astefanutti commented on a change in pull request #2284: URL: https://github.com/apache/camel-k/pull/2284#discussion_r709967774
########## File path: install/Makefile ########## @@ -0,0 +1,340 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# +# Allows for resources to be loaded from outside the root location of +# the kustomize config file. Ensures that resource don't need to be +# copied around the file system. +# +# See https://kubectl.docs.kubernetes.io/faq/kustomize +# +KOPTIONS := --load-restrictor LoadRestrictionsNone + +# +# Include the main camel-k Makefile containing +# basic common recipes like kustomize and vars +# like VERSION +# +include script/Makefile + +# +# Vars that can be overridden by external env vars +# +DRY_RUN ?= false +NAMESPACE ?= camel-k + +# Global: [true|false] +# - On setup: will promote roles and bindings to cluster-level +# - On operator: set namespace to all using WATCH_NAMESPACE env var +GLOBAL ?= false +# Always Pull Images: [true|false] +ALWAYS_PULL_IMAGES ?= false +# Monitoring: [true|false] +# - On operator: will add the prometheus resources to install +MONITORING ?= false +# Monitoring Port: integer +MONITORING_PORT ?= 8080 +# Health Port: integer +HEALTH_PORT ?= 8081 + +CONFIG := ../config +RBAC_OS := $(CONFIG)/rbac/openshift +RBAC_GLOBAL := global +OPERATOR := operator +PLACEHOLDER := placeholder +YAML := yaml + +# Setup patches +ROLE_TO_CROLE_PATCH := patch-role-to-clusterrole +ROLEBIN_TO_CROLEBIN_PATCH := patch-rolebinding-to-clusterrolebinding +# Operator patches +PORTS_PATCH := patch-ports +IMAGE_PULL_POLICY_PATCH := patch-image-pull-policy-always +WATCH_NAMESPACE_PATCH := patch-watch-namespace-global +# Platform patches +INT_PLATFORM_PATCH := platform/patch-integration-platform + +# +# Macro for editing kustomization to define +# the image reference +# +# Parameter: directory of the kustomization.yaml +# +define set-kustomize-image + $(if $(filter $(IMAGE_NAME),$(CUSTOM_IMAGE):$(CUSTOM_VERSION)),,\ + @cd $(1) && $(KUSTOMIZE) edit set image $(IMAGE_NAME)=$(CUSTOM_IMAGE):$(CUSTOM_VERSION)) +endef + +# +# Macro for editing kustomization to define +# the namespace +# +# Parameter: directory of the kustomization.yaml +# +define set-kustomize-namespace + @cd $(1) && $(KUSTOMIZE) edit set namespace $(NAMESPACE) +endef + +# +# Add or remove a patch on a kustomization.yaml +# targetting a kind of resource +# +# Parameters: +# * directory of the kustomization.yaml +# * [add, remove] +# * path of patch +# * kind of resources, eg. Deployment, Role +# +define add-remove-kind-patch + @(cd $(1) && \ + $(KUSTOMIZE) edit $(2) patch --path $(3) --kind $(4)) +endef + +# +# Macro for adding / removing the prometheus resources for monitoring +# +define add-remove-operator-monitoring + cd $(1) && \ + $(KUSTOMIZE) edit $(2) resource ../$(CONFIG)/prometheus +endef + +.PHONY: have-platform check_admin setup-cluster .setup-kubernetes .setup-openshift setup + +# +# Determine the platform of the cluster based on +# either the use of querying through a go-client +# or using an installed client, ie. oc or kubectl +# +find-platform: +ifndef PLATFORM +PLATFORM=$(shell script/check_platform.sh) +endif + +# +# Checks if the cluster platform has been defined correctly either by the user +# or by the platform_check script. +# +have-platform: find-platform +ifeq ($(PLATFORM),openshift) + @echo Platform identified as 'openshift' +else ifeq ($(PLATFORM),kubernetes) + @echo Platform identified as 'kubernetes' +else + @echo "****" + @echo "**** ERROR: Cannot continue as cluster platform cannot be identified ****" + @echo "****" + @exit 1 +endif + +# +# Checks if the cluster user has the necessary privileges to be a cluster-admin +# In this case if the user can list the CRDs then probably a cluster-admin +# +check-admin: kubectl + @output=$$(kubectl get crd 2>&1) || (echo "****" && echo "**** ERROR: Cannot continue as user is not a Cluster-Admin ****" && echo "****"; exit 1) + +# +# Setup the cluster installation by installing crds and cluster roles. +# +# Will either call setup-cluster-openshift (then setup-cluster-kubernetes) or +# setup-cluster-kubernetes depending on the identity of the cluster +# +# Cluster-admin privileges are required. +# +# PARAMETERS: +# NAMESPACE: Sets the namespace for the resources +# PLATFORM: Override the discovered platform, if required +# DRY_RUN: true - Prints the resources to be applied instead of applying them +# +setup-cluster: check-admin have-platform kustomize kubectl +# Set the namespace in the setup-cluster kustomization yaml + @$(call set-kustomize-namespace,$@) +ifeq ($(PLATFORM), openshift) + @for res in $(RBAC_OS)/operator-cluster*; do \ + (cd $@ && $(KUSTOMIZE) edit add resource ../$$res); \ + done +endif +# +# Build the resources +# Post-process ClusterRoleBindings to fix the namespace in the refs (not yet handled by kustomize) +# Either apply to the cluster or output to CLI +# +ifeq ($(DRY_RUN), false) + @$(KUSTOMIZE) build $(KOPTIONS) $@ | \ + sed 's/$(PLACEHOLDER)/$(NAMESPACE)/' | \ + kubectl apply -f - +else + @$(KUSTOMIZE) build $(KOPTIONS) $@ | \ + sed 's/$(PLACEHOLDER)/$(NAMESPACE)/' +endif + +# +# Setup the installation by installing roles and granting +# privileges for the installing operator. +# +# Cluster-admin privileges are required. +# +# PARAMETERS: +# NAMESPACE: Sets the namespace for the resources +# GLOBAL: Converts all roles & bindings to cluster-level [true|false] +# PLATFORM: Override the discovered platform, if required +# DRY_RUN: true - Prints the resources to be applied instead of applying them +# +setup: setup-cluster +# Set the namespace in the setup kustomization yaml + @$(call set-kustomize-namespace,$@) +# If GLOBAL then add the conversion patches for all roles and rolebindings +ifeq ($(GLOBAL),true) + @$(call add-remove-kind-patch,setup,add,$(ROLE_TO_CROLE_PATCH).$(YAML),Role) + @$(call add-remove-kind-patch,setup,add,$(ROLEBIN_TO_CROLEBIN_PATCH).$(YAML),RoleBinding) +else + @$(call add-remove-kind-patch,setup,remove,$(ROLE_TO_CROLE_PATCH).$(YAML),Role) + @$(call add-remove-kind-patch,setup,remove,$(ROLEBIN_TO_CROLEBIN_PATCH).$(YAML),RoleBinding) +endif +# +# Build the resources +# Post-process RoleBindings to fix the namespace in the refs (not yet handled by kustomize) +# Either apply to the cluster or output to CLI +# +ifeq ($(DRY_RUN), false) + @$(KUSTOMIZE) build $(KOPTIONS) $@ | \ + sed 's/$(PLACEHOLDER)/$(NAMESPACE)/' | \ + kubectl apply -f - +else + @$(KUSTOMIZE) build $(KOPTIONS) $@ | \ + sed 's/$(PLACEHOLDER)/$(NAMESPACE)/' +endif + +.PHONY: operator .operator-port-patch .operator-can-monitor + +# +# Customizes the port patch +# +.operator-port-patch: + @sed -i 's/--monitoring-port=.*/--monitoring-port=$(MONITORING_PORT)/' $(OPERATOR)/$(PORTS_PATCH).$(YAML) + @sed -i '/path:.*\/containerPort/,/- op/{s/value: .*/value: $(MONITORING_PORT)/}' $(OPERATOR)/$(PORTS_PATCH).$(YAML) + @sed -i 's/--health-port=.*/--health-port=$(HEALTH_PORT)/' $(OPERATOR)/$(PORTS_PATCH).$(YAML) + @sed -i '/path:.*\/httpGet\/port/,/- op/{s/value: .*/value: $(HEALTH_PORT)/}' $(OPERATOR)/$(PORTS_PATCH).$(YAML) + +.operator-can-monitor: kubectl + @output=$$(kubectl get crd prometheusrules.monitoring.coreos.com 2>&1) || (echo "****" && echo "**** ERROR: Montoring not available as Prometheus CRDs not installed in cluster ****" && echo "****"; exit 1) + +# +# Install the operator deployment and related resources +# +# Cluster-admin privileges are required. +# +# PARAMETERS: +# NAMESPACE: Set the namespace to install the operator into +# PLATFORM: Override the discovered platform, if required +# GLOBAL: Sets the operator to watch all namespaces for custom resources [true|false] +# CUSTOM_IMAGE: Set a custom operator image name +# CUSTOM_VERSION: Set a custom operator image version/tag +# ALWAYS_PULL_IMAGES: Sets whether to always pull the operator image [true|false] +# MONITORING: Adds the prometheus monitoring resources +# MONITORING_PORT: Set a custom monitoring port +# HEALTH_PORT: Set a custom health port +# DRY_RUN: Prints the resources to be applied instead of applying them +# +operator: check-admin have-platform kustomize kubectl .operator-port-patch +ifeq ($(MONITORING), true) + @$(MAKE) -s .operator-can-monitor + @$(call add-remove-operator-monitoring,$@,add) +else + @$(call add-remove-operator-monitoring,$@,remove) +endif +# Set the namespace in the setup kustomization yaml + @$(call set-kustomize-namespace,$@) +# Set the image reference of the kustomization + @$(call set-kustomize-image,$@) +# Set the WATCH NAMESPACE env var depending on GLOBAL var +ifeq ($(GLOBAL), true) + @$(call add-remove-kind-patch,$@,add,$(WATCH_NAMESPACE_PATCH).$(YAML),Deployment) +else + @$(call add-remove-kind-patch,$@,remove,$(WATCH_NAMESPACE_PATCH).$(YAML),Deployment) +endif +# Set the ALWAYS_PULL_IMAGES config depending on var +ifeq ($(ALWAYS_PULL_IMAGES),true) + @$(call add-remove-kind-patch,$@,add,$(IMAGE_PULL_POLICY_PATCH).$(YAML),Deployment) +else + @$(call add-remove-kind-patch,$@,remove,$(IMAGE_PULL_POLICY_PATCH).$(YAML),Deployment) +endif +# Set the PORTS depending on vars +ifneq ($(MONITORING_PORT), 8080) + @$(call add-remove-kind-patch,$@,add,$(PORTS_PATCH).$(YAML),Deployment) +else ifneq ($(HEALTH_PORT), 8081) + @$(call add-remove-kind-patch,$@,add,$(PORTS_PATCH).$(YAML),Deployment) +endif +ifeq ($(DRY_RUN), false) + @$(KUSTOMIZE) build $(KOPTIONS) $@ | kubectl apply -f - +else + @$(KUSTOMIZE) build $(KOPTIONS) $@ +endif + +.PHONY: platform .platform-openshift-patch .platform-kubernetes-patch + +# +# Customizes the samples patches for kubernetes +# +.platform-kubernetes-patch: + @sed -i 's/.*profile:.*/ profile: Kubernetes/' $(INT_PLATFORM_PATCH).$(YAML) + +# +# Customizes the samples patches for openshift +# +.platform-openshift-patch: + @sed -i 's/.*profile:.*/ profile: Openshift/' $(INT_PLATFORM_PATCH).$(YAML) + +# +# Install the integration platform +# +# Cluster-admin privileges are required. +# +# PARAMETERS: +# NAMESPACE: Set the namespace to install the operator into +# PLATFORM: Override the discovered platform, if required +# DRY_RUN: Prints the resources to be applied instead of applying them [true,false] +# +platform: have-platform kustomize kubectl +# Cannot be a dependency as PLATFORM could contain 'ERROR: ' + @$(MAKE) .platform-$(PLATFORM)-patch +# Set the namespace in the setup kustomization yaml + @$(call set-kustomize-namespace,$@) +ifeq ($(DRY_RUN), false) + @$(KUSTOMIZE) build $(KOPTIONS) $@ | kubectl apply -f - +else + @$(KUSTOMIZE) build $(KOPTIONS) $@ +endif + +.PHONY: example + +# +# Installs the example integration +# +# Cluster-admin privileges are required. Review comment: Does it really? ########## File path: cmd/util/doc-gen/main.go ########## @@ -31,7 +31,7 @@ func main() { // Custom args. customArgs := &generators.CustomArgs{} pflag.CommandLine.StringVar(&customArgs.DocDir, "doc-dir", "./docs", "Root of the document directory.") - pflag.CommandLine.StringVar(&customArgs.DeployDir, "deploy-dir", "./deploy", "Root of the deploy directory.") + pflag.CommandLine.StringVar(&customArgs.DeployDir, "deploy-dir", "./resources", "Root of the deploy directory.") Review comment: I guess the name and description can be renamed accordingly. ########## File path: config/rbac/kustomization.yaml ########## @@ -15,22 +15,27 @@ # limitations under the License. # --------------------------------------------------------------------------- +# +# rbac resources applicable for all kubernetes platforms +# +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + resources: +- user-global-kamelet-viewer-role.yaml +- user-global-kamelet-viewer-role-binding.yaml Review comment: These are installed by the operator when it starts, as they cannot be added to the CSV, and are only installed in _global_ mode. To be symmetrical, and avoid "double install", I don't think they should be installed with Kustomize and possibly moved into the `resources` directory. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
