Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Controller that copies ClusterClasses to namespaces #715

Merged
merged 3 commits into from
Jun 17, 2024
Merged

feat: Controller that copies ClusterClasses to namespaces #715

merged 3 commits into from
Jun 17, 2024

Conversation

dlipovetsky
Copy link
Contributor

@dlipovetsky dlipovetsky commented Jun 11, 2024
edited
Loading

What problem does this PR solve?:
A Cluster must be in the same namespace as the ClusterClass it references (see kubernetes-sigs/cluster-api#5673).

This PR adds a controller that copies any ClusterClass (and the Templates it references) found in a source namespace (default by default) to every "target" namespace, i.e. a namespace that has a well-defined label key (caren.nutanix.com/namespace-sync). The controller does not update or delete the resources in a target namespace.

Which issue(s) this PR fixes:
Fixes #

How Has This Been Tested?:

This PR adds envtest-based integration tests that verify that the controller:

  1. Copies ClusterClasses to a newly-created target namespace.
  2. Copies a newly-created ClusterClass to target namespaces.
  3. Does not update resources in a target namespace.

Special notes for your reviewer:

This PR includes a modified copy of the Cluster API internal test framework.
The namespacesync controller reads and writes Templates of various types. The
upstream test package creates "generic" Template types and CRDs. This allows us
to test the controller using envtest, with real types and CRDs.

TODO

  • Expose "source" namespace name in the helm Chart values
  • Decide the label key to use for target namespaces (right now, it's caren.nutanix.com/namespace-sync)

@github-actions github-actions bot added feature and removed feature labels Jun 11, 2024
@dlipovetsky
Copy link
Contributor Author

Black duck check fails due to issue fixed in #716.

@jimmidyson
Copy link
Member

I'm wondering if it would be simpler to just use one (or all) of the provider CRDs that are already present as dependencies?

@dlipovetsky
Copy link
Contributor Author

I did try to use the existing code in test/helpers, but ran into various issues. For example, that code will not configure a controller.

Reusing the existing code is still my plan, but I want to do that in a future PR, because this is this PR introduces a new use case (a controller), and I want some signal before I make changes to the existing code.

I also wanted to use the "generic" CRDs, because I don't want to tie the tests to a specific infra provider.

I'm going to ask that the upstream package to create the "generic" CRDs be moved out of internal, because it's useful to a project, like CAREN, that implements controllers that work with Templates.

dkoshkin
dkoshkin approved these changes Jun 13, 2024
View reviewed changes
Copy link
Contributor

@dkoshkin dkoshkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Its a shame we need to import all the internal/test stuff, just left a nit comment about having some tooling to sync that.
Everything else looks great!

internal/test/README.md Show resolved Hide resolved
pkg/controllers/namespacesync/references.go Show resolved Hide resolved
@dlipovetsky
Copy link
Contributor Author

I will address the two TODOs in a separate PR:
1.Expose "source" namespace name in the helm Chart values
2. Decide the label key to use for target namespaces (right now, it's caren.nutanix.com/namespace-sync).

@dlipovetsky dlipovetsky merged commit d633b6b into nutanix-cloud-native:main Jun 17, 2024
16 of 17 checks passed
@github-actions github-actions bot mentioned this pull request Jun 17, 2024
Merged
faiq pushed a commit that referenced this pull request Jun 24, 2024
@jimmidyson @github-actions
release(main): v0.10.0 (#685)
2d2a3f7 
🤖 I have created a release *beep* *boop*
---


## 0.10.0 (2024-06-24)

<!-- Release notes generated using configuration in .github/release.yaml
at main -->

## What's Changed
### Exciting New Features 🎉
* feat: Upgrade to Cilium v1.15.5 by @jimmidyson in
#689
* feat: Upgrade to Calico v3.28.0 by @jimmidyson in
#688
* feat: bumps caaph to v0.2.3 by @faiq in
#691
* feat: Add local-path-provisioner CSI by @jimmidyson in
#693
* feat: cluster-api v1.7.3 by @jimmidyson in
#714
* feat: bumps caaph to 0.2.4 by @faiq in
#718
* feat: Controller that copies ClusterClasses to namespaces by
@dlipovetsky in
#715
* feat: adds a mindthegap container and deployment by @faiq in
#637
* feat: implements BeforeClusterUpgrade hook by @faiq in
#682
### Fixes 🔧
* fix: use external Nutanix API types directly by @dkoshkin in
#698
* fix: Post-process clusterconfig CRDs for supported CSI providers by
@jimmidyson in
#695
* fix: nutanix credentials Secrets owner refs by @dkoshkin in
#711
* fix: credential provider response secret ownership by @dkoshkin in
#709
* fix: static credentials Secret generation by @dkoshkin in
#717
* fix: set ownerReference on imageRegistry and globalMirror Secrets by
@dkoshkin in
#720
* fix: Allow Nutanix CSI snapshot controller & webhook to run on CP
nodes by @dlipovetsky in
#723
* refactor: Use maps for CSI providers and storage classes by
@jimmidyson in
#696
* fix: CredentialProviderConfig matchImages to support registries with
port by @dkoshkin in
#724
* fix: Allow Node Feature Discovery garbage collector to run on
control-plane nodes by @dlipovetsky in
#722
* fix: RBAC role for namespace-sync controller to watch,list namespaces
by @dkoshkin in
#738
* fix: image registries not handling CA certificates by @dkoshkin in
#729
* fix: adds a docker buildx step before release-snapshot by @faiq in
#741
### Other Changes
* docs: Add released version to helm and clusterctl install by
@jimmidyson in
#683
* revert: Temporary lint config fix until next golangci-lint release
(#629) by @jimmidyson in
#686
* refactor: Delete unused code by @jimmidyson in
#687
* refactor: Reduce log verbosity for skipped handlers by @jimmidyson in
#692
* build: update Go to 1.22.4 by @dkoshkin in
#700
* build(deps): Upgrade CAPX version to v1.4.0 by @thunderboltsid in
#707
* build: Move CSI supported provider logic to script by @jimmidyson in
#703
* build: Add testifylint linter by @jimmidyson in
#706
* build: Update all tools by @jimmidyson in
#704
* refactor: rename credential provider response secret by @dkoshkin in
#710
* refactor: Simplify code by using slices.Clone by @jimmidyson in
#712
* refactor: consistently use the same SetOwnerReference function by
@dkoshkin in
#713
* refactor: kube-vip commands by @dkoshkin in
#699
* build: Fix an incorrect make variable passed to goreleaser by
@dlipovetsky in
#716
* build: Add 'chart-docs' make target by @dlipovetsky in
#727
* build: Make CAREN mindthegap reg multiarch by @jimmidyson in
#730
* Add helm values schema plugin by @dlipovetsky in
#728
* test(e2e): Use mesosphere fork with CRSBinding fix by @jimmidyson in
#736

## New Contributors
* @thunderboltsid made their first contribution in
#707

**Full Changelog**:
v0.9.0...v0.10.0

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dkoshkin dkoshkin dkoshkin approved these changes

@jimmidyson jimmidyson jimmidyson approved these changes

Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dlipovetsky @jimmidyson @dkoshkin