feat: initial integration support

[AlexsJones]

Closes #

📑 Description

✅ Checks

• [x ] My pull request adheres to the code style of this project
• [x ] My code requires changes to the documentation
• [x ] I have updated the documentation as required
• [x ] All the tests have passed

ℹ Additional Information

[jkleinlercher]

I tried this version locally and here are my issues:

ClusterRole k8sgpt for serviceaccount k8sgpt

ClusterRole Definition in

k8sgpt-operator/pkg/resources/k8sgpt.go

Line 140 in 5b5fd2f

clusterRole := r1.ClusterRole{

needs to have more privileges, otherwise the controller gets the following errors when installing trivy:

2023-09-20T14:46:31Z ERROR Reconciler error {"controller": "k8sgpt", "controllerGroup": "core.k8sgpt.ai", "controllerKind": "K8sGPT", "K8sGPT": {"name":"k8sgpt-sample","namespace":"sx-k8sgpt"}, "namespace": "sx-k8sgpt", "name": "k8sgpt-sample", "reconcileID": "874ca62a-83dc-4ff5-ac09-92c8cdfdab02", "error": "failed to call AddConfig RPC: rpc error: code = Unknown desc = failed to install CRD crds/aquasecurity.github.io_clustercompliancereports.yaml: 1 error occurred:\n\t* customresourcedefinitions.apiextensions.k8s.io is forbidden: User \"system:serviceaccount:sx-k8sgpt:k8sgpt\" cannot create resource \"customresourcedefinitions\" in API group \"apiextensions.k8s.io\" at the cluster scope\n\n"}

K8sGPT CRD

K8sGPT CRD https://github.com/k8sgpt-ai/k8sgpt-operator/blob/main/chart/operator/templates/k8sgpt-crd.yaml needs to get updated with the latest changes in f75cbaf#diff-515c96a78fd03639770938bc9d86c9d31cfde1233911fc4d28be1609e6bc90cc

[AlexsJones]

I tried this version locally and here are my issues:

ClusterRole k8sgpt for serviceaccount k8sgpt

ClusterRole Definition in

k8sgpt-operator/pkg/resources/k8sgpt.go

Line 140 in 5b5fd2f

clusterRole := r1.ClusterRole{

needs to have more privileges, otherwise the controller gets the following errors when installing trivy:
2023-09-20T14:46:31Z ERROR Reconciler error {"controller": "k8sgpt", "controllerGroup": "core.k8sgpt.ai", "controllerKind": "K8sGPT", "K8sGPT": {"name":"k8sgpt-sample","namespace":"sx-k8sgpt"}, "namespace": "sx-k8sgpt", "name": "k8sgpt-sample", "reconcileID": "874ca62a-83dc-4ff5-ac09-92c8cdfdab02", "error": "failed to call AddConfig RPC: rpc error: code = Unknown desc = failed to install CRD crds/aquasecurity.github.io_clustercompliancereports.yaml: 1 error occurred:\n\t* customresourcedefinitions.apiextensions.k8s.io is forbidden: User \"system:serviceaccount:sx-k8sgpt:k8sgpt\" cannot create resource \"customresourcedefinitions\" in API group \"apiextensions.k8s.io\" at the cluster scope\n\n"}

K8sGPT CRD

K8sGPT CRD https://github.com/k8sgpt-ai/k8sgpt-operator/blob/main/chart/operator/templates/k8sgpt-crd.yaml needs to get updated with the latest changes in f75cbaf#diff-515c96a78fd03639770938bc9d86c9d31cfde1233911fc4d28be1609e6bc90cc

It's not ready just yet, thanks for trying though!

[jkleinlercher]

Two additional things. When this branch is used with the K8sGPT CR attribut

    extraOptions:
      backstage:
        enabled: true

the issue #240 will happened, so k8sgpt-ai/k8sgpt#678 would be a prereq for this PR.

And when used with

    integrations:
      trivy:
        skipInstall: true

the trivy integration will still be deactivated (k8sgpt-ai/k8sgpt#670) so k8sgpt-ai/k8sgpt#675 will also be a prereq in this case.

[AlexsJones]

Two additional things. When this branch is used with the K8sGPT CR attribut

    extraOptions:
      backstage:
        enabled: true

the issue k8sgpt-ai/k8sgpt-operator#240 will happened, so k8sgpt-ai/k8sgpt#678 would be a prereq for this PR.

And when used with

    integrations:
      trivy:
        skipInstall: true

the trivy integration will still be deactivated (k8sgpt-ai/k8sgpt#670) so k8sgpt-ai/k8sgpt#675 will also be a prereq in this case.

Good feedback thanks, I anticipate this will only work on the next k8sgpt release also as there are schema changes

[AlexsJones]

Solves #179

[arbreezy]

@AlexsJones apart from the consideration of how privileged the cluster role is and the unresolved conflicts, it looks good to me