Merge pull request #70 from kanisterio/sync

Location CRDs, go1.10, kubetask fix, test fix

Makefile

@@ -61,7 +61,7 @@ IMAGE_NAME := $(BIN)
 
 IMAGE := $(REGISTRY)/$(IMAGE_NAME)
 
-BUILD_IMAGE ?= kanisterio/build:0.13.1-go1.9
+BUILD_IMAGE ?= kanisterio/build:0.13.1-go1.10
 DOCS_BUILD_IMAGE ?= kanisterio/docker-sphinx
 
 DEFAULT_PATH := /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

build/local_kubernetes.sh

@@ -15,6 +15,7 @@ export MINIKUBE_HOME=$HOME
 export CHANGE_MINIKUBE_NONE_USER=true
 export KUBECONFIG=$HOME/.kube/config
 export KUBE_VERSION=${KUBE_VERSION:-v1.8.0}
+export MINIKUBE_VERSION=${MINIKUBE_VERSION:-v0.25.1}
 declare -a REQUIRED_BINS=( iptables docker sudo jq )
 
 if command -v apt-get
@@ -44,30 +45,28 @@ check_or_get_dependencies() {
 }
 
 start_minikube() {
-
     if ! command -v minikube
     then
         get_minikube
     fi
-
-    minikube start --vm-driver=none --mount --kubernetes-version=${KUBE_VERSION}
+    minikube start --vm-driver=none --mount --kubernetes-version=${KUBE_VERSION} --extra-config=apiserver.GenericServerRunOptions.AuthorizationMode=RBAC
     wait_for_minikube_nodes
     wait_for_pods
 }
 
 stop_minikube() {
- if !  minikube stop
- then
-     systemctl stop localkube
-     docker rm -f $(docker ps -aq --filter name=k8s)
- fi
+    if !  minikube stop
+    then
+        systemctl stop localkube
+        docker rm -f $(docker ps -aq --filter name=k8s)
+    fi
 }
 
 get_minikube() {
     check_or_get_dependencies
     mkdir $HOME/.kube || true
     touch $HOME/.kube/config
-    curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 && chmod +x minikube
+    curl -Lo minikube https://storage.googleapis.com/minikube/releases/${MINIKUBE_VERSION}/minikube-linux-amd64 && chmod +x minikube
     ln -sf $(pwd)/minikube /usr/bin/minikube
 }
 

cmd/controller/main.go

@@ -22,7 +22,6 @@ package main
 
 import (
 	"context"
-	"io/ioutil"
 	"os"
 	"os/signal"
 	"syscall"
@@ -33,12 +32,10 @@ import (
 	"github.com/kanisterio/kanister/pkg/controller"
 	_ "github.com/kanisterio/kanister/pkg/function"
 	"github.com/kanisterio/kanister/pkg/handler"
+	"github.com/kanisterio/kanister/pkg/kube"
 	"github.com/kanisterio/kanister/pkg/resource"
 )
 
-// See https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#accessing-the-api-from-a-pod
-const nsFile = "/var/run/secrets/kubernetes.io/serviceaccount/namespace"
-
 func main() {
 	ctx := context.Background()
 
@@ -64,16 +61,15 @@ func main() {
 	// Make sure the CRD's exist.
 	resource.CreateCustomResources(ctx, config)
 
-	// Get this this controller's namespace.
-	ns, err := ioutil.ReadFile(nsFile)
+	ns, err := kube.GetControllerNamespace()
 	if err != nil {
 		log.Fatalf("Failed to determine this pod's namespace %+v", err)
 	}
 
 	// Create and start the watcher.
 	ctx, cancel := context.WithCancel(ctx)
 	c := controller.New(config)
-	err = c.StartWatch(ctx, string(ns))
+	err = c.StartWatch(ctx, ns)
 	if err != nil {
 		log.Fatalf("Failed to start controller. %+v", err)
 	}

pkg/apis/cr/v1alpha1/register.go

@@ -52,6 +52,16 @@ var BlueprintResource = opkit.CustomResource{
 	Kind:    reflect.TypeOf(Blueprint{}).Name(),
 }
 
+// ProfileResource is a CRD for blueprints.
+var ProfileResource = opkit.CustomResource{
+	Name:    ProfileResourceName,
+	Plural:  ProfileResourceNamePlural,
+	Group:   ResourceGroup,
+	Version: SchemeVersion,
+	Scope:   apiextensionsv1beta1.NamespaceScoped,
+	Kind:    reflect.TypeOf(Profile{}).Name(),
+}
+
 // Kind takes an unqualified kind and returns back a Group qualified GroupKind
 func Kind(kind string) schema.GroupKind {
 	return SchemeGroupVersion.WithKind(kind).GroupKind()
@@ -69,6 +79,8 @@ func addKnownTypes(scheme *runtime.Scheme) error {
 		&ActionSetList{},
 		&Blueprint{},
 		&BlueprintList{},
+		&Profile{},
+		&ProfileList{},
 	)
 	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
 	return nil

pkg/apis/cr/v1alpha1/types.go

@@ -89,6 +89,9 @@ type ActionSpec struct {
 	ConfigMaps map[string]ObjectReference `json:"configMaps"`
 	// Secrets that we'll get and pass into the blueprint.
 	Secrets map[string]ObjectReference `json:"secrets"`
+	// Profile is use to specify the location where store artifacts and the
+	// credentials authorized to  access them.
+	Profile *ObjectReference `json:"profile"`
 }
 
 // ActionSetStatus is the status for the actionset. This should only be updated by the controller.
@@ -213,3 +216,72 @@ type BlueprintList struct {
 	metav1.ListMeta `json:"metadata"`
 	Items           []*Blueprint `json:"items"`
 }
+
+// These names are used to query Profile API objects.
+const (
+	ProfileResourceName       = "profile"
+	ProfileResourceNamePlural = "profiles"
+)
+
+// +genclient
+// +genclient:noStatus
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// Profile
+type Profile struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata"`
+	Location          Location   `json:"location"`
+	Credential        Credential `json:"credential"`
+	SkipSSLVerify     bool       `json:"skipSSLVerify"`
+}
+
+// LocationType
+type LocationType string
+
+const (
+	LocationTypeS3Compliant LocationType = "s3Compliant"
+)
+
+// Location
+type Location struct {
+	Type        LocationType         `json:"type"`
+	S3Compliant *S3CompliantLocation `json:"s3Compliant"`
+}
+
+// S3Compliant
+type S3CompliantLocation struct {
+	Bucket   string `json:"bucket"`
+	Endpoint string `json:"endpoint"`
+	Prefix   string `json:"prefix"`
+	Region   string `json:"region"`
+}
+
+// CredentialType
+type CredentialType string
+
+const (
+	CredentialTypeKeyPair CredentialType = "keyPair"
+)
+
+// Credential
+type Credential struct {
+	Type    CredentialType `json:"type"`
+	KeyPair *KeyPair       `json:"keyPair"`
+}
+
+// KeyPair
+type KeyPair struct {
+	IDField     string          `json:"idField"`
+	SecretField string          `json:"secretField"`
+	Secret      ObjectReference `json:"secret"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// ProfileList is the definition of a list of Profiles
+type ProfileList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata"`
+	Items           []*Profile `json:"items"`
+}