Skip to content
This repository has been archived by the owner on Oct 20, 2022. It is now read-only.

Commit

Permalink
migrate to operator-sdk v1.3.0 (#53)
Browse files Browse the repository at this point in the history
* migrate to operator-sdk v1.3.0

* add missing files

* fix

* append changelog

* update documentation

* update helm chart

* fix nificlustertask integration

* add custom version for helm chart

* update ci for chart releasing

* fix users for reader group

* update documentation

* append changelog

* append changelog
  • Loading branch information
erdrix authored Jan 6, 2021
1 parent f14da45 commit 08e3fc7
Show file tree
Hide file tree
Showing 225 changed files with 4,618 additions and 8,359 deletions.
56 changes: 5 additions & 51 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,6 @@ experimental:
only:
- master



# Define shareable packages of configuration
# elements used into the worflow (= Orbs)
orbs:
Expand Down Expand Up @@ -57,7 +55,7 @@ orbs:
name: Vendor dependencies
command: if [ ! -d vendor ]; then go mod vendor; fi
- run:
name: Generate k8s
name: Generate
command: |
make generate
[ "$(git ls-files -m | grep -c zz_generated)" -eq 0 ]
Expand All @@ -73,42 +71,6 @@ orbs:
- build/_output
- vendor

# Build job, which build operator docker image (with operator-sdk build)
build-ci:
<<: *params_operator
<<: *job_operator
steps:
- checkout:
path: /home/circleci/nifikop
- setup_remote_docker # Creates a separate environment for each build for security.
- restore_cache: # If exist, restore dependencies libs download cache, from previous pipeline execution.
keys: # Use checksum of go.sum to version cache.
- << parameters.operatorName >>-build-ci-{{ .Branch }}-{{ checksum "go.sum" }}
- attach_workspace: # Attach artifact from workdir
at: /home/circleci
- run:
name: Build Operator
command: make build-ci-image
- persist_to_workspace: # Create artifacts
root: /home/circleci
paths:
- << parameters.operatorDir >>/build/_output
- deploy:
name: Push image to Docker Hub
command: |
if [[ $(echo "$CIRCLE_BRANCH" | grep -c "pull") -gt 0 ]]; then
echo "This is a PR, we don't push to Hub."
else
docker login --username $DOCKERHUB_USER --password $DOCKERHUB_PASSWORD
make push-ci-image
fi
- save_cache:
name: Save build artifacts in cache
key: << parameters.operatorName >>-build-ci-{{ .Branch }}-{{ checksum "go.sum" }}
paths:
- build/_output


# Build job, which build operator docker image (with operator-sdk build)
build-operator:
<<: *params_operator
Expand Down Expand Up @@ -137,7 +99,7 @@ orbs:
echo "This is a PR, we don't push to Hub."
else
docker login --username $DOCKERHUB_USER --password $DOCKERHUB_PASSWORD
make push
make docker-push
fi
- save_cache:
name: Save build artifacts in cache
Expand All @@ -158,15 +120,14 @@ orbs:
# Unit tests steps
- run:
name: Unit Tests
command: make unit-test-with-vendor
command: make test-with-vendor
# Artifacts definitions
- store_artifacts: # Store unit test coverage reports
path: coverage.html
- persist_to_workspace:
root: /home/circleci
paths:
- << parameters.operatorDir >>/coverage.out
- << parameters.operatorDir >>/test-report.out
- << parameters.operatorDir >>/cover.out
# report-sonar:
# description: Detect bugs and vulnerabilities
# parameters:
Expand Down Expand Up @@ -249,7 +210,7 @@ orbs:
if [[ $(echo "$CIRCLE_BRANCH" | grep -c "pull") -gt 0 ]]; then
echo "This is a PR, we don't publish to helm repo."
else
GCP_SA_CREDS=${GCP_POC_RTC_SA_KEY} /home/circleci/nifikop/tools/publish_helm_gcs.sh
CHART_VERSION=$(cat helm/nifikop/Chart.yaml| grep version | awk -F"version: " '{print $2}') GCP_SA_CREDS=${GCP_POC_RTC_SA_KEY} /home/circleci/nifikop/tools/publish_helm_gcs.sh
fi
jobs:
deploy-website:
Expand Down Expand Up @@ -325,13 +286,6 @@ workflows:
- unit-test-nifikop
<<: *everytime_filter

- operator/build-ci:
type: approval
name: build-ci
requires:
- unit-test-nifikop
<<: *website_publish

# - operator/report-sonar:
# name: report-nifikop
# requires:
Expand Down
5 changes: 5 additions & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
# More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
# Ignore all files which are not go type
!**/*.go
!**/*.mod
!**/*.sum
17 changes: 17 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -104,3 +104,20 @@ website/.env.production.local
website/npm-debug.log*
website/yarn-debug.log*
website/yarn-error.log*

bin
testbin/*

# Test binary, build with `go test -c`
*.test

# Output of the go coverage tool, specifically when used with LiteIDE
*.out

# Kubernetes Generated files - skip generated files, except for vendored files

!vendor/**/zz_generated.*

# editor and IDE paraphernalia

*~
12 changes: 11 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,25 @@

### Added

- [PR #53](https://github.com/Orange-OpenSource/nifikop/pull/53) - **[Operator/NifiUser]** Cert-manager integration can now be disabled (it's still required for secured cluster).

### Changed

- [PR #53](https://github.com/Orange-OpenSource/nifikop/pull/53) - **[Operator]** Upgrade operator-sdk from v0.18.0 to v.1.3.0, which upgrade k8s dependencies to 0.19.4 and migrate to Kubebuilder aligned project layout.
- [PR #53](https://github.com/Orange-OpenSource/nifikop/pull/53) - **[CI]** Update steps with new Makefile commands.

### Deprecated

- [PR #53](https://github.com/Orange-OpenSource/nifikop/pull/53) - **[Operator/CRD]** No more support for Kubernetes cluster under version 1.16 (we no longer provide crds in version v1beta1)

### Removed

### Fixed Bugs

- [PR #53](https://github.com/Orange-OpenSource/nifikop/pull/53) - **[Operator]** Upgrade k8s dependencies to match with new version requirement : [#52](https://github.com/Orange-OpenSource/nifikop/issues/52) [#51](https://github.com/Orange-OpenSource/nifikop/issues/51) [#33](https://github.com/Orange-OpenSource/nifikop/issues/33)
- [PR #53](https://github.com/Orange-OpenSource/nifikop/pull/53) - **[Operator]** Fix the users used into Reader user group
- [PR #53](https://github.com/Orange-OpenSource/nifikop/pull/53) - **[Documentation]** Fix the chart version informations : [#51](https://github.com/Orange-OpenSource/nifikop/issues/51)

## v0.4.2-alpha-release

### Fixed Bugs
Expand All @@ -18,7 +29,6 @@

- [PR #41](https://github.com/Orange-OpenSource/nifikop/pull/42) - **[Operator]** Access policies enum type list


### Added

- [PR #41](https://github.com/Orange-OpenSource/nifikop/pull/41) - **[Operator/NifiUser]** Manage NiFi's users into NiFi Cluster
Expand Down
56 changes: 30 additions & 26 deletions build/Dockerfile → Dockerfile
Original file line number Diff line number Diff line change
@@ -1,15 +1,28 @@
FROM golang:1.14 as build

ENV GO111MODULE=on

ADD tools tools
RUN cd tools/health && go build -o ../../health main.go

RUN useradd -u 1001 nifikop
RUN mkdir -p /tmp && chown nifikop /tmp

FROM registry.access.redhat.com/ubi8/ubi-minimal:latest

# Build the manager binary
FROM golang:1.15 as builder

WORKDIR /workspace

# Copy the Go Modules manifests
COPY go.mod go.mod
COPY go.sum go.sum
# cache deps before building and copying source so that we don't need to re-download as much
# and so that source changes don't invalidate our downloaded layer
RUN go mod download

# Copy the go source
COPY main.go main.go
COPY api/ api/
COPY controllers/ controllers/
COPY pkg/ pkg/
COPY version/ version/

# Build
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager main.go

# Use distroless as minimal base image to package the manager binary
# Refer to https://github.com/GoogleContainerTools/distroless for more details
FROM gcr.io/distroless/static:nonroot
LABEL org.opencontainers.image.documentation="https://github.com/Orange-OpenSource/nifikop/blob/master/README.md"
LABEL org.opencontainers.image.authors="Alexandre Guitton <[email protected]>"
LABEL org.opencontainers.image.source="https://github.com/Orange-OpenSource/nifikop"
Expand All @@ -27,19 +40,10 @@ LABEL org.label-schema.docker.cmd.help="N/A"
LABEL org.label-schema.docker.cmd.debug="N/A"
LABEL org.label-schema.docker.params="LOG_LEVEL=define loglevel,RESYNC_PERIOD=period in second to execute resynchronisation,WATCH_NAMESPACE=namespace to watch for nificlusters,OPERATOR_NAME=name of the operator instance pod"

ENV OPERATOR=/usr/local/bin/nifikop \
USER_UID=1001 \
USER_NAME=nifikop

COPY --from=build /tmp /tmp
COPY --from=build /go/health /

# install operator binary
COPY build/_output/bin/nifikop ${OPERATOR}

COPY build/bin /usr/local/bin
RUN /usr/local/bin/user_setup
WORKDIR /
COPY --from=builder /workspace/manager .

ENTRYPOINT ["/usr/local/bin/entrypoint"]
#USER 65532:65532
USER 1001:1001

USER ${USER_UID}
ENTRYPOINT ["/manager"]
Loading

0 comments on commit 08e3fc7

Please sign in to comment.