feat(override): add image overrider

go.mod

@@ -4,6 +4,7 @@ go 1.19
 
 require (
 	github.com/davecgh/go-spew v1.1.1
+	github.com/distribution/reference v0.5.0
 	github.com/evanphx/json-patch v5.6.0+incompatible
 	github.com/evanphx/json-patch/v5 v5.6.0
 	github.com/go-logr/logr v1.2.4
@@ -56,6 +57,7 @@ require (
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/pelletier/go-toml v1.9.4 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/prometheus/client_model v0.3.0 // indirect

go.sum

@@ -63,6 +63,8 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK2OFGvA0=
+github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
 github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
 github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE=
 github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
@@ -231,6 +233,8 @@ github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU
 github.com/onsi/ginkgo/v2 v2.11.0/go.mod h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7kR0iZvM=
 github.com/onsi/gomega v1.27.8 h1:gegWiwZjBsf2DgiSbf5hpokZ98JVDMcWkUiigk6/KXc=
 github.com/onsi/gomega v1.27.8/go.mod h1:2J8vzI/s+2shY9XHRApDkdgPo1TKT7P2u6fXeJKFnNQ=
+github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
+github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
 github.com/pelletier/go-toml v1.9.4 h1:tjENF6MfZAg8e4ZmZTeWaWiT2vXtsoO6+iuOjFhECwM=
 github.com/pelletier/go-toml v1.9.4/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=

pkg/apis/core/v1alpha1/types_overridepolicy.go

@@ -81,12 +81,46 @@ type TargetClusters struct {
 	ClusterAffinity []ClusterSelectorTerm `json:"clusterAffinity,omitempty"`
 }
 
+// Overriders contains a list of override patch
+// The order in which the override patches take effect is:
+// - Image
+// - JsonPatch
 type Overriders struct {
+	Image []ImageOverrider `json:"image,omitempty"`
 	// JsonPatch specifies overriders in a syntax similar to RFC6902 JSON Patch.
 	// +optional
 	JsonPatch []JsonPatchOverrider `json:"jsonpatch,omitempty"`
 }
 
+type ImageOverrider struct {
+	// ContainerName is ignored when ImagePath is set
+	// If null, the image override rule applies to all containers.
+	// If specified, it should match one container or initContainer name in pod template.
+	// +optional
+	ContainerName string `json:"containerName,omitempty"`
+
+	// ImagePath indicates the path of target image field.
+	// Defaults to empty, the system will automatically detect image fields if the resource type is
+	// Pod, CronJob, Deployment, StatefulSet, DaemonSet or Job
+	// If not empty, the image override rule applies to specify image
+	// +optional
+	ImagePath string `json:"imagePath,omitempty"`
+
+	// ImageComponent is part of image name.
+	// +kubebuilder:validation:Enum=registry;repository;tag;digest
+	// +required
+	ImageComponent string `json:"imageComponent"`
+
+	// Operator specifies the operation.
+	// If omitted, defaults to "replace".
+	// +kubebuilder:validation:Enum=add;remove;replace
+	// +optional
+	Operator string `json:"operator,omitempty"`
+
+	// Value is the value(s) required by the operation.
+	Value string `json:"value,omitempty"`
+}
+
 type JsonPatchOverrider struct {
 	// Operator specifies the operation.
 	// If omitted, defaults to "replace".

pkg/controllers/override/imageparse.go

@@ -0,0 +1,175 @@
+/*
+Copyright 2023 The KubeAdmiral Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package override
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+
+	"github.com/distribution/reference"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+
+	utilreference "github.com/kubewharf/kubeadmiral/pkg/lifted/distribution/reference"
+)
+
+type Image struct {
+	registry   string
+	repository string
+	tag        string
+	digest     string
+}
+
+func (i *Image) OperateRegistry(operator, value string) {
+	switch operator {
+	case OperatorAdd:
+		i.registry += value
+	case OperatorReplace:
+		i.registry = value
+	case OperatorRemove:
+		i.registry = ""
+	}
+}
+
+func (i *Image) OperateRepository(operator, value string) {
+	switch operator {
+	case OperatorAdd:
+		i.repository += value
+	case OperatorReplace:
+		i.repository = value
+	case OperatorRemove:
+		i.repository = ""
+	}
+}
+
+func (i *Image) OperateTag(operator, value string) {
+	var newTag string
+	switch operator {
+	case OperatorAdd:
+		newTag = i.tag + value
+	case OperatorReplace:
+		newTag = value
+	case OperatorRemove:
+		newTag = ""
+	}
+
+	if operator != OperatorRemove && !utilreference.AnchoredTagRegexp.MatchString(newTag) {
+		return
+	}
+
+	i.tag = newTag
+}
+
+func (i *Image) OperateDigest(operator, value string) {
+	var newDigest string
+	switch operator {
+	case OperatorAdd:
+		newDigest = i.digest + value
+	case OperatorReplace:
+		newDigest = value
+	case OperatorRemove:
+		newDigest = ""
+	}
+
+	if operator != OperatorRemove && !utilreference.AnchoredDigestRegexp.MatchString(newDigest) {
+		return
+	}
+
+	i.digest = newDigest
+}
+
+func (i *Image) String() string {
+	fullName := i.repository
+
+	if i.registry != "" {
+		fullName = strings.Join([]string{i.registry, i.repository}, "/")
+	}
+
+	if i.tag != "" {
+		fullName = strings.Join([]string{fullName, i.tag}, ":")
+	}
+
+	if i.digest != "" {
+		fullName = strings.Join([]string{fullName, i.digest}, "@")
+	}
+
+	return fullName
+}
+
+// ParseImage returns a Components of the given image.
+func ParseImage(fullName string) (*Image, error) {
+	ref, err := reference.Parse(fullName)
+	if err != nil {
+		return nil, err
+	}
+
+	image := &Image{}
+	if named, ok := ref.(reference.Named); ok {
+		image.registry, image.repository = SplitRegistryAndRepository(named.Name())
+	}
+
+	if tagged, ok := ref.(reference.Tagged); ok {
+		image.tag = tagged.Tag()
+	}
+
+	if digested, ok := ref.(reference.Digested); ok {
+		image.digest = digested.Digest().String()
+	}
+
+	return image, nil
+}
+
+func SplitRegistryAndRepository(name string) (registry, repository string) {
+	i := strings.IndexRune(name, '/')
+	if i == -1 || (!strings.ContainsAny(name[:i], ".:") && name[:i] != "localhost") {
+		registry, repository = "", name
+	} else {
+		registry, repository = name[:i], name[i+1:]
+	}
+	return
+}
+
+func ParseValueFromUnstructuredObj(input *unstructured.Unstructured, path string) (string, error) {
+	segments := strings.Split(strings.Trim(path, pathSeparator), pathSeparator)
+	currentObj := input.Object
+
+	for i := 0; i < len(segments)-1; i++ {
+		segment := segments[i]
+		switch obj := currentObj[segment].(type) {
+		case map[string]interface{}:
+			currentObj = obj
+		case []interface{}:
+			index, err := strconv.ParseInt(segments[i+1], 10, 32)
+			if err != nil {
+				return "", fmt.Errorf("the segment(%s) of path is not a number", segments[i+1])
+			}
+			if int(index) >= len(obj) {
+				return "", fmt.Errorf("slice index out of range")
+			}
+			currentObj = obj[index].(map[string]interface{})
+			i++
+		default:
+			return "", fmt.Errorf("the field(%s) of unstructured obj is not map[string]interface{} or []interface{}", segment)
+		}
+	}
+
+	value, ok := currentObj[segments[len(segments)-1]].(string)
+	if !ok {
+		return "", fmt.Errorf("failed to convert value under path(%s) into string", path)
+	}
+	return value, nil
+}