate.sh
 
+.PHONY: generate-examples-clusterclass
+generate-examples-clusterclass: $(KUSTOMIZE) clean-examples ## Generate examples configurations to run a cluster.
+	CLUSTERCLASS=true ./examples/generate.sh
+
 ## --------------------------------------
 ## Docker
 ## --------------------------------------
@@ -487,6 +491,14 @@ deploy: generate-examples
 	kubectl apply -f examples/_out/provider-components.yaml
 	kubectl apply -f examples/_out/metal3crds.yaml
 
+deploy-clusterclass: generate-examples-clusterclass
+	kubectl apply -f examples/_out/cert-manager.yaml
+	kubectl wait --for=condition=Available --timeout=300s -n cert-manager deployment cert-manager
+	kubectl wait --for=condition=Available --timeout=300s -n cert-manager deployment cert-manager-cainjector
+	kubectl wait --for=condition=Available --timeout=300s -n cert-manager deployment cert-manager-webhook
+	kubectl apply -f examples/_out/provider-components.yaml
+	kubectl apply -f examples/_out/metal3crds.yaml
+
 deploy-examples:
 	kubectl apply -f ./examples/_out/metal3plane.yaml
 	kubectl apply -f ./examples/_out/cluster.yaml
@@ -499,7 +511,6 @@ delete-examples:
 	kubectl delete -f ./examples/_out/cluster.yaml || true
 	kubectl delete -f ./examples/_out/metal3plane.yaml || true
 
-
 ## --------------------------------------
 ## Release
 ## --------------------------------------

Tiltfile

@@ -69,23 +69,34 @@ def deploy_capi():
             core_extra_args = extra_args.get("core")
             if core_extra_args:
                 for namespace in ["capi-system", "capi-webhook-system"]:
-                    patch_args_with_extra_args(namespace, "capi-controller-manager", core_extra_args)
+                    patch_args_with_extra_args(namespace, "capi-controller-manager", core_extra_args, 1)
                 patch_capi_manager_role_with_exp_infra_rbac()
         if extra_args.get("kubeadm-bootstrap"):
             kb_extra_args = extra_args.get("kubeadm-bootstrap")
             if kb_extra_args:
-                patch_args_with_extra_args("capi-kubeadm-bootstrap-system", "capi-kubeadm-bootstrap-controller-manager", kb_extra_args)
+                patch_args_with_extra_args("capi-kubeadm-bootstrap-system", "capi-kubeadm-bootstrap-controller-manager", kb_extra_args, 1)
+        if extra_args.get("capi"):
+            capi_extra_args = extra_args.get("capi")
+            if capi_extra_args:
+                for namespace in ["capi-system"]:
+                    patch_args_with_extra_args(namespace, "capi-controller-manager", capi_extra_args, 0)
+                patch_capi_manager_role_with_exp_infra_rbac()
+
+            kubeadm_extra_args = extra_args.get("kubeadm")
+            if kubeadm_extra_args:
+                    patch_args_with_extra_args("capi-kubeadm-control-plane-system", "capi-kubeadm-control-plane-controller-manager", capi_extra_args, 0)
+
 
 
-def patch_args_with_extra_args(namespace, name, extra_args):
-    args_str = str(local('kubectl get deployments {} -n {} -o jsonpath={{.spec.template.spec.containers[1].args}}'.format(name, namespace)))
+def patch_args_with_extra_args(namespace, name, extra_args, container):
+    args_str = str(local('kubectl get deployments {} -n {} -o jsonpath={{.spec.template.spec.containers[{}].args}}'.format(name, namespace, container)))
     args_to_add = [arg for arg in extra_args if arg not in args_str]
     if args_to_add:
         args = args_str[1:-1].split()
         args.extend(args_to_add)
         patch = [{
             "op": "replace",
-            "path": "/spec/template/spec/containers/1/args",
+            "path": "/spec/template/spec/containers/" + str(container) + "/args",
             "value": args,
         }]
         local("kubectl patch deployment {} -n {} --type json -p='{}'".format(name, namespace, str(encode_json(patch)).replace("\n", "")))

api/v1beta1/metal3cluster_types.go

@@ -50,7 +50,7 @@ func (s *Metal3ClusterSpec) IsValid() error {
 	}
 
 	if s.ControlPlaneEndpoint.Port == 0 {
-		missing = append(missing, "ControlPlaneEndpoint.Host")
+		missing = append(missing, "ControlPlaneEndpoint.Port")
 	}
 
 	if len(missing) > 0 {

api/v1beta1/metal3clustertemplate_types.go

@@ -0,0 +1,56 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// Metal3ClusterTemplateSpec defines the desired state of Metal3ClusterTemplate.
+type Metal3ClusterTemplateSpec struct {
+	Template Metal3ClusterTemplateResource `json:"template"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:resource:path=metal3clustertemplates,scope=Namespaced,categories=cluster-api
+// +kubebuilder:storageversion
+
+// Metal3ClusterTemplate is the Schema for the metal3clustertemplates API.
+type Metal3ClusterTemplate struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec Metal3ClusterTemplateSpec `json:"spec,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// Metal3ClusterTemplateList contains a list of Metal3ClusterTemplate.
+type Metal3ClusterTemplateList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []Metal3ClusterTemplate `json:"items"`
+}
+
+func init() {
+	objectTypes = append(objectTypes, &Metal3ClusterTemplate{}, &Metal3ClusterTemplateList{})
+}
+
+// Metal3ClusterTemplateResource describes the data for creating a Metal3Cluster from a template.
+type Metal3ClusterTemplateResource struct {
+	Spec Metal3ClusterSpec `json:"spec"`
+}

api/v1beta1/metal3clustertemplate_webhook.go

@@ -0,0 +1,66 @@
+/*
+Copyright 2020 The Kubernetes Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import (
+	"github.com/pkg/errors"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/runtime"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/webhook"
+	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
+)
+
+func (c *Metal3ClusterTemplate) SetupWebhookWithManager(mgr ctrl.Manager) error {
+	return ctrl.NewWebhookManagedBy(mgr).
+		For(c).
+		Complete()
+}
+
+// +kubebuilder:webhook:verbs=create;update,path=/validate-infrastructure-cluster-x-k8s-io-v1beta1-metal3clustertemplate,mutating=false,failurePolicy=fail,groups=infrastructure.cluster.x-k8s.io,resources=metal3clustertemplates,versions=v1beta1,name=validation.metal3clustertemplate.infrastructure.cluster.x-k8s.io,matchPolicy=Equivalent,sideEffects=None,admissionReviewVersions=v1;v1beta1
+// +kubebuilder:webhook:verbs=create;update,path=/mutate-infrastructure-cluster-x-k8s-io-v1beta1-metal3clustertemplate,mutating=true,failurePolicy=fail,groups=infrastructure.cluster.x-k8s.io,resources=metal3clustertemplates,versions=v1beta1,name=default.metal3clustertemplate.infrastructure.cluster.x-k8s.io,matchPolicy=Equivalent,sideEffects=None,admissionReviewVersions=v1;v1beta1
+
+var _ webhook.Defaulter = &Metal3ClusterTemplate{}
+var _ webhook.Validator = &Metal3ClusterTemplate{}
+
+func (c *Metal3ClusterTemplate) Default() {
+}
+
+// ValidateCreate implements webhook.Validator so a webhook will be registered for the type.
+func (c *Metal3ClusterTemplate) ValidateCreate() (admission.Warnings, error) {
+	return nil, c.validate()
+}
+
+// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type.
+func (c *Metal3ClusterTemplate) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
+	oldM3ct, ok := old.(*Metal3ClusterTemplate)
+	if !ok || oldM3ct == nil {
+		return nil, apierrors.NewInternalError(errors.New("unable to convert existing object"))
+	}
+
+	if err := oldM3ct.Spec.Template.Spec.IsValid(); err != nil {
+		return nil, err
+	}
+
+	return nil, c.validate()
+}
+
+// ValidateDelete implements webhook.Validator so a webhook will be registered for the type.
+func (c *Metal3ClusterTemplate) ValidateDelete() (admission.Warnings, error) {
+	return nil, nil
+}
+
+func (c *Metal3ClusterTemplate) validate() error {
+	return c.Spec.Template.Spec.IsValid()
+}

api/v1beta1/metal3clustertemplate_webhook_test.go

@@ -0,0 +1,179 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import (
+	"testing"
+
+	. "github.com/onsi/gomega"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+func TestMetal3ClusterTemplateDefault(t *testing.T) {
+	g := NewWithT(t)
+
+	c := &Metal3ClusterTemplate{
+		ObjectMeta: metav1.ObjectMeta{
+			Namespace: "foo",
+		},
+		Spec: Metal3ClusterTemplateSpec{},
+	}
+	c.Default()
+
+	g.Expect(c.Spec).To(Equal(Metal3ClusterTemplateSpec{}))
+}
+
+func TestMetal3ClusterTemplateValidation(t *testing.T) {
+	tests := []struct {
+		name      string
+		expectErr bool
+		c         *Metal3ClusterTemplate
+	}{
+		{
+			name:      "should succeed when values and templates correct",
+			expectErr: false,
+			c: &Metal3ClusterTemplate{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: "foo",
+				},
+				Spec: Metal3ClusterTemplateSpec{
+					Template: Metal3ClusterTemplateResource{
+						Spec: Metal3ClusterSpec{
+							ControlPlaneEndpoint: APIEndpoint{
+								Host: "127.0.0.1",
+								Port: 4242,
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			g := NewWithT(t)
+
+			if tt.expectErr {
+				_, err := tt.c.ValidateCreate()
+				g.Expect(err).To(HaveOccurred())
+			} else {
+				_, err := tt.c.ValidateCreate()
+				g.Expect(err).NotTo(HaveOccurred())
+			}
+			_, err := tt.c.ValidateDelete()
+			g.Expect(err).NotTo(HaveOccurred())
+		})
+	}
+}
+
+func TestMetal3ClusterTemplateUpdateValidation(t *testing.T) {
+	tests := []struct {
+		name      string
+		expectErr bool
+		new       *Metal3ClusterTemplateSpec
+		old       *Metal3ClusterTemplateSpec
+	}{
+		{
+			name:      "should succeed when values and templates correct",
+			expectErr: false,
+
+			new: &Metal3ClusterTemplateSpec{
+				Template: Metal3ClusterTemplateResource{
+					Spec: Metal3ClusterSpec{
+						ControlPlaneEndpoint: APIEndpoint{
+							Host: "127.0.0.1",
+							Port: 4242,
+						},
+					},
+				},
+			},
+
+			old: &Metal3ClusterTemplateSpec{
+				Template: Metal3ClusterTemplateResource{
+					Spec: Metal3ClusterSpec{
+						ControlPlaneEndpoint: APIEndpoint{
+							Host: "127.0.0.1",
+							Port: 8080,
+						},
+					},
+				},
+			},
+		},
+		{
+			name:      "should fail if old template is invalid (e.g. missing host or port)",
+			expectErr: true,
+
+			new: &Metal3ClusterTemplateSpec{
+				Template: Metal3ClusterTemplateResource{
+					Spec: Metal3ClusterSpec{
+						ControlPlaneEndpoint: APIEndpoint{
+							Host: "127.0.0.1",
+							Port: 8080,
+						},
+					},
+				},
+			},
+			old: &Metal3ClusterTemplateSpec{},
+		},
+		{
+			name:      "should fail if new template is invalid (e.g. missing host or port)",
+			expectErr: true,
+
+			new: &Metal3ClusterTemplateSpec{},
+			old: &Metal3ClusterTemplateSpec{
+				Template: Metal3ClusterTemplateResource{
+					Spec: Metal3ClusterSpec{
+						ControlPlaneEndpoint: APIEndpoint{
+							Host: "127.0.0.1",
+							Port: 8080,
+						},
+					},
+				},
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			var newCT, oldCT *Metal3ClusterTemplate
+			g := NewWithT(t)
+			newCT = &Metal3ClusterTemplate{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: "foo",
+				},
+				Spec: *tt.new,
+			}
+
+			if tt.old != nil {
+				oldCT = &Metal3ClusterTemplate{
+					ObjectMeta: metav1.ObjectMeta{
+						Namespace: "foo",
+					},
+					Spec: *tt.old,
+				}
+			} else {
+				oldCT = nil
+			}
+
+			if tt.expectErr {
+				_, err := newCT.ValidateUpdate(oldCT)
+				g.Expect(err).To(HaveOccurred())
+			} else {
+				_, err := newCT.ValidateUpdate(oldCT)
+				g.Expect(err).NotTo(HaveOccurred())
+			}
+		})
+	}
+}