github.com/Racer159/jackal@v0.32.7-0.20240401174413-0bd2339e4f2e/src/extensions/bigbang/manifests.go (about) 1 // SPDX-License-Identifier: Apache-2.0 2 // SPDX-FileCopyrightText: 2021-Present The Jackal Authors 3 4 // Package bigbang contains the logic for installing Big Bang and Flux 5 package bigbang 6 7 import ( 8 "fmt" 9 "os" 10 "path/filepath" 11 "strings" 12 13 "github.com/Masterminds/semver/v3" 14 "github.com/Racer159/jackal/src/types/extensions" 15 fluxHelmCtrl "github.com/fluxcd/helm-controller/api/v2beta1" 16 fluxSrcCtrl "github.com/fluxcd/source-controller/api/v1" 17 corev1 "k8s.io/api/core/v1" 18 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 19 ) 20 21 const bbV1JackalCredentialsValues = ` 22 registryCredentials: 23 registry: "###JACKAL_REGISTRY###" 24 username: "jackal-pull" 25 password: "###JACKAL_REGISTRY_AUTH_PULL###" 26 git: 27 existingSecret: "private-git-server" # -- Chart created secrets with user defined values 28 credentials: 29 # -- HTTP git credentials, both username and password must be provided 30 username: "###JACKAL_GIT_PUSH###" 31 password: "###JACKAL_GIT_AUTH_PUSH###" 32 # -- Big Bang v1 Kyverno Support 33 kyvernopolicies: 34 values: 35 exclude: 36 any: 37 - resources: 38 namespaces: 39 - jackal # don't have Kyverno prevent Jackal from doing jackal things 40 ` 41 42 const bbV2JackalCredentialsValues = ` 43 registryCredentials: 44 registry: "###JACKAL_REGISTRY###" 45 username: "jackal-pull" 46 password: "###JACKAL_REGISTRY_AUTH_PULL###" 47 git: 48 existingSecret: "private-git-server" # -- Chart created secrets with user defined values 49 credentials: 50 # -- HTTP git credentials, both username and password must be provided 51 username: "###JACKAL_GIT_PUSH###" 52 password: "###JACKAL_GIT_AUTH_PUSH###" 53 # -- Big Bang v2 Kyverno Support 54 kyvernoPolicies: 55 values: 56 exclude: 57 any: 58 - resources: 59 namespaces: 60 - jackal # don't have Kyverno prevent Jackal from doing jackal things 61 ` 62 63 func manifestJackalCredentials(version string) corev1.Secret { 64 values := bbV1JackalCredentialsValues 65 66 semverVersion, err := semver.NewVersion(version) 67 if err == nil && semverVersion.Major() == 2 { 68 values = bbV2JackalCredentialsValues 69 } 70 71 return corev1.Secret{ 72 TypeMeta: metav1.TypeMeta{ 73 Kind: "Secret", 74 APIVersion: "v1", 75 }, 76 ObjectMeta: metav1.ObjectMeta{ 77 Namespace: bb, 78 Name: "jackal-credentials", 79 }, 80 StringData: map[string]string{ 81 "values.yaml": values, 82 }, 83 } 84 } 85 86 // manifestGitRepo generates a GitRepository object for the Big Bang umbrella repo. 87 func manifestGitRepo(cfg *extensions.BigBang) fluxSrcCtrl.GitRepository { 88 apiVersion := "source.toolkit.fluxcd.io/v1beta2" 89 90 // Set apiVersion to v1 on BB v2.7.0 or higher falling back to v1beta2 as needed 91 semverVersion, _ := semver.NewVersion(cfg.Version) 92 if semverVersion != nil { 93 c, _ := semver.NewConstraint(">= 2.7.0") 94 if c != nil { 95 updateFlux, _ := c.Validate(semverVersion) 96 if updateFlux && !cfg.SkipFlux { 97 apiVersion = "source.toolkit.fluxcd.io/v1" 98 } 99 } 100 } 101 102 return fluxSrcCtrl.GitRepository{ 103 TypeMeta: metav1.TypeMeta{ 104 Kind: fluxSrcCtrl.GitRepositoryKind, 105 APIVersion: apiVersion, 106 }, 107 ObjectMeta: metav1.ObjectMeta{ 108 Name: bb, 109 Namespace: bb, 110 }, 111 Spec: fluxSrcCtrl.GitRepositorySpec{ 112 URL: cfg.Repo, 113 Interval: tenMins, 114 Reference: &fluxSrcCtrl.GitRepositoryRef{ 115 Tag: cfg.Version, 116 }, 117 }, 118 } 119 } 120 121 // manifestValuesFile generates a Secret object for the Big Bang umbrella repo. 122 func manifestValuesFile(idx int, path string) (secret corev1.Secret, err error) { 123 // Read the file from the path. 124 file, err := os.ReadFile(path) 125 if err != nil { 126 return secret, err 127 } 128 129 // Get the base file name for this file. 130 baseName := filepath.Base(path) 131 132 // Define the name as the file name without the extension. 133 baseName = strings.TrimSuffix(baseName, filepath.Ext(baseName)) 134 135 // Add the name prefix. 136 name := fmt.Sprintf("bb-usr-vals-%d-%s", idx, baseName) 137 138 // Create a secret with the file contents. 139 secret = corev1.Secret{ 140 TypeMeta: metav1.TypeMeta{ 141 Kind: "Secret", 142 APIVersion: "v1", 143 }, 144 ObjectMeta: metav1.ObjectMeta{ 145 Namespace: bb, 146 Name: name, 147 }, 148 StringData: map[string]string{ 149 "values.yaml": string(file), 150 }, 151 } 152 153 return secret, nil 154 } 155 156 // manifestHelmRelease generates a HelmRelease object for the Big Bang umbrella repo. 157 func manifestHelmRelease(values []fluxHelmCtrl.ValuesReference) fluxHelmCtrl.HelmRelease { 158 return fluxHelmCtrl.HelmRelease{ 159 TypeMeta: metav1.TypeMeta{ 160 Kind: fluxHelmCtrl.HelmReleaseKind, 161 APIVersion: "helm.toolkit.fluxcd.io/v2beta1", 162 }, 163 ObjectMeta: metav1.ObjectMeta{ 164 Name: bb, 165 Namespace: bb, 166 }, 167 Spec: fluxHelmCtrl.HelmReleaseSpec{ 168 Timeout: &tenMins, 169 Chart: fluxHelmCtrl.HelmChartTemplate{ 170 Spec: fluxHelmCtrl.HelmChartTemplateSpec{ 171 Chart: "./chart", 172 SourceRef: fluxHelmCtrl.CrossNamespaceObjectReference{ 173 Kind: fluxSrcCtrl.GitRepositoryKind, 174 Name: bb, 175 }, 176 }, 177 }, 178 Install: &fluxHelmCtrl.Install{ 179 Remediation: &fluxHelmCtrl.InstallRemediation{ 180 Retries: -1, 181 }, 182 }, 183 Upgrade: &fluxHelmCtrl.Upgrade{ 184 Remediation: &fluxHelmCtrl.UpgradeRemediation{ 185 Retries: 5, 186 }, 187 CleanupOnFail: true, 188 }, 189 Rollback: &fluxHelmCtrl.Rollback{ 190 CleanupOnFail: true, 191 }, 192 ValuesFrom: values, 193 }, 194 } 195 }