From cfb83b2a2ffd55b761b4497d77d6cc289fad0ab9 Mon Sep 17 00:00:00 2001 From: gazarenkov Date: Tue, 28 Nov 2023 11:25:28 +0200 Subject: [PATCH 1/7] yaml/configMap default configuration --- .gitignore | 3 +- Makefile | 15 +++-- ...kstage-operator.clusterserviceversion.yaml | 4 +- config/default/kustomization.yaml | 4 +- .../manager/default-config/db-deployment.yaml | 30 +++++++++ config/manager/default-config/db-pv.yaml | 16 +++++ config/manager/default-config/db-pvc.yaml | 11 ++++ config/manager/default-config/db-service.yaml | 9 +++ config/manager/default-config/deployment.yaml | 28 +++++++++ config/manager/default-config/service.yaml | 12 ++++ config/manager/kustomization.yaml | 16 ++++- config/manager/manager.yaml | 8 +++ config/rbac/kustomization.yaml | 2 +- controllers/backstage_controller.go | 62 +++++++++++-------- controllers/backstage_controller_test.go | 4 +- controllers/backstage_deployment.go | 35 +---------- controllers/backstage_service.go | 19 +----- controllers/local_db_deployment.go | 48 +------------- controllers/local_db_storage.go | 38 +----------- docker/Dockerfile | 4 +- main.go | 2 +- 21 files changed, 192 insertions(+), 178 deletions(-) create mode 100644 config/manager/default-config/db-deployment.yaml create mode 100644 config/manager/default-config/db-pv.yaml create mode 100644 config/manager/default-config/db-pvc.yaml create mode 100644 config/manager/default-config/db-service.yaml create mode 100644 config/manager/default-config/deployment.yaml create mode 100644 config/manager/default-config/service.yaml diff --git a/.gitignore b/.gitignore index da10e284..45ff9960 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,3 @@ -./scripts - # Binaries for programs and plugins *.exe *.exe~ @@ -27,4 +25,5 @@ Dockerfile.cross *.swo *~ .vscode/ +.scripts/ .DS_Store \ No newline at end of file diff --git a/Makefile b/Makefile index c1d6df42..661d5fd3 100644 --- a/Makefile +++ b/Makefile @@ -53,6 +53,13 @@ IMG ?= $(IMAGE_TAG_BASE):v$(VERSION) # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. ENVTEST_K8S_VERSION = 1.25.0 +# Default Backstage config directory to use +# it has to be defined as a set of YAML files inside ./config/manager/${CONF_DIR} directory +# to use other config - add a directory with config and run 'CONF_DIR= make ...' +# TODO find better place than ./config/manager (but not ./config/overlays) ? +# TODO it works only for make run, needs supporting make deploy as well https://github.com/janus-idp/operator/issues/47 +CONF_DIR ?= default-config + # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) ifeq (,$(shell go env GOBIN)) GOBIN=$(shell go env GOPATH)/bin @@ -128,8 +135,8 @@ vet: ## Run go vet against code. go vet ./... .PHONY: test -test: manifests generate fmt vet envtest ## Run tests. - KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test ./... -coverprofile cover.out +test: manifests generate fmt vet envtest ## Run tests. We need LOCALBIN=$(LOCALBIN) to get correct default-config path + LOCALBIN=$(LOCALBIN) KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test ./... -coverprofile cover.out ##@ Build @@ -138,8 +145,8 @@ build: generate fmt vet ## Build manager binary. go build -o bin/manager main.go .PHONY: run -run: manifests generate fmt vet ## Run a controller from your host. - go run ./main.go +run: manifests generate fmt vet build ## Run a controller from your host. + cd $(LOCALBIN) && mkdir -p default-config && cp ../config/manager/${CONF_DIR}/* default-config && ./manager PLATFORM ?= linux/amd64 # If you wish built the manager image targeting other platforms you can use the --platform flag. diff --git a/bundle/manifests/backstage-operator.clusterserviceversion.yaml b/bundle/manifests/backstage-operator.clusterserviceversion.yaml index c8f9135e..52becb47 100644 --- a/bundle/manifests/backstage-operator.clusterserviceversion.yaml +++ b/bundle/manifests/backstage-operator.clusterserviceversion.yaml @@ -113,7 +113,7 @@ spec: app.kubernetes.io/created-by: backstage-operator app.kubernetes.io/instance: controller-manager app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: deployment + app.kubernetes.io/name: deployment.yaml app.kubernetes.io/part-of: backstage-operator control-plane: controller-manager name: backstage-operator-controller-manager @@ -240,7 +240,7 @@ spec: - create - patch serviceAccountName: backstage-operator-controller-manager - strategy: deployment + strategy: deployment.yaml installModes: - supported: false type: OwnNamespace diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 3684a51a..4bdce607 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -1,12 +1,12 @@ # Adds namespace to all resources. -namespace: backstage-operator-system +namespace: backstage-system # Value of this field is prepended to the # names of all resources, e.g. a deployment named # "wordpress" becomes "alices-wordpress". # Note that it should also match with the prefix (text before '-') of the namespace # field above. -namePrefix: backstage-operator- +namePrefix: backstage- # Labels to add to all resources and selectors. #commonLabels: diff --git a/config/manager/default-config/db-deployment.yaml b/config/manager/default-config/db-deployment.yaml new file mode 100644 index 00000000..1abad165 --- /dev/null +++ b/config/manager/default-config/db-deployment.yaml @@ -0,0 +1,30 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres +spec: + replicas: 1 + selector: + matchLabels: + backstage.io/app: # placeholder for 'backstage-db-' + template: + metadata: + labels: + backstage.io/app: # placeholder for 'backstage-db-' + spec: + containers: + - name: postgres + image: postgres:13.2-alpine + imagePullPolicy: 'IfNotPresent' + ports: + - containerPort: 5432 + envFrom: + - secretRef: + name: postgres-secrets + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgresdb + volumes: + - name: postgresdb + persistentVolumeClaim: + claimName: postgres-storage-claim \ No newline at end of file diff --git a/config/manager/default-config/db-pv.yaml b/config/manager/default-config/db-pv.yaml new file mode 100644 index 00000000..57933845 --- /dev/null +++ b/config/manager/default-config/db-pv.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: postgres-storage + namespace: backstage + labels: + type: local +spec: + storageClassName: manual + capacity: + storage: 2G + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + hostPath: + path: '/mnt/data' diff --git a/config/manager/default-config/db-pvc.yaml b/config/manager/default-config/db-pvc.yaml new file mode 100644 index 00000000..57832df3 --- /dev/null +++ b/config/manager/default-config/db-pvc.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: postgres-storage-claim +spec: + storageClassName: manual + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2G diff --git a/config/manager/default-config/db-service.yaml b/config/manager/default-config/db-service.yaml new file mode 100644 index 00000000..be677ca9 --- /dev/null +++ b/config/manager/default-config/db-service.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Service +metadata: + name: postgres +spec: + selector: + backstage.io/app: # placeholder for 'backstage-db-' + ports: + - port: 5432 diff --git a/config/manager/default-config/deployment.yaml b/config/manager/default-config/deployment.yaml new file mode 100644 index 00000000..e19a7902 --- /dev/null +++ b/config/manager/default-config/deployment.yaml @@ -0,0 +1,28 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: backstage +spec: + replicas: 1 + selector: + matchLabels: + backstage.io/app: # placeholder for 'backstage-' + template: + metadata: + labels: + backstage.io/app: # placeholder for 'backstage-' + spec: + containers: + - name: backstage + image: ghcr.io/backstage/backstage + imagePullPolicy: IfNotPresent + ports: + - name: http + containerPort: 7007 + envFrom: + - secretRef: + name: postgres-secrets +# - secretRef: +# name: backstage-secrets + + diff --git a/config/manager/default-config/service.yaml b/config/manager/default-config/service.yaml new file mode 100644 index 00000000..e2c04838 --- /dev/null +++ b/config/manager/default-config/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: backstage +spec: + type: NodePort + selector: + backstage.io/app: # placeholder for 'backstage-' + ports: + - name: http + port: 80 + targetPort: http \ No newline at end of file diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 3542d6ae..26fbe531 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -4,5 +4,17 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization images: - name: controller - newName: quay.io/rhdh/backstage-operator - newTag: v0.0.1 + newName: gazarenkov/backstage + +generatorOptions: + disableNameSuffixHash: true + +configMapGenerator: +- files: + - default-config/deployment.yaml + - default-config/service.yaml + - default-config/db-deployment.yaml + - default-config/db-service.yaml + - default-config/db-pv.yaml + - default-config/db-pvc.yaml + name: default-config diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 541a1601..fcedb7bb 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -98,5 +98,13 @@ spec: requests: cpu: 10m memory: 64Mi + volumeMounts: + - mountPath: /default-config + name: default-config serviceAccountName: controller-manager terminationGracePeriodSeconds: 10 + volumes: + - name: default-config + configMap: + name: default-config + diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 731832a6..10b2c20c 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -1,6 +1,6 @@ resources: # All RBAC will be applied under this service account in -# the deployment namespace. You may comment out this resource +# the deployment.yaml namespace. You may comment out this resource # if your manager will use a service account that exists at # runtime. Be sure to update RoleBinding and ClusterRoleBinding # subjects if changing service account names. diff --git a/controllers/backstage_controller.go b/controllers/backstage_controller.go index 0a0179b5..a6407f48 100644 --- a/controllers/backstage_controller.go +++ b/controllers/backstage_controller.go @@ -18,6 +18,8 @@ import ( "bytes" "context" "fmt" + "os" + "path/filepath" bs "backstage.io/backstage-operator/api/v1alpha1" appsv1 "k8s.io/api/apps/v1" @@ -42,7 +44,7 @@ type BackstageReconciler struct { client.Client Scheme *runtime.Scheme // If true, Backstage Controller always sync the state of runtime objects created - // otherwise, the can be re-configured independently + // otherwise, runtime objects can be re-configured independently OwnsRuntime bool // Namespace allows to restrict the reconciliation to this particular namespace, @@ -90,38 +92,32 @@ func (r *BackstageReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( if !backstage.Spec.SkipLocalDb { // log Debug if err := r.applyPV(ctx, backstage, req.Namespace); err != nil { - //backstage.Status.LocalDb.PersistentVolume.Status = err.Error() - return ctrl.Result{}, err + return ctrl.Result{}, fmt.Errorf("failed to apply Database PV: %w", err) } if err := r.applyPVC(ctx, backstage, req.Namespace); err != nil { - //backstage.Status.PostgreState = err.Error() - return ctrl.Result{}, err + return ctrl.Result{}, fmt.Errorf("failed to apply Database PVC: %w", err) } err := r.applyLocalDbDeployment(ctx, backstage, req.Namespace) if err != nil { - //backstage.Status.PostgreState = err.Error() - return ctrl.Result{}, err + return ctrl.Result{}, fmt.Errorf("failed to apply Database Deployment: %w", err) } err = r.applyLocalDbService(ctx, backstage, req.Namespace) if err != nil { - //backstage.Status.PostgreState = err.Error() - return ctrl.Result{}, err + return ctrl.Result{}, fmt.Errorf("failed to apply Database Service: %w", err) } } err := r.applyBackstageDeployment(ctx, backstage, req.Namespace) if err != nil { - return ctrl.Result{}, err + return ctrl.Result{}, fmt.Errorf("failed to apply Backstage Deployment: %w", err) } if err := r.applyBackstageService(ctx, backstage, req.Namespace); err != nil { - // TODO BackstageDepState state - //backstage.Status.BackstageState = err.Error() - return ctrl.Result{}, err + return ctrl.Result{}, fmt.Errorf("failed to apply Backstage Service: %w", err) } //TODO: it is just a placeholder for the time @@ -129,24 +125,22 @@ func (r *BackstageReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( r.setSyncStatus(&backstage) err = r.Status().Update(ctx, &backstage) if err != nil { - return ctrl.Result{}, err + return ctrl.Result{}, fmt.Errorf("failed to set status: %w", err) //log.FromContext(ctx).Error(err, "unable to update backstage.status") } return ctrl.Result{}, nil } -func (r *BackstageReconciler) readConfigMapOrDefault(ctx context.Context, name string, key string, ns string, def string, object v1.Object) error { +func (r *BackstageReconciler) readConfigMapOrDefault(ctx context.Context, name string, key string, ns string, object v1.Object) error { // ConfigMap name not set, default //lg := log.FromContext(ctx) - //lg.V(1).Info("readConfigMapOrDefault CM: ", "name", name) - if name == "" { - err := readYaml(def, object) + err := readYamlFile(defFile(key), object) if err != nil { - return err + return fmt.Errorf("failed to read YAML file: %w", err) } object.SetNamespace(ns) return nil @@ -156,34 +150,48 @@ func (r *BackstageReconciler) readConfigMapOrDefault(ctx context.Context, name s if err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: ns}, &cm); err != nil { return err } - //lg.V(1).Info("readConfigMapOrDefault CM name found: ", "ConfigMap:", cm) + val, ok := cm.Data[key] if !ok { // key not found, default - err := readYaml(def, object) + err := readYamlFile(defFile(key), object) if err != nil { - return err + return fmt.Errorf("failed to read YAML file: %w", err) } } else { - err := readYaml(val, object) + err := readYaml([]byte(val), object) if err != nil { - return err + return fmt.Errorf("failed to read YAML: %w", err) } } object.SetNamespace(ns) return nil } -func readYaml(manifest string, object interface{}) error { - dec := yaml.NewYAMLOrJSONDecoder(bytes.NewReader([]byte(manifest)), 1000) +func readYaml(manifest []byte, object interface{}) error { + dec := yaml.NewYAMLOrJSONDecoder(bytes.NewReader(manifest), 1000) if err := dec.Decode(object); err != nil { - return err + return fmt.Errorf("failed to decode YAML: %w", err) } return nil } +func readYamlFile(path string, object interface{}) error { + + b, err := os.ReadFile(path) + if err != nil { + return fmt.Errorf("failed to read YAML file: %w", err) + } + return readYaml(b, object) +} + +func defFile(key string) string { + return filepath.Join(os.Getenv("LOCALBIN"), "default-config", key) +} + // sets the RuntimeRunning condition func (r *BackstageReconciler) setRunningStatus(ctx context.Context, backstage *bs.Backstage, ns string) { + meta.SetStatusCondition(&backstage.Status.Conditions, v1.Condition{ Type: bs.RuntimeConditionRunning, Status: "Unknown", diff --git a/controllers/backstage_controller_test.go b/controllers/backstage_controller_test.go index 4452e92b..73a64171 100644 --- a/controllers/backstage_controller_test.go +++ b/controllers/backstage_controller_test.go @@ -136,7 +136,7 @@ var _ = Describe("Backstage controller", func() { Namespace: ns, }, Data: map[string]string{ - "deploy": ` + "deployment.yaml": ` apiVersion: apps/v1 kind: Deployment metadata: @@ -216,7 +216,7 @@ spec: Namespace: ns, }, Data: map[string]string{ - "deployment": ` + "db-deployment.yaml": ` apiVersion: apps/v1 kind: Deployment metadata: diff --git a/controllers/backstage_deployment.go b/controllers/backstage_deployment.go index 6485a239..4f7ab990 100644 --- a/controllers/backstage_deployment.go +++ b/controllers/backstage_deployment.go @@ -25,43 +25,12 @@ import ( "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" ) -var ( - DefaultBackstageDeployment = ` -apiVersion: apps/v1 -kind: Deployment -metadata: - name: backstage -spec: - replicas: 1 - selector: - matchLabels: - backstage.io/app: # placeholder for 'backstage-' - template: - metadata: - labels: - backstage.io/app: # placeholder for 'backstage-' - spec: - containers: - - name: backstage - image: ghcr.io/backstage/backstage - imagePullPolicy: IfNotPresent - ports: - - name: http - containerPort: 7007 - envFrom: - - secretRef: - name: postgres-secrets -# - secretRef: -# name: backstage-secrets -` -) - func (r *BackstageReconciler) applyBackstageDeployment(ctx context.Context, backstage bs.Backstage, ns string) error { //lg := log.FromContext(ctx) deployment := &appsv1.Deployment{} - err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.BackstageConfigName, "deploy", ns, DefaultBackstageDeployment, deployment) + err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.BackstageConfigName, "deployment.yaml", ns, deployment) if err != nil { return fmt.Errorf("failed to read config: %s", err) } @@ -88,7 +57,7 @@ func (r *BackstageReconciler) applyBackstageDeployment(ctx context.Context, back } } else { - return fmt.Errorf("failed to get backstage deployment, reason: %s", err) + return fmt.Errorf("failed to get backstage deployment.yaml, reason: %s", err) } } else { //lg.Info("CR update is ignored for the time") diff --git a/controllers/backstage_service.go b/controllers/backstage_service.go index 5e6498c7..4c3d3262 100644 --- a/controllers/backstage_service.go +++ b/controllers/backstage_service.go @@ -26,23 +26,6 @@ import ( "k8s.io/apimachinery/pkg/types" ) -var ( - DefaultBackstageService = ` -apiVersion: v1 -kind: Service -metadata: - name: backstage -spec: - type: NodePort - selector: - backstage.io/app: # placeholder for 'backstage-' - ports: - - name: http - port: 80 - targetPort: http -` -) - // selector for deploy.spec.template.spec.meta.label // targetPort: http for deploy.spec.template.spec.containers.ports.name=http func (r *BackstageReconciler) applyBackstageService(ctx context.Context, backstage bs.Backstage, ns string) error { @@ -50,7 +33,7 @@ func (r *BackstageReconciler) applyBackstageService(ctx context.Context, backsta //lg := log.FromContext(ctx) service := &corev1.Service{} - err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.BackstageConfigName, "service", ns, DefaultBackstageService, service) + err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.BackstageConfigName, "service.yaml", ns, service) if err != nil { return err } diff --git a/controllers/local_db_deployment.go b/controllers/local_db_deployment.go index b38e248a..30a7f1ae 100644 --- a/controllers/local_db_deployment.go +++ b/controllers/local_db_deployment.go @@ -27,56 +27,12 @@ import ( "k8s.io/apimachinery/pkg/types" ) -var ( - DefaultLocalDbDeployment = `apiVersion: apps/v1 -kind: Deployment -metadata: - name: postgres -spec: - replicas: 1 - selector: - matchLabels: - backstage.io/app: # placeholder for 'backstage-db-' - template: - metadata: - labels: - backstage.io/app: # placeholder for 'backstage-db-' - spec: - containers: - - name: postgres - image: postgres:13.2-alpine - imagePullPolicy: 'IfNotPresent' - ports: - - containerPort: 5432 - envFrom: - - secretRef: - name: postgres-secrets - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: postgresdb - volumes: - - name: postgresdb - persistentVolumeClaim: - claimName: postgres-storage-claim -` - DefaultLocalDbService = `apiVersion: v1 -kind: Service -metadata: - name: postgres -spec: - selector: - backstage.io/app: # placeholder for 'backstage-db-' - ports: - - port: 5432 -` -) - func (r *BackstageReconciler) applyLocalDbDeployment(ctx context.Context, backstage bs.Backstage, ns string) error { //lg := log.FromContext(ctx) deployment := &appsv1.Deployment{} - err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.LocalDbConfigName, "deployment", ns, DefaultLocalDbDeployment, deployment) + err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.LocalDbConfigName, "db-deployment.yaml", ns, deployment) if err != nil { return err } @@ -118,7 +74,7 @@ func (r *BackstageReconciler) applyLocalDbService(ctx context.Context, backstage //lg := log.FromContext(ctx) service := &corev1.Service{} - err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.LocalDbConfigName, "service", ns, DefaultLocalDbService, service) + err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.LocalDbConfigName, "db-service.yaml", ns, service) if err != nil { return err } diff --git a/controllers/local_db_storage.go b/controllers/local_db_storage.go index 692f089a..fb7053c7 100644 --- a/controllers/local_db_storage.go +++ b/controllers/local_db_storage.go @@ -25,46 +25,12 @@ import ( "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" ) -var ( - DefaultLocalDbPV = ` -apiVersion: v1 -kind: PersistentVolume -metadata: - name: postgres-storage - namespace: backstage - labels: - type: local -spec: - storageClassName: manual - capacity: - storage: 2G - accessModes: - - ReadWriteOnce - persistentVolumeReclaimPolicy: Retain - hostPath: - path: '/mnt/data' -` - DefaultLocalDbPVC = ` -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: postgres-storage-claim -spec: - storageClassName: manual - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 2G -` -) - func (r *BackstageReconciler) applyPV(ctx context.Context, backstage bs.Backstage, ns string) error { // Postgre PersistentVolume //lg := log.FromContext(ctx) pv := &corev1.PersistentVolume{} - err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.LocalDbConfigName, "persistentVolume", ns, DefaultLocalDbPV, pv) + err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.LocalDbConfigName, "db-pv.yaml", ns, pv) if err != nil { return err } @@ -102,7 +68,7 @@ func (r *BackstageReconciler) applyPVC(ctx context.Context, backstage bs.Backsta //lg := log.FromContext(ctx) pvc := &corev1.PersistentVolumeClaim{} - err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.LocalDbConfigName, "persistentVolumeClaim", ns, DefaultLocalDbPVC, pvc) + err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.LocalDbConfigName, "db-pvc.yaml", ns, pvc) if err != nil { return err } diff --git a/docker/Dockerfile b/docker/Dockerfile index 7428e66e..0b58d584 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -62,8 +62,8 @@ ENV EXTERNAL_SOURCE=. # ENV EXTERNAL_SOURCE=$REMOTE_SOURCES/upstream1/app/distgit/containers/rhdh-operator #/ Downstream uncomment -ENV HOME=/opt/helm \ - USER_NAME=helm \ +ENV HOME=/ \ + USER_NAME=backstage \ USER_UID=1001 RUN echo "${USER_NAME}:x:${USER_UID}:0:${USER_NAME} user:${HOME}:/sbin/nologin" >> /etc/passwd diff --git a/main.go b/main.go index fd9ad25f..1adb2c75 100644 --- a/main.go +++ b/main.go @@ -115,7 +115,7 @@ func main() { os.Exit(1) } - setupLog.Info("starting manager") + setupLog.Info("starting manager with parameters: ", "own-runtime", ownRuntime, "env.LOCALBIN", os.Getenv("LOCALBIN")) if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil { setupLog.Error(err, "problem running manager") os.Exit(1) From 956335891886b439ecc410e167e8d1923da62247 Mon Sep 17 00:00:00 2001 From: gazarenkov Date: Tue, 28 Nov 2023 16:26:52 +0200 Subject: [PATCH 2/7] fix make test --- Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile index 49617423..94deb6ab 100644 --- a/Makefile +++ b/Makefile @@ -132,6 +132,7 @@ vet: ## Run go vet against code. .PHONY: test test: manifests generate fmt vet envtest ## Run tests. We need LOCALBIN=$(LOCALBIN) to get correct default-config path + mkdir -p $(LOCALBIN)/default-config && cp config/manager/${CONF_DIR}/* $(LOCALBIN)/default-config LOCALBIN=$(LOCALBIN) KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test ./... -coverprofile cover.out ##@ Build From 99b4e54647e4f617ce9fd0402ace962ebff894e3 Mon Sep 17 00:00:00 2001 From: gazarenkov Date: Thu, 30 Nov 2023 11:16:59 +0200 Subject: [PATCH 3/7] fix with new objects --- api/v1alpha1/zz_generated.deepcopy.go | 2 +- .../default-config/backend-auth-secret.yaml | 6 + .../manager/default-config/db-deployment.yaml | 30 -- config/manager/default-config/db-pv.yaml | 16 -- config/manager/default-config/db-pvc.yaml | 11 - .../manager/default-config/db-service-hl.yaml | 10 + config/manager/default-config/db-service.yaml | 4 +- .../default-config/db-statefulset.yaml | 101 +++++++ config/manager/default-config/deployment.yaml | 75 ++++- controllers/backstage_backend_auth.go | 48 ++-- controllers/backstage_controller.go | 5 +- controllers/backstage_controller_test.go | 4 +- controllers/backstage_deployment.go | 192 ++++++------- controllers/backstage_dynamic_plugins.go | 28 +- controllers/local_db_deployment.go | 0 controllers/local_db_statefulset.go | 260 +++++++++--------- 16 files changed, 459 insertions(+), 333 deletions(-) create mode 100644 config/manager/default-config/backend-auth-secret.yaml delete mode 100644 config/manager/default-config/db-deployment.yaml delete mode 100644 config/manager/default-config/db-pv.yaml delete mode 100644 config/manager/default-config/db-pvc.yaml create mode 100644 config/manager/default-config/db-service-hl.yaml create mode 100644 config/manager/default-config/db-statefulset.yaml delete mode 100644 controllers/local_db_deployment.go diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 9126a8bc..891bee7f 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -22,7 +22,7 @@ limitations under the License. package v1alpha1 import ( - "k8s.io/apimachinery/pkg/apis/meta/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/config/manager/default-config/backend-auth-secret.yaml b/config/manager/default-config/backend-auth-secret.yaml new file mode 100644 index 00000000..34e04f9a --- /dev/null +++ b/config/manager/default-config/backend-auth-secret.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Secret +metadata: + name: # placeholder for '-auth' +data: +# A random value will be generated for the backend-secret key diff --git a/config/manager/default-config/db-deployment.yaml b/config/manager/default-config/db-deployment.yaml deleted file mode 100644 index 1abad165..00000000 --- a/config/manager/default-config/db-deployment.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: postgres -spec: - replicas: 1 - selector: - matchLabels: - backstage.io/app: # placeholder for 'backstage-db-' - template: - metadata: - labels: - backstage.io/app: # placeholder for 'backstage-db-' - spec: - containers: - - name: postgres - image: postgres:13.2-alpine - imagePullPolicy: 'IfNotPresent' - ports: - - containerPort: 5432 - envFrom: - - secretRef: - name: postgres-secrets - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: postgresdb - volumes: - - name: postgresdb - persistentVolumeClaim: - claimName: postgres-storage-claim \ No newline at end of file diff --git a/config/manager/default-config/db-pv.yaml b/config/manager/default-config/db-pv.yaml deleted file mode 100644 index 57933845..00000000 --- a/config/manager/default-config/db-pv.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: postgres-storage - namespace: backstage - labels: - type: local -spec: - storageClassName: manual - capacity: - storage: 2G - accessModes: - - ReadWriteOnce - persistentVolumeReclaimPolicy: Retain - hostPath: - path: '/mnt/data' diff --git a/config/manager/default-config/db-pvc.yaml b/config/manager/default-config/db-pvc.yaml deleted file mode 100644 index 57832df3..00000000 --- a/config/manager/default-config/db-pvc.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: postgres-storage-claim -spec: - storageClassName: manual - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 2G diff --git a/config/manager/default-config/db-service-hl.yaml b/config/manager/default-config/db-service-hl.yaml new file mode 100644 index 00000000..444fe0ca --- /dev/null +++ b/config/manager/default-config/db-service-hl.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Service +metadata: + name: backstage-psql-cr1-hl # placeholder for 'backstage-psql--hl' +spec: + selector: + backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' + clusterIP: None + ports: + - port: 5432 \ No newline at end of file diff --git a/config/manager/default-config/db-service.yaml b/config/manager/default-config/db-service.yaml index be677ca9..32780481 100644 --- a/config/manager/default-config/db-service.yaml +++ b/config/manager/default-config/db-service.yaml @@ -1,9 +1,9 @@ apiVersion: v1 kind: Service metadata: - name: postgres + name: backstage-psql-cr1 # placeholder for 'backstage-psql-' spec: selector: - backstage.io/app: # placeholder for 'backstage-db-' + backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' ports: - port: 5432 diff --git a/config/manager/default-config/db-statefulset.yaml b/config/manager/default-config/db-statefulset.yaml new file mode 100644 index 00000000..5a208edf --- /dev/null +++ b/config/manager/default-config/db-statefulset.yaml @@ -0,0 +1,101 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: backstage-psql-cr1 # placeholder for 'backstage-psql-' +spec: + podManagementPolicy: OrderedReady + replicas: 1 + selector: + matchLabels: + backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' + serviceName: backstage-psql-cr1-hl # placeholder for 'backstage-psql--hl' + template: + metadata: + labels: + backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' + name: backstage-db-cr1 # placeholder for 'backstage-psql-' + spec: + containers: + - env: + - name: POSTGRESQL_PORT_NUMBER + value: "5432" + - name: POSTGRESQL_VOLUME_DIR + value: /var/lib/pgsql/data + - name: PGDATA + value: /var/lib/pgsql/data/userdata + envFrom: + - secretRef: + name: postgres-secrets + image: quay.io/fedora/postgresql-15:latest + imagePullPolicy: IfNotPresent + securityContext: + runAsNonRoot: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + livenessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U ${POSTGRES_USER} -h 127.0.0.1 -p 5432 + failureThreshold: 6 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: postgresql + ports: + - containerPort: 5432 + name: tcp-postgresql + protocol: TCP + readinessProbe: + exec: + command: + - /bin/sh + - -c + - -e + - | + exec pg_isready -U ${POSTGRES_USER} -h 127.0.0.1 -p 5432 + failureThreshold: 6 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: + requests: + cpu: 250m + memory: 256Mi + limits: + memory: 1024Mi + volumeMounts: + - mountPath: /dev/shm + name: dshm + - mountPath: /var/lib/pgsql/data + name: data + restartPolicy: Always + securityContext: {} + serviceAccount: default + serviceAccountName: default + volumes: + - emptyDir: + medium: Memory + name: dshm + updateStrategy: + rollingUpdate: + partition: 0 + type: RollingUpdate + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi \ No newline at end of file diff --git a/config/manager/default-config/deployment.yaml b/config/manager/default-config/deployment.yaml index e19a7902..d2af0b50 100644 --- a/config/manager/default-config/deployment.yaml +++ b/config/manager/default-config/deployment.yaml @@ -12,17 +12,80 @@ spec: labels: backstage.io/app: # placeholder for 'backstage-' spec: + # serviceAccountName: default + volumes: + - ephemeral: + volumeClaimTemplate: + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + name: dynamic-plugins-root + - name: dynamic-plugins-npmrc + secret: + defaultMode: 420 + optional: true + secretName: dynamic-plugins-npmrc + + initContainers: + - command: + - ./install-dynamic-plugins.sh + - /dynamic-plugins-root + env: + - name: NPM_CONFIG_USERCONFIG + value: /opt/app-root/src/.npmrc.dynamic-plugins + image: 'quay.io/janus-idp/backstage-showcase:next' + imagePullPolicy: IfNotPresent + name: install-dynamic-plugins + volumeMounts: + - mountPath: /dynamic-plugins-root + name: dynamic-plugins-root + - mountPath: /opt/app-root/src/.npmrc.dynamic-plugins + name: dynamic-plugins-npmrc + readOnly: true + subPath: .npmrc + workingDir: /opt/app-root/src + containers: - - name: backstage - image: ghcr.io/backstage/backstage + - name: backstage-backend + image: quay.io/janus-idp/backstage-showcase:next imagePullPolicy: IfNotPresent + args: + - "--config" + - "dynamic-plugins-root/app-config.dynamic-plugins.yaml" + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthcheck + port: 7007 + scheme: HTTP + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 2 + timeoutSeconds: 2 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthcheck + port: 7007 + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 ports: - name: http containerPort: 7007 + env: + - name: APP_CONFIG_backend_listen_port + value: "7007" envFrom: - secretRef: name: postgres-secrets -# - secretRef: -# name: backstage-secrets - - + # - secretRef: + # name: backstage-secrets + volumeMounts: + - mountPath: /opt/app-root/src/dynamic-plugins-root + name: dynamic-plugins-root \ No newline at end of file diff --git a/controllers/backstage_backend_auth.go b/controllers/backstage_backend_auth.go index 1fef7cf5..73a7afee 100644 --- a/controllers/backstage_backend_auth.go +++ b/controllers/backstage_backend_auth.go @@ -29,15 +29,15 @@ import ( ) var ( - _defaultBackendAuthSecretValue = "pl4s3Ch4ng3M3" - defaultBackstageBackendAuthSecret = ` -apiVersion: v1 -kind: Secret -metadata: - name: # placeholder for '-auth' -data: - # A random value will be generated for the backend-secret key -` + _defaultBackendAuthSecretValue = "pl4s3Ch4ng3M3" + // defaultBackstageBackendAuthSecret = ` + //apiVersion: v1 + //kind: Secret + //metadata: + // name: # placeholder for '-auth' + //data: + // # A random value will be generated for the backend-secret key + //` ) func (r *BackstageReconciler) handleBackendAuthSecret(ctx context.Context, backstage bs.Backstage, ns string) (secretName string, err error) { @@ -47,8 +47,8 @@ func (r *BackstageReconciler) handleBackendAuthSecret(ctx context.Context, backs //Create default Secret for backend auth var sec v1.Secret - var isDefault bool - isDefault, err = r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.BackstageConfigName, "backend-auth-secret", ns, defaultBackstageBackendAuthSecret, &sec) + //var isDefault bool + err = r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.BackstageConfigName, "backend-auth-secret.yaml", ns, &sec) if err != nil { return "", fmt.Errorf("failed to read config: %s", err) } @@ -68,20 +68,22 @@ func (r *BackstageReconciler) handleBackendAuthSecret(ctx context.Context, backs //TODO(rm3l): why kubebuilder default values do not work k = "backend-secret" } - if isDefault { - // Create a secret with a random value - authVal := func(length int) string { - bytes := make([]byte, length) - if _, randErr := rand.Read(bytes); randErr != nil { - // Do not fail, but use a fallback value - return _defaultBackendAuthSecretValue - } - return base64.StdEncoding.EncodeToString(bytes) - }(24) - sec.Data = map[string][]byte{ - k: []byte(authVal), + + // there should not be any difference between default and not default + // if isDefault { + // Create a secret with a random value + authVal := func(length int) string { + bytes := make([]byte, length) + if _, randErr := rand.Read(bytes); randErr != nil { + // Do not fail, but use a fallback value + return _defaultBackendAuthSecretValue } + return base64.StdEncoding.EncodeToString(bytes) + }(24) + sec.Data = map[string][]byte{ + k: []byte(authVal), } + // } err = r.Create(ctx, &sec) if err != nil { return "", fmt.Errorf("failed to create secret for backend auth, reason: %s", err) diff --git a/controllers/backstage_controller.go b/controllers/backstage_controller.go index 88c64ec0..7714d884 100644 --- a/controllers/backstage_controller.go +++ b/controllers/backstage_controller.go @@ -134,8 +134,7 @@ func (r *BackstageReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( func (r *BackstageReconciler) readConfigMapOrDefault(ctx context.Context, name string, key string, ns string, object v1.Object) error { - // ConfigMap name not set, default - //lg := log.FromContext(ctx) + lg := log.FromContext(ctx) if name == "" { err := readYamlFile(defFile(key), object) @@ -154,11 +153,13 @@ func (r *BackstageReconciler) readConfigMapOrDefault(ctx context.Context, name s val, ok := cm.Data[key] if !ok { // key not found, default + lg.V(1).Info("custom configuration configMap and data exists, trying to apply it", "configMap", cm.Name, "key", key) err := readYamlFile(defFile(key), object) if err != nil { return fmt.Errorf("failed to read YAML file: %w", err) } } else { + lg.V(1).Info("custom configuration configMap exists but no such key, applying default config", "configMap", cm.Name, "key", key) err := readYaml([]byte(val), object) if err != nil { return fmt.Errorf("failed to read YAML: %w", err) diff --git a/controllers/backstage_controller_test.go b/controllers/backstage_controller_test.go index 3cb12734..6f2051bf 100644 --- a/controllers/backstage_controller_test.go +++ b/controllers/backstage_controller_test.go @@ -285,7 +285,7 @@ var _ = Describe("Backstage controller", func() { BeforeEach(func() { backstageConfigMap := buildConfigMap("my-bs-config", map[string]string{ - "deploy": ` + "deployment.yaml": ` apiVersion: apps/v1 kind: Deployment metadata: @@ -349,7 +349,7 @@ spec: BeforeEach(func() { localDbConfigMap := buildConfigMap("my-db-config", map[string]string{ - "statefulset": ` + "db-statefulset.yaml": ` apiVersion: apps/v1 kind: StatefulSet metadata: diff --git a/controllers/backstage_deployment.go b/controllers/backstage_deployment.go index f2408ebd..f9bd6df0 100644 --- a/controllers/backstage_deployment.go +++ b/controllers/backstage_deployment.go @@ -31,102 +31,102 @@ const ( _containersWorkingDir = "/opt/app-root/src" ) -var ( - DefaultBackstageDeployment = fmt.Sprintf(` -apiVersion: apps/v1 -kind: Deployment -metadata: - name: backstage -spec: - replicas: 1 - selector: - matchLabels: - backstage.io/app: # placeholder for 'backstage-' - template: - metadata: - labels: - backstage.io/app: # placeholder for 'backstage-' - spec: -# serviceAccountName: default - - volumes: - - ephemeral: - volumeClaimTemplate: - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - name: dynamic-plugins-root - - name: dynamic-plugins-npmrc - secret: - defaultMode: 420 - optional: true - secretName: dynamic-plugins-npmrc - - initContainers: - - command: - - ./install-dynamic-plugins.sh - - /dynamic-plugins-root - env: - - name: NPM_CONFIG_USERCONFIG - value: %[3]s/.npmrc.dynamic-plugins - image: 'quay.io/janus-idp/backstage-showcase:next' - imagePullPolicy: IfNotPresent - name: %[1]s - volumeMounts: - - mountPath: /dynamic-plugins-root - name: dynamic-plugins-root - - mountPath: %[3]s/.npmrc.dynamic-plugins - name: dynamic-plugins-npmrc - readOnly: true - subPath: .npmrc - workingDir: %[3]s - - containers: - - name: %[2]s - image: quay.io/janus-idp/backstage-showcase:next - imagePullPolicy: IfNotPresent - args: - - "--config" - - "dynamic-plugins-root/app-config.dynamic-plugins.yaml" - readinessProbe: - failureThreshold: 3 - httpGet: - path: /healthcheck - port: 7007 - scheme: HTTP - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 2 - timeoutSeconds: 2 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthcheck - port: 7007 - scheme: HTTP - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 2 - ports: - - name: http - containerPort: 7007 - env: - - name: APP_CONFIG_backend_listen_port - value: "7007" - envFrom: - - secretRef: - name: postgres-secrets -# - secretRef: -# name: backstage-secrets - volumeMounts: - - mountPath: %[3]s/dynamic-plugins-root - name: dynamic-plugins-root -`, _defaultBackstageInitContainerName, _defaultBackstageMainContainerName, _containersWorkingDir) -) +//var ( +// DefaultBackstageDeployment = fmt.Sprintf(` +//apiVersion: apps/v1 +//kind: Deployment +//metadata: +// name: backstage +//spec: +// replicas: 1 +// selector: +// matchLabels: +// backstage.io/app: # placeholder for 'backstage-' +// template: +// metadata: +// labels: +// backstage.io/app: # placeholder for 'backstage-' +// spec: +//# serviceAccountName: default +// +// volumes: +// - ephemeral: +// volumeClaimTemplate: +// spec: +// accessModes: +// - ReadWriteOnce +// resources: +// requests: +// storage: 1Gi +// name: dynamic-plugins-root +// - name: dynamic-plugins-npmrc +// secret: +// defaultMode: 420 +// optional: true +// secretName: dynamic-plugins-npmrc +// +// initContainers: +// - command: +// - ./install-dynamic-plugins.sh +// - /dynamic-plugins-root +// env: +// - name: NPM_CONFIG_USERCONFIG +// value: %[3]s/.npmrc.dynamic-plugins +// image: 'quay.io/janus-idp/backstage-showcase:next' +// imagePullPolicy: IfNotPresent +// name: %[1]s +// volumeMounts: +// - mountPath: /dynamic-plugins-root +// name: dynamic-plugins-root +// - mountPath: %[3]s/.npmrc.dynamic-plugins +// name: dynamic-plugins-npmrc +// readOnly: true +// subPath: .npmrc +// workingDir: %[3]s +// +// containers: +// - name: %[2]s +// image: quay.io/janus-idp/backstage-showcase:next +// imagePullPolicy: IfNotPresent +// args: +// - "--config" +// - "dynamic-plugins-root/app-config.dynamic-plugins.yaml" +// readinessProbe: +// failureThreshold: 3 +// httpGet: +// path: /healthcheck +// port: 7007 +// scheme: HTTP +// initialDelaySeconds: 30 +// periodSeconds: 10 +// successThreshold: 2 +// timeoutSeconds: 2 +// livenessProbe: +// failureThreshold: 3 +// httpGet: +// path: /healthcheck +// port: 7007 +// scheme: HTTP +// initialDelaySeconds: 60 +// periodSeconds: 10 +// successThreshold: 1 +// timeoutSeconds: 2 +// ports: +// - name: http +// containerPort: 7007 +// env: +// - name: APP_CONFIG_backend_listen_port +// value: "7007" +// envFrom: +// - secretRef: +// name: postgres-secrets +//# - secretRef: +//# name: backstage-secrets +// volumeMounts: +// - mountPath: %[3]s/dynamic-plugins-root +// name: dynamic-plugins-root +//`, _defaultBackstageInitContainerName, _defaultBackstageMainContainerName, _containersWorkingDir) +//) func (r *BackstageReconciler) applyBackstageDeployment(ctx context.Context, backstage bs.Backstage, ns string) error { diff --git a/controllers/backstage_dynamic_plugins.go b/controllers/backstage_dynamic_plugins.go index 3a90c782..a37d8155 100644 --- a/controllers/backstage_dynamic_plugins.go +++ b/controllers/backstage_dynamic_plugins.go @@ -26,19 +26,19 @@ import ( "k8s.io/utils/pointer" ) -var ( - defaultDynamicPluginsConfigMap = ` -apiVersion: v1 -kind: ConfigMap -metadata: - name: # placeholder for '-dynamic-plugins' -data: - "dynamic-plugins.yaml": | - includes: - - dynamic-plugins.default.yaml - plugins: [] -` -) +//var ( +// defaultDynamicPluginsConfigMap = ` +//apiVersion: v1 +//kind: ConfigMap +//metadata: +// name: # placeholder for '-dynamic-plugins' +//data: +// "dynamic-plugins.yaml": | +// includes: +// - dynamic-plugins.default.yaml +// plugins: [] +//` +//) func (r *BackstageReconciler) getOrGenerateDynamicPluginsConf(ctx context.Context, backstage bs.Backstage, ns string) (config bs.DynamicPluginsConfigRef, err error) { if backstage.Spec.DynamicPluginsConfig != nil { @@ -47,7 +47,7 @@ func (r *BackstageReconciler) getOrGenerateDynamicPluginsConf(ctx context.Contex //Create default ConfigMap for dynamic plugins var cm v1.ConfigMap - _, err = r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.BackstageConfigName, "dynamic-plugins-configmap", ns, defaultDynamicPluginsConfigMap, &cm) + err = r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.BackstageConfigName, "dynamic-plugins-configmap.yaml", ns, &cm) if err != nil { return bs.DynamicPluginsConfigRef{}, fmt.Errorf("failed to read config: %s", err) } diff --git a/controllers/local_db_deployment.go b/controllers/local_db_deployment.go deleted file mode 100644 index e69de29b..00000000 diff --git a/controllers/local_db_statefulset.go b/controllers/local_db_statefulset.go index a1bb8fe0..87a9a7c9 100644 --- a/controllers/local_db_statefulset.go +++ b/controllers/local_db_statefulset.go @@ -27,138 +27,138 @@ import ( "sigs.k8s.io/controller-runtime/pkg/log" ) -var ( - DefaultLocalDbDeployment = `apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: backstage-psql-cr1 # placeholder for 'backstage-psql-' -spec: - podManagementPolicy: OrderedReady - replicas: 1 - selector: - matchLabels: - backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' - serviceName: backstage-psql-cr1-hl # placeholder for 'backstage-psql--hl' - template: - metadata: - labels: - backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' - name: backstage-db-cr1 # placeholder for 'backstage-psql-' - spec: - containers: - - env: - - name: POSTGRESQL_PORT_NUMBER - value: "5432" - - name: POSTGRESQL_VOLUME_DIR - value: /var/lib/pgsql/data - - name: PGDATA - value: /var/lib/pgsql/data/userdata - envFrom: - - secretRef: - name: postgres-secrets - image: quay.io/fedora/postgresql-15:latest - imagePullPolicy: IfNotPresent - securityContext: - runAsNonRoot: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - livenessProbe: - exec: - command: - - /bin/sh - - -c - - exec pg_isready -U ${POSTGRES_USER} -h 127.0.0.1 -p 5432 - failureThreshold: 6 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: postgresql - ports: - - containerPort: 5432 - name: tcp-postgresql - protocol: TCP - readinessProbe: - exec: - command: - - /bin/sh - - -c - - -e - - | - exec pg_isready -U ${POSTGRES_USER} -h 127.0.0.1 -p 5432 - failureThreshold: 6 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: - requests: - cpu: 250m - memory: 256Mi - limits: - memory: 1024Mi - volumeMounts: - - mountPath: /dev/shm - name: dshm - - mountPath: /var/lib/pgsql/data - name: data - restartPolicy: Always - securityContext: {} - serviceAccount: default - serviceAccountName: default - volumes: - - emptyDir: - medium: Memory - name: dshm - updateStrategy: - rollingUpdate: - partition: 0 - type: RollingUpdate - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: data - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi -` - DefaultLocalDbService = `apiVersion: v1 -kind: Service -metadata: - name: backstage-psql-cr1 # placeholder for 'backstage-psql-' -spec: - selector: - backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' - ports: - - port: 5432 -` - DefaultLocalDbServiceHL = `apiVersion: v1 -kind: Service -metadata: - name: backstage-psql-cr1-hl # placeholder for 'backstage-psql--hl' -spec: - selector: - backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' - clusterIP: None - ports: - - port: 5432 -` -) +//var ( +// DefaultLocalDbDeployment = `apiVersion: apps/v1 +//kind: StatefulSet +//metadata: +// name: backstage-psql-cr1 # placeholder for 'backstage-psql-' +//spec: +// podManagementPolicy: OrderedReady +// replicas: 1 +// selector: +// matchLabels: +// backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' +// serviceName: backstage-psql-cr1-hl # placeholder for 'backstage-psql--hl' +// template: +// metadata: +// labels: +// backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' +// name: backstage-db-cr1 # placeholder for 'backstage-psql-' +// spec: +// containers: +// - env: +// - name: POSTGRESQL_PORT_NUMBER +// value: "5432" +// - name: POSTGRESQL_VOLUME_DIR +// value: /var/lib/pgsql/data +// - name: PGDATA +// value: /var/lib/pgsql/data/userdata +// envFrom: +// - secretRef: +// name: postgres-secrets +// image: quay.io/fedora/postgresql-15:latest +// imagePullPolicy: IfNotPresent +// securityContext: +// runAsNonRoot: true +// allowPrivilegeEscalation: false +// seccompProfile: +// type: RuntimeDefault +// capabilities: +// drop: +// - ALL +// livenessProbe: +// exec: +// command: +// - /bin/sh +// - -c +// - exec pg_isready -U ${POSTGRES_USER} -h 127.0.0.1 -p 5432 +// failureThreshold: 6 +// initialDelaySeconds: 30 +// periodSeconds: 10 +// successThreshold: 1 +// timeoutSeconds: 5 +// name: postgresql +// ports: +// - containerPort: 5432 +// name: tcp-postgresql +// protocol: TCP +// readinessProbe: +// exec: +// command: +// - /bin/sh +// - -c +// - -e +// - | +// exec pg_isready -U ${POSTGRES_USER} -h 127.0.0.1 -p 5432 +// failureThreshold: 6 +// initialDelaySeconds: 5 +// periodSeconds: 10 +// successThreshold: 1 +// timeoutSeconds: 5 +// resources: +// requests: +// cpu: 250m +// memory: 256Mi +// limits: +// memory: 1024Mi +// volumeMounts: +// - mountPath: /dev/shm +// name: dshm +// - mountPath: /var/lib/pgsql/data +// name: data +// restartPolicy: Always +// securityContext: {} +// serviceAccount: default +// serviceAccountName: default +// volumes: +// - emptyDir: +// medium: Memory +// name: dshm +// updateStrategy: +// rollingUpdate: +// partition: 0 +// type: RollingUpdate +// volumeClaimTemplates: +// - apiVersion: v1 +// kind: PersistentVolumeClaim +// metadata: +// name: data +// spec: +// accessModes: +// - ReadWriteOnce +// resources: +// requests: +// storage: 1Gi +//` +// DefaultLocalDbService = `apiVersion: v1 +//kind: Service +//metadata: +// name: backstage-psql-cr1 # placeholder for 'backstage-psql-' +//spec: +// selector: +// backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' +// ports: +// - port: 5432 +//` +// DefaultLocalDbServiceHL = `apiVersion: v1 +//kind: Service +//metadata: +// name: backstage-psql-cr1-hl # placeholder for 'backstage-psql--hl' +//spec: +// selector: +// backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' +// clusterIP: None +// ports: +// - port: 5432 +//` +//) func (r *BackstageReconciler) applyLocalDbStatefulSet(ctx context.Context, backstage bs.Backstage, ns string) error { lg := log.FromContext(ctx) statefulSet := &appsv1.StatefulSet{} - _, err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.LocalDbConfigName, "statefulset", ns, DefaultLocalDbDeployment, statefulSet) + err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.LocalDbConfigName, "db-statefulset.yaml", ns, statefulSet) if err != nil { return err } @@ -191,21 +191,21 @@ func (r *BackstageReconciler) applyLocalDbStatefulSet(ctx context.Context, backs func (r *BackstageReconciler) applyLocalDbServices(ctx context.Context, backstage bs.Backstage, ns string) error { name := fmt.Sprintf("backstage-psql-%s", backstage.Name) - err := r.applyPsqlService(ctx, backstage, name, name, DefaultLocalDbService, ns) + err := r.applyPsqlService(ctx, backstage, name, name, ns, "db-service.yaml") if err != nil { return err } nameHL := fmt.Sprintf("backstage-psql-%s-hl", backstage.Name) - return r.applyPsqlService(ctx, backstage, nameHL, name, DefaultLocalDbServiceHL, ns) + return r.applyPsqlService(ctx, backstage, nameHL, name, ns, "db-service-hl.yaml") } -func (r *BackstageReconciler) applyPsqlService(ctx context.Context, backstage bs.Backstage, name, label, defaultData, ns string) error { +func (r *BackstageReconciler) applyPsqlService(ctx context.Context, backstage bs.Backstage, name, label, ns string, key string) error { lg := log.FromContext(ctx) service := &corev1.Service{} - _, err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.LocalDbConfigName, "service", ns, defaultData, service) + err := r.readConfigMapOrDefault(ctx, backstage.Spec.RawRuntimeConfig.LocalDbConfigName, key, ns, service) if err != nil { return err } From cffa4172df94f2c37b54e9e54fa7cd5f338d0e7f Mon Sep 17 00:00:00 2001 From: gazarenkov Date: Thu, 30 Nov 2023 11:18:11 +0200 Subject: [PATCH 4/7] fix with new objects --- .../default-config/dynamic-plugins-configmap.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 config/manager/default-config/dynamic-plugins-configmap.yaml diff --git a/config/manager/default-config/dynamic-plugins-configmap.yaml b/config/manager/default-config/dynamic-plugins-configmap.yaml new file mode 100644 index 00000000..492543c6 --- /dev/null +++ b/config/manager/default-config/dynamic-plugins-configmap.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: # placeholder for '-dynamic-plugins' +data: + "dynamic-plugins.yaml": | + includes: + - dynamic-plugins.default.yaml + plugins: [] \ No newline at end of file From 2bf0716484804532b08c3deff79a436f1dac0300 Mon Sep 17 00:00:00 2001 From: gazarenkov Date: Thu, 30 Nov 2023 11:47:06 +0200 Subject: [PATCH 5/7] config small fixes --- .../backstage-operator.clusterserviceversion.yaml | 2 +- config/manager/kustomization.yaml | 9 +++++---- config/rbac/kustomization.yaml | 2 +- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/bundle/manifests/backstage-operator.clusterserviceversion.yaml b/bundle/manifests/backstage-operator.clusterserviceversion.yaml index 22804c65..d8d91cb4 100644 --- a/bundle/manifests/backstage-operator.clusterserviceversion.yaml +++ b/bundle/manifests/backstage-operator.clusterserviceversion.yaml @@ -251,7 +251,7 @@ spec: - create - patch serviceAccountName: backstage-operator-controller-manager - strategy: deployment.yaml + strategy: deployment installModes: - supported: false type: OwnNamespace diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 26fbe531..a6046f3d 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -4,7 +4,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization images: - name: controller - newName: gazarenkov/backstage + newName: quay.io/rhdh/backstage-operator generatorOptions: disableNameSuffixHash: true @@ -13,8 +13,9 @@ configMapGenerator: - files: - default-config/deployment.yaml - default-config/service.yaml - - default-config/db-deployment.yaml + - default-config/db-statefulset.yaml - default-config/db-service.yaml - - default-config/db-pv.yaml - - default-config/db-pvc.yaml + - default-config/db-service-hl.yaml + - default-config/backend-auth-secret.yaml + - default-config/dynamic-plugins-configmap.yaml name: default-config diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 10b2c20c..731832a6 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -1,6 +1,6 @@ resources: # All RBAC will be applied under this service account in -# the deployment.yaml namespace. You may comment out this resource +# the deployment namespace. You may comment out this resource # if your manager will use a service account that exists at # runtime. Be sure to update RoleBinding and ClusterRoleBinding # subjects if changing service account names. From 47ba2f98356a9f5037ac65fc65dcea6e821210ec Mon Sep 17 00:00:00 2001 From: gazarenkov Date: Thu, 30 Nov 2023 12:34:48 +0200 Subject: [PATCH 6/7] fix for https://github.com/janus-idp/operator/issues/51 --- config/manager/default-config/db-service.yaml | 2 +- controllers/local_db_statefulset.go | 7 ++++--- examples/postgres-secret.yaml | 3 ++- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/config/manager/default-config/db-service.yaml b/config/manager/default-config/db-service.yaml index 32780481..93e5c48a 100644 --- a/config/manager/default-config/db-service.yaml +++ b/config/manager/default-config/db-service.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Service metadata: - name: backstage-psql-cr1 # placeholder for 'backstage-psql-' + name: backstage-psql # placeholder for 'backstage-psql-' .NOTE: For the time it is static and linked to Secret-> postgres-secrets -> OSTGRES_HOST spec: selector: backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' diff --git a/controllers/local_db_statefulset.go b/controllers/local_db_statefulset.go index 87a9a7c9..b1d900d2 100644 --- a/controllers/local_db_statefulset.go +++ b/controllers/local_db_statefulset.go @@ -190,13 +190,14 @@ func (r *BackstageReconciler) applyLocalDbStatefulSet(ctx context.Context, backs } func (r *BackstageReconciler) applyLocalDbServices(ctx context.Context, backstage bs.Backstage, ns string) error { - name := fmt.Sprintf("backstage-psql-%s", backstage.Name) - err := r.applyPsqlService(ctx, backstage, name, name, ns, "db-service.yaml") + // TODO static for the time and bound to Secret: postgres-secret + label := fmt.Sprintf("backstage-psql-%s", backstage.Name) + err := r.applyPsqlService(ctx, backstage, "backstage-psql", label, ns, "db-service.yaml") if err != nil { return err } nameHL := fmt.Sprintf("backstage-psql-%s-hl", backstage.Name) - return r.applyPsqlService(ctx, backstage, nameHL, name, ns, "db-service-hl.yaml") + return r.applyPsqlService(ctx, backstage, nameHL, label, ns, "db-service-hl.yaml") } diff --git a/examples/postgres-secret.yaml b/examples/postgres-secret.yaml index d256eb1f..5ba67ed9 100644 --- a/examples/postgres-secret.yaml +++ b/examples/postgres-secret.yaml @@ -8,4 +8,5 @@ stringData: POSTGRES_PASSWORD: admin123 POSTGRES_PORT: "5432" POSTGRES_USER: postgres - POSTGRESQL_ADMIN_PASSWORD: admin123 \ No newline at end of file + POSTGRESQL_ADMIN_PASSWORD: admin123 + POSTGRES_HOST: backstage-psql \ No newline at end of file From 4bdb1a067bcaee14eb530fceae526079c4db688f Mon Sep 17 00:00:00 2001 From: gazarenkov Date: Wed, 6 Dec 2023 20:22:26 +0200 Subject: [PATCH 7/7] fix for https://github.com/janus-idp/operator/issues/58 --- controllers/local_db_statefulset.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/controllers/local_db_statefulset.go b/controllers/local_db_statefulset.go index 79d56c8e..aff6b1e8 100644 --- a/controllers/local_db_statefulset.go +++ b/controllers/local_db_statefulset.go @@ -167,6 +167,8 @@ func (r *BackstageReconciler) applyLocalDbStatefulSet(ctx context.Context, backs return err } + // need to patch the Name before get for correct search + statefulSet.Name = fmt.Sprintf("backstage-psql-%s", backstage.Name) err = r.Get(ctx, types.NamespacedName{Name: statefulSet.Name, Namespace: ns}, statefulSet) if err != nil { if errors.IsNotFound(err) {