diff --git a/.github/workflows/cla.yaml b/.github/workflows/cla.yaml index 77d732d..9f0505b 100644 --- a/.github/workflows/cla.yaml +++ b/.github/workflows/cla.yaml @@ -14,14 +14,14 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # the below token should have repo scope and must be manually added by you in the repository's secret - PERSONAL_ACCESS_TOKEN : ${{ secrets.KUSIONSTACK_BOT_TOKEN }} + PERSONAL_ACCESS_TOKEN : ${{ secrets.KCL_LANG_BOT_TOKEN }} with: - path-to-document: 'https://github.com/KusionStack/.github/blob/main/CLA.md' # e.g. a CLA or a DCO document + path-to-document: 'https://github.com/kcl-lang/.github/blob/main/CLA.md' # e.g. a CLA or a DCO document # branch should not be protected lock-pullrequest-aftermerge: True path-to-signatures: 'signatures/version1/cla.json' - remote-organization-name: KusionStack + remote-organization-name: kcl-lang remote-repository-name: cla.db branch: 'main' allowlist: bot* @@ -35,4 +35,4 @@ jobs: #custom-pr-sign-comment: 'The signature to be committed in order to sign the CLA' #custom-allsigned-prcomment: 'pull request comment when all contributors has signed, defaults to **CLA Assistant Lite bot** All Contributors have signed the CLA.' #lock-pullrequest-aftermerge: false - if you don't want this bot to automatically lock the pull request after merging (default - true) - #use-dco-flag: true - If you are using DCO instead of CLA \ No newline at end of file + #use-dco-flag: true - If you are using DCO instead of CLA diff --git a/README.md b/README.md index b860f34..28cc0f8 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,10 @@ KCL Operator provides cluster integration, allowing you to use Access Webhook to + Validate all KRM resources using KCL schema. + Use an abstract model to generate KRM resources. +## Architecture + +![architecture](./images/arch.png) + ## CR Example ```yaml diff --git a/api/v1alpha1/groupversion_info.go b/api/v1alpha1/groupversion_info.go index 0bdb614..56dee38 100644 --- a/api/v1alpha1/groupversion_info.go +++ b/api/v1alpha1/groupversion_info.go @@ -16,7 +16,7 @@ limitations under the License. // Package v1alpha1 contains API Schema definitions for the krm.kcl.dev v1alpha1 API group // +kubebuilder:object:generate=true -// +groupName=krm.kcl.dev.kcl-lang.io +// +groupName=krm.kcl.dev package v1alpha1 import ( @@ -26,7 +26,7 @@ import ( var ( // GroupVersion is group version used to register these objects - GroupVersion = schema.GroupVersion{Group: "krm.kcl.dev.kcl-lang.io", Version: "v1alpha1"} + GroupVersion = schema.GroupVersion{Group: "krm.kcl.dev", Version: "v1alpha1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} diff --git a/api/v1alpha1/kclrun_types.go b/api/v1alpha1/kclrun_types.go index f04b262..a22f76c 100644 --- a/api/v1alpha1/kclrun_types.go +++ b/api/v1alpha1/kclrun_types.go @@ -18,6 +18,7 @@ package v1alpha1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" ) // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! @@ -28,8 +29,10 @@ type KCLRunSpec struct { // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster // Important: Run "make" to regenerate code after modifying this file - // Foo is an example field of KCLRun. Edit kclrun_types.go to remove/update - Foo string `json:"foo,omitempty"` + // Source is a required field for providing a KCL script inline. + Source string `json:"source" yaml:"source"` + // Params are the parameters in key-value pairs format. + Params unstructured.Unstructured `json:"params,omitempty" yaml:"params,omitempty"` } // KCLRunStatus defines the observed state of KCLRun @@ -43,20 +46,20 @@ type KCLRunStatus struct { // KCLRun is the Schema for the kclruns API type KCLRun struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` + metav1.TypeMeta `json:",inline" yaml:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty" yaml:"metadata,omitempty"` - Spec KCLRunSpec `json:"spec,omitempty"` - Status KCLRunStatus `json:"status,omitempty"` + Spec KCLRunSpec `json:"spec,omitempty" yaml:"spec,omitempty"` + Status KCLRunStatus `json:"status,omitempty" yaml:"status,omitempty"` } //+kubebuilder:object:root=true // KCLRunList contains a list of KCLRun type KCLRunList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - Items []KCLRun `json:"items"` + metav1.TypeMeta `json:",inline" yaml:",inline"` + metav1.ListMeta `json:"metadata,omitempty" yaml:"metadata,omitempty"` + Items []KCLRun `json:"items" yaml:"items"` } func init() { diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 7429f88..0189a31 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -30,7 +30,7 @@ func (in *KCLRun) DeepCopyInto(out *KCLRun) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec + in.Spec.DeepCopyInto(&out.Spec) out.Status = in.Status } @@ -87,6 +87,7 @@ func (in *KCLRunList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KCLRunSpec) DeepCopyInto(out *KCLRunSpec) { *out = *in + in.Params.DeepCopyInto(&out.Params) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KCLRunSpec. diff --git a/config/crd/bases/krm.kcl.dev.kcl-lang.io_kclruns.yaml b/config/crd/bases/krm.kcl.dev.kcl-lang.io_kclruns.yaml index e1b25bc..c8dd5f0 100644 --- a/config/crd/bases/krm.kcl.dev.kcl-lang.io_kclruns.yaml +++ b/config/crd/bases/krm.kcl.dev.kcl-lang.io_kclruns.yaml @@ -5,9 +5,9 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.11.1 creationTimestamp: null - name: kclruns.krm.kcl.dev.kcl-lang.io + name: kclruns.krm.kcl.dev spec: - group: krm.kcl.dev.kcl-lang.io + group: krm.kcl.dev names: kind: KCLRun listKind: KCLRunList diff --git a/config/crd/bases/krm.kcl.dev_kclruns.yaml b/config/crd/bases/krm.kcl.dev_kclruns.yaml new file mode 100644 index 0000000..c7994fa --- /dev/null +++ b/config/crd/bases/krm.kcl.dev_kclruns.yaml @@ -0,0 +1,55 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: kclruns.krm.kcl.dev +spec: + group: krm.kcl.dev + names: + kind: KCLRun + listKind: KCLRunList + plural: kclruns + singular: kclrun + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KCLRun is the Schema for the kclruns API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KCLRunSpec defines the desired state of KCLRun + properties: + params: + description: Params are the parameters in key-value pairs format. + type: object + source: + description: Source is a required field for providing a KCL script + inline. + type: string + required: + - source + type: object + status: + description: KCLRunStatus defines the observed state of KCLRun + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index e20343b..bbf47e6 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -2,7 +2,7 @@ # since it depends on service name and namespace that are out of this kustomize package. # It should be run by config/default resources: -- bases/krm.kcl.dev.kcl-lang.io_kclruns.yaml +- bases/krm.kcl.dev_kclruns.yaml #+kubebuilder:scaffold:crdkustomizeresource patchesStrategicMerge: diff --git a/config/crd/patches/cainjection_in_kclruns.yaml b/config/crd/patches/cainjection_in_kclruns.yaml index 48c777e..b1a3e55 100644 --- a/config/crd/patches/cainjection_in_kclruns.yaml +++ b/config/crd/patches/cainjection_in_kclruns.yaml @@ -4,4 +4,4 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) - name: kclruns.krm.kcl.dev.kcl-lang.io + name: kclruns.krm.kcl.dev diff --git a/config/crd/patches/webhook_in_kclruns.yaml b/config/crd/patches/webhook_in_kclruns.yaml index 39d17c7..54d07d0 100644 --- a/config/crd/patches/webhook_in_kclruns.yaml +++ b/config/crd/patches/webhook_in_kclruns.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - name: kclruns.krm.kcl.dev.kcl-lang.io + name: kclruns.krm.kcl.dev spec: conversion: strategy: Webhook diff --git a/config/rbac/kclrun_editor_role.yaml b/config/rbac/kclrun_editor_role.yaml index 912ca25..22f0e22 100644 --- a/config/rbac/kclrun_editor_role.yaml +++ b/config/rbac/kclrun_editor_role.yaml @@ -12,7 +12,7 @@ metadata: name: kclrun-editor-role rules: - apiGroups: - - krm.kcl.dev.kcl-lang.io + - krm.kcl.dev resources: - kclruns verbs: @@ -24,7 +24,7 @@ rules: - update - watch - apiGroups: - - krm.kcl.dev.kcl-lang.io + - krm.kcl.dev resources: - kclruns/status verbs: diff --git a/config/rbac/kclrun_viewer_role.yaml b/config/rbac/kclrun_viewer_role.yaml index d48d4f8..844d3ba 100644 --- a/config/rbac/kclrun_viewer_role.yaml +++ b/config/rbac/kclrun_viewer_role.yaml @@ -12,7 +12,7 @@ metadata: name: kclrun-viewer-role rules: - apiGroups: - - krm.kcl.dev.kcl-lang.io + - krm.kcl.dev resources: - kclruns verbs: @@ -20,7 +20,7 @@ rules: - list - watch - apiGroups: - - krm.kcl.dev.kcl-lang.io + - krm.kcl.dev resources: - kclruns/status verbs: diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 1055f9d..336568c 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -6,7 +6,7 @@ metadata: name: manager-role rules: - apiGroups: - - krm.kcl.dev.kcl-lang.io + - krm.kcl.dev resources: - kclruns verbs: @@ -18,13 +18,13 @@ rules: - update - watch - apiGroups: - - krm.kcl.dev.kcl-lang.io + - krm.kcl.dev resources: - kclruns/finalizers verbs: - update - apiGroups: - - krm.kcl.dev.kcl-lang.io + - krm.kcl.dev resources: - kclruns/status verbs: diff --git a/config/samples/krm.kcl.dev_v1alpha1_kclrun.yaml b/config/samples/krm.kcl.dev_v1alpha1_kclrun.yaml index c1cd04d..696aa3a 100644 --- a/config/samples/krm.kcl.dev_v1alpha1_kclrun.yaml +++ b/config/samples/krm.kcl.dev_v1alpha1_kclrun.yaml @@ -1,4 +1,4 @@ -apiVersion: krm.kcl.dev.kcl-lang.io/v1alpha1 +apiVersion: krm.kcl.dev/v1alpha1 kind: KCLRun metadata: labels: diff --git a/controllers/kclrun_controller.go b/controllers/kclrun_controller.go index a209a9e..b556a37 100644 --- a/controllers/kclrun_controller.go +++ b/controllers/kclrun_controller.go @@ -33,9 +33,9 @@ type KCLRunReconciler struct { Scheme *runtime.Scheme } -//+kubebuilder:rbac:groups=krm.kcl.dev.kcl-lang.io,resources=kclruns,verbs=get;list;watch;create;update;patch;delete -//+kubebuilder:rbac:groups=krm.kcl.dev.kcl-lang.io,resources=kclruns/status,verbs=get;update;patch -//+kubebuilder:rbac:groups=krm.kcl.dev.kcl-lang.io,resources=kclruns/finalizers,verbs=update +//+kubebuilder:rbac:groups=krm.kcl.dev,resources=kclruns,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=krm.kcl.dev,resources=kclruns/status,verbs=get;update;patch +//+kubebuilder:rbac:groups=krm.kcl.dev,resources=kclruns/finalizers,verbs=update // Reconcile is part of the main kubernetes reconciliation loop which aims to // move the current state of the cluster closer to the desired state. diff --git a/images/arch.png b/images/arch.png new file mode 100644 index 0000000..dfa7788 Binary files /dev/null and b/images/arch.png differ