From 2ef437eb3b7bed8a8ffa4aff11851248ea76dd2a Mon Sep 17 00:00:00 2001 From: Ryan Lymburner Date: Tue, 28 Jan 2025 16:10:13 -0800 Subject: [PATCH 01/11] Increment K8S version to 1.32 in Makefile --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 2326a91d..2f31a883 100644 --- a/Makefile +++ b/Makefile @@ -13,7 +13,7 @@ VERSION ?= $(if $(RELEASE_VERSION),$(RELEASE_VERSION),$(shell git tag --sort=v:r ECRIMAGES ?=public.ecr.aws/aws-application-networking-k8s/aws-gateway-controller:${VERSION} # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. -ENVTEST_K8S_VERSION = 1.22 +ENVTEST_K8S_VERSION = 1.32 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) ifeq (,$(shell go env GOBIN)) From 8de66fe736cffa52c121ae2b1bd58afed848b39b Mon Sep 17 00:00:00 2001 From: Ryan Lymburner Date: Tue, 28 Jan 2025 16:16:54 -0800 Subject: [PATCH 02/11] Replace toolchain with setup script --- .github/workflows/presubmit.yaml | 1 - Makefile | 8 +- docs/contributing/developer.md | 4 +- hack/toolchain.sh | 44 ------- scripts/setup.sh | 190 +++++++++++++++++++++++++++++++ 5 files changed, 196 insertions(+), 51 deletions(-) delete mode 100755 hack/toolchain.sh create mode 100755 scripts/setup.sh diff --git a/.github/workflows/presubmit.yaml b/.github/workflows/presubmit.yaml index 9615198a..56ce1df2 100644 --- a/.github/workflows/presubmit.yaml +++ b/.github/workflows/presubmit.yaml @@ -49,7 +49,6 @@ jobs: ~/go/bin/ ~/.kubebuilder/bin key: ${{ runner.os }}-go-cache-${{ hashFiles('**/go.sum') }} - - run: make toolchain - run: make manifest - run: make vet - run: make test diff --git a/Makefile b/Makefile index 2f31a883..3f905362 100644 --- a/Makefile +++ b/Makefile @@ -75,7 +75,7 @@ lint: ## Run the golangci-lint only in local machine echo "Running golangci-lint"; \ golangci-lint run; \ else \ - echo "Error: golangci-lint is not installed. Please run the 'make toolchain'"; \ + echo "Error: golangci-lint is not installed. Please run the 'make setup'"; \ exit 1; \ fi \ @@ -84,9 +84,9 @@ lint: ## Run the golangci-lint only in local machine test: ## Run tests. go test ./pkg/... -coverprofile coverage.out -.PHONY: toolchain -toolchain: ## Install developer toolchain - ./hack/toolchain.sh +.PHONY: setup +setup: + ./scripts/setup.sh ##@ Deployment diff --git a/docs/contributing/developer.md b/docs/contributing/developer.md index b1dcd32e..b06a5375 100644 --- a/docs/contributing/developer.md +++ b/docs/contributing/developer.md @@ -31,9 +31,9 @@ Before proceeding to the next sections, you need to: git clone git@github.com:aws/aws-application-networking-k8s.git cd aws-application-networking-k8s ``` -1. Install dependencies with `toolchain.sh` script: +1. Install dependencies with `setup.sh` script: ```bash - make toolchain + make setup ``` diff --git a/hack/toolchain.sh b/hack/toolchain.sh deleted file mode 100755 index a99b70ca..00000000 --- a/hack/toolchain.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/usr/bin/env bash -set -euo pipefail - -K8S_VERSION="${K8S_VERSION:="1.31.1"}" -KUBEBUILDER_ASSETS="${KUBEBUILDER_ASSETS:="${HOME}/.kubebuilder/bin"}" - -main() { - tools - kubebuilder - install_golangci_lint -} - -install_golangci_lint() { - if { [ -z "${CI+x}" ] || [ "${CI}" != "true" ]; } && ! command -v golangci-lint &> /dev/null; then - echo "golangci-lint is not installed in local machine. Installing..." - # https://golangci-lint.run/usage/install/#local-installation - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.62.2 - fi -} - -tools() { - if ! echo "$PATH" | grep -q "${GOPATH:-undefined}/bin\|$HOME/go/bin"; then - echo "Go workspace's \"bin\" directory is not in PATH. Run 'export PATH=\"\$PATH:\${GOPATH:-\$HOME/go}/bin\"'." - exit 1 - fi - - go install github.com/golang/mock/mockgen@v1.6.0 - go install sigs.k8s.io/kustomize/kustomize/v4@v4.5.7 - go install sigs.k8s.io/controller-runtime/tools/setup-envtest@v0.0.0-20220421205612-c162794a9b12 - go install github.com/mattn/goveralls@b031368 -} - -kubebuilder() { - mkdir -p $KUBEBUILDER_ASSETS - arch=$(go env GOARCH) - ## Kubebuilder does not support darwin/arm64, so use amd64 through Rosetta instead - if [[ $(go env GOOS) == "darwin" ]] && [[ $(go env GOARCH) == "arm64" ]]; then - arch="amd64" - fi - ln -sf $(setup-envtest use -p path "${K8S_VERSION}" --arch="${arch}" --bin-dir="${KUBEBUILDER_ASSETS}")/* ${KUBEBUILDER_ASSETS} - find $KUBEBUILDER_ASSETS -} - -main "$@" diff --git a/scripts/setup.sh b/scripts/setup.sh new file mode 100755 index 00000000..c733b018 --- /dev/null +++ b/scripts/setup.sh @@ -0,0 +1,190 @@ +#!/usr/bin/env bash + +read -p "Do you want to configure AWS credentials? (Y/N): " configure_creds +if [[ $configure_creds == 'Y' || $configure_creds == 'y' ]]; then + read -p "Enter AWS Access Key: " access_key + read -p "Enter AWS Secret Access Key: " secret_key + read -p "Enter AWS Region: " region + + aws configure set aws_access_key_id "$access_key" + aws configure set aws_secret_access_key "$secret_key" + aws configure set default.region "$region" + + echo "AWS credentials configured successfully." +fi + +read -p "Do you want to install/update tools? (Y/N): " install_tools +if [[ $install_tools == 'Y' || $install_tools == 'y' ]]; then + + if ! command -v brew &> /dev/null; then + echo "Installing Homebrew..." + /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" + export PATH=/opt/homebrew/bin:$PATH + else + echo "Homebrew is already installed, updating." + brew update + fi + + if brew list --versions | grep -q "go"; then + echo "Updating golang" + brew upgrade go + else + echo "Installing golang" + brew install go + fi + + if brew list --versions | grep -q "awscli"; then + echo "Updating AWS CLI" + brew upgrade awscli + else + echo "Installing AWS CLI" + brew install awscli + fi + + if brew list --versions | grep -q "kubectl"; then + echo "Updating kubectl" + brew upgrade kubectl + else + echo "Installing kubectl" + brew install kubectl + fi + + if brew list --versions | grep -q "eksctl"; then + echo "Updating eksctl" + brew upgrade eksctl + else + echo "Installing eksctl" + brew install eksctl + fi + + if brew list --versions | grep -q "helm"; then + echo "Updating helm" + brew upgrade helm + else + echo "Installing helm" + brew install helm + fi + + if brew list --versions | grep -q "jq"; then + echo "Updating jq" + brew upgrade jq + else + echo "Installing jq" + brew install jq + fi + + if ! command -v golangci-lint &> /dev/null; then + echo "Installing golangci-lint" + curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.62.2 + else + echo "golangci-lint is already installed." + fi + + go install github.com/golang/mock/mockgen@v1.6.0 + + echo "Tools installed/updated successfully." +fi + +read -p "Do you want to install the latest Gateway API CRDs? (Y/N): " install_crds +if [[ $install_crds == 'Y' || $install_crds == 'y' ]]; then + kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.2.0/standard-install.yaml --validate=false + echo "Gateway API CRDs installed successfully." +fi + +read -p "Do you want to create an EKS cluster? (Y/N): " create_cluster +if [[ $create_cluster == 'Y' || $create_cluster == 'y' ]]; then + read -p "Enter Cluster Name: " cluster_name + read -p "Enter AWS Region: " region + + export CLUSTER_NAME=$cluster_name + export AWS_REGION=$region + + describe_cluster_output=$( aws eks describe-cluster --name "$CLUSTER_NAME" --output text 2>&1 ) + if [[ $describe_cluster_output == *"ResourceNotFoundException"* ]]; then + echo "Creating cluster with name: $cluster_name" + eksctl create cluster --name "$CLUSTER_NAME" --region "$AWS_REGION" + + echo "Allowing traffic from VPC Lattice to EKS cluster" + CLUSTER_SG=$(aws eks describe-cluster --name "$CLUSTER_NAME" --output json| jq -r '.cluster.resourcesVpcConfig.clusterSecurityGroupId') + + PREFIX_LIST_ID=$(aws ec2 describe-managed-prefix-lists --query "PrefixLists[?PrefixListName=="\'com.amazonaws.$AWS_REGION.vpc-lattice\'"].PrefixListId" | jq -r '.[]') + aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID}}],IpProtocol=-1" 2> /dev/null + PREFIX_LIST_ID_IPV6=$(aws ec2 describe-managed-prefix-lists --query "PrefixLists[?PrefixListName=="\'com.amazonaws.$AWS_REGION.ipv6.vpc-lattice\'"].PrefixListId" | jq -r '.[]') + aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID_IPV6}}],IpProtocol=-1" 2> /dev/null + + export VPCLatticeControllerIAMPolicyArn=$( aws iam list-policies --query 'Policies[?PolicyName==`VPCLatticeControllerIAMPolicy`].Arn' --output text 2>&1 ) + if [[ $VPCLatticeControllerIAMPolicyArn = *"arn"* ]]; then + echo "Setting up IAM permissions" + curl https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/recommended-inline-policy.json -o recommended-inline-policy.json + aws iam create-policy \ + --policy-name VPCLatticeControllerIAMPolicy \ + --policy-document file://recommended-inline-policy.json 2> /dev/null + export VPCLatticeControllerIAMPolicyArn=$(aws iam list-policies --query 'Policies[?PolicyName==`VPCLatticeControllerIAMPolicy`].Arn' --output text) + rm -f recommended-inline-policy.json + echo "IAM permissions set up successfully" + else + echo "Policy already exists, skipping creation" + fi + + kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/deploy-namesystem.yaml + + echo "Setting up the Pod Identities Agent" + aws eks create-addon --cluster-name $CLUSTER_NAME --addon-name eks-pod-identity-agent --addon-version v1.0.0-eksbuild.1 2> /dev/null + kubectl get pods -n kube-system | grep 'eks-pod-identity-agent' + echo "Pod Identities Agent set up successfully" + + export VPCLatticeControllerIAMRoleArn=$( aws iam list-roles --query 'Roles[?RoleName==`VPCLatticeControllerIAMRole`].Arn' --output text 2>&1 ) + if [[ $VPCLatticeControllerIAMRoleArn = *"arn"* ]]; then + echo "Assigning a role to the service account" + + cat >gateway-api-controller-service-account.yaml <trust-relationship.json < /dev/null + aws iam attach-role-policy --role-name VPCLatticeControllerIAMRole --policy-arn=$VPCLatticeControllerIAMPolicyArn 2> /dev/null + export VPCLatticeControllerIAMRoleArn=$(aws iam list-roles --query 'Roles[?RoleName==`VPCLatticeControllerIAMRole`].Arn' --output text) + rm -f trust-relationship.json + echo "Role assigned successfully" + else + echo "Role already exists, skipping creation" + fi + + aws eks create-pod-identity-association --cluster-name $CLUSTER_NAME --role-arn $VPCLatticeControllerIAMRoleArn --namespace aws-application-networking-system --service-account gateway-api-controller 2> /dev/null + + echo "Installing the controller" + kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/deploy-v1.1.0.yaml + kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/gatewayclass.yaml + + echo "EKS cluster created successfully." + else + echo "Cluster: $cluster_name already exists. Skipping creation." + fi +fi + +echo "Setup completed successfully." \ No newline at end of file From cfc9bdf694d2595beb6e6482c36b33e22fabb8ad Mon Sep 17 00:00:00 2001 From: Ryan Lymburner Date: Wed, 29 Jan 2025 13:39:06 -0800 Subject: [PATCH 03/11] Improve setup.sh error handling --- scripts/setup.sh | 39 ++++++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 17 deletions(-) diff --git a/scripts/setup.sh b/scripts/setup.sh index c733b018..eb40b0a5 100755 --- a/scripts/setup.sh +++ b/scripts/setup.sh @@ -85,19 +85,15 @@ if [[ $install_tools == 'Y' || $install_tools == 'y' ]]; then echo "Tools installed/updated successfully." fi -read -p "Do you want to install the latest Gateway API CRDs? (Y/N): " install_crds -if [[ $install_crds == 'Y' || $install_crds == 'y' ]]; then - kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.2.0/standard-install.yaml --validate=false - echo "Gateway API CRDs installed successfully." -fi - read -p "Do you want to create an EKS cluster? (Y/N): " create_cluster if [[ $create_cluster == 'Y' || $create_cluster == 'y' ]]; then read -p "Enter Cluster Name: " cluster_name read -p "Enter AWS Region: " region + read -p "Enter Controller Version: " controller_version export CLUSTER_NAME=$cluster_name export AWS_REGION=$region + export CONTROLLER_VERSION=$controller_version describe_cluster_output=$( aws eks describe-cluster --name "$CLUSTER_NAME" --output text 2>&1 ) if [[ $describe_cluster_output == *"ResourceNotFoundException"* ]]; then @@ -108,17 +104,18 @@ if [[ $create_cluster == 'Y' || $create_cluster == 'y' ]]; then CLUSTER_SG=$(aws eks describe-cluster --name "$CLUSTER_NAME" --output json| jq -r '.cluster.resourcesVpcConfig.clusterSecurityGroupId') PREFIX_LIST_ID=$(aws ec2 describe-managed-prefix-lists --query "PrefixLists[?PrefixListName=="\'com.amazonaws.$AWS_REGION.vpc-lattice\'"].PrefixListId" | jq -r '.[]') - aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID}}],IpProtocol=-1" 2> /dev/null + aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID}}],IpProtocol=-1" --no-cli-pager + PREFIX_LIST_ID_IPV6=$(aws ec2 describe-managed-prefix-lists --query "PrefixLists[?PrefixListName=="\'com.amazonaws.$AWS_REGION.ipv6.vpc-lattice\'"].PrefixListId" | jq -r '.[]') - aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID_IPV6}}],IpProtocol=-1" 2> /dev/null + aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID_IPV6}}],IpProtocol=-1" --no-cli-pager export VPCLatticeControllerIAMPolicyArn=$( aws iam list-policies --query 'Policies[?PolicyName==`VPCLatticeControllerIAMPolicy`].Arn' --output text 2>&1 ) - if [[ $VPCLatticeControllerIAMPolicyArn = *"arn"* ]]; then + if [[ $VPCLatticeControllerIAMPolicyArn != *"arn"* ]]; then echo "Setting up IAM permissions" curl https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/recommended-inline-policy.json -o recommended-inline-policy.json aws iam create-policy \ --policy-name VPCLatticeControllerIAMPolicy \ - --policy-document file://recommended-inline-policy.json 2> /dev/null + --policy-document file://recommended-inline-policy.json --no-cli-pager export VPCLatticeControllerIAMPolicyArn=$(aws iam list-policies --query 'Policies[?PolicyName==`VPCLatticeControllerIAMPolicy`].Arn' --output text) rm -f recommended-inline-policy.json echo "IAM permissions set up successfully" @@ -129,12 +126,12 @@ if [[ $create_cluster == 'Y' || $create_cluster == 'y' ]]; then kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/deploy-namesystem.yaml echo "Setting up the Pod Identities Agent" - aws eks create-addon --cluster-name $CLUSTER_NAME --addon-name eks-pod-identity-agent --addon-version v1.0.0-eksbuild.1 2> /dev/null + aws eks create-addon --cluster-name $CLUSTER_NAME --addon-name eks-pod-identity-agent --addon-version v1.0.0-eksbuild.1 --no-cli-pager kubectl get pods -n kube-system | grep 'eks-pod-identity-agent' echo "Pod Identities Agent set up successfully" export VPCLatticeControllerIAMRoleArn=$( aws iam list-roles --query 'Roles[?RoleName==`VPCLatticeControllerIAMRole`].Arn' --output text 2>&1 ) - if [[ $VPCLatticeControllerIAMRoleArn = *"arn"* ]]; then + if [[ $VPCLatticeControllerIAMRoleArn != *"arn"* ]]; then echo "Assigning a role to the service account" cat >gateway-api-controller-service-account.yaml < /dev/null - aws iam attach-role-policy --role-name VPCLatticeControllerIAMRole --policy-arn=$VPCLatticeControllerIAMPolicyArn 2> /dev/null + aws iam create-role --role-name VPCLatticeControllerIAMRole --assume-role-policy-document file://trust-relationship.json --description "IAM Role for AWS Gateway API Controller for VPC Lattice" --no-cli-pager + aws iam attach-role-policy --role-name VPCLatticeControllerIAMRole --policy-arn=$VPCLatticeControllerIAMPolicyArn --no-cli-pager export VPCLatticeControllerIAMRoleArn=$(aws iam list-roles --query 'Roles[?RoleName==`VPCLatticeControllerIAMRole`].Arn' --output text) rm -f trust-relationship.json echo "Role assigned successfully" @@ -175,11 +172,10 @@ EOF echo "Role already exists, skipping creation" fi - aws eks create-pod-identity-association --cluster-name $CLUSTER_NAME --role-arn $VPCLatticeControllerIAMRoleArn --namespace aws-application-networking-system --service-account gateway-api-controller 2> /dev/null + aws eks create-pod-identity-association --cluster-name $CLUSTER_NAME --role-arn $VPCLatticeControllerIAMRoleArn --namespace aws-application-networking-system --service-account gateway-api-controller --no-cli-pager echo "Installing the controller" - kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/deploy-v1.1.0.yaml - kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/gatewayclass.yaml + kubectl apply -f "https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/deploy-v${CONTROLLER_VERSION}.yaml" echo "EKS cluster created successfully." else @@ -187,4 +183,13 @@ EOF fi fi +read -p "Do you want to install the Gateway API CRDs? (Y/N): " install_crds +if [[ $install_crds == 'Y' || $install_crds == 'y' ]]; then + read -p "Enter Gateway API CRDs Version: " crds_version + export CRDS_VERSION=$crds_version + + kubectl apply -f "https://github.com/kubernetes-sigs/gateway-api/releases/download/v${CRDS_VERSION}/standard-install.yaml" --validate=false + kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/gatewayclass.yaml +fi + echo "Setup completed successfully." \ No newline at end of file From e8d00181a448422ec81b311392c9135af908d449 Mon Sep 17 00:00:00 2001 From: Ryan Lymburner Date: Wed, 29 Jan 2025 13:47:45 -0800 Subject: [PATCH 04/11] Added support for yq and make --- scripts/setup.sh | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/scripts/setup.sh b/scripts/setup.sh index eb40b0a5..7251b176 100755 --- a/scripts/setup.sh +++ b/scripts/setup.sh @@ -65,7 +65,7 @@ if [[ $install_tools == 'Y' || $install_tools == 'y' ]]; then brew install helm fi - if brew list --versions | grep -q "jq"; then + if brew list --versions | grep -q "jq"; then echo "Updating jq" brew upgrade jq else @@ -73,6 +73,22 @@ if [[ $install_tools == 'Y' || $install_tools == 'y' ]]; then brew install jq fi + if brew list --versions | grep -q "yq"; then + echo "Updating yq" + brew upgrade yq + else + echo "Installing yq" + brew install yq + fi + + if brew list --versions | grep -q "make"; then + echo "Updating make" + brew upgrade make + else + echo "Installing make" + brew install make + fi + if ! command -v golangci-lint &> /dev/null; then echo "Installing golangci-lint" curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.62.2 From ef5d7eebd6309fa55615caeeab5a7834fe499582 Mon Sep 17 00:00:00 2001 From: Ryan Lymburner Date: Wed, 29 Jan 2025 13:48:12 -0800 Subject: [PATCH 05/11] Updated developer guide to refer to new setup.sh for automated setup --- docs/contributing/developer.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/contributing/developer.md b/docs/contributing/developer.md index b06a5375..f9c78873 100644 --- a/docs/contributing/developer.md +++ b/docs/contributing/developer.md @@ -1,8 +1,10 @@ # Developer Guide +## Automated Setup +The quickest way to get started is by running `bash ./scripts/setup.sh`, or `make setup` if you already have `make` installed. This script guides you through credential, tool, EKS cluster, and CRD setup. -## Prerequisites +## Manual Setup **Tools** From 3ab47974c59a053a271ec21a8442817dae569522 Mon Sep 17 00:00:00 2001 From: Ryan Lymburner Date: Wed, 29 Jan 2025 15:33:24 -0800 Subject: [PATCH 06/11] Install mockgen dependency on presubmit --- .github/workflows/presubmit.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/presubmit.yaml b/.github/workflows/presubmit.yaml index 56ce1df2..95f4b7b9 100644 --- a/.github/workflows/presubmit.yaml +++ b/.github/workflows/presubmit.yaml @@ -49,6 +49,7 @@ jobs: ~/go/bin/ ~/.kubebuilder/bin key: ${{ runner.os }}-go-cache-${{ hashFiles('**/go.sum') }} + - run: go install github.com/golang/mock/mockgen@v1.6.0 - run: make manifest - run: make vet - run: make test From 48eadbf135dbba164e8d5b23c14cd58d819b233c Mon Sep 17 00:00:00 2001 From: Ryan Lymburner Date: Wed, 29 Jan 2025 15:48:09 -0800 Subject: [PATCH 07/11] Install additional dependencies on presubmit --- .github/workflows/presubmit.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/presubmit.yaml b/.github/workflows/presubmit.yaml index 95f4b7b9..34f7e3c8 100644 --- a/.github/workflows/presubmit.yaml +++ b/.github/workflows/presubmit.yaml @@ -50,6 +50,9 @@ jobs: ~/.kubebuilder/bin key: ${{ runner.os }}-go-cache-${{ hashFiles('**/go.sum') }} - run: go install github.com/golang/mock/mockgen@v1.6.0 + - run: go install sigs.k8s.io/kustomize/kustomize/v5@v5.6.0 + - run: go install sigs.k8s.io/controller-runtime/tools/setup-envtest@v0.0.0-20220421205612-c162794a9b12 + - run: go install github.com/mattn/goveralls@b031368 - run: make manifest - run: make vet - run: make test From 44765afb635d8389c6acfffc6c010410412139d2 Mon Sep 17 00:00:00 2001 From: Ryan Lymburner Date: Thu, 30 Jan 2025 10:47:57 -0800 Subject: [PATCH 08/11] Added option to update tool if already installed --- scripts/setup.sh | 355 ++++++++++++++++++++++------------------------- 1 file changed, 169 insertions(+), 186 deletions(-) diff --git a/scripts/setup.sh b/scripts/setup.sh index 7251b176..0c4ab640 100755 --- a/scripts/setup.sh +++ b/scripts/setup.sh @@ -1,211 +1,194 @@ #!/usr/bin/env bash -read -p "Do you want to configure AWS credentials? (Y/N): " configure_creds -if [[ $configure_creds == 'Y' || $configure_creds == 'y' ]]; then - read -p "Enter AWS Access Key: " access_key - read -p "Enter AWS Secret Access Key: " secret_key - read -p "Enter AWS Region: " region - - aws configure set aws_access_key_id "$access_key" - aws configure set aws_secret_access_key "$secret_key" - aws configure set default.region "$region" - - echo "AWS credentials configured successfully." -fi - -read -p "Do you want to install/update tools? (Y/N): " install_tools -if [[ $install_tools == 'Y' || $install_tools == 'y' ]]; then - - if ! command -v brew &> /dev/null; then - echo "Installing Homebrew..." - /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" - export PATH=/opt/homebrew/bin:$PATH - else - echo "Homebrew is already installed, updating." - brew update - fi - - if brew list --versions | grep -q "go"; then - echo "Updating golang" - brew upgrade go - else - echo "Installing golang" - brew install go - fi - - if brew list --versions | grep -q "awscli"; then - echo "Updating AWS CLI" - brew upgrade awscli - else - echo "Installing AWS CLI" - brew install awscli - fi - - if brew list --versions | grep -q "kubectl"; then - echo "Updating kubectl" - brew upgrade kubectl - else - echo "Installing kubectl" - brew install kubectl - fi - - if brew list --versions | grep -q "eksctl"; then - echo "Updating eksctl" - brew upgrade eksctl +declare -a DEPENDENCY_LIST=("go" "awscli" "kubernetes-cli" "eksctl" "helm" "jq" "yq" "make") + +main() { + printf '\nSetting up your environment... 🚀\n' + echo "---------------------------------" + credentials + echo "---------------------------------" + tools + echo "---------------------------------" + cluster + echo "---------------------------------" + crds + echo "---------------------------------" + + printf '\nSetup completed successfully! 🎉\n' +} + +installOrUpdatePackage() { + if brew list --versions | grep -q "${1}"; then + read -p "${1} is already installed, do you want to update? (Y/N): " update_package + if [[ $update_package == 'Y' || $update_package == 'y' ]]; then + echo "Updating ${1}" + brew upgrade "$1" + fi else - echo "Installing eksctl" - brew install eksctl + echo "Installing ${1}" + brew install "$1" fi +} - if brew list --versions | grep -q "helm"; then - echo "Updating helm" - brew upgrade helm - else - echo "Installing helm" - brew install helm - fi +credentials() { + read -p "Do you want to configure AWS credentials? (Y/N): " configure_creds + if [[ $configure_creds == 'Y' || $configure_creds == 'y' ]]; then + read -p "Enter AWS Access Key: " access_key + read -p "Enter AWS Secret Access Key: " secret_key + read -p "Enter AWS Region: " region - if brew list --versions | grep -q "jq"; then - echo "Updating jq" - brew upgrade jq - else - echo "Installing jq" - brew install jq - fi + aws configure set aws_access_key_id "$access_key" + aws configure set aws_secret_access_key "$secret_key" + aws configure set default.region "$region" - if brew list --versions | grep -q "yq"; then - echo "Updating yq" - brew upgrade yq - else - echo "Installing yq" - brew install yq + echo "AWS credentials configured successfully." fi +} + +tools() { + read -p "Do you want to install/update tools? (Y/N): " install_tools + if [[ $install_tools == 'Y' || $install_tools == 'y' ]]; then + if ! command -v brew &> /dev/null; then + echo "Installing Homebrew..." + /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" + export PATH=/opt/homebrew/bin:$PATH + else + read -p "Homebrew is already installed, do you want to update? (Y/N): " update_package - if brew list --versions | grep -q "make"; then - echo "Updating make" - brew upgrade make - else - echo "Installing make" - brew install make - fi + if [[ $update_package == 'Y' || $update_package == 'y' ]]; then + echo "Updating Homebrew" + brew update + fi + fi - if ! command -v golangci-lint &> /dev/null; then - echo "Installing golangci-lint" - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.62.2 - else - echo "golangci-lint is already installed." - fi + for i in "${DEPENDENCY_LIST[@]}"; do + installOrUpdatePackage "$i" + done - go install github.com/golang/mock/mockgen@v1.6.0 - - echo "Tools installed/updated successfully." -fi - -read -p "Do you want to create an EKS cluster? (Y/N): " create_cluster -if [[ $create_cluster == 'Y' || $create_cluster == 'y' ]]; then - read -p "Enter Cluster Name: " cluster_name - read -p "Enter AWS Region: " region - read -p "Enter Controller Version: " controller_version - - export CLUSTER_NAME=$cluster_name - export AWS_REGION=$region - export CONTROLLER_VERSION=$controller_version - - describe_cluster_output=$( aws eks describe-cluster --name "$CLUSTER_NAME" --output text 2>&1 ) - if [[ $describe_cluster_output == *"ResourceNotFoundException"* ]]; then - echo "Creating cluster with name: $cluster_name" - eksctl create cluster --name "$CLUSTER_NAME" --region "$AWS_REGION" - - echo "Allowing traffic from VPC Lattice to EKS cluster" - CLUSTER_SG=$(aws eks describe-cluster --name "$CLUSTER_NAME" --output json| jq -r '.cluster.resourcesVpcConfig.clusterSecurityGroupId') - - PREFIX_LIST_ID=$(aws ec2 describe-managed-prefix-lists --query "PrefixLists[?PrefixListName=="\'com.amazonaws.$AWS_REGION.vpc-lattice\'"].PrefixListId" | jq -r '.[]') - aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID}}],IpProtocol=-1" --no-cli-pager - - PREFIX_LIST_ID_IPV6=$(aws ec2 describe-managed-prefix-lists --query "PrefixLists[?PrefixListName=="\'com.amazonaws.$AWS_REGION.ipv6.vpc-lattice\'"].PrefixListId" | jq -r '.[]') - aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID_IPV6}}],IpProtocol=-1" --no-cli-pager - - export VPCLatticeControllerIAMPolicyArn=$( aws iam list-policies --query 'Policies[?PolicyName==`VPCLatticeControllerIAMPolicy`].Arn' --output text 2>&1 ) - if [[ $VPCLatticeControllerIAMPolicyArn != *"arn"* ]]; then - echo "Setting up IAM permissions" - curl https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/recommended-inline-policy.json -o recommended-inline-policy.json - aws iam create-policy \ - --policy-name VPCLatticeControllerIAMPolicy \ - --policy-document file://recommended-inline-policy.json --no-cli-pager - export VPCLatticeControllerIAMPolicyArn=$(aws iam list-policies --query 'Policies[?PolicyName==`VPCLatticeControllerIAMPolicy`].Arn' --output text) - rm -f recommended-inline-policy.json - echo "IAM permissions set up successfully" + if ! command -v golangci-lint &> /dev/null; then + echo "Installing golangci-lint" + curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.62.2 else - echo "Policy already exists, skipping creation" + echo "golangci-lint is already installed." fi - kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/deploy-namesystem.yaml - - echo "Setting up the Pod Identities Agent" - aws eks create-addon --cluster-name $CLUSTER_NAME --addon-name eks-pod-identity-agent --addon-version v1.0.0-eksbuild.1 --no-cli-pager - kubectl get pods -n kube-system | grep 'eks-pod-identity-agent' - echo "Pod Identities Agent set up successfully" - - export VPCLatticeControllerIAMRoleArn=$( aws iam list-roles --query 'Roles[?RoleName==`VPCLatticeControllerIAMRole`].Arn' --output text 2>&1 ) - if [[ $VPCLatticeControllerIAMRoleArn != *"arn"* ]]; then - echo "Assigning a role to the service account" + go install github.com/golang/mock/mockgen@v1.6.0 - cat >gateway-api-controller-service-account.yaml <&1 ) + if [[ $describe_cluster_output == *"ResourceNotFoundException"* ]]; then + echo "Creating cluster with name: $cluster_name" + eksctl create cluster --name "$CLUSTER_NAME" --region "$AWS_REGION" + + echo "Allowing traffic from VPC Lattice to EKS cluster" + CLUSTER_SG=$(aws eks describe-cluster --name "$CLUSTER_NAME" --output json| jq -r '.cluster.resourcesVpcConfig.clusterSecurityGroupId') + + PREFIX_LIST_ID=$(aws ec2 describe-managed-prefix-lists --query "PrefixLists[?PrefixListName=="\'com.amazonaws.$AWS_REGION.vpc-lattice\'"].PrefixListId" | jq -r '.[]') + aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID}}],IpProtocol=-1" --no-cli-pager + + PREFIX_LIST_ID_IPV6=$(aws ec2 describe-managed-prefix-lists --query "PrefixLists[?PrefixListName=="\'com.amazonaws.$AWS_REGION.ipv6.vpc-lattice\'"].PrefixListId" | jq -r '.[]') + aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID_IPV6}}],IpProtocol=-1" --no-cli-pager + + export VPCLatticeControllerIAMPolicyArn=$( aws iam list-policies --query 'Policies[?PolicyName==`VPCLatticeControllerIAMPolicy`].Arn' --output text 2>&1 ) + if [[ $VPCLatticeControllerIAMPolicyArn != *"arn"* ]]; then + echo "Setting up IAM permissions" + curl https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/recommended-inline-policy.json -o recommended-inline-policy.json + aws iam create-policy \ + --policy-name VPCLatticeControllerIAMPolicy \ + --policy-document file://recommended-inline-policy.json --no-cli-pager + export VPCLatticeControllerIAMPolicyArn=$(aws iam list-policies --query 'Policies[?PolicyName==`VPCLatticeControllerIAMPolicy`].Arn' --output text) + rm -f recommended-inline-policy.json + echo "IAM permissions set up successfully" + else + echo "Policy already exists, skipping creation" + fi + + kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/deploy-namesystem.yaml + + echo "Setting up the Pod Identities Agent" + aws eks create-addon --cluster-name $CLUSTER_NAME --addon-name eks-pod-identity-agent --addon-version v1.0.0-eksbuild.1 --no-cli-pager + kubectl get pods -n kube-system | grep 'eks-pod-identity-agent' + echo "Pod Identities Agent set up successfully" + + export VPCLatticeControllerIAMRoleArn=$( aws iam list-roles --query 'Roles[?RoleName==`VPCLatticeControllerIAMRole`].Arn' --output text 2>&1 ) + if [[ $VPCLatticeControllerIAMRoleArn != *"arn"* ]]; then + echo "Assigning a role to the service account" + + cat >gateway-api-controller-service-account.yaml <trust-relationship.json <trust-relationship.json < Date: Thu, 30 Jan 2025 11:50:35 -0800 Subject: [PATCH 09/11] Added current versions to setup.sh to assist users --- scripts/setup.sh | 67 +++++++++++++++++++++++++----------------------- 1 file changed, 35 insertions(+), 32 deletions(-) diff --git a/scripts/setup.sh b/scripts/setup.sh index 0c4ab640..1fb75f96 100755 --- a/scripts/setup.sh +++ b/scripts/setup.sh @@ -1,19 +1,17 @@ #!/usr/bin/env bash declare -a DEPENDENCY_LIST=("go" "awscli" "kubernetes-cli" "eksctl" "helm" "jq" "yq" "make") +CURRENT_CONTROLLER_VERSION="1.1.0" +CURRENT_CRD_VERSION="1.2.0" +GOLANGCI_LINT_VERSION="1.62.2" +EKS_POD_IDENTITY_AGENT_VERSION="1.0.0-eksbuild.1" main() { printf '\nSetting up your environment... 🚀\n' - echo "---------------------------------" credentials - echo "---------------------------------" tools - echo "---------------------------------" cluster - echo "---------------------------------" crds - echo "---------------------------------" - printf '\nSetup completed successfully! 🎉\n' } @@ -43,6 +41,7 @@ credentials() { echo "AWS credentials configured successfully." fi + echo "---------------------------------" } tools() { @@ -67,7 +66,7 @@ tools() { if ! command -v golangci-lint &> /dev/null; then echo "Installing golangci-lint" - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.62.2 + curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin $GOLANGCI_LINT_VERSION else echo "golangci-lint is already installed." fi @@ -76,6 +75,7 @@ tools() { echo "Tools installed/updated successfully." fi + echo "---------------------------------" } cluster() { @@ -83,7 +83,7 @@ cluster() { if [[ $create_cluster == 'Y' || $create_cluster == 'y' ]]; then read -p "Enter Cluster Name: " cluster_name read -p "Enter AWS Region: " region - read -p "Enter Controller Version: " controller_version + read -p "Enter Controller Version, the current is $CURRENT_CONTROLLER_VERSION: " controller_version export CLUSTER_NAME=$cluster_name export AWS_REGION=$region @@ -92,6 +92,7 @@ cluster() { describe_cluster_output=$( aws eks describe-cluster --name "$CLUSTER_NAME" --output text 2>&1 ) if [[ $describe_cluster_output == *"ResourceNotFoundException"* ]]; then echo "Creating cluster with name: $cluster_name" + eksctl create cluster --name "$CLUSTER_NAME" --region "$AWS_REGION" echo "Allowing traffic from VPC Lattice to EKS cluster" @@ -101,7 +102,7 @@ cluster() { aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID}}],IpProtocol=-1" --no-cli-pager PREFIX_LIST_ID_IPV6=$(aws ec2 describe-managed-prefix-lists --query "PrefixLists[?PrefixListName=="\'com.amazonaws.$AWS_REGION.ipv6.vpc-lattice\'"].PrefixListId" | jq -r '.[]') - aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID_IPV6}}],IpProtocol=-1" --no-cli-pager + aws ec2 authorize-security-group-ingress --group-id $CLUSTER_SG --ip-permissions "PrefixListIds=[{PrefixListId=${PREFIX_LIST_ID_IPV6}}],IpProtocol=-1" --no-cli-page export VPCLatticeControllerIAMPolicyArn=$( aws iam list-policies --query 'Policies[?PolicyName==`VPCLatticeControllerIAMPolicy`].Arn' --output text 2>&1 ) if [[ $VPCLatticeControllerIAMPolicyArn != *"arn"* ]]; then @@ -120,7 +121,7 @@ cluster() { kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/deploy-namesystem.yaml echo "Setting up the Pod Identities Agent" - aws eks create-addon --cluster-name $CLUSTER_NAME --addon-name eks-pod-identity-agent --addon-version v1.0.0-eksbuild.1 --no-cli-pager + aws eks create-addon --cluster-name $CLUSTER_NAME --addon-name eks-pod-identity-agent --addon-version v$EKS_POD_IDENTITY_AGENT_VERSION --no-cli-pager kubectl get pods -n kube-system | grep 'eks-pod-identity-agent' echo "Pod Identities Agent set up successfully" @@ -129,32 +130,32 @@ cluster() { echo "Assigning a role to the service account" cat >gateway-api-controller-service-account.yaml <trust-relationship.json < Date: Thu, 30 Jan 2025 14:52:16 -0800 Subject: [PATCH 10/11] Upgrade golangci-lint --- .github/workflows/presubmit.yaml | 2 +- scripts/setup.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/presubmit.yaml b/.github/workflows/presubmit.yaml index 34f7e3c8..02d83751 100644 --- a/.github/workflows/presubmit.yaml +++ b/.github/workflows/presubmit.yaml @@ -19,7 +19,7 @@ jobs: - name: golangci-lint uses: golangci/golangci-lint-action@v3 with: - version: v1.62.2 + version: v1.63.4 args: --verbose --timeout 30m presubmit: diff --git a/scripts/setup.sh b/scripts/setup.sh index 1fb75f96..26b0b01d 100755 --- a/scripts/setup.sh +++ b/scripts/setup.sh @@ -3,7 +3,7 @@ declare -a DEPENDENCY_LIST=("go" "awscli" "kubernetes-cli" "eksctl" "helm" "jq" "yq" "make") CURRENT_CONTROLLER_VERSION="1.1.0" CURRENT_CRD_VERSION="1.2.0" -GOLANGCI_LINT_VERSION="1.62.2" +GOLANGCI_LINT_VERSION="1.63.4" EKS_POD_IDENTITY_AGENT_VERSION="1.0.0-eksbuild.1" main() { @@ -66,7 +66,7 @@ tools() { if ! command -v golangci-lint &> /dev/null; then echo "Installing golangci-lint" - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin $GOLANGCI_LINT_VERSION + curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v$GOLANGCI_LINT_VERSION else echo "golangci-lint is already installed." fi From eaaf061f602cc95c8c23bf7e8f00b84c291bd2b7 Mon Sep 17 00:00:00 2001 From: Ryan Lymburner Date: Tue, 4 Feb 2025 16:44:52 -0800 Subject: [PATCH 11/11] Added additional error handling and default version support --- scripts/setup.sh | 33 ++++++++++++++++++++++++++------- 1 file changed, 26 insertions(+), 7 deletions(-) diff --git a/scripts/setup.sh b/scripts/setup.sh index 26b0b01d..b24e05c8 100755 --- a/scripts/setup.sh +++ b/scripts/setup.sh @@ -81,19 +81,29 @@ tools() { cluster() { read -p "Do you want to create an EKS cluster? (Y/N): " create_cluster if [[ $create_cluster == 'Y' || $create_cluster == 'y' ]]; then - read -p "Enter Cluster Name: " cluster_name + read -p "Enter a Cluster Name. The name must satisfy the regular expression pattern [a-zA-Z][-a-zA-Z0-9]: " cluster_name read -p "Enter AWS Region: " region - read -p "Enter Controller Version, the current is $CURRENT_CONTROLLER_VERSION: " controller_version + read -p "Enter Controller Version. Entering no version will default to $CURRENT_CONTROLLER_VERSION: " controller_version + if [[ $crds_version == null || $crds_version == '' ]]; then + echo "Defaulting to $CURRENT_CONTROLLER_VERSION." + export CONTROLLER_VERSION=$CURRENT_CONTROLLER_VERSION + else + export CONTROLLER_VERSION=$controller_version + fi export CLUSTER_NAME=$cluster_name export AWS_REGION=$region - export CONTROLLER_VERSION=$controller_version describe_cluster_output=$( aws eks describe-cluster --name "$CLUSTER_NAME" --output text 2>&1 ) if [[ $describe_cluster_output == *"ResourceNotFoundException"* ]]; then echo "Creating cluster with name: $cluster_name" - eksctl create cluster --name "$CLUSTER_NAME" --region "$AWS_REGION" + create_cluster_output=$(eksctl create cluster --name "$CLUSTER_NAME" --region "$AWS_REGION" --output text 2>&1 ) + if [[ $create_cluster_output == *"error"* ]]; then + echo "Error creating cluster: $create_cluster_output" + echo "---------------------------------" + return 1 + fi echo "Allowing traffic from VPC Lattice to EKS cluster" CLUSTER_SG=$(aws eks describe-cluster --name "$CLUSTER_NAME" --output json| jq -r '.cluster.resourcesVpcConfig.clusterSecurityGroupId') @@ -167,12 +177,16 @@ EOF echo "Role already exists, skipping creation" fi - aws eks create-pod-identity-association --cluster-name $CLUSTER_NAME --role-arn $VPCLatticeControllerIAMRoleArn --namespace aws-application-networking-system --service-account gateway-api-controller --no-cli-pager + eksctl create podidentityassociation --cluster $CLUSTER_NAME --namespace aws-application-networking-system --service-account-name gateway-api-controller --role-arn $VPCLatticeControllerIAMRoleArn echo "Installing the controller" kubectl apply -f "https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/deploy-v${CONTROLLER_VERSION}.yaml" echo "EKS cluster created successfully." + elif [[ $describe_cluster_output == *"error"* ]]; then + echo "Error describing cluster: $describe_cluster_output" + echo "---------------------------------" + return 1 else echo "Cluster: $cluster_name already exists. Skipping creation." fi @@ -183,8 +197,13 @@ EOF crds() { read -p "Do you want to install the Gateway API CRDs? (Y/N): " install_crds if [[ $install_crds == 'Y' || $install_crds == 'y' ]]; then - read -p "Enter Gateway API CRDs Version, the current is $CURRENT_CRD_VERSION: " crds_version - export CRDS_VERSION=$crds_version + read -p "Enter Gateway API CRDs Version. Entering no version will default to $CURRENT_CRD_VERSION: " crds_version + if [[ $crds_version == null || $crds_version == '' ]]; then + echo "Defaulting to $CURRENT_CRD_VERSION." + export CRDS_VERSION=$CURRENT_CRD_VERSION + else + export CRDS_VERSION=$crds_version + fi kubectl apply -f "https://github.com/kubernetes-sigs/gateway-api/releases/download/v${CRDS_VERSION}/standard-install.yaml" --validate=false kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/gatewayclass.yaml