Skip to content

ChunxiAlexLuo/ocm-kustomize-generator-plugins

 
 

Repository files navigation

Policy Generator

Overview

The Policy Generator constructs Open Cluster Management policies from Kubernetes YAML files provided through a PolicyGenerator Custom Resource. The Policy Generator is a binary compiled for use as a kustomize exec plugin.

For more about Open Cluster Management and its Policy Framework:

Getting Started

Go to the Contributing guide to learn how to get involved.

Using the Policy Generator

As a Kustomize plugin

Installation

Install from the GitHub release
  1. Download the precompiled plugin binary from the release of your choice.

  2. Create the plugin directory:

    mkdir -p ${HOME}/.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator
  3. Move the binary to the plugin directory:

    • Linux:

      chmod +x linux-amd64-PolicyGenerator
      mv linux-amd64-PolicyGenerator ${HOME}/.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator/PolicyGenerator
    • MacOS:

      chmod +x darwin-amd64-PolicyGenerator
      mv darwin-amd64-PolicyGenerator ${HOME}/.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator/PolicyGenerator
Build and install from source
  1. Build the plugin binary (only needed once or to update the plugin):
    make build
    NOTE: This will default to placing the binary in ${HOME}/.config/kustomize/plugin/. You can change this by exporting KUSTOMIZE_PLUGIN_HOME to a different path.

Configuration

  1. Create a kustomization.yaml file that points to PolicyGenerator manifest(s), with any additional desired patches or customizations (see examples/policyGenerator.yaml for an example):

    generators:
      - path/to/generator/file.yaml
  2. To use the plugin to generate policies, do one of:

    • Utilize the examples/ directory in this repository (the directory can be modified by exporting a new path to SOURCE_DIR):
      make generate
    • From any directory with a kustomization.yaml file pointing to PolicyGenerator manifests:
      kustomize build --enable-alpha-plugins

As a standalone binary

In order to bypass Kustomize and run the generator binary directly:

  1. Build the binary:

    make build-binary
  2. Run the binary from the location of the PolicyGenerator manifest(s):

    path/to/PolicyGenerator <path/to/file/1> ... <path/to/file/n>
    • For example:
      cd examples
      ../PolicyGenerator policyGenerator.yaml
      NOTE: To print the trace in the case of an error, you can add the --debug flag to the arguments.

About

Kustomize generator plugins for use with Open Cluster Management

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 97.0%
  • Makefile 2.3%
  • Other 0.7%