Merge pull request #51 from SovereignCloudStack/syself/enable-using-l…

…ocal-cluster-stacks 🌱 use local_mode in Tiltfile
SovereignCloudStack · Feb 8, 2024 · 612f488 · 612f488
2 parents a04233f + 0e957a4
commit 612f488
Show file tree

Hide file tree

Showing 13 changed files with 379 additions and 29 deletions.
diff --git a/.gitignore b/.gitignore
@@ -31,7 +31,7 @@ temp
 # Tilt files.
 .tiltbuild
 /tilt.d
-tilt-settings.json
+tilt-settings.yaml
 tilt_config.json
 .clusterstack.yaml
 .cluster.yaml
@@ -81,3 +81,4 @@ main
 # helm generated yamls
 *.tgz.yaml
 *.build.yaml
+.release
diff --git a/Tiltfile b/Tiltfile
@@ -17,18 +17,19 @@ settings = {
     "allowed_contexts": [
         "kind-cso",
     ],
+    "local_mode": False,
     "deploy_cert_manager": True,
     "preload_images_for_kind": True,
     "kind_cluster_name": "cso",
-    "capi_version": "v1.5.2",
+    "capi_version": "v1.6.0",
     "cert_manager_version": "v1.11.0",
     "kustomize_substitutions": {
     },
 }
 
 # global settings
-settings.update(read_json(
-    "tilt-settings.json",
+settings.update(read_yaml(
+    "tilt-settings.yaml",
     default = {},
 ))
 
@@ -111,19 +112,32 @@ def fixup_yaml_empty_arrays(yaml_str):
     return yaml_str.replace("storedVersions: null", "storedVersions: []")
 
 ## This should have the same versions as the Dockerfile
-tilt_dockerfile_header_cso = """
-FROM docker.io/alpine/helm:3.12.2 as helm
-
-FROM docker.io/library/alpine:3.18.0 as tilt
-WORKDIR /
-COPY --from=helm --chown=root:root --chmod=755 /usr/bin/helm /usr/local/bin/helm
-COPY manager .
-"""
+if settings.get("local_mode"):
+    tilt_dockerfile_header_cso = """
+    FROM docker.io/alpine/helm:3.12.2 as helm
+
+    FROM docker.io/library/alpine:3.18.0 as tilt
+    WORKDIR /
+    COPY --from=helm --chown=root:root --chmod=755 /usr/bin/helm /usr/local/bin/helm
+    COPY .tiltbuild/manager .
+    COPY .release/ /tmp/cluster-stacks/
+    """
+else:
+    tilt_dockerfile_header_cso = """
+    FROM docker.io/alpine/helm:3.12.2 as helm
+
+    FROM docker.io/library/alpine:3.18.0 as tilt
+    WORKDIR /
+    COPY --from=helm --chown=root:root --chmod=755 /usr/bin/helm /usr/local/bin/helm
+    COPY manager .
+    """
 
 # Build CSO and add feature gates
 def deploy_cso():
-    # yaml = str(kustomizesub("./hack/observability")) # build an observable kind deployment by default
-    yaml = str(kustomizesub("./config/default"))
+    if settings.get("local_mode"):
+        yaml = str(kustomizesub("./config/localmode"))
+    else:
+        yaml = str(kustomizesub("./config/default"))
     local_resource(
         name = "cso-components",
         cmd = ["sh", "-ec", sed_cmd, yaml, "|", envsubst_cmd],
@@ -152,18 +166,32 @@ def deploy_cso():
 
     # Set up an image build for the provider. The live update configuration syncs the output from the local_resource
     # build into the container.
-    docker_build_with_restart(
-        ref = "ghcr.io/sovereigncloudstack/cso-staging",
-        context = "./.tiltbuild/",
-        dockerfile_contents = tilt_dockerfile_header_cso,
-        target = "tilt",
-        entrypoint = entrypoint,
-        only = "manager",
-        live_update = [
-            sync(".tiltbuild/manager", "/manager"),
-        ],
-        ignore = ["templates"],
-    )
+    if settings.get("local_mode"):
+        docker_build_with_restart(
+            ref = "ghcr.io/sovereigncloudstack/cso-staging",
+            context = ".",
+            dockerfile_contents = tilt_dockerfile_header_cso,
+            target = "tilt",
+            entrypoint = entrypoint,
+            live_update = [
+                sync(".tiltbuild/manager", "/manager"),
+                sync(".release", "/tmp/cluster-stacks"),
+            ],
+            ignore = ["templates"],
+        )
+    else:
+        docker_build_with_restart(
+            ref = "ghcr.io/sovereigncloudstack/cso-staging",
+            context = "./.tiltbuild/",
+            dockerfile_contents = tilt_dockerfile_header_cso,
+            target = "tilt",
+            entrypoint = entrypoint,
+            live_update = [
+                sync(".tiltbuild/manager", "/manager"),
+            ],
+            ignore = ["templates"],
+        )
+
     k8s_yaml(blob(yaml))
     k8s_resource(workload = "cso-controller-manager", labels = ["CSO"])
     k8s_resource(

diff --git a/cmd/main.go b/cmd/main.go
@@ -29,6 +29,7 @@ import (
 	"github.com/SovereignCloudStack/cluster-stack-operator/internal/controller"
 	"github.com/SovereignCloudStack/cluster-stack-operator/pkg/csoversion"
 	githubclient "github.com/SovereignCloudStack/cluster-stack-operator/pkg/github/client"
+	"github.com/SovereignCloudStack/cluster-stack-operator/pkg/github/client/fake"
 	"github.com/SovereignCloudStack/cluster-stack-operator/pkg/kube"
 	"github.com/SovereignCloudStack/cluster-stack-operator/pkg/utillog"
 	"github.com/SovereignCloudStack/cluster-stack-operator/pkg/workloadcluster"
@@ -67,6 +68,7 @@ var (
 	clusterAddonConcurrency        int
 	logLevel                       string
 	releaseDir                     string
+	localMode                      bool
 	qps                            float64
 	burst                          int
 )
@@ -83,6 +85,7 @@ func main() {
 	flag.IntVar(&clusterAddonConcurrency, "clusteraddon-concurrency", 1, "Number of ClusterAddons to process simultaneously")
 	flag.StringVar(&logLevel, "log-level", "info", "Specifies log level. Options are 'debug', 'info' and 'error'")
 	flag.StringVar(&releaseDir, "release-dir", "/tmp/downloads/", "Specify release directory for cluster-stack releases")
+	flag.BoolVar(&localMode, "local", false, "Enable local mode where no release assets will be downloaded from a remote Git repository. Useful for implementing cluster stacks.")
 	flag.Float64Var(&qps, "qps", 50, "Enable custom query per second for kubernetes API server")
 	flag.IntVar(&burst, "burst", 100, "Enable custom burst defines how many queries the API server will accept before enforcing the limit established by qps")
 
@@ -116,7 +119,12 @@ func main() {
 	// Setup the context that's going to be used in controllers and for the manager.
 	ctx := ctrl.SetupSignalHandler()
 
-	gitFactory := githubclient.NewFactory()
+	var gitFactory githubclient.Factory
+	if localMode {
+		gitFactory = fake.NewFactory()
+	} else {
+		gitFactory = githubclient.NewFactory()
+	}
 
 	restConfig := mgr.GetConfig()
 	restConfig.QPS = float32(qps)

diff --git a/config/cso/clusterstack.yaml b/config/cso/clusterstack.yaml
@@ -11,4 +11,4 @@ spec:
   autoSubscribe: false
   noProvider: true
   versions:
-    - v2
+    - v2
diff --git a/config/localmode/kustomization.yaml b/config/localmode/kustomization.yaml
@@ -0,0 +1,43 @@
+namespace: cso-system
+
+namePrefix: cso-
+
+commonLabels:
+  cluster.x-k8s.io/provider: "infrastructure-cluster-stack-operator"
+
+resources:
+  - ../crd
+  - ../rbac
+  - ../manager
+  - ../certmanager
+
+patchesStrategicMerge:
+  - manager_config_patch.yaml
+  - manager_pull_policy.yaml
+# vars:
+# - name: CERTIFICATE_NAMESPACE  # namespace of the certificate CR
+#   objref:
+#     kind: Certificate
+#     group: cert-manager.io
+#     version: v1
+#     name: serving-cert  # this name should match the one in certificate.yaml
+#   fieldref:
+#     fieldpath: metadata.namespace
+# - name: CERTIFICATE_NAME
+#   objref:
+#     kind: Certificate
+#     group: cert-manager.io
+#     version: v1
+#     name: serving-cert  # this name should match the one in certificate.yaml
+# - name: SERVICE_NAMESPACE  # namespace of the service
+#   objref:
+#     kind: Service
+#     version: v1
+#     name: webhook-service
+#   fieldref:
+#     fieldpath: metadata.namespace
+# - name: SERVICE_NAME
+#   objref:
+#     kind: Service
+#     version: v1
+#     name: webhook-service
diff --git a/config/localmode/manager_config_patch.yaml b/config/localmode/manager_config_patch.yaml
@@ -0,0 +1,15 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: controller-manager
+  namespace: system
+spec:
+  template:
+    spec:
+      containers:
+        - image: ghcr.io/sovereigncloudstack/cso-staging:dev
+          name: manager
+          args:
+            - --leader-elect=true
+            - --release-dir=/tmp
+            - --local=true
diff --git a/config/localmode/manager_pull_policy.yaml b/config/localmode/manager_pull_policy.yaml
@@ -0,0 +1,11 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: controller-manager
+  namespace: system
+spec:
+  template:
+    spec:
+      containers:
+      - name: manager
+        imagePullPolicy: Always
diff --git a/config/localmode/manager_webhook_patch.yaml b/config/localmode/manager_webhook_patch.yaml
@@ -0,0 +1,23 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: controller-manager
+  namespace: system
+spec:
+  template:
+    spec:
+      containers:
+      - name: manager
+        ports:
+        - containerPort: 9443
+          name: webhook-server
+          protocol: TCP
+        volumeMounts:
+        - mountPath: /tmp/k8s-webhook-server/serving-certs
+          name: cert
+          readOnly: true
+      volumes:
+      - name: cert
+        secret:
+          defaultMode: 420
+          secretName: cso-webhook-server-cert
diff --git a/config/localmode/webhookcainjection_patch.yaml b/config/localmode/webhookcainjection_patch.yaml
@@ -0,0 +1,9 @@
+# This patch add annotation to admission webhook config and
+# the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize.
+---
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+  name: validating-webhook-configuration
+  annotations:
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)