Source file src/edge-infra.dev/pkg/k8s/konfigkonnector/install.go

Documentation: edge-infra.dev/pkg/k8s/konfigkonnector

     1  package konfigkonnector
     2  
     3  import (
     4  	"context"
     5  	_ "embed" //nolint let a human embed
     6  	"fmt"
     7  
     8  	corev1 "k8s.io/api/core/v1"
     9  	"k8s.io/apimachinery/pkg/api/errors"
    10  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    11  	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
    12  	"k8s.io/apimachinery/pkg/runtime"
    13  	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
    14  	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
    15  	"sigs.k8s.io/controller-runtime/pkg/client"
    16  
    17  	kccAPI "edge-infra.dev/pkg/k8s/konfigkonnector/apis/configconnector/v1beta1"
    18  	configconnector "edge-infra.dev/third_party/k8s/configconnector"
    19  )
    20  
    21  const (
    22  	ResourceName = "k8s-cfg-connector"
    23  )
    24  
    25  var (
    26  	namespace = "cnrm-system"
    27  )
    28  
    29  // LoadManifests reads the manifests from the embedded byte mapping containing
    30  // vendored KCC installation manifests, and decodes the data into unstructured.Unstructured
    31  // objects that can be applied to the K8s API using controller-runtime's client
    32  func LoadManifests() ([]*unstructured.Unstructured, error) {
    33  	return configconnector.LoadManifests()
    34  }
    35  
    36  // Install applies loaded manifests to K8s.
    37  //
    38  // Deprecated: One-shot install clients should use the generic SSA Install function
    39  // from pkg/k8s/runtime/ssa instead.
    40  func Install(ctx context.Context, c client.Client, manifests []*unstructured.Unstructured) error {
    41  	// apply namespace first
    42  	for _, manifest := range manifests {
    43  		if manifest.GetKind() == "Namespace" {
    44  			if err := c.Create(ctx, manifest); err != nil && !errors.IsAlreadyExists(err) {
    45  				return err
    46  			}
    47  		}
    48  	}
    49  	// apply everything else
    50  	for _, manifest := range manifests {
    51  		if manifest.GetKind() != "Namespace" {
    52  			if err := c.Create(ctx, manifest); err != nil && !errors.IsAlreadyExists(err) {
    53  				return err
    54  			}
    55  		}
    56  	}
    57  
    58  	return nil
    59  }
    60  
    61  // CreateScheme builds the runtime.Scheme with the necessary API types for
    62  // creating a client that can install K8s config connector and configure it
    63  // (using their CRDs)
    64  func CreateScheme() *runtime.Scheme {
    65  	scheme := runtime.NewScheme()
    66  
    67  	utilruntime.Must(clientgoscheme.AddToScheme(scheme))
    68  	utilruntime.Must(kccAPI.AddToScheme(scheme))
    69  
    70  	return scheme
    71  }
    72  
    73  // SetupCNRMSystem sets up the cnrm-system namespace for the K8s config connector
    74  // for non-GKE K8s distros
    75  func SetupCNRMSystem(ctx context.Context, c client.Client, secretName string, key []byte) error {
    76  	err := c.Create(ctx, &corev1.Namespace{
    77  		ObjectMeta: metav1.ObjectMeta{Name: namespace},
    78  	})
    79  	if err != nil && !errors.IsAlreadyExists(err) {
    80  		return fmt.Errorf("konfigkonnector.SetupCNRMSystem: failed to create namespace: %w", err)
    81  	}
    82  
    83  	err = c.Create(ctx, &corev1.Secret{
    84  		ObjectMeta: metav1.ObjectMeta{Name: secretName, Namespace: namespace},
    85  		Data:       map[string][]byte{"key.json": key},
    86  	})
    87  	if err != nil && !errors.IsAlreadyExists(err) {
    88  		return fmt.Errorf("konfigkonnector.SetupCNRMSystem: failed to create secret: %w", err)
    89  	}
    90  
    91  	return nil
    92  }
    93  

View as plain text