Skip to content

Commit

Permalink
Set sync setting in config automatically
Browse files Browse the repository at this point in the history
Signed-off-by: Yi Rae Kim <[email protected]>
  • Loading branch information
yiraeChristineKim committed Sep 29, 2023
1 parent eb4ad5a commit 7227142
Show file tree
Hide file tree
Showing 24 changed files with 870 additions and 239 deletions.
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -19,3 +19,5 @@ testbin/*
!vendor/**/zz_generated.*

ci-tools/

.vscode/*
34 changes: 27 additions & 7 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ IMG ?= $(IMAGE_TAG_BASE):v$(VERSION)
# Produce CRDs that work back to Kubernetes 1.11 (no version conversion)
CRD_OPTIONS ?= "crd:trivialVersions=true,preserveUnknownFields=false"
# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
ENVTEST_K8S_VERSION = 1.21
ENVTEST_K8S_VERSION = 1.28.0

# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
ifeq (,$(shell go env GOBIN))
Expand Down Expand Up @@ -112,7 +112,15 @@ OPM_VERSION ?= v1.27.0
GO_BINDATA_VERSION ?= v3.1.2+incompatible
BATS_VERSION ?= 1.2.1
OLM_VERSION ?= v0.18.2
KUBERNETES_VERSION ?= v1.26.4
KUBERNETES_VERSION ?= v1.28.0

.PHONY: install-crds
install-crds:
## add config and constraintpodstatuses crds
@echo installing external crds
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper/master/config/crd/bases/config.gatekeeper.sh_configs.yaml
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper/master/config/crd/bases/status.gatekeeper.sh_constraintpodstatuses.yaml


.PHONY: manifests
manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
Expand All @@ -135,12 +143,12 @@ tidy: ## Run go mod tidy
GO111MODULE=on GOFLAGS=$(GOFLAGS) go mod tidy

.PHONY: test
test: manifests generate fmt vet envtest ## Run tests.
test: manifests generate fmt vet envtest install-crds ## Run tests.
KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" GOFLAGS=$(GOFLAGS) go test ./... -coverprofile cover.out

.PHONY: test-e2e
test-e2e: generate fmt vet ## Run e2e tests, using the configured Kubernetes cluster in ~/.kube/config
GOFLAGS=$(GOFLAGS) USE_EXISTING_CLUSTER=true go test -v ./test/e2e -coverprofile cover.out -race -args -ginkgo.v -ginkgo.progress -ginkgo.trace -namespace $(NAMESPACE) -timeout 5m -delete-timeout 10m
test-e2e: generate fmt vet install-crds ## Run e2e tests, using the configured Kubernetes cluster in ~/.kube/config
GOFLAGS=$(GOFLAGS) USE_EXISTING_CLUSTER=true go test -v ./test/e2e -coverprofile cover.out -race -args -ginkgo.v -ginkgo.progress -ginkgo.trace -ginkgo.fail-fast -namespace $(NAMESPACE) -timeout 5m -delete-timeout 10m

.PHONY: test-cluster
test-cluster: ## Create a local kind cluster with a registry for testing
Expand All @@ -158,6 +166,17 @@ download-binaries: kustomize go-bindata envtest controller-gen
curl -sSLO https://github.com/bats-core/bats-core/archive/v${BATS_VERSION}.tar.gz && tar -zxvf v${BATS_VERSION}.tar.gz && bash bats-core-${BATS_VERSION}/install.sh $(PWD)/ci-tools
rm -rf bats-core-${BATS_VERSION} v${BATS_VERSION}.tar.gz

DEV_IMG=localhost:5000/gatekeeper-operator:dev
.PHONY: kind-bootstrap-cluster
kind-bootstrap-cluster: test-cluster generate fmt vet install-crds dev-build
kind load docker-image $(DEV_IMG)
$(MAKE) deploy-ci NAMESPACE=$(NAMESPACE) IMG=$(DEV_IMG)
kubectl -n $(NAMESPACE) wait deployment/gatekeeper-operator-controller --for condition=Available --timeout=90s

.PHONY: docker-build
dev-build: export DOCKER_DEFAULT_PLATFORM=linux/amd64
dev-build: ## Build docker image with the manager.
$(DOCKER) build --build-arg GOOS=${GOOS} --build-arg GOARCH=${GOARCH} --build-arg LDFLAGS=${LDFLAGS} -t $(DEV_IMG) .
##@ Build

.PHONY: build
Expand All @@ -169,6 +188,7 @@ run: manifests generate fmt vet ## Run a controller from your host, using the co
GOFLAGS=$(GOFLAGS) GATEKEEPER_TARGET_NAMESPACE=$(NAMESPACE) go run -ldflags $(LDFLAGS) ./main.go

.PHONY: docker-build
docker-build: export DOCKER_DEFAULT_PLATFORM=linux/amd64
docker-build: test ## Build docker image with the manager.
$(DOCKER) build --build-arg GOOS=${GOOS} --build-arg GOARCH=${GOARCH} --build-arg LDFLAGS=${LDFLAGS} -t ${IMG} .

Expand Down Expand Up @@ -220,15 +240,15 @@ release: manifests kustomize
##@ Deployment

.PHONY: install
install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config.
install: manifests kustomize install-crds ## Install CRDs into the K8s cluster specified in ~/.kube/config.
$(KUSTOMIZE) build config/crd | kubectl apply -f -

.PHONY: uninstall
uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config.
$(KUSTOMIZE) build config/crd | kubectl delete -f -

.PHONY: deploy
deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config.
deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config.
cd config/default && $(KUSTOMIZE) edit set namespace $(NAMESPACE)
cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
$(KUSTOMIZE) build config/default | kubectl apply -f -
Expand Down
7 changes: 4 additions & 3 deletions api/v1alpha1/gatekeeper_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -140,12 +140,13 @@ const (
LogLevelError LogLevelMode = "ERROR"
)

// +kubebuilder:validation:Enum:=Enabled;Disabled
// +kubebuilder:validation:Enum:=Enabled;Disabled;Automatic
type AuditFromCacheMode string

const (
AuditFromCacheEnabled AuditFromCacheMode = "Enabled"
AuditFromCacheDisabled AuditFromCacheMode = "Disabled"
AuditFromCacheEnabled AuditFromCacheMode = "Enabled"
AuditFromCacheDisabled AuditFromCacheMode = "Disabled"
AuditFromCacheAutomatic AuditFromCacheMode = "Automatic"
)

// +kubebuilder:validation:Enum:=Enabled;Disabled
Expand Down
6 changes: 6 additions & 0 deletions api/v1alpha1/groupversion_info.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,4 +33,10 @@ var (

// AddToScheme adds the types in this group-version to the given scheme.
AddToScheme = SchemeBuilder.AddToScheme

GatekeeperGVR = schema.GroupVersionResource{
Group: GroupVersion.Group,
Version: GroupVersion.Version,
Resource: "gatekeeper",
}
)
2 changes: 2 additions & 0 deletions bundle/manifests/operator.gatekeeper.sh_gatekeepers.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -867,6 +867,8 @@ spec:
enum:
- Enabled
- Disabled
- Automatic
- automatic
type: string
auditInterval:
type: string
Expand Down
1 change: 1 addition & 0 deletions config/crd/bases/operator.gatekeeper.sh_gatekeepers.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -867,6 +867,7 @@ spec:
enum:
- Enabled
- Disabled
- Automatic
type: string
auditInterval:
type: string
Expand Down
2 changes: 1 addition & 1 deletion config/manager/manager.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ spec:
- --leader-elect
image: controller:latest
name: manager
imagePullPolicy: Always
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
Expand Down
Loading

0 comments on commit 7227142

Please sign in to comment.