diff --git a/.github/workflows/presubmit.yaml b/.github/workflows/presubmit.yaml index 9615198a..02d83751 100644 --- a/.github/workflows/presubmit.yaml +++ b/.github/workflows/presubmit.yaml @@ -19,7 +19,7 @@ jobs: - name: golangci-lint uses: golangci/golangci-lint-action@v3 with: - version: v1.62.2 + version: v1.63.4 args: --verbose --timeout 30m presubmit: @@ -49,7 +49,10 @@ jobs: ~/go/bin/ ~/.kubebuilder/bin key: ${{ runner.os }}-go-cache-${{ hashFiles('**/go.sum') }} - - run: make toolchain + - run: go install github.com/golang/mock/mockgen@v1.6.0 + - run: go install sigs.k8s.io/kustomize/kustomize/v5@v5.6.0 + - run: go install sigs.k8s.io/controller-runtime/tools/setup-envtest@v0.0.0-20220421205612-c162794a9b12 + - run: go install github.com/mattn/goveralls@b031368 - run: make manifest - run: make vet - run: make test diff --git a/Makefile b/Makefile index 2326a91d..3f905362 100644 --- a/Makefile +++ b/Makefile @@ -13,7 +13,7 @@ VERSION ?= $(if $(RELEASE_VERSION),$(RELEASE_VERSION),$(shell git tag --sort=v:r ECRIMAGES ?=public.ecr.aws/aws-application-networking-k8s/aws-gateway-controller:${VERSION} # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. -ENVTEST_K8S_VERSION = 1.22 +ENVTEST_K8S_VERSION = 1.32 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) ifeq (,$(shell go env GOBIN)) @@ -75,7 +75,7 @@ lint: ## Run the golangci-lint only in local machine echo "Running golangci-lint"; \ golangci-lint run; \ else \ - echo "Error: golangci-lint is not installed. Please run the 'make toolchain'"; \ + echo "Error: golangci-lint is not installed. Please run the 'make setup'"; \ exit 1; \ fi \ @@ -84,9 +84,9 @@ lint: ## Run the golangci-lint only in local machine test: ## Run tests. go test ./pkg/... -coverprofile coverage.out -.PHONY: toolchain -toolchain: ## Install developer toolchain - ./hack/toolchain.sh +.PHONY: setup +setup: + ./scripts/setup.sh ##@ Deployment diff --git a/docs/contributing/developer.md b/docs/contributing/developer.md index b1dcd32e..f9c78873 100644 --- a/docs/contributing/developer.md +++ b/docs/contributing/developer.md @@ -1,8 +1,10 @@ # Developer Guide +## Automated Setup +The quickest way to get started is by running `bash ./scripts/setup.sh`, or `make setup` if you already have `make` installed. This script guides you through credential, tool, EKS cluster, and CRD setup. -## Prerequisites +## Manual Setup **Tools** @@ -31,9 +33,9 @@ Before proceeding to the next sections, you need to: git clone git@github.com:aws/aws-application-networking-k8s.git cd aws-application-networking-k8s ``` -1. Install dependencies with `toolchain.sh` script: +1. Install dependencies with `setup.sh` script: ```bash - make toolchain + make setup ``` diff --git a/hack/toolchain.sh b/hack/toolchain.sh deleted file mode 100755 index a99b70ca..00000000 --- a/hack/toolchain.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/usr/bin/env bash -set -euo pipefail - -K8S_VERSION="${K8S_VERSION:="1.31.1"}" -KUBEBUILDER_ASSETS="${KUBEBUILDER_ASSETS:="${HOME}/.kubebuilder/bin"}" - -main() { - tools - kubebuilder - install_golangci_lint -} - -install_golangci_lint() { - if { [ -z "${CI+x}" ] || [ "${CI}" != "true" ]; } && ! command -v golangci-lint &> /dev/null; then - echo "golangci-lint is not installed in local machine. Installing..." - # https://golangci-lint.run/usage/install/#local-installation - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.62.2 - fi -} - -tools() { - if ! echo "$PATH" | grep -q "${GOPATH:-undefined}/bin\|$HOME/go/bin"; then - echo "Go workspace's \"bin\" directory is not in PATH. Run 'export PATH=\"\$PATH:\${GOPATH:-\$HOME/go}/bin\"'." - exit 1 - fi - - go install github.com/golang/mock/mockgen@v1.6.0 - go install sigs.k8s.io/kustomize/kustomize/v4@v4.5.7 - go install sigs.k8s.io/controller-runtime/tools/setup-envtest@v0.0.0-20220421205612-c162794a9b12 - go install github.com/mattn/goveralls@b031368 -} - -kubebuilder() { - mkdir -p $KUBEBUILDER_ASSETS - arch=$(go env GOARCH) - ## Kubebuilder does not support darwin/arm64, so use amd64 through Rosetta instead - if [[ $(go env GOOS) == "darwin" ]] && [[ $(go env GOARCH) == "arm64" ]]; then - arch="amd64" - fi - ln -sf $(setup-envtest use -p path "${K8S_VERSION}" --arch="${arch}" --bin-dir="${KUBEBUILDER_ASSETS}")/* ${KUBEBUILDER_ASSETS} - find $KUBEBUILDER_ASSETS -} - -main "$@" diff --git a/scripts/setup.sh b/scripts/setup.sh new file mode 100755 index 00000000..b24e05c8 --- /dev/null +++ b/scripts/setup.sh @@ -0,0 +1,216 @@ +#!/usr/bin/env bash + +declare -a DEPENDENCY_LIST=("go" "awscli" "kubernetes-cli" "eksctl" "helm" "jq" "yq" "make") +CURRENT_CONTROLLER_VERSION="1.1.0" +CURRENT_CRD_VERSION="1.2.0" +GOLANGCI_LINT_VERSION="1.63.4" +EKS_POD_IDENTITY_AGENT_VERSION="1.0.0-eksbuild.1" + +main() { + printf '\nSetting up your environment... 🚀\n' + credentials + tools + cluster + crds + printf '\nSetup completed successfully! 🎉\n' +} + +installOrUpdatePackage() { + if brew list --versions | grep -q "${1}"; then + read -p "${1} is already installed, do you want to update? (Y/N): " update_package + if [[ $update_package == 'Y' || $update_package == 'y' ]]; then + echo "Updating ${1}" + brew upgrade "$1" + fi + else + echo "Installing ${1}" + brew install "$1" + fi +} + +credentials() { + read -p "Do you want to configure AWS credentials? (Y/N): " configure_creds + if [[ $configure_creds == 'Y' || $configure_creds == 'y' ]]; then + read -p "Enter AWS Access Key: " access_key + read -p "Enter AWS Secret Access Key: " secret_key + read -p "Enter AWS Region: " region + + aws configure set aws_access_key_id "$access_key" + aws configure set aws_secret_access_key "$secret_key" + aws configure set default.region "$region" + + echo "AWS credentials configured successfully." + fi + echo "---------------------------------" +} + +tools() { + read -p "Do you want to install/update tools? (Y/N): " install_tools + if [[ $install_tools == 'Y' || $install_tools == 'y' ]]; then + if ! command -v brew &> /dev/null; then + echo "Installing Homebrew..." + /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" + export PATH=/opt/homebrew/bin:$PATH + else + read -p "Homebrew is already installed, do you want to update? (Y/N): " update_package + + if [[ $update_package == 'Y' || $update_package == 'y' ]]; then + echo "Updating Homebrew" + brew update + fi + fi + + for i in "${DEPENDENCY_LIST[@]}"; do + installOrUpdatePackage "$i" + done + + if ! command -v golangci-lint &> /dev/null; then + echo "Installing golangci-lint" + curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v$GOLANGCI_LINT_VERSION + else + echo "golangci-lint is already installed." + fi + + go install github.com/golang/mock/mockgen@v1.6.0 + + echo "Tools installed/updated successfully." + fi + echo "---------------------------------" +} + +cluster() { + read -p "Do you want to create an EKS cluster? (Y/N): " create_cluster + if [[ $create_cluster == 'Y' || $create_cluster == 'y' ]]; then + read -p "Enter a Cluster Name. The name must satisfy the regular expression pattern [a-zA-Z][-a-zA-Z0-9]: " cluster_name + read -p "Enter AWS Region: " region + read -p "Enter Controller Version. Entering no version will default to $CURRENT_CONTROLLER_VERSION: " controller_version + if [[ $crds_version == null || $crds_version == '' ]]; then + echo "Defaulting to $CURRENT_CONTROLLER_VERSION." + export CONTROLLER_VERSION=$CURRENT_CONTROLLER_VERSION + else + export CONTROLLER_VERSION=$controller_version + fi + + export CLUSTER_NAME=$cluster_name + export AWS_REGION=$region + + describe_cluster_output=$( aws eks describe-cluster --name "$CLUSTER_NAME" --output text 2>&1 ) + if [[ $describe_cluster_output == *"ResourceNotFoundException"* ]]; then + echo "Creating cluster with name: $cluster_name" + + create_cluster_output=$(eksctl create cluster --name "$CLUSTER_NAME" --region "$AWS_REGION" --output text 2>&1 ) + if [[ $create_cluster_output == *"error"* ]]; then + echo "Error creating cluster: $create_cluster_output" + echo "---------------------------------" + return 1 + fi + + echo "Allowing traffic from VPC Lattice to EKS cluster" + CLUSTER_SG=$(aws eks describe-cluster --name "$CLUSTER_NAME" --output json| jq -r '.cluster.resourcesVpcConfig.clusterSecurityGroupId') + + PREFIX_LIST_ID=$(aws ec2 describe-managed-prefix-lists --query "PrefixLists[?PrefixListName=="\'com.amazonaws.$AWS_REGION.vpc-lattice\'"].PrefixListId" | jq -r '.[]') + aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID}}],IpProtocol=-1" --no-cli-pager + + PREFIX_LIST_ID_IPV6=$(aws ec2 describe-managed-prefix-lists --query "PrefixLists[?PrefixListName=="\'com.amazonaws.$AWS_REGION.ipv6.vpc-lattice\'"].PrefixListId" | jq -r '.[]') + aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID_IPV6}}],IpProtocol=-1" --no-cli-page + + export VPCLatticeControllerIAMPolicyArn=$( aws iam list-policies --query 'Policies[?PolicyName==`VPCLatticeControllerIAMPolicy`].Arn' --output text 2>&1 ) + if [[ $VPCLatticeControllerIAMPolicyArn != *"arn"* ]]; then + echo "Setting up IAM permissions" + curl https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/recommended-inline-policy.json -o recommended-inline-policy.json + aws iam create-policy \ + --policy-name VPCLatticeControllerIAMPolicy \ + --policy-document file://recommended-inline-policy.json --no-cli-pager + export VPCLatticeControllerIAMPolicyArn=$(aws iam list-policies --query 'Policies[?PolicyName==`VPCLatticeControllerIAMPolicy`].Arn' --output text) + rm -f recommended-inline-policy.json + echo "IAM permissions set up successfully" + else + echo "Policy already exists, skipping creation" + fi + + kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/deploy-namesystem.yaml + + echo "Setting up the Pod Identities Agent" + aws eks create-addon --cluster-name $CLUSTER_NAME --addon-name eks-pod-identity-agent --addon-version v$EKS_POD_IDENTITY_AGENT_VERSION --no-cli-pager + kubectl get pods -n kube-system | grep 'eks-pod-identity-agent' + echo "Pod Identities Agent set up successfully" + + export VPCLatticeControllerIAMRoleArn=$( aws iam list-roles --query 'Roles[?RoleName==`VPCLatticeControllerIAMRole`].Arn' --output text 2>&1 ) + if [[ $VPCLatticeControllerIAMRoleArn != *"arn"* ]]; then + echo "Assigning a role to the service account" + + cat >gateway-api-controller-service-account.yaml <trust-relationship.json <