From 8c4954295bd79883eb24a3252229da27d2591567 Mon Sep 17 00:00:00 2001 From: Delmer Reed Date: Tue, 16 Apr 2024 11:50:35 -0500 Subject: [PATCH 1/9] feat(api): kubebuild policy kind --- Makefile | 4 +- PROJECT | 9 ++ api/ngrok/v1alpha1/groupversion_info.go | 44 +++++++ api/ngrok/v1alpha1/policy_types.go | 74 +++++++++++ api/ngrok/v1alpha1/zz_generated.deepcopy.go | 124 ++++++++++++++++++ cmd/main.go | 2 + config/crd/kustomization.yaml | 23 ++++ config/crd/kustomizeconfig.yaml | 19 +++ config/rbac/ngrok_policy_editor_role.yaml | 31 +++++ config/rbac/ngrok_policy_viewer_role.yaml | 27 ++++ config/samples/kustomization.yaml | 4 + config/samples/ngrok_v1alpha1_policy.yaml | 12 ++ deployment.yaml | 87 ++++++++++++ .../crds/ngrok.k8s.ngrok.com_policies.yaml | 72 ++++++++++ .../templates/rbac/role.yaml | 26 ++++ .../controller/ngrok/policy_controller.go | 70 ++++++++++ internal/controller/ngrok/suite_test.go | 98 ++++++++++++++ 17 files changed, 724 insertions(+), 2 deletions(-) create mode 100644 api/ngrok/v1alpha1/groupversion_info.go create mode 100644 api/ngrok/v1alpha1/policy_types.go create mode 100644 api/ngrok/v1alpha1/zz_generated.deepcopy.go create mode 100644 config/crd/kustomization.yaml create mode 100644 config/crd/kustomizeconfig.yaml create mode 100644 config/rbac/ngrok_policy_editor_role.yaml create mode 100644 config/rbac/ngrok_policy_viewer_role.yaml create mode 100644 config/samples/kustomization.yaml create mode 100644 config/samples/ngrok_v1alpha1_policy.yaml create mode 100644 deployment.yaml create mode 100644 helm/ingress-controller/templates/crds/ngrok.k8s.ngrok.com_policies.yaml create mode 100644 internal/controller/ngrok/policy_controller.go create mode 100644 internal/controller/ngrok/suite_test.go diff --git a/Makefile b/Makefile index 0113259b..3c30f337 100644 --- a/Makefile +++ b/Makefile @@ -57,13 +57,13 @@ preflight: ## Verifies required things like the go version .PHONY: manifests manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. - $(CONTROLLER_GEN) rbac:roleName=ngrok-ingress-controller-manager-role crd webhook paths="{./api/ingress/v1alpha1/, ./internal/controller/ingress/, ./internal/controller/gateway/}" \ + $(CONTROLLER_GEN) rbac:roleName=ngrok-ingress-controller-manager-role crd webhook paths="{./api/ingress/v1alpha1/, ./api/ngrok/v1alpha1, ./internal/controller/ingress/, ./internal/controller/ngrok/, ./internal/controller/gateway/}" \ output:crd:artifacts:config=$(HELM_TEMPLATES_DIR)/crds \ output:rbac:artifacts:config=$(HELM_TEMPLATES_DIR)/rbac .PHONY: generate generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. - $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="{./api/ingress/v1alpha1/, ./internal/controller/ingress/, ./internal/controller/gateway/}" + $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="{./api/ingress/v1alpha1/, ./api/ngrok/v1alpha1, ./internal/controller/ingress/, ./internal/controller/ngrok, ./internal/controller/gateway/}" .PHONY: fmt fmt: ## Run go fmt against code. diff --git a/PROJECT b/PROJECT index 78a28d8e..01070ab3 100644 --- a/PROJECT +++ b/PROJECT @@ -80,4 +80,13 @@ resources: group: gateway kind: HTTPRoute version: v1alpha1 +- api: + crdVersion: v1 + namespaced: true + controller: true + domain: k8s.ngrok.com + group: ngrok + kind: Policy + path: github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1 + version: v1alpha1 version: "3" diff --git a/api/ngrok/v1alpha1/groupversion_info.go b/api/ngrok/v1alpha1/groupversion_info.go new file mode 100644 index 00000000..8974f51e --- /dev/null +++ b/api/ngrok/v1alpha1/groupversion_info.go @@ -0,0 +1,44 @@ +/* +MIT License + +Copyright (c) 2022 ngrok, Inc. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. +*/ + +// Package v1alpha1 contains API Schema definitions for the ngrok v1alpha1 API group +// +kubebuilder:object:generate=true +// +groupName=ngrok.k8s.ngrok.com +package v1alpha1 + +import ( + "k8s.io/apimachinery/pkg/runtime/schema" + "sigs.k8s.io/controller-runtime/pkg/scheme" +) + +var ( + // GroupVersion is group version used to register these objects + GroupVersion = schema.GroupVersion{Group: "ngrok.k8s.ngrok.com", Version: "v1alpha1"} + + // SchemeBuilder is used to add go types to the GroupVersionKind scheme + SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} + + // AddToScheme adds the types in this group-version to the given scheme. + AddToScheme = SchemeBuilder.AddToScheme +) diff --git a/api/ngrok/v1alpha1/policy_types.go b/api/ngrok/v1alpha1/policy_types.go new file mode 100644 index 00000000..080b5362 --- /dev/null +++ b/api/ngrok/v1alpha1/policy_types.go @@ -0,0 +1,74 @@ +/* +MIT License + +Copyright (c) 2022 ngrok, Inc. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. +*/ + +package v1alpha1 + +import ( + ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + +// PolicySpec defines the desired state of Policy +type PolicySpec struct { + // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + // Important: Run "make" to regenerate code after modifying this file + + // Foo is an example field of Policy. Edit policy_types.go to remove/update + EndpointRule ingressv1alpha1.EndpointRule `json:"endpoint_rule,omitempty"` + Direction string `json:"direction,omitempty"` +} + +// PolicyStatus defines the observed state of Policy +type PolicyStatus struct { + // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + // Important: Run "make" to regenerate code after modifying this file +} + +//+kubebuilder:object:root=true +//+kubebuilder:subresource:status + +// Policy is the Schema for the policies API +type Policy struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec PolicySpec `json:"spec,omitempty"` + Status PolicyStatus `json:"status,omitempty"` +} + +//+kubebuilder:object:root=true + +// PolicyList contains a list of Policy +type PolicyList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []Policy `json:"items"` +} + +func init() { + SchemeBuilder.Register(&Policy{}, &PolicyList{}) +} diff --git a/api/ngrok/v1alpha1/zz_generated.deepcopy.go b/api/ngrok/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..92c2a270 --- /dev/null +++ b/api/ngrok/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,124 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +/* +MIT License + +Copyright (c) 2022 ngrok, Inc. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. +*/ + +// Code generated by controller-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Policy) DeepCopyInto(out *Policy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy. +func (in *Policy) DeepCopy() *Policy { + if in == nil { + return nil + } + out := new(Policy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Policy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyList) DeepCopyInto(out *PolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Policy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList. +func (in *PolicyList) DeepCopy() *PolicyList { + if in == nil { + return nil + } + out := new(PolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicySpec) DeepCopyInto(out *PolicySpec) { + *out = *in + in.EndpointRule.DeepCopyInto(&out.EndpointRule) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec. +func (in *PolicySpec) DeepCopy() *PolicySpec { + if in == nil { + return nil + } + out := new(PolicySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyStatus) DeepCopyInto(out *PolicyStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyStatus. +func (in *PolicyStatus) DeepCopy() *PolicyStatus { + if in == nil { + return nil + } + out := new(PolicyStatus) + in.DeepCopyInto(out) + return out +} diff --git a/cmd/main.go b/cmd/main.go index d3848cea..050ebf26 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -47,6 +47,7 @@ import ( "github.com/ngrok/ngrok-api-go/v5" ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" + ngrokv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1" "github.com/ngrok/kubernetes-ingress-controller/internal/annotations" gatewaycontroller "github.com/ngrok/kubernetes-ingress-controller/internal/controller/gateway" controllers "github.com/ngrok/kubernetes-ingress-controller/internal/controller/ingress" @@ -66,6 +67,7 @@ func init() { utilruntime.Must(clientgoscheme.AddToScheme(scheme)) utilruntime.Must(gatewayv1.AddToScheme(scheme)) utilruntime.Must(ingressv1alpha1.AddToScheme(scheme)) + utilruntime.Must(ngrokv1alpha1.AddToScheme(scheme)) //+kubebuilder:scaffold:scheme } diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml new file mode 100644 index 00000000..2146c210 --- /dev/null +++ b/config/crd/kustomization.yaml @@ -0,0 +1,23 @@ +# This kustomization.yaml is not intended to be run by itself, +# since it depends on service name and namespace that are out of this kustomize package. +# It should be run by config/default +resources: +- bases/ngrok.k8s.ngrok.com_policies.yaml +#+kubebuilder:scaffold:crdkustomizeresource + +patches: +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. +# patches here are for enabling the conversion webhook for each CRD +#- path: patches/webhook_in_ngrok_policies.yaml +#+kubebuilder:scaffold:crdkustomizewebhookpatch + +# [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix. +# patches here are for enabling the CA injection for each CRD +#- path: patches/cainjection_in_ngrok_policies.yaml +#+kubebuilder:scaffold:crdkustomizecainjectionpatch + +# [WEBHOOK] To enable webhook, uncomment the following section +# the following config is for teaching kustomize how to do kustomization for CRDs. + +#configurations: +#- kustomizeconfig.yaml diff --git a/config/crd/kustomizeconfig.yaml b/config/crd/kustomizeconfig.yaml new file mode 100644 index 00000000..ec5c150a --- /dev/null +++ b/config/crd/kustomizeconfig.yaml @@ -0,0 +1,19 @@ +# This file is for teaching kustomize how to substitute name and namespace reference in CRD +nameReference: +- kind: Service + version: v1 + fieldSpecs: + - kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/name + +namespace: +- kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/namespace + create: false + +varReference: +- path: metadata/annotations diff --git a/config/rbac/ngrok_policy_editor_role.yaml b/config/rbac/ngrok_policy_editor_role.yaml new file mode 100644 index 00000000..5744f80c --- /dev/null +++ b/config/rbac/ngrok_policy_editor_role.yaml @@ -0,0 +1,31 @@ +# permissions for end users to edit policies. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: policy-editor-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: kubernetes-ingress-controller + app.kubernetes.io/part-of: kubernetes-ingress-controller + app.kubernetes.io/managed-by: kustomize + name: policy-editor-role +rules: +- apiGroups: + - ngrok.k8s.ngrok.com + resources: + - policies + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ngrok.k8s.ngrok.com + resources: + - policies/status + verbs: + - get diff --git a/config/rbac/ngrok_policy_viewer_role.yaml b/config/rbac/ngrok_policy_viewer_role.yaml new file mode 100644 index 00000000..fcc1c862 --- /dev/null +++ b/config/rbac/ngrok_policy_viewer_role.yaml @@ -0,0 +1,27 @@ +# permissions for end users to view policies. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: policy-viewer-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: kubernetes-ingress-controller + app.kubernetes.io/part-of: kubernetes-ingress-controller + app.kubernetes.io/managed-by: kustomize + name: policy-viewer-role +rules: +- apiGroups: + - ngrok.k8s.ngrok.com + resources: + - policies + verbs: + - get + - list + - watch +- apiGroups: + - ngrok.k8s.ngrok.com + resources: + - policies/status + verbs: + - get diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml new file mode 100644 index 00000000..da7aad8f --- /dev/null +++ b/config/samples/kustomization.yaml @@ -0,0 +1,4 @@ +## Append samples of your project ## +resources: +- ngrok_v1alpha1_policy.yaml +#+kubebuilder:scaffold:manifestskustomizesamples diff --git a/config/samples/ngrok_v1alpha1_policy.yaml b/config/samples/ngrok_v1alpha1_policy.yaml new file mode 100644 index 00000000..fc263d56 --- /dev/null +++ b/config/samples/ngrok_v1alpha1_policy.yaml @@ -0,0 +1,12 @@ +apiVersion: ngrok.k8s.ngrok.com/v1alpha1 +kind: Policy +metadata: + labels: + app.kubernetes.io/name: policy + app.kubernetes.io/instance: policy-sample + app.kubernetes.io/part-of: kubernetes-ingress-controller + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/created-by: kubernetes-ingress-controller + name: policy-sample +spec: + # TODO(user): Add fields here diff --git a/deployment.yaml b/deployment.yaml new file mode 100644 index 00000000..882f58ad --- /dev/null +++ b/deployment.yaml @@ -0,0 +1,87 @@ +apiVersion: gateway.networking.k8s.io/v1 +kind: GatewayClass +metadata: + name: ngrok-gatewayclass + namespace: ngrok-ingress-controller +spec: + controllerName: ngrok.com/gateway-controller +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: Gateway +metadata: + name: prod-web + namespace: ngrok-ingress-controller +spec: + gatewayClassName: ngrok-gatewayclass + listeners: + - protocol: HTTPS + hostname: themoreyouknow.ngrok.dev + port: 443 + name: prod-web-gw + tls: + mode: Terminate + certificateRefs: + - name: ngrokcert # ngrok provisions it's on cert, sowe don't accept a cert, so use a placeholder here! +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: example-route + namespace: ngrok-ingress-controller +spec: + parentRefs: + - name: prod-web + hostnames: + - themoreyouknow.ngrok.dev # TODO: ADD HOSTNAME HERE + rules: + - backendRefs: + - name: http-echo-svc + port: 80 + - filters: + - type: URLRewrite + urlRewrite: # cannot be on the same rule as a backendRe + hostname: wigle.net # redirect to this host! + path: + type: ReplacePrefixMatch + replacePrefixMatch: /paprika + matches: + - path: + type: PathPrefix + value: /pumpkin +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: http-echo-deploy + namespace: ngrok-ingress-controller +spec: + selector: + matchLabels: + app: http-echo-app + replicas: 2 + template: + metadata: + labels: + app: http-echo-app + spec: + containers: + - name: http-echo-path2 + image: mendhak/http-https-echo:24 + ports: + - containerPort: 8080 +--- +apiVersion: v1 +kind: Service +metadata: + name: http-echo-svc + namespace: ngrok-ingress-controller + labels: + app: http-echo-app +spec: + ports: + - name: http-echo-app + port: 80 + protocol: TCP + targetPort: 8080 + selector: + app: http-echo-app \ No newline at end of file diff --git a/helm/ingress-controller/templates/crds/ngrok.k8s.ngrok.com_policies.yaml b/helm/ingress-controller/templates/crds/ngrok.k8s.ngrok.com_policies.yaml new file mode 100644 index 00000000..8d08ceb0 --- /dev/null +++ b/helm/ingress-controller/templates/crds/ngrok.k8s.ngrok.com_policies.yaml @@ -0,0 +1,72 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: policies.ngrok.k8s.ngrok.com +spec: + group: ngrok.k8s.ngrok.com + names: + kind: Policy + listKind: PolicyList + plural: policies + singular: policy + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Policy is the Schema for the policies API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PolicySpec defines the desired state of Policy + properties: + direction: + type: string + endpoint_rule: + description: Foo is an example field of Policy. Edit policy_types.go + to remove/update + properties: + actions: + description: Actions + items: + properties: + config: + type: object + x-kubernetes-preserve-unknown-fields: true + type: + type: string + type: object + type: array + expressions: + description: Expressions + items: + type: string + type: array + name: + description: Name + type: string + type: object + type: object + status: + description: PolicyStatus defines the observed state of Policy + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/helm/ingress-controller/templates/rbac/role.yaml b/helm/ingress-controller/templates/rbac/role.yaml index 55d5c617..3c3e89bd 100644 --- a/helm/ingress-controller/templates/rbac/role.yaml +++ b/helm/ingress-controller/templates/rbac/role.yaml @@ -292,3 +292,29 @@ rules: - list - update - watch +- apiGroups: + - ngrok.k8s.ngrok.com + resources: + - policies + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ngrok.k8s.ngrok.com + resources: + - policies/finalizers + verbs: + - update +- apiGroups: + - ngrok.k8s.ngrok.com + resources: + - policies/status + verbs: + - get + - patch + - update diff --git a/internal/controller/ngrok/policy_controller.go b/internal/controller/ngrok/policy_controller.go new file mode 100644 index 00000000..9c20c4c4 --- /dev/null +++ b/internal/controller/ngrok/policy_controller.go @@ -0,0 +1,70 @@ +/* +MIT License + +Copyright (c) 2022 ngrok, Inc. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. +*/ + +package ngrok + +import ( + "context" + + "k8s.io/apimachinery/pkg/runtime" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/log" + + ngrokv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1" +) + +// PolicyReconciler reconciles a Policy object +type PolicyReconciler struct { + client.Client + Scheme *runtime.Scheme +} + +//+kubebuilder:rbac:groups=ngrok.k8s.ngrok.com,resources=policies,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=ngrok.k8s.ngrok.com,resources=policies/status,verbs=get;update;patch +//+kubebuilder:rbac:groups=ngrok.k8s.ngrok.com,resources=policies/finalizers,verbs=update + +// Reconcile is part of the main kubernetes reconciliation loop which aims to +// move the current state of the cluster closer to the desired state. +// TODO(user): Modify the Reconcile function to compare the state specified by +// the Policy object against the actual cluster state, and then +// perform operations to make the cluster state reflect the state specified by +// the user. +// +// For more details, check Reconcile and its Result here: +// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.16.3/pkg/reconcile +func (r *PolicyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + _ = log.FromContext(ctx) + + // TODO(user): your logic here + + return ctrl.Result{}, nil +} + +// SetupWithManager sets up the controller with the Manager. +func (r *PolicyReconciler) SetupWithManager(mgr ctrl.Manager) error { + return ctrl.NewControllerManagedBy(mgr). + For(&ngrokv1alpha1.Policy{}). + Complete(r) +} diff --git a/internal/controller/ngrok/suite_test.go b/internal/controller/ngrok/suite_test.go new file mode 100644 index 00000000..d906d5d5 --- /dev/null +++ b/internal/controller/ngrok/suite_test.go @@ -0,0 +1,98 @@ +/* +MIT License + +Copyright (c) 2022 ngrok, Inc. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. +*/ + +package ngrok + +import ( + "fmt" + "path/filepath" + "runtime" + "testing" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + "k8s.io/client-go/kubernetes/scheme" + "k8s.io/client-go/rest" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/envtest" + logf "sigs.k8s.io/controller-runtime/pkg/log" + "sigs.k8s.io/controller-runtime/pkg/log/zap" + + ngrokv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1" + //+kubebuilder:scaffold:imports +) + +// These tests use Ginkgo (BDD-style Go testing framework). Refer to +// http://onsi.github.io/ginkgo/ to learn more about Ginkgo. + +var cfg *rest.Config +var k8sClient client.Client +var testEnv *envtest.Environment + +func TestControllers(t *testing.T) { + RegisterFailHandler(Fail) + + RunSpecs(t, "Controller Suite") +} + +var _ = BeforeSuite(func() { + logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true))) + + By("bootstrapping test environment") + testEnv = &envtest.Environment{ + CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "crd", "bases")}, + ErrorIfCRDPathMissing: true, + + // The BinaryAssetsDirectory is only required if you want to run the tests directly + // without call the makefile target test. If not informed it will look for the + // default path defined in controller-runtime which is /usr/local/kubebuilder/. + // Note that you must have the required binaries setup under the bin directory to perform + // the tests directly. When we run make test it will be setup and used automatically. + BinaryAssetsDirectory: filepath.Join("..", "..", "..", "bin", "k8s", + fmt.Sprintf("1.28.3-%s-%s", runtime.GOOS, runtime.GOARCH)), + } + + var err error + // cfg is defined in this file globally. + cfg, err = testEnv.Start() + Expect(err).NotTo(HaveOccurred()) + Expect(cfg).NotTo(BeNil()) + + err = ngrokv1alpha1.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + + //+kubebuilder:scaffold:scheme + + k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme}) + Expect(err).NotTo(HaveOccurred()) + Expect(k8sClient).NotTo(BeNil()) + +}) + +var _ = AfterSuite(func() { + By("tearing down the test environment") + err := testEnv.Stop() + Expect(err).NotTo(HaveOccurred()) +}) From 810e1b27b00933a119ebda1927b75186202b39e2 Mon Sep 17 00:00:00 2001 From: Delmer Reed Date: Wed, 17 Apr 2024 11:44:59 -0500 Subject: [PATCH 2/9] chore(snaps): update snaps --- .../controller-deployment_test.yaml.snap | 60 +++++++++++++++++-- 1 file changed, 56 insertions(+), 4 deletions(-) diff --git a/helm/ingress-controller/tests/__snapshot__/controller-deployment_test.yaml.snap b/helm/ingress-controller/tests/__snapshot__/controller-deployment_test.yaml.snap index eef354d3..990a33c4 100644 --- a/helm/ingress-controller/tests/__snapshot__/controller-deployment_test.yaml.snap +++ b/helm/ingress-controller/tests/__snapshot__/controller-deployment_test.yaml.snap @@ -4,7 +4,7 @@ Should match all-options snapshot: kind: Deployment metadata: annotations: - checksum/controller-role: 7e438ed756d7a0c59ca1d3df12a67d9466cc04bc91cf5abae742cc69f17f0342 + checksum/controller-role: 2059e55f4fad961f33a3d4b60520e95f6f63629fdf9fbfc2c7c4ac742d8cd956 checksum/rbac: d31fdcb337a6f1ee71323040c2cbc4d5580d73ae5f7623cd19be57db97f748c1 labels: app.kubernetes.io/component: controller @@ -26,7 +26,7 @@ Should match all-options snapshot: template: metadata: annotations: - checksum/controller-role: 7e438ed756d7a0c59ca1d3df12a67d9466cc04bc91cf5abae742cc69f17f0342 + checksum/controller-role: 2059e55f4fad961f33a3d4b60520e95f6f63629fdf9fbfc2c7c4ac742d8cd956 checksum/rbac: d31fdcb337a6f1ee71323040c2cbc4d5580d73ae5f7623cd19be57db97f748c1 checksum/secret: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b prometheus.io/path: /metrics @@ -501,13 +501,39 @@ Should match all-options snapshot: - list - update - watch + - apiGroups: + - ngrok.k8s.ngrok.com + resources: + - policies + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ngrok.k8s.ngrok.com + resources: + - policies/finalizers + verbs: + - update + - apiGroups: + - ngrok.k8s.ngrok.com + resources: + - policies/status + verbs: + - get + - patch + - update Should match default snapshot: 1: | apiVersion: apps/v1 kind: Deployment metadata: annotations: - checksum/controller-role: 7e438ed756d7a0c59ca1d3df12a67d9466cc04bc91cf5abae742cc69f17f0342 + checksum/controller-role: 2059e55f4fad961f33a3d4b60520e95f6f63629fdf9fbfc2c7c4ac742d8cd956 checksum/rbac: d31fdcb337a6f1ee71323040c2cbc4d5580d73ae5f7623cd19be57db97f748c1 labels: app.kubernetes.io/component: controller @@ -529,7 +555,7 @@ Should match default snapshot: template: metadata: annotations: - checksum/controller-role: 7e438ed756d7a0c59ca1d3df12a67d9466cc04bc91cf5abae742cc69f17f0342 + checksum/controller-role: 2059e55f4fad961f33a3d4b60520e95f6f63629fdf9fbfc2c7c4ac742d8cd956 checksum/rbac: d31fdcb337a6f1ee71323040c2cbc4d5580d73ae5f7623cd19be57db97f748c1 checksum/secret: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b prometheus.io/path: /metrics @@ -991,3 +1017,29 @@ Should match default snapshot: - list - update - watch + - apiGroups: + - ngrok.k8s.ngrok.com + resources: + - policies + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ngrok.k8s.ngrok.com + resources: + - policies/finalizers + verbs: + - update + - apiGroups: + - ngrok.k8s.ngrok.com + resources: + - policies/status + verbs: + - get + - patch + - update From 81d2d547ea51828a2591c891ffbfef45675f1183 Mon Sep 17 00:00:00 2001 From: Delmer Reed Date: Thu, 18 Apr 2024 14:11:37 -0500 Subject: [PATCH 3/9] chore: remove test yaml setup --- deployment.yaml | 87 ------------------------------------------------- 1 file changed, 87 deletions(-) delete mode 100644 deployment.yaml diff --git a/deployment.yaml b/deployment.yaml deleted file mode 100644 index 882f58ad..00000000 --- a/deployment.yaml +++ /dev/null @@ -1,87 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: GatewayClass -metadata: - name: ngrok-gatewayclass - namespace: ngrok-ingress-controller -spec: - controllerName: ngrok.com/gateway-controller ---- -apiVersion: gateway.networking.k8s.io/v1 -kind: Gateway -metadata: - name: prod-web - namespace: ngrok-ingress-controller -spec: - gatewayClassName: ngrok-gatewayclass - listeners: - - protocol: HTTPS - hostname: themoreyouknow.ngrok.dev - port: 443 - name: prod-web-gw - tls: - mode: Terminate - certificateRefs: - - name: ngrokcert # ngrok provisions it's on cert, sowe don't accept a cert, so use a placeholder here! ---- -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: example-route - namespace: ngrok-ingress-controller -spec: - parentRefs: - - name: prod-web - hostnames: - - themoreyouknow.ngrok.dev # TODO: ADD HOSTNAME HERE - rules: - - backendRefs: - - name: http-echo-svc - port: 80 - - filters: - - type: URLRewrite - urlRewrite: # cannot be on the same rule as a backendRe - hostname: wigle.net # redirect to this host! - path: - type: ReplacePrefixMatch - replacePrefixMatch: /paprika - matches: - - path: - type: PathPrefix - value: /pumpkin ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: http-echo-deploy - namespace: ngrok-ingress-controller -spec: - selector: - matchLabels: - app: http-echo-app - replicas: 2 - template: - metadata: - labels: - app: http-echo-app - spec: - containers: - - name: http-echo-path2 - image: mendhak/http-https-echo:24 - ports: - - containerPort: 8080 ---- -apiVersion: v1 -kind: Service -metadata: - name: http-echo-svc - namespace: ngrok-ingress-controller - labels: - app: http-echo-app -spec: - ports: - - name: http-echo-app - port: 80 - protocol: TCP - targetPort: 8080 - selector: - app: http-echo-app \ No newline at end of file From cf9f6cf093332d4224c222e6a0701f7a45f90a69 Mon Sep 17 00:00:00 2001 From: Delmer Reed Date: Wed, 24 Apr 2024 15:46:45 -0500 Subject: [PATCH 4/9] chore: rename policy kind to NgrokTrafficPolicy --- PROJECT | 2 +- ...y_types.go => ngroktrafficpolicy_types.go} | 30 +++++++------- api/ngrok/v1alpha1/zz_generated.deepcopy.go | 41 +++++++++---------- config/crd/kustomization.yaml | 6 +-- ...ngrok_ngroktrafficpolicy_editor_role.yaml} | 10 ++--- ...ngrok_ngroktrafficpolicy_viewer_role.yaml} | 10 ++--- config/samples/kustomization.yaml | 2 +- ...=> ngrok_v1alpha1_ngroktrafficpolicy.yaml} | 8 ++-- ...er.go => ngroktrafficpolicy_controller.go} | 18 ++++---- 9 files changed, 62 insertions(+), 65 deletions(-) rename api/ngrok/v1alpha1/{policy_types.go => ngroktrafficpolicy_types.go} (69%) rename config/rbac/{ngrok_policy_editor_role.yaml => ngrok_ngroktrafficpolicy_editor_role.yaml} (70%) rename config/rbac/{ngrok_policy_viewer_role.yaml => ngrok_ngroktrafficpolicy_viewer_role.yaml} (69%) rename config/samples/{ngrok_v1alpha1_policy.yaml => ngrok_v1alpha1_ngroktrafficpolicy.yaml} (62%) rename internal/controller/ngrok/{policy_controller.go => ngroktrafficpolicy_controller.go} (73%) diff --git a/PROJECT b/PROJECT index 01070ab3..ff9e3c08 100644 --- a/PROJECT +++ b/PROJECT @@ -86,7 +86,7 @@ resources: controller: true domain: k8s.ngrok.com group: ngrok - kind: Policy + kind: NgrokTrafficPolicy path: github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1 version: v1alpha1 version: "3" diff --git a/api/ngrok/v1alpha1/policy_types.go b/api/ngrok/v1alpha1/ngroktrafficpolicy_types.go similarity index 69% rename from api/ngrok/v1alpha1/policy_types.go rename to api/ngrok/v1alpha1/ngroktrafficpolicy_types.go index 080b5362..e18244a1 100644 --- a/api/ngrok/v1alpha1/policy_types.go +++ b/api/ngrok/v1alpha1/ngroktrafficpolicy_types.go @@ -25,25 +25,23 @@ SOFTWARE. package v1alpha1 import ( - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. -// PolicySpec defines the desired state of Policy -type PolicySpec struct { +// NgrokTrafficPolicySpec defines the desired state of NgrokTrafficPolicy +type NgrokTrafficPolicySpec struct { // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster // Important: Run "make" to regenerate code after modifying this file - // Foo is an example field of Policy. Edit policy_types.go to remove/update - EndpointRule ingressv1alpha1.EndpointRule `json:"endpoint_rule,omitempty"` - Direction string `json:"direction,omitempty"` + // Foo is an example field of NgrokTrafficPolicy. Edit ngroktrafficpolicy_types.go to remove/update + Foo string `json:"foo,omitempty"` } -// PolicyStatus defines the observed state of Policy -type PolicyStatus struct { +// NgrokTrafficPolicyStatus defines the observed state of NgrokTrafficPolicy +type NgrokTrafficPolicyStatus struct { // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster // Important: Run "make" to regenerate code after modifying this file } @@ -51,24 +49,24 @@ type PolicyStatus struct { //+kubebuilder:object:root=true //+kubebuilder:subresource:status -// Policy is the Schema for the policies API -type Policy struct { +// NgrokTrafficPolicy is the Schema for the ngroktrafficpolicies API +type NgrokTrafficPolicy struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec PolicySpec `json:"spec,omitempty"` - Status PolicyStatus `json:"status,omitempty"` + Spec NgrokTrafficPolicySpec `json:"spec,omitempty"` + Status NgrokTrafficPolicyStatus `json:"status,omitempty"` } //+kubebuilder:object:root=true -// PolicyList contains a list of Policy -type PolicyList struct { +// NgrokTrafficPolicyList contains a list of NgrokTrafficPolicy +type NgrokTrafficPolicyList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` - Items []Policy `json:"items"` + Items []NgrokTrafficPolicy `json:"items"` } func init() { - SchemeBuilder.Register(&Policy{}, &PolicyList{}) + SchemeBuilder.Register(&NgrokTrafficPolicy{}, &NgrokTrafficPolicyList{}) } diff --git a/api/ngrok/v1alpha1/zz_generated.deepcopy.go b/api/ngrok/v1alpha1/zz_generated.deepcopy.go index 92c2a270..41ad367e 100644 --- a/api/ngrok/v1alpha1/zz_generated.deepcopy.go +++ b/api/ngrok/v1alpha1/zz_generated.deepcopy.go @@ -34,26 +34,26 @@ import ( ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Policy) DeepCopyInto(out *Policy) { +func (in *NgrokTrafficPolicy) DeepCopyInto(out *NgrokTrafficPolicy) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) + out.Spec = in.Spec out.Status = in.Status } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy. -func (in *Policy) DeepCopy() *Policy { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NgrokTrafficPolicy. +func (in *NgrokTrafficPolicy) DeepCopy() *NgrokTrafficPolicy { if in == nil { return nil } - out := new(Policy) + out := new(NgrokTrafficPolicy) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Policy) DeepCopyObject() runtime.Object { +func (in *NgrokTrafficPolicy) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -61,31 +61,31 @@ func (in *Policy) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyList) DeepCopyInto(out *PolicyList) { +func (in *NgrokTrafficPolicyList) DeepCopyInto(out *NgrokTrafficPolicyList) { *out = *in out.TypeMeta = in.TypeMeta in.ListMeta.DeepCopyInto(&out.ListMeta) if in.Items != nil { in, out := &in.Items, &out.Items - *out = make([]Policy, len(*in)) + *out = make([]NgrokTrafficPolicy, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList. -func (in *PolicyList) DeepCopy() *PolicyList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NgrokTrafficPolicyList. +func (in *NgrokTrafficPolicyList) DeepCopy() *NgrokTrafficPolicyList { if in == nil { return nil } - out := new(PolicyList) + out := new(NgrokTrafficPolicyList) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PolicyList) DeepCopyObject() runtime.Object { +func (in *NgrokTrafficPolicyList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -93,32 +93,31 @@ func (in *PolicyList) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicySpec) DeepCopyInto(out *PolicySpec) { +func (in *NgrokTrafficPolicySpec) DeepCopyInto(out *NgrokTrafficPolicySpec) { *out = *in - in.EndpointRule.DeepCopyInto(&out.EndpointRule) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec. -func (in *PolicySpec) DeepCopy() *PolicySpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NgrokTrafficPolicySpec. +func (in *NgrokTrafficPolicySpec) DeepCopy() *NgrokTrafficPolicySpec { if in == nil { return nil } - out := new(PolicySpec) + out := new(NgrokTrafficPolicySpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyStatus) DeepCopyInto(out *PolicyStatus) { +func (in *NgrokTrafficPolicyStatus) DeepCopyInto(out *NgrokTrafficPolicyStatus) { *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyStatus. -func (in *PolicyStatus) DeepCopy() *PolicyStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NgrokTrafficPolicyStatus. +func (in *NgrokTrafficPolicyStatus) DeepCopy() *NgrokTrafficPolicyStatus { if in == nil { return nil } - out := new(PolicyStatus) + out := new(NgrokTrafficPolicyStatus) in.DeepCopyInto(out) return out } diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 2146c210..6a0db12a 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -2,18 +2,18 @@ # since it depends on service name and namespace that are out of this kustomize package. # It should be run by config/default resources: -- bases/ngrok.k8s.ngrok.com_policies.yaml +- bases/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml #+kubebuilder:scaffold:crdkustomizeresource patches: # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. # patches here are for enabling the conversion webhook for each CRD -#- path: patches/webhook_in_ngrok_policies.yaml +#- path: patches/webhook_in_ngrok_ngroktrafficpolicies.yaml #+kubebuilder:scaffold:crdkustomizewebhookpatch # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix. # patches here are for enabling the CA injection for each CRD -#- path: patches/cainjection_in_ngrok_policies.yaml +#- path: patches/cainjection_in_ngrok_ngroktrafficpolicies.yaml #+kubebuilder:scaffold:crdkustomizecainjectionpatch # [WEBHOOK] To enable webhook, uncomment the following section diff --git a/config/rbac/ngrok_policy_editor_role.yaml b/config/rbac/ngrok_ngroktrafficpolicy_editor_role.yaml similarity index 70% rename from config/rbac/ngrok_policy_editor_role.yaml rename to config/rbac/ngrok_ngroktrafficpolicy_editor_role.yaml index 5744f80c..3cb3557a 100644 --- a/config/rbac/ngrok_policy_editor_role.yaml +++ b/config/rbac/ngrok_ngroktrafficpolicy_editor_role.yaml @@ -1,20 +1,20 @@ -# permissions for end users to edit policies. +# permissions for end users to edit ngroktrafficpolicies. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: policy-editor-role + app.kubernetes.io/instance: ngroktrafficpolicy-editor-role app.kubernetes.io/component: rbac app.kubernetes.io/created-by: kubernetes-ingress-controller app.kubernetes.io/part-of: kubernetes-ingress-controller app.kubernetes.io/managed-by: kustomize - name: policy-editor-role + name: ngroktrafficpolicy-editor-role rules: - apiGroups: - ngrok.k8s.ngrok.com resources: - - policies + - ngroktrafficpolicies verbs: - create - delete @@ -26,6 +26,6 @@ rules: - apiGroups: - ngrok.k8s.ngrok.com resources: - - policies/status + - ngroktrafficpolicies/status verbs: - get diff --git a/config/rbac/ngrok_policy_viewer_role.yaml b/config/rbac/ngrok_ngroktrafficpolicy_viewer_role.yaml similarity index 69% rename from config/rbac/ngrok_policy_viewer_role.yaml rename to config/rbac/ngrok_ngroktrafficpolicy_viewer_role.yaml index fcc1c862..31f66a58 100644 --- a/config/rbac/ngrok_policy_viewer_role.yaml +++ b/config/rbac/ngrok_ngroktrafficpolicy_viewer_role.yaml @@ -1,20 +1,20 @@ -# permissions for end users to view policies. +# permissions for end users to view ngroktrafficpolicies. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: policy-viewer-role + app.kubernetes.io/instance: ngroktrafficpolicy-viewer-role app.kubernetes.io/component: rbac app.kubernetes.io/created-by: kubernetes-ingress-controller app.kubernetes.io/part-of: kubernetes-ingress-controller app.kubernetes.io/managed-by: kustomize - name: policy-viewer-role + name: ngroktrafficpolicy-viewer-role rules: - apiGroups: - ngrok.k8s.ngrok.com resources: - - policies + - ngroktrafficpolicies verbs: - get - list @@ -22,6 +22,6 @@ rules: - apiGroups: - ngrok.k8s.ngrok.com resources: - - policies/status + - ngroktrafficpolicies/status verbs: - get diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml index da7aad8f..8f8203d6 100644 --- a/config/samples/kustomization.yaml +++ b/config/samples/kustomization.yaml @@ -1,4 +1,4 @@ ## Append samples of your project ## resources: -- ngrok_v1alpha1_policy.yaml +- ngrok_v1alpha1_ngroktrafficpolicy.yaml #+kubebuilder:scaffold:manifestskustomizesamples diff --git a/config/samples/ngrok_v1alpha1_policy.yaml b/config/samples/ngrok_v1alpha1_ngroktrafficpolicy.yaml similarity index 62% rename from config/samples/ngrok_v1alpha1_policy.yaml rename to config/samples/ngrok_v1alpha1_ngroktrafficpolicy.yaml index fc263d56..22498da1 100644 --- a/config/samples/ngrok_v1alpha1_policy.yaml +++ b/config/samples/ngrok_v1alpha1_ngroktrafficpolicy.yaml @@ -1,12 +1,12 @@ apiVersion: ngrok.k8s.ngrok.com/v1alpha1 -kind: Policy +kind: NgrokTrafficPolicy metadata: labels: - app.kubernetes.io/name: policy - app.kubernetes.io/instance: policy-sample + app.kubernetes.io/name: ngroktrafficpolicy + app.kubernetes.io/instance: ngroktrafficpolicy-sample app.kubernetes.io/part-of: kubernetes-ingress-controller app.kubernetes.io/managed-by: kustomize app.kubernetes.io/created-by: kubernetes-ingress-controller - name: policy-sample + name: ngroktrafficpolicy-sample spec: # TODO(user): Add fields here diff --git a/internal/controller/ngrok/policy_controller.go b/internal/controller/ngrok/ngroktrafficpolicy_controller.go similarity index 73% rename from internal/controller/ngrok/policy_controller.go rename to internal/controller/ngrok/ngroktrafficpolicy_controller.go index 9c20c4c4..4499efb9 100644 --- a/internal/controller/ngrok/policy_controller.go +++ b/internal/controller/ngrok/ngroktrafficpolicy_controller.go @@ -35,26 +35,26 @@ import ( ngrokv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1" ) -// PolicyReconciler reconciles a Policy object -type PolicyReconciler struct { +// NgrokTrafficPolicyReconciler reconciles a NgrokTrafficPolicy object +type NgrokTrafficPolicyReconciler struct { client.Client Scheme *runtime.Scheme } -//+kubebuilder:rbac:groups=ngrok.k8s.ngrok.com,resources=policies,verbs=get;list;watch;create;update;patch;delete -//+kubebuilder:rbac:groups=ngrok.k8s.ngrok.com,resources=policies/status,verbs=get;update;patch -//+kubebuilder:rbac:groups=ngrok.k8s.ngrok.com,resources=policies/finalizers,verbs=update +//+kubebuilder:rbac:groups=ngrok.k8s.ngrok.com,resources=ngroktrafficpolicies,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=ngrok.k8s.ngrok.com,resources=ngroktrafficpolicies/status,verbs=get;update;patch +//+kubebuilder:rbac:groups=ngrok.k8s.ngrok.com,resources=ngroktrafficpolicies/finalizers,verbs=update // Reconcile is part of the main kubernetes reconciliation loop which aims to // move the current state of the cluster closer to the desired state. // TODO(user): Modify the Reconcile function to compare the state specified by -// the Policy object against the actual cluster state, and then +// the NgrokTrafficPolicy object against the actual cluster state, and then // perform operations to make the cluster state reflect the state specified by // the user. // // For more details, check Reconcile and its Result here: // - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.16.3/pkg/reconcile -func (r *PolicyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { +func (r *NgrokTrafficPolicyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { _ = log.FromContext(ctx) // TODO(user): your logic here @@ -63,8 +63,8 @@ func (r *PolicyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctr } // SetupWithManager sets up the controller with the Manager. -func (r *PolicyReconciler) SetupWithManager(mgr ctrl.Manager) error { +func (r *NgrokTrafficPolicyReconciler) SetupWithManager(mgr ctrl.Manager) error { return ctrl.NewControllerManagedBy(mgr). - For(&ngrokv1alpha1.Policy{}). + For(&ngrokv1alpha1.NgrokTrafficPolicy{}). Complete(r) } From 18a8c9332eee0b33a7c92b581ca316b787375bbd Mon Sep 17 00:00:00 2001 From: Delmer Reed Date: Wed, 24 Apr 2024 17:27:44 -0500 Subject: [PATCH 5/9] feat: add policy field for spec --- api/ngrok/v1alpha1/ngroktrafficpolicy_types.go | 5 +++-- api/ngrok/v1alpha1/zz_generated.deepcopy.go | 8 +++++++- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/api/ngrok/v1alpha1/ngroktrafficpolicy_types.go b/api/ngrok/v1alpha1/ngroktrafficpolicy_types.go index e18244a1..f6451d2d 100644 --- a/api/ngrok/v1alpha1/ngroktrafficpolicy_types.go +++ b/api/ngrok/v1alpha1/ngroktrafficpolicy_types.go @@ -25,6 +25,8 @@ SOFTWARE. package v1alpha1 import ( + "encoding/json" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -36,8 +38,7 @@ type NgrokTrafficPolicySpec struct { // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster // Important: Run "make" to regenerate code after modifying this file - // Foo is an example field of NgrokTrafficPolicy. Edit ngroktrafficpolicy_types.go to remove/update - Foo string `json:"foo,omitempty"` + Policy json.RawMessage `json:"policy,omitempty"` } // NgrokTrafficPolicyStatus defines the observed state of NgrokTrafficPolicy diff --git a/api/ngrok/v1alpha1/zz_generated.deepcopy.go b/api/ngrok/v1alpha1/zz_generated.deepcopy.go index 41ad367e..0dff6731 100644 --- a/api/ngrok/v1alpha1/zz_generated.deepcopy.go +++ b/api/ngrok/v1alpha1/zz_generated.deepcopy.go @@ -30,6 +30,7 @@ SOFTWARE. package v1alpha1 import ( + "encoding/json" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -38,7 +39,7 @@ func (in *NgrokTrafficPolicy) DeepCopyInto(out *NgrokTrafficPolicy) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec + in.Spec.DeepCopyInto(&out.Spec) out.Status = in.Status } @@ -95,6 +96,11 @@ func (in *NgrokTrafficPolicyList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NgrokTrafficPolicySpec) DeepCopyInto(out *NgrokTrafficPolicySpec) { *out = *in + if in.Policy != nil { + in, out := &in.Policy, &out.Policy + *out = make(json.RawMessage, len(*in)) + copy(*out, *in) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NgrokTrafficPolicySpec. From ea1fe6634ca12fa67b3251a492cb4ef9f144ecae Mon Sep 17 00:00:00 2001 From: Delmer Reed Date: Wed, 24 Apr 2024 17:40:08 -0500 Subject: [PATCH 6/9] chore: update manifests --- ...ok.k8s.ngrok.com_ngroktrafficpolicies.yaml | 53 +++++++++++++++++++ .../templates/rbac/role.yaml | 6 +-- 2 files changed, 56 insertions(+), 3 deletions(-) create mode 100644 helm/ingress-controller/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml diff --git a/helm/ingress-controller/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml b/helm/ingress-controller/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml new file mode 100644 index 00000000..9c8ff468 --- /dev/null +++ b/helm/ingress-controller/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml @@ -0,0 +1,53 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: ngroktrafficpolicies.ngrok.k8s.ngrok.com +spec: + group: ngrok.k8s.ngrok.com + names: + kind: NgrokTrafficPolicy + listKind: NgrokTrafficPolicyList + plural: ngroktrafficpolicies + singular: ngroktrafficpolicy + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NgrokTrafficPolicy is the Schema for the ngroktrafficpolicies + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NgrokTrafficPolicySpec defines the desired state of NgrokTrafficPolicy + properties: + policy: + description: RawMessage is a raw encoded JSON value. It implements + Marshaler and Unmarshaler and can be used to delay JSON decoding + or precompute a JSON encoding. + format: byte + type: string + type: object + status: + description: NgrokTrafficPolicyStatus defines the observed state of NgrokTrafficPolicy + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/helm/ingress-controller/templates/rbac/role.yaml b/helm/ingress-controller/templates/rbac/role.yaml index 3c3e89bd..b253c35c 100644 --- a/helm/ingress-controller/templates/rbac/role.yaml +++ b/helm/ingress-controller/templates/rbac/role.yaml @@ -295,7 +295,7 @@ rules: - apiGroups: - ngrok.k8s.ngrok.com resources: - - policies + - ngroktrafficpolicies verbs: - create - delete @@ -307,13 +307,13 @@ rules: - apiGroups: - ngrok.k8s.ngrok.com resources: - - policies/finalizers + - ngroktrafficpolicies/finalizers verbs: - update - apiGroups: - ngrok.k8s.ngrok.com resources: - - policies/status + - ngroktrafficpolicies/status verbs: - get - patch From 3a73086849b0252f46ac4f672cadfe48b320a503 Mon Sep 17 00:00:00 2001 From: Delmer Reed Date: Wed, 24 Apr 2024 17:41:48 -0500 Subject: [PATCH 7/9] chore: update snapshots --- .../controller-deployment_test.yaml.snap | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/helm/ingress-controller/tests/__snapshot__/controller-deployment_test.yaml.snap b/helm/ingress-controller/tests/__snapshot__/controller-deployment_test.yaml.snap index 990a33c4..caa2be3f 100644 --- a/helm/ingress-controller/tests/__snapshot__/controller-deployment_test.yaml.snap +++ b/helm/ingress-controller/tests/__snapshot__/controller-deployment_test.yaml.snap @@ -4,7 +4,7 @@ Should match all-options snapshot: kind: Deployment metadata: annotations: - checksum/controller-role: 2059e55f4fad961f33a3d4b60520e95f6f63629fdf9fbfc2c7c4ac742d8cd956 + checksum/controller-role: 439398312e0d70e3492ec89e5a2d465919aa27d88a661b7d62f9f1e622013fc6 checksum/rbac: d31fdcb337a6f1ee71323040c2cbc4d5580d73ae5f7623cd19be57db97f748c1 labels: app.kubernetes.io/component: controller @@ -26,7 +26,7 @@ Should match all-options snapshot: template: metadata: annotations: - checksum/controller-role: 2059e55f4fad961f33a3d4b60520e95f6f63629fdf9fbfc2c7c4ac742d8cd956 + checksum/controller-role: 439398312e0d70e3492ec89e5a2d465919aa27d88a661b7d62f9f1e622013fc6 checksum/rbac: d31fdcb337a6f1ee71323040c2cbc4d5580d73ae5f7623cd19be57db97f748c1 checksum/secret: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b prometheus.io/path: /metrics @@ -504,7 +504,7 @@ Should match all-options snapshot: - apiGroups: - ngrok.k8s.ngrok.com resources: - - policies + - ngroktrafficpolicies verbs: - create - delete @@ -516,13 +516,13 @@ Should match all-options snapshot: - apiGroups: - ngrok.k8s.ngrok.com resources: - - policies/finalizers + - ngroktrafficpolicies/finalizers verbs: - update - apiGroups: - ngrok.k8s.ngrok.com resources: - - policies/status + - ngroktrafficpolicies/status verbs: - get - patch @@ -533,7 +533,7 @@ Should match default snapshot: kind: Deployment metadata: annotations: - checksum/controller-role: 2059e55f4fad961f33a3d4b60520e95f6f63629fdf9fbfc2c7c4ac742d8cd956 + checksum/controller-role: 439398312e0d70e3492ec89e5a2d465919aa27d88a661b7d62f9f1e622013fc6 checksum/rbac: d31fdcb337a6f1ee71323040c2cbc4d5580d73ae5f7623cd19be57db97f748c1 labels: app.kubernetes.io/component: controller @@ -555,7 +555,7 @@ Should match default snapshot: template: metadata: annotations: - checksum/controller-role: 2059e55f4fad961f33a3d4b60520e95f6f63629fdf9fbfc2c7c4ac742d8cd956 + checksum/controller-role: 439398312e0d70e3492ec89e5a2d465919aa27d88a661b7d62f9f1e622013fc6 checksum/rbac: d31fdcb337a6f1ee71323040c2cbc4d5580d73ae5f7623cd19be57db97f748c1 checksum/secret: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b prometheus.io/path: /metrics @@ -1020,7 +1020,7 @@ Should match default snapshot: - apiGroups: - ngrok.k8s.ngrok.com resources: - - policies + - ngroktrafficpolicies verbs: - create - delete @@ -1032,13 +1032,13 @@ Should match default snapshot: - apiGroups: - ngrok.k8s.ngrok.com resources: - - policies/finalizers + - ngroktrafficpolicies/finalizers verbs: - update - apiGroups: - ngrok.k8s.ngrok.com resources: - - policies/status + - ngroktrafficpolicies/status verbs: - get - patch From 83e6a384dd3b95a8a8bf34c565648f41f62c4e0a Mon Sep 17 00:00:00 2001 From: Delmer Reed Date: Thu, 25 Apr 2024 10:10:46 -0500 Subject: [PATCH 8/9] chore: rm empty test suite --- internal/controller/ngrok/suite_test.go | 98 ------------------------- 1 file changed, 98 deletions(-) delete mode 100644 internal/controller/ngrok/suite_test.go diff --git a/internal/controller/ngrok/suite_test.go b/internal/controller/ngrok/suite_test.go deleted file mode 100644 index d906d5d5..00000000 --- a/internal/controller/ngrok/suite_test.go +++ /dev/null @@ -1,98 +0,0 @@ -/* -MIT License - -Copyright (c) 2022 ngrok, Inc. - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. -*/ - -package ngrok - -import ( - "fmt" - "path/filepath" - "runtime" - "testing" - - . "github.com/onsi/ginkgo/v2" - . "github.com/onsi/gomega" - - "k8s.io/client-go/kubernetes/scheme" - "k8s.io/client-go/rest" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/envtest" - logf "sigs.k8s.io/controller-runtime/pkg/log" - "sigs.k8s.io/controller-runtime/pkg/log/zap" - - ngrokv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1" - //+kubebuilder:scaffold:imports -) - -// These tests use Ginkgo (BDD-style Go testing framework). Refer to -// http://onsi.github.io/ginkgo/ to learn more about Ginkgo. - -var cfg *rest.Config -var k8sClient client.Client -var testEnv *envtest.Environment - -func TestControllers(t *testing.T) { - RegisterFailHandler(Fail) - - RunSpecs(t, "Controller Suite") -} - -var _ = BeforeSuite(func() { - logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true))) - - By("bootstrapping test environment") - testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "crd", "bases")}, - ErrorIfCRDPathMissing: true, - - // The BinaryAssetsDirectory is only required if you want to run the tests directly - // without call the makefile target test. If not informed it will look for the - // default path defined in controller-runtime which is /usr/local/kubebuilder/. - // Note that you must have the required binaries setup under the bin directory to perform - // the tests directly. When we run make test it will be setup and used automatically. - BinaryAssetsDirectory: filepath.Join("..", "..", "..", "bin", "k8s", - fmt.Sprintf("1.28.3-%s-%s", runtime.GOOS, runtime.GOARCH)), - } - - var err error - // cfg is defined in this file globally. - cfg, err = testEnv.Start() - Expect(err).NotTo(HaveOccurred()) - Expect(cfg).NotTo(BeNil()) - - err = ngrokv1alpha1.AddToScheme(scheme.Scheme) - Expect(err).NotTo(HaveOccurred()) - - //+kubebuilder:scaffold:scheme - - k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme}) - Expect(err).NotTo(HaveOccurred()) - Expect(k8sClient).NotTo(BeNil()) - -}) - -var _ = AfterSuite(func() { - By("tearing down the test environment") - err := testEnv.Stop() - Expect(err).NotTo(HaveOccurred()) -}) From 319b8631a61d07b27de3321ad5e318e31f60dcb4 Mon Sep 17 00:00:00 2001 From: Delmer Reed Date: Thu, 25 Apr 2024 10:37:30 -0500 Subject: [PATCH 9/9] chore: update manifests for spec --- api/ngrok/v1alpha1/ngroktrafficpolicy_types.go | 1 + api/ngrok/v1alpha1/zz_generated.deepcopy.go | 7 ++++++- .../crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml | 7 +++++++ 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/api/ngrok/v1alpha1/ngroktrafficpolicy_types.go b/api/ngrok/v1alpha1/ngroktrafficpolicy_types.go index f6451d2d..2397c6ec 100644 --- a/api/ngrok/v1alpha1/ngroktrafficpolicy_types.go +++ b/api/ngrok/v1alpha1/ngroktrafficpolicy_types.go @@ -45,6 +45,7 @@ type NgrokTrafficPolicySpec struct { type NgrokTrafficPolicyStatus struct { // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster // Important: Run "make" to regenerate code after modifying this file + Policy json.RawMessage `json:"policy,omitempty"` } //+kubebuilder:object:root=true diff --git a/api/ngrok/v1alpha1/zz_generated.deepcopy.go b/api/ngrok/v1alpha1/zz_generated.deepcopy.go index 0dff6731..f6c418f4 100644 --- a/api/ngrok/v1alpha1/zz_generated.deepcopy.go +++ b/api/ngrok/v1alpha1/zz_generated.deepcopy.go @@ -40,7 +40,7 @@ func (in *NgrokTrafficPolicy) DeepCopyInto(out *NgrokTrafficPolicy) { out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status + in.Status.DeepCopyInto(&out.Status) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NgrokTrafficPolicy. @@ -116,6 +116,11 @@ func (in *NgrokTrafficPolicySpec) DeepCopy() *NgrokTrafficPolicySpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NgrokTrafficPolicyStatus) DeepCopyInto(out *NgrokTrafficPolicyStatus) { *out = *in + if in.Policy != nil { + in, out := &in.Policy, &out.Policy + *out = make(json.RawMessage, len(*in)) + copy(*out, *in) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NgrokTrafficPolicyStatus. diff --git a/helm/ingress-controller/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml b/helm/ingress-controller/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml index 9c8ff468..b76c0713 100644 --- a/helm/ingress-controller/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml +++ b/helm/ingress-controller/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml @@ -45,6 +45,13 @@ spec: type: object status: description: NgrokTrafficPolicyStatus defines the observed state of NgrokTrafficPolicy + properties: + policy: + description: 'INSERT ADDITIONAL STATUS FIELD - define observed state + of cluster Important: Run "make" to regenerate code after modifying + this file' + format: byte + type: string type: object type: object served: true