Merge branch 'nephio-project:main' into rpkg-command-output

nephio-project · Mar 6, 2024 · 764f0d0 · 764f0d0
2 parents d02d5e6 + 3154946
commit 764f0d0
Show file tree

Hide file tree

Showing 9 changed files with 302 additions and 19 deletions.
diff --git a/docs/development.md b/docs/development.md
@@ -13,6 +13,7 @@ make generate
 Porch comprises of several software components:
 
 * [api](../api): Definition of the KRM API supported by the Porch extension apiserver
+* [porchctl](../cmd/porchctl): CLI command tool for administration of Porch `Repository` and `PackageRevision` custom resources.
 * [apiserver](../pkg/apiserver/): The Porch apiserver implementation, REST handlers, Porch `main` function
 * [engine](../pkg/engine/): Core logic of Package Orchestration - operations on package contents
 * [func](../func): KRM function evaluator microservice; exposes gRPC API

diff --git a/docs/porchctl-cli-guide.md b/docs/porchctl-cli-guide.md
@@ -1,6 +1,7 @@
 ## Using the porchctl cli
 
-When Porch was ported to Nephio, the `kpt alpha rpkg` commands in kpt were moved into a new command called `porchctl`.
+
+When Porch was ported to Nephio, the `kpt alpha rpkg` commands in kpt were moved into a new command called `porchctl`. 
 
 To use it locally, [download](https://github.com/nephio-project/porch/releases), unpack and add it to your PATH.
 

diff --git a/docs/tutorials/porch-development-environment/README.md b/docs/tutorials/porch-development-environment/README.md
@@ -0,0 +1,148 @@
+# Setting up a development environment for Porch
+
+This tutorial gives short instructions on how to set up a development environment for Porch. It outlines the steps to get a [kind](https://kind.sigs.k8s.io/) cluster up
+and running to which a Porch instance running in Visual Studio Code can connect to and interact with.
+
+# Setup kind with MetalLB and Gitea
+
+Follow steps 1-5 inclusive of the [Starting with Porch](https://github.com/nephio-project/porch/tree/main/docs/tutorials/starting-with-porch) tutorial. You now have two Kind clusters `management` and `edge1` running with Gitea installed on the `management` cluster. Gitea has the repositories `management` and `edge1` defined.
+
+> **_NOTE:_** This [setup script](bin/setup.sh) automates steps 1-5 of the Starting with Porch tutorial. You may need to adapt this script to your local environment.
+
+> **_NOTE:_** This [cleardown script script](bin/cleardown.sh) clears everything down by deleting the `management` and `edge1` Kind clusters. USE WITH CARE.
+
+
+You can reach the Gitea web interface on the address reported by the following command:
+```
+kubectl get svc -n gitea gitea        
+NAME    TYPE           CLUSTER-IP      EXTERNAL-IP      PORT(S)                       AGE
+gitea   LoadBalancer   10.197.10.118   172.18.255.200   22:31260/TCP,3000:31012/TCP   8m35s
+```
+
+# Install the Porch function runner
+
+The Porch server requires that the Porch function runner is executing. To install the Porch function runner on the Kind management cluster, execute the following commands.
+
+```
+kubectl apply -f https://raw.githubusercontent.com/nephio-project/catalog/main/nephio/core/porch/0-packagerevs.yaml
+kubectl apply -f https://raw.githubusercontent.com/nephio-project/catalog/main/nephio/core/porch/0-packagevariants.yaml
+kubectl apply -f https://raw.githubusercontent.com/nephio-project/catalog/main/nephio/core/porch/0-packagevariantsets.yaml
+kubectl apply -f https://raw.githubusercontent.com/nephio-project/catalog/main/nephio/core/porch/0-repositories.yaml
+kubectl apply -f https://raw.githubusercontent.com/nephio-project/catalog/main/nephio/core/porch/1-namespace.yaml
+kubectl apply -f https://raw.githubusercontent.com/nephio-project/catalog/main/nephio/core/porch/2-function-runner.yaml
+
+kubectl wait --namespace porch-system \
+                --for=condition=ready pod \
+                --selector=app=function-runner \
+                --timeout=300s
+```
+
+The Porch function runner should now be executing:
+
+```
+kubectl get pod -n porch-system --selector=app=function-runner
+NAME                              READY   STATUS    RESTARTS   AGE
+function-runner-67d4c7c7b-7wm97   1/1     Running   0          16m
+function-runner-67d4c7c7b-czvvq   1/1     Running   0          16m
+```
+
+Expose the `function-runner` service so that the Porch server running in Visual Studio Code can reach it, change the service type from `ClusterIP` to `LoadBalancer`:
+
+```
+kubectl edit svc -n porch-system function-runner
+
+31c31
+<   type: ClusterIP
+---
+>   type: LoadBalancer
+```
+
+Now check that the `function-runner` service has been assigned an IP address external to the cluster:
+```
+kubectl get svc -n porch-system function-runner
+NAME              TYPE           CLUSTER-IP       EXTERNAL-IP      PORT(S)          AGE
+function-runner   LoadBalancer   10.197.168.148   172.18.255.201   9445:31794/TCP   22m
+```
+
+# Install Porch resources for standalone execution
+
+The Porch server requires that the following resources are defined in the K8S cluster where it is executed:
+
+- The `porch-system` namespace, an API Service called `apiservice.apiregistration.k8s.io/v1alpha1.porch.kpt.dev` and the `service.api` service to expose the API Service. These resources are defined in the the file `deployments/local/localconfig.yaml`
+- The `repositories.config.porch.kpt.dev` and `functions.config.porch.kpt.dev` CRDs. These CRDs are defined in the `api/porchconfig/v1alpha1/` directory.
+- The `packagerevs.config.porch.kpt.dev` CRD. This CRD is defined in the `internal/api/porchinternal/v1alpha1/` directory.
+
+```
+kubectl apply -f https://raw.githubusercontent.com/nephio-project/porch/main/deployments/local/localconfig.yaml
+kubectl apply -f https://raw.githubusercontent.com/nephio-project/porch/main/api/porchconfig/v1alpha1/config.porch.kpt.dev_repositories.yaml
+kubectl apply -f https://raw.githubusercontent.com/nephio-project/porch/main/api/porchconfig/v1alpha1/config.porch.kpt.dev_functions.yaml
+kubectl apply -f https://raw.githubusercontent.com/nephio-project/porch/main/internal/api/porchinternal/v1alpha1/config.porch.kpt.dev_packagerevs.yaml
+```
+Verify that the resources have been created
+```
+kubectl api-resources | grep -i porch
+functions                                      config.porch.kpt.dev/v1alpha1     true         Function
+packagerevs                                    config.porch.kpt.dev/v1alpha1     true         PackageRev
+packagevariants                                config.porch.kpt.dev/v1alpha1     true         PackageVariant
+packagevariantsets                             config.porch.kpt.dev/v1alpha2     true         PackageVariantSet
+repositories                                   config.porch.kpt.dev/v1alpha1     true         Repository
+```
+
+# Configure VSCode to run the Porch server
+
+Check out porch and start vscode in the root of your checked out Porch repo.
+
+Edit your local `.vscode.launch.json` file as follows:
+1. Change the `--kubeconfig` value to point at your local Kind cluster configuration file.
+2. Change the `--function-runner` IP address to that of the function runner service running in the Kind `management` cluster.
+3. You can specify `KUBECONFIG` in the `env` section of the configuration instead of using the `--kubeconfig` flag.
+
+```
+        {
+            "name": "Launch Server",
+            "type": "go",
+            "request": "launch",
+            "mode": "auto",
+            "program": "${workspaceFolder}/cmd/porch/main.go",
+            "args": [
+                "--secure-port=9443",
+                "--v=7",
+                "--standalone-debug-mode",
+                "--kubeconfig=${userHome}/.kube/kind-management-config",
+                "--cache-directory=${workspaceFolder}/.cache",
+                "--function-runner=172.18.255.201:9445"
+            ],
+            "cwd": "${workspaceFolder}"
+        },
+```
+
+You can now launch the Porch server locally in VSCode by selecting the "Launch Server" configuration on the VSCode "Run and Debug" window. for
+more information please refer to the [VSCode debugging documentation](https://code.visualstudio.com/docs/editor/debugging).
+
+# Create Repositories using your local Porch server
+
+To connect Gitea to Porch follow [step 6 in the Starting with Porch](https://github.com/nephio-project/porch/tree/main/docs/tutorials/starting-with-porch#connect-the-gitea-repositories-to-porch) tutorial to create the Gitea and external repositories in Porch.
+
+You will notice logging messages in VSCode when you run the command `kubectl apply -f porch-repositories.yaml` command.
+
+You can check that your locally running Porch server has created the repositories by running the `porchctl` command.
+
+```
+porchctl repo get -A
+NAME                  TYPE   CONTENT   DEPLOYMENT   READY   ADDRESS
+edge1                 git    Package   true         True    http://172.18.255.200:3000/nephio/edge1.git
+external-blueprints   git    Package   false        True    https://github.com/nephio-project/free5gc-packages.git
+management            git    Package   false        True    http://172.18.255.200:3000/nephio/management.git
+```
+
+You can also check the repositories using kubectl.
+
+```
+kubectl get  repositories -n porch-demo  
+NAME                  TYPE   CONTENT   DEPLOYMENT   READY   ADDRESS
+edge1                 git    Package   true         True    http://172.18.255.200:3000/nephio/edge1.git
+external-blueprints   git    Package   false        True    https://github.com/nephio-project/free5gc-packages.git
+management            git    Package   false        True    http://172.18.255.200:3000/nephio/management.git
+```
+
+You now have a locally running Porch server. Happy developing!
diff --git a/docs/tutorials/porch-development-environment/bin/cleardown.sh b/docs/tutorials/porch-development-environment/bin/cleardown.sh
@@ -0,0 +1,21 @@
+#! /bin/bash
+
+# Copyright 2024 The kpt and Nephio Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+kind delete cluster --name management
+kind delete cluster --name edge1
+
+rm ~/.kube/kind-management-config
+rm ~/.kube/kind-edge1-config
diff --git a/docs/tutorials/porch-development-environment/bin/setup.sh b/docs/tutorials/porch-development-environment/bin/setup.sh
@@ -0,0 +1,106 @@
+#! /bin/bash
+
+# Copyright 2024 The kpt and Nephio Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+os_type=$(uname)
+if [ "$os_type" = "Darwin" ]
+then
+  SED="gsed"
+else
+  SED="sed"
+fi
+
+# Create mgmt and edge1 clusters in kind
+curl -s https://raw.githubusercontent.com/nephio-project/porch/main/docs/tutorials/starting-with-porch/kind_management_cluster.yaml | \
+  kind create cluster --config=-
+
+curl -s https://raw.githubusercontent.com/nephio-project/porch/main/docs/tutorials/starting-with-porch/kind_edge1_cluster.yaml | \
+  kind create cluster --config=-
+
+kind get kubeconfig --name=management > ~/.kube/kind-management-config
+kind get kubeconfig --name=edge1 > ~/.kube/kind-edge1-config
+
+export KUBECONFIG=~/.kube/kind-management-config
+
+# Instal MetalLB
+kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.12/config/manifests/metallb-native.yaml
+kubectl wait --namespace metallb-system \
+                --for=condition=ready pod \
+                --selector=component=controller \
+                --timeout=90s
+
+kubectl apply -f https://raw.githubusercontent.com/nephio-project/porch/main/docs/tutorials/starting-with-porch/metallb-conf.yaml
+
+TMP_DIR=$(mktemp -d)
+
+pushd "$TMP_DIR" || exit
+
+mkdir kpt_packages
+pushd kpt_packages || exit
+
+# Install Gitea
+kpt pkg get https://github.com/nephio-project/catalog/tree/main/distros/sandbox/gitea
+$SED -i 's/ metallb.universe.tf/ #metallb.universe.tf/' gitea/service-gitea.yaml
+kpt fn render gitea
+kpt live init gitea
+kpt live apply gitea
+
+popd || exit
+
+# Create management and edge1 repos in gitea
+curl -k -H "content-type: application/json" "http://nephio:[email protected]:3000/api/v1/user/repos" --data '{"name":"management"}'
+curl -k -H "content-type: application/json" "http://nephio:[email protected]:3000/api/v1/user/repos" --data '{"name":"edge1"}'
+
+mkdir repos
+pushd repos || exit
+
+# Initialize management and edge1 repos in Gitea
+git clone http://172.18.255.200:3000/nephio/management
+pushd management || exit
+
+touch README.md
+git init
+git checkout -b main
+git config user.name nephio
+git add README.md
+
+git commit -m "first commit"
+git remote remove origin
+git remote add origin http://nephio:[email protected]:3000/nephio/management.git
+git remote -v
+git push -u origin main
+popd || exit
+
+git clone http://172.18.255.200:3000/nephio/edge1
+pushd edge1 || exit
+
+touch README.md
+git init
+git checkout -b main
+git config user.name nephio
+git add README.md
+
+git commit -m "first commit"
+git remote remove origin
+git remote add origin http://nephio:[email protected]:3000/nephio/edge1.git
+git remote -v
+git push -u origin main
+popd || exit
+
+popd || exit
+
+rm -fr "$TMP_DIR"
+
+kubectl config use-context kind-management
diff --git a/docs/tutorials/starting-with-porch/README.md b/docs/tutorials/starting-with-porch/README.md
@@ -1,6 +1,6 @@
-# Porch Tutorial
+# Starting with Porch Tutorial
 
-This tutorial is a guide to installing and using Porch. It is based on the [Porch demo produced by Tal Liron of Google](https://github.com/tliron/klab/tree/main/environments/porch-demo). Users should be very comfortable with using with `git`, `docker`, and `kubernetes`.
+This tutorial is a guide to installing and using Porch. It is based on the [Porch demo produced by Tal Liron of Google](https://github.com/tliron/klab/tree/main/environments/porch-demo). Users should be very comfortable with using `git`, `docker`, and `kubernetes`.
 
 # Table of Contents
 1. [Prerequisites](#Prerequisites)

diff --git a/pkg/apiserver/apiserver.go b/pkg/apiserver/apiserver.go
@@ -1,4 +1,4 @@
-// Copyright 2022 The kpt and Nephio Authors
+// Copyright 2022,2024 The kpt and Nephio Authors
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -18,6 +18,7 @@ import (
 	"context"
 	"fmt"
 	"os"
+	"strings"
 	"time"
 
 	"github.com/nephio-project/porch/api/porch/install"
@@ -281,9 +282,14 @@ func (c completedConfig) New() (*PorchServer, error) {
 
 func (s *PorchServer) Run(ctx context.Context) error {
 	porch.RunBackground(ctx, s.coreClient, s.cache)
+	webhookNs, found := os.LookupEnv("CERT_NAMESPACE")
+	if !found || strings.TrimSpace(webhookNs) == "" {
+		webhookNs = "porch-system"
+	}
+
 	certStorageDir, found := os.LookupEnv("CERT_STORAGE_DIR")
-	if found && certStorageDir != "" {
-		if err := setupWebhooks(ctx, certStorageDir); err != nil {
+	if found && strings.TrimSpace(certStorageDir) != "" {
+		if err := setupWebhooks(ctx, webhookNs, certStorageDir); err != nil {
 			klog.Errorf("%v\n", err)
 			return err
 		}

diff --git a/pkg/apiserver/webhooks.go b/pkg/apiserver/webhooks.go
@@ -1,4 +1,4 @@
-// Copyright 2022 The kpt and Nephio Authors
+// Copyright 2022,2024 The kpt and Nephio Authors
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -51,12 +51,12 @@ const (
 	serverEndpoint     = "/validate-deletion"
 )
 
-func setupWebhooks(ctx context.Context, certStorageDir string) error {
-	caBytes, err := createCerts(certStorageDir)
+func setupWebhooks(ctx context.Context, webhookNs string, certStorageDir string) error {
+	caBytes, err := createCerts(webhookNs, certStorageDir)
 	if err != nil {
 		return err
 	}
-	if err := createValidatingWebhook(ctx, caBytes); err != nil {
+	if err := createValidatingWebhook(ctx, webhookNs, caBytes); err != nil {
 		return err
 	}
 	if err := runWebhookServer(certStorageDir); err != nil {
@@ -65,11 +65,11 @@ func setupWebhooks(ctx context.Context, certStorageDir string) error {
 	return nil
 }
 
-func createCerts(certStorageDir string) ([]byte, error) {
-	klog.Infoln("creating self-signing TLS cert and key ")
+func createCerts(webhookNs string, certStorageDir string) ([]byte, error) {
+	klog.Infoln("creating self-signing TLS cert and key with namespace " + webhookNs + " in directory " + certStorageDir)
 	dnsNames := []string{"api",
-		"api.porch-system", "api.porch-system.svc"}
-	commonName := "api.porch-system.svc"
+		"api." + webhookNs, "api." + webhookNs + ".svc"}
+	commonName := "api." + webhookNs + ".svc"
 
 	var caPEM, serverCertPEM, serverPrivateKeyPEM *bytes.Buffer
 	// CA config
@@ -165,8 +165,8 @@ func WriteFile(filepath string, c []byte) error {
 	return nil
 }
 
-func createValidatingWebhook(ctx context.Context, caCert []byte) error {
-	klog.Infoln("Creating validating webhook")
+func createValidatingWebhook(ctx context.Context, webhookNs string, caCert []byte) error {
+	klog.Infoln("Creating validating webhook with namespace " + webhookNs)
 
 	cfg := ctrl.GetConfigOrDie()
 	kubeClient, err := kubernetes.NewForConfig(cfg)
@@ -175,7 +175,7 @@ func createValidatingWebhook(ctx context.Context, caCert []byte) error {
 	}
 
 	var (
-		webhookNamespace  = "porch-system"
+		webhookNamespace  = webhookNs
 		validationCfgName = "packagerev-deletion-validating-webhook"
 		webhookService    = "api"
 		path              = serverEndpoint