From 15703028960a0214ca10eb2d65f8b08a0565fa0a Mon Sep 17 00:00:00 2001 From: mprahl Date: Thu, 25 Jan 2024 11:20:06 -0500 Subject: [PATCH] Configure the KinD cluster to expose the compliance events API Signed-off-by: mprahl (cherry picked from commit b9ce393033be2051df27d0dc283fb1dfaaec914e) --- Makefile | 10 +++++++--- build/kind/kind-config.yaml | 2 ++ build/kind/postgres.yaml | 33 +++++++++++++++++++++++++++++++++ deploy/manager/manager.yaml | 16 ++++++++++++++++ deploy/operator.yaml | 16 ++++++++++++++++ main.go | 2 +- 6 files changed, 75 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 0263aa73..e768c178 100644 --- a/Makefile +++ b/Makefile @@ -33,6 +33,7 @@ CONTROLLER_NAMESPACE ?= open-cluster-management # Handle KinD configuration CLUSTER_NAME ?= hub KIND_NAMESPACE ?= $(CONTROLLER_NAMESPACE) +POSTGRES_HOST ?= localhost # Test coverage threshold export COVERAGE_MIN ?= 75 @@ -143,6 +144,7 @@ generate-operator-yaml: kustomize manifests ############################################################ .PHONY: kind-bootstrap-cluster +kind-bootstrap-cluster: POSTGRES_HOST=postgres kind-bootstrap-cluster: kind-bootstrap-cluster-dev webhook kind-deploy-controller install-resources .PHONY: kind-bootstrap-cluster-dev @@ -169,7 +171,7 @@ postgres: cert-manager kubectl -n $(KIND_NAMESPACE) create secret generic governance-policy-database \ --from-literal="user=grc" \ --from-literal="password=grc" \ - --from-literal="host=localhost" \ + --from-literal="host=$(POSTGRES_HOST)" \ --from-literal="dbname=ocm-compliance-history" \ --from-literal="ca=$$(kubectl -n $(KIND_NAMESPACE) get secret postgres-cert -o json | jq -r '.data["ca.crt"]' | base64 -d)" @@ -192,11 +194,13 @@ kind-deploy-controller: manifests .PHONY: kind-deploy-controller-dev kind-deploy-controller-dev: kind-deploy-controller - @echo Pushing image to KinD cluster - kind load docker-image $(REGISTRY)/$(IMG):$(TAG) --name $(KIND_NAME) @echo "Patch deployment image" kubectl patch deployment $(IMG) -n $(KIND_NAMESPACE) -p "{\"spec\":{\"template\":{\"spec\":{\"containers\":[{\"name\":\"$(IMG)\",\"imagePullPolicy\":\"Never\"}]}}}}" kubectl patch deployment $(IMG) -n $(KIND_NAMESPACE) -p "{\"spec\":{\"template\":{\"spec\":{\"containers\":[{\"name\":\"$(IMG)\",\"image\":\"$(REGISTRY)/$(IMG):$(TAG)\"}]}}}}" + + @echo Pushing image to KinD cluster + kind load docker-image $(REGISTRY)/$(IMG):$(TAG) --name $(KIND_NAME) + kubectl rollout restart deployment/$(IMG) -n $(KIND_NAMESPACE) kubectl rollout status -n $(KIND_NAMESPACE) deployment $(IMG) --timeout=180s # Specify KIND_VERSION to indicate the version tag of the KinD image diff --git a/build/kind/kind-config.yaml b/build/kind/kind-config.yaml index d3251d7c..71a62528 100644 --- a/build/kind/kind-config.yaml +++ b/build/kind/kind-config.yaml @@ -6,3 +6,5 @@ nodes: extraPortMappings: - containerPort: 30543 hostPort: 5432 + - containerPort: 30838 + hostPort: 8384 diff --git a/build/kind/postgres.yaml b/build/kind/postgres.yaml index 9dd78516..0a19b59b 100644 --- a/build/kind/postgres.yaml +++ b/build/kind/postgres.yaml @@ -23,6 +23,21 @@ spec: nodePort: 30543 type: NodePort --- +apiVersion: v1 +kind: Service +metadata: + name: postgres + namespace: open-cluster-management + labels: + app: postgres +spec: + selector: + app: postgres + ports: + - name: postgres + port: 5432 + targetPort: 5432 +--- apiVersion: cert-manager.io/v1 kind: Certificate metadata: @@ -32,6 +47,7 @@ spec: dnsNames: - postgres-external.open-cluster-management.svc - postgres-external.open-cluster-management.svc.cluster.local + - postgres - localhost issuerRef: kind: Issuer @@ -100,3 +116,20 @@ spec: - name: postgres-db emptyDir: sizeLimit: 250Mi +--- +apiVersion: v1 +kind: Service +metadata: + name: compliance-api-external + namespace: open-cluster-management + labels: + app: compliance-api +spec: + selector: + name: governance-policy-propagator + ports: + - name: compliance-api-external + port: 8384 + targetPort: 8384 + nodePort: 30838 + type: NodePort diff --git a/deploy/manager/manager.yaml b/deploy/manager/manager.yaml index fb88bf6b..b44342be 100644 --- a/deploy/manager/manager.yaml +++ b/deploy/manager/manager.yaml @@ -29,10 +29,14 @@ spec: - "--health-probe-bind-address=:8081" - "--metrics-bind-address=:8383" - "--leader-elect" + - "--event-history-api-host=0.0.0.0" ports: - containerPort: 8383 protocol: TCP name: http + - containerPort: 8384 + protocol: TCP + name: compliance-api - containerPort: 9443 protocol: TCP name: webhook-http @@ -59,3 +63,15 @@ spec: secret: defaultMode: 420 secretName: propagator-webhook-server-cert +--- +apiVersion: v1 +kind: Service +metadata: + name: governance-compliance-api +spec: + ports: + - port: 8384 + protocol: TCP + targetPort: 8384 + selector: + name: governance-policy-propagator diff --git a/deploy/operator.yaml b/deploy/operator.yaml index 0597f25b..beba4cf6 100644 --- a/deploy/operator.yaml +++ b/deploy/operator.yaml @@ -238,6 +238,18 @@ subjects: name: governance-policy-propagator namespace: open-cluster-management --- +apiVersion: v1 +kind: Service +metadata: + name: governance-compliance-api +spec: + ports: + - port: 8384 + protocol: TCP + targetPort: 8384 + selector: + name: governance-policy-propagator +--- apiVersion: apps/v1 kind: Deployment metadata: @@ -263,6 +275,7 @@ spec: - --health-probe-bind-address=:8081 - --metrics-bind-address=:8383 - --leader-elect + - --event-history-api-host=0.0.0.0 command: - governance-policy-propagator env: @@ -285,6 +298,9 @@ spec: - containerPort: 8383 name: http protocol: TCP + - containerPort: 8384 + name: compliance-api + protocol: TCP - containerPort: 9443 name: webhook-http protocol: TCP diff --git a/main.go b/main.go index a75dbb58..a7989b9a 100644 --- a/main.go +++ b/main.go @@ -158,7 +158,7 @@ func main() { "The hostname that the event history API will listen on", ) pflag.StringVar( - &eventHistoryAPIPort, "event-history-api-port", "5480", + &eventHistoryAPIPort, "event-history-api-port", "8384", "The port that the event history API will listen on", )