*: Generate all manifests

Sharding and autosharding introduced a number of manifests that are very similar, but not identical to the standard manifests. This introduces generating all manifests using jsonnet and moves them to the explicit `/examples` directory.
kubernetes · Oct 1, 2019 · 84202ec · 84202ec
1 parent f96ed6e
commit 84202ec
Show file tree

Hide file tree

Showing 30 changed files with 655 additions and 211 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,4 +1,4 @@
-kube-state-metrics
+/kube-state-metrics
 documented_metrics
 code_metrics
 
@@ -35,3 +35,6 @@ _testmain.go
 
 # Generated CLI help file
 help.txt
+
+# jsonnet dependency management
+/scripts/vendor
diff --git a/.travis.yml b/.travis.yml
@@ -31,6 +31,8 @@ jobs:
     - stage: all
       name: Lint
       script: make lint
+    - name: Validate generated manifests
+      script: make validate-manifests
     - name: Validate vendor is in sync with go modules
       script: make validate-modules
     - name: Check that all metrics are documented

diff --git a/Makefile b/Makefile
@@ -2,7 +2,8 @@ FLAGS =
 TESTENVVAR =
 REGISTRY = quay.io/coreos
 TAG_PREFIX = v
-TAG = $(TAG_PREFIX)$(shell cat VERSION)
+VERSION = $(shell cat VERSION)
+TAG = $(TAG_PREFIX)$(VERSION)
 LATEST_RELEASE_BRANCH := release-$(shell grep -ohE "[0-9]+.[0-9]+" VERSION)
 PKGS = $(shell go list ./... | grep -v /vendor/ | grep -v /tests/e2e)
 ARCH ?= $(shell go env GOARCH)
@@ -132,6 +133,30 @@ generate: build-local embedmd
 	@./scripts/generate-help-text.sh
 	@$(GOPATH)/bin/embedmd -w `find . -path ./vendor -prune -o -name "*.md" -print`
 
+validate-manifests: examples
+	@git diff --exit-code
+
+examples: examples/standard examples/autosharding
+
+examples/standard: jsonnet $(shell find jsonnet | grep ".libsonnet") scripts/standard.jsonnet scripts/vendor VERSION
+	mkdir -p examples/standard
+	jsonnet -J scripts/vendor -m examples/standard --ext-str version="$(VERSION)" scripts/standard.jsonnet | xargs -I{} sh -c 'cat {} | gojsontoyaml > `echo {} | sed "s/\(.\)\([A-Z]\)/\1-\2/g" | tr "[:upper:]" "[:lower:]"`.yaml' -- {}
+	find examples -type f ! -name '*.yaml' -delete
+
+examples/autosharding: jsonnet $(shell find jsonnet | grep ".libsonnet") scripts/autosharding.jsonnet scripts/vendor VERSION
+	mkdir -p examples/autosharding
+	jsonnet -J scripts/vendor -m examples/autosharding --ext-str version="$(VERSION)" scripts/autosharding.jsonnet | xargs -I{} sh -c 'cat {} | gojsontoyaml > `echo {} | sed "s/\(.\)\([A-Z]\)/\1-\2/g" | tr "[:upper:]" "[:lower:]"`.yaml' -- {}
+	find examples -type f ! -name '*.yaml' -delete
+
+scripts/vendor: jb scripts/jsonnetfile.json scripts/jsonnetfile.lock.json
+	cd scripts && jb install
+
+jsonnet:
+	GO111MODULE=off go get github.com/google/go-jsonnet/cmd/jsonnet
+
+jb:
+	GO111MODULE=off go get github.com/jsonnet-bundler/jsonnet-bundler/cmd/jb
+
 embedmd:
 	GO111MODULE=off go get github.com/campoy/embedmd
 

diff --git a/README.md b/README.md
@@ -189,7 +189,7 @@ There is also an experimental feature, that allows kube-state-metrics to auto di
 
 To enable automated sharding kube-state-metrics must be run by a `StatefulSet` and the pod names and namespace must be handed to the kube-state-metrics process via the `--pod` and `--pod-namespace` flags.
 
-There are example manifests demonstrating the autosharding functionality in [`/kubernetes/autosharding`](./kubernetes/audosharding).
+There are example manifests demonstrating the autosharding functionality in [`/examples/autosharding`](./examples/audosharding).
 
 ### Setup
 
@@ -214,7 +214,7 @@ service account token that has read-only access to the Kubernetes cluster.
 
 #### Kubernetes Deployment
 
-To deploy this project, you can simply run `kubectl apply -f kubernetes` and a
+To deploy this project, you can simply run `kubectl apply -f examples/standard` and a
 Kubernetes service and deployment will be created. (Note: Adjust the apiVersion of some resource if your kubernetes cluster's version is not 1.8+, check the yaml file for more information). The service already has a
 `prometheus.io/scrape: 'true'` annotation and if you added the recommended
 Prometheus service-endpoint scraping configuration, Prometheus will pick it up automatically and you can start using the generated
@@ -226,7 +226,7 @@ metrics right away.
 kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --user=$(gcloud info --format='value(config.account)')
 ```
 
-Note that your GCP identity is case sensitive but `gcloud info` as of Google Cloud SDK 221.0.0 is not. This means that if your IAM member contains capital letters, the above one-liner may not work for you. If you have 403 forbidden responses after running the above command and kubectl apply -f kubernetes, check the IAM member associated with your account at https://console.cloud.google.com/iam-admin/iam?project=PROJECT_ID. If it contains capital letters, you may need to set the --user flag in the command above to the case-sensitive role listed at https://console.cloud.google.com/iam-admin/iam?project=PROJECT_ID.
+Note that your GCP identity is case sensitive but `gcloud info` as of Google Cloud SDK 221.0.0 is not. This means that if your IAM member contains capital letters, the above one-liner may not work for you. If you have 403 forbidden responses after running the above command and `kubectl apply -f examples/standard`, check the IAM member associated with your account at https://console.cloud.google.com/iam-admin/iam?project=PROJECT_ID. If it contains capital letters, you may need to set the --user flag in the command above to the case-sensitive role listed at https://console.cloud.google.com/iam-admin/iam?project=PROJECT_ID.
 
 After running the above, if you see `Clusterrolebinding "cluster-admin-binding" created`, then you are able to continue with the setup of this service.
 

diff --git a/RELEASE.md b/RELEASE.md
@@ -15,6 +15,7 @@ Maintaining the release branches for older minor releases happens on a best effo
 ## Prepare your release
 
 * Bump the version in the `VERSION` file in the root of the repository.
+* Run `make examples`, which will re-generate all example manifests to use the the new version.
 * Make a PR to update:
   * kube-state-metrics image tag for both `quay.io` and `staging-k8s.gcr.io`.
   * [Compatibility matrix](README.md#compatibility-matrix)

diff --git a/...e-state-metrics-cluster-role-binding.yaml → ...es/autosharding/cluster-role-binding.yaml b/...e-state-metrics-cluster-role-binding.yaml → ...es/autosharding/cluster-role-binding.yaml
@@ -1,7 +1,9 @@
 apiVersion: rbac.authorization.k8s.io/v1
-# kubernetes versions before 1.8.0 should use rbac.authorization.k8s.io/v1beta1
 kind: ClusterRoleBinding
 metadata:
+  labels:
+    app.kubernetes.io/name: kube-state-metrics
+    app.kubernetes.io/version: v1.8.0-rc.1
   name: kube-state-metrics
 roleRef:
   apiGroup: rbac.authorization.k8s.io

diff --git a/examples/autosharding/cluster-role.yaml b/examples/autosharding/cluster-role.yaml
@@ -0,0 +1,94 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: kube-state-metrics
+    app.kubernetes.io/version: v1.8.0-rc.1
+  name: kube-state-metrics
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  - nodes
+  - pods
+  - services
+  - resourcequotas
+  - replicationcontrollers
+  - limitranges
+  - persistentvolumeclaims
+  - persistentvolumes
+  - namespaces
+  - endpoints
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - extensions
+  resources:
+  - daemonsets
+  - deployments
+  - replicasets
+  - ingresses
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - apps
+  resources:
+  - statefulsets
+  - daemonsets
+  - deployments
+  - replicasets
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - batch
+  resources:
+  - cronjobs
+  - jobs
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - autoscaling
+  resources:
+  - horizontalpodautoscalers
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - authentication.k8s.io
+  resources:
+  - tokenreviews
+  verbs:
+  - create
+- apiGroups:
+  - authorization.k8s.io
+  resources:
+  - subjectaccessreviews
+  verbs:
+  - create
+- apiGroups:
+  - policy
+  resources:
+  - poddisruptionbudgets
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - certificates.k8s.io
+  resources:
+  - certificatesigningrequests
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - storageclasses
+  verbs:
+  - list
+  - watch
diff --git a/...ding/kube-state-metrics-role-binding.yaml → examples/autosharding/role-binding.yaml b/...ding/kube-state-metrics-role-binding.yaml → examples/autosharding/role-binding.yaml
@@ -1,13 +1,14 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
+  labels:
+    app.kubernetes.io/name: kube-state-metrics
+    app.kubernetes.io/version: v1.8.0-rc.1
   name: kube-state-metrics
-  namespace: kube-system
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
-  name: kube-state-metrics-autosharding
+  name: kube-state-metrics
 subjects:
 - kind: ServiceAccount
   name: kube-state-metrics
-  namespace: kube-system
diff --git a/examples/autosharding/role.yaml b/examples/autosharding/role.yaml
@@ -0,0 +1,23 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  labels:
+    app.kubernetes.io/name: kube-state-metrics
+    app.kubernetes.io/version: v1.8.0-rc.1
+  name: kube-state-metrics
+  namespace: kube-system
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - get
+- apiGroups:
+  - apps
+  resourceNames:
+  - kube-state-metrics
+  resources:
+  - statefulsets
+  verbs:
+  - get
diff --git a/examples/autosharding/service-account.yaml b/examples/autosharding/service-account.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    app.kubernetes.io/name: kube-state-metrics
+    app.kubernetes.io/version: v1.8.0-rc.1
+  name: kube-state-metrics
+  namespace: kube-system
diff --git a/kubernetes/kube-state-metrics-service.yaml → examples/autosharding/service.yaml b/kubernetes/kube-state-metrics-service.yaml → examples/autosharding/service.yaml
@@ -1,21 +1,19 @@
 apiVersion: v1
 kind: Service
 metadata:
+  labels:
+    app.kubernetes.io/name: kube-state-metrics
+    app.kubernetes.io/version: v1.8.0-rc.1
   name: kube-state-metrics
   namespace: kube-system
-  labels:
-    k8s-app: kube-state-metrics
-  annotations:
-    prometheus.io/scrape: 'true'
 spec:
+  clusterIP: None
   ports:
   - name: http-metrics
     port: 8080
     targetPort: http-metrics
-    protocol: TCP
   - name: telemetry
     port: 8081
     targetPort: telemetry
-    protocol: TCP
   selector:
-    k8s-app: kube-state-metrics
+    app.kubernetes.io/name: kube-state-metrics
diff --git a/...rding/kube-state-metrics-statefulset.yaml → examples/autosharding/statefulset.yaml b/...rding/kube-state-metrics-statefulset.yaml → examples/autosharding/statefulset.yaml
@@ -1,53 +1,58 @@
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
+  labels:
+    app.kubernetes.io/name: kube-state-metrics
+    app.kubernetes.io/version: v1.8.0-rc.1
   name: kube-state-metrics
   namespace: kube-system
-  labels:
-    k8s-app: kube-state-metrics
 spec:
-  serviceName: kube-state-metrics
+  replicas: 2
   selector:
     matchLabels:
-      k8s-app: kube-state-metrics
-  replicas: 2
+      app.kubernetes.io/name: kube-state-metrics
+  serviceName: kube-state-metrics
   template:
     metadata:
       labels:
-        k8s-app: kube-state-metrics
+        app.kubernetes.io/name: kube-state-metrics
+        app.kubernetes.io/version: v1.8.0-rc.1
     spec:
-      serviceAccountName: kube-state-metrics
       containers:
-      - name: kube-state-metrics
-        image: quay.io/coreos/kube-state-metrics:v1.7.1
-        args:
-        - "--pod=$(POD_NAME)"
-        - "--pod-namespace=$(POD_NAMESPACE)"
+      - args:
+        - --pod=$(POD_NAME)
+        - --pod-namespace=$(POD_NAMESPACE)
         env:
         - name: POD_NAME
+          value: ""
           valueFrom:
             fieldRef:
-              apiVersion: v1
               fieldPath: metadata.name
         - name: POD_NAMESPACE
+          value: ""
           valueFrom:
             fieldRef:
-              apiVersion: v1
               fieldPath: metadata.namespace
-        ports:
-        - name: http-metrics
-          containerPort: 8080
-        - name: telemetry
-          containerPort: 8081
+        image: quay.io/coreos/kube-state-metrics:v1.8.0-rc.1
         livenessProbe:
           httpGet:
             path: /healthz
             port: 8080
           initialDelaySeconds: 5
           timeoutSeconds: 5
+        name: kube-state-metrics
+        ports:
+        - containerPort: 8080
+          name: http-metrics
+        - containerPort: 8081
+          name: telemetry
         readinessProbe:
           httpGet:
             path: /
-            port: 8080
+            port: 8081
           initialDelaySeconds: 5
           timeoutSeconds: 5
+      nodeSelector:
+        kubernetes.io/os: linux
+      serviceAccountName: kube-state-metrics
+  volumeClaimTemplates: []
diff --git a/...e-state-metrics-cluster-role-binding.yaml → examples/standard/cluster-role-binding.yaml b/...e-state-metrics-cluster-role-binding.yaml → examples/standard/cluster-role-binding.yaml
@@ -1,7 +1,9 @@
 apiVersion: rbac.authorization.k8s.io/v1
-# kubernetes versions before 1.8.0 should use rbac.authorization.k8s.io/v1beta1
 kind: ClusterRoleBinding
 metadata:
+  labels:
+    app.kubernetes.io/name: kube-state-metrics
+    app.kubernetes.io/version: v1.8.0-rc.1
   name: kube-state-metrics
 roleRef:
   apiGroup: rbac.authorization.k8s.io