From cf619d62f7db0aa83fb64433c7aad67e7bfd0967 Mon Sep 17 00:00:00 2001 From: Eric Pang Date: Tue, 29 Oct 2024 17:24:25 +0000 Subject: [PATCH 01/21] Define SecureSourceManagerRepository API --- .../v1alpha1/repository_reference.go | 179 +++++++++++ .../securesourcemanagerrepository_types.go | 104 +++++++ .../v1alpha1/types.generated.go | 193 ++++++++++++ .../v1alpha1/zz_generated.deepcopy.go | 289 ++++++++++++++++++ ...resourcemanager.cnrm.cloud.google.com.yaml | 125 ++++++++ 5 files changed, 890 insertions(+) create mode 100644 apis/securesourcemanager/v1alpha1/repository_reference.go create mode 100644 apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go create mode 100644 config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml diff --git a/apis/securesourcemanager/v1alpha1/repository_reference.go b/apis/securesourcemanager/v1alpha1/repository_reference.go new file mode 100644 index 0000000000..fbdba69f1e --- /dev/null +++ b/apis/securesourcemanager/v1alpha1/repository_reference.go @@ -0,0 +1,179 @@ +// Copyright 2024 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha1 + +import ( + "context" + "fmt" + "strings" + + refsv1beta1 "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" + "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/k8s" + apierrors "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/types" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +var _ refsv1beta1.ExternalNormalizer = &SecureSourceManagerRepositoryRef{} + +// SecureSourceManagerRepositoryRef defines the resource reference to SecureSourceManagerRepository, which "External" field +// holds the GCP identifier for the KRM object. +type SecureSourceManagerRepositoryRef struct { + // A reference to an externally managed SecureSourceManagerRepository resource. + // Should be in the format "projects//locations//repositories/". + External string `json:"external,omitempty"` + + // The name of a SecureSourceManagerRepository resource. + Name string `json:"name,omitempty"` + + // The namespace of a SecureSourceManagerRepository resource. + Namespace string `json:"namespace,omitempty"` + + parent *SecureSourceManagerRepositoryParent +} + +// NormalizedExternal provision the "External" value for other resource that depends on SecureSourceManagerRepository. +// If the "External" is given in the other resource's spec.SecureSourceManagerRepositoryRef, the given value will be used. +// Otherwise, the "Name" and "Namespace" will be used to query the actual SecureSourceManagerRepository object from the cluster. +func (r *SecureSourceManagerRepositoryRef) NormalizedExternal(ctx context.Context, reader client.Reader, otherNamespace string) (string, error) { + if r.External != "" && r.Name != "" { + return "", fmt.Errorf("cannot specify both name and external on %s reference", SecureSourceManagerRepositoryGVK.Kind) + } + // From given External + if r.External != "" { + if _, _, err := parseSecureSourceManagerRepositoryExternal(r.External); err != nil { + return "", err + } + return r.External, nil + } + + // From the Config Connector object + if r.Namespace == "" { + r.Namespace = otherNamespace + } + key := types.NamespacedName{Name: r.Name, Namespace: r.Namespace} + u := &unstructured.Unstructured{} + u.SetGroupVersionKind(SecureSourceManagerRepositoryGVK) + if err := reader.Get(ctx, key, u); err != nil { + if apierrors.IsNotFound(err) { + return "", k8s.NewReferenceNotFoundError(u.GroupVersionKind(), key) + } + return "", fmt.Errorf("reading referenced %s %s: %w", SecureSourceManagerRepositoryGVK, key, err) + } + // Get external from status.externalRef. This is the most trustworthy place. + actualExternalRef, _, err := unstructured.NestedString(u.Object, "status", "externalRef") + if err != nil { + return "", fmt.Errorf("reading status.externalRef: %w", err) + } + if actualExternalRef == "" { + return "", k8s.NewReferenceNotReadyError(u.GroupVersionKind(), key) + } + r.External = actualExternalRef + return r.External, nil +} + +// New builds a SecureSourceManagerRepositoryRef from the Config Connector SecureSourceManagerRepository object. +func NewSecureSourceManagerRepositoryRef(ctx context.Context, reader client.Reader, obj *SecureSourceManagerRepository) (*SecureSourceManagerRepositoryRef, error) { + id := &SecureSourceManagerRepositoryRef{} + + // Get Parent + projectRef, err := refsv1beta1.ResolveProject(ctx, reader, obj, obj.Spec.ProjectRef) + if err != nil { + return nil, err + } + projectID := projectRef.ProjectID + if projectID == "" { + return nil, fmt.Errorf("cannot resolve project") + } + location := obj.Spec.Location + id.parent = &SecureSourceManagerRepositoryParent{ProjectID: projectID, Location: location} + + // Get desired ID + resourceID := valueOf(obj.Spec.ResourceID) + if resourceID == "" { + resourceID = obj.GetName() + } + if resourceID == "" { + return nil, fmt.Errorf("cannot resolve resource ID") + } + + // Use approved External + externalRef := valueOf(obj.Status.ExternalRef) + if externalRef == "" { + id.External = asSecureSourceManagerRepositoryExternal(id.parent, resourceID) + return id, nil + } + + // Validate desired with actual + actualParent, actualResourceID, err := parseSecureSourceManagerRepositoryExternal(externalRef) + if err != nil { + return nil, err + } + if actualParent.ProjectID != projectID { + return nil, fmt.Errorf("spec.projectRef changed, expect %s, got %s", actualParent.ProjectID, projectID) + } + if actualParent.Location != location { + return nil, fmt.Errorf("spec.location changed, expect %s, got %s", actualParent.Location, location) + } + if actualResourceID != resourceID { + return nil, fmt.Errorf("cannot reset `metadata.name` or `spec.resourceID` to %s, since it has already assigned to %s", + resourceID, actualResourceID) + } + id.External = externalRef + id.parent = &SecureSourceManagerRepositoryParent{ProjectID: projectID, Location: location} + return id, nil +} + +func (r *SecureSourceManagerRepositoryRef) Parent() (*SecureSourceManagerRepositoryParent, error) { + if r.parent != nil { + return r.parent, nil + } + if r.External != "" { + parent, _, err := parseSecureSourceManagerRepositoryExternal(r.External) + if err != nil { + return nil, err + } + return parent, nil + } + return nil, fmt.Errorf("SecureSourceManagerRepositoryRef not initialized from `NewSecureSourceManagerRepositoryRef` or `NormalizedExternal`") +} + +type SecureSourceManagerRepositoryParent struct { + ProjectID string + Location string +} + +func (p *SecureSourceManagerRepositoryParent) String() string { + return "projects/" + p.ProjectID + "/locations/" + p.Location +} + +func asSecureSourceManagerRepositoryExternal(parent *SecureSourceManagerRepositoryParent, resourceID string) (external string) { + return parent.String() + "/repositories/" + resourceID +} + +func parseSecureSourceManagerRepositoryExternal(external string) (parent *SecureSourceManagerRepositoryParent, resourceID string, err error) { + external = strings.TrimPrefix(external, "/") + tokens := strings.Split(external, "/") + if len(tokens) != 6 || tokens[0] != "projects" || tokens[2] != "locations" || tokens[4] != "repositories" { + return nil, "", fmt.Errorf("format of SecureSourceManagerRepository external=%q was not known (use projects//locations//repositories/)", external) + } + parent = &SecureSourceManagerRepositoryParent{ + ProjectID: tokens[1], + Location: tokens[3], + } + resourceID = tokens[5] + return parent, resourceID, nil +} diff --git a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go new file mode 100644 index 0000000000..f3d4205653 --- /dev/null +++ b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go @@ -0,0 +1,104 @@ +// Copyright 2024 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha1 + +import ( + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" + "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/k8s/v1alpha1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +var SecureSourceManagerRepositoryGVK = GroupVersion.WithKind("SecureSourceManagerRepository") + +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + +// SecureSourceManagerRepositorySpec defines the desired state of SecureSourceManagerRepository +// +kcc:proto=google.cloud.securesourcemanager.v1.Repository +type SecureSourceManagerRepositorySpec struct { + /* Immutable. The Project that this resource belongs to. */ + // +required + ProjectRef *refs.ProjectRef `json:"projectRef"` + + /* Immutable. Location of the instance. */ + Location string `json:"location"` + + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable" + // Immutable. + // The SecureSourceManagerRepository name. If not given, the metadata.name will be used. + ResourceID *string `json:"resourceID,omitempty"` + + // Immutable. The name of the instance in which the repository is hosted, formatted as + // `projects/{project_number}/locations/{location_id}/instances/{instance_id}` + // +required + InstanceRef *SecureSourceManagerInstanceRef `json:"instanceRef,omitempty"` + + // Input only. Initial configurations for the repository. + InitialConfig *Repository_InitialConfig `json:"initialConfig,omitempty"` +} + +// SecureSourceManagerRepositoryStatus defines the config connector machine state of SecureSourceManagerRepository +type SecureSourceManagerRepositoryStatus struct { + /* Conditions represent the latest available observations of the + object's current state. */ + Conditions []v1alpha1.Condition `json:"conditions,omitempty"` + + // ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + ObservedGeneration *int64 `json:"observedGeneration,omitempty"` + + // A unique specifier for the SecureSourceManagerRepository resource in GCP. + ExternalRef *string `json:"externalRef,omitempty"` + + // ObservedState is the state of the resource as most recently observed in GCP. + ObservedState *SecureSourceManagerRepositoryObservedState `json:"observedState,omitempty"` +} + +// SecureSourceManagerRepositoryObservedState is the state of the SecureSourceManagerRepository resource as most recently observed in GCP. +type SecureSourceManagerRepositoryObservedState struct { +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// TODO(user): make sure the pluralizaiton below is correct +// +kubebuilder:resource:categories=gcp,shortName=gcpsecuresourcemanagerrepository;gcpsecuresourcemanagerrepositorys +// +kubebuilder:subresource:status +// +kubebuilder:metadata:labels="cnrm.cloud.google.com/managed-by-kcc=true";"cnrm.cloud.google.com/system=true" +// +kubebuilder:printcolumn:name="Age",JSONPath=".metadata.creationTimestamp",type="date" +// +kubebuilder:printcolumn:name="Ready",JSONPath=".status.conditions[?(@.type=='Ready')].status",type="string",description="When 'True', the most recent reconcile of the resource succeeded" +// +kubebuilder:printcolumn:name="Status",JSONPath=".status.conditions[?(@.type=='Ready')].reason",type="string",description="The reason for the value in 'Ready'" +// +kubebuilder:printcolumn:name="Status Age",JSONPath=".status.conditions[?(@.type=='Ready')].lastTransitionTime",type="date",description="The last transition time for the value in 'Status'" + +// SecureSourceManagerRepository is the Schema for the SecureSourceManagerRepository API +// +k8s:openapi-gen=true +type SecureSourceManagerRepository struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // +required + Spec SecureSourceManagerRepositorySpec `json:"spec,omitempty"` + Status SecureSourceManagerRepositoryStatus `json:"status,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// SecureSourceManagerRepositoryList contains a list of SecureSourceManagerRepository +type SecureSourceManagerRepositoryList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []SecureSourceManagerRepository `json:"items"` +} + +func init() { + SchemeBuilder.Register(&SecureSourceManagerRepository{}, &SecureSourceManagerRepositoryList{}) +} diff --git a/apis/securesourcemanager/v1alpha1/types.generated.go b/apis/securesourcemanager/v1alpha1/types.generated.go index 1c694feda5..1a337c862e 100644 --- a/apis/securesourcemanager/v1alpha1/types.generated.go +++ b/apis/securesourcemanager/v1alpha1/types.generated.go @@ -47,3 +47,196 @@ type Instance_PrivateConfig struct { // `projects/{project}/regions/{region}/serviceAttachments/{service_attachment}`. SSHServiceAttachment *string `json:"sshServiceAttachment,omitempty"` } + +// +kcc:proto=google.cloud.securesourcemanager.v1.Repository +type Repository struct { + // Optional. A unique identifier for a repository. The name should be of the + // format: + // `projects/{project}/locations/{location_id}/repositories/{repository_id}` + Name *string `json:"name,omitempty"` + + // Optional. Description of the repository, which cannot exceed 500 + // characters. + Description *string `json:"description,omitempty"` + + // Optional. The name of the instance in which the repository is hosted, + // formatted as + // `projects/{project_number}/locations/{location_id}/instances/{instance_id}` + // When creating repository via + // securesourcemanager.googleapis.com (Control Plane API), this field is used + // as input. When creating repository via *.sourcemanager.dev (Data Plane + // API), this field is output only. + Instance *string `json:"instance,omitempty"` + + // Output only. Unique identifier of the repository. + Uid *string `json:"uid,omitempty"` + + // Output only. Create timestamp. + CreateTime *string `json:"createTime,omitempty"` + + // Output only. Update timestamp. + UpdateTime *string `json:"updateTime,omitempty"` + + // Optional. This checksum is computed by the server based on the value of + // other fields, and may be sent on update and delete requests to ensure the + // client has an up-to-date value before proceeding. + Etag *string `json:"etag,omitempty"` + + // Output only. URIs for the repository. + Uris *Repository_URIs `json:"uris,omitempty"` + + // Input only. Initial configurations for the repository. + InitialConfig *Repository_InitialConfig `json:"initialConfig,omitempty"` +} + +// +kcc:proto=google.cloud.securesourcemanager.v1.Repository.InitialConfig +type Repository_InitialConfig struct { + // Default branch name of the repository. + DefaultBranch *string `json:"defaultBranch,omitempty"` + + // List of gitignore template names user can choose from. + // Valid values: actionscript, ada, agda, android, + // anjuta, ansible, appcelerator-titanium, app-engine, archives, + // arch-linux-packages, atmel-studio, autotools, backup, bazaar, bazel, + // bitrix, bricx-cc, c, cake-php, calabash, cf-wheels, chef-cookbook, + // clojure, cloud9, c-make, code-igniter, code-kit, code-sniffer, + // common-lisp, composer, concrete5, coq, cordova, cpp, craft-cms, cuda, + // cvs, d, dart, dart-editor, delphi, diff, dm, dreamweaver, dropbox, + // drupal, drupal-7, eagle, eclipse, eiffel-studio, elisp, elixir, elm, + // emacs, ensime, epi-server, erlang, esp-idf, espresso, exercism, + // expression-engine, ext-js, fancy, finale, flex-builder, force-dot-com, + // fortran, fuel-php, gcov, git-book, gnome-shell-extension, go, godot, gpg, + // gradle, grails, gwt, haskell, hugo, iar-ewarm, idris, igor-pro, images, + // infor-cms, java, jboss, jboss-4, jboss-6, jdeveloper, jekyll, + // jenkins-home, jenv, jet-brains, jigsaw, joomla, julia, jupyter-notebooks, + // kate, kdevelop4, kentico, ki-cad, kohana, kotlin, lab-view, laravel, + // lazarus, leiningen, lemon-stand, libre-office, lilypond, linux, lithium, + // logtalk, lua, lyx, mac-os, magento, magento-1, magento-2, matlab, maven, + // mercurial, mercury, metals, meta-programming-system, meteor, + // microsoft-office, model-sim, momentics, mono-develop, nanoc, net-beans, + // nikola, nim, ninja, node, notepad-pp, nwjs, objective--c, ocaml, octave, + // opa, open-cart, openssl, oracle-forms, otto, packer, patch, perl, perl6, + // phalcon, phoenix, pimcore, play-framework, plone, prestashop, processing, + // psoc-creator, puppet, pure-script, putty, python, qooxdoo, qt, r, racket, + // rails, raku, red, redcar, redis, rhodes-rhomobile, ros, ruby, rust, sam, + // sass, sbt, scala, scheme, scons, scrivener, sdcc, seam-gen, sketch-up, + // slick-edit, smalltalk, snap, splunk, stata, stella, sublime-text, + // sugar-crm, svn, swift, symfony, symphony-cms, synopsys-vcs, tags, + // terraform, tex, text-mate, textpattern, think-php, tortoise-git, + // turbo-gears-2, typo3, umbraco, unity, unreal-engine, vagrant, vim, + // virtual-env, virtuoso, visual-studio, visual-studio-code, vue, vvvv, waf, + // web-methods, windows, word-press, xcode, xilinx, xilinx-ise, xojo, + // yeoman, yii, zend-framework, zephir. + Gitignores []string `json:"gitignores,omitempty"` + + // License template name user can choose from. + // Valid values: license-0bsd, license-389-exception, aal, abstyles, + // adobe-2006, adobe-glyph, adsl, afl-1-1, afl-1-2, afl-2-0, afl-2-1, + // afl-3-0, afmparse, agpl-1-0, agpl-1-0-only, agpl-1-0-or-later, + // agpl-3-0-only, agpl-3-0-or-later, aladdin, amdplpa, aml, ampas, antlr-pd, + // antlr-pd-fallback, apache-1-0, apache-1-1, apache-2-0, apafml, apl-1-0, + // apsl-1-0, apsl-1-1, apsl-1-2, apsl-2-0, artistic-1-0, artistic-1-0-cl8, + // artistic-1-0-perl, artistic-2-0, autoconf-exception-2-0, + // autoconf-exception-3-0, bahyph, barr, beerware, bison-exception-2-2, + // bittorrent-1-0, bittorrent-1-1, blessing, blueoak-1-0-0, + // bootloader-exception, borceux, bsd-1-clause, bsd-2-clause, + // bsd-2-clause-freebsd, bsd-2-clause-netbsd, bsd-2-clause-patent, + // bsd-2-clause-views, bsd-3-clause, bsd-3-clause-attribution, + // bsd-3-clause-clear, bsd-3-clause-lbnl, bsd-3-clause-modification, + // bsd-3-clause-no-nuclear-license, bsd-3-clause-no-nuclear-license-2014, + // bsd-3-clause-no-nuclear-warranty, bsd-3-clause-open-mpi, bsd-4-clause, + // bsd-4-clause-shortened, bsd-4-clause-uc, bsd-protection, bsd-source-code, + // bsl-1-0, busl-1-1, cal-1-0, cal-1-0-combined-work-exception, caldera, + // catosl-1-1, cc0-1-0, cc-by-1-0, cc-by-2-0, cc-by-3-0, cc-by-3-0-at, + // cc-by-3-0-us, cc-by-4-0, cc-by-nc-1-0, cc-by-nc-2-0, cc-by-nc-3-0, + // cc-by-nc-4-0, cc-by-nc-nd-1-0, cc-by-nc-nd-2-0, cc-by-nc-nd-3-0, + // cc-by-nc-nd-3-0-igo, cc-by-nc-nd-4-0, cc-by-nc-sa-1-0, cc-by-nc-sa-2-0, + // cc-by-nc-sa-3-0, cc-by-nc-sa-4-0, cc-by-nd-1-0, cc-by-nd-2-0, + // cc-by-nd-3-0, cc-by-nd-4-0, cc-by-sa-1-0, cc-by-sa-2-0, cc-by-sa-2-0-uk, + // cc-by-sa-2-1-jp, cc-by-sa-3-0, cc-by-sa-3-0-at, cc-by-sa-4-0, cc-pddc, + // cddl-1-0, cddl-1-1, cdla-permissive-1-0, cdla-sharing-1-0, cecill-1-0, + // cecill-1-1, cecill-2-0, cecill-2-1, cecill-b, cecill-c, cern-ohl-1-1, + // cern-ohl-1-2, cern-ohl-p-2-0, cern-ohl-s-2-0, cern-ohl-w-2-0, clartistic, + // classpath-exception-2-0, clisp-exception-2-0, cnri-jython, cnri-python, + // cnri-python-gpl-compatible, condor-1-1, copyleft-next-0-3-0, + // copyleft-next-0-3-1, cpal-1-0, cpl-1-0, cpol-1-02, crossword, + // crystal-stacker, cua-opl-1-0, cube, c-uda-1-0, curl, d-fsl-1-0, diffmark, + // digirule-foss-exception, doc, dotseqn, drl-1-0, dsdp, dvipdfm, ecl-1-0, + // ecl-2-0, ecos-exception-2-0, efl-1-0, efl-2-0, egenix, entessa, epics, + // epl-1-0, epl-2-0, erlpl-1-1, etalab-2-0, eu-datagrid, eupl-1-0, eupl-1-1, + // eupl-1-2, eurosym, fair, fawkes-runtime-exception, fltk-exception, + // font-exception-2-0, frameworx-1-0, freebsd-doc, freeimage, + // freertos-exception-2-0, fsfap, fsful, fsfullr, ftl, gcc-exception-2-0, + // gcc-exception-3-1, gd, gfdl-1-1-invariants-only, + // gfdl-1-1-invariants-or-later, gfdl-1-1-no-invariants-only, + // gfdl-1-1-no-invariants-or-later, gfdl-1-1-only, gfdl-1-1-or-later, + // gfdl-1-2-invariants-only, gfdl-1-2-invariants-or-later, + // gfdl-1-2-no-invariants-only, gfdl-1-2-no-invariants-or-later, + // gfdl-1-2-only, gfdl-1-2-or-later, gfdl-1-3-invariants-only, + // gfdl-1-3-invariants-or-later, gfdl-1-3-no-invariants-only, + // gfdl-1-3-no-invariants-or-later, gfdl-1-3-only, gfdl-1-3-or-later, + // giftware, gl2ps, glide, glulxe, glwtpl, gnu-javamail-exception, gnuplot, + // gpl-1-0-only, gpl-1-0-or-later, gpl-2-0-only, gpl-2-0-or-later, + // gpl-3-0-linking-exception, gpl-3-0-linking-source-exception, + // gpl-3-0-only, gpl-3-0-or-later, gpl-cc-1-0, gsoap-1-3b, haskell-report, + // hippocratic-2-1, hpnd, hpnd-sell-variant, htmltidy, + // i2p-gpl-java-exception, ibm-pibs, icu, ijg, image-magick, imatix, imlib2, + // info-zip, intel, intel-acpi, interbase-1-0, ipa, ipl-1-0, isc, + // jasper-2-0, jpnic, json, lal-1-2, lal-1-3, latex2e, leptonica, + // lgpl-2-0-only, lgpl-2-0-or-later, lgpl-2-1-only, lgpl-2-1-or-later, + // lgpl-3-0-linking-exception, lgpl-3-0-only, lgpl-3-0-or-later, lgpllr, + // libpng, libpng-2-0, libselinux-1-0, libtiff, libtool-exception, + // liliq-p-1-1, liliq-r-1-1, liliq-rplus-1-1, linux-openib, + // linux-syscall-note, llvm-exception, lpl-1-0, lpl-1-02, lppl-1-0, + // lppl-1-1, lppl-1-2, lppl-1-3a, lppl-1-3c, lzma-exception, make-index, + // mif-exception, miros, mit, mit-0, mit-advertising, mit-cmu, mit-enna, + // mit-feh, mit-modern-variant, mitnfa, mit-open-group, motosoto, mpich2, + // mpl-1-0, mpl-1-1, mpl-2-0, mpl-2-0-no-copyleft-exception, ms-pl, ms-rl, + // mtll, mulanpsl-1-0, mulanpsl-2-0, multics, mup, naist-2003, nasa-1-3, + // naumen, nbpl-1-0, ncgl-uk-2-0, ncsa, netcdf, net-snmp, newsletr, ngpl, + // nist-pd, nist-pd-fallback, nlod-1-0, nlpl, nokia, nokia-qt-exception-1-1, + // nosl, noweb, npl-1-0, npl-1-1, nposl-3-0, nrl, ntp, ntp-0, + // ocaml-lgpl-linking-exception, occt-exception-1-0, occt-pl, oclc-2-0, + // odbl-1-0, odc-by-1-0, ofl-1-0, ofl-1-0-no-rfn, ofl-1-0-rfn, ofl-1-1, + // ofl-1-1-no-rfn, ofl-1-1-rfn, ogc-1-0, ogdl-taiwan-1-0, ogl-canada-2-0, + // ogl-uk-1-0, ogl-uk-2-0, ogl-uk-3-0, ogtsl, oldap-1-1, oldap-1-2, + // oldap-1-3, oldap-1-4, oldap-2-0, oldap-2-0-1, oldap-2-1, oldap-2-2, + // oldap-2-2-1, oldap-2-2-2, oldap-2-3, oldap-2-4, oldap-2-7, oml, + // openjdk-assembly-exception-1-0, openssl, openvpn-openssl-exception, + // opl-1-0, oset-pl-2-1, osl-1-0, osl-1-1, osl-2-0, osl-2-1, osl-3-0, + // o-uda-1-0, parity-6-0-0, parity-7-0-0, pddl-1-0, php-3-0, php-3-01, + // plexus, polyform-noncommercial-1-0-0, polyform-small-business-1-0-0, + // postgresql, psf-2-0, psfrag, ps-or-pdf-font-exception-20170817, psutils, + // python-2-0, qhull, qpl-1-0, qt-gpl-exception-1-0, qt-lgpl-exception-1-1, + // qwt-exception-1-0, rdisc, rhecos-1-1, rpl-1-1, rpsl-1-0, rsa-md, rscpl, + // ruby, saxpath, sax-pd, scea, sendmail, sendmail-8-23, sgi-b-1-0, + // sgi-b-1-1, sgi-b-2-0, shl-0-51, shl-2-0, shl-2-1, simpl-2-0, sissl, + // sissl-1-2, sleepycat, smlnj, smppl, snia, spencer-86, spencer-94, + // spencer-99, spl-1-0, ssh-openssh, ssh-short, sspl-1-0, sugarcrm-1-1-3, + // swift-exception, swl, tapr-ohl-1-0, tcl, tcp-wrappers, tmate, torque-1-1, + // tosl, tu-berlin-1-0, tu-berlin-2-0, u-boot-exception-2-0, ucl-1-0, + // unicode-dfs-2015, unicode-dfs-2016, unicode-tou, + // universal-foss-exception-1-0, unlicense, upl-1-0, vim, vostrom, vsl-1-0, + // w3c, w3c-19980720, w3c-20150513, watcom-1-0, wsuipa, wtfpl, + // wxwindows-exception-3-1, x11, xerox, xfree86-1-1, xinetd, xnet, xpp, + // xskat, ypl-1-0, ypl-1-1, zed, zend-2-0, zimbra-1-3, zimbra-1-4, zlib, + // zlib-acknowledgement, zpl-1-1, zpl-2-0, zpl-2-1. + License *string `json:"license,omitempty"` + + // README template name. + // Valid template name(s) are: default. + Readme *string `json:"readme,omitempty"` +} + +// +kcc:proto=google.cloud.securesourcemanager.v1.Repository.URIs +type Repository_URIs struct { + // Output only. HTML is the URI for user to view the repository in a + // browser. + HTML *string `json:"html,omitempty"` + + // Output only. git_https is the git HTTPS URI for git operations. + GitHTTPS *string `json:"gitHTTPS,omitempty"` + + // Output only. API is the URI for API access. + Api *string `json:"api,omitempty"` +} diff --git a/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go b/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go index 7168d14178..38fdb4a12f 100644 --- a/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go +++ b/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go @@ -94,6 +94,131 @@ func (in *Instance_PrivateConfig) DeepCopy() *Instance_PrivateConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Repository) DeepCopyInto(out *Repository) { + *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.Instance != nil { + in, out := &in.Instance, &out.Instance + *out = new(string) + **out = **in + } + if in.Uid != nil { + in, out := &in.Uid, &out.Uid + *out = new(string) + **out = **in + } + if in.CreateTime != nil { + in, out := &in.CreateTime, &out.CreateTime + *out = new(string) + **out = **in + } + if in.UpdateTime != nil { + in, out := &in.UpdateTime, &out.UpdateTime + *out = new(string) + **out = **in + } + if in.Etag != nil { + in, out := &in.Etag, &out.Etag + *out = new(string) + **out = **in + } + if in.Uris != nil { + in, out := &in.Uris, &out.Uris + *out = new(Repository_URIs) + (*in).DeepCopyInto(*out) + } + if in.InitialConfig != nil { + in, out := &in.InitialConfig, &out.InitialConfig + *out = new(Repository_InitialConfig) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Repository. +func (in *Repository) DeepCopy() *Repository { + if in == nil { + return nil + } + out := new(Repository) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Repository_InitialConfig) DeepCopyInto(out *Repository_InitialConfig) { + *out = *in + if in.DefaultBranch != nil { + in, out := &in.DefaultBranch, &out.DefaultBranch + *out = new(string) + **out = **in + } + if in.Gitignores != nil { + in, out := &in.Gitignores, &out.Gitignores + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.License != nil { + in, out := &in.License, &out.License + *out = new(string) + **out = **in + } + if in.Readme != nil { + in, out := &in.Readme, &out.Readme + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Repository_InitialConfig. +func (in *Repository_InitialConfig) DeepCopy() *Repository_InitialConfig { + if in == nil { + return nil + } + out := new(Repository_InitialConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Repository_URIs) DeepCopyInto(out *Repository_URIs) { + *out = *in + if in.HTML != nil { + in, out := &in.HTML, &out.HTML + *out = new(string) + **out = **in + } + if in.GitHTTPS != nil { + in, out := &in.GitHTTPS, &out.GitHTTPS + *out = new(string) + **out = **in + } + if in.Api != nil { + in, out := &in.Api, &out.Api + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Repository_URIs. +func (in *Repository_URIs) DeepCopy() *Repository_URIs { + if in == nil { + return nil + } + out := new(Repository_URIs) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecureSourceManagerInstance) DeepCopyInto(out *SecureSourceManagerInstance) { *out = *in @@ -262,3 +387,167 @@ func (in *SecureSourceManagerInstanceStatus) DeepCopy() *SecureSourceManagerInst in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecureSourceManagerRepository) DeepCopyInto(out *SecureSourceManagerRepository) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerRepository. +func (in *SecureSourceManagerRepository) DeepCopy() *SecureSourceManagerRepository { + if in == nil { + return nil + } + out := new(SecureSourceManagerRepository) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *SecureSourceManagerRepository) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecureSourceManagerRepositoryList) DeepCopyInto(out *SecureSourceManagerRepositoryList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]SecureSourceManagerRepository, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerRepositoryList. +func (in *SecureSourceManagerRepositoryList) DeepCopy() *SecureSourceManagerRepositoryList { + if in == nil { + return nil + } + out := new(SecureSourceManagerRepositoryList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *SecureSourceManagerRepositoryList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecureSourceManagerRepositoryObservedState) DeepCopyInto(out *SecureSourceManagerRepositoryObservedState) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerRepositoryObservedState. +func (in *SecureSourceManagerRepositoryObservedState) DeepCopy() *SecureSourceManagerRepositoryObservedState { + if in == nil { + return nil + } + out := new(SecureSourceManagerRepositoryObservedState) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecureSourceManagerRepositoryParent) DeepCopyInto(out *SecureSourceManagerRepositoryParent) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerRepositoryParent. +func (in *SecureSourceManagerRepositoryParent) DeepCopy() *SecureSourceManagerRepositoryParent { + if in == nil { + return nil + } + out := new(SecureSourceManagerRepositoryParent) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecureSourceManagerRepositoryRef) DeepCopyInto(out *SecureSourceManagerRepositoryRef) { + *out = *in + if in.parent != nil { + in, out := &in.parent, &out.parent + *out = new(SecureSourceManagerRepositoryParent) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerRepositoryRef. +func (in *SecureSourceManagerRepositoryRef) DeepCopy() *SecureSourceManagerRepositoryRef { + if in == nil { + return nil + } + out := new(SecureSourceManagerRepositoryRef) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecureSourceManagerRepositorySpec) DeepCopyInto(out *SecureSourceManagerRepositorySpec) { + *out = *in + if in.ResourceID != nil { + in, out := &in.ResourceID, &out.ResourceID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerRepositorySpec. +func (in *SecureSourceManagerRepositorySpec) DeepCopy() *SecureSourceManagerRepositorySpec { + if in == nil { + return nil + } + out := new(SecureSourceManagerRepositorySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecureSourceManagerRepositoryStatus) DeepCopyInto(out *SecureSourceManagerRepositoryStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]k8sv1alpha1.Condition, len(*in)) + copy(*out, *in) + } + if in.ObservedGeneration != nil { + in, out := &in.ObservedGeneration, &out.ObservedGeneration + *out = new(int64) + **out = **in + } + if in.ExternalRef != nil { + in, out := &in.ExternalRef, &out.ExternalRef + *out = new(string) + **out = **in + } + if in.ObservedState != nil { + in, out := &in.ObservedState, &out.ObservedState + *out = new(SecureSourceManagerRepositoryObservedState) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerRepositoryStatus. +func (in *SecureSourceManagerRepositoryStatus) DeepCopy() *SecureSourceManagerRepositoryStatus { + if in == nil { + return nil + } + out := new(SecureSourceManagerRepositoryStatus) + in.DeepCopyInto(out) + return out +} diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml new file mode 100644 index 0000000000..99f08d9de1 --- /dev/null +++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml @@ -0,0 +1,125 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 0.0.0-dev + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com +spec: + group: securesourcemanager.cnrm.cloud.google.com + names: + categories: + - gcp + kind: SecureSourceManagerRepository + listKind: SecureSourceManagerRepositoryList + plural: securesourcemanagerrepositories + shortNames: + - gcpsecuresourcemanagerrepository + - gcpsecuresourcemanagerrepositorys + singular: securesourcemanagerrepository + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: SecureSourceManagerRepository is the Schema for the SecureSourceManagerRepository + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SecureSourceManagerRepositorySpec defines the desired state + of SecureSourceManagerRepository + properties: + resourceID: + description: Immutable. The SecureSourceManagerRepository name. If + not given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + type: object + status: + description: SecureSourceManagerRepositoryStatus defines the config connector + machine state of SecureSourceManagerRepository + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the SecureSourceManagerRepository + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} From cfe2a81f710cdb6f4cad77e092c039a525f43c76 Mon Sep 17 00:00:00 2001 From: Eric Pang Date: Tue, 29 Oct 2024 17:39:50 +0000 Subject: [PATCH 02/21] run make pr --- .../v1alpha1/zz_generated.deepcopy.go | 15 ++ ...resourcemanager.cnrm.cloud.google.com.yaml | 210 ++++++++++++++++++ .../securesourcemanager/v1alpha1/register.go | 6 + .../securesourcemanagerrepository_types.go | 126 +++++++++++ .../v1alpha1/zz_generated.deepcopy.go | 177 +++++++++++++++ .../fake/fake_securesourcemanager_client.go | 4 + .../fake_securesourcemanagerrepository.go | 144 ++++++++++++ .../v1alpha1/generated_expansion.go | 2 + .../v1alpha1/securesourcemanager_client.go | 5 + .../v1alpha1/securesourcemanagerrepository.go | 198 +++++++++++++++++ pkg/gvks/supportedgvks/gvks_generated.go | 10 + 11 files changed, 897 insertions(+) create mode 100644 pkg/clients/generated/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go create mode 100644 pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/fake/fake_securesourcemanagerrepository.go create mode 100644 pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/securesourcemanagerrepository.go diff --git a/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go b/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go index 38fdb4a12f..faee2ed248 100644 --- a/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go +++ b/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go @@ -500,11 +500,26 @@ func (in *SecureSourceManagerRepositoryRef) DeepCopy() *SecureSourceManagerRepos // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecureSourceManagerRepositorySpec) DeepCopyInto(out *SecureSourceManagerRepositorySpec) { *out = *in + if in.ProjectRef != nil { + in, out := &in.ProjectRef, &out.ProjectRef + *out = new(v1beta1.ProjectRef) + **out = **in + } if in.ResourceID != nil { in, out := &in.ResourceID, &out.ResourceID *out = new(string) **out = **in } + if in.InstanceRef != nil { + in, out := &in.InstanceRef, &out.InstanceRef + *out = new(SecureSourceManagerInstanceRef) + **out = **in + } + if in.InitialConfig != nil { + in, out := &in.InitialConfig, &out.InitialConfig + *out = new(Repository_InitialConfig) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerRepositorySpec. diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml index 99f08d9de1..4ce32f3d47 100644 --- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml +++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml @@ -61,6 +61,212 @@ spec: description: SecureSourceManagerRepositorySpec defines the desired state of SecureSourceManagerRepository properties: + initialConfig: + description: Input only. Initial configurations for the repository. + properties: + defaultBranch: + description: Default branch name of the repository. + type: string + gitignores: + description: 'List of gitignore template names user can choose + from. Valid values: actionscript, ada, agda, android, anjuta, + ansible, appcelerator-titanium, app-engine, archives, arch-linux-packages, + atmel-studio, autotools, backup, bazaar, bazel, bitrix, bricx-cc, + c, cake-php, calabash, cf-wheels, chef-cookbook, clojure, cloud9, + c-make, code-igniter, code-kit, code-sniffer, common-lisp, composer, + concrete5, coq, cordova, cpp, craft-cms, cuda, cvs, d, dart, + dart-editor, delphi, diff, dm, dreamweaver, dropbox, drupal, + drupal-7, eagle, eclipse, eiffel-studio, elisp, elixir, elm, + emacs, ensime, epi-server, erlang, esp-idf, espresso, exercism, + expression-engine, ext-js, fancy, finale, flex-builder, force-dot-com, + fortran, fuel-php, gcov, git-book, gnome-shell-extension, go, + godot, gpg, gradle, grails, gwt, haskell, hugo, iar-ewarm, idris, + igor-pro, images, infor-cms, java, jboss, jboss-4, jboss-6, + jdeveloper, jekyll, jenkins-home, jenv, jet-brains, jigsaw, + joomla, julia, jupyter-notebooks, kate, kdevelop4, kentico, + ki-cad, kohana, kotlin, lab-view, laravel, lazarus, leiningen, + lemon-stand, libre-office, lilypond, linux, lithium, logtalk, + lua, lyx, mac-os, magento, magento-1, magento-2, matlab, maven, + mercurial, mercury, metals, meta-programming-system, meteor, + microsoft-office, model-sim, momentics, mono-develop, nanoc, + net-beans, nikola, nim, ninja, node, notepad-pp, nwjs, objective--c, + ocaml, octave, opa, open-cart, openssl, oracle-forms, otto, + packer, patch, perl, perl6, phalcon, phoenix, pimcore, play-framework, + plone, prestashop, processing, psoc-creator, puppet, pure-script, + putty, python, qooxdoo, qt, r, racket, rails, raku, red, redcar, + redis, rhodes-rhomobile, ros, ruby, rust, sam, sass, sbt, scala, + scheme, scons, scrivener, sdcc, seam-gen, sketch-up, slick-edit, + smalltalk, snap, splunk, stata, stella, sublime-text, sugar-crm, + svn, swift, symfony, symphony-cms, synopsys-vcs, tags, terraform, + tex, text-mate, textpattern, think-php, tortoise-git, turbo-gears-2, + typo3, umbraco, unity, unreal-engine, vagrant, vim, virtual-env, + virtuoso, visual-studio, visual-studio-code, vue, vvvv, waf, + web-methods, windows, word-press, xcode, xilinx, xilinx-ise, + xojo, yeoman, yii, zend-framework, zephir.' + items: + type: string + type: array + license: + description: 'License template name user can choose from. Valid + values: license-0bsd, license-389-exception, aal, abstyles, + adobe-2006, adobe-glyph, adsl, afl-1-1, afl-1-2, afl-2-0, afl-2-1, + afl-3-0, afmparse, agpl-1-0, agpl-1-0-only, agpl-1-0-or-later, + agpl-3-0-only, agpl-3-0-or-later, aladdin, amdplpa, aml, ampas, + antlr-pd, antlr-pd-fallback, apache-1-0, apache-1-1, apache-2-0, + apafml, apl-1-0, apsl-1-0, apsl-1-1, apsl-1-2, apsl-2-0, artistic-1-0, + artistic-1-0-cl8, artistic-1-0-perl, artistic-2-0, autoconf-exception-2-0, + autoconf-exception-3-0, bahyph, barr, beerware, bison-exception-2-2, + bittorrent-1-0, bittorrent-1-1, blessing, blueoak-1-0-0, bootloader-exception, + borceux, bsd-1-clause, bsd-2-clause, bsd-2-clause-freebsd, bsd-2-clause-netbsd, + bsd-2-clause-patent, bsd-2-clause-views, bsd-3-clause, bsd-3-clause-attribution, + bsd-3-clause-clear, bsd-3-clause-lbnl, bsd-3-clause-modification, + bsd-3-clause-no-nuclear-license, bsd-3-clause-no-nuclear-license-2014, + bsd-3-clause-no-nuclear-warranty, bsd-3-clause-open-mpi, bsd-4-clause, + bsd-4-clause-shortened, bsd-4-clause-uc, bsd-protection, bsd-source-code, + bsl-1-0, busl-1-1, cal-1-0, cal-1-0-combined-work-exception, + caldera, catosl-1-1, cc0-1-0, cc-by-1-0, cc-by-2-0, cc-by-3-0, + cc-by-3-0-at, cc-by-3-0-us, cc-by-4-0, cc-by-nc-1-0, cc-by-nc-2-0, + cc-by-nc-3-0, cc-by-nc-4-0, cc-by-nc-nd-1-0, cc-by-nc-nd-2-0, + cc-by-nc-nd-3-0, cc-by-nc-nd-3-0-igo, cc-by-nc-nd-4-0, cc-by-nc-sa-1-0, + cc-by-nc-sa-2-0, cc-by-nc-sa-3-0, cc-by-nc-sa-4-0, cc-by-nd-1-0, + cc-by-nd-2-0, cc-by-nd-3-0, cc-by-nd-4-0, cc-by-sa-1-0, cc-by-sa-2-0, + cc-by-sa-2-0-uk, cc-by-sa-2-1-jp, cc-by-sa-3-0, cc-by-sa-3-0-at, + cc-by-sa-4-0, cc-pddc, cddl-1-0, cddl-1-1, cdla-permissive-1-0, + cdla-sharing-1-0, cecill-1-0, cecill-1-1, cecill-2-0, cecill-2-1, + cecill-b, cecill-c, cern-ohl-1-1, cern-ohl-1-2, cern-ohl-p-2-0, + cern-ohl-s-2-0, cern-ohl-w-2-0, clartistic, classpath-exception-2-0, + clisp-exception-2-0, cnri-jython, cnri-python, cnri-python-gpl-compatible, + condor-1-1, copyleft-next-0-3-0, copyleft-next-0-3-1, cpal-1-0, + cpl-1-0, cpol-1-02, crossword, crystal-stacker, cua-opl-1-0, + cube, c-uda-1-0, curl, d-fsl-1-0, diffmark, digirule-foss-exception, + doc, dotseqn, drl-1-0, dsdp, dvipdfm, ecl-1-0, ecl-2-0, ecos-exception-2-0, + efl-1-0, efl-2-0, egenix, entessa, epics, epl-1-0, epl-2-0, + erlpl-1-1, etalab-2-0, eu-datagrid, eupl-1-0, eupl-1-1, eupl-1-2, + eurosym, fair, fawkes-runtime-exception, fltk-exception, font-exception-2-0, + frameworx-1-0, freebsd-doc, freeimage, freertos-exception-2-0, + fsfap, fsful, fsfullr, ftl, gcc-exception-2-0, gcc-exception-3-1, + gd, gfdl-1-1-invariants-only, gfdl-1-1-invariants-or-later, + gfdl-1-1-no-invariants-only, gfdl-1-1-no-invariants-or-later, + gfdl-1-1-only, gfdl-1-1-or-later, gfdl-1-2-invariants-only, + gfdl-1-2-invariants-or-later, gfdl-1-2-no-invariants-only, gfdl-1-2-no-invariants-or-later, + gfdl-1-2-only, gfdl-1-2-or-later, gfdl-1-3-invariants-only, + gfdl-1-3-invariants-or-later, gfdl-1-3-no-invariants-only, gfdl-1-3-no-invariants-or-later, + gfdl-1-3-only, gfdl-1-3-or-later, giftware, gl2ps, glide, glulxe, + glwtpl, gnu-javamail-exception, gnuplot, gpl-1-0-only, gpl-1-0-or-later, + gpl-2-0-only, gpl-2-0-or-later, gpl-3-0-linking-exception, gpl-3-0-linking-source-exception, + gpl-3-0-only, gpl-3-0-or-later, gpl-cc-1-0, gsoap-1-3b, haskell-report, + hippocratic-2-1, hpnd, hpnd-sell-variant, htmltidy, i2p-gpl-java-exception, + ibm-pibs, icu, ijg, image-magick, imatix, imlib2, info-zip, + intel, intel-acpi, interbase-1-0, ipa, ipl-1-0, isc, jasper-2-0, + jpnic, json, lal-1-2, lal-1-3, latex2e, leptonica, lgpl-2-0-only, + lgpl-2-0-or-later, lgpl-2-1-only, lgpl-2-1-or-later, lgpl-3-0-linking-exception, + lgpl-3-0-only, lgpl-3-0-or-later, lgpllr, libpng, libpng-2-0, + libselinux-1-0, libtiff, libtool-exception, liliq-p-1-1, liliq-r-1-1, + liliq-rplus-1-1, linux-openib, linux-syscall-note, llvm-exception, + lpl-1-0, lpl-1-02, lppl-1-0, lppl-1-1, lppl-1-2, lppl-1-3a, + lppl-1-3c, lzma-exception, make-index, mif-exception, miros, + mit, mit-0, mit-advertising, mit-cmu, mit-enna, mit-feh, mit-modern-variant, + mitnfa, mit-open-group, motosoto, mpich2, mpl-1-0, mpl-1-1, + mpl-2-0, mpl-2-0-no-copyleft-exception, ms-pl, ms-rl, mtll, + mulanpsl-1-0, mulanpsl-2-0, multics, mup, naist-2003, nasa-1-3, + naumen, nbpl-1-0, ncgl-uk-2-0, ncsa, netcdf, net-snmp, newsletr, + ngpl, nist-pd, nist-pd-fallback, nlod-1-0, nlpl, nokia, nokia-qt-exception-1-1, + nosl, noweb, npl-1-0, npl-1-1, nposl-3-0, nrl, ntp, ntp-0, ocaml-lgpl-linking-exception, + occt-exception-1-0, occt-pl, oclc-2-0, odbl-1-0, odc-by-1-0, + ofl-1-0, ofl-1-0-no-rfn, ofl-1-0-rfn, ofl-1-1, ofl-1-1-no-rfn, + ofl-1-1-rfn, ogc-1-0, ogdl-taiwan-1-0, ogl-canada-2-0, ogl-uk-1-0, + ogl-uk-2-0, ogl-uk-3-0, ogtsl, oldap-1-1, oldap-1-2, oldap-1-3, + oldap-1-4, oldap-2-0, oldap-2-0-1, oldap-2-1, oldap-2-2, oldap-2-2-1, + oldap-2-2-2, oldap-2-3, oldap-2-4, oldap-2-7, oml, openjdk-assembly-exception-1-0, + openssl, openvpn-openssl-exception, opl-1-0, oset-pl-2-1, osl-1-0, + osl-1-1, osl-2-0, osl-2-1, osl-3-0, o-uda-1-0, parity-6-0-0, + parity-7-0-0, pddl-1-0, php-3-0, php-3-01, plexus, polyform-noncommercial-1-0-0, + polyform-small-business-1-0-0, postgresql, psf-2-0, psfrag, + ps-or-pdf-font-exception-20170817, psutils, python-2-0, qhull, + qpl-1-0, qt-gpl-exception-1-0, qt-lgpl-exception-1-1, qwt-exception-1-0, + rdisc, rhecos-1-1, rpl-1-1, rpsl-1-0, rsa-md, rscpl, ruby, saxpath, + sax-pd, scea, sendmail, sendmail-8-23, sgi-b-1-0, sgi-b-1-1, + sgi-b-2-0, shl-0-51, shl-2-0, shl-2-1, simpl-2-0, sissl, sissl-1-2, + sleepycat, smlnj, smppl, snia, spencer-86, spencer-94, spencer-99, + spl-1-0, ssh-openssh, ssh-short, sspl-1-0, sugarcrm-1-1-3, swift-exception, + swl, tapr-ohl-1-0, tcl, tcp-wrappers, tmate, torque-1-1, tosl, + tu-berlin-1-0, tu-berlin-2-0, u-boot-exception-2-0, ucl-1-0, + unicode-dfs-2015, unicode-dfs-2016, unicode-tou, universal-foss-exception-1-0, + unlicense, upl-1-0, vim, vostrom, vsl-1-0, w3c, w3c-19980720, + w3c-20150513, watcom-1-0, wsuipa, wtfpl, wxwindows-exception-3-1, + x11, xerox, xfree86-1-1, xinetd, xnet, xpp, xskat, ypl-1-0, + ypl-1-1, zed, zend-2-0, zimbra-1-3, zimbra-1-4, zlib, zlib-acknowledgement, + zpl-1-1, zpl-2-0, zpl-2-1.' + type: string + readme: + description: 'README template name. Valid template name(s) are: + default.' + type: string + type: object + instanceRef: + description: Immutable. The name of the instance in which the repository + is hosted, formatted as `projects/{project_number}/locations/{location_id}/instances/{instance_id}` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed SecureSourceManagerInstance + resource. Should be in the format "projects//locations//instances/". + type: string + name: + description: The name of a SecureSourceManagerInstance resource. + type: string + namespace: + description: The namespace of a SecureSourceManagerInstance resource. + type: string + type: object + location: + description: Immutable. Location of the instance. + type: string + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object resourceID: description: Immutable. The SecureSourceManagerRepository name. If not given, the metadata.name will be used. @@ -68,6 +274,10 @@ spec: x-kubernetes-validations: - message: ResourceID field is immutable rule: self == oldSelf + required: + - instanceRef + - location + - projectRef type: object status: description: SecureSourceManagerRepositoryStatus defines the config connector diff --git a/pkg/clients/generated/apis/securesourcemanager/v1alpha1/register.go b/pkg/clients/generated/apis/securesourcemanager/v1alpha1/register.go index 4a6331cf28..2df32d10f3 100644 --- a/pkg/clients/generated/apis/securesourcemanager/v1alpha1/register.go +++ b/pkg/clients/generated/apis/securesourcemanager/v1alpha1/register.go @@ -59,5 +59,11 @@ var ( Kind: reflect.TypeOf(SecureSourceManagerInstance{}).Name(), } + SecureSourceManagerRepositoryGVK = schema.GroupVersionKind{ + Group: SchemeGroupVersion.Group, + Version: SchemeGroupVersion.Version, + Kind: reflect.TypeOf(SecureSourceManagerRepository{}).Name(), + } + securesourcemanagerAPIVersion = SchemeGroupVersion.String() ) diff --git a/pkg/clients/generated/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go b/pkg/clients/generated/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go new file mode 100644 index 0000000000..f46a0d1020 --- /dev/null +++ b/pkg/clients/generated/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go @@ -0,0 +1,126 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Config Connector and manual +// changes will be clobbered when the file is regenerated. +// +// ---------------------------------------------------------------------------- + +// *** DISCLAIMER *** +// Config Connector's go-client for CRDs is currently in ALPHA, which means +// that future versions of the go-client may include breaking changes. +// Please try it out and give us feedback! + +package v1alpha1 + +import ( + "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/clients/generated/apis/k8s/v1alpha1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type RepositoryInitialConfig struct { + /* Default branch name of the repository. */ + // +optional + DefaultBranch *string `json:"defaultBranch,omitempty"` + + /* List of gitignore template names user can choose from. Valid values: actionscript, ada, agda, android, anjuta, ansible, appcelerator-titanium, app-engine, archives, arch-linux-packages, atmel-studio, autotools, backup, bazaar, bazel, bitrix, bricx-cc, c, cake-php, calabash, cf-wheels, chef-cookbook, clojure, cloud9, c-make, code-igniter, code-kit, code-sniffer, common-lisp, composer, concrete5, coq, cordova, cpp, craft-cms, cuda, cvs, d, dart, dart-editor, delphi, diff, dm, dreamweaver, dropbox, drupal, drupal-7, eagle, eclipse, eiffel-studio, elisp, elixir, elm, emacs, ensime, epi-server, erlang, esp-idf, espresso, exercism, expression-engine, ext-js, fancy, finale, flex-builder, force-dot-com, fortran, fuel-php, gcov, git-book, gnome-shell-extension, go, godot, gpg, gradle, grails, gwt, haskell, hugo, iar-ewarm, idris, igor-pro, images, infor-cms, java, jboss, jboss-4, jboss-6, jdeveloper, jekyll, jenkins-home, jenv, jet-brains, jigsaw, joomla, julia, jupyter-notebooks, kate, kdevelop4, kentico, ki-cad, kohana, kotlin, lab-view, laravel, lazarus, leiningen, lemon-stand, libre-office, lilypond, linux, lithium, logtalk, lua, lyx, mac-os, magento, magento-1, magento-2, matlab, maven, mercurial, mercury, metals, meta-programming-system, meteor, microsoft-office, model-sim, momentics, mono-develop, nanoc, net-beans, nikola, nim, ninja, node, notepad-pp, nwjs, objective--c, ocaml, octave, opa, open-cart, openssl, oracle-forms, otto, packer, patch, perl, perl6, phalcon, phoenix, pimcore, play-framework, plone, prestashop, processing, psoc-creator, puppet, pure-script, putty, python, qooxdoo, qt, r, racket, rails, raku, red, redcar, redis, rhodes-rhomobile, ros, ruby, rust, sam, sass, sbt, scala, scheme, scons, scrivener, sdcc, seam-gen, sketch-up, slick-edit, smalltalk, snap, splunk, stata, stella, sublime-text, sugar-crm, svn, swift, symfony, symphony-cms, synopsys-vcs, tags, terraform, tex, text-mate, textpattern, think-php, tortoise-git, turbo-gears-2, typo3, umbraco, unity, unreal-engine, vagrant, vim, virtual-env, virtuoso, visual-studio, visual-studio-code, vue, vvvv, waf, web-methods, windows, word-press, xcode, xilinx, xilinx-ise, xojo, yeoman, yii, zend-framework, zephir. */ + // +optional + Gitignores []string `json:"gitignores,omitempty"` + + /* License template name user can choose from. Valid values: license-0bsd, license-389-exception, aal, abstyles, adobe-2006, adobe-glyph, adsl, afl-1-1, afl-1-2, afl-2-0, afl-2-1, afl-3-0, afmparse, agpl-1-0, agpl-1-0-only, agpl-1-0-or-later, agpl-3-0-only, agpl-3-0-or-later, aladdin, amdplpa, aml, ampas, antlr-pd, antlr-pd-fallback, apache-1-0, apache-1-1, apache-2-0, apafml, apl-1-0, apsl-1-0, apsl-1-1, apsl-1-2, apsl-2-0, artistic-1-0, artistic-1-0-cl8, artistic-1-0-perl, artistic-2-0, autoconf-exception-2-0, autoconf-exception-3-0, bahyph, barr, beerware, bison-exception-2-2, bittorrent-1-0, bittorrent-1-1, blessing, blueoak-1-0-0, bootloader-exception, borceux, bsd-1-clause, bsd-2-clause, bsd-2-clause-freebsd, bsd-2-clause-netbsd, bsd-2-clause-patent, bsd-2-clause-views, bsd-3-clause, bsd-3-clause-attribution, bsd-3-clause-clear, bsd-3-clause-lbnl, bsd-3-clause-modification, bsd-3-clause-no-nuclear-license, bsd-3-clause-no-nuclear-license-2014, bsd-3-clause-no-nuclear-warranty, bsd-3-clause-open-mpi, bsd-4-clause, bsd-4-clause-shortened, bsd-4-clause-uc, bsd-protection, bsd-source-code, bsl-1-0, busl-1-1, cal-1-0, cal-1-0-combined-work-exception, caldera, catosl-1-1, cc0-1-0, cc-by-1-0, cc-by-2-0, cc-by-3-0, cc-by-3-0-at, cc-by-3-0-us, cc-by-4-0, cc-by-nc-1-0, cc-by-nc-2-0, cc-by-nc-3-0, cc-by-nc-4-0, cc-by-nc-nd-1-0, cc-by-nc-nd-2-0, cc-by-nc-nd-3-0, cc-by-nc-nd-3-0-igo, cc-by-nc-nd-4-0, cc-by-nc-sa-1-0, cc-by-nc-sa-2-0, cc-by-nc-sa-3-0, cc-by-nc-sa-4-0, cc-by-nd-1-0, cc-by-nd-2-0, cc-by-nd-3-0, cc-by-nd-4-0, cc-by-sa-1-0, cc-by-sa-2-0, cc-by-sa-2-0-uk, cc-by-sa-2-1-jp, cc-by-sa-3-0, cc-by-sa-3-0-at, cc-by-sa-4-0, cc-pddc, cddl-1-0, cddl-1-1, cdla-permissive-1-0, cdla-sharing-1-0, cecill-1-0, cecill-1-1, cecill-2-0, cecill-2-1, cecill-b, cecill-c, cern-ohl-1-1, cern-ohl-1-2, cern-ohl-p-2-0, cern-ohl-s-2-0, cern-ohl-w-2-0, clartistic, classpath-exception-2-0, clisp-exception-2-0, cnri-jython, cnri-python, cnri-python-gpl-compatible, condor-1-1, copyleft-next-0-3-0, copyleft-next-0-3-1, cpal-1-0, cpl-1-0, cpol-1-02, crossword, crystal-stacker, cua-opl-1-0, cube, c-uda-1-0, curl, d-fsl-1-0, diffmark, digirule-foss-exception, doc, dotseqn, drl-1-0, dsdp, dvipdfm, ecl-1-0, ecl-2-0, ecos-exception-2-0, efl-1-0, efl-2-0, egenix, entessa, epics, epl-1-0, epl-2-0, erlpl-1-1, etalab-2-0, eu-datagrid, eupl-1-0, eupl-1-1, eupl-1-2, eurosym, fair, fawkes-runtime-exception, fltk-exception, font-exception-2-0, frameworx-1-0, freebsd-doc, freeimage, freertos-exception-2-0, fsfap, fsful, fsfullr, ftl, gcc-exception-2-0, gcc-exception-3-1, gd, gfdl-1-1-invariants-only, gfdl-1-1-invariants-or-later, gfdl-1-1-no-invariants-only, gfdl-1-1-no-invariants-or-later, gfdl-1-1-only, gfdl-1-1-or-later, gfdl-1-2-invariants-only, gfdl-1-2-invariants-or-later, gfdl-1-2-no-invariants-only, gfdl-1-2-no-invariants-or-later, gfdl-1-2-only, gfdl-1-2-or-later, gfdl-1-3-invariants-only, gfdl-1-3-invariants-or-later, gfdl-1-3-no-invariants-only, gfdl-1-3-no-invariants-or-later, gfdl-1-3-only, gfdl-1-3-or-later, giftware, gl2ps, glide, glulxe, glwtpl, gnu-javamail-exception, gnuplot, gpl-1-0-only, gpl-1-0-or-later, gpl-2-0-only, gpl-2-0-or-later, gpl-3-0-linking-exception, gpl-3-0-linking-source-exception, gpl-3-0-only, gpl-3-0-or-later, gpl-cc-1-0, gsoap-1-3b, haskell-report, hippocratic-2-1, hpnd, hpnd-sell-variant, htmltidy, i2p-gpl-java-exception, ibm-pibs, icu, ijg, image-magick, imatix, imlib2, info-zip, intel, intel-acpi, interbase-1-0, ipa, ipl-1-0, isc, jasper-2-0, jpnic, json, lal-1-2, lal-1-3, latex2e, leptonica, lgpl-2-0-only, lgpl-2-0-or-later, lgpl-2-1-only, lgpl-2-1-or-later, lgpl-3-0-linking-exception, lgpl-3-0-only, lgpl-3-0-or-later, lgpllr, libpng, libpng-2-0, libselinux-1-0, libtiff, libtool-exception, liliq-p-1-1, liliq-r-1-1, liliq-rplus-1-1, linux-openib, linux-syscall-note, llvm-exception, lpl-1-0, lpl-1-02, lppl-1-0, lppl-1-1, lppl-1-2, lppl-1-3a, lppl-1-3c, lzma-exception, make-index, mif-exception, miros, mit, mit-0, mit-advertising, mit-cmu, mit-enna, mit-feh, mit-modern-variant, mitnfa, mit-open-group, motosoto, mpich2, mpl-1-0, mpl-1-1, mpl-2-0, mpl-2-0-no-copyleft-exception, ms-pl, ms-rl, mtll, mulanpsl-1-0, mulanpsl-2-0, multics, mup, naist-2003, nasa-1-3, naumen, nbpl-1-0, ncgl-uk-2-0, ncsa, netcdf, net-snmp, newsletr, ngpl, nist-pd, nist-pd-fallback, nlod-1-0, nlpl, nokia, nokia-qt-exception-1-1, nosl, noweb, npl-1-0, npl-1-1, nposl-3-0, nrl, ntp, ntp-0, ocaml-lgpl-linking-exception, occt-exception-1-0, occt-pl, oclc-2-0, odbl-1-0, odc-by-1-0, ofl-1-0, ofl-1-0-no-rfn, ofl-1-0-rfn, ofl-1-1, ofl-1-1-no-rfn, ofl-1-1-rfn, ogc-1-0, ogdl-taiwan-1-0, ogl-canada-2-0, ogl-uk-1-0, ogl-uk-2-0, ogl-uk-3-0, ogtsl, oldap-1-1, oldap-1-2, oldap-1-3, oldap-1-4, oldap-2-0, oldap-2-0-1, oldap-2-1, oldap-2-2, oldap-2-2-1, oldap-2-2-2, oldap-2-3, oldap-2-4, oldap-2-7, oml, openjdk-assembly-exception-1-0, openssl, openvpn-openssl-exception, opl-1-0, oset-pl-2-1, osl-1-0, osl-1-1, osl-2-0, osl-2-1, osl-3-0, o-uda-1-0, parity-6-0-0, parity-7-0-0, pddl-1-0, php-3-0, php-3-01, plexus, polyform-noncommercial-1-0-0, polyform-small-business-1-0-0, postgresql, psf-2-0, psfrag, ps-or-pdf-font-exception-20170817, psutils, python-2-0, qhull, qpl-1-0, qt-gpl-exception-1-0, qt-lgpl-exception-1-1, qwt-exception-1-0, rdisc, rhecos-1-1, rpl-1-1, rpsl-1-0, rsa-md, rscpl, ruby, saxpath, sax-pd, scea, sendmail, sendmail-8-23, sgi-b-1-0, sgi-b-1-1, sgi-b-2-0, shl-0-51, shl-2-0, shl-2-1, simpl-2-0, sissl, sissl-1-2, sleepycat, smlnj, smppl, snia, spencer-86, spencer-94, spencer-99, spl-1-0, ssh-openssh, ssh-short, sspl-1-0, sugarcrm-1-1-3, swift-exception, swl, tapr-ohl-1-0, tcl, tcp-wrappers, tmate, torque-1-1, tosl, tu-berlin-1-0, tu-berlin-2-0, u-boot-exception-2-0, ucl-1-0, unicode-dfs-2015, unicode-dfs-2016, unicode-tou, universal-foss-exception-1-0, unlicense, upl-1-0, vim, vostrom, vsl-1-0, w3c, w3c-19980720, w3c-20150513, watcom-1-0, wsuipa, wtfpl, wxwindows-exception-3-1, x11, xerox, xfree86-1-1, xinetd, xnet, xpp, xskat, ypl-1-0, ypl-1-1, zed, zend-2-0, zimbra-1-3, zimbra-1-4, zlib, zlib-acknowledgement, zpl-1-1, zpl-2-0, zpl-2-1. */ + // +optional + License *string `json:"license,omitempty"` + + /* README template name. Valid template name(s) are: default. */ + // +optional + Readme *string `json:"readme,omitempty"` +} + +type SecureSourceManagerRepositorySpec struct { + /* Input only. Initial configurations for the repository. */ + // +optional + InitialConfig *RepositoryInitialConfig `json:"initialConfig,omitempty"` + + /* Immutable. The name of the instance in which the repository is hosted, formatted as `projects/{project_number}/locations/{location_id}/instances/{instance_id}` */ + InstanceRef v1alpha1.ResourceRef `json:"instanceRef"` + + /* Immutable. Location of the instance. */ + Location string `json:"location"` + + /* Immutable. The Project that this resource belongs to. */ + ProjectRef v1alpha1.ResourceRef `json:"projectRef"` + + /* Immutable. The SecureSourceManagerRepository name. If not given, the metadata.name will be used. */ + // +optional + ResourceID *string `json:"resourceID,omitempty"` +} + +type RepositoryObservedStateStatus struct { +} + +type SecureSourceManagerRepositoryStatus struct { + /* Conditions represent the latest available observations of the + SecureSourceManagerRepository's current state. */ + Conditions []v1alpha1.Condition `json:"conditions,omitempty"` + /* A unique specifier for the SecureSourceManagerRepository resource in GCP. */ + // +optional + ExternalRef *string `json:"externalRef,omitempty"` + + /* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */ + // +optional + ObservedGeneration *int64 `json:"observedGeneration,omitempty"` + + /* ObservedState is the state of the resource as most recently observed in GCP. */ + // +optional + ObservedState *RepositoryObservedStateStatus `json:"observedState,omitempty"` +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=gcp,shortName=gcpsecuresourcemanagerrepository;gcpsecuresourcemanagerrepositorys +// +kubebuilder:subresource:status +// +kubebuilder:metadata:labels="cnrm.cloud.google.com/managed-by-kcc=true";"cnrm.cloud.google.com/system=true" +// +kubebuilder:printcolumn:name="Age",JSONPath=".metadata.creationTimestamp",type="date" +// +kubebuilder:printcolumn:name="Ready",JSONPath=".status.conditions[?(@.type=='Ready')].status",type="string",description="When 'True', the most recent reconcile of the resource succeeded" +// +kubebuilder:printcolumn:name="Status",JSONPath=".status.conditions[?(@.type=='Ready')].reason",type="string",description="The reason for the value in 'Ready'" +// +kubebuilder:printcolumn:name="Status Age",JSONPath=".status.conditions[?(@.type=='Ready')].lastTransitionTime",type="date",description="The last transition time for the value in 'Status'" + +// SecureSourceManagerRepository is the Schema for the securesourcemanager API +// +k8s:openapi-gen=true +type SecureSourceManagerRepository struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec SecureSourceManagerRepositorySpec `json:"spec,omitempty"` + Status SecureSourceManagerRepositoryStatus `json:"status,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// SecureSourceManagerRepositoryList contains a list of SecureSourceManagerRepository +type SecureSourceManagerRepositoryList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []SecureSourceManagerRepository `json:"items"` +} + +func init() { + SchemeBuilder.Register(&SecureSourceManagerRepository{}, &SecureSourceManagerRepositoryList{}) +} diff --git a/pkg/clients/generated/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go b/pkg/clients/generated/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go index ea2b26ed51..e3cb67ccd0 100644 --- a/pkg/clients/generated/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/clients/generated/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go @@ -96,6 +96,58 @@ func (in *InstanceObservedStateStatus) DeepCopy() *InstanceObservedStateStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RepositoryInitialConfig) DeepCopyInto(out *RepositoryInitialConfig) { + *out = *in + if in.DefaultBranch != nil { + in, out := &in.DefaultBranch, &out.DefaultBranch + *out = new(string) + **out = **in + } + if in.Gitignores != nil { + in, out := &in.Gitignores, &out.Gitignores + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.License != nil { + in, out := &in.License, &out.License + *out = new(string) + **out = **in + } + if in.Readme != nil { + in, out := &in.Readme, &out.Readme + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RepositoryInitialConfig. +func (in *RepositoryInitialConfig) DeepCopy() *RepositoryInitialConfig { + if in == nil { + return nil + } + out := new(RepositoryInitialConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RepositoryObservedStateStatus) DeepCopyInto(out *RepositoryObservedStateStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RepositoryObservedStateStatus. +func (in *RepositoryObservedStateStatus) DeepCopy() *RepositoryObservedStateStatus { + if in == nil { + return nil + } + out := new(RepositoryObservedStateStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecureSourceManagerInstance) DeepCopyInto(out *SecureSourceManagerInstance) { *out = *in @@ -219,3 +271,128 @@ func (in *SecureSourceManagerInstanceStatus) DeepCopy() *SecureSourceManagerInst in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecureSourceManagerRepository) DeepCopyInto(out *SecureSourceManagerRepository) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerRepository. +func (in *SecureSourceManagerRepository) DeepCopy() *SecureSourceManagerRepository { + if in == nil { + return nil + } + out := new(SecureSourceManagerRepository) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *SecureSourceManagerRepository) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecureSourceManagerRepositoryList) DeepCopyInto(out *SecureSourceManagerRepositoryList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]SecureSourceManagerRepository, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerRepositoryList. +func (in *SecureSourceManagerRepositoryList) DeepCopy() *SecureSourceManagerRepositoryList { + if in == nil { + return nil + } + out := new(SecureSourceManagerRepositoryList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *SecureSourceManagerRepositoryList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecureSourceManagerRepositorySpec) DeepCopyInto(out *SecureSourceManagerRepositorySpec) { + *out = *in + if in.InitialConfig != nil { + in, out := &in.InitialConfig, &out.InitialConfig + *out = new(RepositoryInitialConfig) + (*in).DeepCopyInto(*out) + } + out.InstanceRef = in.InstanceRef + out.ProjectRef = in.ProjectRef + if in.ResourceID != nil { + in, out := &in.ResourceID, &out.ResourceID + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerRepositorySpec. +func (in *SecureSourceManagerRepositorySpec) DeepCopy() *SecureSourceManagerRepositorySpec { + if in == nil { + return nil + } + out := new(SecureSourceManagerRepositorySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecureSourceManagerRepositoryStatus) DeepCopyInto(out *SecureSourceManagerRepositoryStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]k8sv1alpha1.Condition, len(*in)) + copy(*out, *in) + } + if in.ExternalRef != nil { + in, out := &in.ExternalRef, &out.ExternalRef + *out = new(string) + **out = **in + } + if in.ObservedGeneration != nil { + in, out := &in.ObservedGeneration, &out.ObservedGeneration + *out = new(int64) + **out = **in + } + if in.ObservedState != nil { + in, out := &in.ObservedState, &out.ObservedState + *out = new(RepositoryObservedStateStatus) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerRepositoryStatus. +func (in *SecureSourceManagerRepositoryStatus) DeepCopy() *SecureSourceManagerRepositoryStatus { + if in == nil { + return nil + } + out := new(SecureSourceManagerRepositoryStatus) + in.DeepCopyInto(out) + return out +} diff --git a/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/fake/fake_securesourcemanager_client.go b/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/fake/fake_securesourcemanager_client.go index cff98ae6fb..0f2a497d40 100644 --- a/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/fake/fake_securesourcemanager_client.go +++ b/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/fake/fake_securesourcemanager_client.go @@ -35,6 +35,10 @@ func (c *FakeSecuresourcemanagerV1alpha1) SecureSourceManagerInstances(namespace return &FakeSecureSourceManagerInstances{c, namespace} } +func (c *FakeSecuresourcemanagerV1alpha1) SecureSourceManagerRepositories(namespace string) v1alpha1.SecureSourceManagerRepositoryInterface { + return &FakeSecureSourceManagerRepositories{c, namespace} +} + // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeSecuresourcemanagerV1alpha1) RESTClient() rest.Interface { diff --git a/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/fake/fake_securesourcemanagerrepository.go b/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/fake/fake_securesourcemanagerrepository.go new file mode 100644 index 0000000000..d3d019b165 --- /dev/null +++ b/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/fake/fake_securesourcemanagerrepository.go @@ -0,0 +1,144 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// *** DISCLAIMER *** +// Config Connector's go-client for CRDs is currently in ALPHA, which means +// that future versions of the go-client may include breaking changes. +// Please try it out and give us feedback! + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/clients/generated/apis/securesourcemanager/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeSecureSourceManagerRepositories implements SecureSourceManagerRepositoryInterface +type FakeSecureSourceManagerRepositories struct { + Fake *FakeSecuresourcemanagerV1alpha1 + ns string +} + +var securesourcemanagerrepositoriesResource = v1alpha1.SchemeGroupVersion.WithResource("securesourcemanagerrepositories") + +var securesourcemanagerrepositoriesKind = v1alpha1.SchemeGroupVersion.WithKind("SecureSourceManagerRepository") + +// Get takes name of the secureSourceManagerRepository, and returns the corresponding secureSourceManagerRepository object, and an error if there is any. +func (c *FakeSecureSourceManagerRepositories) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.SecureSourceManagerRepository, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(securesourcemanagerrepositoriesResource, c.ns, name), &v1alpha1.SecureSourceManagerRepository{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.SecureSourceManagerRepository), err +} + +// List takes label and field selectors, and returns the list of SecureSourceManagerRepositories that match those selectors. +func (c *FakeSecureSourceManagerRepositories) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.SecureSourceManagerRepositoryList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(securesourcemanagerrepositoriesResource, securesourcemanagerrepositoriesKind, c.ns, opts), &v1alpha1.SecureSourceManagerRepositoryList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.SecureSourceManagerRepositoryList{ListMeta: obj.(*v1alpha1.SecureSourceManagerRepositoryList).ListMeta} + for _, item := range obj.(*v1alpha1.SecureSourceManagerRepositoryList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested secureSourceManagerRepositories. +func (c *FakeSecureSourceManagerRepositories) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(securesourcemanagerrepositoriesResource, c.ns, opts)) + +} + +// Create takes the representation of a secureSourceManagerRepository and creates it. Returns the server's representation of the secureSourceManagerRepository, and an error, if there is any. +func (c *FakeSecureSourceManagerRepositories) Create(ctx context.Context, secureSourceManagerRepository *v1alpha1.SecureSourceManagerRepository, opts v1.CreateOptions) (result *v1alpha1.SecureSourceManagerRepository, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(securesourcemanagerrepositoriesResource, c.ns, secureSourceManagerRepository), &v1alpha1.SecureSourceManagerRepository{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.SecureSourceManagerRepository), err +} + +// Update takes the representation of a secureSourceManagerRepository and updates it. Returns the server's representation of the secureSourceManagerRepository, and an error, if there is any. +func (c *FakeSecureSourceManagerRepositories) Update(ctx context.Context, secureSourceManagerRepository *v1alpha1.SecureSourceManagerRepository, opts v1.UpdateOptions) (result *v1alpha1.SecureSourceManagerRepository, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(securesourcemanagerrepositoriesResource, c.ns, secureSourceManagerRepository), &v1alpha1.SecureSourceManagerRepository{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.SecureSourceManagerRepository), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeSecureSourceManagerRepositories) UpdateStatus(ctx context.Context, secureSourceManagerRepository *v1alpha1.SecureSourceManagerRepository, opts v1.UpdateOptions) (*v1alpha1.SecureSourceManagerRepository, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(securesourcemanagerrepositoriesResource, "status", c.ns, secureSourceManagerRepository), &v1alpha1.SecureSourceManagerRepository{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.SecureSourceManagerRepository), err +} + +// Delete takes name of the secureSourceManagerRepository and deletes it. Returns an error if one occurs. +func (c *FakeSecureSourceManagerRepositories) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteActionWithOptions(securesourcemanagerrepositoriesResource, c.ns, name, opts), &v1alpha1.SecureSourceManagerRepository{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeSecureSourceManagerRepositories) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(securesourcemanagerrepositoriesResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.SecureSourceManagerRepositoryList{}) + return err +} + +// Patch applies the patch and returns the patched secureSourceManagerRepository. +func (c *FakeSecureSourceManagerRepositories) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.SecureSourceManagerRepository, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(securesourcemanagerrepositoriesResource, c.ns, name, pt, data, subresources...), &v1alpha1.SecureSourceManagerRepository{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.SecureSourceManagerRepository), err +} diff --git a/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/generated_expansion.go b/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/generated_expansion.go index c0ac7f5c2a..b9dc98f32c 100644 --- a/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/generated_expansion.go +++ b/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/generated_expansion.go @@ -22,3 +22,5 @@ package v1alpha1 type SecureSourceManagerInstanceExpansion interface{} + +type SecureSourceManagerRepositoryExpansion interface{} diff --git a/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/securesourcemanager_client.go b/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/securesourcemanager_client.go index 5d49f3e1da..94e47d915e 100644 --- a/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/securesourcemanager_client.go +++ b/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/securesourcemanager_client.go @@ -32,6 +32,7 @@ import ( type SecuresourcemanagerV1alpha1Interface interface { RESTClient() rest.Interface SecureSourceManagerInstancesGetter + SecureSourceManagerRepositoriesGetter } // SecuresourcemanagerV1alpha1Client is used to interact with features provided by the securesourcemanager.cnrm.cloud.google.com group. @@ -43,6 +44,10 @@ func (c *SecuresourcemanagerV1alpha1Client) SecureSourceManagerInstances(namespa return newSecureSourceManagerInstances(c, namespace) } +func (c *SecuresourcemanagerV1alpha1Client) SecureSourceManagerRepositories(namespace string) SecureSourceManagerRepositoryInterface { + return newSecureSourceManagerRepositories(c, namespace) +} + // NewForConfig creates a new SecuresourcemanagerV1alpha1Client for the given config. // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), // where httpClient was generated with rest.HTTPClientFor(c). diff --git a/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/securesourcemanagerrepository.go b/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/securesourcemanagerrepository.go new file mode 100644 index 0000000000..b935bb2d6f --- /dev/null +++ b/pkg/clients/generated/client/clientset/versioned/typed/securesourcemanager/v1alpha1/securesourcemanagerrepository.go @@ -0,0 +1,198 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// *** DISCLAIMER *** +// Config Connector's go-client for CRDs is currently in ALPHA, which means +// that future versions of the go-client may include breaking changes. +// Please try it out and give us feedback! + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/clients/generated/apis/securesourcemanager/v1alpha1" + scheme "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/clients/generated/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// SecureSourceManagerRepositoriesGetter has a method to return a SecureSourceManagerRepositoryInterface. +// A group's client should implement this interface. +type SecureSourceManagerRepositoriesGetter interface { + SecureSourceManagerRepositories(namespace string) SecureSourceManagerRepositoryInterface +} + +// SecureSourceManagerRepositoryInterface has methods to work with SecureSourceManagerRepository resources. +type SecureSourceManagerRepositoryInterface interface { + Create(ctx context.Context, secureSourceManagerRepository *v1alpha1.SecureSourceManagerRepository, opts v1.CreateOptions) (*v1alpha1.SecureSourceManagerRepository, error) + Update(ctx context.Context, secureSourceManagerRepository *v1alpha1.SecureSourceManagerRepository, opts v1.UpdateOptions) (*v1alpha1.SecureSourceManagerRepository, error) + UpdateStatus(ctx context.Context, secureSourceManagerRepository *v1alpha1.SecureSourceManagerRepository, opts v1.UpdateOptions) (*v1alpha1.SecureSourceManagerRepository, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.SecureSourceManagerRepository, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.SecureSourceManagerRepositoryList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.SecureSourceManagerRepository, err error) + SecureSourceManagerRepositoryExpansion +} + +// secureSourceManagerRepositories implements SecureSourceManagerRepositoryInterface +type secureSourceManagerRepositories struct { + client rest.Interface + ns string +} + +// newSecureSourceManagerRepositories returns a SecureSourceManagerRepositories +func newSecureSourceManagerRepositories(c *SecuresourcemanagerV1alpha1Client, namespace string) *secureSourceManagerRepositories { + return &secureSourceManagerRepositories{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the secureSourceManagerRepository, and returns the corresponding secureSourceManagerRepository object, and an error if there is any. +func (c *secureSourceManagerRepositories) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.SecureSourceManagerRepository, err error) { + result = &v1alpha1.SecureSourceManagerRepository{} + err = c.client.Get(). + Namespace(c.ns). + Resource("securesourcemanagerrepositories"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of SecureSourceManagerRepositories that match those selectors. +func (c *secureSourceManagerRepositories) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.SecureSourceManagerRepositoryList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.SecureSourceManagerRepositoryList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("securesourcemanagerrepositories"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested secureSourceManagerRepositories. +func (c *secureSourceManagerRepositories) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("securesourcemanagerrepositories"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a secureSourceManagerRepository and creates it. Returns the server's representation of the secureSourceManagerRepository, and an error, if there is any. +func (c *secureSourceManagerRepositories) Create(ctx context.Context, secureSourceManagerRepository *v1alpha1.SecureSourceManagerRepository, opts v1.CreateOptions) (result *v1alpha1.SecureSourceManagerRepository, err error) { + result = &v1alpha1.SecureSourceManagerRepository{} + err = c.client.Post(). + Namespace(c.ns). + Resource("securesourcemanagerrepositories"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(secureSourceManagerRepository). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a secureSourceManagerRepository and updates it. Returns the server's representation of the secureSourceManagerRepository, and an error, if there is any. +func (c *secureSourceManagerRepositories) Update(ctx context.Context, secureSourceManagerRepository *v1alpha1.SecureSourceManagerRepository, opts v1.UpdateOptions) (result *v1alpha1.SecureSourceManagerRepository, err error) { + result = &v1alpha1.SecureSourceManagerRepository{} + err = c.client.Put(). + Namespace(c.ns). + Resource("securesourcemanagerrepositories"). + Name(secureSourceManagerRepository.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(secureSourceManagerRepository). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *secureSourceManagerRepositories) UpdateStatus(ctx context.Context, secureSourceManagerRepository *v1alpha1.SecureSourceManagerRepository, opts v1.UpdateOptions) (result *v1alpha1.SecureSourceManagerRepository, err error) { + result = &v1alpha1.SecureSourceManagerRepository{} + err = c.client.Put(). + Namespace(c.ns). + Resource("securesourcemanagerrepositories"). + Name(secureSourceManagerRepository.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(secureSourceManagerRepository). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the secureSourceManagerRepository and deletes it. Returns an error if one occurs. +func (c *secureSourceManagerRepositories) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("securesourcemanagerrepositories"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *secureSourceManagerRepositories) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("securesourcemanagerrepositories"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched secureSourceManagerRepository. +func (c *secureSourceManagerRepositories) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.SecureSourceManagerRepository, err error) { + result = &v1alpha1.SecureSourceManagerRepository{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("securesourcemanagerrepositories"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/gvks/supportedgvks/gvks_generated.go b/pkg/gvks/supportedgvks/gvks_generated.go index c7d626d735..59aab54b32 100644 --- a/pkg/gvks/supportedgvks/gvks_generated.go +++ b/pkg/gvks/supportedgvks/gvks_generated.go @@ -3902,6 +3902,16 @@ var SupportedGVKs = map[schema.GroupVersionKind]GVKMetadata{ "cnrm.cloud.google.com/system": "true", }, }, + { + Group: "securesourcemanager.cnrm.cloud.google.com", + Version: "v1alpha1", + Kind: "SecureSourceManagerRepository", + }: { + Labels: map[string]string{ + "cnrm.cloud.google.com/managed-by-kcc": "true", + "cnrm.cloud.google.com/system": "true", + }, + }, { Group: "securitycenter.cnrm.cloud.google.com", Version: "v1alpha1", From ff48ef0f713d5432fcf771bfb1c648d92e8130f7 Mon Sep 17 00:00:00 2001 From: Eric Pang Date: Tue, 29 Oct 2024 21:25:25 +0000 Subject: [PATCH 03/21] Add output fields and fix pluralization --- .../securesourcemanagerrepository_types.go | 14 ++++++++++++-- ....securesourcemanager.cnrm.cloud.google.com.yaml | 2 +- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go index f3d4205653..b109b67b5e 100644 --- a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go +++ b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go @@ -67,12 +67,22 @@ type SecureSourceManagerRepositoryStatus struct { // SecureSourceManagerRepositoryObservedState is the state of the SecureSourceManagerRepository resource as most recently observed in GCP. type SecureSourceManagerRepositoryObservedState struct { + // // Output only. Create timestamp. + // CreateTime *string `json:"createTime,omitempty"` + + // // Output only. Update timestamp. + // UpdateTime *string `json:"updateTime,omitempty" + + // Output only. Unique identifier of the repository. + Uid *string `json:"uid,omitempty"` + + // Output only. URIs for the repository. + URIs *Repository_URIs `json:"uris,omitempty"` } // +genclient // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// TODO(user): make sure the pluralizaiton below is correct -// +kubebuilder:resource:categories=gcp,shortName=gcpsecuresourcemanagerrepository;gcpsecuresourcemanagerrepositorys +// +kubebuilder:resource:categories=gcp,shortName=gcpsecuresourcemanagerrepository;gcpsecuresourcemanagerrepositories // +kubebuilder:subresource:status // +kubebuilder:metadata:labels="cnrm.cloud.google.com/managed-by-kcc=true";"cnrm.cloud.google.com/system=true" // +kubebuilder:printcolumn:name="Age",JSONPath=".metadata.creationTimestamp",type="date" diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml index 4ce32f3d47..36090eb0d1 100644 --- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml +++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml @@ -18,7 +18,7 @@ spec: plural: securesourcemanagerrepositories shortNames: - gcpsecuresourcemanagerrepository - - gcpsecuresourcemanagerrepositorys + - gcpsecuresourcemanagerrepositories singular: securesourcemanagerrepository preserveUnknownFields: false scope: Namespaced From e5853223c3fff387e124b28e8c7ed23107e0a66b Mon Sep 17 00:00:00 2001 From: Eric Pang Date: Tue, 29 Oct 2024 21:56:00 +0000 Subject: [PATCH 04/21] Add mock repo --- config/tests/samples/create/harness.go | 1 + mockgcp/mocksecuresourcemanager/repository.go | 166 ++++++++++++++++++ .../create.yaml | 24 +++ .../dependencies.yaml | 22 +++ 4 files changed, 213 insertions(+) create mode 100644 mockgcp/mocksecuresourcemanager/repository.go create mode 100644 pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/create.yaml create mode 100644 pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/dependencies.yaml diff --git a/config/tests/samples/create/harness.go b/config/tests/samples/create/harness.go index 581b4ca36c..fbaec55492 100644 --- a/config/tests/samples/create/harness.go +++ b/config/tests/samples/create/harness.go @@ -846,6 +846,7 @@ func MaybeSkip(t *testing.T, name string, resources []*unstructured.Unstructured case schema.GroupKind{Group: "secretmanager.cnrm.cloud.google.com", Kind: "SecretManagerSecretVersion"}: case schema.GroupKind{Group: "securesourcemanager.cnrm.cloud.google.com", Kind: "SecureSourceManagerInstance"}: + case schema.GroupKind{Group: "securesourcemanager.cnrm.cloud.google.com", Kind: "SecureSourceManagerRepository"}: case schema.GroupKind{Group: "servicedirectory.cnrm.cloud.google.com", Kind: "ServiceDirectoryNamespace"}: case schema.GroupKind{Group: "servicedirectory.cnrm.cloud.google.com", Kind: "ServiceDirectoryService"}: diff --git a/mockgcp/mocksecuresourcemanager/repository.go b/mockgcp/mocksecuresourcemanager/repository.go new file mode 100644 index 0000000000..55eecdf6a9 --- /dev/null +++ b/mockgcp/mocksecuresourcemanager/repository.go @@ -0,0 +1,166 @@ +// Copyright 2024 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package mocksecuresourcemanager + +import ( + "context" + "fmt" + "strings" + "time" + + longrunning "google.golang.org/genproto/googleapis/longrunning" + "google.golang.org/grpc/codes" + "google.golang.org/grpc/status" + "google.golang.org/protobuf/proto" + "google.golang.org/protobuf/types/known/emptypb" + "google.golang.org/protobuf/types/known/timestamppb" + + "github.com/GoogleCloudPlatform/k8s-config-connector/mockgcp/common/projects" + pb "github.com/GoogleCloudPlatform/k8s-config-connector/mockgcp/generated/mockgcp/cloud/securesourcemanager/v1" +) + +func (s *secureSourceManagerServer) GetRepository(ctx context.Context, req *pb.GetRepositoryRequest) (*pb.Repository, error) { + name, err := s.parseRepositoryName(req.Name) + if err != nil { + return nil, err + } + + fqn := name.String() + + obj := &pb.Repository{} + if err := s.storage.Get(ctx, fqn, obj); err != nil { + if status.Code(err) == codes.NotFound { + return nil, status.Errorf(codes.NotFound, "Resource '%s' was not found", fqn) + } + return nil, err + } + + return obj, nil +} + +func (s *secureSourceManagerServer) CreateRepository(ctx context.Context, req *pb.CreateRepositoryRequest) (*longrunning.Operation, error) { + reqName := req.Parent + "/repositories/" + req.RepositoryId + name, err := s.parseRepositoryName(reqName) + if err != nil { + return nil, err + } + + fqn := name.String() + + now := time.Now() + + obj := proto.Clone(req.Repository).(*pb.Repository) + obj.Name = fqn + + obj.CreateTime = timestamppb.New(now) + obj.UpdateTime = timestamppb.New(now) + + instanceName, err := s.parseInstanceName(req.GetRepository().GetInstance()) + if err != nil { + return nil, err + } + + prefix := fmt.Sprintf("%s-%d", instanceName.InstanceID, name.Project.Number) + domain := "." + name.Location + ".sourcemanager.dev" + obj.Uris = &pb.Repository_URIs{ + Html: prefix + domain + fmt.Sprintf("%s/%s", name.Project.ID, req.GetRepositoryId()), + Api: prefix + "-api" + domain + fmt.Sprintf("/v1/projects/%s/locations/%s/repositories/%s", name.Project.ID, name.Location, req.GetRepositoryId()), + GitHttps: prefix + "-git" + domain + fmt.Sprintf("%s/%s.git", name.Project.ID, req.GetRepositoryId()), + } + + if err := s.storage.Create(ctx, fqn, obj); err != nil { + return nil, err + } + + op := &pb.OperationMetadata{ + CreateTime: timestamppb.New(now), + Target: name.String(), + Verb: "create", + ApiVersion: "v1", + } + opPrefix := fmt.Sprintf("projects/%s/locations/%s", name.Project.ID, name.Location) + return s.operations.StartLRO(ctx, opPrefix, op, func() (proto.Message, error) { + op.EndTime = timestamppb.Now() + return obj, nil + }) +} + +func (s *secureSourceManagerServer) DeleteRepository(ctx context.Context, req *pb.DeleteRepositoryRequest) (*longrunning.Operation, error) { + name, err := s.parseRepositoryName(req.GetName()) + if err != nil { + return nil, err + } + + fqn := name.String() + now := time.Now() + + deleted := &pb.Repository{} + if err := s.storage.Delete(ctx, fqn, deleted); err != nil { + return nil, err + } + + op := &pb.OperationMetadata{ + CreateTime: timestamppb.New(now), + Target: name.String(), + Verb: "delete", + ApiVersion: "v1", + } + opPrefix := fmt.Sprintf("projects/%s/locations/%s", name.Project.ID, name.Location) + return s.operations.StartLRO(ctx, opPrefix, op, func() (proto.Message, error) { + op.EndTime = timestamppb.Now() + return &emptypb.Empty{}, nil + }) +} + +type RepositoryName struct { + Project *projects.ProjectData + Location string + RepositoryID string +} + +func (n *RepositoryName) String() string { + return fmt.Sprintf("projects/%s/locations/%s/repositories/%s", n.Project.ID, n.Location, n.RepositoryID) +} + +// func (n *RepositoryName) Target() string { +// return fmt.Sprintf("projects/%s/locations/%s/repositories/%s", n.Project.ID, n.Location, n.RepositoryID) +// } + +// parseRepositoryName parses a string into a RepositoryName. +// The expected form is projects/*/locations/*/repositories/* +func (s *MockService) parseRepositoryName(name string) (*RepositoryName, error) { + tokens := strings.Split(name, "/") + + if len(tokens) == 6 && tokens[0] == "projects" && tokens[2] == "locations" && tokens[4] == "repositories" { + projectName, err := projects.ParseProjectName(tokens[0] + "/" + tokens[1]) + if err != nil { + return nil, err + } + project, err := s.Projects.GetProject(projectName) + if err != nil { + return nil, err + } + + name := &RepositoryName{ + Project: project, + Location: tokens[3], + RepositoryID: tokens[5], + } + + return name, nil + } else { + return nil, status.Errorf(codes.InvalidArgument, "name %q is not valid", name) + } +} diff --git a/pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/create.yaml b/pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/create.yaml new file mode 100644 index 0000000000..a1d166e2b0 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/create.yaml @@ -0,0 +1,24 @@ +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: securesourcemanager.cnrm.cloud.google.com/v1alpha1 +kind: SecureSourceManagerRepository +metadata: + name: ssmrepository-${uniqueId} +spec: + location: us-central1 + projectRef: + external: ${projectId} + instanceRef: + name: ssminstance-${uniqueId} \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/dependencies.yaml b/pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/dependencies.yaml new file mode 100644 index 0000000000..a36bd3f188 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/dependencies.yaml @@ -0,0 +1,22 @@ +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: securesourcemanager.cnrm.cloud.google.com/v1alpha1 +kind: SecureSourceManagerInstance +metadata: + name: ssminstance-${uniqueId} +spec: + location: us-central1 + projectRef: + external: ${projectId} From a9b3445073d152eca7a19278ef43491a30383b21 Mon Sep 17 00:00:00 2001 From: Eric Pang Date: Tue, 29 Oct 2024 22:06:35 +0000 Subject: [PATCH 05/21] remove generated comment --- .../v1alpha1/securesourcemanagerrepository_types.go | 1 - 1 file changed, 1 deletion(-) diff --git a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go index b109b67b5e..47a4d61413 100644 --- a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go +++ b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go @@ -22,7 +22,6 @@ import ( var SecureSourceManagerRepositoryGVK = GroupVersion.WithKind("SecureSourceManagerRepository") -// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. // SecureSourceManagerRepositorySpec defines the desired state of SecureSourceManagerRepository From 7a31726e497a5bc4d2058cecdbbe1e073f4f2aa4 Mon Sep 17 00:00:00 2001 From: Eric Pang Date: Thu, 31 Oct 2024 16:09:56 +0000 Subject: [PATCH 06/21] Revert "remove generated comment" This reverts commit 1e488a4d5fd8e8b07ab43f1bdd8bbc520db68601. --- .../v1alpha1/securesourcemanagerrepository_types.go | 1 + 1 file changed, 1 insertion(+) diff --git a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go index 47a4d61413..b109b67b5e 100644 --- a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go +++ b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go @@ -22,6 +22,7 @@ import ( var SecureSourceManagerRepositoryGVK = GroupVersion.WithKind("SecureSourceManagerRepository") +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. // SecureSourceManagerRepositorySpec defines the desired state of SecureSourceManagerRepository From 77dd67bd013ef3fef7a417050b4b2b3c3bcaa87a Mon Sep 17 00:00:00 2001 From: Eric Pang Date: Thu, 31 Oct 2024 16:10:06 +0000 Subject: [PATCH 07/21] Revert "Add mock repo" This reverts commit 48facf26cc42950ceef6f08ea80ae07699d09591. --- config/tests/samples/create/harness.go | 1 - mockgcp/mocksecuresourcemanager/repository.go | 166 ------------------ .../create.yaml | 24 --- .../dependencies.yaml | 22 --- 4 files changed, 213 deletions(-) delete mode 100644 mockgcp/mocksecuresourcemanager/repository.go delete mode 100644 pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/create.yaml delete mode 100644 pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/dependencies.yaml diff --git a/config/tests/samples/create/harness.go b/config/tests/samples/create/harness.go index fbaec55492..581b4ca36c 100644 --- a/config/tests/samples/create/harness.go +++ b/config/tests/samples/create/harness.go @@ -846,7 +846,6 @@ func MaybeSkip(t *testing.T, name string, resources []*unstructured.Unstructured case schema.GroupKind{Group: "secretmanager.cnrm.cloud.google.com", Kind: "SecretManagerSecretVersion"}: case schema.GroupKind{Group: "securesourcemanager.cnrm.cloud.google.com", Kind: "SecureSourceManagerInstance"}: - case schema.GroupKind{Group: "securesourcemanager.cnrm.cloud.google.com", Kind: "SecureSourceManagerRepository"}: case schema.GroupKind{Group: "servicedirectory.cnrm.cloud.google.com", Kind: "ServiceDirectoryNamespace"}: case schema.GroupKind{Group: "servicedirectory.cnrm.cloud.google.com", Kind: "ServiceDirectoryService"}: diff --git a/mockgcp/mocksecuresourcemanager/repository.go b/mockgcp/mocksecuresourcemanager/repository.go deleted file mode 100644 index 55eecdf6a9..0000000000 --- a/mockgcp/mocksecuresourcemanager/repository.go +++ /dev/null @@ -1,166 +0,0 @@ -// Copyright 2024 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package mocksecuresourcemanager - -import ( - "context" - "fmt" - "strings" - "time" - - longrunning "google.golang.org/genproto/googleapis/longrunning" - "google.golang.org/grpc/codes" - "google.golang.org/grpc/status" - "google.golang.org/protobuf/proto" - "google.golang.org/protobuf/types/known/emptypb" - "google.golang.org/protobuf/types/known/timestamppb" - - "github.com/GoogleCloudPlatform/k8s-config-connector/mockgcp/common/projects" - pb "github.com/GoogleCloudPlatform/k8s-config-connector/mockgcp/generated/mockgcp/cloud/securesourcemanager/v1" -) - -func (s *secureSourceManagerServer) GetRepository(ctx context.Context, req *pb.GetRepositoryRequest) (*pb.Repository, error) { - name, err := s.parseRepositoryName(req.Name) - if err != nil { - return nil, err - } - - fqn := name.String() - - obj := &pb.Repository{} - if err := s.storage.Get(ctx, fqn, obj); err != nil { - if status.Code(err) == codes.NotFound { - return nil, status.Errorf(codes.NotFound, "Resource '%s' was not found", fqn) - } - return nil, err - } - - return obj, nil -} - -func (s *secureSourceManagerServer) CreateRepository(ctx context.Context, req *pb.CreateRepositoryRequest) (*longrunning.Operation, error) { - reqName := req.Parent + "/repositories/" + req.RepositoryId - name, err := s.parseRepositoryName(reqName) - if err != nil { - return nil, err - } - - fqn := name.String() - - now := time.Now() - - obj := proto.Clone(req.Repository).(*pb.Repository) - obj.Name = fqn - - obj.CreateTime = timestamppb.New(now) - obj.UpdateTime = timestamppb.New(now) - - instanceName, err := s.parseInstanceName(req.GetRepository().GetInstance()) - if err != nil { - return nil, err - } - - prefix := fmt.Sprintf("%s-%d", instanceName.InstanceID, name.Project.Number) - domain := "." + name.Location + ".sourcemanager.dev" - obj.Uris = &pb.Repository_URIs{ - Html: prefix + domain + fmt.Sprintf("%s/%s", name.Project.ID, req.GetRepositoryId()), - Api: prefix + "-api" + domain + fmt.Sprintf("/v1/projects/%s/locations/%s/repositories/%s", name.Project.ID, name.Location, req.GetRepositoryId()), - GitHttps: prefix + "-git" + domain + fmt.Sprintf("%s/%s.git", name.Project.ID, req.GetRepositoryId()), - } - - if err := s.storage.Create(ctx, fqn, obj); err != nil { - return nil, err - } - - op := &pb.OperationMetadata{ - CreateTime: timestamppb.New(now), - Target: name.String(), - Verb: "create", - ApiVersion: "v1", - } - opPrefix := fmt.Sprintf("projects/%s/locations/%s", name.Project.ID, name.Location) - return s.operations.StartLRO(ctx, opPrefix, op, func() (proto.Message, error) { - op.EndTime = timestamppb.Now() - return obj, nil - }) -} - -func (s *secureSourceManagerServer) DeleteRepository(ctx context.Context, req *pb.DeleteRepositoryRequest) (*longrunning.Operation, error) { - name, err := s.parseRepositoryName(req.GetName()) - if err != nil { - return nil, err - } - - fqn := name.String() - now := time.Now() - - deleted := &pb.Repository{} - if err := s.storage.Delete(ctx, fqn, deleted); err != nil { - return nil, err - } - - op := &pb.OperationMetadata{ - CreateTime: timestamppb.New(now), - Target: name.String(), - Verb: "delete", - ApiVersion: "v1", - } - opPrefix := fmt.Sprintf("projects/%s/locations/%s", name.Project.ID, name.Location) - return s.operations.StartLRO(ctx, opPrefix, op, func() (proto.Message, error) { - op.EndTime = timestamppb.Now() - return &emptypb.Empty{}, nil - }) -} - -type RepositoryName struct { - Project *projects.ProjectData - Location string - RepositoryID string -} - -func (n *RepositoryName) String() string { - return fmt.Sprintf("projects/%s/locations/%s/repositories/%s", n.Project.ID, n.Location, n.RepositoryID) -} - -// func (n *RepositoryName) Target() string { -// return fmt.Sprintf("projects/%s/locations/%s/repositories/%s", n.Project.ID, n.Location, n.RepositoryID) -// } - -// parseRepositoryName parses a string into a RepositoryName. -// The expected form is projects/*/locations/*/repositories/* -func (s *MockService) parseRepositoryName(name string) (*RepositoryName, error) { - tokens := strings.Split(name, "/") - - if len(tokens) == 6 && tokens[0] == "projects" && tokens[2] == "locations" && tokens[4] == "repositories" { - projectName, err := projects.ParseProjectName(tokens[0] + "/" + tokens[1]) - if err != nil { - return nil, err - } - project, err := s.Projects.GetProject(projectName) - if err != nil { - return nil, err - } - - name := &RepositoryName{ - Project: project, - Location: tokens[3], - RepositoryID: tokens[5], - } - - return name, nil - } else { - return nil, status.Errorf(codes.InvalidArgument, "name %q is not valid", name) - } -} diff --git a/pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/create.yaml b/pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/create.yaml deleted file mode 100644 index a1d166e2b0..0000000000 --- a/pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/create.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: securesourcemanager.cnrm.cloud.google.com/v1alpha1 -kind: SecureSourceManagerRepository -metadata: - name: ssmrepository-${uniqueId} -spec: - location: us-central1 - projectRef: - external: ${projectId} - instanceRef: - name: ssminstance-${uniqueId} \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/dependencies.yaml b/pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/dependencies.yaml deleted file mode 100644 index a36bd3f188..0000000000 --- a/pkg/test/resourcefixture/testdata/basic/securesourcemanager/securesourcemanagerrepository/securesourcemanagerrepositorybasic/dependencies.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: securesourcemanager.cnrm.cloud.google.com/v1alpha1 -kind: SecureSourceManagerInstance -metadata: - name: ssminstance-${uniqueId} -spec: - location: us-central1 - projectRef: - external: ${projectId} From 27c600786830838ad4be06aa63a87bde78d44baf Mon Sep 17 00:00:00 2001 From: Eric Pang Date: Mon, 4 Nov 2024 19:44:21 +0000 Subject: [PATCH 08/21] Fix repo reference --- .../v1alpha1/instance_reference.go | 82 +++++++++++++++++++ .../v1alpha1/repository_reference.go | 12 +++ .../securesourcemanagerrepository_types.go | 5 +- .../v1alpha1/zz_generated.deepcopy.go | 22 ++++- ...resourcemanager.cnrm.cloud.google.com.yaml | 16 ++++ .../securesourcemanagerrepository_types.go | 19 ++++- .../v1alpha1/zz_generated.deepcopy.go | 38 ++++++++- 7 files changed, 187 insertions(+), 7 deletions(-) diff --git a/apis/securesourcemanager/v1alpha1/instance_reference.go b/apis/securesourcemanager/v1alpha1/instance_reference.go index 616a5dd8ac..a35f58bad9 100644 --- a/apis/securesourcemanager/v1alpha1/instance_reference.go +++ b/apis/securesourcemanager/v1alpha1/instance_reference.go @@ -23,6 +23,7 @@ import ( "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/k8s" apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" ) @@ -43,6 +44,12 @@ type SecureSourceManagerInstanceRef struct { Namespace string `json:"namespace,omitempty"` } +type SecureSourceManagerInstanceID struct { + ProjectID string + Location string + InstanceID string +} + func ParseSecureSourceManagerInstanceRef(url string) (*SecureSourceManagerInstanceRef, error) { parent, resourceID, err := parseSecureSourceManagerExternal(url) if err != nil { @@ -183,6 +190,10 @@ func (r *SecureSourceManagerInstanceRef) ResourceID() (string, error) { return resourceID, nil } +func (r *SecureSourceManagerInstanceID) String() string { + return fmt.Sprintf("projects/%s/locations/%s/instances/%s", r.ProjectID, r.Location, r.InstanceID) +} + // +k8s:deepcopy-gen=false type ProjectIDAndLocation struct { ProjectID string @@ -200,3 +211,74 @@ func valueOf[T any](t *T) T { } return *t } + +func ResolveSecureSourceManagerInstanceRef(ctx context.Context, reader client.Reader, obj client.Object, ref *SecureSourceManagerInstanceRef) (*SecureSourceManagerInstanceID, error) { + if ref == nil { + return nil, nil + } + + if ref.Name == "" && ref.External == "" { + return nil, fmt.Errorf("must specify either name or external on instanceRef") + } + if ref.External != "" && ref.Name != "" { + return nil, fmt.Errorf("cannot specify both spec.instanceRef.name and spec.instanceRef.external") + } + + if ref.External != "" { + // External should be in the `projects/[projectID]/locations/[Location]/instances/[instanceName]` format. + tokens := strings.Split(ref.External, "/") + if len(tokens) == 6 && tokens[0] == "projects" && tokens[2] == "locations" && tokens[4] == "instances" { + return &SecureSourceManagerInstanceID{ + ProjectID: tokens[1], + Location: tokens[3], + InstanceID: tokens[5], + }, nil + } + return nil, fmt.Errorf("format of securesourcemanagerinstance external=%q was not known (use projects//locations/[Location]/instances/)", ref.External) + } + + key := types.NamespacedName{ + Namespace: ref.Namespace, + Name: ref.Name, + } + if key.Namespace == "" { + key.Namespace = obj.GetNamespace() + } + + ssminstance := &unstructured.Unstructured{} + ssminstance.SetGroupVersionKind(schema.GroupVersionKind{ + Group: "securesourcemanager.cnrm.cloud.google.com", + Version: "v1alpha1", + Kind: "SecureSourceManagerInstance", + }) + if err := reader.Get(ctx, key, ssminstance); err != nil { + if apierrors.IsNotFound(err) { + return nil, fmt.Errorf("referenced SecureSourceManagerInstance %v not found", key) + } + return nil, fmt.Errorf("error reading referenced SecureSourceManagerInstance %v: %w", key, err) + } + + resourceID, _, err := unstructured.NestedString(ssminstance.Object, "spec", "resourceID") + if err != nil { + return nil, fmt.Errorf("reading spec.resourceID from SecureSourceManagerInstance %s/%s: %w", ssminstance.GetNamespace(), ssminstance.GetName(), err) + } + if resourceID == "" { + resourceID = ssminstance.GetName() + } + + location, _, err := unstructured.NestedString(ssminstance.Object, "spec", "location") + if err != nil { + return nil, fmt.Errorf("reading spec.location from SecureSourceManagerInstance %s/%s: %w", ssminstance.GetNamespace(), ssminstance.GetName(), err) + } + + projectID, err := refsv1beta1.ResolveProjectID(ctx, reader, ssminstance) + if err != nil { + return nil, err + } + + return &SecureSourceManagerInstanceID{ + ProjectID: projectID, + Location: location, + InstanceID: resourceID, + }, nil +} diff --git a/apis/securesourcemanager/v1alpha1/repository_reference.go b/apis/securesourcemanager/v1alpha1/repository_reference.go index fbdba69f1e..07982266f3 100644 --- a/apis/securesourcemanager/v1alpha1/repository_reference.go +++ b/apis/securesourcemanager/v1alpha1/repository_reference.go @@ -151,6 +151,18 @@ func (r *SecureSourceManagerRepositoryRef) Parent() (*SecureSourceManagerReposit return nil, fmt.Errorf("SecureSourceManagerRepositoryRef not initialized from `NewSecureSourceManagerRepositoryRef` or `NormalizedExternal`") } +func (r *SecureSourceManagerRepositoryRef) ResourceID() (string, error) { + if r.External == "" { + return "", fmt.Errorf("reference has not been normalized (external is empty)") + } + + _, resourceID, err := parseSecureSourceManagerRepositoryExternal(r.External) + if err != nil { + return "", err + } + return resourceID, nil +} + type SecureSourceManagerRepositoryParent struct { ProjectID string Location string diff --git a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go index b109b67b5e..e2d507d943 100644 --- a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go +++ b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go @@ -71,10 +71,7 @@ type SecureSourceManagerRepositoryObservedState struct { // CreateTime *string `json:"createTime,omitempty"` // // Output only. Update timestamp. - // UpdateTime *string `json:"updateTime,omitempty" - - // Output only. Unique identifier of the repository. - Uid *string `json:"uid,omitempty"` + // UpdateTime *string `json:"updateTime,omitempty"` // Output only. URIs for the repository. URIs *Repository_URIs `json:"uris,omitempty"` diff --git a/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go b/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go index faee2ed248..6174dcae5f 100644 --- a/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go +++ b/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go @@ -246,6 +246,21 @@ func (in *SecureSourceManagerInstance) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecureSourceManagerInstanceID) DeepCopyInto(out *SecureSourceManagerInstanceID) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerInstanceID. +func (in *SecureSourceManagerInstanceID) DeepCopy() *SecureSourceManagerInstanceID { + if in == nil { + return nil + } + out := new(SecureSourceManagerInstanceID) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecureSourceManagerInstanceList) DeepCopyInto(out *SecureSourceManagerInstanceList) { *out = *in @@ -450,6 +465,11 @@ func (in *SecureSourceManagerRepositoryList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecureSourceManagerRepositoryObservedState) DeepCopyInto(out *SecureSourceManagerRepositoryObservedState) { *out = *in + if in.URIs != nil { + in, out := &in.URIs, &out.URIs + *out = new(Repository_URIs) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerRepositoryObservedState. @@ -553,7 +573,7 @@ func (in *SecureSourceManagerRepositoryStatus) DeepCopyInto(out *SecureSourceMan if in.ObservedState != nil { in, out := &in.ObservedState, &out.ObservedState *out = new(SecureSourceManagerRepositoryObservedState) - **out = **in + (*in).DeepCopyInto(*out) } } diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml index 36090eb0d1..debada52e3 100644 --- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml +++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml @@ -324,6 +324,22 @@ spec: observedState: description: ObservedState is the state of the resource as most recently observed in GCP. + properties: + uris: + description: Output only. URIs for the repository. + properties: + api: + description: Output only. API is the URI for API access. + type: string + gitHTTPS: + description: Output only. git_https is the git HTTPS URI for + git operations. + type: string + html: + description: Output only. HTML is the URI for user to view + the repository in a browser. + type: string + type: object type: object type: object required: diff --git a/pkg/clients/generated/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go b/pkg/clients/generated/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go index f46a0d1020..a828c54430 100644 --- a/pkg/clients/generated/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go +++ b/pkg/clients/generated/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go @@ -73,6 +73,23 @@ type SecureSourceManagerRepositorySpec struct { } type RepositoryObservedStateStatus struct { + /* Output only. URIs for the repository. */ + // +optional + Uris *RepositoryUrisStatus `json:"uris,omitempty"` +} + +type RepositoryUrisStatus struct { + /* Output only. API is the URI for API access. */ + // +optional + Api *string `json:"api,omitempty"` + + /* Output only. git_https is the git HTTPS URI for git operations. */ + // +optional + GitHTTPS *string `json:"gitHTTPS,omitempty"` + + /* Output only. HTML is the URI for user to view the repository in a browser. */ + // +optional + Html *string `json:"html,omitempty"` } type SecureSourceManagerRepositoryStatus struct { @@ -94,7 +111,7 @@ type SecureSourceManagerRepositoryStatus struct { // +genclient // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=gcp,shortName=gcpsecuresourcemanagerrepository;gcpsecuresourcemanagerrepositorys +// +kubebuilder:resource:categories=gcp,shortName=gcpsecuresourcemanagerrepository;gcpsecuresourcemanagerrepositories // +kubebuilder:subresource:status // +kubebuilder:metadata:labels="cnrm.cloud.google.com/managed-by-kcc=true";"cnrm.cloud.google.com/system=true" // +kubebuilder:printcolumn:name="Age",JSONPath=".metadata.creationTimestamp",type="date" diff --git a/pkg/clients/generated/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go b/pkg/clients/generated/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go index e3cb67ccd0..60a724db96 100644 --- a/pkg/clients/generated/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/clients/generated/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go @@ -135,6 +135,11 @@ func (in *RepositoryInitialConfig) DeepCopy() *RepositoryInitialConfig { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RepositoryObservedStateStatus) DeepCopyInto(out *RepositoryObservedStateStatus) { *out = *in + if in.Uris != nil { + in, out := &in.Uris, &out.Uris + *out = new(RepositoryUrisStatus) + (*in).DeepCopyInto(*out) + } return } @@ -148,6 +153,37 @@ func (in *RepositoryObservedStateStatus) DeepCopy() *RepositoryObservedStateStat return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RepositoryUrisStatus) DeepCopyInto(out *RepositoryUrisStatus) { + *out = *in + if in.Api != nil { + in, out := &in.Api, &out.Api + *out = new(string) + **out = **in + } + if in.GitHTTPS != nil { + in, out := &in.GitHTTPS, &out.GitHTTPS + *out = new(string) + **out = **in + } + if in.Html != nil { + in, out := &in.Html, &out.Html + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RepositoryUrisStatus. +func (in *RepositoryUrisStatus) DeepCopy() *RepositoryUrisStatus { + if in == nil { + return nil + } + out := new(RepositoryUrisStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecureSourceManagerInstance) DeepCopyInto(out *SecureSourceManagerInstance) { *out = *in @@ -382,7 +418,7 @@ func (in *SecureSourceManagerRepositoryStatus) DeepCopyInto(out *SecureSourceMan if in.ObservedState != nil { in, out := &in.ObservedState, &out.ObservedState *out = new(RepositoryObservedStateStatus) - **out = **in + (*in).DeepCopyInto(*out) } return } From 3623d5153bcb41ac052dbb683535033ebd554298 Mon Sep 17 00:00:00 2001 From: Eric Pang Date: Tue, 5 Nov 2024 16:03:06 +0000 Subject: [PATCH 09/21] Remove comment --- .../v1alpha1/securesourcemanagerrepository_types.go | 1 - 1 file changed, 1 deletion(-) diff --git a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go index e2d507d943..7dea101457 100644 --- a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go +++ b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go @@ -22,7 +22,6 @@ import ( var SecureSourceManagerRepositoryGVK = GroupVersion.WithKind("SecureSourceManagerRepository") -// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. // SecureSourceManagerRepositorySpec defines the desired state of SecureSourceManagerRepository From d06fc50ec15e1805e76f8e28ecb143b61042653a Mon Sep 17 00:00:00 2001 From: Eric Pang Date: Tue, 5 Nov 2024 16:31:29 +0000 Subject: [PATCH 10/21] remove extra resolve instance ref func, add required to location field --- .../v1alpha1/instance_reference.go | 82 ------------------- .../v1alpha1/instance_types.go | 1 + .../securesourcemanagerrepository_types.go | 1 + 3 files changed, 2 insertions(+), 82 deletions(-) diff --git a/apis/securesourcemanager/v1alpha1/instance_reference.go b/apis/securesourcemanager/v1alpha1/instance_reference.go index a35f58bad9..616a5dd8ac 100644 --- a/apis/securesourcemanager/v1alpha1/instance_reference.go +++ b/apis/securesourcemanager/v1alpha1/instance_reference.go @@ -23,7 +23,6 @@ import ( "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/k8s" apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" ) @@ -44,12 +43,6 @@ type SecureSourceManagerInstanceRef struct { Namespace string `json:"namespace,omitempty"` } -type SecureSourceManagerInstanceID struct { - ProjectID string - Location string - InstanceID string -} - func ParseSecureSourceManagerInstanceRef(url string) (*SecureSourceManagerInstanceRef, error) { parent, resourceID, err := parseSecureSourceManagerExternal(url) if err != nil { @@ -190,10 +183,6 @@ func (r *SecureSourceManagerInstanceRef) ResourceID() (string, error) { return resourceID, nil } -func (r *SecureSourceManagerInstanceID) String() string { - return fmt.Sprintf("projects/%s/locations/%s/instances/%s", r.ProjectID, r.Location, r.InstanceID) -} - // +k8s:deepcopy-gen=false type ProjectIDAndLocation struct { ProjectID string @@ -211,74 +200,3 @@ func valueOf[T any](t *T) T { } return *t } - -func ResolveSecureSourceManagerInstanceRef(ctx context.Context, reader client.Reader, obj client.Object, ref *SecureSourceManagerInstanceRef) (*SecureSourceManagerInstanceID, error) { - if ref == nil { - return nil, nil - } - - if ref.Name == "" && ref.External == "" { - return nil, fmt.Errorf("must specify either name or external on instanceRef") - } - if ref.External != "" && ref.Name != "" { - return nil, fmt.Errorf("cannot specify both spec.instanceRef.name and spec.instanceRef.external") - } - - if ref.External != "" { - // External should be in the `projects/[projectID]/locations/[Location]/instances/[instanceName]` format. - tokens := strings.Split(ref.External, "/") - if len(tokens) == 6 && tokens[0] == "projects" && tokens[2] == "locations" && tokens[4] == "instances" { - return &SecureSourceManagerInstanceID{ - ProjectID: tokens[1], - Location: tokens[3], - InstanceID: tokens[5], - }, nil - } - return nil, fmt.Errorf("format of securesourcemanagerinstance external=%q was not known (use projects//locations/[Location]/instances/)", ref.External) - } - - key := types.NamespacedName{ - Namespace: ref.Namespace, - Name: ref.Name, - } - if key.Namespace == "" { - key.Namespace = obj.GetNamespace() - } - - ssminstance := &unstructured.Unstructured{} - ssminstance.SetGroupVersionKind(schema.GroupVersionKind{ - Group: "securesourcemanager.cnrm.cloud.google.com", - Version: "v1alpha1", - Kind: "SecureSourceManagerInstance", - }) - if err := reader.Get(ctx, key, ssminstance); err != nil { - if apierrors.IsNotFound(err) { - return nil, fmt.Errorf("referenced SecureSourceManagerInstance %v not found", key) - } - return nil, fmt.Errorf("error reading referenced SecureSourceManagerInstance %v: %w", key, err) - } - - resourceID, _, err := unstructured.NestedString(ssminstance.Object, "spec", "resourceID") - if err != nil { - return nil, fmt.Errorf("reading spec.resourceID from SecureSourceManagerInstance %s/%s: %w", ssminstance.GetNamespace(), ssminstance.GetName(), err) - } - if resourceID == "" { - resourceID = ssminstance.GetName() - } - - location, _, err := unstructured.NestedString(ssminstance.Object, "spec", "location") - if err != nil { - return nil, fmt.Errorf("reading spec.location from SecureSourceManagerInstance %s/%s: %w", ssminstance.GetNamespace(), ssminstance.GetName(), err) - } - - projectID, err := refsv1beta1.ResolveProjectID(ctx, reader, ssminstance) - if err != nil { - return nil, err - } - - return &SecureSourceManagerInstanceID{ - ProjectID: projectID, - Location: location, - InstanceID: resourceID, - }, nil -} diff --git a/apis/securesourcemanager/v1alpha1/instance_types.go b/apis/securesourcemanager/v1alpha1/instance_types.go index a124630ece..474a81c48a 100644 --- a/apis/securesourcemanager/v1alpha1/instance_types.go +++ b/apis/securesourcemanager/v1alpha1/instance_types.go @@ -30,6 +30,7 @@ type SecureSourceManagerInstanceSpec struct { ProjectRef *refs.ProjectRef `json:"projectRef"` /* Immutable. Location of the instance. */ + // +required Location string `json:"location"` /* Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */ diff --git a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go index 7dea101457..c63446b2a5 100644 --- a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go +++ b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go @@ -32,6 +32,7 @@ type SecureSourceManagerRepositorySpec struct { ProjectRef *refs.ProjectRef `json:"projectRef"` /* Immutable. Location of the instance. */ + // +required Location string `json:"location"` // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ResourceID field is immutable" From cf5eed77e79dfb44ecaa980aa2a16dbe27f61fdb Mon Sep 17 00:00:00 2001 From: Eric Pang Date: Tue, 5 Nov 2024 19:44:16 +0000 Subject: [PATCH 11/21] remove immutable on instance ref --- .../v1alpha1/securesourcemanagerrepository_types.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go index c63446b2a5..25d8b3df01 100644 --- a/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go +++ b/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go @@ -40,7 +40,7 @@ type SecureSourceManagerRepositorySpec struct { // The SecureSourceManagerRepository name. If not given, the metadata.name will be used. ResourceID *string `json:"resourceID,omitempty"` - // Immutable. The name of the instance in which the repository is hosted, formatted as + // The name of the instance in which the repository is hosted, formatted as // `projects/{project_number}/locations/{location_id}/instances/{instance_id}` // +required InstanceRef *SecureSourceManagerInstanceRef `json:"instanceRef,omitempty"` From 0790d82320e01de8044467f993dc2d3c19a8b643 Mon Sep 17 00:00:00 2001 From: Eric Pang Date: Wed, 6 Nov 2024 17:05:26 +0000 Subject: [PATCH 12/21] remove deleted struct reference --- .../v1alpha1/zz_generated.deepcopy.go | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go b/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go index 6174dcae5f..e76807ddc4 100644 --- a/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go +++ b/apis/securesourcemanager/v1alpha1/zz_generated.deepcopy.go @@ -246,21 +246,6 @@ func (in *SecureSourceManagerInstance) DeepCopyObject() runtime.Object { return nil } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SecureSourceManagerInstanceID) DeepCopyInto(out *SecureSourceManagerInstanceID) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecureSourceManagerInstanceID. -func (in *SecureSourceManagerInstanceID) DeepCopy() *SecureSourceManagerInstanceID { - if in == nil { - return nil - } - out := new(SecureSourceManagerInstanceID) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecureSourceManagerInstanceList) DeepCopyInto(out *SecureSourceManagerInstanceList) { *out = *in From c060669a9db43d60d902afb0a88b2e26c3d19d91 Mon Sep 17 00:00:00 2001 From: Eric Pang Date: Wed, 6 Nov 2024 17:08:43 +0000 Subject: [PATCH 13/21] regenerate crd --- ...epositories.securesourcemanager.cnrm.cloud.google.com.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml index debada52e3..87b8200fc3 100644 --- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml +++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com.yaml @@ -204,8 +204,8 @@ spec: type: string type: object instanceRef: - description: Immutable. The name of the instance in which the repository - is hosted, formatted as `projects/{project_number}/locations/{location_id}/instances/{instance_id}` + description: The name of the instance in which the repository is hosted, + formatted as `projects/{project_number}/locations/{location_id}/instances/{instance_id}` oneOf: - not: required: From ab2a211946742de6f99a91d94dd395e253849e1b Mon Sep 17 00:00:00 2001 From: Eric Pang Date: Wed, 6 Nov 2024 18:36:26 +0000 Subject: [PATCH 14/21] run make ready pr --- .../v1alpha1/securesourcemanagerrepository_types.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/clients/generated/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go b/pkg/clients/generated/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go index a828c54430..e0c588873d 100644 --- a/pkg/clients/generated/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go +++ b/pkg/clients/generated/apis/securesourcemanager/v1alpha1/securesourcemanagerrepository_types.go @@ -58,7 +58,7 @@ type SecureSourceManagerRepositorySpec struct { // +optional InitialConfig *RepositoryInitialConfig `json:"initialConfig,omitempty"` - /* Immutable. The name of the instance in which the repository is hosted, formatted as `projects/{project_number}/locations/{location_id}/instances/{instance_id}` */ + /* The name of the instance in which the repository is hosted, formatted as `projects/{project_number}/locations/{location_id}/instances/{instance_id}` */ InstanceRef v1alpha1.ResourceRef `json:"instanceRef"` /* Immutable. Location of the instance. */ From 3e0657f2ca362511c201e2402f601ce6b3642c64 Mon Sep 17 00:00:00 2001 From: Gemma Hou Date: Wed, 6 Nov 2024 22:01:23 +0000 Subject: [PATCH 15/21] Verify priority string can be converted to an integer --- .../computefirewallpolicyrule_reference.go | 19 ++++++++++++------- .../firewallpolicyrule_controller.go | 10 ++++++---- 2 files changed, 18 insertions(+), 11 deletions(-) diff --git a/apis/compute/v1beta1/computefirewallpolicyrule_reference.go b/apis/compute/v1beta1/computefirewallpolicyrule_reference.go index 526f61ce62..e8e22de144 100644 --- a/apis/compute/v1beta1/computefirewallpolicyrule_reference.go +++ b/apis/compute/v1beta1/computefirewallpolicyrule_reference.go @@ -102,7 +102,7 @@ func NewComputeFirewallPolicyRuleRef(ctx context.Context, reader client.Reader, id.parent = &ComputeFirewallPolicyRuleParent{FirewallPolicy: firewallPolicy} // Get priority. Priority is a required field - priority := strconv.Itoa(int(obj.Spec.Priority)) + priority := obj.Spec.Priority // Use approved External externalRef := valueOf(obj.Status.ExternalRef) @@ -120,7 +120,7 @@ func NewComputeFirewallPolicyRuleRef(ctx context.Context, reader client.Reader, return nil, fmt.Errorf("spec.firewallPolicyRef changed, expect %s, got %s", actualParent.FirewallPolicy, firewallPolicy) } if actualPriority != priority { - return nil, fmt.Errorf("cannot reset `spec.priority` to %s, since it has already assigned to %s", + return nil, fmt.Errorf("cannot reset `spec.priority` to %d, since it has already assigned to %d", priority, actualPriority) } id.External = externalRef @@ -150,18 +150,23 @@ func (p *ComputeFirewallPolicyRuleParent) String() string { return "locations/global/firewallPolicies/" + p.FirewallPolicy } -func asComputeFirewallPolicyRuleExternal(parent *ComputeFirewallPolicyRuleParent, priority string) (external string) { - return parent.String() + "/rules/" + priority +func asComputeFirewallPolicyRuleExternal(parent *ComputeFirewallPolicyRuleParent, priority int64) (external string) { + p := strconv.Itoa(int(priority)) + return parent.String() + "/rules/" + p } -func parseComputeFirewallPolicyRuleExternal(external string) (parent *ComputeFirewallPolicyRuleParent, priority string, err error) { +func parseComputeFirewallPolicyRuleExternal(external string) (parent *ComputeFirewallPolicyRuleParent, priority int64, err error) { tokens := strings.Split(external, "/") if len(tokens) != 6 || tokens[0] != "locations" || tokens[2] != "firewallPolicies" || tokens[4] != "rules" { - return nil, "", fmt.Errorf("format of ComputeFirewallPolicyRule external=%q was not known (use firewallPolicies//rules/)", external) + return nil, -1, fmt.Errorf("format of ComputeFirewallPolicyRule external=%q was not known (use firewallPolicies//rules/)", external) } parent = &ComputeFirewallPolicyRuleParent{ FirewallPolicy: tokens[3], } - priority = tokens[5] + p, err := strconv.ParseInt(tokens[5], 10, 32) + if err != nil { + return nil, -1, fmt.Errorf("error convert priority %s of ComputeFirewallPolicyRule external=%q to an integer: %w", tokens[5], external, err) + } + priority = p return parent, priority, nil } diff --git a/pkg/controller/direct/compute/firewallpolicyrule/firewallpolicyrule_controller.go b/pkg/controller/direct/compute/firewallpolicyrule/firewallpolicyrule_controller.go index b70f820063..1cfea7f362 100644 --- a/pkg/controller/direct/compute/firewallpolicyrule/firewallpolicyrule_controller.go +++ b/pkg/controller/direct/compute/firewallpolicyrule/firewallpolicyrule_controller.go @@ -215,8 +215,9 @@ func (a *firewallPolicyRuleAdapter) Update(ctx context.Context, updateOp *direct tokens := strings.Split(a.id.External, "/") priority, err := strconv.ParseInt(tokens[5], 10, 32) + // Should not hit this error because we have verified priority in parseComputeFirewallPolicyRuleExternal` if err != nil { - return fmt.Errorf("get ComputeFirewallPolicyRule priority %s: %w", a.id.External, err) + return fmt.Errorf("error convert priority %s of ComputeFirewallPolicyRule %s to an integer: %w", tokens[5], a.id.External, err) } updateReq := &computepb.PatchRuleFirewallPolicyRequest{ @@ -281,10 +282,10 @@ func (a *firewallPolicyRuleAdapter) Delete(ctx context.Context, deleteOp *direct tokens := strings.Split(a.id.External, "/") priority, err := strconv.ParseInt(tokens[5], 10, 32) + // Should not hit this error because we have verified priority in parseComputeFirewallPolicyRuleExternal` if err != nil { - return false, fmt.Errorf("get ComputeFirewallPolicyRule parent %s: %w", a.id.External, err) + return false, fmt.Errorf("error convert priority %s of ComputeFirewallPolicyRule %s to an integer: %w", tokens[5], a.id.External, err) } - delReq := &computepb.RemoveRuleFirewallPolicyRequest{ FirewallPolicy: parent.FirewallPolicy, Priority: direct.PtrTo(int32(priority)), @@ -317,8 +318,9 @@ func (a *firewallPolicyRuleAdapter) get(ctx context.Context) (*computepb.Firewal tokens := strings.Split(a.id.External, "/") priority, err := strconv.ParseInt(tokens[5], 10, 32) + // Should not hit this error because we have verified priority in parseComputeFirewallPolicyRuleExternal` if err != nil { - return nil, fmt.Errorf("get ComputeFirewallPolicyRule parent %s: %w", a.id.External, err) + return nil, fmt.Errorf("error convert priority %s of ComputeFirewallPolicyRule %s to an integer: %w", tokens[5], a.id.External, err) } getReq := &computepb.GetRuleFirewallPolicyRequest{ From eb5072700d1c7e15702d1c247120c94e292cda23 Mon Sep 17 00:00:00 2001 From: Gemma Hou Date: Wed, 6 Nov 2024 22:21:48 +0000 Subject: [PATCH 16/21] update release note --- docs/releasenotes/release-1.125.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/docs/releasenotes/release-1.125.md b/docs/releasenotes/release-1.125.md index db4be43de3..8d7f8394f0 100644 --- a/docs/releasenotes/release-1.125.md +++ b/docs/releasenotes/release-1.125.md @@ -13,6 +13,15 @@ TODO: list contributors with `git log v1.124.0... | grep Merge | grep from | awk * `RedisCluster` is now a v1beta1 resource. * `BigQueryAnlayticsHubDataExchange` is now a v1beta1 resource. +## Modified Beta Reconciliation + +We migrated the following reconciliation from the TF-based or DCL-based controller to the new Direct controller to enhance the reliability and performance. The resource CRD is unchanged. + +* `ComputeFirewallPolicyRule` + + * You can use the alpha.cnrm.cloud.google.com/reconciler: direct annotation on ComputeFirewallPolicyRule resource to opt-in + the Direct Cloud Reconciler, which fixes the issue when updating `targetResources`. + ## New Resources: * Added support for `PlaceholderKind` (v1beta1) resource. @@ -27,3 +36,7 @@ TODO: list contributors with `git log v1.124.0... | grep Merge | grep from | awk * Allow more customization of resource reconciliation in cluster mode * Added a new `ControllerReconciler` CRD (v1alpha1). See [example](https://github.com/GoogleCloudPlatform/k8s-config-connector/blob/master/operator/config/samples/controller_reconciler_customization_sample.yaml) * This feature allows users to customize the client-side kube-apiserver request rate limit when Config Connector is runnning in cluster mode. + +## Bug Fixes: + +* [Incorrect format of clientTLSPolicy when referenced from ComputeBackendService](https://github.com/GoogleCloudPlatform/k8s-config-connector/pull/3007) From cf188716d22b983c7d1b6fb91b8b9681c99b2839 Mon Sep 17 00:00:00 2001 From: xiaoweim Date: Thu, 7 Nov 2024 19:35:47 +0000 Subject: [PATCH 17/21] Change BigqueryDataset Location to Optional --- apis/bigquery/v1beta1/dataset_reference.go | 19 +++++------- apis/bigquery/v1beta1/dataset_types.go | 13 +++++--- .../bigquery/v1beta1/zz_generated.deepcopy.go | 10 ++++++ ...tasets.bigquery.cnrm.cloud.google.com.yaml | 18 ++++++++--- .../bigquery/v1beta1/bigquerydataset_types.go | 15 +++++++-- .../bigquery/v1beta1/zz_generated.deepcopy.go | 31 +++++++++++++++++++ .../bigquerydataset_mappings.go | 4 ++- .../bigquerydataset/dataset_controller.go | 3 +- ..._export_basicbigquerydataset-direct.golden | 2 +- ...ct_basicbigquerydataset-direct.golden.yaml | 5 +-- .../basicbigquerydataset-direct/_http.log | 15 +++++---- .../basicbigquerydataset-direct/create.yaml | 1 - .../basicbigquerydataset-direct/update.yaml | 1 - ...nerated_export_basicbigquerydataset.golden | 2 +- ...ed_object_basicbigquerydataset.golden.yaml | 1 - .../basicbigquerydataset/_http.log | 12 +++---- .../basicbigquerydataset/create.yaml | 1 - .../basicbigquerydataset/update.yaml | 1 - ...querydatasetaccessblock-direct.golden.yaml | 4 ++- ...ct_fullybigquerydataset-direct.golden.yaml | 4 ++- .../resource-docs/bigquery/bigquerydataset.md | 20 ++++++++++-- 21 files changed, 129 insertions(+), 53 deletions(-) diff --git a/apis/bigquery/v1beta1/dataset_reference.go b/apis/bigquery/v1beta1/dataset_reference.go index 27df856488..78a8a06316 100644 --- a/apis/bigquery/v1beta1/dataset_reference.go +++ b/apis/bigquery/v1beta1/dataset_reference.go @@ -98,8 +98,7 @@ func NewBigQueryDatasetRef(ctx context.Context, reader client.Reader, obj *BigQu if projectID == "" { return nil, fmt.Errorf("cannot resolve project") } - location := obj.Spec.Location - id.parent = &BigQueryDatasetParent{ProjectID: projectID, Location: valueOf(location)} + id.parent = &BigQueryDatasetParent{ProjectID: projectID} // Get desired ID resourceID := valueOf(obj.Spec.ResourceID) @@ -125,15 +124,12 @@ func NewBigQueryDatasetRef(ctx context.Context, reader client.Reader, obj *BigQu if actualParent.ProjectID != projectID { return nil, fmt.Errorf("spec.projectRef changed, expect %s, got %s", actualParent.ProjectID, projectID) } - if actualParent.Location != valueOf(location) { - return nil, fmt.Errorf("spec.location changed, expect %s, got %s", actualParent.Location, valueOf(location)) - } if actualResourceID != resourceID { return nil, fmt.Errorf("cannot reset `metadata.name` or `spec.resourceID` to %s, since it has already assigned to %s", resourceID, actualResourceID) } id.External = externalRef - id.parent = &BigQueryDatasetParent{ProjectID: projectID, Location: valueOf(location)} + id.parent = &BigQueryDatasetParent{ProjectID: projectID} return id, nil } @@ -153,28 +149,27 @@ func (r *BigQueryDatasetRef) Parent() (*BigQueryDatasetParent, error) { type BigQueryDatasetParent struct { ProjectID string - Location string } func (p *BigQueryDatasetParent) String() string { - return "projects/" + p.ProjectID + "/locations/" + p.Location + return "projects/" + p.ProjectID } func asBigQueryDatasetExternal(parent *BigQueryDatasetParent, resourceID string) (external string) { + // Link Reference https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets/get return parent.String() + "/datasets/" + resourceID } func ParseBigQueryDatasetExternal(external string) (parent *BigQueryDatasetParent, resourceID string, err error) { external = strings.TrimPrefix(external, "/") tokens := strings.Split(external, "/") - if len(tokens) != 6 || tokens[0] != "projects" || tokens[2] != "locations" || tokens[4] != "datasets" { - return nil, "", fmt.Errorf("format of BigQueryDataset external=%q was not known (use projects//locations//datasets/)", external) + if len(tokens) != 4 || tokens[0] != "projects" || tokens[2] != "datasets" { + return nil, "", fmt.Errorf("format of BigQueryDataset external=%q was not known (use projects//datasets/)", external) } parent = &BigQueryDatasetParent{ ProjectID: tokens[1], - Location: tokens[3], } - resourceID = tokens[5] + resourceID = tokens[3] return parent, resourceID, nil } diff --git a/apis/bigquery/v1beta1/dataset_types.go b/apis/bigquery/v1beta1/dataset_types.go index 5555bc2cf4..2c7ba3ec2d 100644 --- a/apis/bigquery/v1beta1/dataset_types.go +++ b/apis/bigquery/v1beta1/dataset_types.go @@ -91,11 +91,10 @@ type BigQueryDatasetSpec struct { // references. IsCaseInsensitive *bool `json:"isCaseInsensitive,omitempty"` - // The geographic location where the dataset should reside. See + // Optional. The geographic location where the dataset should reside. See // https://cloud.google.com/bigquery/docs/locations for supported // locations. - // +required - Location *string `json:"location"` + Location *string `json:"location,omitempty"` // Optional. Defines the time travel window in hours. The value can be from 48 // to 168 hours (2 to 7 days). The default value is 168 hours if this is not @@ -136,11 +135,17 @@ type BigQueryDatasetStatus struct { // Output only. A URL that can be used to access the resource again. You can // use this URL in Get or Update requests to the resource. SelfLink *string `json:"selfLink,omitempty"` + + // ObservedState is the state of the resource as most recently observed in GCP. + ObservedState *BigQueryDatasetObservedState `json:"observedState,omitempty"` } -// BigQueryDatasetSpec defines the desired state of BigQueryDataset +// BigQueryDatasetObservedState defines the desired state of BigQueryDataset // +kcc:proto=google.cloud.bigquery.v2.dataset type BigQueryDatasetObservedState struct { + + // Optional. If the location is not specified in the spec, the GCP server defaults to a location and will be captured here. + Location *string `json:"location,omitempty"` } // +genclient diff --git a/apis/bigquery/v1beta1/zz_generated.deepcopy.go b/apis/bigquery/v1beta1/zz_generated.deepcopy.go index bf12f8e403..81e55103cb 100644 --- a/apis/bigquery/v1beta1/zz_generated.deepcopy.go +++ b/apis/bigquery/v1beta1/zz_generated.deepcopy.go @@ -146,6 +146,11 @@ func (in *BigQueryDatasetList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BigQueryDatasetObservedState) DeepCopyInto(out *BigQueryDatasetObservedState) { *out = *in + if in.Location != nil { + in, out := &in.Location, &out.Location + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BigQueryDatasetObservedState. @@ -313,6 +318,11 @@ func (in *BigQueryDatasetStatus) DeepCopyInto(out *BigQueryDatasetStatus) { *out = new(string) **out = **in } + if in.ObservedState != nil { + in, out := &in.ObservedState, &out.ObservedState + *out = new(BigQueryDatasetObservedState) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BigQueryDatasetStatus. diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_bigquerydatasets.bigquery.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_bigquerydatasets.bigquery.cnrm.cloud.google.com.yaml index ba6d1e1e76..da0b043bbc 100644 --- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_bigquerydatasets.bigquery.cnrm.cloud.google.com.yaml +++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_bigquerydatasets.bigquery.cnrm.cloud.google.com.yaml @@ -294,9 +294,9 @@ spec: does not affect routine references. type: boolean location: - description: The geographic location where the dataset should reside. - See https://cloud.google.com/bigquery/docs/locations for supported - locations. + description: Optional. The geographic location where the dataset should + reside. See https://cloud.google.com/bigquery/docs/locations for + supported locations. type: string maxTimeTravelHours: description: Optional. Defines the time travel window in hours. The @@ -342,8 +342,6 @@ spec: storageBillingModel: description: Optional. Updates storage_billing_model for the dataset. type: string - required: - - location type: object status: description: BigQueryDatasetStatus defines the config connector machine @@ -400,6 +398,16 @@ spec: the resource. format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + location: + description: Optional. If the location is not specified in the + spec, the GCP server defaults to a location and will be captured + here. + type: string + type: object selfLink: description: Output only. A URL that can be used to access the resource again. You can use this URL in Get or Update requests to the resource. diff --git a/pkg/clients/generated/apis/bigquery/v1beta1/bigquerydataset_types.go b/pkg/clients/generated/apis/bigquery/v1beta1/bigquerydataset_types.go index 24c87195db..6daf84acb5 100644 --- a/pkg/clients/generated/apis/bigquery/v1beta1/bigquerydataset_types.go +++ b/pkg/clients/generated/apis/bigquery/v1beta1/bigquerydataset_types.go @@ -178,8 +178,9 @@ type BigQueryDatasetSpec struct { // +optional IsCaseInsensitive *bool `json:"isCaseInsensitive,omitempty"` - /* The geographic location where the dataset should reside. See https://cloud.google.com/bigquery/docs/locations for supported locations. */ - Location string `json:"location"` + /* Optional. The geographic location where the dataset should reside. See https://cloud.google.com/bigquery/docs/locations for supported locations. */ + // +optional + Location *string `json:"location,omitempty"` /* Optional. Defines the time travel window in hours. The value can be from 48 to 168 hours (2 to 7 days). The default value is 168 hours if this is not set. */ // +optional @@ -198,6 +199,12 @@ type BigQueryDatasetSpec struct { StorageBillingModel *string `json:"storageBillingModel,omitempty"` } +type DatasetObservedStateStatus struct { + /* Optional. If the location is not specified in the spec, the GCP server defaults to a location and will be captured here. */ + // +optional + Location *string `json:"location,omitempty"` +} + type BigQueryDatasetStatus struct { /* Conditions represent the latest available observations of the BigQueryDataset's current state. */ @@ -222,6 +229,10 @@ type BigQueryDatasetStatus struct { // +optional ObservedGeneration *int64 `json:"observedGeneration,omitempty"` + /* ObservedState is the state of the resource as most recently observed in GCP. */ + // +optional + ObservedState *DatasetObservedStateStatus `json:"observedState,omitempty"` + /* Output only. A URL that can be used to access the resource again. You can use this URL in Get or Update requests to the resource. */ // +optional SelfLink *string `json:"selfLink,omitempty"` diff --git a/pkg/clients/generated/apis/bigquery/v1beta1/zz_generated.deepcopy.go b/pkg/clients/generated/apis/bigquery/v1beta1/zz_generated.deepcopy.go index c23d48c6fd..b415a9c758 100644 --- a/pkg/clients/generated/apis/bigquery/v1beta1/zz_generated.deepcopy.go +++ b/pkg/clients/generated/apis/bigquery/v1beta1/zz_generated.deepcopy.go @@ -135,6 +135,11 @@ func (in *BigQueryDatasetSpec) DeepCopyInto(out *BigQueryDatasetSpec) { *out = new(bool) **out = **in } + if in.Location != nil { + in, out := &in.Location, &out.Location + *out = new(string) + **out = **in + } if in.MaxTimeTravelHours != nil { in, out := &in.MaxTimeTravelHours, &out.MaxTimeTravelHours *out = new(string) @@ -201,6 +206,11 @@ func (in *BigQueryDatasetStatus) DeepCopyInto(out *BigQueryDatasetStatus) { *out = new(int64) **out = **in } + if in.ObservedState != nil { + in, out := &in.ObservedState, &out.ObservedState + *out = new(DatasetObservedStateStatus) + (*in).DeepCopyInto(*out) + } if in.SelfLink != nil { in, out := &in.SelfLink, &out.SelfLink *out = new(string) @@ -858,6 +868,27 @@ func (in *DatasetDefaultEncryptionConfiguration) DeepCopy() *DatasetDefaultEncry return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DatasetObservedStateStatus) DeepCopyInto(out *DatasetObservedStateStatus) { + *out = *in + if in.Location != nil { + in, out := &in.Location, &out.Location + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatasetObservedStateStatus. +func (in *DatasetObservedStateStatus) DeepCopy() *DatasetObservedStateStatus { + if in == nil { + return nil + } + out := new(DatasetObservedStateStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DatasetRoutine) DeepCopyInto(out *DatasetRoutine) { *out = *in diff --git a/pkg/controller/direct/bigquerydataset/bigquerydataset_mappings.go b/pkg/controller/direct/bigquerydataset/bigquerydataset_mappings.go index 05f6649eda..14f5462b9c 100644 --- a/pkg/controller/direct/bigquerydataset/bigquerydataset_mappings.go +++ b/pkg/controller/direct/bigquerydataset/bigquerydataset_mappings.go @@ -88,9 +88,10 @@ func BigQueryDatasetStatus_FromAPI(mapCtx *direct.MapContext, in *api.Dataset) * out.CreationTime = direct.LazyPtr(in.CreationTime) out.LastModifiedTime = direct.LazyPtr(in.LastModifiedTime) out.SelfLink = direct.LazyPtr(in.SelfLink) + out.ObservedState = &krm.BigQueryDatasetObservedState{Location: direct.LazyPtr(in.Location)} return out } -func BigQueryDatasetStatusObservedState_ToAPI(mapCtx *direct.MapContext, in *krm.BigQueryDatasetStatus) *api.Dataset { +func BigQueryDatasetStatus_ToAPI(mapCtx *direct.MapContext, in *krm.BigQueryDatasetStatus) *api.Dataset { if in == nil { return nil } @@ -99,6 +100,7 @@ func BigQueryDatasetStatusObservedState_ToAPI(mapCtx *direct.MapContext, in *krm out.CreationTime = direct.ValueOf(in.CreationTime) out.LastModifiedTime = direct.ValueOf(in.LastModifiedTime) out.SelfLink = direct.ValueOf(in.SelfLink) + out.Location = direct.ValueOf(in.ObservedState.Location) return out } func Access_ToAPI(mapCtx *direct.MapContext, in *krm.Access) *api.DatasetAccess { diff --git a/pkg/controller/direct/bigquerydataset/dataset_controller.go b/pkg/controller/direct/bigquerydataset/dataset_controller.go index 9b3c36786f..b2f837d148 100644 --- a/pkg/controller/direct/bigquerydataset/dataset_controller.go +++ b/pkg/controller/direct/bigquerydataset/dataset_controller.go @@ -185,7 +185,7 @@ func (a *Adapter) Update(ctx context.Context, updateOp *directbase.UpdateOperati resource := clone.Clone(a.actual).(*api.Dataset) // Check for immutable fields - if !reflect.DeepEqual(desired.Location, resource.Location) { + if desired.Location != "" && !reflect.DeepEqual(desired.Location, resource.Location) { return fmt.Errorf("BigQueryDataset %s/%s location cannot be changed, actual: %s, desired: %s", u.GetNamespace(), u.GetName(), resource.Location, desired.Location) } @@ -286,7 +286,6 @@ func (a *Adapter) Export(ctx context.Context) (*unstructured.Unstructured, error } obj.Spec.ProjectRef = &refs.ProjectRef{Name: parent.ProjectID} - obj.Spec.Location = &parent.Location uObj, err := runtime.DefaultUnstructuredConverter.ToUnstructured(obj) if err != nil { return nil, err diff --git a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/_generated_export_basicbigquerydataset-direct.golden b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/_generated_export_basicbigquerydataset-direct.golden index 6c64b9259f..95391263e2 100644 --- a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/_generated_export_basicbigquerydataset-direct.golden +++ b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/_generated_export_basicbigquerydataset-direct.golden @@ -18,7 +18,7 @@ spec: - role: WRITER specialGroup: projectWriters friendlyName: bigquerydataset-sample-updated - location: us-central1 + location: US maxTimeTravelHours: "168" projectRef: external: ${projectId} diff --git a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/_generated_object_basicbigquerydataset-direct.golden.yaml b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/_generated_object_basicbigquerydataset-direct.golden.yaml index 34f4f241a1..040a7f0e1f 100644 --- a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/_generated_object_basicbigquerydataset-direct.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/_generated_object_basicbigquerydataset-direct.golden.yaml @@ -14,7 +14,6 @@ metadata: namespace: ${uniqueId} spec: friendlyName: bigquerydataset-sample-updated - location: us-central1 projectRef: external: ${projectId} status: @@ -26,7 +25,9 @@ status: type: Ready creationTime: "1970-01-01T00:00:00Z" etag: abcdef123456 - externalRef: projects/${projectId}/locations/us-central1/datasets/bigquerydatasetsample${uniqueId} + externalRef: projects/${projectId}/datasets/bigquerydatasetsample${uniqueId} lastModifiedTime: "1970-01-01T00:00:00Z" observedGeneration: 2 + observedState: + location: US selfLink: https://bigquery.googleapis.com/bigquery/v2/projects/${projectId}/datasets/bigquerydatasetsample${uniqueId} diff --git a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/_http.log b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/_http.log index 6b3fc1f9c8..e4fc10fab1 100644 --- a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/_http.log @@ -41,8 +41,7 @@ User-Agent: kcc/controller-manager "labels": { "cnrm-test": "true", "managed-by-cnrm": "true" - }, - "location": "us-central1" + } } 200 OK @@ -89,7 +88,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "lastModifiedTime": "123456789", - "location": "us-central1", + "location": "US", "selfLink": "https://bigquery.googleapis.com/bigquery/v2/projects/${projectId}/datasets/bigquerydatasetsample${uniqueId}", "type": "DEFAULT" } @@ -143,7 +142,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "lastModifiedTime": "123456789", - "location": "us-central1", + "location": "US", "maxTimeTravelHours": "168", "selfLink": "https://bigquery.googleapis.com/bigquery/v2/projects/${projectId}/datasets/bigquerydatasetsample${uniqueId}", "type": "DEFAULT" @@ -188,7 +187,7 @@ User-Agent: kcc/controller-manager "managed-by-cnrm": "true" }, "lastModifiedTime": "123456789", - "location": "us-central1", + "location": "US", "selfLink": "https://bigquery.googleapis.com/bigquery/v2/projects/${projectId}/datasets/bigquerydatasetsample${uniqueId}", "type": "DEFAULT" } @@ -237,7 +236,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "lastModifiedTime": "123456789", - "location": "us-central1", + "location": "US", "selfLink": "https://bigquery.googleapis.com/bigquery/v2/projects/${projectId}/datasets/bigquerydatasetsample${uniqueId}", "type": "DEFAULT" } @@ -292,7 +291,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "lastModifiedTime": "123456789", - "location": "us-central1", + "location": "US", "maxTimeTravelHours": "168", "selfLink": "https://bigquery.googleapis.com/bigquery/v2/projects/${projectId}/datasets/bigquerydatasetsample${uniqueId}", "type": "DEFAULT" @@ -347,7 +346,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "lastModifiedTime": "123456789", - "location": "us-central1", + "location": "US", "maxTimeTravelHours": "168", "selfLink": "https://bigquery.googleapis.com/bigquery/v2/projects/${projectId}/datasets/bigquerydatasetsample${uniqueId}", "type": "DEFAULT" diff --git a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/create.yaml b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/create.yaml index 8598aa3435..2b41e01f47 100644 --- a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/create.yaml +++ b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/create.yaml @@ -20,4 +20,3 @@ metadata: alpha.cnrm.cloud.google.com/reconciler: "direct" spec: friendlyName: bigquerydataset-sample - location: us-central1 diff --git a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/update.yaml b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/update.yaml index c1e87a2805..5d0fdb0cd3 100644 --- a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/update.yaml +++ b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset-direct/update.yaml @@ -20,4 +20,3 @@ metadata: alpha.cnrm.cloud.google.com/reconciler: "direct" spec: friendlyName: bigquerydataset-sample-updated - location: us-central1 diff --git a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/_generated_export_basicbigquerydataset.golden b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/_generated_export_basicbigquerydataset.golden index 6c64b9259f..95391263e2 100644 --- a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/_generated_export_basicbigquerydataset.golden +++ b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/_generated_export_basicbigquerydataset.golden @@ -18,7 +18,7 @@ spec: - role: WRITER specialGroup: projectWriters friendlyName: bigquerydataset-sample-updated - location: us-central1 + location: US maxTimeTravelHours: "168" projectRef: external: ${projectId} diff --git a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/_generated_object_basicbigquerydataset.golden.yaml b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/_generated_object_basicbigquerydataset.golden.yaml index e1b26c8300..9ca8d07847 100644 --- a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/_generated_object_basicbigquerydataset.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/_generated_object_basicbigquerydataset.golden.yaml @@ -14,7 +14,6 @@ metadata: namespace: ${uniqueId} spec: friendlyName: bigquerydataset-sample-updated - location: us-central1 projectRef: external: ${projectId} resourceID: bigquerydatasetsample${uniqueId} diff --git a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/_http.log b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/_http.log index 7db6b66ec7..4f53cdab6e 100644 --- a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/_http.log @@ -43,7 +43,7 @@ User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 t "cnrm-test": "true", "managed-by-cnrm": "true" }, - "location": "us-central1" + "location": "US" } 200 OK @@ -90,7 +90,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "lastModifiedTime": "123456789", - "location": "us-central1", + "location": "US", "selfLink": "https://bigquery.googleapis.com/bigquery/v2/projects/${projectId}/datasets/bigquerydatasetsample${uniqueId}", "type": "DEFAULT" } @@ -145,7 +145,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "lastModifiedTime": "123456789", - "location": "us-central1", + "location": "US", "maxTimeTravelHours": "168", "selfLink": "https://bigquery.googleapis.com/bigquery/v2/projects/${projectId}/datasets/bigquerydatasetsample${uniqueId}", "type": "DEFAULT" @@ -184,7 +184,7 @@ User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 t "cnrm-test": "true", "managed-by-cnrm": "true" }, - "location": "us-central1", + "location": "US", "maxTimeTravelHours": "168" } @@ -232,7 +232,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "lastModifiedTime": "123456789", - "location": "us-central1", + "location": "US", "maxTimeTravelHours": "168", "selfLink": "https://bigquery.googleapis.com/bigquery/v2/projects/${projectId}/datasets/bigquerydatasetsample${uniqueId}", "type": "DEFAULT" @@ -288,7 +288,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "lastModifiedTime": "123456789", - "location": "us-central1", + "location": "US", "maxTimeTravelHours": "168", "selfLink": "https://bigquery.googleapis.com/bigquery/v2/projects/${projectId}/datasets/bigquerydatasetsample${uniqueId}", "type": "DEFAULT" diff --git a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/create.yaml b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/create.yaml index ad18e71f5a..94f172a61a 100644 --- a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/create.yaml +++ b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/create.yaml @@ -18,4 +18,3 @@ metadata: name: bigquerydatasetsample${uniqueId} spec: friendlyName: bigquerydataset-sample - location: us-central1 diff --git a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/update.yaml b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/update.yaml index 461dc1354f..5038f6c984 100644 --- a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/update.yaml +++ b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/basicbigquerydataset/update.yaml @@ -18,4 +18,3 @@ metadata: name: bigquerydatasetsample${uniqueId} spec: friendlyName: bigquerydataset-sample-updated - location: us-central1 diff --git a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/bigquerydatasetaccessblock-direct/_generated_object_bigquerydatasetaccessblock-direct.golden.yaml b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/bigquerydatasetaccessblock-direct/_generated_object_bigquerydatasetaccessblock-direct.golden.yaml index 91d9811539..4fc739b17a 100644 --- a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/bigquerydatasetaccessblock-direct/_generated_object_bigquerydatasetaccessblock-direct.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/bigquerydatasetaccessblock-direct/_generated_object_bigquerydatasetaccessblock-direct.golden.yaml @@ -35,7 +35,9 @@ status: type: Ready creationTime: "1970-01-01T00:00:00Z" etag: abcdef123456 - externalRef: projects/${projectId}/locations/US/datasets/bigquerydataset${uniqueId} + externalRef: projects/${projectId}/datasets/bigquerydataset${uniqueId} lastModifiedTime: "1970-01-01T00:00:00Z" observedGeneration: 2 + observedState: + location: US selfLink: https://bigquery.googleapis.com/bigquery/v2/projects/${projectId}/datasets/bigquerydataset${uniqueId} diff --git a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/fullybigquerydataset-direct/_generated_object_fullybigquerydataset-direct.golden.yaml b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/fullybigquerydataset-direct/_generated_object_fullybigquerydataset-direct.golden.yaml index e717654a27..a6379a2e96 100644 --- a/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/fullybigquerydataset-direct/_generated_object_fullybigquerydataset-direct.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/bigquery/v1beta1/bigquerydataset/fullybigquerydataset-direct/_generated_object_fullybigquerydataset-direct.golden.yaml @@ -43,7 +43,9 @@ status: type: Ready creationTime: "1970-01-01T00:00:00Z" etag: abcdef123456 - externalRef: projects/${projectId}/locations/US/datasets/bigquerydataset${uniqueId} + externalRef: projects/${projectId}/datasets/bigquerydataset${uniqueId} lastModifiedTime: "1970-01-01T00:00:00Z" observedGeneration: 2 + observedState: + location: US selfLink: https://bigquery.googleapis.com/bigquery/v2/projects/${projectId}/datasets/bigquerydataset${uniqueId} diff --git a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/bigquery/bigquerydataset.md b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/bigquery/bigquerydataset.md index 793457b24d..f82bcfceb6 100644 --- a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/bigquery/bigquerydataset.md +++ b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/bigquery/bigquerydataset.md @@ -511,11 +511,11 @@ storageBillingModel: string

location

-

Required*

+

Optional

string

-

{% verbatim %}The geographic location where the dataset should reside. See https://cloud.google.com/bigquery/docs/locations for supported locations.{% endverbatim %}

+

{% verbatim %}Optional. The geographic location where the dataset should reside. See https://cloud.google.com/bigquery/docs/locations for supported locations.{% endverbatim %}

@@ -619,6 +619,8 @@ etag: string externalRef: string lastModifiedTime: integer observedGeneration: integer +observedState: + location: string selfLink: string ``` @@ -713,6 +715,20 @@ selfLink: string

{% verbatim %}ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource.{% endverbatim %}

+ + observedState + +

object

+

{% verbatim %}ObservedState is the state of the resource as most recently observed in GCP.{% endverbatim %}

+ + + + observedState.location + +

string

+

{% verbatim %}Optional. If the location is not specified in the spec, the GCP server defaults to a location and will be captured here.{% endverbatim %}

+ + selfLink From 4232c34e4d6292118e706e7040296aa54cdd4c80 Mon Sep 17 00:00:00 2001 From: Walter Fender Date: Tue, 27 Aug 2024 21:55:17 +0000 Subject: [PATCH 18/21] Configure pprof on controller-manager. Generated file. Adding cluster mode changes. Updated version for cluster mode. Skipping version check on dev mode controllers. Make pprof support case insensitive. Factored in Justin's feedback. Fixed the pprof field names. --- ...loud.google.com_controllerreconcilers.yaml | 14 +++ ...e.com_namespacedcontrollerreconcilers.yaml | 14 +++ .../v1alpha1/controllerreconciler_types.go | 20 ++++ .../configconnector_controller.go | 4 + .../configconnectorcontext_controller.go | 4 + operator/pkg/controllers/utils.go | 93 ++++++++++++++++++- operator/pkg/preflight/upgrade.go | 7 +- 7 files changed, 154 insertions(+), 2 deletions(-) diff --git a/operator/config/crd/bases/customize.core.cnrm.cloud.google.com_controllerreconcilers.yaml b/operator/config/crd/bases/customize.core.cnrm.cloud.google.com_controllerreconcilers.yaml index 3ae98df8c8..c3a9cb6f06 100644 --- a/operator/config/crd/bases/customize.core.cnrm.cloud.google.com_controllerreconcilers.yaml +++ b/operator/config/crd/bases/customize.core.cnrm.cloud.google.com_controllerreconcilers.yaml @@ -41,6 +41,20 @@ spec: spec: description: ControllerReconcilerSpec is the specification of ControllerReconciler. properties: + pprof: + description: Configures the debug endpoint on the service. + properties: + port: + description: The port that the pprof server binds to if enabled + type: integer + support: + description: Control if pprof should be turned on and which types + should be enabled. + enum: + - none + - all + type: string + type: object rateLimit: description: |- RateLimit configures the token bucket rate limit to the kubernetes client used diff --git a/operator/config/crd/bases/customize.core.cnrm.cloud.google.com_namespacedcontrollerreconcilers.yaml b/operator/config/crd/bases/customize.core.cnrm.cloud.google.com_namespacedcontrollerreconcilers.yaml index 642ce94a22..d55503cd60 100644 --- a/operator/config/crd/bases/customize.core.cnrm.cloud.google.com_namespacedcontrollerreconcilers.yaml +++ b/operator/config/crd/bases/customize.core.cnrm.cloud.google.com_namespacedcontrollerreconcilers.yaml @@ -41,6 +41,20 @@ spec: spec: description: NamespacedControllerReconciler is the specification of NamespacedControllerReconciler. properties: + pprof: + description: Configures the debug endpoint on the service. + properties: + port: + description: The port that the pprof server binds to if enabled + type: integer + support: + description: Control if pprof should be turned on and which types + should be enabled. + enum: + - none + - all + type: string + type: object rateLimit: description: |- RateLimit configures the token bucket rate limit to the kubernetes client used diff --git a/operator/pkg/apis/core/customize/v1alpha1/controllerreconciler_types.go b/operator/pkg/apis/core/customize/v1alpha1/controllerreconciler_types.go index 6e4fb9e078..ac1f171dab 100644 --- a/operator/pkg/apis/core/customize/v1alpha1/controllerreconciler_types.go +++ b/operator/pkg/apis/core/customize/v1alpha1/controllerreconciler_types.go @@ -41,6 +41,9 @@ type NamespacedControllerReconcilerSpec struct { // If not specified, the default will be Token Bucket with qps 20, burst 30. // +optional RateLimit *RateLimit `json:"rateLimit,omitempty"` + // Configures the debug endpoint on the service. + // +optional + Pprof *PprofConfig `json:"pprof,omitempty"` } type RateLimit struct { @@ -52,6 +55,16 @@ type RateLimit struct { Burst int `json:"burst,omitempty"` } +type PprofConfig struct { + // Control if pprof should be turned on and which types should be enabled. + // +kubebuilder:validation:Enum=none;all + // +optional + Support string `json:"support,omitempty"` + // The port that the pprof server binds to if enabled + // +optional + Port int `json:"port,omitempty"` +} + // NamespacedControllerReconcilerStatus defines the observed state of NamespacedControllerReconciler. type NamespacedControllerReconcilerStatus struct { addonv1alpha1.CommonStatus `json:",inline"` @@ -92,6 +105,9 @@ type ControllerReconcilerSpec struct { // If not specified, the default will be Token Bucket with qps 20, burst 30. // +optional RateLimit *RateLimit `json:"rateLimit,omitempty"` + // Configures the debug endpoint on the service. + // +optional + Pprof *PprofConfig `json:"pprof,omitempty"` } // ControllerReconcilerStatus defines the observed state of ControllerReconciler. @@ -116,6 +132,10 @@ var ValidRateLimitControllers = []string{ "cnrm-controller-manager", } +var SupportedPprofControllers = []string{ + "cnrm-controller-manager", +} + func init() { SchemeBuilder.Register( &NamespacedControllerReconciler{}, diff --git a/operator/pkg/controllers/configconnector/configconnector_controller.go b/operator/pkg/controllers/configconnector/configconnector_controller.go index a3c27cf2e1..bd4b4cfe99 100644 --- a/operator/pkg/controllers/configconnector/configconnector_controller.go +++ b/operator/pkg/controllers/configconnector/configconnector_controller.go @@ -861,6 +861,10 @@ func (r *Reconciler) applyControllerReconcilerCR(ctx context.Context, cr *custom r.log.Error(err, errMsg) return r.handleApplyControllerReconcilerFailed(ctx, cr, errMsg) } + if err := controllers.ApplyContainerPprof(m, cr.Name, cr.Spec.Pprof); err != nil { + msg := fmt.Sprintf("failed to apply pprof customization %s: %v", cr.Name, err) + return r.handleApplyControllerReconcilerFailed(ctx, cr, msg) + } return r.handleApplyControllerReconcilerSucceeded(ctx, cr) } diff --git a/operator/pkg/controllers/configconnectorcontext/configconnectorcontext_controller.go b/operator/pkg/controllers/configconnectorcontext/configconnectorcontext_controller.go index 644bb3cc5a..e1a9053372 100644 --- a/operator/pkg/controllers/configconnectorcontext/configconnectorcontext_controller.go +++ b/operator/pkg/controllers/configconnectorcontext/configconnectorcontext_controller.go @@ -551,6 +551,10 @@ func (r *Reconciler) applyNamespacedControllerReconciler(ctx context.Context, cr msg := fmt.Sprintf("failed to apply rate limit customization %s: %v", cr.Name, err) return r.handleApplyNamespacedControllerReconcilerFailed(ctx, cr.Namespace, cr.Name, msg) } + if err := controllers.ApplyContainerPprof(m, cr.Name, cr.Spec.Pprof); err != nil { + msg := fmt.Sprintf("failed to apply pprof customization %s: %v", cr.Name, err) + return r.handleApplyNamespacedControllerReconcilerFailed(ctx, cr.Namespace, cr.Name, msg) + } return r.handleApplyNamespacedControllerReconcilerSucceeded(ctx, cr.Namespace, cr.Name) } diff --git a/operator/pkg/controllers/utils.go b/operator/pkg/controllers/utils.go index 5595b02d3d..3eb54f362d 100644 --- a/operator/pkg/controllers/utils.go +++ b/operator/pkg/controllers/utils.go @@ -530,6 +530,7 @@ func ApplyContainerRateLimit(m *manifest.Objects, targetControllerName string, r targetControllerName, strings.Join(customizev1alpha1.ValidRateLimitControllers, ", ")) } + count := 0 for _, item := range m.Items { if item.GroupVersionKind() != targetControllerGVK { continue @@ -540,7 +541,10 @@ func ApplyContainerRateLimit(m *manifest.Objects, targetControllerName string, r if err := item.MutateContainers(customizeRateLimitFn(targetContainerName, ratelimit)); err != nil { return err } - break // we already found the matching controller, no need to keep looking. + count++ + } + if count != 1 { + return fmt.Errorf("rate limit customization for %s modified %d instances.", targetControllerName, count) } return nil } @@ -586,3 +590,90 @@ func applyRateLimitToContainerArg(container map[string]interface{}, rateLimit *c } return nil } + +func ApplyContainerPprof(m *manifest.Objects, targetControllerName string, pprofConfig *customizev1alpha1.PprofConfig) error { + if pprofConfig == nil { + return nil + } + + var ( + targetContainerName string + targetControllerGVK schema.GroupVersionKind + ) + switch targetControllerName { + case "cnrm-controller-manager": + targetContainerName = "manager" + targetControllerGVK = schema.GroupVersionKind{ + Group: appsv1.SchemeGroupVersion.Group, + Version: appsv1.SchemeGroupVersion.Version, + Kind: "StatefulSet", + } + default: + return fmt.Errorf("pprof config customization for %s is not supported. "+ + "Supported controllers: %s", + targetControllerName, strings.Join(customizev1alpha1.SupportedPprofControllers, ", ")) + } + + count := 0 + for _, item := range m.Items { + if item.GroupVersionKind() != targetControllerGVK { + continue + } + if !strings.HasPrefix(item.GetName(), targetControllerName) { + continue + } + if err := item.MutateContainers(customizePprofConfigFn(targetContainerName, pprofConfig)); err != nil { + return err + } + count++ + } + if count != 1 { + return fmt.Errorf("pprof config customization for %s modified %d instances.", targetControllerName, count) + } + return nil +} + +func customizePprofConfigFn(target string, pprofConfig *customizev1alpha1.PprofConfig) func(container map[string]interface{}) error { + return func(container map[string]interface{}) error { + name, _, err := unstructured.NestedString(container, "name") + if err != nil { + return fmt.Errorf("error reading container name: %w", err) + } + if name != target { + return nil + } + return applyPprofConfigToContainerArg(container, pprofConfig) + } +} + +func applyPprofConfigToContainerArg(container map[string]interface{}, pprofConfig *customizev1alpha1.PprofConfig) error { + if pprofConfig == nil { + return nil + } + origArgs, found, err := unstructured.NestedStringSlice(container, "args") + if err != nil { + return fmt.Errorf("error getting args in container: %w", err) + } + wantArgs := []string{} + if strings.ToUpper(pprofConfig.Support) == "ALL" { + wantArgs = append(wantArgs, "--enable-pprof=true") + } else { + wantArgs = append(wantArgs, "--enable-pprof=false") + } + if pprofConfig.Port > 0 { + wantArgs = append(wantArgs, fmt.Sprintf("--pprof-port=%d", pprofConfig.Port)) + } + if found { + for _, arg := range origArgs { + if strings.Contains(arg, "--enable-pprof") || strings.Contains(arg, "--pprof-port") { + // drop the old value on the floor + continue + } + wantArgs = append(wantArgs, arg) + } + } + if err := unstructured.SetNestedStringSlice(container, wantArgs, "args"); err != nil { + return fmt.Errorf("error setting args in container: %w", err) + } + return nil +} diff --git a/operator/pkg/preflight/upgrade.go b/operator/pkg/preflight/upgrade.go index 1e71ef8ecf..752fdf2bb7 100644 --- a/operator/pkg/preflight/upgrade.go +++ b/operator/pkg/preflight/upgrade.go @@ -31,7 +31,8 @@ import ( ) var ( - ulog = ctrl.Log.WithName("UpgradeChecker") + ulog = ctrl.Log.WithName("UpgradeChecker") + devVersion = semver.MustParse("0.0.0-dev") ) // NewUpgradeChecker provides an implementation of declarative.Preflight that @@ -95,6 +96,10 @@ func (u *UpgradeChecker) Preflight(ctx context.Context, o declarative.Declarativ } func compareMajorOnly(v, w semver.Version) int { + if v.Equals(devVersion) { + // If we are using a dev controller ignore semver drift. + return 0 + } if v.Major != w.Major { if v.Major > w.Major { return 1 From 8b47e84a937d91319e1307d02af681e6a1efa8cc Mon Sep 17 00:00:00 2001 From: Jason Vigil Date: Mon, 11 Nov 2024 20:42:08 +0000 Subject: [PATCH 19/21] fix: Remove service prefix from WorkstationCluster --- .../workstations/workstationcluster_controller.go | 3 +-- .../workstationcluster_externalresource.go | 13 ++++--------- ...rated_object_workstationcluster-full.golden.yaml | 2 +- ...ed_object_workstationcluster-minimal.golden.yaml | 2 +- 4 files changed, 7 insertions(+), 13 deletions(-) diff --git a/pkg/controller/direct/workstations/workstationcluster_controller.go b/pkg/controller/direct/workstations/workstationcluster_controller.go index 35b1018323..04ede212c4 100644 --- a/pkg/controller/direct/workstations/workstationcluster_controller.go +++ b/pkg/controller/direct/workstations/workstationcluster_controller.go @@ -40,8 +40,7 @@ import ( ) const ( - ctrlName = "workstations-controller" - serviceDomain = "//workstations.googleapis.com" + ctrlName = "workstations-controller" ) func init() { diff --git a/pkg/controller/direct/workstations/workstationcluster_externalresource.go b/pkg/controller/direct/workstations/workstationcluster_externalresource.go index 0fcb8b369b..7cac662fca 100644 --- a/pkg/controller/direct/workstations/workstationcluster_externalresource.go +++ b/pkg/controller/direct/workstations/workstationcluster_externalresource.go @@ -42,21 +42,16 @@ func (c *WorkstationClusterIdentity) FullyQualifiedName() string { // AsExternalRef builds a externalRef from a WorkstationCluster func (c *WorkstationClusterIdentity) AsExternalRef() *string { - e := serviceDomain + "/" + c.FullyQualifiedName() + e := c.FullyQualifiedName() return &e } // asID builds a WorkstationClusterIdentity from a `status.externalRef` func asID(externalRef string) (*WorkstationClusterIdentity, error) { - if !strings.HasPrefix(externalRef, serviceDomain) { - return nil, fmt.Errorf("externalRef should have prefix %s, got %s", serviceDomain, externalRef) - } - path := strings.TrimPrefix(externalRef, serviceDomain+"/") - tokens := strings.Split(path, "/") - + tokens := strings.Split(externalRef, "/") if len(tokens) != 6 || tokens[0] != "projects" || tokens[2] != "locations" || tokens[4] != "workstationClusters" { - return nil, fmt.Errorf("externalRef should be %s/projects//locations//workstationClusters/, got %s", - serviceDomain, externalRef) + return nil, fmt.Errorf("externalRef should be projects//locations//workstationClusters/, got %s", + externalRef) } return &WorkstationClusterIdentity{ Parent: parent{Project: tokens[1], Location: tokens[3]}, diff --git a/pkg/test/resourcefixture/testdata/basic/workstations/workstationcluster/workstationcluster-full/_generated_object_workstationcluster-full.golden.yaml b/pkg/test/resourcefixture/testdata/basic/workstations/workstationcluster/workstationcluster-full/_generated_object_workstationcluster-full.golden.yaml index caaec82d5e..183360a13d 100644 --- a/pkg/test/resourcefixture/testdata/basic/workstations/workstationcluster/workstationcluster-full/_generated_object_workstationcluster-full.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/workstations/workstationcluster/workstationcluster-full/_generated_object_workstationcluster-full.golden.yaml @@ -41,7 +41,7 @@ status: reason: UpToDate status: "True" type: Ready - externalRef: //workstations.googleapis.com/projects/${projectId}/locations/us-west1/workstationClusters/workstationcluster-${uniqueId} + externalRef: projects/${projectId}/locations/us-west1/workstationClusters/workstationcluster-${uniqueId} observedGeneration: 2 observedState: clusterHostname: cluster-abcdef.cloudworkstations.dev diff --git a/pkg/test/resourcefixture/testdata/basic/workstations/workstationcluster/workstationcluster-minimal/_generated_object_workstationcluster-minimal.golden.yaml b/pkg/test/resourcefixture/testdata/basic/workstations/workstationcluster/workstationcluster-minimal/_generated_object_workstationcluster-minimal.golden.yaml index a3f9889d0d..345357fbc7 100644 --- a/pkg/test/resourcefixture/testdata/basic/workstations/workstationcluster/workstationcluster-minimal/_generated_object_workstationcluster-minimal.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/workstations/workstationcluster/workstationcluster-minimal/_generated_object_workstationcluster-minimal.golden.yaml @@ -26,7 +26,7 @@ status: reason: UpToDate status: "True" type: Ready - externalRef: //workstations.googleapis.com/projects/${projectId}/locations/us-west1/workstationClusters/workstationcluster-${uniqueId} + externalRef: projects/${projectId}/locations/us-west1/workstationClusters/workstationcluster-${uniqueId} observedGeneration: 1 observedState: controlPlaneIP: 10.0.0.2 From 32236c088fb9d8d7dbed37355a371939ca5e2f56 Mon Sep 17 00:00:00 2001 From: Ziyue Yan Date: Mon, 11 Nov 2024 22:54:53 +0000 Subject: [PATCH 20/21] fix poco test --- ..._basicpocogkehubfeaturemembership.golden.yaml | 2 +- .../basicpocogkehubfeaturemembership/_http.log | 16 ++++++++-------- .../basicpocogkehubfeaturemembership/create.yaml | 2 +- .../basicpocogkehubfeaturemembership/update.yaml | 2 +- ...t_fullpocogkehubfeaturemembership.golden.yaml | 2 +- .../fullpocogkehubfeaturemembership/_http.log | 16 ++++++++-------- .../fullpocogkehubfeaturemembership/create.yaml | 2 +- .../fullpocogkehubfeaturemembership/update.yaml | 2 +- 8 files changed, 22 insertions(+), 22 deletions(-) diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/_generated_object_basicpocogkehubfeaturemembership.golden.yaml b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/_generated_object_basicpocogkehubfeaturemembership.golden.yaml index c22b129cdd..a1bae5c0c9 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/_generated_object_basicpocogkehubfeaturemembership.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/_generated_object_basicpocogkehubfeaturemembership.golden.yaml @@ -15,7 +15,7 @@ spec: featureRef: name: gkehubfeature-basic-poco-${uniqueId} location: global - membershipLocation: us-central1 + membershipLocation: us-west1 membershipRef: name: gkehubmembership-basic-poco-${uniqueId} policycontroller: diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/_http.log b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/_http.log index b7affeb4c2..2c94a9a65a 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/_http.log @@ -1261,7 +1261,7 @@ User-Agent: kcc/controller-manager "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-basic-poco-${uniqueId}": { + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-basic-poco-${uniqueId}": { "policycontroller": { "policyControllerHubConfig": { "auditIntervalSeconds": "10" @@ -1326,7 +1326,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-basic-poco-${uniqueId}": { + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-basic-poco-${uniqueId}": { "policycontroller": { "policyControllerHubConfig": { "auditIntervalSeconds": "10" @@ -1365,7 +1365,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-basic-poco-${uniqueId}": { + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-basic-poco-${uniqueId}": { "policycontroller": { "policyControllerHubConfig": { "auditIntervalSeconds": "10" @@ -1390,7 +1390,7 @@ User-Agent: kcc/controller-manager "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-basic-poco-${uniqueId}": { + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-basic-poco-${uniqueId}": { "policycontroller": { "policyControllerHubConfig": { "auditIntervalSeconds": "15", @@ -1471,7 +1471,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-basic-poco-${uniqueId}": { + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-basic-poco-${uniqueId}": { "policycontroller": { "policyControllerHubConfig": { "auditIntervalSeconds": "15", @@ -1525,7 +1525,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-basic-poco-${uniqueId}": { + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-basic-poco-${uniqueId}": { "policycontroller": { "policyControllerHubConfig": { "auditIntervalSeconds": "15", @@ -1565,7 +1565,7 @@ User-Agent: kcc/controller-manager "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-basic-poco-${uniqueId}": {} + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-basic-poco-${uniqueId}": {} }, "name": "projects/example-project-01/locations/global/features/policycontroller", "updateTime": "2024-04-01T12:34:56.123456Z" @@ -1624,7 +1624,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-basic-poco-${uniqueId}": {} + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-basic-poco-${uniqueId}": {} }, "name": "projects/example-project-01/locations/global/features/policycontroller", "resourceState": { diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/create.yaml b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/create.yaml index d04e5e4f81..e26ae3360a 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/create.yaml +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/create.yaml @@ -20,7 +20,7 @@ spec: projectRef: name: gkehubfm-${uniqueId} location: global - membershipLocation: us-central1 + membershipLocation: us-west1 membershipRef: name: gkehubmembership-basic-poco-${uniqueId} featureRef: diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/update.yaml b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/update.yaml index cede77129f..3bcd2c2a28 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/update.yaml +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicpocogkehubfeaturemembership/update.yaml @@ -20,7 +20,7 @@ spec: projectRef: name: gkehubfm-${uniqueId} location: global - membershipLocation: us-central1 + membershipLocation: us-west1 membershipRef: name: gkehubmembership-basic-poco-${uniqueId} featureRef: diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/_generated_object_fullpocogkehubfeaturemembership.golden.yaml b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/_generated_object_fullpocogkehubfeaturemembership.golden.yaml index ce1fedfb2f..2ea3897010 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/_generated_object_fullpocogkehubfeaturemembership.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/_generated_object_fullpocogkehubfeaturemembership.golden.yaml @@ -15,7 +15,7 @@ spec: featureRef: name: gkehubfeature-full-poco-${uniqueId} location: global - membershipLocation: us-central1 + membershipLocation: us-west1 membershipRef: name: gkehubmembership-full-poco-${uniqueId} policycontroller: diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/_http.log b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/_http.log index ba7df996da..3c82d24c02 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/_http.log @@ -1191,7 +1191,7 @@ User-Agent: kcc/controller-manager "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-full-poco-${uniqueId}": { + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-full-poco-${uniqueId}": { "policycontroller": { "policyControllerHubConfig": { "auditIntervalSeconds": "10", @@ -1271,7 +1271,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-full-poco-${uniqueId}": { + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-full-poco-${uniqueId}": { "policycontroller": { "policyControllerHubConfig": { "auditIntervalSeconds": "10", @@ -1325,7 +1325,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-full-poco-${uniqueId}": { + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-full-poco-${uniqueId}": { "policycontroller": { "policyControllerHubConfig": { "auditIntervalSeconds": "10", @@ -1365,7 +1365,7 @@ User-Agent: kcc/controller-manager "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-full-poco-${uniqueId}": { + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-full-poco-${uniqueId}": { "policycontroller": { "policyControllerHubConfig": { "auditIntervalSeconds": "15", @@ -1449,7 +1449,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-full-poco-${uniqueId}": { + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-full-poco-${uniqueId}": { "policycontroller": { "policyControllerHubConfig": { "auditIntervalSeconds": "15", @@ -1506,7 +1506,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-full-poco-${uniqueId}": { + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-full-poco-${uniqueId}": { "policycontroller": { "policyControllerHubConfig": { "auditIntervalSeconds": "15", @@ -1549,7 +1549,7 @@ User-Agent: kcc/controller-manager "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-full-poco-${uniqueId}": {} + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-full-poco-${uniqueId}": {} }, "name": "projects/example-project-01/locations/global/features/policycontroller", "updateTime": "2024-04-01T12:34:56.123456Z" @@ -1608,7 +1608,7 @@ X-Xss-Protection: 0 "managed-by-cnrm": "true" }, "membershipSpecs": { - "projects/example-project-01/locations/us-central1/memberships/gkehubmembership-full-poco-${uniqueId}": {} + "projects/example-project-01/locations/us-west1/memberships/gkehubmembership-full-poco-${uniqueId}": {} }, "name": "projects/example-project-01/locations/global/features/policycontroller", "resourceState": { diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/create.yaml b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/create.yaml index 92224951d7..4fe803188f 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/create.yaml +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/create.yaml @@ -20,7 +20,7 @@ spec: projectRef: name: gkehubfm-${uniqueId} location: global - membershipLocation: us-central1 + membershipLocation: us-west1 membershipRef: name: gkehubmembership-full-poco-${uniqueId} featureRef: diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/update.yaml b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/update.yaml index e2c26d8281..e90921d60c 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/update.yaml +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullpocogkehubfeaturemembership/update.yaml @@ -20,7 +20,7 @@ spec: projectRef: name: gkehubfm-${uniqueId} location: global - membershipLocation: us-central1 + membershipLocation: us-west1 membershipRef: name: gkehubmembership-full-poco-${uniqueId} featureRef: From 833f03235a038f663ce2666bc18da12d47276c91 Mon Sep 17 00:00:00 2001 From: Jason Vigil Date: Mon, 4 Nov 2024 22:16:19 +0000 Subject: [PATCH 21/21] feat: Add docs for enabling direct resources --- docs/features/index.md | 1 + docs/features/optin.md | 114 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 115 insertions(+) create mode 100644 docs/features/optin.md diff --git a/docs/features/index.md b/docs/features/index.md index 3d540777bd..fba5023386 100644 --- a/docs/features/index.md +++ b/docs/features/index.md @@ -1,3 +1,4 @@ # Contents +* [Opt in to enable experimental direct controllers](./optin.md) * [Pause actuation of resources onto the cloud provider](./pause.md) \ No newline at end of file diff --git a/docs/features/optin.md b/docs/features/optin.md new file mode 100644 index 0000000000..68984cf853 --- /dev/null +++ b/docs/features/optin.md @@ -0,0 +1,114 @@ +# Opt in to Enable Experimental Direct Controllers + +> `Feature State`: `alpha` as of version v1.123.1 + +Config Connector can be configured to enable experimental versions of direct +controllers for reconciling specific resources. This will allow users to test +the new direct controller code for bug fixes or features not available in +legacy controllers. It is possible to enable the direct controller code on a +per-resource basis, by setting an annotation for each custom resource. + +We recommend only enabling the experimental direct controller if it is +necessary to work around a legacy controller bug or to enable a new feature that +is only available in the direct controller. + + +## Enabling + +To enable the direct controller for a specific resource, update the resource and +specify the annotation: + +```yaml +metadata: + annotations: + alpha.cnrm.cloud.google.com/reconciler: "direct" +``` + +For example: + +```yaml +apiVersion: sql.cnrm.cloud.google.com/v1beta1 +kind: SQLInstance +metadata: + name: my-sqlinstance + annotations: + alpha.cnrm.cloud.google.com/reconciler: "direct" +spec: + databaseVersion: POSTGRES_16 + region: us-central1 + settings: + tier: db-custom-1-3840 +``` + +The only supported value for the annotation is "direct", to enable the +direct controller. + +While adding an annotation to enable experimental direct controllers for resources +that do not yet support experimental direct controllers should be harmless, we +recommend against doing so. Adding such an annotation can be confusing and +surprising when the functionality is added later. + +To revert back to using the legacy controller, remove the annotation. + + +## Verifying + +To verify the direct controller code is in-use for a particular resource, +check the logs for the phrase "Running reconcile" associated with the resource. + +``` +$ kubectl -n cnrm-system logs pod/cnrm-controller-manager-0 | grep -e "Running reconcile" -e "my-sqlinstance" +``` + +You should see output similar to the following: + +> {"severity":"info","timestamp":"2024-11-04T21:56:28.704Z","msg":"Running reconcile","controller":"sqlinstance-controller","controllerGroup":"sql.cnrm.cloud.google.com","controllerKind":"SQLInstance","SQLInstance":{"name":"my-sqlinstance","namespace":"default"},"namespace":"default","name":"my-sqlinstance","reconcileID":"577fe58d-14eb-4e5d-9642-c9ec4b1a3137","resource":{"name":"my-sqlinstance","namespace":"default"}} + +If the legacy controller is enabled (instead of the new direct controller), the +logs will show "starting reconcile" for the resource instead of "Running reconcile". + +> {"severity":"info","timestamp":"2024-10-30T23:47:49.726Z","logger":"sqlinstance-controller","msg":"starting reconcile","resource":{"name":"my-sqlinstance","namespace":"default"}} + + +## Applicability + +If you're unsure if a particular resource has an experimental direct controller +available and want to try out the new code wherever possible (or if you're just +curious to learn more about the internals of this feature in Config Connector), +read on. + +To find out if an experimental direct controller is available for a resource, +check CRD for the resource. + +If the CRD specifies either of the following legacy +controller labels, then it is potentially possible to enable an experimental +direct controller for resources of that kind. + +* `cnrm.cloud.google.com/tf2crd: true` +* `cnrm.cloud.google.com/dcl2crd: true` + +To check the CRD labels for a resource type, you can run the following command: +``` +kubectl get crd sqlinstances.sql.cnrm.cloud.google.com -ojson | jq '.metadata.labels' +``` + +Alternatively, you can check in the source tree under `config/crds/resources/` +for the CRD YAML, but remember to double-check your source checkout matches +your running Config Connector version. + +However, not all resources with the legacy controller annotation on their CRDs +will have an experimental direct controller available. This is because not all +resources with the legacy controller annotation have a direct controller +implemented yet; many of the direct controllers are not yet implemented. To +confirm if there is an experimental direct controller available for a +particular resource, check to make sure there is an implementation of the +controller for that type in `pkg/controller/direct`. The controllers are found +in `*_controller.go` [[example]](https://github.com/GoogleCloudPlatform/k8s-config-connector/blob/master/pkg/controller/direct/sql/sqlinstance_controller.go). +Also, verify that the direct controller is registered in `pkg/controller/direct/register/register.go` +[[example]](https://github.com/GoogleCloudPlatform/k8s-config-connector/blob/f485d486553f1fc939eb8e487ccabaf2f2f032ed/pkg/controller/direct/register/register.go#L43). + +At this point, if there is both a legacy controller label on the CRD and a +direct controller implemented + registered, then you can be reasonably sure +there is a direct controller available. To try it out, add the label for a +resource of that kind, and use the steps above to verify the direct controller +is enabled. \ No newline at end of file