Skip to content

Commit

Permalink
Revendor g/g 1.92.
Browse files Browse the repository at this point in the history
  • Loading branch information
Gerrit91 committed Oct 2, 2024
1 parent 1147384 commit e8f3012
Show file tree
Hide file tree
Showing 11 changed files with 1,529 additions and 427 deletions.
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ COPY . .
RUN make install \
&& strip /go/bin/gardener-extension-audit

FROM alpine:3.19
FROM alpine:3.20
WORKDIR /
COPY charts /charts
COPY --from=builder /go/bin/gardener-extension-audit /gardener-extension-audit
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile.dev
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
FROM alpine:3.18
FROM alpine:3.20
COPY bin/gardener-extension-audit /gardener-extension-audit
CMD ["/gardener-extension-audit"]
3 changes: 1 addition & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -75,8 +75,7 @@ generate: $(HELM)

.PHONY: generate-in-docker
generate-in-docker: revendor $(HELM) $(YQ)
# comment back in after first release:
# echo $(shell git describe --abbrev=0 --tags) > VERSION
echo $(shell git describe --abbrev=0 --tags) > VERSION
docker run --rm -i$(DOCKER_TTY_ARG) -v $(PWD):/go/src/github.com/metal-stack/gardener-extension-audit golang:$(GO_VERSION) \
sh -c "cd /go/src/github.com/metal-stack/gardener-extension-audit \
&& make generate \
Expand Down
76 changes: 67 additions & 9 deletions cmd/gardener-extension-audit/app/app.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,24 +3,36 @@ package app
import (
"context"
"fmt"
"os"

"github.com/metal-stack/gardener-extension-audit/pkg/apis/audit/install"
"github.com/metal-stack/gardener-extension-audit/pkg/controller/audit"

extensionscontroller "github.com/gardener/gardener/extensions/pkg/controller"
heartbeatcontroller "github.com/gardener/gardener/extensions/pkg/controller/heartbeat"
"github.com/gardener/gardener/extensions/pkg/util"
v1beta1constants "github.com/gardener/gardener/pkg/apis/core/v1beta1/constants"
gardenerhealthz "github.com/gardener/gardener/pkg/healthz"
"github.com/spf13/cobra"

corev1 "k8s.io/api/core/v1"
componentbaseconfig "k8s.io/component-base/config"
"k8s.io/client-go/rest"
"k8s.io/client-go/tools/clientcmd"

"github.com/spf13/cobra"
"sigs.k8s.io/controller-runtime/pkg/cache"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/cluster"
"sigs.k8s.io/controller-runtime/pkg/healthz"
logf "sigs.k8s.io/controller-runtime/pkg/log"
"sigs.k8s.io/controller-runtime/pkg/manager"

componentbaseconfig "k8s.io/component-base/config"
)

var log = logf.Log.WithName("gardener-extension-audit")

// NewControllerManagerCommand creates a new command that is used to start the controller.
func NewControllerManagerCommand() *cobra.Command {
func NewControllerManagerCommand(ctx context.Context) *cobra.Command {
options := NewOptions()

cmd := &cobra.Command{
Expand All @@ -37,7 +49,7 @@ func NewControllerManagerCommand() *cobra.Command {
}

cmd.SilenceUsage = true
return options.run(cmd.Context())
return options.run(ctx)
},
}

Expand All @@ -47,17 +59,44 @@ func NewControllerManagerCommand() *cobra.Command {
}

func (o *Options) run(ctx context.Context) error {
// TODO: Make these flags configurable via command line parameters or component config file.
util.ApplyClientConnectionConfigurationToRESTConfig(&componentbaseconfig.ClientConnectionConfiguration{
QPS: 100.0,
Burst: 130,
}, o.restOptions.Completed().Config)

mgrOpts := o.managerOptions.Completed().Options()

mgrOpts.ClientDisableCacheFor = []client.Object{
&corev1.Secret{}, // applied for ManagedResources
&corev1.ConfigMap{}, // applied for monitoring config
mgrOpts.Cache = cache.Options{
ByObject: map[client.Object]cache.ByObject{
&corev1.Secret{}: {},
&corev1.ConfigMap{}: {},
},
// &corev1.Secret{}, // applied for ManagedResources
// &corev1.ConfigMap{}, // applied for monitoring config
}

// Operators can enable the source cluster option via SOURCE_CLUSTER environment variable.
// In-cluster config will be used if no SOURCE_KUBECONFIG is specified.
//
// The source cluster is for instance used by Gardener's certificate controller, to maintain certificate
// secrets in a different cluster ('runtime-garden') than the cluster where the webhook configurations
// are maintained ('virtual-garden').
var sourceClusterConfig *rest.Config
if sourceClusterEnabled := os.Getenv("SOURCE_CLUSTER"); sourceClusterEnabled != "" {
log.Info("Configuring source cluster option")
var err error
sourceClusterConfig, err = clientcmd.BuildConfigFromFlags("", os.Getenv("SOURCE_KUBECONFIG"))
if err != nil {
return err
}
mgrOpts.LeaderElectionConfig = sourceClusterConfig
} else {
// Restrict the cache for secrets to the configured namespace to avoid the need for cluster-wide list/watch permissions.
mgrOpts.Cache = cache.Options{
ByObject: map[client.Object]cache.ByObject{
&corev1.Secret{}: {Namespaces: map[string]cache.Config{o.webhookOptions.Server.Completed().Namespace: {}}},
},
}
}

mgr, err := manager.New(o.restOptions.Completed().Config, mgrOpts)
Expand All @@ -79,11 +118,30 @@ func (o *Options) run(ctx context.Context) error {
o.reconcileOptions.Completed().Apply(&audit.DefaultAddOptions.IgnoreOperationAnnotation)
o.heartbeatOptions.Completed().Apply(&heartbeatcontroller.DefaultAddOptions)

var sourceCluster cluster.Cluster
if sourceClusterConfig != nil {
sourceCluster, err = cluster.New(sourceClusterConfig, func(opts *cluster.Options) {
opts.Logger = log
opts.Cache.DefaultNamespaces = map[string]cache.Config{v1beta1constants.GardenNamespace: {}}
})
if err != nil {
return err
}

if err := mgr.AddReadyzCheck("source-informer-sync", gardenerhealthz.NewCacheSyncHealthz(sourceCluster.GetCache())); err != nil {
return err
}

if err = mgr.Add(sourceCluster); err != nil {
return err
}
}

if err := o.controllerSwitches.Completed().AddToManager(ctx, mgr); err != nil {
return fmt.Errorf("could not add controllers to manager: %w", err)
}

if _, err := o.webhookOptions.Completed().AddToManager(ctx, mgr); err != nil {
if _, err := o.webhookOptions.Completed().AddToManager(ctx, mgr, sourceCluster); err != nil {
return fmt.Errorf("could not add the mutating webhook to manager: %w", err)
}

Expand Down
12 changes: 5 additions & 7 deletions cmd/gardener-extension-audit/app/options.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ import (
heartbeatcmd "github.com/gardener/gardener/extensions/pkg/controller/heartbeat/cmd"
webhookcmd "github.com/gardener/gardener/extensions/pkg/webhook/cmd"
auditcmd "github.com/metal-stack/gardener-extension-audit/pkg/cmd"
"k8s.io/client-go/tools/leaderelection/resourcelock"
)

// ExtensionName is the name of the extension.
Expand Down Expand Up @@ -50,12 +49,11 @@ func NewOptions() *Options {
restOptions: &controllercmd.RESTOptions{},
managerOptions: &controllercmd.ManagerOptions{
// These are default values.
LeaderElection: true,
LeaderElectionID: controllercmd.LeaderElectionNameID(ExtensionName),
LeaderElectionResourceLock: resourcelock.LeasesResourceLock,
LeaderElectionNamespace: os.Getenv("LEADER_ELECTION_NAMESPACE"),
MetricsBindAddress: ":8080",
HealthBindAddress: ":8081",
LeaderElection: true,
LeaderElectionID: controllercmd.LeaderElectionNameID(ExtensionName),
LeaderElectionNamespace: os.Getenv("LEADER_ELECTION_NAMESPACE"),
MetricsBindAddress: ":8080",
HealthBindAddress: ":8081",
},
controllerOptions: &controllercmd.ControllerOptions{
// This is a default value.
Expand Down
5 changes: 3 additions & 2 deletions cmd/gardener-extension-audit/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,16 @@ package main
import (
"os"

"github.com/gardener/gardener/pkg/logger"
"github.com/metal-stack/gardener-extension-audit/cmd/gardener-extension-audit/app"

logger "github.com/gardener/gardener/pkg/logger"
runtimelog "sigs.k8s.io/controller-runtime/pkg/log"
"sigs.k8s.io/controller-runtime/pkg/manager/signals"
)

func main() {
runtimelog.SetLogger(logger.MustNewZapLogger(logger.InfoLevel, logger.FormatJSON))
cmd := app.NewControllerManagerCommand()
cmd := app.NewControllerManagerCommand(signals.SetupSignalHandler())

if err := cmd.Execute(); err != nil {
runtimelog.Log.Error(err, "error executing the main controller command")
Expand Down
Loading

0 comments on commit e8f3012

Please sign in to comment.