sigs.k8s.io/kueue@v0.6.2/hack/update-helm.sh (about) 1 #!/usr/bin/env bash 2 3 # Copyright 2023 The Kubernetes Authors. 4 # 5 # Licensed under the Apache License, Version 2.0 (the "License"); 6 # you may not use this file except in compliance with the License. 7 # You may obtain a copy of the License at 8 # 9 # http://www.apache.org/licenses/LICENSE-2.0 10 # 11 # Unless required by applicable law or agreed to in writing, software 12 # distributed under the License is distributed on an "AS IS" BASIS, 13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 # See the License for the specific language governing permissions and 15 # limitations under the License. 16 17 # Set the source and destination directories 18 SRC_CRD_DIR=config/components/crd/bases 19 SRC_RBAC_DIR=config/components/rbac 20 SRC_WEBHOOK_DIR=config/components/webhook 21 SRC_VISIBILITY_DIR=config/components/visibility 22 23 DEST_CRD_DIR=charts/kueue/templates/crd 24 DEST_RBAC_DIR=charts/kueue/templates/rbac 25 DEST_WEBHOOK_DIR=charts/kueue/templates/webhook 26 DEST_VISIBILITY_DIR=charts/kueue/templates/visibility 27 28 YQ=./bin/yq 29 30 # Create the destination directory if it doesn't exist 31 mkdir -p ${DEST_CRD_DIR} ${DEST_RBAC_DIR} ${DEST_WEBHOOK_DIR} ${DEST_VISIBILITY_DIR} 32 33 # Add more excluded files separated by spaces 34 EXCLUDE_FILES='kustomization.yaml kustomizeconfig.yaml' 35 36 # Copy all YAML files from the source directory to the destination directory 37 cp ${SRC_CRD_DIR}/*.yaml ${DEST_CRD_DIR} 38 find $SRC_RBAC_DIR -name "*.yaml" $(printf "! -name %s " $EXCLUDE_FILES) -exec cp "{}" $DEST_RBAC_DIR \; 39 find $SRC_WEBHOOK_DIR -name "*.yaml" $(printf "! -name %s " $EXCLUDE_FILES) -exec cp "{}" $DEST_WEBHOOK_DIR \; 40 find $SRC_VISIBILITY_DIR -name "*.yaml" $(printf "! -name %s " $EXCLUDE_FILES) -exec cp "{}" $DEST_VISIBILITY_DIR \; 41 $YQ -N -s '.kind' ${DEST_WEBHOOK_DIR}/manifests.yaml 42 rm ${DEST_WEBHOOK_DIR}/manifests.yaml 43 files=("MutatingWebhookConfiguration.yml" "ValidatingWebhookConfiguration.yml") 44 for f in "${files[@]}"; do 45 mv "$f" ${DEST_WEBHOOK_DIR}/ 46 done 47 48 search_cert_line=" annotations:" 49 replace_cert_line=$( 50 cat <<'EOF' 51 {{- if .Values.enableCertManager }} 52 cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "kueue.fullname" . }}-serving-cert 53 {{- end }} 54 EOF 55 ) 56 57 search_webhook_line="spec:" 58 replace_webhook_line=$( 59 cat <<'EOF' 60 conversion: 61 strategy: Webhook 62 webhook: 63 clientConfig: 64 service: 65 name: {{ include "kueue.fullname" . }}-webhook-service 66 namespace: '{{ .Release.Namespace }}' 67 path: /convert 68 conversionReviewVersions: 69 - v1 70 EOF 71 ) 72 73 search_service_line="spec:" 74 replace_service_line=$( 75 cat <<'EOF' 76 type: {{ .Values.webhookService.type }} 77 selector: 78 control-plane: controller-manager 79 {{- include "kueue.selectorLabels" . | nindent 4 }} 80 ports: 81 {{- .Values.webhookService.ports | toYaml | nindent 2 -}} 82 EOF 83 ) 84 85 search_webhook_pod_mutate=" path: /mutate--v1-pod" 86 search_webhook_pod_validate=" path: /validate--v1-pod" 87 search_mutate_webhook_annotations=' name: '\''{{ include "kueue.fullname" . }}-mutating-webhook-configuration'\''' 88 search_validate_webhook_annotations=' name: '\''{{ include "kueue.fullname" . }}-validating-webhook-configuration'\''' 89 add_webhook_line=$( 90 cat <<'EOF' 91 {{- $integrationsConfig := (fromYaml .Values.managerConfig.controllerManagerConfigYaml).integrations }} 92 EOF 93 ) 94 add_annotations_line=$( 95 cat <<'EOF' 96 {{- if .Values.enableCertManager }} 97 annotations: 98 cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "kueue.fullname" . }}-serving-cert 99 {{- end }} 100 namespace: '{{ .Release.Namespace }}' 101 EOF 102 ) 103 add_webhook_pod_mutate=$( 104 cat <<'EOF' 105 {{- if has "pod" $integrationsConfig.frameworks }} 106 failurePolicy: Fail 107 {{- else }} 108 failurePolicy: Ignore 109 {{- end }} 110 name: mpod.kb.io 111 namespaceSelector: 112 {{- if and (hasKey $integrationsConfig "podOptions") (hasKey ($integrationsConfig.podOptions) "namespaceSelector") }} 113 {{- toYaml $integrationsConfig.podOptions.namespaceSelector | nindent 4 -}} 114 {{- else }} 115 matchExpressions: 116 - key: kubernetes.io/metadata.name 117 operator: NotIn 118 values: 119 - kube-system 120 - '{{ .Release.Namespace }}' 121 {{- end }} 122 EOF 123 ) 124 add_webhook_pod_validate=$( 125 cat <<'EOF' 126 {{- if has "pod" $integrationsConfig.frameworks }} 127 failurePolicy: Fail 128 {{- else }} 129 failurePolicy: Ignore 130 {{- end }} 131 name: vpod.kb.io 132 namespaceSelector: 133 {{- if and (hasKey $integrationsConfig "podOptions") (hasKey ($integrationsConfig.podOptions) "namespaceSelector") }} 134 {{- toYaml $integrationsConfig.podOptions.namespaceSelector | nindent 4 -}} 135 {{- else }} 136 matchExpressions: 137 - key: kubernetes.io/metadata.name 138 operator: NotIn 139 values: 140 - kube-system 141 - '{{ .Release.Namespace }}' 142 {{- end }} 143 EOF 144 ) 145 146 # Add certmanager and webhook values in the YAML files 147 for output_file in ${DEST_CRD_DIR}/*.yaml; do 148 input_file="${output_file%.yaml}.yaml.test" 149 mv "$output_file" "$input_file" 150 : >$output_file 151 while IFS= read -r line; do 152 echo "$line" >>"$output_file" 153 if [[ $line == "$search_cert_line" ]]; then 154 echo "$replace_cert_line" >>"$output_file" 155 elif [[ $line == "$search_webhook_line" ]]; then 156 echo "$replace_webhook_line" >>"$output_file" 157 fi 158 done <"$input_file" 159 rm $input_file 160 done 161 162 # Add RBAC files, replace names, namespaces in helm format, remove document separators (---) 163 for output_file in ${DEST_RBAC_DIR}/*.yaml; do 164 if [ "$(cat $output_file | $YQ '.metadata | has("name")')" = "true" ]; then 165 $YQ -N -i '.metadata.name |= "{{ include \"kueue.fullname\" . }}-" + .' $output_file 166 fi 167 if [ "$(cat $output_file | $YQ '.metadata | has("namespace")')" = "true" ]; then 168 $YQ -N -i '.metadata.namespace = "{{ .Release.Namespace }}"' $output_file 169 fi 170 if [ "$(cat $output_file | $YQ '.roleRef | has("name")')" = "true" ]; then 171 $YQ -N -i '.roleRef.name |= "{{ include \"kueue.fullname\" . }}-" + .' $output_file 172 fi 173 if [ "$(cat $output_file | $YQ '.subjects.[] | has("name")')" = "true" ]; then 174 $YQ -N -i '.subjects.[].name |= "{{ include \"kueue.fullname\" . }}-" + .' $output_file 175 fi 176 if [ "$(cat $output_file | $YQ '.subjects.[] | has("namespace")')" = "true" ]; then 177 $YQ -N -i '.subjects.[].namespace = "{{ .Release.Namespace }}"' $output_file 178 fi 179 done 180 181 # Add webhook files, replace names, namespaces in helm format 182 webhook_files=( 183 "${DEST_WEBHOOK_DIR}/MutatingWebhookConfiguration.yml" 184 "${DEST_WEBHOOK_DIR}/ValidatingWebhookConfiguration.yml" 185 "${DEST_WEBHOOK_DIR}/service.yaml" 186 ) 187 for output_file in "${webhook_files[@]}"; do 188 if [ "$(cat $output_file | $YQ '.metadata | has("name")')" = "true" ]; then 189 $YQ -N -i '.metadata.name |= "{{ include \"kueue.fullname\" . }}-" + .' $output_file 190 fi 191 if [ "$(cat $output_file | $YQ '.metadata | has("namespace")')" = "true" ]; then 192 $YQ -N -i '.metadata.namespace = "{{ .Release.Namespace }}"' $output_file 193 fi 194 $YQ -N -i '.webhooks.[].clientConfig.service.name |= "{{ include \"kueue.fullname\" . }}-" + .' $output_file 195 $YQ -N -i '.webhooks.[].clientConfig.service.namespace = "{{ .Release.Namespace }}"' $output_file 196 done 197 198 # Add service values in the YAML files 199 for output_file in ${DEST_WEBHOOK_DIR}/service.yaml; do 200 input_file="${output_file%.yaml}.yaml.test" 201 mv "$output_file" "$input_file" 202 : >$output_file 203 while IFS= read -r line; do 204 echo "$line" >>"$output_file" 205 if [[ $line == "$search_service_line" ]]; then 206 echo "$replace_service_line" >>"$output_file" 207 break 208 fi 209 done <"$input_file" 210 rm $input_file 211 done 212 213 # Add webhook values in the YAML files 214 new_files=("${DEST_WEBHOOK_DIR}/MutatingWebhookConfiguration.yml" "${DEST_WEBHOOK_DIR}/ValidatingWebhookConfiguration.yml") 215 for output_file in "${new_files[@]}"; do 216 input_file="${output_file%.yaml}.yml.test" 217 mv "$output_file" "$input_file" 218 : >$output_file 219 count=0 220 while IFS= read -r line; do 221 if [[ $count -gt 0 ]]; then 222 ((count--)) 223 continue 224 fi 225 echo "$line" >>"$output_file" 226 if [[ $line == "$search_mutate_webhook_annotations" ]]; then 227 echo "$add_annotations_line" >> "$output_file" 228 fi 229 if [[ $line == "$search_validate_webhook_annotations" ]]; then 230 echo "$add_annotations_line" >> "$output_file" 231 fi 232 if [[ $line == "$search_webhook_pod_mutate" ]]; then 233 count=$((count+2)) 234 echo "$add_webhook_pod_mutate" >>"$output_file" 235 fi 236 if [[ $line == "$search_webhook_pod_validate" ]]; then 237 count=$((count+2)) 238 echo "$add_webhook_pod_validate" >>"$output_file" 239 fi 240 done <"$input_file" 241 rm $input_file 242 done 243 echo "$add_webhook_line" > ${DEST_WEBHOOK_DIR}/webhook.yaml 244 { 245 cat ${DEST_WEBHOOK_DIR}/MutatingWebhookConfiguration.yml 246 echo "---" 247 cat ${DEST_WEBHOOK_DIR}/ValidatingWebhookConfiguration.yml 248 } >> ${DEST_WEBHOOK_DIR}/webhook.yaml 249 rm ${DEST_WEBHOOK_DIR}/MutatingWebhookConfiguration.yml ${DEST_WEBHOOK_DIR}/ValidatingWebhookConfiguration.yml 250 251 # Add visibility files, replace names, namespaces in helm format 252 for output_file in ${DEST_VISIBILITY_DIR}/*.yaml; do 253 # The name of the v1alpha1.visibility.kueue.x-k8s.io APIService needs to remain unchanged. 254 if [ "$(cat $output_file | $YQ '.metadata | has("name")')" = "true" ] && 255 [ "$(cat $output_file | $YQ '.metadata.name | (. == "v1alpha1*")')" = "false" ]; then 256 $YQ -N -i '.metadata.name |= "{{ include \"kueue.fullname\" . }}-" + .' $output_file 257 fi 258 # The namespace of the visibility-server-auth-reader rolebinding needs to remain unchanged. 259 if [ "$(cat $output_file | $YQ '.metadata | has("namespace")')" = "true" ] && 260 [ "$(cat $output_file | $YQ '.metadata.namespace | (. == "kube-system")')" = "false" ]; then 261 $YQ -N -i '.metadata.namespace = "{{ .Release.Namespace }}"' $output_file 262 fi 263 if [ "$(cat $output_file | $YQ '.spec.service | has("name")')" = "true" ]; then 264 $YQ -N -i '.spec.service.name |= "{{ include \"kueue.fullname\" . }}-" + .' $output_file 265 fi 266 if [ "$(cat $output_file | $YQ '.spec.service | has("namespace")')" = "true" ]; then 267 $YQ -N -i '.spec.service.namespace = "{{ .Release.Namespace }}"' $output_file 268 fi 269 if [ "$(cat $output_file | $YQ '.subjects.[] | has("namespace")')" = "true" ]; then 270 $YQ -N -i '.subjects.[].namespace = "{{ .Release.Namespace }}"' $output_file 271 fi 272 273 { 274 echo '{{- if include "kueue.isFeatureGateEnabled" (dict "List" .Values.controllerManager.featureGates "Feature" "VisibilityOnDemand") }}' 275 cat $output_file 276 echo "{{- end }}" 277 }> ${output_file}.tmp 278 mv ${output_file}.tmp ${output_file} 279 done