Merge pull request #452 from ngrok/hkatz/endpoint-binding-crd

Modify EndpointBinding CRD to reflect cardinality of bound Endpoints

api/bindings/v1alpha1/endpointbinding_types.go

@@ -33,13 +33,14 @@ import (
 
 // EndpointBindingSpec defines the desired state of EndpointBinding
 type EndpointBindingSpec struct {
-	// Protocol is the Service protocol this Endpoint uses
+	// Scheme is a user-defined field for endpoints that describe how the data packets
+	// are framed by the pod forwarders mTLS connection to the ngrok edge
 	// +kubebuilder:validation:Required
-	// +kubebuilder:default=`TCP`
-	// +kubebuilder:validation:Enum=TCP
-	Protocol string `json:"protocol"`
+	// +kubebuilder:default=`https`
+	// +kubebuilder:validation:Enum=tcp;http;https;tls
+	Scheme string `json:"scheme"`
 
-	// Port is the Service port this Endpoint uses
+	// Port is the Service port this Endpoint uses internally to communicate with its pod forwarders
 	// +kubebuilder:validation:Required
 	Port int32 `json:"port"`
 
@@ -50,7 +51,15 @@ type EndpointBindingSpec struct {
 
 // EndpointBindingStatus defines the observed state of EndpointBinding
 type EndpointBindingStatus struct {
-	BindingEndpoint `json:",inline"`
+	// Endpoints is the list of BindingEndpoints that are created for this EndpointBinding
+	//
+	// Note: The collection of Endpoints per Binding are Many-to-One
+	//       The uniqueness of each Endpoint is not ID, but rather the 4-tuple <scheme,service-name,namespace,port>
+	//       All Endpoints bound to a EndpointBinding will share the same 4-tuple, statuses, errors, etc...
+	//       this is because EndpointBinding represents 1 Service, yet many Endpoints
+	//
+	// +kubebuilder:validation:Required
+	Endpoints []BindingEndpoint `json:"endpoints"`
 
 	// HashName is the hashed output of the TargetService and TargetNamespace for unique identification
 	// +kubebuilder:validation:Required
@@ -67,6 +76,12 @@ type EndpointTarget struct {
 	// +kubebuilder:validation:Required
 	Namespace string `json:"namespace"`
 
+	// Protocol is the Service protocol this Endpoint uses
+	// +kubebuilder:validation:Required
+	// +kubebuilder:default=`TCP`
+	// +kubebuilder:validation:Enum=TCP
+	Protocol string `json:"protocol"`
+
 	// Port is the Service targetPort this Endpoint uses for the Pod Forwarders
 	// +kubebuilder:validation:Required
 	Port int32 `json:"port"`
@@ -83,7 +98,7 @@ type EndpointTarget struct {
 // +kubebuilder:printcolumn:name="Namespace",type="string",JSONPath=".spec.targetService"
 // +kubebuilder:printcolumn:name="Service",type="string",JSONPath=".spec.targetNamespace"
 // +kubebuilder:printcolumn:name="Port",type="string",JSONPath=".spec.port"
-// +kubebuilder:printcolumn:name="Protocol",type="string",JSONPath=".spec.protocol"
+// +kubebuilder:printcolumn:name="Scheme",type="string",JSONPath=".spec.scheme"
 type EndpointBinding struct {
 	metav1.TypeMeta   `json:",inline"`
 	metav1.ObjectMeta `json:"metadata,omitempty"`

internal/controller/bindings/endpointbinding_poller.go

@@ -129,12 +129,13 @@ func (r *EndpointBindingPoller) reconcileEndpointBindingsFromAPI(ctx context.Con
 func (r *EndpointBindingPoller) createBinding(ctx context.Context, hashedName string, apiEndpoint *EndpointBinding, urlBits *URLBits) error {
 	binding := &bindingsv1alpha1.EndpointBinding{
 		Spec: bindingsv1alpha1.EndpointBindingSpec{
-			Port:     urlBits.Port,
-			Protocol: urlBits.Protocol,
+			Port:   urlBits.Port, // TODO: This is probably wrong and should be # assigned by operator to target the ngrok-operator-forwarder container
+			Scheme: urlBits.Scheme,
 			Target: bindingsv1alpha1.EndpointTarget{
+				Protocol:  "TCP", // Only support tcp for now, scheme controls how ngrok handles the endpoint
 				Namespace: urlBits.Namespace,
 				Service:   urlBits.ServiceName,
-				Port:      urlBits.Port, // TODO: This is probably wrong and should be # assigned by operator to target the ngrok-operator-forwarder container
+				Port:      urlBits.Port,
 			},
 		},
 		Status: bindingsv1alpha1.EndpointBindingStatus{
@@ -155,7 +156,7 @@ func (r *EndpointBindingPoller) createBinding(ctx context.Context, hashedName st
 
 func (r *EndpointBindingPoller) updateBinding(ctx context.Context, binding *bindingsv1alpha1.EndpointBinding, apiEndpoint *EndpointBinding, urlBits *URLBits) error {
 	binding.Spec.Port = urlBits.Port
-	binding.Spec.Protocol = urlBits.Protocol
+	binding.Spec.Scheme = urlBits.Scheme
 	binding.Spec.Target.Namespace = urlBits.Namespace
 	binding.Spec.Target.Service = urlBits.ServiceName
 	binding.Spec.Target.Port = urlBits.Port
@@ -180,7 +181,7 @@ func (r *EndpointBindingPoller) updateBinding(ctx context.Context, binding *bind
 func shouldUpdateBinding(binding *bindingsv1alpha1.EndpointBinding, apiEndpoint *EndpointBinding, urlBits *URLBits) bool {
 	// Check if any of the relevant fields differ.
 	return binding.Spec.Port != urlBits.Port ||
-		binding.Spec.Protocol != urlBits.Protocol ||
+		binding.Spec.Scheme != urlBits.Scheme ||
 		binding.Spec.Target.Namespace != urlBits.Namespace ||
 		binding.Spec.Target.Service != urlBits.ServiceName ||
 		binding.Status.HashedName != hashURL(apiEndpoint.URL)
@@ -221,7 +222,7 @@ func parseURLBits(urlStr string) (*URLBits, error) {
 	}
 
 	return &URLBits{
-		Protocol:    parsedURL.Scheme,
+		Scheme:      parsedURL.Scheme,
 		ServiceName: parts[0],
 		Namespace:   parts[1],
 		Port:        port,
@@ -254,7 +255,7 @@ func fetchEndpoints() (*APIResponse, error) {
 }
 
 type URLBits struct {
-	Protocol    string
+	Scheme      string
 	ServiceName string
 	Namespace   string
 	Port        int32