Add CAPI operator providers airgap capability (#687)

k0rdent · Dec 3, 2024 · 49fa2d3 · 49fa2d3
1 parent 5ddea6f
commit 49fa2d3
Show file tree

Hide file tree

Showing 31 changed files with 277 additions and 19 deletions.
diff --git a/Makefile b/Makefile
@@ -133,6 +133,7 @@ add-license: addlicense
 
 TEMPLATES_DIR := templates
 PROVIDER_TEMPLATES_DIR := $(TEMPLATES_DIR)/provider
+export PROVIDER_TEMPLATES_DIR
 CHARTS_PACKAGE_DIR ?= $(LOCALBIN)/charts
 EXTENSION_CHARTS_PACKAGE_DIR ?= $(LOCALBIN)/charts/extensions
 $(EXTENSION_CHARTS_PACKAGE_DIR): | $(LOCALBIN)
@@ -147,8 +148,12 @@ $(IMAGES_PACKAGE_DIR): | $(LOCALBIN)
 
 TEMPLATE_FOLDERS = $(patsubst $(TEMPLATES_DIR)/%,%,$(wildcard $(TEMPLATES_DIR)/*))
 
+.PHONY: collect-airgap-providers
+collect-airgap-providers: yq helm clusterctl $(PROVIDER_TEMPLATES_DIR) $(LOCALBIN)
+	$(SHELL) hack/collect-airgap-providers.sh
+
 .PHONY: helm-package
-helm-package: $(CHARTS_PACKAGE_DIR) $(EXTENSION_CHARTS_PACKAGE_DIR) helm
+helm-package: $(CHARTS_PACKAGE_DIR) $(EXTENSION_CHARTS_PACKAGE_DIR) helm collect-airgap-providers
 	@make $(patsubst %,package-%-tmpl,$(TEMPLATE_FOLDERS))
 
 bundle-images: dev-apply $(IMAGES_PACKAGE_DIR) ## Create a tarball with all images used by HMC.
@@ -388,6 +393,7 @@ cli-install: clusterawsadm clusterctl cloud-nuke envsubst yq awscli ## Install t
 
 ## Location to install dependencies to
 LOCALBIN ?= $(shell pwd)/bin
+export LOCALBIN
 $(LOCALBIN):
 	mkdir -p $(LOCALBIN)
 
@@ -419,10 +425,13 @@ CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen-$(CONTROLLER_TOOLS_VERSION)
 ENVTEST ?= $(LOCALBIN)/setup-envtest-$(ENVTEST_VERSION)
 GOLANGCI_LINT = $(LOCALBIN)/golangci-lint-$(GOLANGCI_LINT_VERSION)
 HELM ?= $(LOCALBIN)/helm-$(HELM_VERSION)
+export HELM
 KIND ?= $(LOCALBIN)/kind-$(KIND_VERSION)
 YQ ?= $(LOCALBIN)/yq-$(YQ_VERSION)
+export YQ
 CLUSTERAWSADM ?= $(LOCALBIN)/clusterawsadm
 CLUSTERCTL ?= $(LOCALBIN)/clusterctl
+export CLUSTERCTL
 CLOUDNUKE ?= $(LOCALBIN)/cloud-nuke
 AZURENUKE ?= $(LOCALBIN)/azure-nuke
 ADDLICENSE ?= $(LOCALBIN)/addlicense-$(ADDLICENSE_VERSION)
@@ -440,7 +449,7 @@ YQ_VERSION ?= v4.44.2
 CLOUDNUKE_VERSION = v0.37.1
 AZURENUKE_VERSION = v1.1.0
 CLUSTERAWSADM_VERSION ?= v2.5.2
-CLUSTERCTL_VERSION ?= v1.7.3
+CLUSTERCTL_VERSION ?= v1.8.5
 ADDLICENSE_VERSION ?= v1.1.1
 ENVSUBST_VERSION ?= v1.4.2
 AWSCLI_VERSION ?= 2.17.42
@@ -525,7 +534,8 @@ $(CLUSTERAWSADM): | $(LOCALBIN)
 .PHONY: clusterctl
 clusterctl: $(CLUSTERCTL) ## Download clusterctl locally if necessary.
 $(CLUSTERCTL): | $(LOCALBIN)
-	$(call go-install-tool,$(CLUSTERCTL),sigs.k8s.io/cluster-api/cmd/clusterctl,${CLUSTERCTL_VERSION})
+	curl -fsL https://github.com/kubernetes-sigs/cluster-api/releases/download/$(CLUSTERCTL_VERSION)/clusterctl-$(HOSTOS)-$(HOSTARCH) -o $(CLUSTERCTL)
+	chmod +x $(CLUSTERCTL)
 
 .PHONY: addlicense
 addlicense: $(ADDLICENSE) ## Download addlicense locally if necessary.

diff --git a/hack/collect-airgap-providers.sh b/hack/collect-airgap-providers.sh
@@ -0,0 +1,59 @@
+#!/bin/bash
+# Copyright 2024
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+set -e
+
+#### VARS
+# LOCALBIN - from Makefile
+# PROVIDER_TEMPLATES_DIR - from Makefile
+# HELM - from Makefile
+# YQ - from Makefile
+# CLUSTERCTL - from Makefile
+PROVIDER_LIST_FILE="${LOCALBIN}/providers.yaml"
+REPOSITORIES_FILE="${LOCALBIN}/capi-repositories.yaml"
+DOWNLOAD_LIST_FILE="${LOCALBIN}/download-list"
+
+$CLUSTERCTL config repositories -o yaml > $REPOSITORIES_FILE
+
+for tmpl in $(ls --color=never -1 $PROVIDER_TEMPLATES_DIR | grep -v 'hmc*\|projectsveltos'); do
+    $HELM template ${PROVIDER_TEMPLATES_DIR}/${tmpl} |
+	path="${PROVIDER_TEMPLATES_DIR}/${tmpl}" $YQ 'select(.apiVersion | test("operator.cluster.x-k8s.io.*")) | [{"name": .metadata.name, "version": .spec.version, "kind": .kind, "path": strenv(path)}]';
+done | grep -v '\[\]' > $PROVIDER_LIST_FILE
+
+for pdr in $($YQ '.[] | "\(.name):\(.kind)"' $PROVIDER_LIST_FILE); do
+    # exports are needed for yq
+    export name=${pdr%:*}
+    export kind=${pdr#*:}
+    export version=$($YQ '[.[] | select(.name == strenv(name))] | .[0] | .version' $PROVIDER_LIST_FILE)
+    export path=$($YQ '[.[] | select(.name == strenv(name))] | .[0] | .path' $PROVIDER_LIST_FILE)
+    components_filename="${path}/files/${name}_${kind,,}_components_${version}.yaml"
+    metadata_filename="${path}/files/${name}_metadata_${version}.yaml"
+    components_file=$($YQ '.[] | select(.Name == strenv(name) and .ProviderType == strenv(kind)) | "\(.File)"' $REPOSITORIES_FILE)
+    metadata_file="metadata.yaml"
+    url=$($YQ '.[] | select(.Name == strenv(name) and .ProviderType == strenv(kind)) | "\(.URL)"' $REPOSITORIES_FILE | sed "s~latest~download/$version~")
+    echo "${components_filename},${url}${components_file}"
+    echo "${metadata_filename},${url}${metadata_file}"
+done | sort -u > $DOWNLOAD_LIST_FILE
+
+for fl in $(cat $DOWNLOAD_LIST_FILE); do
+    path=${fl%,*}
+    url=${fl#*,}
+    dir=${path%/*.yaml}
+    if [ -f $path ]; then
+	echo "File $path exists, skipping download"
+	continue
+    fi
+    mkdir -p $dir
+    curl -fsL $url -o $path
+done
diff --git a/templates/provider/cluster-api-provider-aws/Chart.yaml b/templates/provider/cluster-api-provider-aws/Chart.yaml
@@ -13,7 +13,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.0.3
+version: 0.0.4
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.

diff --git a/templates/provider/cluster-api-provider-aws/templates/cm-ag-resources.yaml b/templates/provider/cluster-api-provider-aws/templates/cm-ag-resources.yaml
@@ -0,0 +1,23 @@
+{{ if .Values.airgap }}
+{{ range $path, $_ := .Files.Glob "files/*_components_*.yaml" }}
+{{ $componentName := regexReplaceAll "files/(.*).yaml" $path "${1}" }}
+{{ $componentSplit := regexSplit "_" $componentName -1 }}
+{{ $name := index $componentSplit 0 }}
+{{ $type := index $componentSplit 1 }}
+{{ $version := index $componentSplit 3 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels:
+    provider.cluster.x-k8s.io/name: {{ $name }}
+    provider.cluster.x-k8s.io/type: {{ $type }}
+    provider.cluster.x-k8s.io/version: {{ $version }}
+  name: {{ $name }}-{{ $type }}-{{ $version}}
+data:
+  components: |
+{{ $.Files.Get $path | indent 4 }}
+  metadata: |
+{{ $.Files.Get (regexReplaceAll (printf "%s_components_" $type) $path "metadata_") | indent 4 }}
+{{- end }}
+{{- end }}
diff --git a/templates/provider/cluster-api-provider-aws/templates/provider.yaml b/templates/provider/cluster-api-provider-aws/templates/provider.yaml
@@ -9,6 +9,13 @@ spec:
     name: {{ .Values.configSecret.name }}
     namespace: {{ .Values.configSecret.namespace | default .Release.Namespace | trunc 63 }}
   {{- end }}
+  {{- if .Values.airgap }}
+  fetchConfig:
+    selector:
+      matchLabels:
+        provider.cluster.x-k8s.io/name: aws
+        provider.cluster.x-k8s.io/type: infrastructureprovider
+  {{- end }}
   manager:
     featureGates:
       ExternalResourceGC: true
diff --git a/templates/provider/cluster-api-provider-aws/values.schema.json b/templates/provider/cluster-api-provider-aws/values.schema.json
@@ -16,6 +16,9 @@
         }
       }
     },
+    "airgap": {
+      "type": "boolean"
+    },
     "config": {
       "type": "object",
       "additionalProperties": {

diff --git a/templates/provider/cluster-api-provider-aws/values.yaml b/templates/provider/cluster-api-provider-aws/values.yaml
@@ -3,5 +3,7 @@ configSecret:
   name: "aws-variables"
   namespace: ""
 
+airgap: false
+
 config:
   AWS_B64ENCODED_CREDENTIALS: Cg==
diff --git a/templates/provider/cluster-api-provider-azure/templates/cm-ag-resources.yaml b/templates/provider/cluster-api-provider-azure/templates/cm-ag-resources.yaml
@@ -0,0 +1,23 @@
+{{ if .Values.airgap }}
+{{ range $path, $_ := .Files.Glob "files/*_components_*.yaml" }}
+{{ $componentName := regexReplaceAll "files/(.*).yaml" $path "${1}" }}
+{{ $componentSplit := regexSplit "_" $componentName -1 }}
+{{ $name := index $componentSplit 0 }}
+{{ $type := index $componentSplit 1 }}
+{{ $version := index $componentSplit 3 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels:
+    provider.cluster.x-k8s.io/name: {{ $name }}
+    provider.cluster.x-k8s.io/type: {{ $type }}
+    provider.cluster.x-k8s.io/version: {{ $version }}
+  name: {{ $name }}-{{ $type }}-{{ $version}}
+data:
+  components: |
+{{ $.Files.Get $path | indent 4 }}
+  metadata: |
+{{ $.Files.Get (regexReplaceAll (printf "%s_components_" $type) $path "metadata_") | indent 4 }}
+{{- end }}
+{{- end }}
diff --git a/templates/provider/cluster-api-provider-azure/templates/provider.yaml b/templates/provider/cluster-api-provider-azure/templates/provider.yaml
@@ -9,6 +9,13 @@ spec:
     name: {{ .Values.configSecret.name }}
     namespace: {{ .Values.configSecret.namespace | default .Release.Namespace | trunc 63 }}
   {{- end }}
+  {{- if .Values.airgap }}
+  fetchConfig:
+    selector:
+      matchLabels:
+        provider.cluster.x-k8s.io/name: azure
+        provider.cluster.x-k8s.io/type: infrastructureprovider
+  {{- end }}
   manifestPatches:
     - |
       apiVersion: v1

diff --git a/templates/provider/cluster-api-provider-azure/values.schema.json b/templates/provider/cluster-api-provider-azure/values.schema.json
@@ -16,6 +16,9 @@
         }
       }
     },
+    "airgap": {
+      "type": "boolean"
+    },
     "config": {
       "type": "object",
       "additionalProperties": {

diff --git a/templates/provider/cluster-api-provider-azure/values.yaml b/templates/provider/cluster-api-provider-azure/values.yaml
@@ -3,4 +3,6 @@ configSecret:
   name: ""
   namespace: ""
 
+airgap: false
+
 config: {}
diff --git a/templates/provider/cluster-api-provider-vsphere/Chart.yaml b/templates/provider/cluster-api-provider-vsphere/Chart.yaml
@@ -13,7 +13,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.0.3
+version: 0.0.4
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.

diff --git a/templates/provider/cluster-api-provider-vsphere/templates/cm-ag-resources.yaml b/templates/provider/cluster-api-provider-vsphere/templates/cm-ag-resources.yaml
@@ -0,0 +1,23 @@
+{{ if .Values.airgap }}
+{{ range $path, $_ := .Files.Glob "files/*_components_*.yaml" }}
+{{ $componentName := regexReplaceAll "files/(.*).yaml" $path "${1}" }}
+{{ $componentSplit := regexSplit "_" $componentName -1 }}
+{{ $name := index $componentSplit 0 }}
+{{ $type := index $componentSplit 1 }}
+{{ $version := index $componentSplit 3 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels:
+    provider.cluster.x-k8s.io/name: {{ $name }}
+    provider.cluster.x-k8s.io/type: {{ $type }}
+    provider.cluster.x-k8s.io/version: {{ $version }}
+  name: {{ $name }}-{{ $type }}-{{ $version}}
+data:
+  components: |
+{{ $.Files.Get $path | indent 4 }}
+  metadata: |
+{{ $.Files.Get (regexReplaceAll (printf "%s_components_" $type) $path "metadata_") | indent 4 }}
+{{- end }}
+{{- end }}
diff --git a/templates/provider/cluster-api-provider-vsphere/templates/provider.yaml b/templates/provider/cluster-api-provider-vsphere/templates/provider.yaml
@@ -9,3 +9,10 @@ spec:
     name: {{ .Values.configSecret.name }}
     namespace: {{ .Values.configSecret.namespace | default .Release.Namespace | trunc 63 }}
   {{- end }}
+  {{- if .Values.airgap }}
+  fetchConfig:
+    selector:
+      matchLabels:
+        provider.cluster.x-k8s.io/name: vsphere
+        provider.cluster.x-k8s.io/type: infrastructureprovider
+  {{- end }}
diff --git a/templates/provider/cluster-api-provider-vsphere/values.schema.json b/templates/provider/cluster-api-provider-vsphere/values.schema.json
@@ -16,6 +16,9 @@
         }
       }
     },
+    "airgap": {
+      "type": "boolean"
+    },
     "config": {
       "type": "object",
       "additionalProperties": {

diff --git a/templates/provider/cluster-api-provider-vsphere/values.yaml b/templates/provider/cluster-api-provider-vsphere/values.yaml
@@ -3,6 +3,8 @@ configSecret:
   name: "vsphere-variables"
   namespace: ""
 
+airgap: false
+
 config:
   VSPHERE_USERNAME: ""
   VSPHERE_PASSWORD: ""

diff --git a/templates/provider/cluster-api/Chart.yaml b/templates/provider/cluster-api/Chart.yaml
@@ -13,7 +13,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.0.3
+version: 0.0.4
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.

diff --git a/templates/provider/cluster-api/templates/cm-ag-resources.yaml b/templates/provider/cluster-api/templates/cm-ag-resources.yaml
@@ -0,0 +1,23 @@
+{{ if .Values.airgap }}
+{{ range $path, $_ := .Files.Glob "files/*_components_*.yaml" }}
+{{ $componentName := regexReplaceAll "files/(.*).yaml" $path "${1}" }}
+{{ $componentSplit := regexSplit "_" $componentName -1 }}
+{{ $name := index $componentSplit 0 }}
+{{ $type := index $componentSplit 1 }}
+{{ $version := index $componentSplit 3 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels:
+    provider.cluster.x-k8s.io/name: {{ $name }}
+    provider.cluster.x-k8s.io/type: {{ $type }}
+    provider.cluster.x-k8s.io/version: {{ $version }}
+  name: {{ $name }}-{{ $type }}-{{ $version}}
+data:
+  components: |
+{{ $.Files.Get $path | indent 4 }}
+  metadata: |
+{{ $.Files.Get (regexReplaceAll (printf "%s_components_" $type) $path "metadata_") | indent 4 }}
+{{- end }}
+{{- end }}
diff --git a/templates/provider/cluster-api/templates/provider.yaml b/templates/provider/cluster-api/templates/provider.yaml
@@ -9,3 +9,10 @@ spec:
     name: {{ .Values.configSecret.name }}
     namespace: {{ .Values.configSecret.namespace | default .Release.Namespace | trunc 63 }}
   {{- end }}
+  {{- if .Values.airgap }}
+  fetchConfig:
+    selector:
+      matchLabels:
+        provider.cluster.x-k8s.io/name: cluster-api
+        provider.cluster.x-k8s.io/type: coreprovider
+  {{- end }}
diff --git a/templates/provider/cluster-api/values.schema.json b/templates/provider/cluster-api/values.schema.json
@@ -16,6 +16,9 @@
         }
       }
     },
+    "airgap": {
+      "type": "boolean"
+    },
     "config": {
       "type": "object",
       "additionalProperties": {

diff --git a/templates/provider/cluster-api/values.yaml b/templates/provider/cluster-api/values.yaml
@@ -3,4 +3,6 @@ configSecret:
   name: ""
   namespace: ""
 
+airgap: false
+
 config: {}
diff --git a/templates/provider/hmc-templates/files/release.yaml b/templates/provider/hmc-templates/files/release.yaml
@@ -9,15 +9,15 @@ spec:
   hmc:
     template: hmc-0-0-4
   capi:
-    template: cluster-api-0-0-3
+    template: cluster-api-0-0-4
   providers:
     - name: k0smotron
-      template: k0smotron-0-0-3
+      template: k0smotron-0-0-4
     - name: cluster-api-provider-azure
       template: cluster-api-provider-azure-0-0-4
     - name: cluster-api-provider-vsphere
-      template: cluster-api-provider-vsphere-0-0-3
+      template: cluster-api-provider-vsphere-0-0-4
     - name: cluster-api-provider-aws
-      template: cluster-api-provider-aws-0-0-3
+      template: cluster-api-provider-aws-0-0-4
     - name: projectsveltos
       template: projectsveltos-0-42-0
diff --git a/templates/provider/hmc-templates/files/templates/cluster-api-provider-aws.yaml b/templates/provider/hmc-templates/files/templates/cluster-api-provider-aws.yaml
@@ -1,10 +1,10 @@
 apiVersion: hmc.mirantis.com/v1alpha1
 kind: ProviderTemplate
 metadata:
-  name: cluster-api-provider-aws-0-0-3
+  name: cluster-api-provider-aws-0-0-4
   annotations:
     helm.sh/resource-policy: keep
 spec:
   helm:
     chartName: cluster-api-provider-aws
-    chartVersion: 0.0.3
+    chartVersion: 0.0.4