Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve kapp-ctrl alignment #4074

Merged
merged 8 commits into from
Jan 28, 2022
Merged

Improve kapp-ctrl alignment #4074

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
e514586
Improve kapp-ctrl alignment
antgamdia Jan 13, 2022
54365dc
Minor changes after IRL tests
antgamdia Jan 13, 2022
be84b71
Reduce unnecesary extra deps
antgamdia Jan 13, 2022
60781e8
Merge branch 'master' into 3849-kappctrlAlign
antgamdia Jan 20, 2022
e1a7e16
Merge branch 'master' into 3849-kappctrlAlign
antgamdia Jan 20, 2022
9893fc3
Merge branch 'master'
antgamdia Jan 24, 2022
ab9a747
Merge branch 'main'
antgamdia Jan 25, 2022
5ad1a2f
Merge branch 'main'
antgamdia Jan 28, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 19 additions & 1 deletion cmd/kubeapps-apis/plugins/kapp_controller/packages/v1alpha1/server_ctrl_packages.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import (
corev1 "github.com/kubeapps/kubeapps/cmd/kubeapps-apis/gen/core/packages/v1alpha1"
"github.com/kubeapps/kubeapps/cmd/kubeapps-apis/plugins/pkg/paginate"
"github.com/kubeapps/kubeapps/cmd/kubeapps-apis/plugins/pkg/statuserror"
kappctrlinstalled "github.com/vmware-tanzu/carvel-kapp-controller/cli/pkg/kctrl/cmd/package/installed"
packagingv1alpha1 "github.com/vmware-tanzu/carvel-kapp-controller/pkg/apis/packaging/v1alpha1"
datapackagingv1alpha1 "github.com/vmware-tanzu/carvel-kapp-controller/pkg/apiserver/apis/datapackaging/v1alpha1"
vendirVersions "github.com/vmware-tanzu/carvel-vendir/pkg/vendir/versions/v1alpha1"
Expand Down Expand Up @@ -514,7 +515,7 @@ func (s *Server) CreateInstalledPackage(ctx context.Context, request *corev1.Cre
}

// build a new pkgInstall object
newPkgInstall, err := s.buildPkgInstall(installedPackageName, targetCluster, targetNamespace, pkgMetadata.Name, pkgVersion, reconciliationOptions)
newPkgInstall, err := s.buildPkgInstall(installedPackageName, targetCluster, targetNamespace, pkgMetadata.Name, pkgVersion, reconciliationOptions, secret)
if err != nil {
return nil, statuserror.FromK8sError("create", "PackageInstall", installedPackageName, err)
}
Expand Down Expand Up @@ -640,6 +641,23 @@ func (s *Server) UpdateInstalledPackage(ctx context.Context, request *corev1.Upd
if updatedSecret == nil || err != nil {
return nil, statuserror.FromK8sError("update", "Secret", secret.Name, err)
}

if updatedSecret != nil {
// Similar logic as in https://github.com/vmware-tanzu/carvel-kapp-controller/blob/v0.31.0/cli/pkg/kctrl/cmd/package/installed/create_or_update.go#L670
if pkgInstall.ObjectMeta.Annotations == nil {
pkgInstall.ObjectMeta.Annotations = make(map[string]string)
}
pkgInstall.ObjectMeta.Annotations[kappctrlinstalled.KctrlPkgAnnotation+"-"+kappctrlinstalled.KindSecret.AsString()] = fmt.Sprintf(kappctrlinstalled.SecretName, secret.Name, secret.ObjectMeta.Namespace)
pkgInstall.Spec.Values = []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
// The secret name should have the format: <name>-<namespace> as per:
// https://github.com/vmware-tanzu/carvel-kapp-controller/blob/v0.31.0/cli/pkg/kctrl/cmd/package/installed/created_resource_annotations.go#L19
Name: updatedSecret.Name,
Key: "values.yaml",
},
}}
}

} else {
// Delete all the associated secrets
// TODO(agamez): maybe it's too aggresive and we should be deleting only those secrets created by this plugin
Expand Down
39 changes: 25 additions & 14 deletions cmd/kubeapps-apis/plugins/kapp_controller/packages/v1alpha1/server_data_adapters.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ import (

corev1 "github.com/kubeapps/kubeapps/cmd/kubeapps-apis/gen/core/packages/v1alpha1"
"github.com/kubeapps/kubeapps/cmd/kubeapps-apis/gen/plugins/kapp_controller/packages/v1alpha1"
kappctrlinstalled "github.com/vmware-tanzu/carvel-kapp-controller/cli/pkg/kctrl/cmd/package/installed"
kappctrlv1alpha1 "github.com/vmware-tanzu/carvel-kapp-controller/pkg/apis/kappctrl/v1alpha1"
packagingv1alpha1 "github.com/vmware-tanzu/carvel-kapp-controller/pkg/apis/packaging/v1alpha1"
datapackagingv1alpha1 "github.com/vmware-tanzu/carvel-kapp-controller/pkg/apiserver/apis/datapackaging/v1alpha1"
Expand Down Expand Up @@ -378,21 +379,22 @@ func (s *Server) buildSecret(installedPackageName, values, targetNamespace strin
APIVersion: k8scorev1.SchemeGroupVersion.WithResource(k8scorev1.ResourceSecrets.String()).String(),
},
ObjectMeta: metav1.ObjectMeta{
// TODO(agamez): think about name collisions
Name: fmt.Sprintf("%s-values", installedPackageName),
Name: fmt.Sprintf(kappctrlinstalled.SecretName, installedPackageName, targetNamespace),
Namespace: targetNamespace,
Annotations: map[string]string{
kappctrlinstalled.KctrlPkgAnnotation: fmt.Sprintf("%s-%s", installedPackageName, targetNamespace),
},
},
Data: map[string][]byte{
// TODO(agamez): check the actual value for the key.
// Assuming "values.yaml" perhaps is not always true.
// Perhaos this info is in the "package" object?
// Using "values.yaml" as per:
// https://github.com/vmware-tanzu/carvel-kapp-controller/blob/v0.31.0/cli/pkg/kctrl/cmd/package/installed/create_or_update.go#L32
"values.yaml": []byte(values),
},
Type: "Opaque",
}, nil
}

func (s *Server) buildPkgInstall(installedPackageName, targetCluster, targetNamespace, packageRefName, pkgVersion string, reconciliationOptions *corev1.ReconciliationOptions) (*packagingv1alpha1.PackageInstall, error) {
func (s *Server) buildPkgInstall(installedPackageName, targetCluster, targetNamespace, packageRefName, pkgVersion string, reconciliationOptions *corev1.ReconciliationOptions, secret *k8scorev1.Secret) (*packagingv1alpha1.PackageInstall, error) {
pkgInstall := &packagingv1alpha1.PackageInstall{
TypeMeta: metav1.TypeMeta{
Kind: pkgInstallResource,
Expand All @@ -411,14 +413,6 @@ func (s *Server) buildPkgInstall(installedPackageName, targetCluster, targetName
// Namespace: targetNamespace,
// KubeconfigSecretRef: &kappctrlv1alpha1.AppClusterKubeconfigSecretRef{},
// },
Values: []packagingv1alpha1.PackageInstallValues{
{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: fmt.Sprintf("%s-values", installedPackageName),
Key: "values.yaml",
},
},
},
PackageRef: &packagingv1alpha1.PackageRef{
RefName: packageRefName,
VersionSelection: &vendirversions.VersionSelectionSemver{
Expand All @@ -440,6 +434,23 @@ func (s *Server) buildPkgInstall(installedPackageName, targetCluster, targetName
pkgInstall.Spec.ServiceAccountName = reconciliationOptions.ServiceAccountName
pkgInstall.Spec.Paused = reconciliationOptions.Suspend
}

if secret != nil {
// Similar logic as in https://github.com/vmware-tanzu/carvel-kapp-controller/blob/v0.31.0/cli/pkg/kctrl/cmd/package/installed/create_or_update.go#L670
if pkgInstall.ObjectMeta.Annotations == nil {
pkgInstall.ObjectMeta.Annotations = make(map[string]string)
}
pkgInstall.ObjectMeta.Annotations[kappctrlinstalled.KctrlPkgAnnotation+"-"+kappctrlinstalled.KindSecret.AsString()] = secret.Name
pkgInstall.Spec.Values = []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
// The secret name should have the format: <name>-<namespace> as per:
// https://github.com/vmware-tanzu/carvel-kapp-controller/blob/v0.31.0/cli/pkg/kctrl/cmd/package/installed/created_resource_annotations.go#L19
Name: secret.Name,
Key: "values.yaml",
},
}}
}

return pkgInstall, nil
}

Expand Down
36 changes: 18 additions & 18 deletions cmd/kubeapps-apis/plugins/kapp_controller/packages/v1alpha1/server_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1083,7 +1083,7 @@ func TestGetInstalledPackageSummaries(t *testing.T) {
},
Values: []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: "my-installation-values",
Name: "my-installation-default-values",
},
},
},
Expand Down Expand Up @@ -1243,7 +1243,7 @@ func TestGetInstalledPackageSummaries(t *testing.T) {
},
Values: []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: "my-installation-values",
Name: "my-installation-default-values",
},
},
},
Expand Down Expand Up @@ -1287,7 +1287,7 @@ func TestGetInstalledPackageSummaries(t *testing.T) {
},
Values: []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: "my-installation-values",
Name: "my-installation-default-values",
},
},
},
Expand Down Expand Up @@ -1434,7 +1434,7 @@ func TestGetInstalledPackageSummaries(t *testing.T) {
},
Values: []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: "my-installation-values",
Name: "my-installation-default-values",
},
},
},
Expand Down Expand Up @@ -1573,7 +1573,7 @@ func TestGetInstalledPackageSummaries(t *testing.T) {
},
Values: []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: "my-installation-values",
Name: "my-installation-default-values",
},
},
},
Expand Down Expand Up @@ -1911,7 +1911,7 @@ func TestGetInstalledPackageDetail(t *testing.T) {
},
Values: []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: "my-installation-values",
Name: "my-installation-default-values",
},
},
},
Expand Down Expand Up @@ -1968,7 +1968,7 @@ func TestGetInstalledPackageDetail(t *testing.T) {
&k8scorev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Namespace: "default",
Name: "my-installation-values",
Name: "my-installation-default-values",
},
Type: "Opaque",
Data: map[string][]byte{
Expand Down Expand Up @@ -2393,7 +2393,7 @@ func TestCreateInstalledPackage(t *testing.T) {
},
Values: []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: "my-installation-values",
Name: "my-installation-default-values",
},
},
},
Expand Down Expand Up @@ -2600,7 +2600,7 @@ func TestCreateInstalledPackage(t *testing.T) {
},
Values: []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: "my-installation-values",
Name: "my-installation-default-values",
},
},
},
Expand Down Expand Up @@ -2744,7 +2744,7 @@ func TestCreateInstalledPackage(t *testing.T) {
},
Values: []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: "my-installation-values",
Name: "my-installation-default-values",
},
},
},
Expand Down Expand Up @@ -2886,7 +2886,7 @@ func TestCreateInstalledPackage(t *testing.T) {
},
Values: []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: "my-installation-values",
Name: "my-installation-default-values",
},
},
},
Expand Down Expand Up @@ -3042,7 +3042,7 @@ func TestUpdateInstalledPackage(t *testing.T) {
},
Values: []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: "my-installation-values",
Name: "my-installation-default-values",
},
},
},
Expand Down Expand Up @@ -3072,7 +3072,7 @@ func TestUpdateInstalledPackage(t *testing.T) {
&k8scorev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Namespace: "default",
Name: "my-installation-values",
Name: "my-installation-default-values",
},
Type: "Opaque",
Data: map[string][]byte{
Expand Down Expand Up @@ -3107,7 +3107,7 @@ func TestUpdateInstalledPackage(t *testing.T) {
},
Values: []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: "my-installation-values",
Name: "my-installation-default-values",
},
},
},
Expand Down Expand Up @@ -3214,7 +3214,7 @@ func TestDeleteInstalledPackage(t *testing.T) {
},
Values: []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: "my-installation-values",
Name: "my-installation-default-values",
},
},
},
Expand Down Expand Up @@ -3244,7 +3244,7 @@ func TestDeleteInstalledPackage(t *testing.T) {
&k8scorev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Namespace: "default",
Name: "my-installation-values",
Name: "my-installation-default-values",
},
Type: "Opaque",
Data: map[string][]byte{
Expand Down Expand Up @@ -3284,7 +3284,7 @@ func TestDeleteInstalledPackage(t *testing.T) {
},
Values: []packagingv1alpha1.PackageInstallValues{{
SecretRef: &packagingv1alpha1.PackageInstallValuesSecretRef{
Name: "my-installation-values",
Name: "my-installation-default-values",
},
},
},
Expand Down Expand Up @@ -3314,7 +3314,7 @@ func TestDeleteInstalledPackage(t *testing.T) {
&k8scorev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Namespace: "default",
Name: "my-installation-values",
Name: "my-installation-default-values",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let me know if I missed something, but it looks like none of these test changes are actually testing the change (of adding the annotations?)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep, right, they aren't actually testing it, but definitively we should test it. I'll do it.

do we want to annotate the secrets we create as if they're created by the kapp controller cli? Or maybe the annotation is more general than that?

Currently, the annotation being added is packaging.carvel.dev/package-secret=myPkgName-myNS-values (previously it was tkg.tanzu.vmware.com/tanzu-package), so I just thought it would be a good idea to also use it. I mean, there is nothing strictly related to kapp-controller, and -not sure- not adding it might have some unexpected side effects for those users also using kapp CLI for managing the packages they installed via Kubeapps.

Besides, another reason for adding them is that I initially thought it could be beneficial for getting some auto-deletion of some resources (like secrets) when uninstalling an app. However, it doesn't happen.

I'd rather keep the annotations - plus updating the tests - (as they are harmless) just to give the same CLI experience if a user decides to use kapp for managing kubeapps-installed carvel packages eventually. Not a strong opinion, though; happy to remove them if you think otherwise.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's fine with me. I just wasn't sure:

What happens, Kubeapps aside, if a user creates a secret, then passes that secret to the [kapp] CLI during a package creation? (don't remember).

From what you've said (about it being the same CLI experience), it sounds like kapp will annotate this user-created secret (which surprised me - I'd expect kapp to add such an annotation to a secret that it creates on behalf of the user, not one supplied by the user).

+1

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well... I've been looking into this after merging. I made a mistake: I assumed the annotations I mentioned were added by kapp-controller's code, but it's not.
kapp-ctrl people are developing their own CLI (that is, not the kapp CLI, but the kctrl CLI instead)

The annotations I assumed were added by kapp-ctrl were, actually, added by this new (and unreleased) kctrl CLI.
This is so confusing, I mean, in that the annotations added in each case are totally different.

PackageInstall

Using kubectl apply
  annotations:
    # <none>
  labels:
    # <none>
Using kapp deploy
  annotations:
    kapp.k14s.io/identity: v1;default/packaging.carvel.dev/PackageInstall/pkg-demo;packaging.carvel.dev/v1alpha1
    kapp.k14s.io/original: '{"apiVersion":"packaging.carvel.dev/v1alpha1","kind":"PackageInstall","metadata":{"labels":{"kapp.k14s.io/app":"1643381406628771860","kapp.k14s.io/association":"v1.9c2b0de727437c93dd7e5dcc44c83cb1"},"name":"pkg-demo","namespace":"default"},"spec":{"packageRef":{"refName":"simple-app.corp.com","versionSelection":{"constraints":"1.0.0"}},"serviceAccountName":"default-ns-sa","values":[{"secretRef":{"name":"pkg-demo-values"}}]}}'
    kapp.k14s.io/original-diff-md5: c6e94dc94aed3401b5d0f26ed6c0bff3
  labels:
    kapp.k14s.io/app: "1643381406628771860"
    kapp.k14s.io/association: v1.9c2b0de727437c93dd7e5dcc44c83cb1
Using kctrl package install
  annotations:
    packaging.carvel.dev/package-ClusterRole: demo-cli-1-default-cluster-role
    packaging.carvel.dev/package-ClusterRoleBinding: demo-cli-1-default-cluster-rolebinding
    packaging.carvel.dev/package-Secret: demo-cli-1-default-values
    packaging.carvel.dev/package-ServiceAccount: demo-cli-1-default-sa
    tkg.tanzu.vmware.com/tanzu-package-ClusterRole: demo-cli-1-default-cluster-role
    tkg.tanzu.vmware.com/tanzu-package-ClusterRoleBinding: demo-cli-1-default-cluster-rolebinding
    tkg.tanzu.vmware.com/tanzu-package-Secret: demo-cli-1-default-values
    tkg.tanzu.vmware.com/tanzu-package-ServiceAccount: demo-cli-1-default-sa
  labels:
    # <none>

Secret (created by passing the values)

Using kubectl apply
  annotations:
    # <none>
  labels:
    # <none>
Using kapp deploy
  annotations:
    kapp.k14s.io/identity: v1;default/packaging.carvel.dev/PackageInstall/pkg-demo;packaging.carvel.dev/v1alpha1
    kapp.k14s.io/original: '{"apiVersion":"packaging.carvel.dev/v1alpha1","kind":"PackageInstall","metadata":{"labels":{"kapp.k14s.io/app":"1643381406628771860","kapp.k14s.io/association":"v1.9c2b0de727437c93dd7e5dcc44c83cb1"},"name":"pkg-demo","namespace":"default"},"spec":{"packageRef":{"refName":"simple-app.corp.com","versionSelection":{"constraints":"1.0.0"}},"serviceAccountName":"default-ns-sa","values":[{"secretRef":{"name":"pkg-demo-values"}}]}}'
    kapp.k14s.io/original-diff-md5: c6e94dc94aed3401b5d0f26ed6c0bff3
  labels:
    kapp.k14s.io/app: "1643381406628771860"
    kapp.k14s.io/association: v1.9c2b0de727437c93dd7e5dcc44c83cb1
Using kctrl package install
  annotations:
    packaging.carvel.dev/package: demo-cli-1-default
    tkg.tanzu.vmware.com/tanzu-package: demo-cli-1-default
  labels:
    # <none>

So, as always in case of doubt, let me raise the question to the Carvel team to see what they think is the best way to go (for a 3rd party PackageInstall creator like Kubeapps, so to speak).
I'll send a PR reverting the changes in the annotations right now, but will modify it according to what Carvel people say.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Carvel team answered: we shouldn't add any annotation.

},
Type: "Opaque",
Data: map[string][]byte{
Expand Down
6 changes: 4 additions & 2 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,7 @@ require (
github.com/stretchr/testify v1.7.0
github.com/urfave/negroni v1.0.0
github.com/vmware-tanzu/carvel-kapp-controller v0.31.0
github.com/vmware-tanzu/carvel-kapp-controller/cli v0.0.0-20220119235856-5eac9c81f5b5
github.com/vmware-tanzu/carvel-vendir v0.24.0
golang.org/x/net v0.0.0-20211123203042-d83791d6bcd9
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
Expand Down Expand Up @@ -152,8 +153,9 @@ require (
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/k14s/difflib v0.0.0-20201117154628-0c031775bf57 // indirect
github.com/k14s/semver/v4 v4.0.1-0.20210701191048-266d47ac6115 // indirect
github.com/k14s/starlark-go v0.0.0-20200720175618-3a5c849cc368 // indirect
github.com/k14s/ytt v0.36.0 // indirect
github.com/k14s/ytt v0.38.0 // indirect
github.com/klauspost/compress v1.13.6 // indirect
github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
Expand Down Expand Up @@ -197,7 +199,7 @@ require (
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
github.com/xeipuuv/gojsonschema v1.2.0 // indirect
github.com/xlab/treeprint v1.1.0 // indirect
go.starlark.net v0.0.0-20211013185944-b0039bd2cfe3 // indirect
go.starlark.net v0.0.0-20211203141949-70c0e40ae128 // indirect
golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871 // indirect
golang.org/x/image v0.0.0-20211028202545-6944b10bf410 // indirect
golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect
Expand Down
Loading