From 578271cbeb31e7ede33ae46453c4598af58ea275 Mon Sep 17 00:00:00 2001 From: Jerad C Date: Tue, 15 Feb 2022 15:55:37 -0600 Subject: [PATCH 1/6] replace kustomize with helm --- BUILD.md | 32 ++++++- src/Makefile | 53 +++-------- .../aws-node-termination-handler-2/Chart.yaml | 19 ++++ .../aws-node-termination-handler-2/README.md | 15 +++ .../crds/node.k8s.aws_terminators.yaml | 56 +++++++++++ .../templates/_helpers.tpl | 65 +++++++++++++ .../templates/clusterrole.yaml | 46 +++++++++ .../templates/clusterrole_binding.yaml | 20 ++++ .../templates/deployment.yaml | 93 +++++++++++++++++++ .../templates/role_leaderelection.yaml | 26 ++++++ .../templates/service.yaml | 24 +++++ .../templates/serviceaccount.yaml | 18 ++++ .../values.yaml | 81 ++++++++++++++++ src/config/crd/kustomization.yaml | 21 ----- src/config/crd/kustomizeconfig.yaml | 19 ---- .../patches/cainjection_in_terminators.yaml | 7 -- .../crd/patches/webhook_in_terminators.yaml | 16 ---- src/config/default/kustomization.yaml | 74 --------------- .../default/manager_auth_proxy_patch.yaml | 34 ------- src/config/default/manager_config_patch.yaml | 20 ---- .../manager/controller_manager_config.yaml | 11 --- src/config/manager/kustomization.yaml | 10 -- src/config/manager/manager.yaml | 60 ------------ src/config/prometheus/kustomization.yaml | 2 - src/config/prometheus/monitor.yaml | 20 ---- .../rbac/auth_proxy_client_clusterrole.yaml | 9 -- src/config/rbac/auth_proxy_role.yaml | 17 ---- src/config/rbac/auth_proxy_role_binding.yaml | 12 --- src/config/rbac/auth_proxy_service.yaml | 15 --- src/config/rbac/kustomization.yaml | 18 ---- src/config/rbac/leader_election_role.yaml | 37 -------- .../rbac/leader_election_role_binding.yaml | 12 --- src/config/rbac/role_binding.yaml | 12 --- src/config/rbac/service_account.yaml | 5 - src/config/rbac/terminator_editor_role.yaml | 24 ----- src/config/rbac/terminator_viewer_role.yaml | 20 ---- .../samples/node_v1alpha1_terminator.yaml | 6 -- 37 files changed, 508 insertions(+), 521 deletions(-) create mode 100644 src/charts/aws-node-termination-handler-2/Chart.yaml create mode 100644 src/charts/aws-node-termination-handler-2/README.md create mode 100644 src/charts/aws-node-termination-handler-2/crds/node.k8s.aws_terminators.yaml create mode 100644 src/charts/aws-node-termination-handler-2/templates/_helpers.tpl create mode 100644 src/charts/aws-node-termination-handler-2/templates/clusterrole.yaml create mode 100644 src/charts/aws-node-termination-handler-2/templates/clusterrole_binding.yaml create mode 100644 src/charts/aws-node-termination-handler-2/templates/deployment.yaml create mode 100644 src/charts/aws-node-termination-handler-2/templates/role_leaderelection.yaml create mode 100644 src/charts/aws-node-termination-handler-2/templates/service.yaml create mode 100644 src/charts/aws-node-termination-handler-2/templates/serviceaccount.yaml create mode 100644 src/charts/aws-node-termination-handler-2/values.yaml delete mode 100644 src/config/crd/kustomization.yaml delete mode 100644 src/config/crd/kustomizeconfig.yaml delete mode 100644 src/config/crd/patches/cainjection_in_terminators.yaml delete mode 100644 src/config/crd/patches/webhook_in_terminators.yaml delete mode 100644 src/config/default/kustomization.yaml delete mode 100644 src/config/default/manager_auth_proxy_patch.yaml delete mode 100644 src/config/default/manager_config_patch.yaml delete mode 100644 src/config/manager/controller_manager_config.yaml delete mode 100644 src/config/manager/kustomization.yaml delete mode 100644 src/config/manager/manager.yaml delete mode 100644 src/config/prometheus/kustomization.yaml delete mode 100644 src/config/prometheus/monitor.yaml delete mode 100644 src/config/rbac/auth_proxy_client_clusterrole.yaml delete mode 100644 src/config/rbac/auth_proxy_role.yaml delete mode 100644 src/config/rbac/auth_proxy_role_binding.yaml delete mode 100644 src/config/rbac/auth_proxy_service.yaml delete mode 100644 src/config/rbac/kustomization.yaml delete mode 100644 src/config/rbac/leader_election_role.yaml delete mode 100644 src/config/rbac/leader_election_role_binding.yaml delete mode 100644 src/config/rbac/role_binding.yaml delete mode 100644 src/config/rbac/service_account.yaml delete mode 100644 src/config/rbac/terminator_editor_role.yaml delete mode 100644 src/config/rbac/terminator_viewer_role.yaml delete mode 100644 src/config/samples/node_v1alpha1_terminator.yaml diff --git a/BUILD.md b/BUILD.md index 2fd9f957..852109bc 100644 --- a/BUILD.md +++ b/BUILD.md @@ -1 +1,31 @@ -TBD \ No newline at end of file +# Setup Development Environment + +Clone the repo: + +```sh +git clone --branch v2 https://github.com/aws/aws-node-termination-handler.git +``` + +Install build tools + +```sh +make controller-gen ko envtest +``` + +Configure image repository location + +```sh +export KO_DOCKER_REPO=my.image.repo/path +``` + +Build and deploy controller to Kubernetes cluster + +```sh +make apply +``` + +Remove deployed controller from Kubernetes cluster + +```sh +make delete +``` \ No newline at end of file diff --git a/src/Makefile b/src/Makefile index 5592f2c9..1039992c 100644 --- a/src/Makefile +++ b/src/Makefile @@ -17,9 +17,6 @@ endif SHELL = /usr/bin/env bash -o pipefail .SHELLFLAGS = -ec -.PHONY: all -all: build - ##@ General # The help target prints out all targets with their descriptions organized @@ -61,59 +58,37 @@ test: manifests generate fmt vet envtest ## Run tests. ##@ Build -.PHONY: build -build: generate fmt vet ## Build manager binary. - go build -o bin/manager main.go - .PHONY: run run: manifests generate fmt vet ## Run a controller from your host. go run ./main.go -.PHONY: docker-build -docker-build: test ## Build docker image with the manager. - docker build -t ${IMG} . - -.PHONY: docker-push -docker-push: ## Push docker image with the manager. - docker push ${IMG} - ##@ Deployment -ifndef ignore-not-found - ignore-not-found = false -endif - -.PHONY: install -install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. - $(KUSTOMIZE) build config/crd | kubectl apply -f - - -.PHONY: uninstall -uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. - $(KUSTOMIZE) build config/crd | kubectl delete --ignore-not-found=$(ignore-not-found) -f - - -.PHONY: deploy -deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config. - cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} - $(KUSTOMIZE) build config/default | kubectl apply -f - +.PHONY: apply +apply: # Deploy the controller into the current kubernetes cluster. + helm upgrade --install dev charts/aws-node-termination-handler-2 --namespace nthv2 --create-namespace \ + $(HELM_OPTS) \ + --set controller.image=$(shell $(KO) publish -B github.com/aws/aws-node-termination-handler) \ + --set fullnameOverride=nthv2 -.PHONY: undeploy -undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. - $(KUSTOMIZE) build config/default | kubectl delete --ignore-not-found=$(ignore-not-found) -f - +.PHONY: delete +delete: # Delete controller from current kubernetes cluster. + helm uninstall dev --namespace nthv2 CONTROLLER_GEN = $(shell pwd)/bin/controller-gen .PHONY: controller-gen controller-gen: ## Download controller-gen locally if necessary. $(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.8.0) -KUSTOMIZE = $(shell pwd)/bin/kustomize -.PHONY: kustomize -kustomize: ## Download kustomize locally if necessary. - $(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v3@v3.8.7) +KO = $(shell pwd)/bin/ko +.PHONY: ko +ko: ## Download ko locally if necessary. + $(call go-get-tool,$(KO),github.com/google/ko@v0.9.3) ENVTEST = $(shell pwd)/bin/setup-envtest .PHONY: envtest envtest: ## Download envtest-setup locally if necessary. - $(call go-get-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest@latest) + $(call go-get-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest@v0.11.1) # go-get-tool will 'go get' any package $2 and install it to $1. PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST)))) diff --git a/src/charts/aws-node-termination-handler-2/Chart.yaml b/src/charts/aws-node-termination-handler-2/Chart.yaml new file mode 100644 index 00000000..698cb33d --- /dev/null +++ b/src/charts/aws-node-termination-handler-2/Chart.yaml @@ -0,0 +1,19 @@ +apiVersion: v2 +name: aws-node-termination-handler-2 +description: A Helm chart for aws-node-termination-handler, an open-source component for gracefully handling termination events for node hosted in AWS. +type: application +version: 0.1.0 +appVersion: "2.0.0-0.1" +kubeVersion: ">=1.16-0" +keywords: + - aws + - ec2 + - ec2-spot + - eks + - node + - node-termination + - spot +home: https://github.com/aws/eks-charts +sources: + - https://github.com/aws/aws-node-termination-handler + - https://github.com/aws/eks-charts diff --git a/src/charts/aws-node-termination-handler-2/README.md b/src/charts/aws-node-termination-handler-2/README.md new file mode 100644 index 00000000..29df6157 --- /dev/null +++ b/src/charts/aws-node-termination-handler-2/README.md @@ -0,0 +1,15 @@ +# AWS Node Termination Handler + +AWS Node Termination Handler Helm chart for Kubernetes. For more information on this project see the project repo at [github.com/aws/aws-node-termination-handler](https://github.com/aws/aws-node-termination-handler). + +## Prerequisites + +- _Kubernetes_ >= 1.16 + +## Installing the Chart + +Before you can install the chart you will need to add the `aws` repo to [Helm](https://helm.sh/). + +```shell +helm repo add eks https://aws.github.io/eks-charts/ +``` diff --git a/src/charts/aws-node-termination-handler-2/crds/node.k8s.aws_terminators.yaml b/src/charts/aws-node-termination-handler-2/crds/node.k8s.aws_terminators.yaml new file mode 100644 index 00000000..6f609776 --- /dev/null +++ b/src/charts/aws-node-termination-handler-2/crds/node.k8s.aws_terminators.yaml @@ -0,0 +1,56 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: terminators.node.k8s.aws +spec: + group: node.k8s.aws + names: + kind: Terminator + listKind: TerminatorList + plural: terminators + singular: terminator + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Terminator is the Schema for the terminators API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TerminatorSpec defines the desired state of Terminator + properties: + foo: + description: Foo is an example field of Terminator. Edit terminator_types.go + to remove/update + type: string + type: object + status: + description: TerminatorStatus defines the observed state of Terminator + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/src/charts/aws-node-termination-handler-2/templates/_helpers.tpl b/src/charts/aws-node-termination-handler-2/templates/_helpers.tpl new file mode 100644 index 00000000..0b8b71fe --- /dev/null +++ b/src/charts/aws-node-termination-handler-2/templates/_helpers.tpl @@ -0,0 +1,65 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "aws-node-termination-handler.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "aws-node-termination-handler.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "aws-node-termination-handler.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "aws-node-termination-handler.labels" -}} +helm.sh/chart: {{ include "aws-node-termination-handler.chart" . | quote }} +{{ include "aws-node-termination-handler.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service | quote }} +{{- with .Values.labels }} +{{ toYaml . }} +{{- end }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "aws-node-termination-handler.selectorLabels" -}} +app.kubernetes.io/name: {{ include "aws-node-termination-handler.name" . | quote }} +app.kubernetes.io/instance: {{ .Release.Name | quote }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "aws-node-termination-handler.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "aws-node-termination-handler.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/src/charts/aws-node-termination-handler-2/templates/clusterrole.yaml b/src/charts/aws-node-termination-handler-2/templates/clusterrole.yaml new file mode 100644 index 00000000..fb5358c7 --- /dev/null +++ b/src/charts/aws-node-termination-handler-2/templates/clusterrole.yaml @@ -0,0 +1,46 @@ +{{- if .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "aws-node-termination-handler.fullname" . }} + labels: + {{- include "aws-node-termination-handler.labels" . | nindent 8 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} +rules: + - apiGroups: ["node.k8s.aws"] + resources: ["terminators"] + verbs: ["get", "list", "watch"] + + - apiGroups: ["node.k8s.aws"] + resources: ["terminators/status"] + verbs: ["create", "delete", "patch", "get", "list", "watch"] + + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "patch", "update"] + + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list"] + + - apiGroups: [""] + resources: ["pods/eviction"] + verbs: ["create"] + + - apiGroups: ["apps", "extensions"] + resources: ["daemonsets"] + verbs: ["get"] + + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + verbs: ["get", "list", "watch", "update"] + + {{- if .Values.emitKubernetesEvents }} + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] + {{- end }} +{{- end -}} \ No newline at end of file diff --git a/src/charts/aws-node-termination-handler-2/templates/clusterrole_binding.yaml b/src/charts/aws-node-termination-handler-2/templates/clusterrole_binding.yaml new file mode 100644 index 00000000..0cc179f5 --- /dev/null +++ b/src/charts/aws-node-termination-handler-2/templates/clusterrole_binding.yaml @@ -0,0 +1,20 @@ +{{- if .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "aws-node-termination-handler.fullname" . }} + labels: + {{- include "aws-node-termination-handler.labels" . | nindent 8 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "aws-node-termination-handler.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "aws-node-termination-handler.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/src/charts/aws-node-termination-handler-2/templates/deployment.yaml b/src/charts/aws-node-termination-handler-2/templates/deployment.yaml new file mode 100644 index 00000000..01ae0e82 --- /dev/null +++ b/src/charts/aws-node-termination-handler-2/templates/deployment.yaml @@ -0,0 +1,93 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "aws-node-termination-handler.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "aws-node-termination-handler.labels" . | nindent 8 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} +spec: + replicas: {{ .Values.pod.replicas }} + {{- with .Values.pod.updateStrategy }} + strategy: + {{- toYaml . | nindent 8 }} + {{- end }} + selector: + matchLabels: + {{- include "aws-node-termination-handler.selectorLabels" . | nindent 12 }} + template: + metadata: + labels: + {{- include "aws-node-termination-handler.selectorLabels" . | nindent 16 }} + {{- with .Values.pod.labels }} + {{- toYaml . | nindent 16 }} + {{- end }} + {{- with .Values.pod.annotations }} + annotations: + {{- toYaml . | nindent 16 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 16 }} + {{- end }} + serviceAccountName: {{ include "aws-node-termination-handler.serviceAccountName" . }} + {{- with .Values.pod.securityContext }} + securityContext: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- with .Values.pod.priorityClassName }} + priorityClassName: {{ . | quote }} + {{- end }} + {{- with .Values.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ . }} + {{- end }} + {{- if .Values.pod.hostNetwork }} + hostNetwork: true + {{- end }} + {{- with .Values.pod.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 16 }} + {{- end }} + containers: + - name: controller + image: {{ .Values.controller.image }} + imagePullPolicy: {{ .Values.imagePullPolicy }} + {{- with .Values.controller.securityContext }} + securityContext: + {{- toYaml . | nindent 20 }} + {{- end }} + {{- with .Values.controller.env }} + env: + {{- toYaml . | nindent 20 }} + {{- end }} + ports: + - name: http-metrics + containerPort: 8080 + protocol: TCP + - name: http-probes + containerPort: 8081 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: http + readinessProbe: + httpGet: + path: /readyz + port: http + {{- with .Values.controller.resources }} + resources: + {{- toYaml . | nindent 20 }} + {{- end }} \ No newline at end of file diff --git a/src/charts/aws-node-termination-handler-2/templates/role_leaderelection.yaml b/src/charts/aws-node-termination-handler-2/templates/role_leaderelection.yaml new file mode 100644 index 00000000..41be6533 --- /dev/null +++ b/src/charts/aws-node-termination-handler-2/templates/role_leaderelection.yaml @@ -0,0 +1,26 @@ +{{- if .Values.rbac.create -}} +# permissions to do leader election. +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "aws-node-termination-handler.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "aws-node-termination-handler.labels" . | nindent 8 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} +rules: + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create", "delete", "get", "list", "patch", "watch", "update"] + + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["create", "get", "patch", "update", "watch"] + + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch"] +{{- end }} \ No newline at end of file diff --git a/src/charts/aws-node-termination-handler-2/templates/service.yaml b/src/charts/aws-node-termination-handler-2/templates/service.yaml new file mode 100644 index 00000000..04e31b30 --- /dev/null +++ b/src/charts/aws-node-termination-handler-2/templates/service.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "aws-node-termination-handler.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "aws-node-termination-handler.labels" . | nindent 8 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} +spec: + type: ClusterIP + selector: + {{- include "aws-node-termination-handler.selectorLabels" . | nindent 8 }} + ports: + - name: http-metrics + port: 8080 + protocol: TCP + targetPort: http-metrics + - name: http-probes + port: 8081 + protocol: TCP + targetPort: http-probes diff --git a/src/charts/aws-node-termination-handler-2/templates/serviceaccount.yaml b/src/charts/aws-node-termination-handler-2/templates/serviceaccount.yaml new file mode 100644 index 00000000..277d755b --- /dev/null +++ b/src/charts/aws-node-termination-handler-2/templates/serviceaccount.yaml @@ -0,0 +1,18 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "aws-node-termination-handler.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "aws-node-termination-handler.labels" . | nindent 8 }} + {{- if (or .Values.annotations .Values.serviceAccount.annotations "") }} + annotations: + {{- with .Values.annotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.serviceAccount.annotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/src/charts/aws-node-termination-handler-2/values.yaml b/src/charts/aws-node-termination-handler-2/values.yaml new file mode 100644 index 00000000..f73b31f7 --- /dev/null +++ b/src/charts/aws-node-termination-handler-2/values.yaml @@ -0,0 +1,81 @@ +# Override chart name. +nameOverride: "" + +# Override compute chart full name. +fullnameOverride: "" + +# Labels to add to Kubernetes objects created by Helm deployment. +labels: {} + +# Annotations to add to Kubernetes objects created by Helm deployment. +annotations: {} + +pod: + # Number of aws-node-termination-handler controller instance pods. + replicas: 1 + + # Update strategy for pods. + updateStrategy: + type: Recreate + + # Labels to add to pods. + labels: {} + + # Annotations to add to pods. + annotations: {} + + # Security group configuration for pods. + securityContext: + fsGroup: 1000 + + # Priority class for the pods. + priorityClassName: "system-cluster-critical" + + # Bind the pod to the host network. + hostNetwork: false + + # Node labels to match when scheduling pods. + nodeSelector: + kubernetes.io/os: linux + +# Secret for accessing image. +imagePullSecrets: [] + +# Policy on when to pull image. +imagePullPolicy: IfNotPresent + +serviceAccount: + + # Create the service account. May fail if service account already exists. + create: true + + # Name of service account. If empty then a name will be generated. + name: "" + + # Annotations to add to the service account. + annotations: {} + +controller: + # Image to deploy. + image: "public.ecr.aws/aws-node-termination-handler:v2.0.0-0.1" + + # Additional security context configuration for the controller pod. + securityContext: {} + + # Environment variables. + env: [] + # Example: + # - name: AWS_REGION + # . value: eu-west-1 + + # Resources for the controller pod. + resources: + requests: + cpu: 1 + memory: 1Gi + limits: + cpu: 1 + memory: 1Gi + +rbac: + create: true \ No newline at end of file diff --git a/src/config/crd/kustomization.yaml b/src/config/crd/kustomization.yaml deleted file mode 100644 index ff12b8d3..00000000 --- a/src/config/crd/kustomization.yaml +++ /dev/null @@ -1,21 +0,0 @@ -# This kustomization.yaml is not intended to be run by itself, -# since it depends on service name and namespace that are out of this kustomize package. -# It should be run by config/default -resources: -- bases/node.k8s.aws_terminators.yaml -#+kubebuilder:scaffold:crdkustomizeresource - -patchesStrategicMerge: -# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. -# patches here are for enabling the conversion webhook for each CRD -#- patches/webhook_in_terminators.yaml -#+kubebuilder:scaffold:crdkustomizewebhookpatch - -# [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix. -# patches here are for enabling the CA injection for each CRD -#- patches/cainjection_in_terminators.yaml -#+kubebuilder:scaffold:crdkustomizecainjectionpatch - -# the following config is for teaching kustomize how to do kustomization for CRDs. -configurations: -- kustomizeconfig.yaml diff --git a/src/config/crd/kustomizeconfig.yaml b/src/config/crd/kustomizeconfig.yaml deleted file mode 100644 index ec5c150a..00000000 --- a/src/config/crd/kustomizeconfig.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# This file is for teaching kustomize how to substitute name and namespace reference in CRD -nameReference: -- kind: Service - version: v1 - fieldSpecs: - - kind: CustomResourceDefinition - version: v1 - group: apiextensions.k8s.io - path: spec/conversion/webhook/clientConfig/service/name - -namespace: -- kind: CustomResourceDefinition - version: v1 - group: apiextensions.k8s.io - path: spec/conversion/webhook/clientConfig/service/namespace - create: false - -varReference: -- path: metadata/annotations diff --git a/src/config/crd/patches/cainjection_in_terminators.yaml b/src/config/crd/patches/cainjection_in_terminators.yaml deleted file mode 100644 index c70705f5..00000000 --- a/src/config/crd/patches/cainjection_in_terminators.yaml +++ /dev/null @@ -1,7 +0,0 @@ -# The following patch adds a directive for certmanager to inject CA into the CRD -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) - name: terminators.node.k8s.aws diff --git a/src/config/crd/patches/webhook_in_terminators.yaml b/src/config/crd/patches/webhook_in_terminators.yaml deleted file mode 100644 index be27c143..00000000 --- a/src/config/crd/patches/webhook_in_terminators.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# The following patch enables a conversion webhook for the CRD -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: terminators.node.k8s.aws -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - service: - namespace: system - name: webhook-service - path: /convert - conversionReviewVersions: - - v1 diff --git a/src/config/default/kustomization.yaml b/src/config/default/kustomization.yaml deleted file mode 100644 index d7d815c9..00000000 --- a/src/config/default/kustomization.yaml +++ /dev/null @@ -1,74 +0,0 @@ -# Adds namespace to all resources. -namespace: aws-node-termination-handler-system - -# Value of this field is prepended to the -# names of all resources, e.g. a deployment named -# "wordpress" becomes "alices-wordpress". -# Note that it should also match with the prefix (text before '-') of the namespace -# field above. -namePrefix: aws-node-termination-handler- - -# Labels to add to all resources and selectors. -#commonLabels: -# someName: someValue - -bases: -- ../crd -- ../rbac -- ../manager -# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in -# crd/kustomization.yaml -#- ../webhook -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. -#- ../certmanager -# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. -#- ../prometheus - -patchesStrategicMerge: -# Protect the /metrics endpoint by putting it behind auth. -# If you want your controller-manager to expose the /metrics -# endpoint w/o any authn/z, please comment the following line. -- manager_auth_proxy_patch.yaml - -# Mount the controller config file for loading manager configurations -# through a ComponentConfig type -#- manager_config_patch.yaml - -# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in -# crd/kustomization.yaml -#- manager_webhook_patch.yaml - -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. -# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. -# 'CERTMANAGER' needs to be enabled to use ca injection -#- webhookcainjection_patch.yaml - -# the following config is for teaching kustomize how to do var substitution -vars: -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. -#- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR -# objref: -# kind: Certificate -# group: cert-manager.io -# version: v1 -# name: serving-cert # this name should match the one in certificate.yaml -# fieldref: -# fieldpath: metadata.namespace -#- name: CERTIFICATE_NAME -# objref: -# kind: Certificate -# group: cert-manager.io -# version: v1 -# name: serving-cert # this name should match the one in certificate.yaml -#- name: SERVICE_NAMESPACE # namespace of the service -# objref: -# kind: Service -# version: v1 -# name: webhook-service -# fieldref: -# fieldpath: metadata.namespace -#- name: SERVICE_NAME -# objref: -# kind: Service -# version: v1 -# name: webhook-service diff --git a/src/config/default/manager_auth_proxy_patch.yaml b/src/config/default/manager_auth_proxy_patch.yaml deleted file mode 100644 index 45be3188..00000000 --- a/src/config/default/manager_auth_proxy_patch.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# This patch inject a sidecar container which is a HTTP proxy for the -# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller-manager - namespace: system -spec: - template: - spec: - containers: - - name: kube-rbac-proxy - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - args: - - "--secure-listen-address=0.0.0.0:8443" - - "--upstream=http://127.0.0.1:8080/" - - "--logtostderr=true" - - "--v=0" - ports: - - containerPort: 8443 - protocol: TCP - name: https - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 5m - memory: 64Mi - - name: manager - args: - - "--health-probe-bind-address=:8081" - - "--metrics-bind-address=127.0.0.1:8080" - - "--leader-elect" diff --git a/src/config/default/manager_config_patch.yaml b/src/config/default/manager_config_patch.yaml deleted file mode 100644 index 6c400155..00000000 --- a/src/config/default/manager_config_patch.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller-manager - namespace: system -spec: - template: - spec: - containers: - - name: manager - args: - - "--config=controller_manager_config.yaml" - volumeMounts: - - name: manager-config - mountPath: /controller_manager_config.yaml - subPath: controller_manager_config.yaml - volumes: - - name: manager-config - configMap: - name: manager-config diff --git a/src/config/manager/controller_manager_config.yaml b/src/config/manager/controller_manager_config.yaml deleted file mode 100644 index dc6ac089..00000000 --- a/src/config/manager/controller_manager_config.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 -kind: ControllerManagerConfig -health: - healthProbeBindAddress: :8081 -metrics: - bindAddress: 127.0.0.1:8080 -webhook: - port: 9443 -leaderElection: - leaderElect: true - resourceName: 202c66c6.k8s.aws diff --git a/src/config/manager/kustomization.yaml b/src/config/manager/kustomization.yaml deleted file mode 100644 index 2bcd3eea..00000000 --- a/src/config/manager/kustomization.yaml +++ /dev/null @@ -1,10 +0,0 @@ -resources: -- manager.yaml - -generatorOptions: - disableNameSuffixHash: true - -configMapGenerator: -- name: manager-config - files: - - controller_manager_config.yaml diff --git a/src/config/manager/manager.yaml b/src/config/manager/manager.yaml deleted file mode 100644 index cf11cecc..00000000 --- a/src/config/manager/manager.yaml +++ /dev/null @@ -1,60 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - labels: - control-plane: controller-manager - name: system ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller-manager - namespace: system - labels: - control-plane: controller-manager -spec: - selector: - matchLabels: - control-plane: controller-manager - replicas: 1 - template: - metadata: - annotations: - kubectl.kubernetes.io/default-container: manager - labels: - control-plane: controller-manager - spec: - securityContext: - runAsNonRoot: true - containers: - - command: - - /manager - args: - - --leader-elect - image: controller:latest - name: manager - securityContext: - allowPrivilegeEscalation: false - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - # TODO(user): Configure the resources accordingly based on the project requirements. - # More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - serviceAccountName: controller-manager - terminationGracePeriodSeconds: 10 diff --git a/src/config/prometheus/kustomization.yaml b/src/config/prometheus/kustomization.yaml deleted file mode 100644 index ed137168..00000000 --- a/src/config/prometheus/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: -- monitor.yaml diff --git a/src/config/prometheus/monitor.yaml b/src/config/prometheus/monitor.yaml deleted file mode 100644 index d19136ae..00000000 --- a/src/config/prometheus/monitor.yaml +++ /dev/null @@ -1,20 +0,0 @@ - -# Prometheus Monitor Service (Metrics) -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - labels: - control-plane: controller-manager - name: controller-manager-metrics-monitor - namespace: system -spec: - endpoints: - - path: /metrics - port: https - scheme: https - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - tlsConfig: - insecureSkipVerify: true - selector: - matchLabels: - control-plane: controller-manager diff --git a/src/config/rbac/auth_proxy_client_clusterrole.yaml b/src/config/rbac/auth_proxy_client_clusterrole.yaml deleted file mode 100644 index 51a75db4..00000000 --- a/src/config/rbac/auth_proxy_client_clusterrole.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: metrics-reader -rules: -- nonResourceURLs: - - "/metrics" - verbs: - - get diff --git a/src/config/rbac/auth_proxy_role.yaml b/src/config/rbac/auth_proxy_role.yaml deleted file mode 100644 index 80e1857c..00000000 --- a/src/config/rbac/auth_proxy_role.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create diff --git a/src/config/rbac/auth_proxy_role_binding.yaml b/src/config/rbac/auth_proxy_role_binding.yaml deleted file mode 100644 index ec7acc0a..00000000 --- a/src/config/rbac/auth_proxy_role_binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: proxy-role -subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system diff --git a/src/config/rbac/auth_proxy_service.yaml b/src/config/rbac/auth_proxy_service.yaml deleted file mode 100644 index 71f17972..00000000 --- a/src/config/rbac/auth_proxy_service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - control-plane: controller-manager - name: controller-manager-metrics-service - namespace: system -spec: - ports: - - name: https - port: 8443 - protocol: TCP - targetPort: https - selector: - control-plane: controller-manager diff --git a/src/config/rbac/kustomization.yaml b/src/config/rbac/kustomization.yaml deleted file mode 100644 index 731832a6..00000000 --- a/src/config/rbac/kustomization.yaml +++ /dev/null @@ -1,18 +0,0 @@ -resources: -# All RBAC will be applied under this service account in -# the deployment namespace. You may comment out this resource -# if your manager will use a service account that exists at -# runtime. Be sure to update RoleBinding and ClusterRoleBinding -# subjects if changing service account names. -- service_account.yaml -- role.yaml -- role_binding.yaml -- leader_election_role.yaml -- leader_election_role_binding.yaml -# Comment the following 4 lines if you want to disable -# the auth proxy (https://github.com/brancz/kube-rbac-proxy) -# which protects your /metrics endpoint. -- auth_proxy_service.yaml -- auth_proxy_role.yaml -- auth_proxy_role_binding.yaml -- auth_proxy_client_clusterrole.yaml diff --git a/src/config/rbac/leader_election_role.yaml b/src/config/rbac/leader_election_role.yaml deleted file mode 100644 index 4190ec80..00000000 --- a/src/config/rbac/leader_election_role.yaml +++ /dev/null @@ -1,37 +0,0 @@ -# permissions to do leader election. -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: leader-election-role -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch diff --git a/src/config/rbac/leader_election_role_binding.yaml b/src/config/rbac/leader_election_role_binding.yaml deleted file mode 100644 index 1d1321ed..00000000 --- a/src/config/rbac/leader_election_role_binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: leader-election-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: leader-election-role -subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system diff --git a/src/config/rbac/role_binding.yaml b/src/config/rbac/role_binding.yaml deleted file mode 100644 index 2070ede4..00000000 --- a/src/config/rbac/role_binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: manager-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: manager-role -subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system diff --git a/src/config/rbac/service_account.yaml b/src/config/rbac/service_account.yaml deleted file mode 100644 index 7cd6025b..00000000 --- a/src/config/rbac/service_account.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: controller-manager - namespace: system diff --git a/src/config/rbac/terminator_editor_role.yaml b/src/config/rbac/terminator_editor_role.yaml deleted file mode 100644 index af3cf86b..00000000 --- a/src/config/rbac/terminator_editor_role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# permissions for end users to edit terminators. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: terminator-editor-role -rules: -- apiGroups: - - node.k8s.aws - resources: - - terminators - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - node.k8s.aws - resources: - - terminators/status - verbs: - - get diff --git a/src/config/rbac/terminator_viewer_role.yaml b/src/config/rbac/terminator_viewer_role.yaml deleted file mode 100644 index 61da6134..00000000 --- a/src/config/rbac/terminator_viewer_role.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# permissions for end users to view terminators. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: terminator-viewer-role -rules: -- apiGroups: - - node.k8s.aws - resources: - - terminators - verbs: - - get - - list - - watch -- apiGroups: - - node.k8s.aws - resources: - - terminators/status - verbs: - - get diff --git a/src/config/samples/node_v1alpha1_terminator.yaml b/src/config/samples/node_v1alpha1_terminator.yaml deleted file mode 100644 index 15e051b4..00000000 --- a/src/config/samples/node_v1alpha1_terminator.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: node.k8s.aws/v1alpha1 -kind: Terminator -metadata: - name: terminator-sample -spec: - # TODO(user): Add fields here From e0e0628d1a65faf18e1835bcad67a2462edbba86 Mon Sep 17 00:00:00 2001 From: Jerad C Date: Thu, 17 Feb 2022 12:01:10 -0600 Subject: [PATCH 2/6] move tool download to script --- BUILD.md | 2 +- src/Makefile | 46 ++++++++++------------------------- src/scripts/toolchain.sh | 52 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 66 insertions(+), 34 deletions(-) create mode 100755 src/scripts/toolchain.sh diff --git a/BUILD.md b/BUILD.md index 852109bc..c00ee1ef 100644 --- a/BUILD.md +++ b/BUILD.md @@ -9,7 +9,7 @@ git clone --branch v2 https://github.com/aws/aws-node-termination-handler.git Install build tools ```sh -make controller-gen ko envtest +make toolchain ``` Configure image repository location diff --git a/src/Makefile b/src/Makefile index 1039992c..d9867411 100644 --- a/src/Makefile +++ b/src/Makefile @@ -1,3 +1,8 @@ +PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST)))) +CONTROLLER_GEN = $(PROJECT_DIR)/bin/controller-gen +KO = $(PROJECT_DIR)/bin/ko +ENVTEST = $(PROJECT_DIR)/bin/setup-envtest + # Image URL to use all building/pushing image targets IMG ?= controller:latest @@ -34,22 +39,26 @@ SHELL = /usr/bin/env bash -o pipefail help: ## Display this help. @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) +.PHONY: toolchain +toolchain: # Download additional tools. + @./scripts/toolchain.sh -d "$(PROJECT_DIR)/bin" + ##@ Development .PHONY: manifests -manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. +manifests: # Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. $(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases .PHONY: generate -generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. +generate: # Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." .PHONY: fmt -fmt: ## Run go fmt against code. +fmt: # Run go fmt against code. go fmt ./... .PHONY: vet -vet: ## Run go vet against code. +vet: # Run go vet against code. go vet ./... .PHONY: test @@ -74,32 +83,3 @@ apply: # Deploy the controller into the current kubernetes cluster. .PHONY: delete delete: # Delete controller from current kubernetes cluster. helm uninstall dev --namespace nthv2 - -CONTROLLER_GEN = $(shell pwd)/bin/controller-gen -.PHONY: controller-gen -controller-gen: ## Download controller-gen locally if necessary. - $(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.8.0) - -KO = $(shell pwd)/bin/ko -.PHONY: ko -ko: ## Download ko locally if necessary. - $(call go-get-tool,$(KO),github.com/google/ko@v0.9.3) - -ENVTEST = $(shell pwd)/bin/setup-envtest -.PHONY: envtest -envtest: ## Download envtest-setup locally if necessary. - $(call go-get-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest@v0.11.1) - -# go-get-tool will 'go get' any package $2 and install it to $1. -PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST)))) -define go-get-tool -@[ -f $(1) ] || { \ -set -e ;\ -TMP_DIR=$$(mktemp -d) ;\ -cd $$TMP_DIR ;\ -go mod init tmp ;\ -echo "Downloading $(2)" ;\ -GOBIN=$(PROJECT_DIR)/bin go get $(2) ;\ -rm -rf $$TMP_DIR ;\ -} -endef diff --git a/src/scripts/toolchain.sh b/src/scripts/toolchain.sh new file mode 100755 index 00000000..f3b24f4b --- /dev/null +++ b/src/scripts/toolchain.sh @@ -0,0 +1,52 @@ +#!/usr/bin/env bash + +set -euo pipefail + +usage=$(cat << EOM +usage: $(basename "$0") -h | -d PATH + + Download tools to PATH. + + Arguments: + -h Print usage message then exit. + -d PATH Destination directory for downloaded tools. + +EOM +) + +tools=( + "github.com/google/ko@v0.9.3" + "sigs.k8s.io/controller-tools/cmd/controller-gen@v0.8.0" + # setup-envtest version specifiers: + # https://pkg.go.dev/sigs.k8s.io/controller-runtime/tools/setup-envtest/versions?tab=versions + "sigs.k8s.io/controller-runtime/tools/setup-envtest@v0.0.0-20220217150738-f62a0f579d73" +) + +bin_dir="" + +while getopts "d:h" opt; do + case $opt in + d ) bin_dir="$OPTARG" + ;; + * ) echo "$usage" 1>&2 + exit 1 + ;; + esac +done + +if [[ -z "$bin_dir" ]]; then + echo "error: missing destination path" + echo "$usage" 1>&2 + exit 1 +fi + +tmp_dir="$(mktemp -d)" +trap "rm -rf \"$tmp_dir\"" EXIT + +cd "$tmp_dir" +go mod init tmp >/dev/null 2>&1 + +for tool in ${tools[@]}; do + echo "Downloading $tool" + GOBIN="$bin_dir" go install "$tool" +done From 81088e3f3749c03f796b288032b698e482d77cc1 Mon Sep 17 00:00:00 2001 From: Jerad C Date: Tue, 22 Feb 2022 11:20:38 -0600 Subject: [PATCH 3/6] restore # markers --- src/Makefile | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/Makefile b/src/Makefile index d9867411..f4c7db84 100644 --- a/src/Makefile +++ b/src/Makefile @@ -40,25 +40,25 @@ help: ## Display this help. @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) .PHONY: toolchain -toolchain: # Download additional tools. +toolchain: ## Download additional tools. @./scripts/toolchain.sh -d "$(PROJECT_DIR)/bin" ##@ Development .PHONY: manifests -manifests: # Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. +manifests: ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. $(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases .PHONY: generate -generate: # Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. +generate: ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." .PHONY: fmt -fmt: # Run go fmt against code. +fmt: ## Run go fmt against code. go fmt ./... .PHONY: vet -vet: # Run go vet against code. +vet: ## Run go vet against code. go vet ./... .PHONY: test @@ -74,12 +74,12 @@ run: manifests generate fmt vet ## Run a controller from your host. ##@ Deployment .PHONY: apply -apply: # Deploy the controller into the current kubernetes cluster. +apply: ## Deploy the controller into the current kubernetes cluster. helm upgrade --install dev charts/aws-node-termination-handler-2 --namespace nthv2 --create-namespace \ $(HELM_OPTS) \ --set controller.image=$(shell $(KO) publish -B github.com/aws/aws-node-termination-handler) \ --set fullnameOverride=nthv2 .PHONY: delete -delete: # Delete controller from current kubernetes cluster. +delete: ## Delete controller from current kubernetes cluster. helm uninstall dev --namespace nthv2 From 5ce2399bcc7db61967d698e710aae2789c0bbfc5 Mon Sep 17 00:00:00 2001 From: Jerad C Date: Tue, 22 Feb 2022 11:22:28 -0600 Subject: [PATCH 4/6] merge fmt and vet targets into verify --- src/Makefile | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/src/Makefile b/src/Makefile index f4c7db84..c2bd66ee 100644 --- a/src/Makefile +++ b/src/Makefile @@ -53,12 +53,9 @@ manifests: ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefi generate: ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." -.PHONY: fmt -fmt: ## Run go fmt against code. +.PHONY: verify +verify: ## Run go fmt and go vet against code. go fmt ./... - -.PHONY: vet -vet: ## Run go vet against code. go vet ./... .PHONY: test From fde73f4f42bddafef5121d1358c1b3e73b467a15 Mon Sep 17 00:00:00 2001 From: Jerad C Date: Tue, 22 Feb 2022 13:46:26 -0600 Subject: [PATCH 5/6] add kubebuilder setup with setup-envtest --- src/scripts/toolchain.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/scripts/toolchain.sh b/src/scripts/toolchain.sh index f3b24f4b..15659e0e 100755 --- a/src/scripts/toolchain.sh +++ b/src/scripts/toolchain.sh @@ -14,6 +14,9 @@ usage: $(basename "$0") -h | -d PATH EOM ) +k8s_version="${K8S_VERSION:-1.21.x}" +kubebuilder_assets_dir="${KUBEBUILDER_ASSETS:-$HOME/.kubebuilder/bin}" + tools=( "github.com/google/ko@v0.9.3" "sigs.k8s.io/controller-tools/cmd/controller-gen@v0.8.0" @@ -50,3 +53,13 @@ for tool in ${tools[@]}; do echo "Downloading $tool" GOBIN="$bin_dir" go install "$tool" done + +# Kubebuilder does not support darwin/arm64 so use amd64 through Rosetta instead. +arch="$(go env GOARCH)" +if [[ "$(go env GOOS)/$arch" == "darwin/arm64" ]]; then + arch="amd64" +fi + +mkdir -p "$kubebuilder_assets_dir" +ln -sf "$("$bin_dir/setup-envtest" use -p path "$k8s_version" --arch="$arch" --bin-dir="$kubebuilder_assets_dir")"/* "$kubebuilder_assets_dir" +find "$kubebuilder_assets_dir" From 61c47999a019142266df4b913a9a2a6dcfe8a5d2 Mon Sep 17 00:00:00 2001 From: Jerad C Date: Tue, 22 Feb 2022 13:58:23 -0600 Subject: [PATCH 6/6] do not use temp module --- src/scripts/toolchain.sh | 6 ------ 1 file changed, 6 deletions(-) diff --git a/src/scripts/toolchain.sh b/src/scripts/toolchain.sh index 15659e0e..7466439d 100755 --- a/src/scripts/toolchain.sh +++ b/src/scripts/toolchain.sh @@ -43,12 +43,6 @@ if [[ -z "$bin_dir" ]]; then exit 1 fi -tmp_dir="$(mktemp -d)" -trap "rm -rf \"$tmp_dir\"" EXIT - -cd "$tmp_dir" -go mod init tmp >/dev/null 2>&1 - for tool in ${tools[@]}; do echo "Downloading $tool" GOBIN="$bin_dir" go install "$tool"