From fe6ca8772814937ccc888058eac62898f978cab3 Mon Sep 17 00:00:00 2001 From: Yi Tao Date: Thu, 25 Jan 2024 18:13:47 +0800 Subject: [PATCH 1/7] define KongLicense CRD --- ...configuration.konghq.com_konglicenses.yaml | 122 +++++++++++ docs/api-reference.md | 73 +++++++ .../v1alpha1/kong_license_types.go | 72 +++++++ .../v1alpha1/zz_generated.deepcopy.go | 131 +++++++++++- .../v1alpha1/configuration_client.go | 5 + .../fake/fake_configuration_client.go | 4 + .../v1alpha1/fake/fake_konglicense.go | 141 +++++++++++++ .../v1alpha1/generated_expansion.go | 2 + .../configuration/v1alpha1/konglicense.go | 195 ++++++++++++++++++ 9 files changed, 743 insertions(+), 2 deletions(-) create mode 100644 config/crd/bases/configuration.konghq.com_konglicenses.yaml create mode 100644 pkg/apis/configuration/v1alpha1/kong_license_types.go create mode 100644 pkg/clientset/typed/configuration/v1alpha1/fake/fake_konglicense.go create mode 100644 pkg/clientset/typed/configuration/v1alpha1/konglicense.go diff --git a/config/crd/bases/configuration.konghq.com_konglicenses.yaml b/config/crd/bases/configuration.konghq.com_konglicenses.yaml new file mode 100644 index 0000000000..e6852195fb --- /dev/null +++ b/config/crd/bases/configuration.konghq.com_konglicenses.yaml @@ -0,0 +1,122 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.14.0 + name: konglicenses.configuration.konghq.com +spec: + group: configuration.konghq.com + names: + categories: + - kong-ingress-controller + kind: KongLicense + listKind: KongLicenseList + plural: konglicenses + shortNames: + - kl + singular: konglicense + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KongLicense stores a Kong enterprise license to apply to managed + Kong gateway instances. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + enabled: + description: Enabled is set to true to let controllers (like KIC) to reconcile + it. + type: boolean + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + rawLicenseString: + description: RawLicenseString is the raw content of the license in string + format. + type: string + status: + description: Status is the status of the KongLicense being processed by + controllers. + properties: + parents: + items: + description: KongLicenseParentStatus is the status of owning KongLicense + being processed in the controller in ControllerRef field. + properties: + configured: + description: Configured is set to true if the controller applied + the content of the license on managed Kong gateway. + type: boolean + controllerRef: + description: |- + ControllerRef is the reference of the "controller" to reconcile this KongLicense. + It is usually the name of (KIC/KGO) pod that reconciles it. + properties: + group: + description: |- + Group is the group of referent. + It should be empty if the referent is in "core" group (like pod.) + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + kind: + description: Kind is the kind of the referent. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + type: string + name: + description: Name is the name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace is the namespace of the referent. + It should be empty if the referent is cluster scoped. + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + required: + - name + type: object + phase: + description: Phase is the phase of the KongLicense being reconciled + on the controller present in ControllerRef. + type: string + reason: + description: Reason is the reason why the KongLicense stays + in this phase. + type: string + required: + - configured + - controllerRef + - phase + - reason + type: object + type: array + type: object + required: + - enabled + - rawLicenseString + type: object + served: true + storage: true + subresources: + status: {} diff --git a/docs/api-reference.md b/docs/api-reference.md index 0a42abc5ca..59eea5141b 100644 --- a/docs/api-reference.md +++ b/docs/api-reference.md @@ -329,6 +329,7 @@ _Appears in:_ Package v1alpha1 contains API Schema definitions for the configuration.konghq.com v1alpha1 API group. - [IngressClassParameters](#ingressclassparameters) +- [KongLicense](#konglicense) - [KongVault](#kongvault) ### IngressClassParameters @@ -349,6 +350,25 @@ IngressClassParameters is the Schema for the IngressClassParameters API. +### KongLicense + + + +KongLicense stores a Kong enterprise license to apply to managed Kong gateway instances. + + + +| Field | Description | +| --- | --- | +| `apiVersion` _string_ | `configuration.konghq.com/v1alpha1` +| `kind` _string_ | `KongLicense` +| `metadata` _[ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#objectmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | +| `rawLicenseString` _string_ | RawLicenseString is the raw content of the license in string format. | +| `enabled` _boolean_ | Enabled is set to true to let controllers (like KIC) to reconcile it. | + + + + ### KongVault @@ -369,6 +389,25 @@ See: https://docs.konghq.com/gateway/latest/kong-enterprise/secrets-management/ +### ControllerReference + + + + + + + +| Field | Description | +| --- | --- | +| `group` _[Group](#group)_ | Group is the group of referent. It should be empty if the referent is in "core" group (like pod.) | +| `kind` _[Kind](#kind)_ | Kind is the kind of the referent. | +| `namespace` _[Namespace](#namespace)_ | Namespace is the namespace of the referent. It should be empty if the referent is cluster scoped. | +| `name` _[ObjectName](#objectname)_ | Name is the name of the referent. | + + +_Appears in:_ +- [KongLicenseParentStatus](#konglicenseparentstatus) + ### IngressClassParametersSpec @@ -386,6 +425,40 @@ See: https://docs.konghq.com/gateway/latest/kong-enterprise/secrets-management/ _Appears in:_ - [IngressClassParameters](#ingressclassparameters) +### KongLicenseParentStatus + + + +KongLicenseParentStatus is the status of owning KongLicense being processed in the controller in ControllerRef field. + + + +| Field | Description | +| --- | --- | +| `controllerRef` _[ControllerReference](#controllerreference)_ | ControllerRef is the reference of the "controller" to reconcile this KongLicense. It is usually the name of (KIC/KGO) pod that reconciles it. | +| `configured` _boolean_ | Configured is set to true if the controller applied the content of the license on managed Kong gateway. | +| `phase` _[KongLicensePhase](#konglicensephase)_ | Phase is the phase of the KongLicense being reconciled on the controller present in ControllerRef. | +| `reason` _string_ | Reason is the reason why the KongLicense stays in this phase. | + + +_Appears in:_ +- [KongLicenseStatus](#konglicensestatus) + +### KongLicensePhase + +_Underlying type:_ `string` + + + + + + + +_Appears in:_ +- [KongLicenseParentStatus](#konglicenseparentstatus) + + + ### KongVaultSpec diff --git a/pkg/apis/configuration/v1alpha1/kong_license_types.go b/pkg/apis/configuration/v1alpha1/kong_license_types.go new file mode 100644 index 0000000000..ba74614d21 --- /dev/null +++ b/pkg/apis/configuration/v1alpha1/kong_license_types.go @@ -0,0 +1,72 @@ +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" +) + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:object:root=true +// +kubebuilder:resource:scope=Namespaced,shortName=kl,categories=kong-ingress-controller,path=konglicenses +// +kubebuilder:storageversion +// +kubebuilder:subresource:status + +// KongLicense stores a Kong enterprise license to apply to managed Kong gateway instances. +type KongLicense struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + // RawLicenseString is the raw content of the license in string format. + RawLicenseString string `json:"rawLicenseString"` + // Enabled is set to true to let controllers (like KIC) to reconcile it. + Enabled bool `json:"enabled"` + // Status is the status of the KongLicense being processed by controllers. + Status KongLicenseStatus `json:"status,omitempty"` +} + +// KongLicenseStatus stores the status of the KongLicense being processesed in each controller that reconciles it. +type KongLicenseStatus struct { + KongLicenseParentStatuses []KongLicenseParentStatus `json:"parents,omitempty"` +} + +// KongLicenseParentStatus is the status of owning KongLicense being processed in the controller in ControllerRef field. +type KongLicenseParentStatus struct { + // ControllerRef is the reference of the "controller" to reconcile this KongLicense. + // It is usually the name of (KIC/KGO) pod that reconciles it. + ControllerRef ControllerReference `json:"controllerRef"` + // Configured is set to true if the controller applied the content of the license on managed Kong gateway. + Configured bool `json:"configured"` + // Phase is the phase of the KongLicense being reconciled on the controller present in ControllerRef. + Phase KongLicensePhase `json:"phase"` + // Reason is the reason why the KongLicense stays in this phase. + Reason string `json:"reason"` + // TODO: add a field to annotate the controller type? +} + +type ControllerReference struct { + // Group is the group of referent. + // It should be empty if the referent is in "core" group (like pod.) + Group *gatewayv1.Group `json:"group,omitempty"` + // Kind is the kind of the referent. + Kind *gatewayv1.Kind `json:"kind,omitempty"` + // Namespace is the namespace of the referent. + // It should be empty if the referent is cluster scoped. + Namespace *gatewayv1.Namespace `json:"namespace,omitempty"` + // Name is the name of the referent. + Name gatewayv1.ObjectName `json:"name"` +} + +type KongLicensePhase string + +// +kubebuilder:object:root=true + +// KongLicenseList contains a list of KongLicense. +type KongLicenseList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []KongLicense `json:"items"` +} + +func init() { + SchemeBuilder.Register(&KongLicense{}, &KongLicenseList{}) +} diff --git a/pkg/apis/configuration/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/configuration/v1alpha1/zz_generated.deepcopy.go index d8e13fefdb..d5f7e7b0b5 100644 --- a/pkg/apis/configuration/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/configuration/v1alpha1/zz_generated.deepcopy.go @@ -21,10 +21,41 @@ limitations under the License. package v1alpha1 import ( - "k8s.io/apimachinery/pkg/apis/meta/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" + "sigs.k8s.io/gateway-api/apis/v1" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ControllerReference) DeepCopyInto(out *ControllerReference) { + *out = *in + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = new(v1.Group) + **out = **in + } + if in.Kind != nil { + in, out := &in.Kind, &out.Kind + *out = new(v1.Kind) + **out = **in + } + if in.Namespace != nil { + in, out := &in.Namespace, &out.Namespace + *out = new(v1.Namespace) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerReference. +func (in *ControllerReference) DeepCopy() *ControllerReference { + if in == nil { + return nil + } + out := new(ControllerReference) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IngressClassParameters) DeepCopyInto(out *IngressClassParameters) { *out = *in @@ -98,6 +129,102 @@ func (in *IngressClassParametersSpec) DeepCopy() *IngressClassParametersSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KongLicense) DeepCopyInto(out *KongLicense) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KongLicense. +func (in *KongLicense) DeepCopy() *KongLicense { + if in == nil { + return nil + } + out := new(KongLicense) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *KongLicense) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KongLicenseList) DeepCopyInto(out *KongLicenseList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]KongLicense, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KongLicenseList. +func (in *KongLicenseList) DeepCopy() *KongLicenseList { + if in == nil { + return nil + } + out := new(KongLicenseList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *KongLicenseList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KongLicenseParentStatus) DeepCopyInto(out *KongLicenseParentStatus) { + *out = *in + in.ControllerRef.DeepCopyInto(&out.ControllerRef) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KongLicenseParentStatus. +func (in *KongLicenseParentStatus) DeepCopy() *KongLicenseParentStatus { + if in == nil { + return nil + } + out := new(KongLicenseParentStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KongLicenseStatus) DeepCopyInto(out *KongLicenseStatus) { + *out = *in + if in.KongLicenseParentStatuses != nil { + in, out := &in.KongLicenseParentStatuses, &out.KongLicenseParentStatuses + *out = make([]KongLicenseParentStatus, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KongLicenseStatus. +func (in *KongLicenseStatus) DeepCopy() *KongLicenseStatus { + if in == nil { + return nil + } + out := new(KongLicenseStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KongVault) DeepCopyInto(out *KongVault) { *out = *in @@ -178,7 +305,7 @@ func (in *KongVaultStatus) DeepCopyInto(out *KongVaultStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) + *out = make([]metav1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/pkg/clientset/typed/configuration/v1alpha1/configuration_client.go b/pkg/clientset/typed/configuration/v1alpha1/configuration_client.go index 7e3314b60d..f2a1aaac98 100644 --- a/pkg/clientset/typed/configuration/v1alpha1/configuration_client.go +++ b/pkg/clientset/typed/configuration/v1alpha1/configuration_client.go @@ -29,6 +29,7 @@ import ( type ConfigurationV1alpha1Interface interface { RESTClient() rest.Interface IngressClassParametersesGetter + KongLicensesGetter KongVaultsGetter } @@ -41,6 +42,10 @@ func (c *ConfigurationV1alpha1Client) IngressClassParameterses(namespace string) return newIngressClassParameterses(c, namespace) } +func (c *ConfigurationV1alpha1Client) KongLicenses(namespace string) KongLicenseInterface { + return newKongLicenses(c, namespace) +} + func (c *ConfigurationV1alpha1Client) KongVaults() KongVaultInterface { return newKongVaults(c) } diff --git a/pkg/clientset/typed/configuration/v1alpha1/fake/fake_configuration_client.go b/pkg/clientset/typed/configuration/v1alpha1/fake/fake_configuration_client.go index eea3e5fb2d..45950739bd 100644 --- a/pkg/clientset/typed/configuration/v1alpha1/fake/fake_configuration_client.go +++ b/pkg/clientset/typed/configuration/v1alpha1/fake/fake_configuration_client.go @@ -32,6 +32,10 @@ func (c *FakeConfigurationV1alpha1) IngressClassParameterses(namespace string) v return &FakeIngressClassParameterses{c, namespace} } +func (c *FakeConfigurationV1alpha1) KongLicenses(namespace string) v1alpha1.KongLicenseInterface { + return &FakeKongLicenses{c, namespace} +} + func (c *FakeConfigurationV1alpha1) KongVaults() v1alpha1.KongVaultInterface { return &FakeKongVaults{c} } diff --git a/pkg/clientset/typed/configuration/v1alpha1/fake/fake_konglicense.go b/pkg/clientset/typed/configuration/v1alpha1/fake/fake_konglicense.go new file mode 100644 index 0000000000..e2250f53cf --- /dev/null +++ b/pkg/clientset/typed/configuration/v1alpha1/fake/fake_konglicense.go @@ -0,0 +1,141 @@ +/* +Copyright 2021 Kong, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "github.com/kong/kubernetes-ingress-controller/v3/pkg/apis/configuration/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeKongLicenses implements KongLicenseInterface +type FakeKongLicenses struct { + Fake *FakeConfigurationV1alpha1 + ns string +} + +var konglicensesResource = v1alpha1.SchemeGroupVersion.WithResource("konglicenses") + +var konglicensesKind = v1alpha1.SchemeGroupVersion.WithKind("KongLicense") + +// Get takes name of the kongLicense, and returns the corresponding kongLicense object, and an error if there is any. +func (c *FakeKongLicenses) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.KongLicense, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(konglicensesResource, c.ns, name), &v1alpha1.KongLicense{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.KongLicense), err +} + +// List takes label and field selectors, and returns the list of KongLicenses that match those selectors. +func (c *FakeKongLicenses) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.KongLicenseList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(konglicensesResource, konglicensesKind, c.ns, opts), &v1alpha1.KongLicenseList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.KongLicenseList{ListMeta: obj.(*v1alpha1.KongLicenseList).ListMeta} + for _, item := range obj.(*v1alpha1.KongLicenseList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested kongLicenses. +func (c *FakeKongLicenses) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(konglicensesResource, c.ns, opts)) + +} + +// Create takes the representation of a kongLicense and creates it. Returns the server's representation of the kongLicense, and an error, if there is any. +func (c *FakeKongLicenses) Create(ctx context.Context, kongLicense *v1alpha1.KongLicense, opts v1.CreateOptions) (result *v1alpha1.KongLicense, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(konglicensesResource, c.ns, kongLicense), &v1alpha1.KongLicense{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.KongLicense), err +} + +// Update takes the representation of a kongLicense and updates it. Returns the server's representation of the kongLicense, and an error, if there is any. +func (c *FakeKongLicenses) Update(ctx context.Context, kongLicense *v1alpha1.KongLicense, opts v1.UpdateOptions) (result *v1alpha1.KongLicense, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(konglicensesResource, c.ns, kongLicense), &v1alpha1.KongLicense{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.KongLicense), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeKongLicenses) UpdateStatus(ctx context.Context, kongLicense *v1alpha1.KongLicense, opts v1.UpdateOptions) (*v1alpha1.KongLicense, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(konglicensesResource, "status", c.ns, kongLicense), &v1alpha1.KongLicense{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.KongLicense), err +} + +// Delete takes name of the kongLicense and deletes it. Returns an error if one occurs. +func (c *FakeKongLicenses) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteActionWithOptions(konglicensesResource, c.ns, name, opts), &v1alpha1.KongLicense{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeKongLicenses) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(konglicensesResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.KongLicenseList{}) + return err +} + +// Patch applies the patch and returns the patched kongLicense. +func (c *FakeKongLicenses) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.KongLicense, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(konglicensesResource, c.ns, name, pt, data, subresources...), &v1alpha1.KongLicense{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.KongLicense), err +} diff --git a/pkg/clientset/typed/configuration/v1alpha1/generated_expansion.go b/pkg/clientset/typed/configuration/v1alpha1/generated_expansion.go index aff707cc29..bab2185b76 100644 --- a/pkg/clientset/typed/configuration/v1alpha1/generated_expansion.go +++ b/pkg/clientset/typed/configuration/v1alpha1/generated_expansion.go @@ -20,4 +20,6 @@ package v1alpha1 type IngressClassParametersExpansion interface{} +type KongLicenseExpansion interface{} + type KongVaultExpansion interface{} diff --git a/pkg/clientset/typed/configuration/v1alpha1/konglicense.go b/pkg/clientset/typed/configuration/v1alpha1/konglicense.go new file mode 100644 index 0000000000..e90cd12a99 --- /dev/null +++ b/pkg/clientset/typed/configuration/v1alpha1/konglicense.go @@ -0,0 +1,195 @@ +/* +Copyright 2021 Kong, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "github.com/kong/kubernetes-ingress-controller/v3/pkg/apis/configuration/v1alpha1" + scheme "github.com/kong/kubernetes-ingress-controller/v3/pkg/clientset/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// KongLicensesGetter has a method to return a KongLicenseInterface. +// A group's client should implement this interface. +type KongLicensesGetter interface { + KongLicenses(namespace string) KongLicenseInterface +} + +// KongLicenseInterface has methods to work with KongLicense resources. +type KongLicenseInterface interface { + Create(ctx context.Context, kongLicense *v1alpha1.KongLicense, opts v1.CreateOptions) (*v1alpha1.KongLicense, error) + Update(ctx context.Context, kongLicense *v1alpha1.KongLicense, opts v1.UpdateOptions) (*v1alpha1.KongLicense, error) + UpdateStatus(ctx context.Context, kongLicense *v1alpha1.KongLicense, opts v1.UpdateOptions) (*v1alpha1.KongLicense, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.KongLicense, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.KongLicenseList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.KongLicense, err error) + KongLicenseExpansion +} + +// kongLicenses implements KongLicenseInterface +type kongLicenses struct { + client rest.Interface + ns string +} + +// newKongLicenses returns a KongLicenses +func newKongLicenses(c *ConfigurationV1alpha1Client, namespace string) *kongLicenses { + return &kongLicenses{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the kongLicense, and returns the corresponding kongLicense object, and an error if there is any. +func (c *kongLicenses) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.KongLicense, err error) { + result = &v1alpha1.KongLicense{} + err = c.client.Get(). + Namespace(c.ns). + Resource("konglicenses"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of KongLicenses that match those selectors. +func (c *kongLicenses) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.KongLicenseList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.KongLicenseList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("konglicenses"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested kongLicenses. +func (c *kongLicenses) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("konglicenses"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a kongLicense and creates it. Returns the server's representation of the kongLicense, and an error, if there is any. +func (c *kongLicenses) Create(ctx context.Context, kongLicense *v1alpha1.KongLicense, opts v1.CreateOptions) (result *v1alpha1.KongLicense, err error) { + result = &v1alpha1.KongLicense{} + err = c.client.Post(). + Namespace(c.ns). + Resource("konglicenses"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(kongLicense). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a kongLicense and updates it. Returns the server's representation of the kongLicense, and an error, if there is any. +func (c *kongLicenses) Update(ctx context.Context, kongLicense *v1alpha1.KongLicense, opts v1.UpdateOptions) (result *v1alpha1.KongLicense, err error) { + result = &v1alpha1.KongLicense{} + err = c.client.Put(). + Namespace(c.ns). + Resource("konglicenses"). + Name(kongLicense.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(kongLicense). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *kongLicenses) UpdateStatus(ctx context.Context, kongLicense *v1alpha1.KongLicense, opts v1.UpdateOptions) (result *v1alpha1.KongLicense, err error) { + result = &v1alpha1.KongLicense{} + err = c.client.Put(). + Namespace(c.ns). + Resource("konglicenses"). + Name(kongLicense.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(kongLicense). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the kongLicense and deletes it. Returns an error if one occurs. +func (c *kongLicenses) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("konglicenses"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *kongLicenses) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("konglicenses"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched kongLicense. +func (c *kongLicenses) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.KongLicense, err error) { + result = &v1alpha1.KongLicense{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("konglicenses"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} From 4a1134ab38e0c3442743cab97d18a566c4bcaaac Mon Sep 17 00:00:00 2001 From: Yi Tao Date: Fri, 26 Jan 2024 11:45:58 +0800 Subject: [PATCH 2/7] update definition of KongLicense CRD --- ...configuration.konghq.com_konglicenses.yaml | 117 ++++++++++++++---- docs/api-reference.md | 71 ++++++++--- .../v1alpha1/kong_license_types.go | 50 +++++--- .../v1alpha1/zz_generated.deepcopy.go | 60 +++++---- 4 files changed, 219 insertions(+), 79 deletions(-) diff --git a/config/crd/bases/configuration.konghq.com_konglicenses.yaml b/config/crd/bases/configuration.konghq.com_konglicenses.yaml index e6852195fb..e089462f6f 100644 --- a/config/crd/bases/configuration.konghq.com_konglicenses.yaml +++ b/config/crd/bases/configuration.konghq.com_konglicenses.yaml @@ -53,64 +53,131 @@ spec: description: Status is the status of the KongLicense being processed by controllers. properties: - parents: + controllers: items: - description: KongLicenseParentStatus is the status of owning KongLicense - being processed in the controller in ControllerRef field. + description: |- + KongLicenseControllerStatus is the status of owning KongLicense being processed + identified by the controllerName field. properties: + conditions: + description: Conditions describe the current conditions of the + KongLicense on the controller. + items: + description: "Condition contains details for one aspect of + the current state of this API Resource.\n---\nThis struct + is intended for direct use as an array at the field path + .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // + +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, + Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + maxItems: 8 + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map configured: description: Configured is set to true if the controller applied the content of the license on managed Kong gateway. type: boolean + controllerName: + description: |- + ControllerName is an identifier of the controller to reconcile this KongLicense. + Should be unique in the list of controller statuses. + type: string controllerRef: description: |- - ControllerRef is the reference of the "controller" to reconcile this KongLicense. + ControllerRef is the reference of the controller to reconcile this KongLicense. It is usually the name of (KIC/KGO) pod that reconciles it. properties: group: description: |- Group is the group of referent. It should be empty if the referent is in "core" group (like pod.) - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ type: string kind: description: Kind is the kind of the referent. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ type: string name: description: Name is the name of the referent. - maxLength: 253 - minLength: 1 type: string namespace: description: |- Namespace is the namespace of the referent. It should be empty if the referent is cluster scoped. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string required: - name type: object - phase: - description: Phase is the phase of the KongLicense being reconciled - on the controller present in ControllerRef. - type: string - reason: - description: Reason is the reason why the KongLicense stays - in this phase. - type: string required: - configured - - controllerRef - - phase - - reason + - controllerName type: object type: array + x-kubernetes-list-map-keys: + - controllerName + x-kubernetes-list-type: map type: object required: - enabled diff --git a/docs/api-reference.md b/docs/api-reference.md index 59eea5141b..71b382b54e 100644 --- a/docs/api-reference.md +++ b/docs/api-reference.md @@ -406,7 +406,21 @@ See: https://docs.konghq.com/gateway/latest/kong-enterprise/secrets-management/ _Appears in:_ -- [KongLicenseParentStatus](#konglicenseparentstatus) +- [KongLicenseControllerStatus](#konglicensecontrollerstatus) + +### Group + +_Underlying type:_ `string` + +Group refers to a Kubernetes Group. It must either be an empty string or a +RFC 1123 subdomain. + + + + + +_Appears in:_ +- [ControllerReference](#controllerreference) ### IngressClassParametersSpec @@ -425,37 +439,40 @@ _Appears in:_ _Appears in:_ - [IngressClassParameters](#ingressclassparameters) -### KongLicenseParentStatus - +### Kind +_Underlying type:_ `string` -KongLicenseParentStatus is the status of owning KongLicense being processed in the controller in ControllerRef field. +Kind refers to a kubernetes kind. -| Field | Description | -| --- | --- | -| `controllerRef` _[ControllerReference](#controllerreference)_ | ControllerRef is the reference of the "controller" to reconcile this KongLicense. It is usually the name of (KIC/KGO) pod that reconciles it. | -| `configured` _boolean_ | Configured is set to true if the controller applied the content of the license on managed Kong gateway. | -| `phase` _[KongLicensePhase](#konglicensephase)_ | Phase is the phase of the KongLicense being reconciled on the controller present in ControllerRef. | -| `reason` _string_ | Reason is the reason why the KongLicense stays in this phase. | _Appears in:_ -- [KongLicenseStatus](#konglicensestatus) +- [ControllerReference](#controllerreference) -### KongLicensePhase +### KongLicenseControllerStatus -_Underlying type:_ `string` +KongLicenseControllerStatus is the status of owning KongLicense being processed +identified by the controllerName field. +| Field | Description | +| --- | --- | +| `controllerName` _string_ | ControllerName is an identifier of the controller to reconcile this KongLicense. Should be unique in the list of controller statuses. | +| `controllerRef` _[ControllerReference](#controllerreference)_ | ControllerRef is the reference of the controller to reconcile this KongLicense. It is usually the name of (KIC/KGO) pod that reconciles it. | +| `configured` _boolean_ | Configured is set to true if the controller applied the content of the license on managed Kong gateway. | +| `conditions` _[Condition](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#condition-v1-meta) array_ | Conditions describe the current conditions of the KongLicense on the controller. | _Appears in:_ -- [KongLicenseParentStatus](#konglicenseparentstatus) +- [KongLicenseStatus](#konglicensestatus) + + @@ -480,6 +497,32 @@ _Appears in:_ +### Namespace + +_Underlying type:_ `string` + +Namespace refers to a Kubernetes namespace. + + + + + +_Appears in:_ +- [ControllerReference](#controllerreference) + +### ObjectName + +_Underlying type:_ `string` + +ObjectName refers to the name of a Kubernetes object. + + + + + +_Appears in:_ +- [ControllerReference](#controllerreference) + ## configuration.konghq.com/v1beta1 diff --git a/pkg/apis/configuration/v1alpha1/kong_license_types.go b/pkg/apis/configuration/v1alpha1/kong_license_types.go index ba74614d21..02867cdf2b 100644 --- a/pkg/apis/configuration/v1alpha1/kong_license_types.go +++ b/pkg/apis/configuration/v1alpha1/kong_license_types.go @@ -2,7 +2,6 @@ package v1alpha1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" ) // +genclient @@ -26,34 +25,55 @@ type KongLicense struct { // KongLicenseStatus stores the status of the KongLicense being processesed in each controller that reconciles it. type KongLicenseStatus struct { - KongLicenseParentStatuses []KongLicenseParentStatus `json:"parents,omitempty"` + // +listType=map + // +listMapKey=controllerName + KongLicenseControllerStatuses []KongLicenseControllerStatus `json:"controllers,omitempty"` } -// KongLicenseParentStatus is the status of owning KongLicense being processed in the controller in ControllerRef field. -type KongLicenseParentStatus struct { - // ControllerRef is the reference of the "controller" to reconcile this KongLicense. +// KongLicenseControllerStatus is the status of owning KongLicense being processed +// identified by the controllerName field. +type KongLicenseControllerStatus struct { + // ControllerName is an identifier of the controller to reconcile this KongLicense. + // Should be unique in the list of controller statuses. + ControllerName string `json:"controllerName"` + // ControllerRef is the reference of the controller to reconcile this KongLicense. // It is usually the name of (KIC/KGO) pod that reconciles it. - ControllerRef ControllerReference `json:"controllerRef"` + ControllerRef *ControllerReference `json:"controllerRef,omitempty"` // Configured is set to true if the controller applied the content of the license on managed Kong gateway. Configured bool `json:"configured"` - // Phase is the phase of the KongLicense being reconciled on the controller present in ControllerRef. - Phase KongLicensePhase `json:"phase"` - // Reason is the reason why the KongLicense stays in this phase. - Reason string `json:"reason"` - // TODO: add a field to annotate the controller type? + // Conditions describe the current conditions of the KongLicense on the controller. + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MaxItems=8 + Conditions []metav1.Condition `json:"conditions,omitempty"` } +// TODO: copy validation notes from the gateway api package to run the same validation? + +// Group refers to a Kubernetes Group. It must either be an empty string or a +// RFC 1123 subdomain. +type Group string + +// Kind refers to a kubernetes kind. +type Kind string + +// Namespace refers to a Kubernetes namespace. +type Namespace string + +// ObjectName refers to the name of a Kubernetes object. +type ObjectName string + type ControllerReference struct { // Group is the group of referent. // It should be empty if the referent is in "core" group (like pod.) - Group *gatewayv1.Group `json:"group,omitempty"` + Group *Group `json:"group,omitempty"` // Kind is the kind of the referent. - Kind *gatewayv1.Kind `json:"kind,omitempty"` + Kind *Kind `json:"kind,omitempty"` // Namespace is the namespace of the referent. // It should be empty if the referent is cluster scoped. - Namespace *gatewayv1.Namespace `json:"namespace,omitempty"` + Namespace *Namespace `json:"namespace,omitempty"` // Name is the name of the referent. - Name gatewayv1.ObjectName `json:"name"` + Name ObjectName `json:"name"` } type KongLicensePhase string diff --git a/pkg/apis/configuration/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/configuration/v1alpha1/zz_generated.deepcopy.go index d5f7e7b0b5..05997c29c8 100644 --- a/pkg/apis/configuration/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/configuration/v1alpha1/zz_generated.deepcopy.go @@ -21,9 +21,8 @@ limitations under the License. package v1alpha1 import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" - "sigs.k8s.io/gateway-api/apis/v1" ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. @@ -31,17 +30,17 @@ func (in *ControllerReference) DeepCopyInto(out *ControllerReference) { *out = *in if in.Group != nil { in, out := &in.Group, &out.Group - *out = new(v1.Group) + *out = new(Group) **out = **in } if in.Kind != nil { in, out := &in.Kind, &out.Kind - *out = new(v1.Kind) + *out = new(Kind) **out = **in } if in.Namespace != nil { in, out := &in.Namespace, &out.Namespace - *out = new(v1.Namespace) + *out = new(Namespace) **out = **in } } @@ -155,6 +154,33 @@ func (in *KongLicense) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KongLicenseControllerStatus) DeepCopyInto(out *KongLicenseControllerStatus) { + *out = *in + if in.ControllerRef != nil { + in, out := &in.ControllerRef, &out.ControllerRef + *out = new(ControllerReference) + (*in).DeepCopyInto(*out) + } + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]v1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KongLicenseControllerStatus. +func (in *KongLicenseControllerStatus) DeepCopy() *KongLicenseControllerStatus { + if in == nil { + return nil + } + out := new(KongLicenseControllerStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KongLicenseList) DeepCopyInto(out *KongLicenseList) { *out = *in @@ -187,28 +213,12 @@ func (in *KongLicenseList) DeepCopyObject() runtime.Object { return nil } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KongLicenseParentStatus) DeepCopyInto(out *KongLicenseParentStatus) { - *out = *in - in.ControllerRef.DeepCopyInto(&out.ControllerRef) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KongLicenseParentStatus. -func (in *KongLicenseParentStatus) DeepCopy() *KongLicenseParentStatus { - if in == nil { - return nil - } - out := new(KongLicenseParentStatus) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KongLicenseStatus) DeepCopyInto(out *KongLicenseStatus) { *out = *in - if in.KongLicenseParentStatuses != nil { - in, out := &in.KongLicenseParentStatuses, &out.KongLicenseParentStatuses - *out = make([]KongLicenseParentStatus, len(*in)) + if in.KongLicenseControllerStatuses != nil { + in, out := &in.KongLicenseControllerStatuses, &out.KongLicenseControllerStatuses + *out = make([]KongLicenseControllerStatus, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -305,7 +315,7 @@ func (in *KongVaultStatus) DeepCopyInto(out *KongVaultStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions - *out = make([]metav1.Condition, len(*in)) + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } From 69664f03352c6a72ce5fbeeb904dba2e25e67d33 Mon Sep 17 00:00:00 2001 From: Yi Tao Date: Fri, 26 Jan 2024 14:42:50 +0800 Subject: [PATCH 3/7] add changelog entry --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 668cbad594..57bb7eb843 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -166,6 +166,9 @@ Adding a new version? You'll need three changes: - Kong Plugin's `config` field now is sanitized when it contains sensitive data sourced from a Secret (i.e. `configFrom` or `configPatches` is used). [#5495](https://github.com/Kong/kubernetes-ingress-controller/pull/5495) +- New CRD `KongLicense` to represent a Kong enterprise license to apply to + managed Kong gateway enterprise instances. + [#5487](https://github.com/Kong/kubernetes-ingress-controller/pull/5487) ### Fixed From c2b13687da98c6c7004f1194f1d32fe325bde2be Mon Sep 17 00:00:00 2001 From: Yi Tao Date: Mon, 29 Jan 2024 11:19:42 +0800 Subject: [PATCH 4/7] update validation rules for controllerRef --- .../configuration.konghq.com_konglicenses.yaml | 16 ++++++++++++++-- docs/api-reference.md | 6 ++++-- .../v1alpha1/kong_license_types.go | 17 ++++++++++++++++- 3 files changed, 34 insertions(+), 5 deletions(-) diff --git a/config/crd/bases/configuration.konghq.com_konglicenses.yaml b/config/crd/bases/configuration.konghq.com_konglicenses.yaml index e089462f6f..7ce186fc5b 100644 --- a/config/crd/bases/configuration.konghq.com_konglicenses.yaml +++ b/config/crd/bases/configuration.konghq.com_konglicenses.yaml @@ -32,8 +32,10 @@ spec: More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string enabled: - description: Enabled is set to true to let controllers (like KIC) to reconcile - it. + default: true + description: |- + Enabled is set to true to let controllers (like KIC) to reconcile it. + Default value is true to apply the license by default. type: boolean kind: description: |- @@ -155,17 +157,27 @@ spec: description: |- Group is the group of referent. It should be empty if the referent is in "core" group (like pod.) + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ type: string kind: description: Kind is the kind of the referent. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ type: string name: description: Name is the name of the referent. + maxLength: 253 + minLength: 1 type: string namespace: description: |- Namespace is the namespace of the referent. It should be empty if the referent is cluster scoped. + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string required: - name diff --git a/docs/api-reference.md b/docs/api-reference.md index 71b382b54e..058c1b032b 100644 --- a/docs/api-reference.md +++ b/docs/api-reference.md @@ -364,7 +364,7 @@ KongLicense stores a Kong enterprise license to apply to managed Kong gateway in | `kind` _string_ | `KongLicense` | `metadata` _[ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#objectmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | `rawLicenseString` _string_ | RawLicenseString is the raw content of the license in string format. | -| `enabled` _boolean_ | Enabled is set to true to let controllers (like KIC) to reconcile it. | +| `enabled` _boolean_ | Enabled is set to true to let controllers (like KIC) to reconcile it. Default value is true to apply the license by default. | @@ -501,7 +501,7 @@ _Appears in:_ _Underlying type:_ `string` -Namespace refers to a Kubernetes namespace. +Namespace refers to a Kubernetes namespace. It must be a RFC 1123 label. @@ -515,6 +515,8 @@ _Appears in:_ _Underlying type:_ `string` ObjectName refers to the name of a Kubernetes object. +Object names can have a variety of forms, including RFC1123 subdomains, +RFC 1123 labels, or RFC 1035 labels. diff --git a/pkg/apis/configuration/v1alpha1/kong_license_types.go b/pkg/apis/configuration/v1alpha1/kong_license_types.go index 02867cdf2b..db11575cf9 100644 --- a/pkg/apis/configuration/v1alpha1/kong_license_types.go +++ b/pkg/apis/configuration/v1alpha1/kong_license_types.go @@ -18,6 +18,8 @@ type KongLicense struct { // RawLicenseString is the raw content of the license in string format. RawLicenseString string `json:"rawLicenseString"` // Enabled is set to true to let controllers (like KIC) to reconcile it. + // Default value is true to apply the license by default. + // +kubebuilder:default=true Enabled bool `json:"enabled"` // Status is the status of the KongLicense being processed by controllers. Status KongLicenseStatus `json:"status,omitempty"` @@ -52,15 +54,28 @@ type KongLicenseControllerStatus struct { // Group refers to a Kubernetes Group. It must either be an empty string or a // RFC 1123 subdomain. +// +kubebuilder:validation:MaxLength=253 +// +kubebuilder:validation:Pattern=`^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$` type Group string // Kind refers to a kubernetes kind. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=63 +// +kubebuilder:validation:Pattern=`^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$` type Kind string -// Namespace refers to a Kubernetes namespace. +// Namespace refers to a Kubernetes namespace. It must be a RFC 1123 label. +// +kubebuilder:validation:Pattern=`^[a-z0-9]([-a-z0-9]*[a-z0-9])?$` +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=63 type Namespace string // ObjectName refers to the name of a Kubernetes object. +// Object names can have a variety of forms, including RFC1123 subdomains, +// RFC 1123 labels, or RFC 1035 labels. +// +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=253 type ObjectName string type ControllerReference struct { From 6b4b8849a8a40e16ffaa11906f71c3f482860858 Mon Sep 17 00:00:00 2001 From: Yi Tao Date: Tue, 30 Jan 2024 10:55:40 +0800 Subject: [PATCH 5/7] change KongLicense to cluster scoped and add printcolumns --- ...configuration.konghq.com_konglicenses.yaml | 37 +++++++++++++------ docs/api-reference.md | 9 ++--- .../v1alpha1/kong_license_types.go | 17 +++++---- 3 files changed, 39 insertions(+), 24 deletions(-) diff --git a/config/crd/bases/configuration.konghq.com_konglicenses.yaml b/config/crd/bases/configuration.konghq.com_konglicenses.yaml index 7ce186fc5b..a76e35bbbe 100644 --- a/config/crd/bases/configuration.konghq.com_konglicenses.yaml +++ b/config/crd/bases/configuration.konghq.com_konglicenses.yaml @@ -16,9 +16,21 @@ spec: shortNames: - kl singular: konglicense - scope: Namespaced + scope: Cluster versions: - - name: v1alpha1 + - additionalPrinterColumns: + - description: Age + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Enabled to configure on Kong gateway instances + jsonPath: .Enabled + name: Enabled + type: boolean + - jsonPath: .status.conditions[?(@.type=="Programmed")].status + name: Programmed + type: string + name: v1alpha1 schema: openAPIV3Schema: description: KongLicense stores a Kong enterprise license to apply to managed @@ -34,7 +46,7 @@ spec: enabled: default: true description: |- - Enabled is set to true to let controllers (like KIC) to reconcile it. + Enabled is set to true to let controllers (like KIC or KGO) to reconcile it. Default value is true to apply the license by default. type: boolean kind: @@ -48,8 +60,8 @@ spec: metadata: type: object rawLicenseString: - description: RawLicenseString is the raw content of the license in string - format. + description: RawLicenseString is a string with the raw content of the + license. type: string status: description: Status is the status of the KongLicense being processed by @@ -62,6 +74,12 @@ spec: identified by the controllerName field. properties: conditions: + default: + - lastTransitionTime: "1970-01-01T00:00:00Z" + message: Waiting for controller + reason: Pending + status: Unknown + type: Programmed description: Conditions describe the current conditions of the KongLicense on the controller. items: @@ -139,10 +157,6 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map - configured: - description: Configured is set to true if the controller applied - the content of the license on managed Kong gateway. - type: boolean controllerName: description: |- ControllerName is an identifier of the controller to reconcile this KongLicense. @@ -161,7 +175,9 @@ spec: pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ type: string kind: - description: Kind is the kind of the referent. + description: |- + Kind is the kind of the referent. + By default the nil kind means kind Pod. maxLength: 63 minLength: 1 pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ @@ -183,7 +199,6 @@ spec: - name type: object required: - - configured - controllerName type: object type: array diff --git a/docs/api-reference.md b/docs/api-reference.md index 058c1b032b..4bf594318c 100644 --- a/docs/api-reference.md +++ b/docs/api-reference.md @@ -363,8 +363,8 @@ KongLicense stores a Kong enterprise license to apply to managed Kong gateway in | `apiVersion` _string_ | `configuration.konghq.com/v1alpha1` | `kind` _string_ | `KongLicense` | `metadata` _[ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#objectmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | -| `rawLicenseString` _string_ | RawLicenseString is the raw content of the license in string format. | -| `enabled` _boolean_ | Enabled is set to true to let controllers (like KIC) to reconcile it. Default value is true to apply the license by default. | +| `rawLicenseString` _string_ | RawLicenseString is a string with the raw content of the license. | +| `enabled` _boolean_ | Enabled is set to true to let controllers (like KIC or KGO) to reconcile it. Default value is true to apply the license by default. | @@ -400,7 +400,7 @@ See: https://docs.konghq.com/gateway/latest/kong-enterprise/secrets-management/ | Field | Description | | --- | --- | | `group` _[Group](#group)_ | Group is the group of referent. It should be empty if the referent is in "core" group (like pod.) | -| `kind` _[Kind](#kind)_ | Kind is the kind of the referent. | +| `kind` _[Kind](#kind)_ | Kind is the kind of the referent. By default the nil kind means kind Pod. | | `namespace` _[Namespace](#namespace)_ | Namespace is the namespace of the referent. It should be empty if the referent is cluster scoped. | | `name` _[ObjectName](#objectname)_ | Name is the name of the referent. | @@ -443,7 +443,7 @@ _Appears in:_ _Underlying type:_ `string` -Kind refers to a kubernetes kind. +Kind refers to a Kubernetes kind. @@ -465,7 +465,6 @@ identified by the controllerName field. | --- | --- | | `controllerName` _string_ | ControllerName is an identifier of the controller to reconcile this KongLicense. Should be unique in the list of controller statuses. | | `controllerRef` _[ControllerReference](#controllerreference)_ | ControllerRef is the reference of the controller to reconcile this KongLicense. It is usually the name of (KIC/KGO) pod that reconciles it. | -| `configured` _boolean_ | Configured is set to true if the controller applied the content of the license on managed Kong gateway. | | `conditions` _[Condition](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#condition-v1-meta) array_ | Conditions describe the current conditions of the KongLicense on the controller. | diff --git a/pkg/apis/configuration/v1alpha1/kong_license_types.go b/pkg/apis/configuration/v1alpha1/kong_license_types.go index db11575cf9..ef3b869fd8 100644 --- a/pkg/apis/configuration/v1alpha1/kong_license_types.go +++ b/pkg/apis/configuration/v1alpha1/kong_license_types.go @@ -7,17 +7,20 @@ import ( // +genclient // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +kubebuilder:object:root=true -// +kubebuilder:resource:scope=Namespaced,shortName=kl,categories=kong-ingress-controller,path=konglicenses +// +kubebuilder:resource:scope=Cluster,shortName=kl,categories=kong-ingress-controller,path=konglicenses // +kubebuilder:storageversion // +kubebuilder:subresource:status +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`,description="Age" +// +kubebuilder:printcolumn:name="Enabled",type=boolean,JSONPath=`.Enabled`,description="Enabled to configure on Kong gateway instances" +// +kubebuilder:printcolumn:name="Programmed",type=string,JSONPath=`.status.conditions[?(@.type=="Programmed")].status` // KongLicense stores a Kong enterprise license to apply to managed Kong gateway instances. type KongLicense struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // RawLicenseString is the raw content of the license in string format. + // RawLicenseString is a string with the raw content of the license. RawLicenseString string `json:"rawLicenseString"` - // Enabled is set to true to let controllers (like KIC) to reconcile it. + // Enabled is set to true to let controllers (like KIC or KGO) to reconcile it. // Default value is true to apply the license by default. // +kubebuilder:default=true Enabled bool `json:"enabled"` @@ -41,24 +44,21 @@ type KongLicenseControllerStatus struct { // ControllerRef is the reference of the controller to reconcile this KongLicense. // It is usually the name of (KIC/KGO) pod that reconciles it. ControllerRef *ControllerReference `json:"controllerRef,omitempty"` - // Configured is set to true if the controller applied the content of the license on managed Kong gateway. - Configured bool `json:"configured"` // Conditions describe the current conditions of the KongLicense on the controller. // +listType=map // +listMapKey=type // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:default={{type: "Programmed", status: "Unknown", reason:"Pending", message:"Waiting for controller", lastTransitionTime: "1970-01-01T00:00:00Z"}} Conditions []metav1.Condition `json:"conditions,omitempty"` } -// TODO: copy validation notes from the gateway api package to run the same validation? - // Group refers to a Kubernetes Group. It must either be an empty string or a // RFC 1123 subdomain. // +kubebuilder:validation:MaxLength=253 // +kubebuilder:validation:Pattern=`^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$` type Group string -// Kind refers to a kubernetes kind. +// Kind refers to a Kubernetes kind. // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=63 // +kubebuilder:validation:Pattern=`^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$` @@ -83,6 +83,7 @@ type ControllerReference struct { // It should be empty if the referent is in "core" group (like pod.) Group *Group `json:"group,omitempty"` // Kind is the kind of the referent. + // By default the nil kind means kind Pod. Kind *Kind `json:"kind,omitempty"` // Namespace is the namespace of the referent. // It should be empty if the referent is cluster scoped. From 2f465a17b395f9a6da0e10287b1add70421daf2a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Grzegorz=20Burzy=C5=84ski?= Date: Tue, 30 Jan 2024 11:54:13 +0100 Subject: [PATCH 6/7] Fix comment --- docs/api-reference.md | 2 +- pkg/apis/configuration/v1alpha1/kong_license_types.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/api-reference.md b/docs/api-reference.md index 4bf594318c..0848dd2982 100644 --- a/docs/api-reference.md +++ b/docs/api-reference.md @@ -399,7 +399,7 @@ See: https://docs.konghq.com/gateway/latest/kong-enterprise/secrets-management/ | Field | Description | | --- | --- | -| `group` _[Group](#group)_ | Group is the group of referent. It should be empty if the referent is in "core" group (like pod.) | +| `group` _[Group](#group)_ | Group is the group of referent. It should be empty if the referent is in "core" group (like pod). | | `kind` _[Kind](#kind)_ | Kind is the kind of the referent. By default the nil kind means kind Pod. | | `namespace` _[Namespace](#namespace)_ | Namespace is the namespace of the referent. It should be empty if the referent is cluster scoped. | | `name` _[ObjectName](#objectname)_ | Name is the name of the referent. | diff --git a/pkg/apis/configuration/v1alpha1/kong_license_types.go b/pkg/apis/configuration/v1alpha1/kong_license_types.go index ef3b869fd8..c7f996643b 100644 --- a/pkg/apis/configuration/v1alpha1/kong_license_types.go +++ b/pkg/apis/configuration/v1alpha1/kong_license_types.go @@ -80,7 +80,7 @@ type ObjectName string type ControllerReference struct { // Group is the group of referent. - // It should be empty if the referent is in "core" group (like pod.) + // It should be empty if the referent is in "core" group (like pod). Group *Group `json:"group,omitempty"` // Kind is the kind of the referent. // By default the nil kind means kind Pod. From a8c9a7e0de998a4307f7d009ef35c2afa0ceb813 Mon Sep 17 00:00:00 2001 From: Jintao Zhang Date: Tue, 30 Jan 2024 19:17:09 +0800 Subject: [PATCH 7/7] run make manifests Signed-off-by: Jintao Zhang --- config/crd/bases/configuration.konghq.com_konglicenses.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/crd/bases/configuration.konghq.com_konglicenses.yaml b/config/crd/bases/configuration.konghq.com_konglicenses.yaml index a76e35bbbe..92c750b454 100644 --- a/config/crd/bases/configuration.konghq.com_konglicenses.yaml +++ b/config/crd/bases/configuration.konghq.com_konglicenses.yaml @@ -170,7 +170,7 @@ spec: group: description: |- Group is the group of referent. - It should be empty if the referent is in "core" group (like pod.) + It should be empty if the referent is in "core" group (like pod). maxLength: 253 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ type: string