Skip to content

Commit

Permalink
Automated merge
Browse files Browse the repository at this point in the history
* upstream/main: (34 commits)
  Remove validation when generating YAML manifests (istio-ecosystem#496)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#504)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#503)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#501)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#499)
  Revision Tag Support (istio-ecosystem#413)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#497)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#495)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#492)
  Update e2e Documentation with env var to set sample yaml files (istio-ecosystem#487)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#490)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#489)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#488)
  Centralize the way the sample apps yaml are being set to be deployed (istio-ecosystem#483)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#485)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#484)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#482)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#480)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#479)
  Automator: Update dependencies in istio-ecosystem/sail-operator@main (istio-ecosystem#478)
  ...

# Conflicts:
#	api/v1alpha1/remoteistio_types.go
#	bundle/manifests/sailoperator.io_remoteistios.yaml
#	chart/crds/sailoperator.io_remoteistios.yaml
#	resources/latest/charts/base/Chart.yaml
#	resources/latest/charts/base/files/crd-all.gen.yaml
#	resources/latest/charts/base/values.yaml
#	resources/latest/charts/cni/Chart.yaml
#	resources/latest/charts/cni/templates/configmap-cni.yaml
#	resources/latest/charts/cni/templates/daemonset.yaml
#	resources/latest/charts/cni/values.yaml
#	resources/latest/charts/gateway/Chart.yaml
#	resources/latest/charts/istiod/Chart.yaml
#	resources/latest/charts/istiod/files/injection-template.yaml
#	resources/latest/charts/istiod/files/waypoint.yaml
#	resources/latest/charts/istiod/templates/serviceaccount.yaml
#	resources/latest/charts/istiod/values.yaml
#	resources/latest/charts/ztunnel/Chart.yaml
#	resources/latest/charts/ztunnel/templates/daemonset.yaml
#	resources/latest/charts/ztunnel/templates/rbac.yaml
#	resources/latest/charts/ztunnel/values.yaml
#	resources/latest/profiles/default.yaml
#	resources/v1.24.0/charts/base/files/profile-compatibility-version-1.21.yaml
#	resources/v1.24.0/charts/cni/files/profile-compatibility-version-1.21.yaml
#	resources/v1.24.0/charts/gateway/files/profile-compatibility-version-1.21.yaml
#	resources/v1.24.0/charts/istiod/files/profile-compatibility-version-1.21.yaml
#	resources/v1.24.0/charts/ztunnel/files/profile-compatibility-version-1.21.yaml
  • Loading branch information
openshift-service-mesh-bot committed Dec 2, 2024
2 parents d337b38 + 9579529 commit 79ea9e8
Show file tree
Hide file tree
Showing 113 changed files with 4,128 additions and 2,125 deletions.
2 changes: 1 addition & 1 deletion .devcontainer/devcontainer.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "istio build-tools",
"image": "gcr.io/istio-testing/build-tools:master-4759bf88d40172234fc6a0b9e11a4c5f1ea58a90",
"image": "gcr.io/istio-testing/build-tools:master-12939d7be6baee95d63b1a9d7c4e194f1b241257",
"privileged": true,
"remoteEnv": {
"USE_GKE_GCLOUD_AUTH_PLUGIN": "True",
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/update-deps.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:
update-deps:
runs-on: ubuntu-latest
container:
image: gcr.io/istio-testing/build-tools:master-4759bf88d40172234fc6a0b9e11a4c5f1ea58a90
image: gcr.io/istio-testing/build-tools:master-12939d7be6baee95d63b1a9d7c4e194f1b241257
options: --entrypoint ''

steps:
Expand Down
16 changes: 8 additions & 8 deletions Makefile.core.mk
Original file line number Diff line number Diff line change
Expand Up @@ -309,7 +309,7 @@ deploy: verify-kubeconfig helm ## Deploy controller to an existing cluster.
$(HELM) template chart chart $(HELM_TEMPL_DEF_FLAGS) --set image='$(IMAGE)' --namespace $(NAMESPACE) | kubectl apply --server-side=true -f -

.PHONY: deploy-yaml
deploy-yaml: verify-kubeconfig helm ## Output YAML manifests used by `deploy`.
deploy-yaml: helm ## Output YAML manifests used by `deploy`.
$(HELM) template chart chart $(HELM_TEMPL_DEF_FLAGS) --set image='$(IMAGE)' --namespace $(NAMESPACE)

.PHONY: deploy-openshift # TODO: remove this target and use deploy-olm instead (when we fix the internal registry TLS issues when using operator-sdk run bundle)
Expand All @@ -319,7 +319,7 @@ deploy-openshift: verify-kubeconfig helm ## Deploy controller to an existing OCP
$(HELM) template chart chart $(HELM_TEMPL_DEF_FLAGS) --set image='$(IMAGE)' --namespace $(NAMESPACE) --set platform="openshift" | kubectl apply --server-side=true -f -

.PHONY: deploy-yaml-openshift
deploy-yaml-openshift: verify-kubeconfig helm ## Output YAML manifests used by `deploy-openshift`.
deploy-yaml-openshift: helm ## Output YAML manifests used by `deploy-openshift`.
$(HELM) template chart chart $(HELM_TEMPL_DEF_FLAGS) --set image='$(IMAGE)' --namespace $(NAMESPACE) --set platform="openshift"

.PHONY: deploy-olm
Expand Down Expand Up @@ -468,12 +468,12 @@ OPM ?= $(LOCALBIN)/opm
ISTIOCTL ?= $(LOCALBIN)/istioctl

## Tool Versions
OPERATOR_SDK_VERSION ?= v1.37.0
HELM_VERSION ?= v3.16.2
CONTROLLER_TOOLS_VERSION ?= v0.16.4
OPM_VERSION ?= v1.47.0
OLM_VERSION ?= 0.28.0
GITLEAKS_VERSION ?= v8.21.1
OPERATOR_SDK_VERSION ?= v1.38.0
HELM_VERSION ?= v3.16.3
CONTROLLER_TOOLS_VERSION ?= v0.16.5
OPM_VERSION ?= v1.48.0
OLM_VERSION ?= v0.30.0
GITLEAKS_VERSION ?= v8.21.2
ISTIOCTL_VERSION ?= 1.23.0

# GENERATE_RELATED_IMAGES defines whether `spec.relatedImages` is going to be generated or not
Expand Down
4 changes: 2 additions & 2 deletions PROJECT
Original file line number Diff line number Diff line change
Expand Up @@ -24,15 +24,15 @@ resources:
namespaced: false
controller: true
domain: sailoperator.io
kind: RemoteIstio
kind: IstioRevision
path: github.com/istio-ecosystem/sail-operator/api/v1alpha1
version: v1alpha1
- api:
crdVersion: v1
namespaced: false
controller: true
domain: sailoperator.io
kind: IstioRevision
kind: IstioRevisionTag
path: github.com/istio-ecosystem/sail-operator/api/v1alpha1
version: v1alpha1
- api:
Expand Down
7 changes: 5 additions & 2 deletions api/v1alpha1/istio_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -51,10 +51,10 @@ type IstioSpec struct {
// +sail:profile
// The built-in installation configuration profile to use.
// The 'default' profile is always applied. On OpenShift, the 'openshift' profile is also applied on top of 'default'.
// Must be one of: ambient, default, demo, empty, openshift-ambient, openshift, preview, stable.
// Must be one of: ambient, default, demo, empty, openshift-ambient, openshift, preview, remote, stable.
// +++PROFILES-DROPDOWN-HIDDEN-UNTIL-WE-FULLY-IMPLEMENT-THEM+++operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Profile",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:fieldGroup:General", "urn:alm:descriptor:com.tectonic.ui:select:ambient", "urn:alm:descriptor:com.tectonic.ui:select:default", "urn:alm:descriptor:com.tectonic.ui:select:demo", "urn:alm:descriptor:com.tectonic.ui:select:empty", "urn:alm:descriptor:com.tectonic.ui:select:external", "urn:alm:descriptor:com.tectonic.ui:select:minimal", "urn:alm:descriptor:com.tectonic.ui:select:preview", "urn:alm:descriptor:com.tectonic.ui:select:remote"}
// +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:hidden"}
// +kubebuilder:validation:Enum=ambient;default;demo;empty;openshift-ambient;openshift;preview;stable
// +kubebuilder:validation:Enum=ambient;default;demo;empty;openshift-ambient;openshift;preview;remote;stable
Profile string `json:"profile,omitempty"`

// Namespace to which the Istio components should be installed. Note that this field is immutable.
Expand Down Expand Up @@ -227,6 +227,9 @@ const (
// IstioReasonIstiodNotReady indicates that the control plane is fully reconciled, but istiod is not ready.
IstioReasonIstiodNotReady IstioConditionReason = "IstiodNotReady"

// IstioReasonRemoteIstiodNotReady indicates that the control plane is fully reconciled, but the remote istiod is not ready.
IstioReasonRemoteIstiodNotReady IstioConditionReason = "RemoteIstiodNotReady"

// IstioReasonReadinessCheckFailed indicates that readiness could not be ascertained.
IstioReasonReadinessCheckFailed IstioConditionReason = "ReadinessCheckFailed"
)
Expand Down
4 changes: 2 additions & 2 deletions api/v1alpha1/istiocni_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,10 +37,10 @@ type IstioCNISpec struct {
// +sail:profile
// The built-in installation configuration profile to use.
// The 'default' profile is always applied. On OpenShift, the 'openshift' profile is also applied on top of 'default'.
// Must be one of: ambient, default, demo, empty, openshift-ambient, openshift, preview, stable.
// Must be one of: ambient, default, demo, empty, openshift-ambient, openshift, preview, remote, stable.
// +++PROFILES-DROPDOWN-HIDDEN-UNTIL-WE-FULLY-IMPLEMENT-THEM+++operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Profile",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:fieldGroup:General", "urn:alm:descriptor:com.tectonic.ui:select:ambient", "urn:alm:descriptor:com.tectonic.ui:select:default", "urn:alm:descriptor:com.tectonic.ui:select:demo", "urn:alm:descriptor:com.tectonic.ui:select:empty", "urn:alm:descriptor:com.tectonic.ui:select:external", "urn:alm:descriptor:com.tectonic.ui:select:minimal", "urn:alm:descriptor:com.tectonic.ui:select:preview", "urn:alm:descriptor:com.tectonic.ui:select:remote"}
// +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:hidden"}
// +kubebuilder:validation:Enum=ambient;default;demo;empty;openshift-ambient;openshift;preview;stable
// +kubebuilder:validation:Enum=ambient;default;demo;empty;openshift-ambient;openshift;preview;remote;stable
Profile string `json:"profile,omitempty"`

// Namespace to which the Istio CNI component should be installed.
Expand Down
15 changes: 0 additions & 15 deletions api/v1alpha1/istiorevision_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,11 +28,6 @@ const (
// IstioRevisionSpec defines the desired state of IstioRevision
// +kubebuilder:validation:XValidation:rule="self.values.global.istioNamespace == self.__namespace__",message="spec.values.global.istioNamespace must match spec.namespace"
type IstioRevisionSpec struct {
// Type indicates whether this revision represents a local or a remote control plane installation.
// +kubebuilder:default=Local
// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable"
Type IstioRevisionType `json:"type"`

// +sail:version
// Defines the version of Istio to install.
// Must be one of: v1.23.2.
Expand Down Expand Up @@ -178,16 +173,6 @@ const (
IstioRevisionReasonHealthy IstioRevisionConditionReason = "Healthy"
)

type IstioRevisionType string

const (
// IstioRevisionTypeLocal indicates that the revision represents a local control plane installation.
IstioRevisionTypeLocal IstioRevisionType = "Local"

// IstioRevisionTypeRemote indicates that the revision represents a remote control plane installation.
IstioRevisionTypeRemote IstioRevisionType = "Remote"
)

// +kubebuilder:object:root=true
// +kubebuilder:resource:scope=Cluster,shortName=istiorev,categories=istio-io
// +kubebuilder:subresource:status
Expand Down
204 changes: 204 additions & 0 deletions api/v1alpha1/istiorevisiontags_types.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,204 @@
// Copyright Istio Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package v1alpha1

import (
"time"

metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)

const (
IstioRevisionTagKind = "IstioRevisionTag"
DefaultRevisionTag = "default"
)

// IstioRevisionTagSpec defines the desired state of IstioRevisionTag
type IstioRevisionTagSpec struct {
// +kubebuilder:validation:Required
TargetRef IstioRevisionTagTargetReference `json:"targetRef"`
}

// IstioRevisionTagTargetReference can reference either Istio or IstioRevision objects in the cluster.
type IstioRevisionTagTargetReference struct {
// Kind is the kind of the target resource.
//
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=253
// +kubebuilder:validation:Required
Kind string `json:"kind"`

// Name is the name of the target resource.
//
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=253
// +kubebuilder:validation:Required
Name string `json:"name"`
}

// IstioRevisionStatus defines the observed state of IstioRevision
type IstioRevisionTagStatus struct {
// ObservedGeneration is the most recent generation observed for this
// IstioRevisionTag object. It corresponds to the object's generation, which is
// updated on mutation by the API Server. The information in the status
// pertains to this particular generation of the object.
ObservedGeneration int64 `json:"observedGeneration,omitempty"`

// Represents the latest available observations of the object's current state.
Conditions []IstioRevisionTagCondition `json:"conditions,omitempty"`

// Reports the current state of the object.
State IstioRevisionTagConditionReason `json:"state,omitempty"`

// IstiodNamespace stores the namespace of the corresponding Istiod instance
IstiodNamespace string `json:"istiodNamespace"`

// IstioRevision stores the name of the referenced IstioRevision
IstioRevision string `json:"istioRevision"`
}

// GetCondition returns the condition of the specified type
func (s *IstioRevisionTagStatus) GetCondition(conditionType IstioRevisionTagConditionType) IstioRevisionTagCondition {
if s != nil {
for i := range s.Conditions {
if s.Conditions[i].Type == conditionType {
return s.Conditions[i]
}
}
}
return IstioRevisionTagCondition{Type: conditionType, Status: metav1.ConditionUnknown}
}

// SetCondition sets a specific condition in the list of conditions
func (s *IstioRevisionTagStatus) SetCondition(condition IstioRevisionTagCondition) {
var now time.Time
if testTime == nil {
now = time.Now()
} else {
now = *testTime
}

// The lastTransitionTime only gets serialized out to the second. This can
// break update skipping, as the time in the resource returned from the client
// may not match the time in our cached status during a reconcile. We truncate
// here to save any problems down the line.
lastTransitionTime := metav1.NewTime(now.Truncate(time.Second))

for i, prevCondition := range s.Conditions {
if prevCondition.Type == condition.Type {
if prevCondition.Status != condition.Status {
condition.LastTransitionTime = lastTransitionTime
} else {
condition.LastTransitionTime = prevCondition.LastTransitionTime
}
s.Conditions[i] = condition
return
}
}

// If the condition does not exist, initialize the lastTransitionTime
condition.LastTransitionTime = lastTransitionTime
s.Conditions = append(s.Conditions, condition)
}

// IstioRevisionCondition represents a specific observation of the IstioRevision object's state.
type IstioRevisionTagCondition struct {
// The type of this condition.
Type IstioRevisionTagConditionType `json:"type,omitempty"`

// The status of this condition. Can be True, False or Unknown.
Status metav1.ConditionStatus `json:"status,omitempty"`

// Unique, single-word, CamelCase reason for the condition's last transition.
Reason IstioRevisionTagConditionReason `json:"reason,omitempty"`

// Human-readable message indicating details about the last transition.
Message string `json:"message,omitempty"`

// Last time the condition transitioned from one status to another.
LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
}

// IstioRevisionConditionType represents the type of the condition. Condition stages are:
// Installed, Reconciled, Ready
type IstioRevisionTagConditionType string

// IstioRevisionConditionReason represents a short message indicating how the condition came
// to be in its present state.
type IstioRevisionTagConditionReason string

const (
// IstioRevisionConditionReconciled signifies whether the controller has
// successfully reconciled the resources defined through the CR.
IstioRevisionTagConditionReconciled IstioRevisionTagConditionType = "Reconciled"

// IstioRevisionTagNameAlreadyExists indicates that the a revision with the same name as the IstioRevisionTag already exists.
IstioRevisionTagReasonNameAlreadyExists IstioRevisionTagConditionReason = "NameAlreadyExists"

// IstioRevisionTagReasonReferenceNotFound indicates that the resource referenced by the tag's TargetRef was not found
IstioRevisionTagReasonReferenceNotFound IstioRevisionTagConditionReason = "RefNotFound"

// IstioRevisionReasonReconcileError indicates that the reconciliation of the resource has failed, but will be retried.
IstioRevisionTagReasonReconcileError IstioRevisionTagConditionReason = "ReconcileError"
)

const (
// IstioRevisionConditionInUse signifies whether any workload is configured to use the revision.
IstioRevisionTagConditionInUse IstioRevisionTagConditionType = "InUse"

// IstioRevisionReasonReferencedByWorkloads indicates that the revision is referenced by at least one pod or namespace.
IstioRevisionTagReasonReferencedByWorkloads IstioRevisionTagConditionReason = "ReferencedByWorkloads"

// IstioRevisionReasonNotReferenced indicates that the revision is not referenced by any pod or namespace.
IstioRevisionTagReasonNotReferenced IstioRevisionTagConditionReason = "NotReferencedByAnything"

// IstioRevisionReasonUsageCheckFailed indicates that the operator could not check whether any workloads use the revision.
IstioRevisionTagReasonUsageCheckFailed IstioRevisionTagConditionReason = "UsageCheckFailed"
)

const (
// IstioRevisionTagReasonHealthy indicates that the revision tag has been successfully reconciled and is in use.
IstioRevisionTagReasonHealthy IstioRevisionTagConditionReason = "Healthy"
)

// +kubebuilder:object:root=true
// +kubebuilder:resource:scope=Cluster,shortName=istiorevtag,categories=istio-io
// +kubebuilder:subresource:status
// +kubebuilder:printcolumn:name="Status",type="string",JSONPath=".status.state",description="The current state of this object."
// +kubebuilder:printcolumn:name="In use",type="string",JSONPath=".status.conditions[?(@.type==\"InUse\")].status",description="Whether the tag is being used by workloads."
// +kubebuilder:printcolumn:name="Revision",type="string",JSONPath=".status.istioRevision",description="The IstioRevision this object is referencing."
// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description="The age of the object"

// IstioRevisionTag references a Istio or IstioRevision object and serves as an alias for sidecar injection.
type IstioRevisionTag struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`

Spec IstioRevisionTagSpec `json:"spec,omitempty"`
Status IstioRevisionTagStatus `json:"status,omitempty"`
}

// +kubebuilder:object:root=true

// IstioRevisionList contains a list of IstioRevision
type IstioRevisionTagList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []IstioRevisionTag `json:"items"`
}

func init() {
SchemeBuilder.Register(&IstioRevisionTag{}, &IstioRevisionTagList{})
}
Loading

0 comments on commit 79ea9e8

Please sign in to comment.